line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
/* SSLeay.xs - Perl module for using Eric Young's implementation of SSL |
2
|
|
|
|
|
|
|
* |
3
|
|
|
|
|
|
|
* Copyright (c) 1996-2003 Sampo Kellomäki |
4
|
|
|
|
|
|
|
* Copyright (c) 2005-2010 Florian Ragwitz |
5
|
|
|
|
|
|
|
* Copyright (c) 2005-2018 Mike McCauley |
6
|
|
|
|
|
|
|
* Copyright (c) 2018- Chris Novakovic |
7
|
|
|
|
|
|
|
* Copyright (c) 2018- Tuure Vartiainen |
8
|
|
|
|
|
|
|
* Copyright (c) 2018- Heikki Vatiainen |
9
|
|
|
|
|
|
|
* |
10
|
|
|
|
|
|
|
* All rights reserved. |
11
|
|
|
|
|
|
|
* |
12
|
|
|
|
|
|
|
* Change data removed. See Changes |
13
|
|
|
|
|
|
|
* |
14
|
|
|
|
|
|
|
* This module is released under the terms of the Artistic License 2.0. For |
15
|
|
|
|
|
|
|
* details, see the LICENSE file. |
16
|
|
|
|
|
|
|
*/ |
17
|
|
|
|
|
|
|
|
18
|
|
|
|
|
|
|
/* #### |
19
|
|
|
|
|
|
|
* #### PLEASE READ THE FOLLOWING RULES BEFORE YOU START EDITING THIS FILE! #### |
20
|
|
|
|
|
|
|
* #### |
21
|
|
|
|
|
|
|
* |
22
|
|
|
|
|
|
|
* Function naming conventions: |
23
|
|
|
|
|
|
|
* |
24
|
|
|
|
|
|
|
* 1/ never change the already existing function names (all calling convention) in a way |
25
|
|
|
|
|
|
|
* that may cause backward incompatibility (e.g. add ALIAS with old name if necessary) |
26
|
|
|
|
|
|
|
* |
27
|
|
|
|
|
|
|
* 2/ it is recommended to keep the original openssl function names for functions that are: |
28
|
|
|
|
|
|
|
* |
29
|
|
|
|
|
|
|
* 1:1 wrappers to the original openssl functions |
30
|
|
|
|
|
|
|
* see for example: X509_get_issuer_name(cert) >> Net::SSLeay::X509_get_issuer_name($cert) |
31
|
|
|
|
|
|
|
* |
32
|
|
|
|
|
|
|
* nearly 1:1 wrappers implementing only necessary "glue" e.g. buffer handling |
33
|
|
|
|
|
|
|
* see for example: RAND_seed(buf,len) >> Net::SSLeay::RAND_seed($buf) |
34
|
|
|
|
|
|
|
* |
35
|
|
|
|
|
|
|
* 3/ OpenSSL functions starting with "SSL_" are added into SSLeay.xs with "SLL_" prefix |
36
|
|
|
|
|
|
|
* (e.g. SSL_CTX_new) but keep in mind that they will be available in Net::SSLeay without |
37
|
|
|
|
|
|
|
* "SSL_" prefix (e.g. Net::SSLeay::CTX_new) - keep this for all new functions |
38
|
|
|
|
|
|
|
* |
39
|
|
|
|
|
|
|
* 4/ The names of functions which do not fit rule 2/ (which means they implement some non |
40
|
|
|
|
|
|
|
* trivial code around original openssl function or do more complex tasks) should be |
41
|
|
|
|
|
|
|
* prefixed with "P_" - see for example: P_ASN1_TIME_set_isotime |
42
|
|
|
|
|
|
|
* |
43
|
|
|
|
|
|
|
* 5/ Exceptions from rules above: |
44
|
|
|
|
|
|
|
* functions that are part or wider set of already existing function not following this rule |
45
|
|
|
|
|
|
|
* for example: there already exists: PEM_get_string_X509_CRL + PEM_get_string_X509_REQ and you want |
46
|
|
|
|
|
|
|
* to add PEM_get_string_SOMETHING - then no need to follow 3/ (do not prefix with "P_") |
47
|
|
|
|
|
|
|
* |
48
|
|
|
|
|
|
|
* Support for different Perl versions, libssl implementations, platforms, and compilers: |
49
|
|
|
|
|
|
|
* |
50
|
|
|
|
|
|
|
* 1/ Net-SSLeay has a version support policy for Perl and OpenSSL/LibreSSL (described in the |
51
|
|
|
|
|
|
|
* "Prerequisites" section in the README file). The test suite must pass when run on any |
52
|
|
|
|
|
|
|
* of those version combinations. |
53
|
|
|
|
|
|
|
* |
54
|
|
|
|
|
|
|
* 2/ Fix all compiler warnings - we expect 100% clean build |
55
|
|
|
|
|
|
|
* |
56
|
|
|
|
|
|
|
* 3/ If you add a function which is available since certain openssl version |
57
|
|
|
|
|
|
|
* use proper #ifdefs to assure that SSLeay.xs will compile also with older versions |
58
|
|
|
|
|
|
|
* which are missing this function |
59
|
|
|
|
|
|
|
* |
60
|
|
|
|
|
|
|
* 4/ Even warnings arising from different use of "const" in different openssl versions |
61
|
|
|
|
|
|
|
* needs to be hanled with #ifdefs - see for example: X509_NAME_add_entry_by_txt |
62
|
|
|
|
|
|
|
* |
63
|
|
|
|
|
|
|
* 5/ avoid using global C variables (it is very likely to break thread-safetyness) |
64
|
|
|
|
|
|
|
* use rather global MY_CXT structure |
65
|
|
|
|
|
|
|
* |
66
|
|
|
|
|
|
|
* 6/ avoid using any UNIX/POSIX specific functions, keep in mind that SSLeay.xs must |
67
|
|
|
|
|
|
|
* compile also on non-UNIX platforms like MS Windows and others |
68
|
|
|
|
|
|
|
* |
69
|
|
|
|
|
|
|
* 7/ avoid using c++ comments "//" (or other c++ features accepted by some c compiler) |
70
|
|
|
|
|
|
|
* even if your compiler can handle them without warnings |
71
|
|
|
|
|
|
|
* |
72
|
|
|
|
|
|
|
* Passing test suite: |
73
|
|
|
|
|
|
|
* |
74
|
|
|
|
|
|
|
* 1/ any changes to SSLeay.xs must not introduce a failure of existing test suite |
75
|
|
|
|
|
|
|
* |
76
|
|
|
|
|
|
|
* 2/ it is strongly recommended to create test(s) for newly added function(s), especially |
77
|
|
|
|
|
|
|
* when the new function is not only a 1:1 wrapper but contains a complex code |
78
|
|
|
|
|
|
|
* |
79
|
|
|
|
|
|
|
* 3/ it is mandatory to add a documentation for all newly added functions into SSLeay.pod |
80
|
|
|
|
|
|
|
* otherwise t/local/02_pod_coverage.t fail (and you will be asked to add some doc into |
81
|
|
|
|
|
|
|
* your patch) |
82
|
|
|
|
|
|
|
* |
83
|
|
|
|
|
|
|
* Preferred code layout: |
84
|
|
|
|
|
|
|
* |
85
|
|
|
|
|
|
|
* 1/ for simple 1:1 XS wrappers use: |
86
|
|
|
|
|
|
|
* |
87
|
|
|
|
|
|
|
* a/ functions with short "signature" (short list of args): |
88
|
|
|
|
|
|
|
* |
89
|
|
|
|
|
|
|
* long |
90
|
|
|
|
|
|
|
* SSL_set_tmp_dh(SSL *ssl,DH *dh) |
91
|
|
|
|
|
|
|
* |
92
|
|
|
|
|
|
|
* b/ functions with long "signature" (long list of args): |
93
|
|
|
|
|
|
|
* simply when approach a/ does not fit to 120 columns |
94
|
|
|
|
|
|
|
* |
95
|
|
|
|
|
|
|
* void |
96
|
|
|
|
|
|
|
* SSL_any_functions(library_flag,function_name,reason,file_name,line) |
97
|
|
|
|
|
|
|
* int library_flag |
98
|
|
|
|
|
|
|
* int function_name |
99
|
|
|
|
|
|
|
* int reason |
100
|
|
|
|
|
|
|
* char *file_name |
101
|
|
|
|
|
|
|
* int line |
102
|
|
|
|
|
|
|
* |
103
|
|
|
|
|
|
|
* 2/ for XS functions with full implementation use identation like this: |
104
|
|
|
|
|
|
|
* |
105
|
|
|
|
|
|
|
* int |
106
|
|
|
|
|
|
|
* RAND_bytes(buf, num) |
107
|
|
|
|
|
|
|
* SV *buf |
108
|
|
|
|
|
|
|
* int num |
109
|
|
|
|
|
|
|
* PREINIT: |
110
|
|
|
|
|
|
|
* int rc; |
111
|
|
|
|
|
|
|
* unsigned char *random; |
112
|
|
|
|
|
|
|
* CODE: |
113
|
|
|
|
|
|
|
* / * some code here * / |
114
|
|
|
|
|
|
|
* RETVAL = rc; |
115
|
|
|
|
|
|
|
* OUTPUT: |
116
|
|
|
|
|
|
|
* RETVAL |
117
|
|
|
|
|
|
|
* |
118
|
|
|
|
|
|
|
* |
119
|
|
|
|
|
|
|
* Runtime debugging: |
120
|
|
|
|
|
|
|
* |
121
|
|
|
|
|
|
|
* with TRACE(level,fmt,...) you can output debug messages. |
122
|
|
|
|
|
|
|
* it behaves the same as |
123
|
|
|
|
|
|
|
* warn sprintf($msg,...) if $Net::SSLeay::trace>=$level |
124
|
|
|
|
|
|
|
* would do in Perl (e.g. it is using also the $Net::SSLeay::trace variable) |
125
|
|
|
|
|
|
|
* |
126
|
|
|
|
|
|
|
* |
127
|
|
|
|
|
|
|
* THE LAST RULE: |
128
|
|
|
|
|
|
|
* |
129
|
|
|
|
|
|
|
* The fact that some parts of SSLeay.xs do not follow the rules above is not |
130
|
|
|
|
|
|
|
* a reason why any new code can also break these rules in the same way |
131
|
|
|
|
|
|
|
* |
132
|
|
|
|
|
|
|
*/ |
133
|
|
|
|
|
|
|
|
134
|
|
|
|
|
|
|
/* Prevent warnings about strncpy from Windows compilers */ |
135
|
|
|
|
|
|
|
#define _CRT_SECURE_NO_DEPRECATE |
136
|
|
|
|
|
|
|
|
137
|
|
|
|
|
|
|
#ifdef __cplusplus |
138
|
|
|
|
|
|
|
extern "C" { |
139
|
|
|
|
|
|
|
#endif |
140
|
|
|
|
|
|
|
#include "EXTERN.h" |
141
|
|
|
|
|
|
|
#include "perl.h" |
142
|
|
|
|
|
|
|
#include "XSUB.h" |
143
|
|
|
|
|
|
|
#include |
144
|
|
|
|
|
|
|
#define NEED_newRV_noinc |
145
|
|
|
|
|
|
|
#define NEED_sv_2pv_flags |
146
|
|
|
|
|
|
|
#define NEED_my_snprintf |
147
|
|
|
|
|
|
|
#include "ppport.h" |
148
|
|
|
|
|
|
|
#ifdef __cplusplus |
149
|
|
|
|
|
|
|
} |
150
|
|
|
|
|
|
|
#endif |
151
|
|
|
|
|
|
|
|
152
|
|
|
|
|
|
|
/* OpenSSL-0.9.3a has some strange warning about this in |
153
|
|
|
|
|
|
|
* openssl/des.h |
154
|
|
|
|
|
|
|
*/ |
155
|
|
|
|
|
|
|
#undef _ |
156
|
|
|
|
|
|
|
|
157
|
|
|
|
|
|
|
/* Sigh: openssl 1.0 has |
158
|
|
|
|
|
|
|
typedef void *BLOCK; |
159
|
|
|
|
|
|
|
which conflicts with perls |
160
|
|
|
|
|
|
|
typedef struct block BLOCK; |
161
|
|
|
|
|
|
|
*/ |
162
|
|
|
|
|
|
|
#define BLOCK OPENSSL_BLOCK |
163
|
|
|
|
|
|
|
#include |
164
|
|
|
|
|
|
|
#include |
165
|
|
|
|
|
|
|
#include |
166
|
|
|
|
|
|
|
#include |
167
|
|
|
|
|
|
|
#include |
168
|
|
|
|
|
|
|
#include |
169
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_COMP |
170
|
|
|
|
|
|
|
#include /* openssl-0.9.6a forgets to include this */ |
171
|
|
|
|
|
|
|
#endif |
172
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_MD2 |
173
|
|
|
|
|
|
|
#include |
174
|
|
|
|
|
|
|
#endif |
175
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_MD4 |
176
|
|
|
|
|
|
|
#include |
177
|
|
|
|
|
|
|
#endif |
178
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_MD5 |
179
|
|
|
|
|
|
|
#include /* openssl-SNAP-20020227 does not automatically include this */ |
180
|
|
|
|
|
|
|
#endif |
181
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x00905000L |
182
|
|
|
|
|
|
|
#include |
183
|
|
|
|
|
|
|
#endif |
184
|
|
|
|
|
|
|
#include |
185
|
|
|
|
|
|
|
#include |
186
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
187
|
|
|
|
|
|
|
/* requires 0.9.7+ */ |
188
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_ENGINE |
189
|
|
|
|
|
|
|
#include |
190
|
|
|
|
|
|
|
#endif |
191
|
|
|
|
|
|
|
#endif |
192
|
|
|
|
|
|
|
#ifdef OPENSSL_FIPS |
193
|
|
|
|
|
|
|
#include |
194
|
|
|
|
|
|
|
#endif |
195
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10000000L |
196
|
|
|
|
|
|
|
#include |
197
|
|
|
|
|
|
|
#endif |
198
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x30000000L |
199
|
|
|
|
|
|
|
#include |
200
|
|
|
|
|
|
|
#endif |
201
|
|
|
|
|
|
|
#undef BLOCK |
202
|
|
|
|
|
|
|
|
203
|
|
|
|
|
|
|
/* Beginning with OpenSSL 3.0.0-alpha17, SSL_CTX_get_options() and |
204
|
|
|
|
|
|
|
* related functions return uint64_t instead of long. For this reason |
205
|
|
|
|
|
|
|
* constant() in constant.c and Net::SSLeay must also be able to |
206
|
|
|
|
|
|
|
* return 64bit constants. However, this creates a problem with Perls |
207
|
|
|
|
|
|
|
* that have only 32 bit integers. The define below helps with |
208
|
|
|
|
|
|
|
* handling this API change. |
209
|
|
|
|
|
|
|
*/ |
210
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER < 0x30000000L) || defined(NET_SSLEAY_32BIT_INT_PERL) |
211
|
|
|
|
|
|
|
#define NET_SSLEAY_32BIT_CONSTANTS |
212
|
|
|
|
|
|
|
#endif |
213
|
|
|
|
|
|
|
|
214
|
|
|
|
|
|
|
/* Debugging output - to enable use: |
215
|
|
|
|
|
|
|
* |
216
|
|
|
|
|
|
|
* perl Makefile.PL DEFINE=-DSHOW_XS_DEBUG |
217
|
|
|
|
|
|
|
* make |
218
|
|
|
|
|
|
|
* |
219
|
|
|
|
|
|
|
*/ |
220
|
|
|
|
|
|
|
|
221
|
|
|
|
|
|
|
#ifdef SHOW_XS_DEBUG |
222
|
|
|
|
|
|
|
#define PR1(s) fprintf(stderr,s); |
223
|
|
|
|
|
|
|
#define PR2(s,t) fprintf(stderr,s,t); |
224
|
|
|
|
|
|
|
#define PR3(s,t,u) fprintf(stderr,s,t,u); |
225
|
|
|
|
|
|
|
#define PR4(s,t,u,v) fprintf(stderr,s,t,u,v); |
226
|
|
|
|
|
|
|
#else |
227
|
|
|
|
|
|
|
#define PR1(s) |
228
|
|
|
|
|
|
|
#define PR2(s,t) |
229
|
|
|
|
|
|
|
#define PR3(s,t,u) |
230
|
|
|
|
|
|
|
#define PR4(s,t,u,v) |
231
|
|
|
|
|
|
|
#endif |
232
|
|
|
|
|
|
|
|
233
|
1
|
|
|
|
|
|
static void TRACE(int level,char *msg,...) { |
234
|
|
|
|
|
|
|
va_list args; |
235
|
1
|
|
|
|
|
|
SV *trace = get_sv("Net::SSLeay::trace",0); |
236
|
1
|
50
|
|
|
|
|
if (trace && SvIOK(trace) && SvIV(trace)>=level) { |
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
237
|
|
|
|
|
|
|
char buf[4096]; |
238
|
0
|
|
|
|
|
|
va_start(args,msg); |
239
|
0
|
|
|
|
|
|
vsnprintf(buf,4095,msg,args); |
240
|
0
|
|
|
|
|
|
warn("%s",buf); |
241
|
0
|
|
|
|
|
|
va_end(args); |
242
|
|
|
|
|
|
|
} |
243
|
1
|
|
|
|
|
|
} |
244
|
|
|
|
|
|
|
|
245
|
|
|
|
|
|
|
#include "constants.c" |
246
|
|
|
|
|
|
|
|
247
|
|
|
|
|
|
|
/* ============= thread-safety related stuff ============== */ |
248
|
|
|
|
|
|
|
|
249
|
|
|
|
|
|
|
#define MY_CXT_KEY "Net::SSLeay::_guts" XS_VERSION |
250
|
|
|
|
|
|
|
|
251
|
|
|
|
|
|
|
typedef struct { |
252
|
|
|
|
|
|
|
HV* global_cb_data; |
253
|
|
|
|
|
|
|
UV tid; |
254
|
|
|
|
|
|
|
} my_cxt_t; |
255
|
|
|
|
|
|
|
START_MY_CXT |
256
|
|
|
|
|
|
|
|
257
|
|
|
|
|
|
|
#ifdef USE_ITHREADS |
258
|
|
|
|
|
|
|
static perl_mutex LIB_init_mutex; |
259
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
260
|
|
|
|
|
|
|
static perl_mutex *GLOBAL_openssl_mutex = NULL; |
261
|
|
|
|
|
|
|
#endif |
262
|
|
|
|
|
|
|
#endif |
263
|
|
|
|
|
|
|
static int LIB_initialized; |
264
|
|
|
|
|
|
|
|
265
|
54
|
|
|
|
|
|
UV get_my_thread_id(void) /* returns threads->tid() value */ |
266
|
|
|
|
|
|
|
{ |
267
|
54
|
|
|
|
|
|
dSP; |
268
|
54
|
|
|
|
|
|
UV tid = 0; |
269
|
|
|
|
|
|
|
#ifdef USE_ITHREADS |
270
|
|
|
|
|
|
|
int count = 0; |
271
|
|
|
|
|
|
|
|
272
|
|
|
|
|
|
|
ENTER; |
273
|
|
|
|
|
|
|
SAVETMPS; |
274
|
|
|
|
|
|
|
PUSHMARK(SP); |
275
|
|
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv("threads", 0))); |
276
|
|
|
|
|
|
|
PUTBACK; |
277
|
|
|
|
|
|
|
count = call_method("tid", G_SCALAR|G_EVAL); |
278
|
|
|
|
|
|
|
SPAGAIN; |
279
|
|
|
|
|
|
|
/* Caution: recent perls do not appear support threads->tid() */ |
280
|
|
|
|
|
|
|
if (SvTRUE(ERRSV) || count != 1) |
281
|
|
|
|
|
|
|
{ |
282
|
|
|
|
|
|
|
/* if compatible threads not loaded or an error occurs return 0 */ |
283
|
|
|
|
|
|
|
tid = 0; |
284
|
|
|
|
|
|
|
} |
285
|
|
|
|
|
|
|
else |
286
|
|
|
|
|
|
|
tid = (UV)POPi; |
287
|
|
|
|
|
|
|
PUTBACK; |
288
|
|
|
|
|
|
|
FREETMPS; |
289
|
|
|
|
|
|
|
LEAVE; |
290
|
|
|
|
|
|
|
#endif |
291
|
|
|
|
|
|
|
|
292
|
54
|
|
|
|
|
|
return tid; |
293
|
|
|
|
|
|
|
} |
294
|
|
|
|
|
|
|
|
295
|
|
|
|
|
|
|
/* IMPORTANT NOTE: |
296
|
|
|
|
|
|
|
* openssl locking was implemented according to http://www.openssl.org/docs/crypto/threads.html |
297
|
|
|
|
|
|
|
* we implement both static and dynamic locking as described on URL above |
298
|
|
|
|
|
|
|
* locking is supported when OPENSSL_THREADS macro is defined which means openssl-0.9.7 or newer |
299
|
|
|
|
|
|
|
* we intentionally do not implement cleanup of openssl's threading as it causes troubles |
300
|
|
|
|
|
|
|
* with apache-mpm-worker+mod_perl+mod_ssl+net-ssleay |
301
|
|
|
|
|
|
|
*/ |
302
|
|
|
|
|
|
|
#if defined(USE_ITHREADS) && defined(OPENSSL_THREADS) |
303
|
|
|
|
|
|
|
|
304
|
|
|
|
|
|
|
|
305
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
306
|
|
|
|
|
|
|
static void openssl_locking_function(int mode, int type, const char *file, int line) |
307
|
|
|
|
|
|
|
{ |
308
|
|
|
|
|
|
|
PR3("openssl_locking_function %d %d\n", mode, type); |
309
|
|
|
|
|
|
|
|
310
|
|
|
|
|
|
|
if (!GLOBAL_openssl_mutex) return; |
311
|
|
|
|
|
|
|
if (mode & CRYPTO_LOCK) |
312
|
|
|
|
|
|
|
MUTEX_LOCK(&GLOBAL_openssl_mutex[type]); |
313
|
|
|
|
|
|
|
else |
314
|
|
|
|
|
|
|
MUTEX_UNLOCK(&GLOBAL_openssl_mutex[type]); |
315
|
|
|
|
|
|
|
} |
316
|
|
|
|
|
|
|
|
317
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10000000L |
318
|
|
|
|
|
|
|
static unsigned long openssl_threadid_func(void) |
319
|
|
|
|
|
|
|
{ |
320
|
|
|
|
|
|
|
dMY_CXT; |
321
|
|
|
|
|
|
|
return (unsigned long)(MY_CXT.tid); |
322
|
|
|
|
|
|
|
} |
323
|
|
|
|
|
|
|
#else |
324
|
|
|
|
|
|
|
void openssl_threadid_func(CRYPTO_THREADID *id) |
325
|
|
|
|
|
|
|
{ |
326
|
|
|
|
|
|
|
dMY_CXT; |
327
|
|
|
|
|
|
|
CRYPTO_THREADID_set_numeric(id, (unsigned long)(MY_CXT.tid)); |
328
|
|
|
|
|
|
|
} |
329
|
|
|
|
|
|
|
#endif |
330
|
|
|
|
|
|
|
|
331
|
|
|
|
|
|
|
struct CRYPTO_dynlock_value |
332
|
|
|
|
|
|
|
{ |
333
|
|
|
|
|
|
|
perl_mutex mutex; |
334
|
|
|
|
|
|
|
}; |
335
|
|
|
|
|
|
|
|
336
|
|
|
|
|
|
|
struct CRYPTO_dynlock_value * openssl_dynlocking_create_function (const char *file, int line) |
337
|
|
|
|
|
|
|
{ |
338
|
|
|
|
|
|
|
struct CRYPTO_dynlock_value *retval; |
339
|
|
|
|
|
|
|
New(0, retval, 1, struct CRYPTO_dynlock_value); |
340
|
|
|
|
|
|
|
if (!retval) return NULL; |
341
|
|
|
|
|
|
|
MUTEX_INIT(&retval->mutex); |
342
|
|
|
|
|
|
|
return retval; |
343
|
|
|
|
|
|
|
} |
344
|
|
|
|
|
|
|
|
345
|
|
|
|
|
|
|
void openssl_dynlocking_lock_function (int mode, struct CRYPTO_dynlock_value *l, const char *file, int line) |
346
|
|
|
|
|
|
|
{ |
347
|
|
|
|
|
|
|
if (!l) return; |
348
|
|
|
|
|
|
|
if (mode & CRYPTO_LOCK) |
349
|
|
|
|
|
|
|
MUTEX_LOCK(&l->mutex); |
350
|
|
|
|
|
|
|
else |
351
|
|
|
|
|
|
|
MUTEX_UNLOCK(&l->mutex); |
352
|
|
|
|
|
|
|
} |
353
|
|
|
|
|
|
|
|
354
|
|
|
|
|
|
|
void openssl_dynlocking_destroy_function (struct CRYPTO_dynlock_value *l, const char *file, int line) |
355
|
|
|
|
|
|
|
{ |
356
|
|
|
|
|
|
|
if (!l) return; |
357
|
|
|
|
|
|
|
MUTEX_DESTROY(&l->mutex); |
358
|
|
|
|
|
|
|
Safefree(l); |
359
|
|
|
|
|
|
|
} |
360
|
|
|
|
|
|
|
#endif |
361
|
|
|
|
|
|
|
|
362
|
|
|
|
|
|
|
void openssl_threads_init(void) |
363
|
|
|
|
|
|
|
{ |
364
|
|
|
|
|
|
|
int i; |
365
|
|
|
|
|
|
|
|
366
|
|
|
|
|
|
|
PR1("STARTED: openssl_threads_init\n"); |
367
|
|
|
|
|
|
|
|
368
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
369
|
|
|
|
|
|
|
/* initialize static locking */ |
370
|
|
|
|
|
|
|
if ( !CRYPTO_get_locking_callback() ) { |
371
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10000000L |
372
|
|
|
|
|
|
|
if ( !CRYPTO_get_id_callback() ) { |
373
|
|
|
|
|
|
|
#else |
374
|
|
|
|
|
|
|
if ( !CRYPTO_THREADID_get_callback() ) { |
375
|
|
|
|
|
|
|
#endif |
376
|
|
|
|
|
|
|
PR2("openssl_threads_init static locking %d\n", CRYPTO_num_locks()); |
377
|
|
|
|
|
|
|
New(0, GLOBAL_openssl_mutex, CRYPTO_num_locks(), perl_mutex); |
378
|
|
|
|
|
|
|
if (!GLOBAL_openssl_mutex) return; |
379
|
|
|
|
|
|
|
for (i=0; i
|
380
|
|
|
|
|
|
|
CRYPTO_set_locking_callback((void (*)(int,int,const char *,int))openssl_locking_function); |
381
|
|
|
|
|
|
|
|
382
|
|
|
|
|
|
|
#ifndef WIN32 |
383
|
|
|
|
|
|
|
/* no need for threadid_func() on Win32 */ |
384
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10000000L |
385
|
|
|
|
|
|
|
CRYPTO_set_id_callback(openssl_threadid_func); |
386
|
|
|
|
|
|
|
#else |
387
|
|
|
|
|
|
|
CRYPTO_THREADID_set_callback(openssl_threadid_func); |
388
|
|
|
|
|
|
|
#endif |
389
|
|
|
|
|
|
|
#endif |
390
|
|
|
|
|
|
|
} |
391
|
|
|
|
|
|
|
} |
392
|
|
|
|
|
|
|
|
393
|
|
|
|
|
|
|
/* initialize dynamic locking */ |
394
|
|
|
|
|
|
|
if ( !CRYPTO_get_dynlock_create_callback() && |
395
|
|
|
|
|
|
|
!CRYPTO_get_dynlock_lock_callback() && |
396
|
|
|
|
|
|
|
!CRYPTO_get_dynlock_destroy_callback() ) { |
397
|
|
|
|
|
|
|
PR1("openssl_threads_init dynamic locking\n"); |
398
|
|
|
|
|
|
|
CRYPTO_set_dynlock_create_callback(openssl_dynlocking_create_function); |
399
|
|
|
|
|
|
|
CRYPTO_set_dynlock_lock_callback(openssl_dynlocking_lock_function); |
400
|
|
|
|
|
|
|
CRYPTO_set_dynlock_destroy_callback(openssl_dynlocking_destroy_function); |
401
|
|
|
|
|
|
|
} |
402
|
|
|
|
|
|
|
#endif |
403
|
|
|
|
|
|
|
} |
404
|
|
|
|
|
|
|
|
405
|
|
|
|
|
|
|
#endif |
406
|
|
|
|
|
|
|
|
407
|
|
|
|
|
|
|
/* ============= typedefs to agument TYPEMAP ============== */ |
408
|
|
|
|
|
|
|
|
409
|
|
|
|
|
|
|
typedef void callback_no_ret(void); |
410
|
|
|
|
|
|
|
typedef RSA * cb_ssl_int_int_ret_RSA(SSL * ssl,int is_export, int keylength); |
411
|
|
|
|
|
|
|
typedef DH * cb_ssl_int_int_ret_DH(SSL * ssl,int is_export, int keylength); |
412
|
|
|
|
|
|
|
|
413
|
|
|
|
|
|
|
typedef STACK_OF(X509_NAME) X509_NAME_STACK; |
414
|
|
|
|
|
|
|
|
415
|
|
|
|
|
|
|
typedef int perl_filehandle_t; |
416
|
|
|
|
|
|
|
|
417
|
|
|
|
|
|
|
/* ======= special handler used by EVP_MD_do_all_sorted ======= */ |
418
|
|
|
|
|
|
|
|
419
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x1000000fL |
420
|
89
|
|
|
|
|
|
static void handler_list_md_fn(const EVP_MD *m, const char *from, const char *to, void *arg) |
421
|
|
|
|
|
|
|
{ |
422
|
|
|
|
|
|
|
/* taken from apps/dgst.c */ |
423
|
|
|
|
|
|
|
const char *mname; |
424
|
89
|
100
|
|
|
|
|
if (!m) return; /* Skip aliases */ |
425
|
39
|
|
|
|
|
|
mname = OBJ_nid2ln(EVP_MD_type(m)); |
426
|
39
|
100
|
|
|
|
|
if (strcmp(from, mname)) return; /* Skip shortnames */ |
427
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
428
|
21
|
100
|
|
|
|
|
if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST) return; /* Skip clones */ |
429
|
|
|
|
|
|
|
#endif |
430
|
16
|
50
|
|
|
|
|
if (strchr(mname, ' ')) mname= EVP_MD_name(m); |
431
|
16
|
|
|
|
|
|
av_push(arg, newSVpv(mname,0)); |
432
|
|
|
|
|
|
|
} |
433
|
|
|
|
|
|
|
#endif |
434
|
|
|
|
|
|
|
|
435
|
|
|
|
|
|
|
/* ============= callbacks - basic info ============= |
436
|
|
|
|
|
|
|
* |
437
|
|
|
|
|
|
|
* PLEASE READ THIS BEFORE YOU ADD ANY NEW CALLBACK!! |
438
|
|
|
|
|
|
|
* |
439
|
|
|
|
|
|
|
* There are basically 2 types of callbacks used in SSLeay: |
440
|
|
|
|
|
|
|
* |
441
|
|
|
|
|
|
|
* 1/ "one-time" callbacks - these are created+used+destroyed within one perl function implemented in XS. |
442
|
|
|
|
|
|
|
* These callbacks use a special C structure simple_cb_data_t to pass necessary data. |
443
|
|
|
|
|
|
|
* There are 2 related helper functions: simple_cb_data_new() + simple_cb_data_free() |
444
|
|
|
|
|
|
|
* For example see implementation of these functions: |
445
|
|
|
|
|
|
|
* - RSA_generate_key |
446
|
|
|
|
|
|
|
* - PEM_read_bio_PrivateKey |
447
|
|
|
|
|
|
|
* |
448
|
|
|
|
|
|
|
* 2/ "advanced" callbacks - these are setup/destroyed by one function but used by another function. These |
449
|
|
|
|
|
|
|
* callbacks use global hash MY_CXT.global_cb_data to store perl functions + data to be uset at callback time. |
450
|
|
|
|
|
|
|
* There are 2 related helper functions: cb_data_advanced_put() + cb_data_advanced_get() for manipulating |
451
|
|
|
|
|
|
|
* global hash MY_CXT.global_cb_data which work like this: |
452
|
|
|
|
|
|
|
* cb_data_advanced_put(, "data_name", dataSV) |
453
|
|
|
|
|
|
|
* >>> |
454
|
|
|
|
|
|
|
* global_cb_data->{"ptr_"}->{"data_name"} = dataSV) |
455
|
|
|
|
|
|
|
* or |
456
|
|
|
|
|
|
|
* data = cb_data_advanced_get(, "data_name") |
457
|
|
|
|
|
|
|
* >>> |
458
|
|
|
|
|
|
|
* my $data = global_cb_data->{"ptr_"}->{"data_name"} |
459
|
|
|
|
|
|
|
* For example see implementation of these functions: |
460
|
|
|
|
|
|
|
* - SSL_CTX_set_verify |
461
|
|
|
|
|
|
|
* - SSL_set_verify |
462
|
|
|
|
|
|
|
* - SSL_CTX_set_cert_verify_callback |
463
|
|
|
|
|
|
|
* - SSL_CTX_set_default_passwd_cb |
464
|
|
|
|
|
|
|
* - SSL_CTX_set_default_passwd_cb_userdata |
465
|
|
|
|
|
|
|
* - SSL_set_session_secret_cb |
466
|
|
|
|
|
|
|
* |
467
|
|
|
|
|
|
|
* If you want to add a new callback: |
468
|
|
|
|
|
|
|
* - you very likely need a new function "your_callback_name_invoke()" |
469
|
|
|
|
|
|
|
* - decide whether your case fits case 1/ or 2/ (and implement likewise existing functions) |
470
|
|
|
|
|
|
|
* - try to avoid adding a new style of callback implementation (or ask Net::SSLeay maintainers before) |
471
|
|
|
|
|
|
|
* |
472
|
|
|
|
|
|
|
*/ |
473
|
|
|
|
|
|
|
|
474
|
|
|
|
|
|
|
/* ============= callback stuff - generic functions============== */ |
475
|
|
|
|
|
|
|
|
476
|
|
|
|
|
|
|
struct _ssleay_cb_t { |
477
|
|
|
|
|
|
|
SV* func; |
478
|
|
|
|
|
|
|
SV* data; |
479
|
|
|
|
|
|
|
}; |
480
|
|
|
|
|
|
|
typedef struct _ssleay_cb_t simple_cb_data_t; |
481
|
|
|
|
|
|
|
|
482
|
10
|
|
|
|
|
|
simple_cb_data_t* simple_cb_data_new(SV* func, SV* data) |
483
|
|
|
|
|
|
|
{ |
484
|
|
|
|
|
|
|
simple_cb_data_t* cb; |
485
|
10
|
|
|
|
|
|
New(0, cb, 1, simple_cb_data_t); |
486
|
10
|
50
|
|
|
|
|
if (cb) { |
487
|
10
|
|
|
|
|
|
SvREFCNT_inc(func); |
488
|
10
|
|
|
|
|
|
SvREFCNT_inc(data); |
489
|
10
|
|
|
|
|
|
cb->func = func; |
490
|
10
|
100
|
|
|
|
|
cb->data = (data == &PL_sv_undef) ? NULL : data; |
491
|
|
|
|
|
|
|
} |
492
|
10
|
|
|
|
|
|
return cb; |
493
|
|
|
|
|
|
|
} |
494
|
|
|
|
|
|
|
|
495
|
9
|
|
|
|
|
|
void simple_cb_data_free(simple_cb_data_t* cb) |
496
|
|
|
|
|
|
|
{ |
497
|
9
|
50
|
|
|
|
|
if (cb) { |
498
|
9
|
50
|
|
|
|
|
if (cb->func) { |
499
|
9
|
|
|
|
|
|
SvREFCNT_dec(cb->func); |
500
|
9
|
|
|
|
|
|
cb->func = NULL; |
501
|
|
|
|
|
|
|
} |
502
|
9
|
100
|
|
|
|
|
if (cb->data) { |
503
|
1
|
|
|
|
|
|
SvREFCNT_dec(cb->data); |
504
|
1
|
|
|
|
|
|
cb->data = NULL; |
505
|
|
|
|
|
|
|
} |
506
|
|
|
|
|
|
|
} |
507
|
9
|
|
|
|
|
|
Safefree(cb); |
508
|
9
|
|
|
|
|
|
} |
509
|
|
|
|
|
|
|
|
510
|
353
|
|
|
|
|
|
int cb_data_advanced_put(const void *ptr, const char* data_name, SV* data) |
511
|
|
|
|
|
|
|
{ |
512
|
|
|
|
|
|
|
HV * L2HV; |
513
|
|
|
|
|
|
|
SV ** svtmp; |
514
|
|
|
|
|
|
|
int len; |
515
|
|
|
|
|
|
|
char key_name[500]; |
516
|
|
|
|
|
|
|
dMY_CXT; |
517
|
|
|
|
|
|
|
|
518
|
353
|
50
|
|
|
|
|
len = my_snprintf(key_name, sizeof(key_name), "ptr_%p", ptr); |
519
|
353
|
50
|
|
|
|
|
if (len == sizeof(key_name)) return 0; /* error - key_name too short*/ |
520
|
|
|
|
|
|
|
|
521
|
|
|
|
|
|
|
/* get or create level-2 hash */ |
522
|
353
|
|
|
|
|
|
svtmp = hv_fetch(MY_CXT.global_cb_data, key_name, strlen(key_name), 0); |
523
|
353
|
100
|
|
|
|
|
if (svtmp == NULL) { |
524
|
178
|
|
|
|
|
|
L2HV = newHV(); |
525
|
178
|
|
|
|
|
|
hv_store(MY_CXT.global_cb_data, key_name, strlen(key_name), newRV_noinc((SV*)L2HV), 0); |
526
|
|
|
|
|
|
|
} |
527
|
|
|
|
|
|
|
else { |
528
|
175
|
50
|
|
|
|
|
if (!SvOK(*svtmp) || !SvROK(*svtmp)) return 0; |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
529
|
|
|
|
|
|
|
#if defined(MUTABLE_PTR) |
530
|
175
|
|
|
|
|
|
L2HV = (HV*)MUTABLE_PTR(SvRV(*svtmp)); |
531
|
|
|
|
|
|
|
#else |
532
|
|
|
|
|
|
|
L2HV = (HV*)(SvRV(*svtmp)); |
533
|
|
|
|
|
|
|
#endif |
534
|
|
|
|
|
|
|
} |
535
|
|
|
|
|
|
|
|
536
|
|
|
|
|
|
|
/* first delete already stored value */ |
537
|
353
|
|
|
|
|
|
hv_delete(L2HV, data_name, strlen(data_name), G_DISCARD); |
538
|
353
|
100
|
|
|
|
|
if (data!=NULL) { |
539
|
344
|
100
|
|
|
|
|
if (SvOK(data)) |
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
540
|
194
|
|
|
|
|
|
hv_store(L2HV, data_name, strlen(data_name), data, 0); |
541
|
|
|
|
|
|
|
else |
542
|
|
|
|
|
|
|
/* we're not storing data so discard it */ |
543
|
150
|
|
|
|
|
|
SvREFCNT_dec(data); |
544
|
|
|
|
|
|
|
} |
545
|
|
|
|
|
|
|
|
546
|
353
|
|
|
|
|
|
return 1; |
547
|
|
|
|
|
|
|
} |
548
|
|
|
|
|
|
|
|
549
|
1113
|
|
|
|
|
|
SV* cb_data_advanced_get(const void *ptr, const char* data_name) |
550
|
|
|
|
|
|
|
{ |
551
|
|
|
|
|
|
|
HV * L2HV; |
552
|
|
|
|
|
|
|
SV ** svtmp; |
553
|
|
|
|
|
|
|
int len; |
554
|
|
|
|
|
|
|
char key_name[500]; |
555
|
|
|
|
|
|
|
dMY_CXT; |
556
|
|
|
|
|
|
|
|
557
|
1113
|
50
|
|
|
|
|
len = my_snprintf(key_name, sizeof(key_name), "ptr_%p", ptr); |
558
|
1113
|
50
|
|
|
|
|
if (len == sizeof(key_name)) return &PL_sv_undef; /* return undef on error - key_name too short*/ |
559
|
|
|
|
|
|
|
|
560
|
|
|
|
|
|
|
/* get level-2 hash */ |
561
|
1113
|
|
|
|
|
|
svtmp = hv_fetch(MY_CXT.global_cb_data, key_name, strlen(key_name), 0); |
562
|
1113
|
100
|
|
|
|
|
if (svtmp == NULL) return &PL_sv_undef; |
563
|
1110
|
50
|
|
|
|
|
if (!SvOK(*svtmp)) return &PL_sv_undef; |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
564
|
1110
|
50
|
|
|
|
|
if (!SvROK(*svtmp)) return &PL_sv_undef; |
565
|
|
|
|
|
|
|
#if defined(MUTABLE_PTR) |
566
|
1110
|
|
|
|
|
|
L2HV = (HV*)MUTABLE_PTR(SvRV(*svtmp)); |
567
|
|
|
|
|
|
|
#else |
568
|
|
|
|
|
|
|
L2HV = (HV*)(SvRV(*svtmp)); |
569
|
|
|
|
|
|
|
#endif |
570
|
|
|
|
|
|
|
|
571
|
|
|
|
|
|
|
/* get stored data */ |
572
|
1110
|
|
|
|
|
|
svtmp = hv_fetch(L2HV, data_name, strlen(data_name), 0); |
573
|
1110
|
100
|
|
|
|
|
if (svtmp == NULL) return &PL_sv_undef; |
574
|
630
|
50
|
|
|
|
|
if (!SvOK(*svtmp)) return &PL_sv_undef; |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
575
|
|
|
|
|
|
|
|
576
|
1113
|
|
|
|
|
|
return *svtmp; |
577
|
|
|
|
|
|
|
} |
578
|
|
|
|
|
|
|
|
579
|
350
|
|
|
|
|
|
int cb_data_advanced_drop(const void *ptr) |
580
|
|
|
|
|
|
|
{ |
581
|
|
|
|
|
|
|
int len; |
582
|
|
|
|
|
|
|
char key_name[500]; |
583
|
|
|
|
|
|
|
dMY_CXT; |
584
|
|
|
|
|
|
|
|
585
|
350
|
50
|
|
|
|
|
len = my_snprintf(key_name, sizeof(key_name), "ptr_%p", ptr); |
586
|
350
|
50
|
|
|
|
|
if (len == sizeof(key_name)) return 0; /* error - key_name too short*/ |
587
|
|
|
|
|
|
|
|
588
|
350
|
|
|
|
|
|
hv_delete(MY_CXT.global_cb_data, key_name, strlen(key_name), G_DISCARD); |
589
|
350
|
|
|
|
|
|
return 1; |
590
|
|
|
|
|
|
|
} |
591
|
|
|
|
|
|
|
|
592
|
|
|
|
|
|
|
/* ============= callback stuff - invoke functions ============== */ |
593
|
|
|
|
|
|
|
|
594
|
21
|
|
|
|
|
|
static int ssleay_verify_callback_invoke (int ok, X509_STORE_CTX* x509_store) |
595
|
|
|
|
|
|
|
{ |
596
|
21
|
|
|
|
|
|
dSP; |
597
|
|
|
|
|
|
|
SSL* ssl; |
598
|
21
|
|
|
|
|
|
int count = -1, res; |
599
|
|
|
|
|
|
|
SV *cb_func; |
600
|
|
|
|
|
|
|
|
601
|
|
|
|
|
|
|
PR1("STARTED: ssleay_verify_callback_invoke\n"); |
602
|
21
|
|
|
|
|
|
ssl = X509_STORE_CTX_get_ex_data(x509_store, SSL_get_ex_data_X509_STORE_CTX_idx()); |
603
|
21
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ssl, "ssleay_verify_callback!!func"); |
604
|
|
|
|
|
|
|
|
605
|
21
|
100
|
|
|
|
|
if (!SvOK(cb_func)) { |
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
606
|
3
|
|
|
|
|
|
SSL_CTX* ssl_ctx = SSL_get_SSL_CTX(ssl); |
607
|
3
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ssl_ctx, "ssleay_verify_callback!!func"); |
608
|
|
|
|
|
|
|
} |
609
|
|
|
|
|
|
|
|
610
|
21
|
50
|
|
|
|
|
if (!SvOK(cb_func)) |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
611
|
0
|
|
|
|
|
|
croak("Net::SSLeay: verify_callback called, but not set to point to any perl function.\n"); |
612
|
|
|
|
|
|
|
|
613
|
21
|
|
|
|
|
|
ENTER; |
614
|
21
|
|
|
|
|
|
SAVETMPS; |
615
|
|
|
|
|
|
|
|
616
|
|
|
|
|
|
|
PR2("verify callback glue ok=%d\n", ok); |
617
|
|
|
|
|
|
|
|
618
|
21
|
50
|
|
|
|
|
PUSHMARK(sp); |
619
|
21
|
50
|
|
|
|
|
EXTEND( sp, 2 ); |
620
|
21
|
|
|
|
|
|
PUSHs( sv_2mortal(newSViv(ok)) ); |
621
|
21
|
|
|
|
|
|
PUSHs( sv_2mortal(newSViv(PTR2IV(x509_store))) ); |
622
|
21
|
|
|
|
|
|
PUTBACK; |
623
|
|
|
|
|
|
|
|
624
|
|
|
|
|
|
|
PR1("About to call verify callback.\n"); |
625
|
21
|
|
|
|
|
|
count = call_sv(cb_func, G_SCALAR); |
626
|
|
|
|
|
|
|
PR1("Returned from verify callback.\n"); |
627
|
|
|
|
|
|
|
|
628
|
21
|
|
|
|
|
|
SPAGAIN; |
629
|
|
|
|
|
|
|
|
630
|
21
|
50
|
|
|
|
|
if (count != 1) |
631
|
0
|
|
|
|
|
|
croak ( "Net::SSLeay: verify_callback perl function did not return a scalar.\n"); |
632
|
|
|
|
|
|
|
|
633
|
21
|
50
|
|
|
|
|
res = POPi; |
634
|
|
|
|
|
|
|
|
635
|
21
|
|
|
|
|
|
PUTBACK; |
636
|
21
|
50
|
|
|
|
|
FREETMPS; |
637
|
21
|
|
|
|
|
|
LEAVE; |
638
|
|
|
|
|
|
|
|
639
|
21
|
|
|
|
|
|
return res; |
640
|
|
|
|
|
|
|
} |
641
|
|
|
|
|
|
|
|
642
|
5
|
|
|
|
|
|
static int ssleay_ctx_passwd_cb_invoke(char *buf, int size, int rwflag, void *userdata) |
643
|
|
|
|
|
|
|
{ |
644
|
5
|
|
|
|
|
|
dSP; |
645
|
5
|
|
|
|
|
|
int count = -1; |
646
|
|
|
|
|
|
|
char *res; |
647
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
648
|
|
|
|
|
|
|
|
649
|
|
|
|
|
|
|
PR1("STARTED: ssleay_ctx_passwd_cb_invoke\n"); |
650
|
5
|
|
|
|
|
|
cb_func = cb_data_advanced_get(userdata, "ssleay_ctx_passwd_cb!!func"); |
651
|
5
|
|
|
|
|
|
cb_data = cb_data_advanced_get(userdata, "ssleay_ctx_passwd_cb!!data"); |
652
|
|
|
|
|
|
|
|
653
|
5
|
50
|
|
|
|
|
if(!SvOK(cb_func)) |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
654
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ctx_passwd_cb_invoke called, but not set to point to any perl function.\n"); |
655
|
|
|
|
|
|
|
|
656
|
5
|
|
|
|
|
|
ENTER; |
657
|
5
|
|
|
|
|
|
SAVETMPS; |
658
|
|
|
|
|
|
|
|
659
|
5
|
50
|
|
|
|
|
PUSHMARK(sp); |
660
|
5
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(rwflag))); |
661
|
5
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
662
|
5
|
|
|
|
|
|
PUTBACK; |
663
|
|
|
|
|
|
|
|
664
|
5
|
|
|
|
|
|
count = call_sv( cb_func, G_SCALAR ); |
665
|
|
|
|
|
|
|
|
666
|
5
|
|
|
|
|
|
SPAGAIN; |
667
|
|
|
|
|
|
|
|
668
|
5
|
50
|
|
|
|
|
if (count != 1) |
669
|
0
|
|
|
|
|
|
croak("Net::SSLeay: ssleay_ctx_passwd_cb_invoke perl function did not return a scalar.\n"); |
670
|
|
|
|
|
|
|
|
671
|
5
|
50
|
|
|
|
|
res = POPp; |
672
|
|
|
|
|
|
|
|
673
|
5
|
50
|
|
|
|
|
if (res == NULL) { |
674
|
0
|
|
|
|
|
|
*buf = '\0'; |
675
|
|
|
|
|
|
|
} else { |
676
|
5
|
|
|
|
|
|
strncpy(buf, res, size); |
677
|
5
|
|
|
|
|
|
buf[size - 1] = '\0'; |
678
|
|
|
|
|
|
|
} |
679
|
|
|
|
|
|
|
|
680
|
5
|
|
|
|
|
|
PUTBACK; |
681
|
5
|
50
|
|
|
|
|
FREETMPS; |
682
|
5
|
|
|
|
|
|
LEAVE; |
683
|
|
|
|
|
|
|
|
684
|
5
|
|
|
|
|
|
return strlen(buf); |
685
|
|
|
|
|
|
|
} |
686
|
|
|
|
|
|
|
|
687
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x1010006fL /* In OpenSSL 1.1.0 but actually called for $ssl from 1.1.0f */ |
688
|
|
|
|
|
|
|
#ifndef LIBRESSL_VERSION_NUMBER |
689
|
|
|
|
|
|
|
#ifndef OPENSSL_IS_BORINGSSL |
690
|
|
|
|
|
|
|
static int ssleay_ssl_passwd_cb_invoke(char *buf, int size, int rwflag, void *userdata) |
691
|
|
|
|
|
|
|
{ |
692
|
|
|
|
|
|
|
dSP; |
693
|
|
|
|
|
|
|
int count = -1; |
694
|
|
|
|
|
|
|
char *res; |
695
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
696
|
|
|
|
|
|
|
|
697
|
|
|
|
|
|
|
PR1("STARTED: ssleay_ssl_passwd_cb_invoke\n"); |
698
|
|
|
|
|
|
|
cb_func = cb_data_advanced_get(userdata, "ssleay_ssl_passwd_cb!!func"); |
699
|
|
|
|
|
|
|
cb_data = cb_data_advanced_get(userdata, "ssleay_ssl_passwd_cb!!data"); |
700
|
|
|
|
|
|
|
|
701
|
|
|
|
|
|
|
if(!SvOK(cb_func)) |
702
|
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ssl_passwd_cb_invoke called, but not set to point to any perl function.\n"); |
703
|
|
|
|
|
|
|
|
704
|
|
|
|
|
|
|
ENTER; |
705
|
|
|
|
|
|
|
SAVETMPS; |
706
|
|
|
|
|
|
|
|
707
|
|
|
|
|
|
|
PUSHMARK(sp); |
708
|
|
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(rwflag))); |
709
|
|
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
710
|
|
|
|
|
|
|
PUTBACK; |
711
|
|
|
|
|
|
|
|
712
|
|
|
|
|
|
|
count = call_sv( cb_func, G_SCALAR ); |
713
|
|
|
|
|
|
|
|
714
|
|
|
|
|
|
|
SPAGAIN; |
715
|
|
|
|
|
|
|
|
716
|
|
|
|
|
|
|
if (count != 1) |
717
|
|
|
|
|
|
|
croak("Net::SSLeay: ssleay_ssl_passwd_cb_invoke perl function did not return a scalar.\n"); |
718
|
|
|
|
|
|
|
|
719
|
|
|
|
|
|
|
res = POPp; |
720
|
|
|
|
|
|
|
|
721
|
|
|
|
|
|
|
if (res == NULL) { |
722
|
|
|
|
|
|
|
*buf = '\0'; |
723
|
|
|
|
|
|
|
} else { |
724
|
|
|
|
|
|
|
strncpy(buf, res, size); |
725
|
|
|
|
|
|
|
buf[size - 1] = '\0'; |
726
|
|
|
|
|
|
|
} |
727
|
|
|
|
|
|
|
|
728
|
|
|
|
|
|
|
PUTBACK; |
729
|
|
|
|
|
|
|
FREETMPS; |
730
|
|
|
|
|
|
|
LEAVE; |
731
|
|
|
|
|
|
|
|
732
|
|
|
|
|
|
|
return strlen(buf); |
733
|
|
|
|
|
|
|
} |
734
|
|
|
|
|
|
|
#endif /* !BoringSSL */ |
735
|
|
|
|
|
|
|
#endif /* !LibreSSL */ |
736
|
|
|
|
|
|
|
#endif /* >= 1.1.0f */ |
737
|
|
|
|
|
|
|
|
738
|
1
|
|
|
|
|
|
int ssleay_ctx_cert_verify_cb_invoke(X509_STORE_CTX* x509_store_ctx, void* data) |
739
|
|
|
|
|
|
|
{ |
740
|
1
|
|
|
|
|
|
dSP; |
741
|
1
|
|
|
|
|
|
int count = -1; |
742
|
|
|
|
|
|
|
int res; |
743
|
|
|
|
|
|
|
SV * cb_func, *cb_data; |
744
|
|
|
|
|
|
|
void *ptr; |
745
|
|
|
|
|
|
|
SSL *ssl; |
746
|
|
|
|
|
|
|
|
747
|
|
|
|
|
|
|
PR1("STARTED: ssleay_ctx_cert_verify_cb_invoke\n"); |
748
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x0090700fL |
749
|
|
|
|
|
|
|
ssl = X509_STORE_CTX_get_ex_data(x509_store_ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); |
750
|
|
|
|
|
|
|
ptr = (void*) SSL_get_SSL_CTX(ssl); |
751
|
|
|
|
|
|
|
#else |
752
|
1
|
|
|
|
|
|
ssl = NULL; |
753
|
1
|
|
|
|
|
|
ptr = (void*) data; |
754
|
|
|
|
|
|
|
#endif |
755
|
|
|
|
|
|
|
|
756
|
1
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ptr, "ssleay_ctx_cert_verify_cb!!func"); |
757
|
1
|
|
|
|
|
|
cb_data = cb_data_advanced_get(ptr, "ssleay_ctx_cert_verify_cb!!data"); |
758
|
|
|
|
|
|
|
|
759
|
1
|
50
|
|
|
|
|
if(!SvOK(cb_func)) |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
760
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ctx_cert_verify_cb_invoke called, but not set to point to any perl function.\n"); |
761
|
|
|
|
|
|
|
|
762
|
1
|
|
|
|
|
|
ENTER; |
763
|
1
|
|
|
|
|
|
SAVETMPS; |
764
|
|
|
|
|
|
|
|
765
|
1
|
50
|
|
|
|
|
PUSHMARK(SP); |
766
|
1
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(x509_store_ctx)))); |
767
|
1
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
768
|
1
|
|
|
|
|
|
PUTBACK; |
769
|
|
|
|
|
|
|
|
770
|
1
|
|
|
|
|
|
count = call_sv(cb_func, G_SCALAR); |
771
|
|
|
|
|
|
|
|
772
|
1
|
|
|
|
|
|
SPAGAIN; |
773
|
|
|
|
|
|
|
|
774
|
1
|
50
|
|
|
|
|
if (count != 1) |
775
|
0
|
|
|
|
|
|
croak("Net::SSLeay: ssleay_ctx_cert_verify_cb_invoke perl function did not return a scalar.\n"); |
776
|
|
|
|
|
|
|
|
777
|
1
|
50
|
|
|
|
|
res = POPi; |
778
|
|
|
|
|
|
|
|
779
|
1
|
|
|
|
|
|
PUTBACK; |
780
|
1
|
50
|
|
|
|
|
FREETMPS; |
781
|
1
|
|
|
|
|
|
LEAVE; |
782
|
|
|
|
|
|
|
|
783
|
1
|
|
|
|
|
|
return res; |
784
|
|
|
|
|
|
|
} |
785
|
|
|
|
|
|
|
|
786
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) |
787
|
|
|
|
|
|
|
|
788
|
0
|
|
|
|
|
|
int tlsext_servername_callback_invoke(SSL *ssl, int *ad, void *arg) |
789
|
|
|
|
|
|
|
{ |
790
|
0
|
|
|
|
|
|
dSP; |
791
|
0
|
|
|
|
|
|
int count = -1; |
792
|
|
|
|
|
|
|
int res; |
793
|
|
|
|
|
|
|
SV * cb_func, *cb_data; |
794
|
|
|
|
|
|
|
|
795
|
|
|
|
|
|
|
PR1("STARTED: tlsext_servername_callback_invoke\n"); |
796
|
|
|
|
|
|
|
|
797
|
0
|
|
|
|
|
|
cb_func = cb_data_advanced_get(arg, "tlsext_servername_callback!!func"); |
798
|
0
|
|
|
|
|
|
cb_data = cb_data_advanced_get(arg, "tlsext_servername_callback!!data"); |
799
|
|
|
|
|
|
|
|
800
|
0
|
0
|
|
|
|
|
if(!SvOK(cb_func)) |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
801
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: tlsext_servername_callback_invoke called, but not set to point to any perl function.\n"); |
802
|
|
|
|
|
|
|
|
803
|
0
|
|
|
|
|
|
ENTER; |
804
|
0
|
|
|
|
|
|
SAVETMPS; |
805
|
|
|
|
|
|
|
|
806
|
0
|
0
|
|
|
|
|
PUSHMARK(SP); |
807
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
808
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
809
|
0
|
|
|
|
|
|
PUTBACK; |
810
|
|
|
|
|
|
|
|
811
|
0
|
|
|
|
|
|
count = call_sv(cb_func, G_SCALAR); |
812
|
|
|
|
|
|
|
|
813
|
0
|
|
|
|
|
|
SPAGAIN; |
814
|
|
|
|
|
|
|
|
815
|
0
|
0
|
|
|
|
|
if (count != 1) |
816
|
0
|
|
|
|
|
|
croak("Net::SSLeay: tlsext_servername_callback_invoke perl function did not return a scalar.\n"); |
817
|
|
|
|
|
|
|
|
818
|
0
|
0
|
|
|
|
|
res = POPi; |
819
|
|
|
|
|
|
|
|
820
|
0
|
|
|
|
|
|
PUTBACK; |
821
|
0
|
0
|
|
|
|
|
FREETMPS; |
822
|
0
|
|
|
|
|
|
LEAVE; |
823
|
|
|
|
|
|
|
|
824
|
0
|
|
|
|
|
|
return res; |
825
|
|
|
|
|
|
|
} |
826
|
|
|
|
|
|
|
|
827
|
|
|
|
|
|
|
#endif |
828
|
|
|
|
|
|
|
|
829
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(OPENSSL_NO_TLSEXT) |
830
|
|
|
|
|
|
|
|
831
|
0
|
|
|
|
|
|
int tlsext_status_cb_invoke(SSL *ssl, void *arg) |
832
|
|
|
|
|
|
|
{ |
833
|
0
|
|
|
|
|
|
dSP; |
834
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
835
|
0
|
|
|
|
|
|
SSL_CTX *ctx = SSL_get_SSL_CTX(ssl); |
836
|
0
|
|
|
|
|
|
int len,res,nres = -1; |
837
|
0
|
|
|
|
|
|
const unsigned char *p = NULL; |
838
|
0
|
|
|
|
|
|
OCSP_RESPONSE *ocsp_response = NULL; |
839
|
|
|
|
|
|
|
|
840
|
0
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "tlsext_status_cb!!func"); |
841
|
0
|
|
|
|
|
|
cb_data = cb_data_advanced_get(ctx, "tlsext_status_cb!!data"); |
842
|
|
|
|
|
|
|
|
843
|
0
|
0
|
|
|
|
|
if ( ! SvROK(cb_func) || (SvTYPE(SvRV(cb_func)) != SVt_PVCV)) |
|
|
0
|
|
|
|
|
|
844
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: tlsext_status_cb_invoke called, but not set to point to any perl function.\n"); |
845
|
|
|
|
|
|
|
|
846
|
0
|
|
|
|
|
|
len = SSL_get_tlsext_status_ocsp_resp(ssl, &p); |
847
|
0
|
0
|
|
|
|
|
if (p) ocsp_response = d2i_OCSP_RESPONSE(NULL, &p, len); |
848
|
|
|
|
|
|
|
|
849
|
0
|
|
|
|
|
|
ENTER; |
850
|
0
|
|
|
|
|
|
SAVETMPS; |
851
|
|
|
|
|
|
|
|
852
|
0
|
0
|
|
|
|
|
PUSHMARK(SP); |
853
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
854
|
0
|
|
|
|
|
|
PUSHs( sv_2mortal(newSViv(PTR2IV(ocsp_response))) ); |
855
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
856
|
0
|
|
|
|
|
|
PUTBACK; |
857
|
|
|
|
|
|
|
|
858
|
0
|
|
|
|
|
|
nres = call_sv(cb_func, G_SCALAR); |
859
|
0
|
0
|
|
|
|
|
if (ocsp_response) OCSP_RESPONSE_free(ocsp_response); |
860
|
|
|
|
|
|
|
|
861
|
0
|
|
|
|
|
|
SPAGAIN; |
862
|
|
|
|
|
|
|
|
863
|
0
|
0
|
|
|
|
|
if (nres != 1) |
864
|
0
|
|
|
|
|
|
croak("Net::SSLeay: tlsext_status_cb_invoke perl function did not return a scalar.\n"); |
865
|
|
|
|
|
|
|
|
866
|
0
|
0
|
|
|
|
|
res = POPi; |
867
|
|
|
|
|
|
|
|
868
|
0
|
|
|
|
|
|
PUTBACK; |
869
|
0
|
0
|
|
|
|
|
FREETMPS; |
870
|
0
|
|
|
|
|
|
LEAVE; |
871
|
|
|
|
|
|
|
|
872
|
0
|
|
|
|
|
|
return res; |
873
|
|
|
|
|
|
|
} |
874
|
|
|
|
|
|
|
|
875
|
1
|
|
|
|
|
|
int session_ticket_ext_cb_invoke(SSL *ssl, const unsigned char *data, int len, void *arg) |
876
|
|
|
|
|
|
|
{ |
877
|
1
|
|
|
|
|
|
dSP; |
878
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
879
|
1
|
|
|
|
|
|
int res,nres = -1; |
880
|
|
|
|
|
|
|
|
881
|
1
|
|
|
|
|
|
cb_func = cb_data_advanced_get(arg, "session_ticket_ext_cb!!func"); |
882
|
1
|
|
|
|
|
|
cb_data = cb_data_advanced_get(arg, "session_ticket_ext_cb!!data"); |
883
|
|
|
|
|
|
|
|
884
|
1
|
50
|
|
|
|
|
if ( ! SvROK(cb_func) || (SvTYPE(SvRV(cb_func)) != SVt_PVCV)) |
|
|
50
|
|
|
|
|
|
885
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: session_ticket_ext_cb_invoke called, but not set to point to any perl function.\n"); |
886
|
|
|
|
|
|
|
|
887
|
1
|
|
|
|
|
|
ENTER; |
888
|
1
|
|
|
|
|
|
SAVETMPS; |
889
|
|
|
|
|
|
|
|
890
|
1
|
50
|
|
|
|
|
PUSHMARK(SP); |
891
|
1
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
892
|
1
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpvn((const char *)data, len))); |
893
|
1
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
894
|
1
|
|
|
|
|
|
PUTBACK; |
895
|
|
|
|
|
|
|
|
896
|
1
|
|
|
|
|
|
nres = call_sv(cb_func, G_SCALAR); |
897
|
|
|
|
|
|
|
|
898
|
1
|
|
|
|
|
|
SPAGAIN; |
899
|
|
|
|
|
|
|
|
900
|
1
|
50
|
|
|
|
|
if (nres != 1) |
901
|
0
|
|
|
|
|
|
croak("Net::SSLeay: session_ticket_ext_cb_invoke perl function did not return a scalar.\n"); |
902
|
|
|
|
|
|
|
|
903
|
1
|
50
|
|
|
|
|
res = POPi; |
904
|
|
|
|
|
|
|
|
905
|
1
|
|
|
|
|
|
PUTBACK; |
906
|
1
|
50
|
|
|
|
|
FREETMPS; |
907
|
1
|
|
|
|
|
|
LEAVE; |
908
|
|
|
|
|
|
|
|
909
|
1
|
|
|
|
|
|
return res; |
910
|
|
|
|
|
|
|
} |
911
|
|
|
|
|
|
|
|
912
|
|
|
|
|
|
|
#endif |
913
|
|
|
|
|
|
|
|
914
|
|
|
|
|
|
|
#if defined(SSL_F_SSL_SET_HELLO_EXTENSION) || defined(SSL_F_SSL_SET_SESSION_TICKET_EXT) |
915
|
|
|
|
|
|
|
|
916
|
0
|
|
|
|
|
|
int ssleay_session_secret_cb_invoke(SSL* s, void* secret, int *secret_len, |
917
|
|
|
|
|
|
|
STACK_OF(SSL_CIPHER) *peer_ciphers, |
918
|
|
|
|
|
|
|
const SSL_CIPHER **cipher, void *arg) |
919
|
|
|
|
|
|
|
{ |
920
|
0
|
|
|
|
|
|
dSP; |
921
|
0
|
|
|
|
|
|
int count = -1, res, i; |
922
|
0
|
|
|
|
|
|
AV *ciphers = newAV(); |
923
|
0
|
|
|
|
|
|
SV *pref_cipher = sv_newmortal(); |
924
|
|
|
|
|
|
|
SV * cb_func, *cb_data; |
925
|
|
|
|
|
|
|
SV * secretsv; |
926
|
|
|
|
|
|
|
|
927
|
|
|
|
|
|
|
PR1("STARTED: ssleay_session_secret_cb_invoke\n"); |
928
|
0
|
|
|
|
|
|
cb_func = cb_data_advanced_get(arg, "ssleay_session_secret_cb!!func"); |
929
|
0
|
|
|
|
|
|
cb_data = cb_data_advanced_get(arg, "ssleay_session_secret_cb!!data"); |
930
|
|
|
|
|
|
|
|
931
|
0
|
0
|
|
|
|
|
if(!SvOK(cb_func)) |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
932
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ctx_passwd_cb_invoke called, but not set to point to any perl function.\n"); |
933
|
|
|
|
|
|
|
|
934
|
0
|
|
|
|
|
|
ENTER; |
935
|
0
|
|
|
|
|
|
SAVETMPS; |
936
|
|
|
|
|
|
|
|
937
|
0
|
0
|
|
|
|
|
PUSHMARK(SP); |
938
|
0
|
|
|
|
|
|
secretsv = sv_2mortal( newSVpv(secret, *secret_len)); |
939
|
0
|
0
|
|
|
|
|
XPUSHs(secretsv); |
940
|
0
|
0
|
|
|
|
|
for (i=0; i
|
941
|
0
|
|
|
|
|
|
const SSL_CIPHER *c = sk_SSL_CIPHER_value(peer_ciphers,i); |
942
|
0
|
|
|
|
|
|
av_store(ciphers, i, sv_2mortal(newSVpv(SSL_CIPHER_get_name(c), 0))); |
943
|
|
|
|
|
|
|
} |
944
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newRV_inc((SV*)ciphers))); |
945
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newRV_inc(pref_cipher))); |
946
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
947
|
|
|
|
|
|
|
|
948
|
0
|
|
|
|
|
|
PUTBACK; |
949
|
|
|
|
|
|
|
|
950
|
0
|
|
|
|
|
|
count = call_sv( cb_func, G_SCALAR ); |
951
|
|
|
|
|
|
|
|
952
|
0
|
|
|
|
|
|
SPAGAIN; |
953
|
|
|
|
|
|
|
|
954
|
0
|
0
|
|
|
|
|
if (count != 1) |
955
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_session_secret_cb_invoke perl function did not return a scalar.\n"); |
956
|
|
|
|
|
|
|
|
957
|
0
|
0
|
|
|
|
|
res = POPi; |
958
|
0
|
0
|
|
|
|
|
if (res) { |
959
|
|
|
|
|
|
|
/* See if there is a preferred cipher selected, if so it is an index into the stack */ |
960
|
0
|
0
|
|
|
|
|
if (SvIOK(pref_cipher)) |
961
|
0
|
0
|
|
|
|
|
*cipher = sk_SSL_CIPHER_value(peer_ciphers, SvIV(pref_cipher)); |
962
|
|
|
|
|
|
|
|
963
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
964
|
|
|
|
|
|
|
{ |
965
|
|
|
|
|
|
|
/* Use any new master secret set by the callback function in secret */ |
966
|
|
|
|
|
|
|
STRLEN newsecretlen; |
967
|
|
|
|
|
|
|
char* newsecretdata = SvPV(secretsv, newsecretlen); |
968
|
|
|
|
|
|
|
memcpy(secret, newsecretdata, newsecretlen); |
969
|
|
|
|
|
|
|
} |
970
|
|
|
|
|
|
|
#endif |
971
|
|
|
|
|
|
|
} |
972
|
|
|
|
|
|
|
|
973
|
0
|
|
|
|
|
|
PUTBACK; |
974
|
0
|
0
|
|
|
|
|
FREETMPS; |
975
|
0
|
|
|
|
|
|
LEAVE; |
976
|
|
|
|
|
|
|
|
977
|
0
|
|
|
|
|
|
return res; |
978
|
|
|
|
|
|
|
} |
979
|
|
|
|
|
|
|
|
980
|
|
|
|
|
|
|
#endif |
981
|
|
|
|
|
|
|
|
982
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(OPENSSL_NO_PSK) |
983
|
|
|
|
|
|
|
#define NET_SSLEAY_CAN_PSK_CLIENT_CALLBACK |
984
|
|
|
|
|
|
|
|
985
|
0
|
|
|
|
|
|
unsigned int ssleay_set_psk_client_callback_invoke(SSL *ssl, const char *hint, |
986
|
|
|
|
|
|
|
char *identity, unsigned int max_identity_len, |
987
|
|
|
|
|
|
|
unsigned char *psk, unsigned int max_psk_len) |
988
|
|
|
|
|
|
|
{ |
989
|
0
|
|
|
|
|
|
dSP; |
990
|
0
|
|
|
|
|
|
int count = -1; |
991
|
|
|
|
|
|
|
char *identity_val, *psk_val; |
992
|
0
|
|
|
|
|
|
unsigned int psk_len = 0; |
993
|
0
|
|
|
|
|
|
BIGNUM *psk_bn = NULL; |
994
|
|
|
|
|
|
|
SV * cb_func; |
995
|
|
|
|
|
|
|
SV * hintsv; |
996
|
|
|
|
|
|
|
/* this n_a is required for building with old perls: */ |
997
|
|
|
|
|
|
|
STRLEN n_a; |
998
|
|
|
|
|
|
|
|
999
|
|
|
|
|
|
|
PR1("STARTED: ssleay_set_psk_client_callback_invoke\n"); |
1000
|
0
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ssl, "ssleay_set_psk_client_callback!!func"); |
1001
|
|
|
|
|
|
|
|
1002
|
0
|
0
|
|
|
|
|
if(!SvOK(cb_func)) |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1003
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_set_psk_client_callback_invoke called, but not set to point to any perl function.\n"); |
1004
|
|
|
|
|
|
|
|
1005
|
0
|
|
|
|
|
|
ENTER; |
1006
|
0
|
|
|
|
|
|
SAVETMPS; |
1007
|
|
|
|
|
|
|
|
1008
|
0
|
0
|
|
|
|
|
PUSHMARK(SP); |
1009
|
0
|
0
|
|
|
|
|
if (hint != NULL) { |
1010
|
0
|
|
|
|
|
|
hintsv = sv_2mortal( newSVpv(hint, strlen(hint))); |
1011
|
0
|
0
|
|
|
|
|
XPUSHs(hintsv); |
1012
|
|
|
|
|
|
|
} |
1013
|
|
|
|
|
|
|
|
1014
|
0
|
|
|
|
|
|
PUTBACK; |
1015
|
|
|
|
|
|
|
|
1016
|
0
|
|
|
|
|
|
count = call_sv( cb_func, G_ARRAY ); |
1017
|
|
|
|
|
|
|
|
1018
|
0
|
|
|
|
|
|
SPAGAIN; |
1019
|
|
|
|
|
|
|
|
1020
|
0
|
0
|
|
|
|
|
if (count != 2) |
1021
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_set_psk_client_callback_invoke perl function did not return 2 values.\n"); |
1022
|
|
|
|
|
|
|
|
1023
|
0
|
0
|
|
|
|
|
psk_val = POPpx; |
1024
|
0
|
0
|
|
|
|
|
identity_val = POPpx; |
1025
|
|
|
|
|
|
|
|
1026
|
0
|
0
|
|
|
|
|
my_snprintf(identity, max_identity_len, "%s", identity_val); |
|
|
0
|
|
|
|
|
|
1027
|
|
|
|
|
|
|
|
1028
|
0
|
0
|
|
|
|
|
if (BN_hex2bn(&psk_bn, psk_val) > 0) { |
1029
|
0
|
0
|
|
|
|
|
if (BN_num_bytes(psk_bn) <= max_psk_len) { |
1030
|
0
|
|
|
|
|
|
psk_len = BN_bn2bin(psk_bn, psk); |
1031
|
|
|
|
|
|
|
} |
1032
|
0
|
|
|
|
|
|
BN_free(psk_bn); |
1033
|
|
|
|
|
|
|
} |
1034
|
|
|
|
|
|
|
|
1035
|
0
|
|
|
|
|
|
PUTBACK; |
1036
|
0
|
0
|
|
|
|
|
FREETMPS; |
1037
|
0
|
|
|
|
|
|
LEAVE; |
1038
|
|
|
|
|
|
|
|
1039
|
0
|
|
|
|
|
|
return psk_len; |
1040
|
|
|
|
|
|
|
} |
1041
|
|
|
|
|
|
|
|
1042
|
0
|
|
|
|
|
|
unsigned int ssleay_ctx_set_psk_client_callback_invoke(SSL *ssl, const char *hint, |
1043
|
|
|
|
|
|
|
char *identity, unsigned int max_identity_len, |
1044
|
|
|
|
|
|
|
unsigned char *psk, unsigned int max_psk_len) |
1045
|
|
|
|
|
|
|
{ |
1046
|
0
|
|
|
|
|
|
dSP; |
1047
|
|
|
|
|
|
|
SSL_CTX *ctx; |
1048
|
0
|
|
|
|
|
|
int count = -1; |
1049
|
|
|
|
|
|
|
char *identity_val, *psk_val; |
1050
|
0
|
|
|
|
|
|
unsigned int psk_len = 0; |
1051
|
0
|
|
|
|
|
|
BIGNUM *psk_bn = NULL; |
1052
|
|
|
|
|
|
|
SV * cb_func; |
1053
|
|
|
|
|
|
|
SV * hintsv; |
1054
|
|
|
|
|
|
|
/* this n_a is required for building with old perls: */ |
1055
|
|
|
|
|
|
|
STRLEN n_a; |
1056
|
|
|
|
|
|
|
|
1057
|
0
|
|
|
|
|
|
ctx = SSL_get_SSL_CTX(ssl); |
1058
|
|
|
|
|
|
|
|
1059
|
|
|
|
|
|
|
PR1("STARTED: ssleay_ctx_set_psk_client_callback_invoke\n"); |
1060
|
0
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "ssleay_ctx_set_psk_client_callback!!func"); |
1061
|
|
|
|
|
|
|
|
1062
|
0
|
0
|
|
|
|
|
if(!SvOK(cb_func)) |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1063
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ctx_set_psk_client_callback_invoke called, but not set to point to any perl function.\n"); |
1064
|
|
|
|
|
|
|
|
1065
|
0
|
|
|
|
|
|
ENTER; |
1066
|
0
|
|
|
|
|
|
SAVETMPS; |
1067
|
|
|
|
|
|
|
|
1068
|
0
|
0
|
|
|
|
|
PUSHMARK(SP); |
1069
|
0
|
0
|
|
|
|
|
if (hint != NULL) { |
1070
|
0
|
|
|
|
|
|
hintsv = sv_2mortal( newSVpv(hint, strlen(hint))); |
1071
|
0
|
0
|
|
|
|
|
XPUSHs(hintsv); |
1072
|
|
|
|
|
|
|
} |
1073
|
|
|
|
|
|
|
|
1074
|
0
|
|
|
|
|
|
PUTBACK; |
1075
|
|
|
|
|
|
|
|
1076
|
0
|
|
|
|
|
|
count = call_sv( cb_func, G_ARRAY ); |
1077
|
|
|
|
|
|
|
|
1078
|
0
|
|
|
|
|
|
SPAGAIN; |
1079
|
|
|
|
|
|
|
|
1080
|
0
|
0
|
|
|
|
|
if (count != 2) |
1081
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ctx_set_psk_client_callback_invoke perl function did not return 2 values.\n"); |
1082
|
|
|
|
|
|
|
|
1083
|
0
|
0
|
|
|
|
|
psk_val = POPpx; |
1084
|
0
|
0
|
|
|
|
|
identity_val = POPpx; |
1085
|
|
|
|
|
|
|
|
1086
|
0
|
0
|
|
|
|
|
my_snprintf(identity, max_identity_len, "%s", identity_val); |
|
|
0
|
|
|
|
|
|
1087
|
|
|
|
|
|
|
|
1088
|
0
|
0
|
|
|
|
|
if (BN_hex2bn(&psk_bn, psk_val) > 0) { |
1089
|
0
|
0
|
|
|
|
|
if (BN_num_bytes(psk_bn) <= max_psk_len) { |
1090
|
0
|
|
|
|
|
|
psk_len = BN_bn2bin(psk_bn, psk); |
1091
|
|
|
|
|
|
|
} |
1092
|
0
|
|
|
|
|
|
BN_free(psk_bn); |
1093
|
|
|
|
|
|
|
} |
1094
|
|
|
|
|
|
|
|
1095
|
0
|
|
|
|
|
|
PUTBACK; |
1096
|
0
|
0
|
|
|
|
|
FREETMPS; |
1097
|
0
|
|
|
|
|
|
LEAVE; |
1098
|
|
|
|
|
|
|
|
1099
|
0
|
|
|
|
|
|
return psk_len; |
1100
|
|
|
|
|
|
|
} |
1101
|
|
|
|
|
|
|
|
1102
|
|
|
|
|
|
|
#endif |
1103
|
|
|
|
|
|
|
|
1104
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG)) || (OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_TLSEXT)) |
1105
|
|
|
|
|
|
|
|
1106
|
8
|
|
|
|
|
|
int next_proto_helper_AV2protodata(AV * list, unsigned char *out) |
1107
|
|
|
|
|
|
|
{ |
1108
|
8
|
|
|
|
|
|
int i, last_index, ptr = 0; |
1109
|
8
|
|
|
|
|
|
last_index = av_len(list); |
1110
|
8
|
50
|
|
|
|
|
if (last_index<0) return 0; |
1111
|
24
|
100
|
|
|
|
|
for(i=0; i<=last_index; i++) { |
1112
|
16
|
50
|
|
|
|
|
char *p = SvPV_nolen(*av_fetch(list, i, 0)); |
1113
|
16
|
|
|
|
|
|
size_t len = strlen(p); |
1114
|
16
|
50
|
|
|
|
|
if (len>255) return 0; |
1115
|
16
|
100
|
|
|
|
|
if (out) { |
1116
|
|
|
|
|
|
|
/* if out == NULL we only calculate the length of output */ |
1117
|
8
|
|
|
|
|
|
out[ptr] = (unsigned char)len; |
1118
|
8
|
|
|
|
|
|
strncpy((char*)out+ptr+1, p, len); |
1119
|
|
|
|
|
|
|
} |
1120
|
16
|
|
|
|
|
|
ptr += strlen(p) + 1; |
1121
|
|
|
|
|
|
|
} |
1122
|
8
|
|
|
|
|
|
return ptr; |
1123
|
|
|
|
|
|
|
} |
1124
|
|
|
|
|
|
|
|
1125
|
0
|
|
|
|
|
|
int next_proto_helper_protodata2AV(AV * list, const unsigned char *in, unsigned int inlen) |
1126
|
|
|
|
|
|
|
{ |
1127
|
0
|
|
|
|
|
|
unsigned int i = 0; |
1128
|
|
|
|
|
|
|
unsigned char il; |
1129
|
0
|
0
|
|
|
|
|
if (!list || inlen<2) return 0; |
|
|
0
|
|
|
|
|
|
1130
|
0
|
0
|
|
|
|
|
while (i
|
1131
|
0
|
|
|
|
|
|
il = in[i++]; |
1132
|
0
|
0
|
|
|
|
|
if (i+il > inlen) return 0; |
1133
|
0
|
|
|
|
|
|
av_push(list, newSVpv((const char*)in+i, il)); |
1134
|
0
|
|
|
|
|
|
i += il; |
1135
|
|
|
|
|
|
|
} |
1136
|
0
|
|
|
|
|
|
return 1; |
1137
|
|
|
|
|
|
|
} |
1138
|
|
|
|
|
|
|
|
1139
|
|
|
|
|
|
|
#endif |
1140
|
|
|
|
|
|
|
|
1141
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) |
1142
|
|
|
|
|
|
|
|
1143
|
1
|
|
|
|
|
|
int next_proto_select_cb_invoke(SSL *ssl, unsigned char **out, unsigned char *outlen, |
1144
|
|
|
|
|
|
|
const unsigned char *in, unsigned int inlen, void *arg) |
1145
|
|
|
|
|
|
|
{ |
1146
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
1147
|
|
|
|
|
|
|
unsigned char *next_proto_data; |
1148
|
|
|
|
|
|
|
size_t next_proto_len; |
1149
|
|
|
|
|
|
|
int next_proto_status; |
1150
|
1
|
|
|
|
|
|
SSL_CTX *ctx = SSL_get_SSL_CTX(ssl); |
1151
|
|
|
|
|
|
|
/* this n_a is required for building with old perls: */ |
1152
|
|
|
|
|
|
|
STRLEN n_a; |
1153
|
|
|
|
|
|
|
|
1154
|
|
|
|
|
|
|
PR1("STARTED: next_proto_select_cb_invoke\n"); |
1155
|
1
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "next_proto_select_cb!!func"); |
1156
|
1
|
|
|
|
|
|
cb_data = cb_data_advanced_get(ctx, "next_proto_select_cb!!data"); |
1157
|
|
|
|
|
|
|
/* clear last_status value = store undef */ |
1158
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "next_proto_select_cb!!last_status", NULL); |
1159
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "next_proto_select_cb!!last_negotiated", NULL); |
1160
|
|
|
|
|
|
|
|
1161
|
1
|
50
|
|
|
|
|
if (SvROK(cb_func) && (SvTYPE(SvRV(cb_func)) == SVt_PVCV)) { |
|
|
0
|
|
|
|
|
|
1162
|
0
|
|
|
|
|
|
int count = -1; |
1163
|
0
|
|
|
|
|
|
AV *list = newAV(); |
1164
|
|
|
|
|
|
|
SV *tmpsv; |
1165
|
0
|
|
|
|
|
|
dSP; |
1166
|
|
|
|
|
|
|
|
1167
|
0
|
0
|
|
|
|
|
if (!next_proto_helper_protodata2AV(list, in, inlen)) return SSL_TLSEXT_ERR_ALERT_FATAL; |
1168
|
|
|
|
|
|
|
|
1169
|
0
|
|
|
|
|
|
ENTER; |
1170
|
0
|
|
|
|
|
|
SAVETMPS; |
1171
|
0
|
0
|
|
|
|
|
PUSHMARK(SP); |
1172
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
1173
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newRV_inc((SV*)list))); |
1174
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
1175
|
0
|
|
|
|
|
|
PUTBACK; |
1176
|
0
|
|
|
|
|
|
count = call_sv( cb_func, G_ARRAY ); |
1177
|
0
|
|
|
|
|
|
SPAGAIN; |
1178
|
0
|
0
|
|
|
|
|
if (count != 2) |
1179
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: next_proto_select_cb_invoke perl function did not return 2 values.\n"); |
1180
|
0
|
0
|
|
|
|
|
next_proto_data = (unsigned char*)POPpx; |
1181
|
0
|
0
|
|
|
|
|
next_proto_status = POPi; |
1182
|
|
|
|
|
|
|
|
1183
|
0
|
|
|
|
|
|
next_proto_len = strlen((const char*)next_proto_data); |
1184
|
0
|
0
|
|
|
|
|
if (next_proto_len<=255) { |
1185
|
|
|
|
|
|
|
/* store last_status + last_negotiated into global hash */ |
1186
|
0
|
|
|
|
|
|
cb_data_advanced_put(ssl, "next_proto_select_cb!!last_status", newSViv(next_proto_status)); |
1187
|
0
|
|
|
|
|
|
tmpsv = newSVpv((const char*)next_proto_data, next_proto_len); |
1188
|
0
|
|
|
|
|
|
cb_data_advanced_put(ssl, "next_proto_select_cb!!last_negotiated", tmpsv); |
1189
|
0
|
|
|
|
|
|
*out = (unsigned char *)SvPVX(tmpsv); |
1190
|
0
|
|
|
|
|
|
*outlen = next_proto_len; |
1191
|
|
|
|
|
|
|
} |
1192
|
|
|
|
|
|
|
|
1193
|
0
|
|
|
|
|
|
PUTBACK; |
1194
|
0
|
0
|
|
|
|
|
FREETMPS; |
1195
|
0
|
|
|
|
|
|
LEAVE; |
1196
|
|
|
|
|
|
|
|
1197
|
0
|
0
|
|
|
|
|
return next_proto_len>255 ? SSL_TLSEXT_ERR_ALERT_FATAL : SSL_TLSEXT_ERR_OK; |
1198
|
|
|
|
|
|
|
} |
1199
|
1
|
50
|
|
|
|
|
else if (SvROK(cb_data) && (SvTYPE(SvRV(cb_data)) == SVt_PVAV)) { |
|
|
50
|
|
|
|
|
|
1200
|
1
|
|
|
|
|
|
next_proto_len = next_proto_helper_AV2protodata((AV*)SvRV(cb_data), NULL); |
1201
|
1
|
|
|
|
|
|
Newx(next_proto_data, next_proto_len, unsigned char); |
1202
|
1
|
50
|
|
|
|
|
if (!next_proto_data) return SSL_TLSEXT_ERR_ALERT_FATAL; |
1203
|
1
|
|
|
|
|
|
next_proto_len = next_proto_helper_AV2protodata((AV*)SvRV(cb_data), next_proto_data); |
1204
|
|
|
|
|
|
|
|
1205
|
1
|
|
|
|
|
|
next_proto_status = SSL_select_next_proto(out, outlen, in, inlen, next_proto_data, next_proto_len); |
1206
|
1
|
|
|
|
|
|
Safefree(next_proto_data); |
1207
|
1
|
50
|
|
|
|
|
if (next_proto_status != OPENSSL_NPN_NEGOTIATED) { |
1208
|
0
|
|
|
|
|
|
*outlen = *in; |
1209
|
0
|
|
|
|
|
|
*out = (unsigned char *)in+1; |
1210
|
|
|
|
|
|
|
} |
1211
|
|
|
|
|
|
|
|
1212
|
|
|
|
|
|
|
/* store last_status + last_negotiated into global hash */ |
1213
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "next_proto_select_cb!!last_status", newSViv(next_proto_status)); |
1214
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "next_proto_select_cb!!last_negotiated", newSVpv((const char*)*out, *outlen)); |
1215
|
1
|
|
|
|
|
|
return SSL_TLSEXT_ERR_OK; |
1216
|
|
|
|
|
|
|
} |
1217
|
0
|
|
|
|
|
|
return SSL_TLSEXT_ERR_ALERT_FATAL; |
1218
|
|
|
|
|
|
|
} |
1219
|
|
|
|
|
|
|
|
1220
|
1
|
|
|
|
|
|
int next_protos_advertised_cb_invoke(SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg_unused) |
1221
|
|
|
|
|
|
|
{ |
1222
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
1223
|
1
|
|
|
|
|
|
unsigned char *protodata = NULL; |
1224
|
1
|
|
|
|
|
|
unsigned short protodata_len = 0; |
1225
|
|
|
|
|
|
|
SV *tmpsv; |
1226
|
|
|
|
|
|
|
AV *tmpav; |
1227
|
1
|
|
|
|
|
|
SSL_CTX *ctx = SSL_get_SSL_CTX(ssl); |
1228
|
|
|
|
|
|
|
|
1229
|
|
|
|
|
|
|
PR1("STARTED: next_protos_advertised_cb_invoke"); |
1230
|
1
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "next_protos_advertised_cb!!func"); |
1231
|
1
|
|
|
|
|
|
cb_data = cb_data_advanced_get(ctx, "next_protos_advertised_cb!!data"); |
1232
|
|
|
|
|
|
|
|
1233
|
1
|
50
|
|
|
|
|
if (SvROK(cb_func) && (SvTYPE(SvRV(cb_func)) == SVt_PVCV)) { |
|
|
0
|
|
|
|
|
|
1234
|
0
|
|
|
|
|
|
int count = -1; |
1235
|
0
|
|
|
|
|
|
dSP; |
1236
|
0
|
|
|
|
|
|
ENTER; |
1237
|
0
|
|
|
|
|
|
SAVETMPS; |
1238
|
0
|
0
|
|
|
|
|
PUSHMARK(SP); |
1239
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
1240
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
1241
|
0
|
|
|
|
|
|
PUTBACK; |
1242
|
0
|
|
|
|
|
|
count = call_sv( cb_func, G_SCALAR ); |
1243
|
0
|
|
|
|
|
|
SPAGAIN; |
1244
|
0
|
0
|
|
|
|
|
if (count != 1) |
1245
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: next_protos_advertised_cb_invoke perl function did not return scalar value.\n"); |
1246
|
0
|
|
|
|
|
|
tmpsv = POPs; |
1247
|
0
|
0
|
|
|
|
|
if (SvOK(tmpsv) && SvROK(tmpsv) && (SvTYPE(SvRV(tmpsv)) == SVt_PVAV)) { |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1248
|
0
|
|
|
|
|
|
tmpav = (AV*)SvRV(tmpsv); |
1249
|
0
|
|
|
|
|
|
protodata_len = next_proto_helper_AV2protodata(tmpav, NULL); |
1250
|
0
|
|
|
|
|
|
Newx(protodata, protodata_len, unsigned char); |
1251
|
0
|
0
|
|
|
|
|
if (protodata) next_proto_helper_AV2protodata(tmpav, protodata); |
1252
|
|
|
|
|
|
|
} |
1253
|
0
|
|
|
|
|
|
PUTBACK; |
1254
|
0
|
0
|
|
|
|
|
FREETMPS; |
1255
|
0
|
|
|
|
|
|
LEAVE; |
1256
|
|
|
|
|
|
|
} |
1257
|
1
|
50
|
|
|
|
|
else if (SvROK(cb_data) && (SvTYPE(SvRV(cb_data)) == SVt_PVAV)) { |
|
|
50
|
|
|
|
|
|
1258
|
1
|
|
|
|
|
|
tmpav = (AV*)SvRV(cb_data); |
1259
|
1
|
|
|
|
|
|
protodata_len = next_proto_helper_AV2protodata(tmpav, NULL); |
1260
|
1
|
|
|
|
|
|
Newx(protodata, protodata_len, unsigned char); |
1261
|
1
|
50
|
|
|
|
|
if (protodata) next_proto_helper_AV2protodata(tmpav, protodata); |
1262
|
|
|
|
|
|
|
} |
1263
|
1
|
50
|
|
|
|
|
if (protodata) { |
1264
|
1
|
|
|
|
|
|
tmpsv = newSVpv((const char*)protodata, protodata_len); |
1265
|
1
|
|
|
|
|
|
Safefree(protodata); |
1266
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "next_protos_advertised_cb!!last_advertised", tmpsv); |
1267
|
1
|
|
|
|
|
|
*out = (unsigned char *)SvPVX(tmpsv); |
1268
|
1
|
|
|
|
|
|
*outlen = protodata_len; |
1269
|
1
|
|
|
|
|
|
return SSL_TLSEXT_ERR_OK; |
1270
|
|
|
|
|
|
|
} |
1271
|
0
|
|
|
|
|
|
return SSL_TLSEXT_ERR_ALERT_FATAL; |
1272
|
|
|
|
|
|
|
} |
1273
|
|
|
|
|
|
|
|
1274
|
|
|
|
|
|
|
#endif |
1275
|
|
|
|
|
|
|
|
1276
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_TLSEXT) |
1277
|
|
|
|
|
|
|
|
1278
|
1
|
|
|
|
|
|
int alpn_select_cb_invoke(SSL *ssl, const unsigned char **out, unsigned char *outlen, |
1279
|
|
|
|
|
|
|
const unsigned char *in, unsigned int inlen, void *arg) |
1280
|
|
|
|
|
|
|
{ |
1281
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
1282
|
|
|
|
|
|
|
unsigned char *alpn_data; |
1283
|
|
|
|
|
|
|
size_t alpn_len; |
1284
|
1
|
|
|
|
|
|
SSL_CTX *ctx = SSL_get_SSL_CTX(ssl); |
1285
|
|
|
|
|
|
|
|
1286
|
|
|
|
|
|
|
PR1("STARTED: alpn_select_cb_invoke\n"); |
1287
|
1
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "alpn_select_cb!!func"); |
1288
|
1
|
|
|
|
|
|
cb_data = cb_data_advanced_get(ctx, "alpn_select_cb!!data"); |
1289
|
|
|
|
|
|
|
|
1290
|
1
|
50
|
|
|
|
|
if (SvROK(cb_func) && (SvTYPE(SvRV(cb_func)) == SVt_PVCV)) { |
|
|
0
|
|
|
|
|
|
1291
|
0
|
|
|
|
|
|
int count = -1; |
1292
|
0
|
|
|
|
|
|
AV *list = newAV(); |
1293
|
|
|
|
|
|
|
SV *tmpsv; |
1294
|
|
|
|
|
|
|
SV *alpn_data_sv; |
1295
|
0
|
|
|
|
|
|
dSP; |
1296
|
|
|
|
|
|
|
|
1297
|
0
|
0
|
|
|
|
|
if (!next_proto_helper_protodata2AV(list, in, inlen)) return SSL_TLSEXT_ERR_ALERT_FATAL; |
1298
|
|
|
|
|
|
|
|
1299
|
0
|
|
|
|
|
|
ENTER; |
1300
|
0
|
|
|
|
|
|
SAVETMPS; |
1301
|
0
|
0
|
|
|
|
|
PUSHMARK(SP); |
1302
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
1303
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newRV_inc((SV*)list))); |
1304
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
1305
|
0
|
|
|
|
|
|
PUTBACK; |
1306
|
0
|
|
|
|
|
|
count = call_sv( cb_func, G_ARRAY ); |
1307
|
0
|
|
|
|
|
|
SPAGAIN; |
1308
|
0
|
0
|
|
|
|
|
if (count != 1) |
1309
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: alpn_select_cb perl function did not return exactly 1 value.\n"); |
1310
|
0
|
|
|
|
|
|
alpn_data_sv = POPs; |
1311
|
0
|
0
|
|
|
|
|
if (SvOK(alpn_data_sv)) { |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1312
|
0
|
0
|
|
|
|
|
alpn_data = (unsigned char*)SvPV_nolen(alpn_data_sv); |
1313
|
0
|
|
|
|
|
|
alpn_len = strlen((const char*)alpn_data); |
1314
|
0
|
0
|
|
|
|
|
if (alpn_len <= 255) { |
1315
|
0
|
|
|
|
|
|
tmpsv = newSVpv((const char*)alpn_data, alpn_len); |
1316
|
0
|
|
|
|
|
|
*out = (unsigned char *)SvPVX(tmpsv); |
1317
|
0
|
|
|
|
|
|
*outlen = alpn_len; |
1318
|
|
|
|
|
|
|
} |
1319
|
|
|
|
|
|
|
} else { |
1320
|
0
|
|
|
|
|
|
alpn_data = NULL; |
1321
|
0
|
|
|
|
|
|
alpn_len = 0; |
1322
|
|
|
|
|
|
|
} |
1323
|
0
|
|
|
|
|
|
PUTBACK; |
1324
|
0
|
0
|
|
|
|
|
FREETMPS; |
1325
|
0
|
|
|
|
|
|
LEAVE; |
1326
|
|
|
|
|
|
|
|
1327
|
0
|
0
|
|
|
|
|
if (alpn_len>255) return SSL_TLSEXT_ERR_ALERT_FATAL; |
1328
|
0
|
0
|
|
|
|
|
return alpn_data ? SSL_TLSEXT_ERR_OK : SSL_TLSEXT_ERR_NOACK; |
1329
|
|
|
|
|
|
|
} |
1330
|
1
|
50
|
|
|
|
|
else if (SvROK(cb_data) && (SvTYPE(SvRV(cb_data)) == SVt_PVAV)) { |
|
|
50
|
|
|
|
|
|
1331
|
|
|
|
|
|
|
int status; |
1332
|
|
|
|
|
|
|
|
1333
|
1
|
|
|
|
|
|
alpn_len = next_proto_helper_AV2protodata((AV*)SvRV(cb_data), NULL); |
1334
|
1
|
|
|
|
|
|
Newx(alpn_data, alpn_len, unsigned char); |
1335
|
1
|
50
|
|
|
|
|
if (!alpn_data) return SSL_TLSEXT_ERR_ALERT_FATAL; |
1336
|
1
|
|
|
|
|
|
alpn_len = next_proto_helper_AV2protodata((AV*)SvRV(cb_data), alpn_data); |
1337
|
|
|
|
|
|
|
|
1338
|
|
|
|
|
|
|
/* This is the same function that is used for NPN. */ |
1339
|
1
|
|
|
|
|
|
status = SSL_select_next_proto((unsigned char **)out, outlen, in, inlen, alpn_data, alpn_len); |
1340
|
1
|
|
|
|
|
|
Safefree(alpn_data); |
1341
|
1
|
50
|
|
|
|
|
if (status != OPENSSL_NPN_NEGOTIATED) { |
1342
|
0
|
|
|
|
|
|
*outlen = *in; |
1343
|
0
|
|
|
|
|
|
*out = in+1; |
1344
|
|
|
|
|
|
|
} |
1345
|
1
|
50
|
|
|
|
|
return status == OPENSSL_NPN_NEGOTIATED ? SSL_TLSEXT_ERR_OK : SSL_TLSEXT_ERR_NOACK; |
1346
|
|
|
|
|
|
|
} |
1347
|
0
|
|
|
|
|
|
return SSL_TLSEXT_ERR_ALERT_FATAL; |
1348
|
|
|
|
|
|
|
} |
1349
|
|
|
|
|
|
|
|
1350
|
|
|
|
|
|
|
#endif |
1351
|
|
|
|
|
|
|
|
1352
|
2
|
|
|
|
|
|
int pem_password_cb_invoke(char *buf, int bufsize, int rwflag, void *data) { |
1353
|
2
|
|
|
|
|
|
dSP; |
1354
|
|
|
|
|
|
|
char *str; |
1355
|
2
|
|
|
|
|
|
int count = -1; |
1356
|
2
|
|
|
|
|
|
size_t str_len = 0; |
1357
|
2
|
|
|
|
|
|
simple_cb_data_t* cb = (simple_cb_data_t*)data; |
1358
|
|
|
|
|
|
|
/* this n_a is required for building with old perls: */ |
1359
|
|
|
|
|
|
|
STRLEN n_a; |
1360
|
|
|
|
|
|
|
|
1361
|
|
|
|
|
|
|
PR1("STARTED: pem_password_cb_invoke\n"); |
1362
|
2
|
50
|
|
|
|
|
if (cb->func && SvOK(cb->func)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1363
|
2
|
|
|
|
|
|
ENTER; |
1364
|
2
|
|
|
|
|
|
SAVETMPS; |
1365
|
|
|
|
|
|
|
|
1366
|
2
|
50
|
|
|
|
|
PUSHMARK(sp); |
1367
|
|
|
|
|
|
|
|
1368
|
2
|
50
|
|
|
|
|
XPUSHs(sv_2mortal( newSViv(bufsize-1) )); |
1369
|
2
|
50
|
|
|
|
|
XPUSHs(sv_2mortal( newSViv(rwflag) )); |
1370
|
2
|
50
|
|
|
|
|
if (cb->data) XPUSHs( cb->data ); |
|
|
0
|
|
|
|
|
|
1371
|
|
|
|
|
|
|
|
1372
|
2
|
|
|
|
|
|
PUTBACK; |
1373
|
|
|
|
|
|
|
|
1374
|
2
|
|
|
|
|
|
count = call_sv( cb->func, G_SCALAR ); |
1375
|
|
|
|
|
|
|
|
1376
|
2
|
|
|
|
|
|
SPAGAIN; |
1377
|
|
|
|
|
|
|
|
1378
|
2
|
|
|
|
|
|
buf[0] = 0; /* start with an empty password */ |
1379
|
2
|
50
|
|
|
|
|
if (count != 1) { |
1380
|
0
|
|
|
|
|
|
croak("Net::SSLeay: pem_password_cb_invoke perl function did not return a scalar.\n"); |
1381
|
|
|
|
|
|
|
} |
1382
|
|
|
|
|
|
|
else { |
1383
|
2
|
50
|
|
|
|
|
str = POPpx; |
1384
|
2
|
|
|
|
|
|
str_len = strlen(str); |
1385
|
2
|
50
|
|
|
|
|
if (str_len+1 < bufsize) { |
1386
|
2
|
|
|
|
|
|
strcpy(buf, str); |
1387
|
|
|
|
|
|
|
} |
1388
|
|
|
|
|
|
|
else { |
1389
|
0
|
|
|
|
|
|
str_len = 0; |
1390
|
0
|
|
|
|
|
|
warn("Net::SSLeay: pem_password_cb_invoke password too long\n"); |
1391
|
|
|
|
|
|
|
} |
1392
|
|
|
|
|
|
|
} |
1393
|
|
|
|
|
|
|
|
1394
|
2
|
|
|
|
|
|
PUTBACK; |
1395
|
2
|
50
|
|
|
|
|
FREETMPS; |
1396
|
2
|
|
|
|
|
|
LEAVE; |
1397
|
|
|
|
|
|
|
} |
1398
|
2
|
|
|
|
|
|
return str_len; |
1399
|
|
|
|
|
|
|
} |
1400
|
|
|
|
|
|
|
|
1401
|
845
|
|
|
|
|
|
void ssleay_RSA_generate_key_cb_invoke(int i, int n, void* data) |
1402
|
|
|
|
|
|
|
{ |
1403
|
845
|
|
|
|
|
|
dSP; |
1404
|
845
|
|
|
|
|
|
int count = -1; |
1405
|
845
|
|
|
|
|
|
simple_cb_data_t* cb = (simple_cb_data_t*)data; |
1406
|
|
|
|
|
|
|
|
1407
|
|
|
|
|
|
|
/* PR1("STARTED: ssleay_RSA_generate_key_cb_invoke\n"); / * too noisy */ |
1408
|
845
|
50
|
|
|
|
|
if (cb->func && SvOK(cb->func)) { |
|
|
100
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
1409
|
340
|
|
|
|
|
|
ENTER; |
1410
|
340
|
|
|
|
|
|
SAVETMPS; |
1411
|
|
|
|
|
|
|
|
1412
|
340
|
50
|
|
|
|
|
PUSHMARK(sp); |
1413
|
|
|
|
|
|
|
|
1414
|
340
|
50
|
|
|
|
|
XPUSHs(sv_2mortal( newSViv(i) )); |
1415
|
340
|
50
|
|
|
|
|
XPUSHs(sv_2mortal( newSViv(n) )); |
1416
|
340
|
100
|
|
|
|
|
if (cb->data) XPUSHs( cb->data ); |
|
|
50
|
|
|
|
|
|
1417
|
|
|
|
|
|
|
|
1418
|
340
|
|
|
|
|
|
PUTBACK; |
1419
|
|
|
|
|
|
|
|
1420
|
340
|
|
|
|
|
|
count = call_sv( cb->func, G_VOID|G_DISCARD ); |
1421
|
|
|
|
|
|
|
|
1422
|
339
|
50
|
|
|
|
|
if (count != 0) |
1423
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_RSA_generate_key_cb_invoke " |
1424
|
|
|
|
|
|
|
"perl function did return something in void context.\n"); |
1425
|
|
|
|
|
|
|
|
1426
|
339
|
|
|
|
|
|
SPAGAIN; |
1427
|
339
|
50
|
|
|
|
|
FREETMPS; |
1428
|
339
|
|
|
|
|
|
LEAVE; |
1429
|
|
|
|
|
|
|
} |
1430
|
844
|
|
|
|
|
|
} |
1431
|
|
|
|
|
|
|
|
1432
|
16
|
|
|
|
|
|
void ssleay_info_cb_invoke(const SSL *ssl, int where, int ret) |
1433
|
|
|
|
|
|
|
{ |
1434
|
16
|
|
|
|
|
|
dSP; |
1435
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
1436
|
|
|
|
|
|
|
|
1437
|
16
|
|
|
|
|
|
cb_func = cb_data_advanced_get((void*)ssl, "ssleay_info_cb!!func"); |
1438
|
16
|
|
|
|
|
|
cb_data = cb_data_advanced_get((void*)ssl, "ssleay_info_cb!!data"); |
1439
|
|
|
|
|
|
|
|
1440
|
16
|
50
|
|
|
|
|
if ( ! SvROK(cb_func) || (SvTYPE(SvRV(cb_func)) != SVt_PVCV)) |
|
|
50
|
|
|
|
|
|
1441
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_info_cb_invoke called, but not set to point to any perl function.\n"); |
1442
|
|
|
|
|
|
|
|
1443
|
16
|
|
|
|
|
|
ENTER; |
1444
|
16
|
|
|
|
|
|
SAVETMPS; |
1445
|
|
|
|
|
|
|
|
1446
|
16
|
50
|
|
|
|
|
PUSHMARK(SP); |
1447
|
16
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
1448
|
16
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(where)) ); |
1449
|
16
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(ret)) ); |
1450
|
16
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
1451
|
16
|
|
|
|
|
|
PUTBACK; |
1452
|
|
|
|
|
|
|
|
1453
|
16
|
|
|
|
|
|
call_sv(cb_func, G_VOID); |
1454
|
|
|
|
|
|
|
|
1455
|
16
|
|
|
|
|
|
SPAGAIN; |
1456
|
16
|
|
|
|
|
|
PUTBACK; |
1457
|
16
|
50
|
|
|
|
|
FREETMPS; |
1458
|
16
|
|
|
|
|
|
LEAVE; |
1459
|
16
|
|
|
|
|
|
} |
1460
|
|
|
|
|
|
|
|
1461
|
457
|
|
|
|
|
|
void ssleay_ctx_info_cb_invoke(const SSL *ssl, int where, int ret) |
1462
|
|
|
|
|
|
|
{ |
1463
|
457
|
|
|
|
|
|
dSP; |
1464
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
1465
|
457
|
|
|
|
|
|
SSL_CTX *ctx = SSL_get_SSL_CTX(ssl); |
1466
|
|
|
|
|
|
|
|
1467
|
457
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "ssleay_ctx_info_cb!!func"); |
1468
|
457
|
|
|
|
|
|
cb_data = cb_data_advanced_get(ctx, "ssleay_ctx_info_cb!!data"); |
1469
|
|
|
|
|
|
|
|
1470
|
457
|
50
|
|
|
|
|
if ( ! SvROK(cb_func) || (SvTYPE(SvRV(cb_func)) != SVt_PVCV)) |
|
|
50
|
|
|
|
|
|
1471
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ctx_info_cb_invoke called, but not set to point to any perl function.\n"); |
1472
|
|
|
|
|
|
|
|
1473
|
457
|
|
|
|
|
|
ENTER; |
1474
|
457
|
|
|
|
|
|
SAVETMPS; |
1475
|
|
|
|
|
|
|
|
1476
|
457
|
50
|
|
|
|
|
PUSHMARK(SP); |
1477
|
457
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
1478
|
457
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(where)) ); |
1479
|
457
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(ret)) ); |
1480
|
457
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
1481
|
457
|
|
|
|
|
|
PUTBACK; |
1482
|
|
|
|
|
|
|
|
1483
|
457
|
|
|
|
|
|
call_sv(cb_func, G_VOID); |
1484
|
|
|
|
|
|
|
|
1485
|
457
|
|
|
|
|
|
SPAGAIN; |
1486
|
457
|
|
|
|
|
|
PUTBACK; |
1487
|
457
|
50
|
|
|
|
|
FREETMPS; |
1488
|
457
|
|
|
|
|
|
LEAVE; |
1489
|
457
|
|
|
|
|
|
} |
1490
|
|
|
|
|
|
|
|
1491
|
24
|
|
|
|
|
|
void ssleay_msg_cb_invoke(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg) |
1492
|
|
|
|
|
|
|
{ |
1493
|
24
|
|
|
|
|
|
dSP; |
1494
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
1495
|
|
|
|
|
|
|
|
1496
|
24
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ssl, "ssleay_msg_cb!!func"); |
1497
|
24
|
|
|
|
|
|
cb_data = cb_data_advanced_get(ssl, "ssleay_msg_cb!!data"); |
1498
|
|
|
|
|
|
|
|
1499
|
24
|
50
|
|
|
|
|
if ( ! SvROK(cb_func) || (SvTYPE(SvRV(cb_func)) != SVt_PVCV)) |
|
|
50
|
|
|
|
|
|
1500
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_msg_cb_invoke called, but not set to point to any perl function.\n"); |
1501
|
|
|
|
|
|
|
|
1502
|
24
|
|
|
|
|
|
ENTER; |
1503
|
24
|
|
|
|
|
|
SAVETMPS; |
1504
|
|
|
|
|
|
|
|
1505
|
24
|
50
|
|
|
|
|
PUSHMARK(SP); |
1506
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(write_p))); |
1507
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(version))); |
1508
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(content_type))); |
1509
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((const char*)buf, len))); |
1510
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(len))); |
1511
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
1512
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
1513
|
24
|
|
|
|
|
|
PUTBACK; |
1514
|
|
|
|
|
|
|
|
1515
|
24
|
|
|
|
|
|
call_sv(cb_func, G_VOID); |
1516
|
|
|
|
|
|
|
|
1517
|
24
|
|
|
|
|
|
SPAGAIN; |
1518
|
24
|
|
|
|
|
|
PUTBACK; |
1519
|
24
|
50
|
|
|
|
|
FREETMPS; |
1520
|
24
|
|
|
|
|
|
LEAVE; |
1521
|
24
|
|
|
|
|
|
} |
1522
|
|
|
|
|
|
|
|
1523
|
24
|
|
|
|
|
|
void ssleay_ctx_msg_cb_invoke(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg) |
1524
|
|
|
|
|
|
|
{ |
1525
|
24
|
|
|
|
|
|
dSP; |
1526
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
1527
|
24
|
|
|
|
|
|
SSL_CTX *ctx = SSL_get_SSL_CTX(ssl); |
1528
|
|
|
|
|
|
|
|
1529
|
24
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "ssleay_ctx_msg_cb!!func"); |
1530
|
24
|
|
|
|
|
|
cb_data = cb_data_advanced_get(ctx, "ssleay_ctx_msg_cb!!data"); |
1531
|
|
|
|
|
|
|
|
1532
|
24
|
50
|
|
|
|
|
if ( ! SvROK(cb_func) || (SvTYPE(SvRV(cb_func)) != SVt_PVCV)) |
|
|
50
|
|
|
|
|
|
1533
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ctx_msg_cb_invoke called, but not set to point to any perl function.\n"); |
1534
|
|
|
|
|
|
|
|
1535
|
24
|
|
|
|
|
|
ENTER; |
1536
|
24
|
|
|
|
|
|
SAVETMPS; |
1537
|
|
|
|
|
|
|
|
1538
|
24
|
50
|
|
|
|
|
PUSHMARK(SP); |
1539
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(write_p))); |
1540
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(version))); |
1541
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(content_type))); |
1542
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((const char*)buf, len))); |
1543
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(len))); |
1544
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
1545
|
24
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
1546
|
24
|
|
|
|
|
|
PUTBACK; |
1547
|
|
|
|
|
|
|
|
1548
|
24
|
|
|
|
|
|
call_sv(cb_func, G_VOID); |
1549
|
|
|
|
|
|
|
|
1550
|
24
|
|
|
|
|
|
SPAGAIN; |
1551
|
24
|
|
|
|
|
|
PUTBACK; |
1552
|
24
|
50
|
|
|
|
|
FREETMPS; |
1553
|
24
|
|
|
|
|
|
LEAVE; |
1554
|
24
|
|
|
|
|
|
} |
1555
|
|
|
|
|
|
|
|
1556
|
|
|
|
|
|
|
/* |
1557
|
|
|
|
|
|
|
* Support for tlsext_ticket_key_cb_invoke was already in 0.9.8 but it was |
1558
|
|
|
|
|
|
|
* broken in various ways during the various 1.0.0* versions. |
1559
|
|
|
|
|
|
|
* Better enable it only starting with 1.0.1. |
1560
|
|
|
|
|
|
|
*/ |
1561
|
|
|
|
|
|
|
#if defined(SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB) && OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_TLSEXT) |
1562
|
|
|
|
|
|
|
#define NET_SSLEAY_CAN_TICKET_KEY_CB |
1563
|
|
|
|
|
|
|
|
1564
|
7
|
|
|
|
|
|
int tlsext_ticket_key_cb_invoke( |
1565
|
|
|
|
|
|
|
SSL *ssl, |
1566
|
|
|
|
|
|
|
unsigned char *key_name, |
1567
|
|
|
|
|
|
|
unsigned char *iv, |
1568
|
|
|
|
|
|
|
EVP_CIPHER_CTX *ectx, |
1569
|
|
|
|
|
|
|
HMAC_CTX *hctx, |
1570
|
|
|
|
|
|
|
int enc |
1571
|
|
|
|
|
|
|
){ |
1572
|
|
|
|
|
|
|
|
1573
|
7
|
|
|
|
|
|
dSP; |
1574
|
7
|
|
|
|
|
|
int count,usable_rv_count,hmac_key_len = 0; |
1575
|
|
|
|
|
|
|
SV *cb_func, *cb_data; |
1576
|
|
|
|
|
|
|
STRLEN svlen; |
1577
|
|
|
|
|
|
|
unsigned char key[48]; /* key[0..15] aes, key[16..32] or key[16..48] hmac */ |
1578
|
|
|
|
|
|
|
unsigned char name[16]; |
1579
|
7
|
|
|
|
|
|
SSL_CTX *ctx = SSL_get_SSL_CTX(ssl); |
1580
|
|
|
|
|
|
|
|
1581
|
|
|
|
|
|
|
PR1("STARTED: tlsext_ticket_key_cb_invoke\n"); |
1582
|
7
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "tlsext_ticket_key_cb!!func"); |
1583
|
7
|
|
|
|
|
|
cb_data = cb_data_advanced_get(ctx, "tlsext_ticket_key_cb!!data"); |
1584
|
|
|
|
|
|
|
|
1585
|
7
|
50
|
|
|
|
|
if (!SvROK(cb_func) || (SvTYPE(SvRV(cb_func)) != SVt_PVCV)) |
|
|
50
|
|
|
|
|
|
1586
|
0
|
|
|
|
|
|
croak("callback must be a code reference"); |
1587
|
|
|
|
|
|
|
|
1588
|
7
|
|
|
|
|
|
ENTER; |
1589
|
7
|
|
|
|
|
|
SAVETMPS; |
1590
|
7
|
50
|
|
|
|
|
PUSHMARK(SP); |
1591
|
|
|
|
|
|
|
|
1592
|
7
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data))); |
1593
|
|
|
|
|
|
|
|
1594
|
7
|
100
|
|
|
|
|
if (!enc) { |
1595
|
|
|
|
|
|
|
/* call as getkey(data,this_name) -> (key,current_name) */ |
1596
|
4
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((const char *)key_name,16))); |
1597
|
|
|
|
|
|
|
} else { |
1598
|
|
|
|
|
|
|
/* call as getkey(data) -> (key,current_name) */ |
1599
|
|
|
|
|
|
|
} |
1600
|
|
|
|
|
|
|
|
1601
|
7
|
|
|
|
|
|
PUTBACK; |
1602
|
|
|
|
|
|
|
|
1603
|
7
|
|
|
|
|
|
count = call_sv( cb_func, G_ARRAY ); |
1604
|
|
|
|
|
|
|
|
1605
|
7
|
|
|
|
|
|
SPAGAIN; |
1606
|
|
|
|
|
|
|
|
1607
|
7
|
50
|
|
|
|
|
if (count>2) |
1608
|
0
|
|
|
|
|
|
croak("too much return values - only (name,key) should be returned"); |
1609
|
|
|
|
|
|
|
|
1610
|
7
|
|
|
|
|
|
usable_rv_count = 0; |
1611
|
7
|
100
|
|
|
|
|
if (count>0) { |
1612
|
6
|
|
|
|
|
|
SV *sname = POPs; |
1613
|
6
|
50
|
|
|
|
|
if (SvOK(sname)) { |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1614
|
6
|
50
|
|
|
|
|
unsigned char *pname = (unsigned char *)SvPV(sname,svlen); |
1615
|
6
|
50
|
|
|
|
|
if (svlen > 16) |
1616
|
0
|
|
|
|
|
|
croak("name must be at at most 16 bytes, got %d",(int)svlen); |
1617
|
6
|
50
|
|
|
|
|
if (svlen == 0) |
1618
|
0
|
|
|
|
|
|
croak("name should not be empty"); |
1619
|
6
|
|
|
|
|
|
OPENSSL_cleanse(name, 16); |
1620
|
6
|
|
|
|
|
|
memcpy(name,pname,svlen); |
1621
|
6
|
|
|
|
|
|
usable_rv_count++; |
1622
|
|
|
|
|
|
|
} |
1623
|
|
|
|
|
|
|
} |
1624
|
7
|
100
|
|
|
|
|
if (count>1) { |
1625
|
6
|
|
|
|
|
|
SV *skey = POPs; |
1626
|
6
|
50
|
|
|
|
|
if (SvOK(skey)) { |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1627
|
6
|
50
|
|
|
|
|
unsigned char *pkey = (unsigned char *)SvPV(skey,svlen); |
1628
|
6
|
50
|
|
|
|
|
if (svlen != 32 && svlen != 48) |
|
|
0
|
|
|
|
|
|
1629
|
0
|
|
|
|
|
|
croak("key must be 32 or 48 random bytes, got %d",(int)svlen); |
1630
|
6
|
|
|
|
|
|
hmac_key_len = (int)svlen - 16; |
1631
|
6
|
|
|
|
|
|
memcpy(key,pkey,(int)svlen); |
1632
|
6
|
|
|
|
|
|
usable_rv_count++; |
1633
|
|
|
|
|
|
|
} |
1634
|
|
|
|
|
|
|
} |
1635
|
|
|
|
|
|
|
|
1636
|
7
|
|
|
|
|
|
PUTBACK; |
1637
|
7
|
50
|
|
|
|
|
FREETMPS; |
1638
|
7
|
|
|
|
|
|
LEAVE; |
1639
|
|
|
|
|
|
|
|
1640
|
7
|
100
|
|
|
|
|
if (!enc && usable_rv_count == 0) { |
|
|
100
|
|
|
|
|
|
1641
|
1
|
|
|
|
|
|
TRACE(2,"no key returned for ticket"); |
1642
|
1
|
|
|
|
|
|
return 0; |
1643
|
|
|
|
|
|
|
} |
1644
|
6
|
50
|
|
|
|
|
if (usable_rv_count != 2) |
1645
|
0
|
|
|
|
|
|
croak("key functions needs to return (key,name)"); |
1646
|
|
|
|
|
|
|
|
1647
|
6
|
100
|
|
|
|
|
if (enc) { |
1648
|
|
|
|
|
|
|
/* encrypt ticket information with given key */ |
1649
|
3
|
|
|
|
|
|
RAND_bytes(iv, 16); |
1650
|
3
|
|
|
|
|
|
EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, key, iv); |
1651
|
3
|
|
|
|
|
|
HMAC_Init_ex(hctx,key+16,hmac_key_len,EVP_sha256(),NULL); |
1652
|
3
|
|
|
|
|
|
memcpy(key_name,name,16); |
1653
|
3
|
|
|
|
|
|
return 1; |
1654
|
|
|
|
|
|
|
|
1655
|
|
|
|
|
|
|
} else { |
1656
|
3
|
|
|
|
|
|
HMAC_Init_ex(hctx,key+16,hmac_key_len,EVP_sha256(),NULL); |
1657
|
3
|
|
|
|
|
|
EVP_DecryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, key, iv); |
1658
|
|
|
|
|
|
|
|
1659
|
3
|
100
|
|
|
|
|
if (memcmp(name,key_name,16) == 0) |
1660
|
2
|
|
|
|
|
|
return 1; /* current key was used */ |
1661
|
|
|
|
|
|
|
else |
1662
|
7
|
|
|
|
|
|
return 2; /* different key was used, need to be renewed */ |
1663
|
|
|
|
|
|
|
} |
1664
|
|
|
|
|
|
|
} |
1665
|
|
|
|
|
|
|
|
1666
|
|
|
|
|
|
|
#endif |
1667
|
|
|
|
|
|
|
|
1668
|
6
|
|
|
|
|
|
int ssleay_ssl_ctx_sess_new_cb_invoke(struct ssl_st *ssl, SSL_SESSION *sess) |
1669
|
|
|
|
|
|
|
{ |
1670
|
6
|
|
|
|
|
|
dSP; |
1671
|
|
|
|
|
|
|
int count, remove; |
1672
|
|
|
|
|
|
|
SSL_CTX *ctx; |
1673
|
|
|
|
|
|
|
SV *cb_func; |
1674
|
|
|
|
|
|
|
|
1675
|
|
|
|
|
|
|
PR1("STARTED: ssleay_ssl_ctx_sess_new_cb_invoke\n"); |
1676
|
6
|
|
|
|
|
|
ctx = SSL_get_SSL_CTX(ssl); |
1677
|
6
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "ssleay_ssl_ctx_sess_new_cb!!func"); |
1678
|
|
|
|
|
|
|
|
1679
|
6
|
50
|
|
|
|
|
if(!SvOK(cb_func)) |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1680
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ssl_ctx_sess_new_cb_invoke called, but not set to point to any perl function.\n"); |
1681
|
|
|
|
|
|
|
|
1682
|
6
|
|
|
|
|
|
ENTER; |
1683
|
6
|
|
|
|
|
|
SAVETMPS; |
1684
|
|
|
|
|
|
|
|
1685
|
6
|
50
|
|
|
|
|
PUSHMARK(sp); |
1686
|
6
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
1687
|
6
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(sess)))); |
1688
|
6
|
|
|
|
|
|
PUTBACK; |
1689
|
|
|
|
|
|
|
|
1690
|
6
|
|
|
|
|
|
count = call_sv(cb_func, G_SCALAR); |
1691
|
|
|
|
|
|
|
|
1692
|
6
|
|
|
|
|
|
SPAGAIN; |
1693
|
|
|
|
|
|
|
|
1694
|
6
|
50
|
|
|
|
|
if (count != 1) |
1695
|
0
|
|
|
|
|
|
croak("Net::SSLeay: ssleay_ssl_ctx_sess_new_cb_invoke perl function did not return a scalar\n"); |
1696
|
|
|
|
|
|
|
|
1697
|
6
|
50
|
|
|
|
|
remove = POPi; |
1698
|
|
|
|
|
|
|
|
1699
|
6
|
|
|
|
|
|
PUTBACK; |
1700
|
6
|
50
|
|
|
|
|
FREETMPS; |
1701
|
6
|
|
|
|
|
|
LEAVE; |
1702
|
|
|
|
|
|
|
|
1703
|
6
|
|
|
|
|
|
return remove; |
1704
|
|
|
|
|
|
|
} |
1705
|
|
|
|
|
|
|
|
1706
|
6
|
|
|
|
|
|
void ssleay_ssl_ctx_sess_remove_cb_invoke(SSL_CTX *ctx, SSL_SESSION *sess) |
1707
|
|
|
|
|
|
|
{ |
1708
|
6
|
|
|
|
|
|
dSP; |
1709
|
|
|
|
|
|
|
SV *cb_func; |
1710
|
|
|
|
|
|
|
|
1711
|
|
|
|
|
|
|
PR1("STARTED: ssleay_ssl_ctx_sess_remove_cb_invoke\n"); |
1712
|
6
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "ssleay_ssl_ctx_sess_remove_cb!!func"); |
1713
|
|
|
|
|
|
|
|
1714
|
6
|
50
|
|
|
|
|
if(!SvOK(cb_func)) |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1715
|
0
|
|
|
|
|
|
croak ("Net::SSLeay: ssleay_ssl_ctx_sess_remove_cb_invoke called, but not set to point to any perl function.\n"); |
1716
|
|
|
|
|
|
|
|
1717
|
6
|
|
|
|
|
|
ENTER; |
1718
|
6
|
|
|
|
|
|
SAVETMPS; |
1719
|
|
|
|
|
|
|
|
1720
|
6
|
50
|
|
|
|
|
PUSHMARK(sp); |
1721
|
6
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ctx)))); |
1722
|
6
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(sess)))); |
1723
|
6
|
|
|
|
|
|
PUTBACK; |
1724
|
|
|
|
|
|
|
|
1725
|
6
|
|
|
|
|
|
call_sv(cb_func, G_VOID); |
1726
|
|
|
|
|
|
|
|
1727
|
6
|
|
|
|
|
|
SPAGAIN; |
1728
|
|
|
|
|
|
|
|
1729
|
6
|
|
|
|
|
|
PUTBACK; |
1730
|
6
|
50
|
|
|
|
|
FREETMPS; |
1731
|
6
|
|
|
|
|
|
LEAVE; |
1732
|
6
|
|
|
|
|
|
} |
1733
|
|
|
|
|
|
|
|
1734
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x30000000L |
1735
|
|
|
|
|
|
|
int ossl_provider_do_all_cb_invoke(OSSL_PROVIDER *provider, void *cbdata) { |
1736
|
|
|
|
|
|
|
dSP; |
1737
|
|
|
|
|
|
|
int ret = 1; |
1738
|
|
|
|
|
|
|
int count = -1; |
1739
|
|
|
|
|
|
|
simple_cb_data_t *cb = cbdata; |
1740
|
|
|
|
|
|
|
|
1741
|
|
|
|
|
|
|
PR1("STARTED: ossl_provider_do_all_cb_invoke\n"); |
1742
|
|
|
|
|
|
|
if (cb->func && SvOK(cb->func)) { |
1743
|
|
|
|
|
|
|
ENTER; |
1744
|
|
|
|
|
|
|
SAVETMPS; |
1745
|
|
|
|
|
|
|
|
1746
|
|
|
|
|
|
|
PUSHMARK(SP); |
1747
|
|
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(provider)))); |
1748
|
|
|
|
|
|
|
if (cb->data) XPUSHs(cb->data); |
1749
|
|
|
|
|
|
|
|
1750
|
|
|
|
|
|
|
PUTBACK; |
1751
|
|
|
|
|
|
|
|
1752
|
|
|
|
|
|
|
count = call_sv(cb->func, G_SCALAR); |
1753
|
|
|
|
|
|
|
|
1754
|
|
|
|
|
|
|
SPAGAIN; |
1755
|
|
|
|
|
|
|
|
1756
|
|
|
|
|
|
|
if (count != 1) |
1757
|
|
|
|
|
|
|
croak("Net::SSLeay: ossl_provider_do_all_cb_invoke perl function did not return a scalar\n"); |
1758
|
|
|
|
|
|
|
|
1759
|
|
|
|
|
|
|
ret = POPi; |
1760
|
|
|
|
|
|
|
|
1761
|
|
|
|
|
|
|
PUTBACK; |
1762
|
|
|
|
|
|
|
FREETMPS; |
1763
|
|
|
|
|
|
|
LEAVE; |
1764
|
|
|
|
|
|
|
} |
1765
|
|
|
|
|
|
|
|
1766
|
|
|
|
|
|
|
return ret; |
1767
|
|
|
|
|
|
|
} |
1768
|
|
|
|
|
|
|
#endif |
1769
|
|
|
|
|
|
|
|
1770
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10101001 && !defined(LIBRESSL_VERSION_NUMBER) |
1771
|
|
|
|
|
|
|
void ssl_ctx_keylog_cb_func_invoke(const SSL *ssl, const char *line) |
1772
|
|
|
|
|
|
|
{ |
1773
|
|
|
|
|
|
|
dSP; |
1774
|
|
|
|
|
|
|
SV *cb_func; |
1775
|
|
|
|
|
|
|
SSL_CTX *ctx = SSL_get_SSL_CTX(ssl); |
1776
|
|
|
|
|
|
|
|
1777
|
|
|
|
|
|
|
PR1("STARTED: ssl_ctx_keylog_cb_func_invoke\n"); |
1778
|
|
|
|
|
|
|
cb_func = cb_data_advanced_get(ctx, "ssleay_ssl_ctx_keylog_callback!!func"); |
1779
|
|
|
|
|
|
|
|
1780
|
|
|
|
|
|
|
if(!SvOK(cb_func)) |
1781
|
|
|
|
|
|
|
croak ("Net::SSLeay: ssl_ctx_keylog_cb_func_invoke called, but not set to point to any perl function.\n"); |
1782
|
|
|
|
|
|
|
|
1783
|
|
|
|
|
|
|
ENTER; |
1784
|
|
|
|
|
|
|
SAVETMPS; |
1785
|
|
|
|
|
|
|
|
1786
|
|
|
|
|
|
|
PUSHMARK(SP); |
1787
|
|
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(ssl)))); |
1788
|
|
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv(line, 0))); |
1789
|
|
|
|
|
|
|
|
1790
|
|
|
|
|
|
|
PUTBACK; |
1791
|
|
|
|
|
|
|
|
1792
|
|
|
|
|
|
|
call_sv(cb_func, G_VOID); |
1793
|
|
|
|
|
|
|
|
1794
|
|
|
|
|
|
|
SPAGAIN; |
1795
|
|
|
|
|
|
|
PUTBACK; |
1796
|
|
|
|
|
|
|
FREETMPS; |
1797
|
|
|
|
|
|
|
LEAVE; |
1798
|
|
|
|
|
|
|
|
1799
|
|
|
|
|
|
|
return; |
1800
|
|
|
|
|
|
|
} |
1801
|
|
|
|
|
|
|
#endif |
1802
|
|
|
|
|
|
|
|
1803
|
|
|
|
|
|
|
/* ============= end of callback stuff, begin helper functions ============== */ |
1804
|
|
|
|
|
|
|
|
1805
|
0
|
|
|
|
|
|
time_t ASN1_TIME_timet(ASN1_TIME *asn1t, time_t *gmtoff) { |
1806
|
|
|
|
|
|
|
struct tm t; |
1807
|
0
|
|
|
|
|
|
const char *p = (const char*) asn1t->data; |
1808
|
0
|
|
|
|
|
|
size_t msec = 0, tz = 0, i, l; |
1809
|
|
|
|
|
|
|
time_t result; |
1810
|
0
|
|
|
|
|
|
int adj = 0; |
1811
|
|
|
|
|
|
|
|
1812
|
0
|
0
|
|
|
|
|
if (asn1t->type == V_ASN1_UTCTIME) { |
1813
|
0
|
0
|
|
|
|
|
if (asn1t->length<12 || asn1t->length>17) return 0; |
|
|
0
|
|
|
|
|
|
1814
|
0
|
0
|
|
|
|
|
if (asn1t->length>12) tz = 12; |
1815
|
|
|
|
|
|
|
} else { |
1816
|
0
|
0
|
|
|
|
|
if (asn1t->length<14) return 0; |
1817
|
0
|
0
|
|
|
|
|
if (asn1t->length>14) { |
1818
|
0
|
0
|
|
|
|
|
if (p[14] == '.') { |
1819
|
0
|
|
|
|
|
|
msec = 14; |
1820
|
0
|
0
|
|
|
|
|
for(i=msec+1;ilength && p[i]>='0' && p[i]<='9';i++) ; |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1821
|
0
|
0
|
|
|
|
|
if (ilength) tz = i; |
1822
|
|
|
|
|
|
|
} else { |
1823
|
0
|
|
|
|
|
|
tz = 14; |
1824
|
|
|
|
|
|
|
} |
1825
|
|
|
|
|
|
|
} |
1826
|
|
|
|
|
|
|
} |
1827
|
|
|
|
|
|
|
|
1828
|
0
|
0
|
|
|
|
|
l = msec ? msec : tz ? tz : asn1t->length; |
|
|
0
|
|
|
|
|
|
1829
|
0
|
0
|
|
|
|
|
for(i=0;i
|
1830
|
0
|
0
|
|
|
|
|
if (p[i]<'0' || p[i]>'9') return 0; |
|
|
0
|
|
|
|
|
|
1831
|
|
|
|
|
|
|
} |
1832
|
|
|
|
|
|
|
|
1833
|
|
|
|
|
|
|
/* extract data and time */ |
1834
|
0
|
|
|
|
|
|
OPENSSL_cleanse(&t, sizeof(t)); |
1835
|
0
|
0
|
|
|
|
|
if (asn1t->type == V_ASN1_UTCTIME) { /* YY - two digit year */ |
1836
|
0
|
|
|
|
|
|
t.tm_year = (p[0]-'0')*10 + (p[1]-'0'); |
1837
|
0
|
0
|
|
|
|
|
if (t.tm_year < 70) t.tm_year += 100; |
1838
|
0
|
|
|
|
|
|
i=2; |
1839
|
|
|
|
|
|
|
} else { /* YYYY */ |
1840
|
0
|
|
|
|
|
|
t.tm_year = (p[0]-'0')*1000 + (p[1]-'0')*100 + (p[2]-'0')*10 + p[3]-'0'; |
1841
|
0
|
|
|
|
|
|
t.tm_year -= 1900; |
1842
|
0
|
|
|
|
|
|
i=4; |
1843
|
|
|
|
|
|
|
} |
1844
|
0
|
|
|
|
|
|
t.tm_mon = (p[i+0]-'0')*10 + (p[i+1]-'0') -1; /* MM, starts with 0 in tm */ |
1845
|
0
|
|
|
|
|
|
t.tm_mday = (p[i+2]-'0')*10 + (p[i+3]-'0'); /* DD */ |
1846
|
0
|
|
|
|
|
|
t.tm_hour = (p[i+4]-'0')*10 + (p[i+5]-'0'); /* hh */ |
1847
|
0
|
|
|
|
|
|
t.tm_min = (p[i+6]-'0')*10 + (p[i+7]-'0'); /* mm */ |
1848
|
0
|
|
|
|
|
|
t.tm_sec = (p[i+8]-'0')*10 + (p[i+9]-'0'); /* ss */ |
1849
|
|
|
|
|
|
|
|
1850
|
|
|
|
|
|
|
/* skip msec, because time_t does not support it */ |
1851
|
|
|
|
|
|
|
|
1852
|
0
|
0
|
|
|
|
|
if (tz) { |
1853
|
|
|
|
|
|
|
/* TZ is 'Z' or [+-]DDDD and after TZ the string must stop*/ |
1854
|
0
|
0
|
|
|
|
|
if (p[tz] == 'Z') { |
1855
|
0
|
0
|
|
|
|
|
if (asn1t->length>tz+1 ) return 0; |
1856
|
0
|
0
|
|
|
|
|
} else if (asn1t->length
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
1857
|
0
|
|
|
|
|
|
return 0; |
1858
|
|
|
|
|
|
|
} else { |
1859
|
0
|
0
|
|
|
|
|
if (asn1t->length>tz+5 ) return 0; |
1860
|
0
|
0
|
|
|
|
|
for(i=tz+1;i
|
1861
|
0
|
0
|
|
|
|
|
if (p[i]<'0' || p[i]>'9') return 0; |
|
|
0
|
|
|
|
|
|
1862
|
|
|
|
|
|
|
} |
1863
|
0
|
|
|
|
|
|
adj = ((p[tz+1]-'0')*10 + (p[tz+2]-'0'))*3600 |
1864
|
0
|
|
|
|
|
|
+ ((p[tz+3]-'0')*10 + (p[tz+4]-'0'))*60; |
1865
|
0
|
0
|
|
|
|
|
if (p[tz]=='+') adj*= -1; /* +0500: subtract 5 hours to get UTC */ |
1866
|
|
|
|
|
|
|
} |
1867
|
|
|
|
|
|
|
} |
1868
|
|
|
|
|
|
|
|
1869
|
0
|
|
|
|
|
|
result = mktime(&t); |
1870
|
0
|
0
|
|
|
|
|
if (result == -1) return 0; /* broken time */ |
1871
|
0
|
|
|
|
|
|
result += adj; |
1872
|
0
|
0
|
|
|
|
|
if (gmtoff && *gmtoff == -1) { |
|
|
0
|
|
|
|
|
|
1873
|
0
|
|
|
|
|
|
*gmtoff = result - mktime(gmtime(&result)); |
1874
|
0
|
|
|
|
|
|
result += *gmtoff; |
1875
|
|
|
|
|
|
|
} else { |
1876
|
0
|
|
|
|
|
|
result += result - mktime(gmtime(&result)); |
1877
|
|
|
|
|
|
|
} |
1878
|
0
|
|
|
|
|
|
return result; |
1879
|
|
|
|
|
|
|
} |
1880
|
|
|
|
|
|
|
|
1881
|
0
|
|
|
|
|
|
X509 * find_issuer(X509 *cert,X509_STORE *store, STACK_OF(X509) *chain) { |
1882
|
|
|
|
|
|
|
int i; |
1883
|
0
|
|
|
|
|
|
X509 *issuer = NULL; |
1884
|
|
|
|
|
|
|
|
1885
|
|
|
|
|
|
|
/* search first in the chain */ |
1886
|
0
|
0
|
|
|
|
|
if (chain) { |
1887
|
0
|
0
|
|
|
|
|
for(i=0;i
|
1888
|
0
|
0
|
|
|
|
|
if ( X509_check_issued(sk_X509_value(chain,i),cert) == X509_V_OK ) { |
1889
|
0
|
|
|
|
|
|
TRACE(2,"found issuer in chain"); |
1890
|
0
|
|
|
|
|
|
issuer = X509_dup(sk_X509_value(chain,i)); |
1891
|
|
|
|
|
|
|
} |
1892
|
|
|
|
|
|
|
} |
1893
|
|
|
|
|
|
|
} |
1894
|
|
|
|
|
|
|
/* if not in the chain it might be in the store */ |
1895
|
0
|
0
|
|
|
|
|
if ( !issuer && store ) { |
|
|
0
|
|
|
|
|
|
1896
|
0
|
|
|
|
|
|
X509_STORE_CTX *stx = X509_STORE_CTX_new(); |
1897
|
0
|
0
|
|
|
|
|
if (stx && X509_STORE_CTX_init(stx,store,cert,NULL)) { |
|
|
0
|
|
|
|
|
|
1898
|
0
|
|
|
|
|
|
int ok = X509_STORE_CTX_get1_issuer(&issuer,stx,cert); |
1899
|
0
|
0
|
|
|
|
|
if (ok<0) { |
1900
|
0
|
|
|
|
|
|
int err = ERR_get_error(); |
1901
|
0
|
0
|
|
|
|
|
if(err) { |
1902
|
0
|
|
|
|
|
|
TRACE(2,"failed to get issuer: %s",ERR_error_string(err,NULL)); |
1903
|
|
|
|
|
|
|
} else { |
1904
|
0
|
|
|
|
|
|
TRACE(2,"failed to get issuer: unknown error"); |
1905
|
|
|
|
|
|
|
} |
1906
|
0
|
0
|
|
|
|
|
} else if (ok == 0 ) { |
1907
|
0
|
|
|
|
|
|
TRACE(2,"failed to get issuer(0)"); |
1908
|
|
|
|
|
|
|
} else { |
1909
|
0
|
|
|
|
|
|
TRACE(2,"got issuer"); |
1910
|
|
|
|
|
|
|
} |
1911
|
|
|
|
|
|
|
} |
1912
|
0
|
0
|
|
|
|
|
if (stx) X509_STORE_CTX_free(stx); |
1913
|
|
|
|
|
|
|
} |
1914
|
0
|
|
|
|
|
|
return issuer; |
1915
|
|
|
|
|
|
|
} |
1916
|
|
|
|
|
|
|
|
1917
|
8
|
|
|
|
|
|
static SV *bn2sv(const BIGNUM* p_bn) |
1918
|
|
|
|
|
|
|
{ |
1919
|
8
|
|
|
|
|
|
return p_bn != NULL |
1920
|
8
|
|
|
|
|
|
? sv_2mortal(newSViv(PTR2IV(BN_dup(p_bn)))) |
1921
|
16
|
50
|
|
|
|
|
: &PL_sv_undef; |
1922
|
|
|
|
|
|
|
} |
1923
|
|
|
|
|
|
|
|
1924
|
|
|
|
|
|
|
/* ============= end of helper functions ============== */ |
1925
|
|
|
|
|
|
|
|
1926
|
|
|
|
|
|
|
MODULE = Net::SSLeay PACKAGE = Net::SSLeay PREFIX = SSL_ |
1927
|
|
|
|
|
|
|
|
1928
|
|
|
|
|
|
|
PROTOTYPES: ENABLE |
1929
|
|
|
|
|
|
|
|
1930
|
|
|
|
|
|
|
BOOT: |
1931
|
|
|
|
|
|
|
{ |
1932
|
|
|
|
|
|
|
MY_CXT_INIT; |
1933
|
54
|
|
|
|
|
|
LIB_initialized = 0; |
1934
|
|
|
|
|
|
|
#ifdef USE_ITHREADS |
1935
|
|
|
|
|
|
|
MUTEX_INIT(&LIB_init_mutex); |
1936
|
|
|
|
|
|
|
#ifdef OPENSSL_THREADS |
1937
|
|
|
|
|
|
|
/* If we running under ModPerl, we dont need our own thread locking because |
1938
|
|
|
|
|
|
|
* perl threads are not supported under mod-perl, and we can fall back to the thread |
1939
|
|
|
|
|
|
|
* locking built in to mod-ssl |
1940
|
|
|
|
|
|
|
*/ |
1941
|
|
|
|
|
|
|
if (!hv_fetch(get_hv("ENV", 1), "MOD_PERL", 8, 0)) |
1942
|
|
|
|
|
|
|
openssl_threads_init(); |
1943
|
|
|
|
|
|
|
#endif |
1944
|
|
|
|
|
|
|
#endif |
1945
|
|
|
|
|
|
|
/* initialize global shared callback data hash */ |
1946
|
54
|
|
|
|
|
|
MY_CXT.global_cb_data = newHV(); |
1947
|
54
|
|
|
|
|
|
MY_CXT.tid = get_my_thread_id(); |
1948
|
|
|
|
|
|
|
#ifdef USE_ITHREADS |
1949
|
|
|
|
|
|
|
PR3("BOOT: tid=%lu my_perl=%p\n", MY_CXT.tid, my_perl); |
1950
|
|
|
|
|
|
|
#else |
1951
|
|
|
|
|
|
|
PR1("BOOT:\n"); |
1952
|
|
|
|
|
|
|
#endif |
1953
|
|
|
|
|
|
|
} |
1954
|
|
|
|
|
|
|
|
1955
|
|
|
|
|
|
|
void |
1956
|
|
|
|
|
|
|
CLONE(...) |
1957
|
|
|
|
|
|
|
CODE: |
1958
|
|
|
|
|
|
|
MY_CXT_CLONE; |
1959
|
|
|
|
|
|
|
/* reset all callback related data as we want to prevent |
1960
|
|
|
|
|
|
|
* cross-thread callbacks |
1961
|
|
|
|
|
|
|
* TODO: later somebody can make the global hash MY_CXT.global_cb_data |
1962
|
|
|
|
|
|
|
* somehow shared between threads |
1963
|
|
|
|
|
|
|
*/ |
1964
|
0
|
|
|
|
|
|
MY_CXT.global_cb_data = newHV(); |
1965
|
0
|
|
|
|
|
|
MY_CXT.tid = get_my_thread_id(); |
1966
|
|
|
|
|
|
|
#ifdef USE_ITHREADS |
1967
|
|
|
|
|
|
|
PR3("CLONE: tid=%lu my_perl=%p\n", MY_CXT.tid, my_perl); |
1968
|
|
|
|
|
|
|
#else |
1969
|
|
|
|
|
|
|
PR1("CLONE: but USE_ITHREADS not defined\n"); |
1970
|
|
|
|
|
|
|
#endif |
1971
|
|
|
|
|
|
|
|
1972
|
|
|
|
|
|
|
#ifdef NET_SSLEAY_32BIT_CONSTANTS |
1973
|
|
|
|
|
|
|
double |
1974
|
|
|
|
|
|
|
constant(name) |
1975
|
|
|
|
|
|
|
char * name |
1976
|
|
|
|
|
|
|
CODE: |
1977
|
1107
|
|
|
|
|
|
errno = 0; |
1978
|
1107
|
|
|
|
|
|
RETVAL = constant(name, strlen(name)); |
1979
|
|
|
|
|
|
|
OUTPUT: |
1980
|
|
|
|
|
|
|
RETVAL |
1981
|
|
|
|
|
|
|
|
1982
|
|
|
|
|
|
|
#else |
1983
|
|
|
|
|
|
|
|
1984
|
|
|
|
|
|
|
uint64_t |
1985
|
|
|
|
|
|
|
constant(name) |
1986
|
|
|
|
|
|
|
char * name |
1987
|
|
|
|
|
|
|
CODE: |
1988
|
|
|
|
|
|
|
errno = 0; |
1989
|
|
|
|
|
|
|
RETVAL = constant(name, strlen(name)); |
1990
|
|
|
|
|
|
|
OUTPUT: |
1991
|
|
|
|
|
|
|
RETVAL |
1992
|
|
|
|
|
|
|
|
1993
|
|
|
|
|
|
|
#endif |
1994
|
|
|
|
|
|
|
|
1995
|
|
|
|
|
|
|
int |
1996
|
|
|
|
|
|
|
hello() |
1997
|
|
|
|
|
|
|
CODE: |
1998
|
|
|
|
|
|
|
PR1("\tSSLeay Hello World!\n"); |
1999
|
1
|
|
|
|
|
|
RETVAL = 1; |
2000
|
|
|
|
|
|
|
OUTPUT: |
2001
|
|
|
|
|
|
|
RETVAL |
2002
|
|
|
|
|
|
|
|
2003
|
|
|
|
|
|
|
#define REM0 "============= version related functions ==============" |
2004
|
|
|
|
|
|
|
|
2005
|
|
|
|
|
|
|
unsigned long |
2006
|
|
|
|
|
|
|
SSLeay() |
2007
|
|
|
|
|
|
|
|
2008
|
|
|
|
|
|
|
const char * |
2009
|
|
|
|
|
|
|
SSLeay_version(type=SSLEAY_VERSION) |
2010
|
|
|
|
|
|
|
int type |
2011
|
|
|
|
|
|
|
|
2012
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
2013
|
|
|
|
|
|
|
|
2014
|
|
|
|
|
|
|
unsigned long |
2015
|
|
|
|
|
|
|
OpenSSL_version_num() |
2016
|
|
|
|
|
|
|
|
2017
|
|
|
|
|
|
|
const char * |
2018
|
|
|
|
|
|
|
OpenSSL_version(t=OPENSSL_VERSION) |
2019
|
|
|
|
|
|
|
int t |
2020
|
|
|
|
|
|
|
|
2021
|
|
|
|
|
|
|
#endif /* OpenSSL 1.1.0 */ |
2022
|
|
|
|
|
|
|
|
2023
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_MAJOR >= 3) |
2024
|
|
|
|
|
|
|
|
2025
|
|
|
|
|
|
|
unsigned int |
2026
|
|
|
|
|
|
|
OPENSSL_version_major() |
2027
|
|
|
|
|
|
|
|
2028
|
|
|
|
|
|
|
unsigned int |
2029
|
|
|
|
|
|
|
OPENSSL_version_minor() |
2030
|
|
|
|
|
|
|
|
2031
|
|
|
|
|
|
|
unsigned int |
2032
|
|
|
|
|
|
|
OPENSSL_version_patch() |
2033
|
|
|
|
|
|
|
|
2034
|
|
|
|
|
|
|
const char * |
2035
|
|
|
|
|
|
|
OPENSSL_version_pre_release() |
2036
|
|
|
|
|
|
|
|
2037
|
|
|
|
|
|
|
const char * |
2038
|
|
|
|
|
|
|
OPENSSL_version_build_metadata() |
2039
|
|
|
|
|
|
|
|
2040
|
|
|
|
|
|
|
const char * |
2041
|
|
|
|
|
|
|
OPENSSL_info(int t) |
2042
|
|
|
|
|
|
|
|
2043
|
|
|
|
|
|
|
#endif |
2044
|
|
|
|
|
|
|
|
2045
|
|
|
|
|
|
|
#define REM1 "============= SSL CONTEXT functions ==============" |
2046
|
|
|
|
|
|
|
|
2047
|
|
|
|
|
|
|
SSL_CTX * |
2048
|
|
|
|
|
|
|
SSL_CTX_new() |
2049
|
|
|
|
|
|
|
CODE: |
2050
|
12
|
|
|
|
|
|
RETVAL = SSL_CTX_new (SSLv23_method()); |
2051
|
|
|
|
|
|
|
OUTPUT: |
2052
|
|
|
|
|
|
|
RETVAL |
2053
|
|
|
|
|
|
|
|
2054
|
|
|
|
|
|
|
|
2055
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
2056
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_SSL2 |
2057
|
|
|
|
|
|
|
|
2058
|
|
|
|
|
|
|
SSL_CTX * |
2059
|
|
|
|
|
|
|
SSL_CTX_v2_new() |
2060
|
|
|
|
|
|
|
CODE: |
2061
|
|
|
|
|
|
|
RETVAL = SSL_CTX_new (SSLv2_method()); |
2062
|
|
|
|
|
|
|
OUTPUT: |
2063
|
|
|
|
|
|
|
RETVAL |
2064
|
|
|
|
|
|
|
|
2065
|
|
|
|
|
|
|
#endif |
2066
|
|
|
|
|
|
|
#endif |
2067
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_SSL3 |
2068
|
|
|
|
|
|
|
|
2069
|
|
|
|
|
|
|
SSL_CTX * |
2070
|
|
|
|
|
|
|
SSL_CTX_v3_new() |
2071
|
|
|
|
|
|
|
CODE: |
2072
|
|
|
|
|
|
|
RETVAL = SSL_CTX_new (SSLv3_method()); |
2073
|
|
|
|
|
|
|
OUTPUT: |
2074
|
|
|
|
|
|
|
RETVAL |
2075
|
|
|
|
|
|
|
|
2076
|
|
|
|
|
|
|
#endif |
2077
|
|
|
|
|
|
|
|
2078
|
|
|
|
|
|
|
SSL_CTX * |
2079
|
|
|
|
|
|
|
SSL_CTX_v23_new() |
2080
|
|
|
|
|
|
|
CODE: |
2081
|
1
|
|
|
|
|
|
RETVAL = SSL_CTX_new (SSLv23_method()); |
2082
|
|
|
|
|
|
|
OUTPUT: |
2083
|
|
|
|
|
|
|
RETVAL |
2084
|
|
|
|
|
|
|
|
2085
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_TLS1_METHOD) |
2086
|
|
|
|
|
|
|
|
2087
|
|
|
|
|
|
|
SSL_CTX * |
2088
|
|
|
|
|
|
|
SSL_CTX_tlsv1_new() |
2089
|
|
|
|
|
|
|
CODE: |
2090
|
1
|
|
|
|
|
|
RETVAL = SSL_CTX_new (TLSv1_method()); |
2091
|
|
|
|
|
|
|
OUTPUT: |
2092
|
|
|
|
|
|
|
RETVAL |
2093
|
|
|
|
|
|
|
|
2094
|
|
|
|
|
|
|
#endif |
2095
|
|
|
|
|
|
|
|
2096
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10001001L && !defined(OPENSSL_NO_TLS1_1_METHOD)) /* OpenSSL 1.0.1-beta1 */ |
2097
|
|
|
|
|
|
|
|
2098
|
|
|
|
|
|
|
SSL_CTX * |
2099
|
|
|
|
|
|
|
SSL_CTX_tlsv1_1_new() |
2100
|
|
|
|
|
|
|
CODE: |
2101
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_new (TLSv1_1_method()); |
2102
|
|
|
|
|
|
|
OUTPUT: |
2103
|
|
|
|
|
|
|
RETVAL |
2104
|
|
|
|
|
|
|
|
2105
|
|
|
|
|
|
|
#endif |
2106
|
|
|
|
|
|
|
|
2107
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10001001L && !defined(OPENSSL_NO_TLS1_2_METHOD)) /* OpenSSL 1.0.1-beta1 */ |
2108
|
|
|
|
|
|
|
|
2109
|
|
|
|
|
|
|
SSL_CTX * |
2110
|
|
|
|
|
|
|
SSL_CTX_tlsv1_2_new() |
2111
|
|
|
|
|
|
|
CODE: |
2112
|
1
|
|
|
|
|
|
RETVAL = SSL_CTX_new (TLSv1_2_method()); |
2113
|
|
|
|
|
|
|
OUTPUT: |
2114
|
|
|
|
|
|
|
RETVAL |
2115
|
|
|
|
|
|
|
|
2116
|
|
|
|
|
|
|
#endif |
2117
|
|
|
|
|
|
|
|
2118
|
|
|
|
|
|
|
SSL_CTX * |
2119
|
|
|
|
|
|
|
SSL_CTX_new_with_method(meth) |
2120
|
|
|
|
|
|
|
SSL_METHOD * meth |
2121
|
|
|
|
|
|
|
CODE: |
2122
|
204
|
|
|
|
|
|
RETVAL = SSL_CTX_new (meth); |
2123
|
|
|
|
|
|
|
OUTPUT: |
2124
|
|
|
|
|
|
|
RETVAL |
2125
|
|
|
|
|
|
|
|
2126
|
|
|
|
|
|
|
void |
2127
|
|
|
|
|
|
|
SSL_CTX_free(ctx) |
2128
|
|
|
|
|
|
|
SSL_CTX * ctx |
2129
|
|
|
|
|
|
|
CODE: |
2130
|
163
|
|
|
|
|
|
SSL_CTX_free(ctx); |
2131
|
163
|
|
|
|
|
|
cb_data_advanced_drop(ctx); /* clean callback related data from global hash */ |
2132
|
|
|
|
|
|
|
|
2133
|
|
|
|
|
|
|
int |
2134
|
|
|
|
|
|
|
SSL_CTX_add_session(ctx,ses) |
2135
|
|
|
|
|
|
|
SSL_CTX * ctx |
2136
|
|
|
|
|
|
|
SSL_SESSION * ses |
2137
|
|
|
|
|
|
|
|
2138
|
|
|
|
|
|
|
int |
2139
|
|
|
|
|
|
|
SSL_CTX_remove_session(ctx,ses) |
2140
|
|
|
|
|
|
|
SSL_CTX * ctx |
2141
|
|
|
|
|
|
|
SSL_SESSION * ses |
2142
|
|
|
|
|
|
|
|
2143
|
|
|
|
|
|
|
void |
2144
|
|
|
|
|
|
|
SSL_CTX_flush_sessions(ctx,tm) |
2145
|
|
|
|
|
|
|
SSL_CTX * ctx |
2146
|
|
|
|
|
|
|
long tm |
2147
|
|
|
|
|
|
|
|
2148
|
|
|
|
|
|
|
int |
2149
|
|
|
|
|
|
|
SSL_CTX_set_default_verify_paths(ctx) |
2150
|
|
|
|
|
|
|
SSL_CTX * ctx |
2151
|
|
|
|
|
|
|
|
2152
|
|
|
|
|
|
|
int |
2153
|
|
|
|
|
|
|
SSL_CTX_load_verify_locations(ctx,CAfile,CApath) |
2154
|
|
|
|
|
|
|
SSL_CTX * ctx |
2155
|
|
|
|
|
|
|
char * CAfile |
2156
|
|
|
|
|
|
|
char * CApath |
2157
|
|
|
|
|
|
|
CODE: |
2158
|
21
|
50
|
|
|
|
|
RETVAL = SSL_CTX_load_verify_locations (ctx, |
|
|
50
|
|
|
|
|
|
2159
|
7
|
50
|
|
|
|
|
CAfile?(*CAfile?CAfile:NULL):NULL, |
2160
|
7
|
50
|
|
|
|
|
CApath?(*CApath?CApath:NULL):NULL |
2161
|
|
|
|
|
|
|
); |
2162
|
|
|
|
|
|
|
OUTPUT: |
2163
|
|
|
|
|
|
|
RETVAL |
2164
|
|
|
|
|
|
|
|
2165
|
|
|
|
|
|
|
void |
2166
|
|
|
|
|
|
|
SSL_CTX_set_verify(ctx,mode,callback=&PL_sv_undef) |
2167
|
|
|
|
|
|
|
SSL_CTX * ctx |
2168
|
|
|
|
|
|
|
int mode |
2169
|
|
|
|
|
|
|
SV * callback |
2170
|
|
|
|
|
|
|
CODE: |
2171
|
|
|
|
|
|
|
|
2172
|
|
|
|
|
|
|
/* Former versions of SSLeay checked if the callback was a true boolean value |
2173
|
|
|
|
|
|
|
* and didn't call it if it was false. Therefor some people set the callback |
2174
|
|
|
|
|
|
|
* to '0' if they don't want to use it (IO::Socket::SSL for example). Therefor |
2175
|
|
|
|
|
|
|
* we don't execute the callback if it's value isn't something true to retain |
2176
|
|
|
|
|
|
|
* backwards compatibility. |
2177
|
|
|
|
|
|
|
*/ |
2178
|
|
|
|
|
|
|
|
2179
|
1
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback) || !SvTRUE(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
2180
|
0
|
|
|
|
|
|
SSL_CTX_set_verify(ctx, mode, NULL); |
2181
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_verify_callback!!func", NULL); |
2182
|
|
|
|
|
|
|
} else { |
2183
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_verify_callback!!func", newSVsv(callback)); |
2184
|
1
|
|
|
|
|
|
SSL_CTX_set_verify(ctx, mode, &ssleay_verify_callback_invoke); |
2185
|
|
|
|
|
|
|
} |
2186
|
|
|
|
|
|
|
|
2187
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100001L && !defined(LIBRESSL_VERSION_NUMBER) |
2188
|
|
|
|
|
|
|
|
2189
|
|
|
|
|
|
|
void |
2190
|
|
|
|
|
|
|
SSL_CTX_set_security_level(SSL_CTX * ctx, int level) |
2191
|
|
|
|
|
|
|
|
2192
|
|
|
|
|
|
|
int |
2193
|
|
|
|
|
|
|
SSL_CTX_get_security_level(SSL_CTX * ctx) |
2194
|
|
|
|
|
|
|
|
2195
|
|
|
|
|
|
|
#endif |
2196
|
|
|
|
|
|
|
|
2197
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10101007L && !defined(LIBRESSL_VERSION_NUMBER) |
2198
|
|
|
|
|
|
|
|
2199
|
|
|
|
|
|
|
int |
2200
|
|
|
|
|
|
|
SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets) |
2201
|
|
|
|
|
|
|
|
2202
|
|
|
|
|
|
|
size_t |
2203
|
|
|
|
|
|
|
SSL_CTX_get_num_tickets(SSL_CTX *ctx) |
2204
|
|
|
|
|
|
|
|
2205
|
|
|
|
|
|
|
#endif |
2206
|
|
|
|
|
|
|
|
2207
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10101003L && !defined(LIBRESSL_VERSION_NUMBER) |
2208
|
|
|
|
|
|
|
|
2209
|
|
|
|
|
|
|
int |
2210
|
|
|
|
|
|
|
SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str) |
2211
|
|
|
|
|
|
|
|
2212
|
|
|
|
|
|
|
#endif |
2213
|
|
|
|
|
|
|
|
2214
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.1 */ |
2215
|
|
|
|
|
|
|
|
2216
|
|
|
|
|
|
|
void |
2217
|
|
|
|
|
|
|
SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val) |
2218
|
|
|
|
|
|
|
|
2219
|
|
|
|
|
|
|
#endif |
2220
|
|
|
|
|
|
|
|
2221
|
|
|
|
|
|
|
void |
2222
|
|
|
|
|
|
|
SSL_CTX_sess_set_new_cb(ctx, callback) |
2223
|
|
|
|
|
|
|
SSL_CTX * ctx |
2224
|
|
|
|
|
|
|
SV * callback |
2225
|
|
|
|
|
|
|
CODE: |
2226
|
6
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
2227
|
0
|
|
|
|
|
|
SSL_CTX_sess_set_new_cb(ctx, NULL); |
2228
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ssl_ctx_sess_new_cb!!func", NULL); |
2229
|
|
|
|
|
|
|
} |
2230
|
|
|
|
|
|
|
else { |
2231
|
6
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ssl_ctx_sess_new_cb!!func", newSVsv(callback)); |
2232
|
6
|
|
|
|
|
|
SSL_CTX_sess_set_new_cb(ctx, &ssleay_ssl_ctx_sess_new_cb_invoke); |
2233
|
|
|
|
|
|
|
} |
2234
|
|
|
|
|
|
|
|
2235
|
|
|
|
|
|
|
void |
2236
|
|
|
|
|
|
|
SSL_CTX_sess_set_remove_cb(ctx, callback) |
2237
|
|
|
|
|
|
|
SSL_CTX * ctx |
2238
|
|
|
|
|
|
|
SV * callback |
2239
|
|
|
|
|
|
|
CODE: |
2240
|
6
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
2241
|
0
|
|
|
|
|
|
SSL_CTX_sess_set_remove_cb(ctx, NULL); |
2242
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ssl_ctx_sess_remove_cb!!func", NULL); |
2243
|
|
|
|
|
|
|
} |
2244
|
|
|
|
|
|
|
else { |
2245
|
6
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ssl_ctx_sess_remove_cb!!func", newSVsv(callback)); |
2246
|
6
|
|
|
|
|
|
SSL_CTX_sess_set_remove_cb(ctx, &ssleay_ssl_ctx_sess_remove_cb_invoke); |
2247
|
|
|
|
|
|
|
} |
2248
|
|
|
|
|
|
|
|
2249
|
|
|
|
|
|
|
int |
2250
|
|
|
|
|
|
|
SSL_get_error(s,ret) |
2251
|
|
|
|
|
|
|
SSL * s |
2252
|
|
|
|
|
|
|
int ret |
2253
|
|
|
|
|
|
|
|
2254
|
|
|
|
|
|
|
#define REM10 "============= SSL functions ==============" |
2255
|
|
|
|
|
|
|
|
2256
|
|
|
|
|
|
|
SSL * |
2257
|
|
|
|
|
|
|
SSL_new(ctx) |
2258
|
|
|
|
|
|
|
SSL_CTX * ctx |
2259
|
|
|
|
|
|
|
|
2260
|
|
|
|
|
|
|
void |
2261
|
|
|
|
|
|
|
SSL_free(s) |
2262
|
|
|
|
|
|
|
SSL * s |
2263
|
|
|
|
|
|
|
CODE: |
2264
|
187
|
|
|
|
|
|
SSL_free(s); |
2265
|
187
|
|
|
|
|
|
cb_data_advanced_drop(s); /* clean callback related data from global hash */ |
2266
|
|
|
|
|
|
|
|
2267
|
|
|
|
|
|
|
#if 0 /* this seems to be gone in 0.9.0 */ |
2268
|
|
|
|
|
|
|
void |
2269
|
|
|
|
|
|
|
SSL_debug(file) |
2270
|
|
|
|
|
|
|
char * file |
2271
|
|
|
|
|
|
|
|
2272
|
|
|
|
|
|
|
#endif |
2273
|
|
|
|
|
|
|
|
2274
|
|
|
|
|
|
|
int |
2275
|
|
|
|
|
|
|
SSL_accept(s) |
2276
|
|
|
|
|
|
|
SSL * s |
2277
|
|
|
|
|
|
|
|
2278
|
|
|
|
|
|
|
void |
2279
|
|
|
|
|
|
|
SSL_clear(s) |
2280
|
|
|
|
|
|
|
SSL * s |
2281
|
|
|
|
|
|
|
|
2282
|
|
|
|
|
|
|
int |
2283
|
|
|
|
|
|
|
SSL_connect(s) |
2284
|
|
|
|
|
|
|
SSL * s |
2285
|
|
|
|
|
|
|
|
2286
|
|
|
|
|
|
|
|
2287
|
|
|
|
|
|
|
#if defined(WIN32) |
2288
|
|
|
|
|
|
|
|
2289
|
|
|
|
|
|
|
int |
2290
|
|
|
|
|
|
|
SSL_set_fd(s,fd) |
2291
|
|
|
|
|
|
|
SSL * s |
2292
|
|
|
|
|
|
|
perl_filehandle_t fd |
2293
|
|
|
|
|
|
|
CODE: |
2294
|
|
|
|
|
|
|
RETVAL = SSL_set_fd(s,_get_osfhandle(fd)); |
2295
|
|
|
|
|
|
|
OUTPUT: |
2296
|
|
|
|
|
|
|
RETVAL |
2297
|
|
|
|
|
|
|
|
2298
|
|
|
|
|
|
|
int |
2299
|
|
|
|
|
|
|
SSL_set_rfd(s,fd) |
2300
|
|
|
|
|
|
|
SSL * s |
2301
|
|
|
|
|
|
|
perl_filehandle_t fd |
2302
|
|
|
|
|
|
|
CODE: |
2303
|
|
|
|
|
|
|
RETVAL = SSL_set_rfd(s,_get_osfhandle(fd)); |
2304
|
|
|
|
|
|
|
OUTPUT: |
2305
|
|
|
|
|
|
|
RETVAL |
2306
|
|
|
|
|
|
|
|
2307
|
|
|
|
|
|
|
int |
2308
|
|
|
|
|
|
|
SSL_set_wfd(s,fd) |
2309
|
|
|
|
|
|
|
SSL * s |
2310
|
|
|
|
|
|
|
perl_filehandle_t fd |
2311
|
|
|
|
|
|
|
CODE: |
2312
|
|
|
|
|
|
|
RETVAL = SSL_set_wfd(s,_get_osfhandle(fd)); |
2313
|
|
|
|
|
|
|
OUTPUT: |
2314
|
|
|
|
|
|
|
RETVAL |
2315
|
|
|
|
|
|
|
|
2316
|
|
|
|
|
|
|
#else |
2317
|
|
|
|
|
|
|
|
2318
|
|
|
|
|
|
|
int |
2319
|
|
|
|
|
|
|
SSL_set_fd(s,fd) |
2320
|
|
|
|
|
|
|
SSL * s |
2321
|
|
|
|
|
|
|
perl_filehandle_t fd |
2322
|
|
|
|
|
|
|
|
2323
|
|
|
|
|
|
|
int |
2324
|
|
|
|
|
|
|
SSL_set_rfd(s,fd) |
2325
|
|
|
|
|
|
|
SSL * s |
2326
|
|
|
|
|
|
|
perl_filehandle_t fd |
2327
|
|
|
|
|
|
|
|
2328
|
|
|
|
|
|
|
int |
2329
|
|
|
|
|
|
|
SSL_set_wfd(s,fd) |
2330
|
|
|
|
|
|
|
SSL * s |
2331
|
|
|
|
|
|
|
perl_filehandle_t fd |
2332
|
|
|
|
|
|
|
|
2333
|
|
|
|
|
|
|
#endif |
2334
|
|
|
|
|
|
|
|
2335
|
|
|
|
|
|
|
int |
2336
|
|
|
|
|
|
|
SSL_get_fd(s) |
2337
|
|
|
|
|
|
|
SSL * s |
2338
|
|
|
|
|
|
|
|
2339
|
|
|
|
|
|
|
void |
2340
|
|
|
|
|
|
|
SSL_read(s,max=32768) |
2341
|
|
|
|
|
|
|
SSL * s |
2342
|
|
|
|
|
|
|
int max |
2343
|
|
|
|
|
|
|
PREINIT: |
2344
|
|
|
|
|
|
|
char *buf; |
2345
|
|
|
|
|
|
|
int got; |
2346
|
306
|
|
|
|
|
|
int succeeded = 1; |
2347
|
|
|
|
|
|
|
PPCODE: |
2348
|
306
|
|
|
|
|
|
New(0, buf, max, char); |
2349
|
|
|
|
|
|
|
|
2350
|
306
|
|
|
|
|
|
got = SSL_read(s, buf, max); |
2351
|
306
|
100
|
|
|
|
|
if (got <= 0 && SSL_ERROR_ZERO_RETURN != SSL_get_error(s, got)) |
|
|
100
|
|
|
|
|
|
2352
|
6
|
|
|
|
|
|
succeeded = 0; |
2353
|
|
|
|
|
|
|
|
2354
|
|
|
|
|
|
|
/* If in list context, return 2-item list: |
2355
|
|
|
|
|
|
|
* first return value: data gotten, or undef on error (got<0) |
2356
|
|
|
|
|
|
|
* second return value: result from SSL_read() |
2357
|
|
|
|
|
|
|
*/ |
2358
|
306
|
50
|
|
|
|
|
if (GIMME_V==G_ARRAY) { |
|
|
100
|
|
|
|
|
|
2359
|
286
|
50
|
|
|
|
|
EXTEND(SP, 2); |
2360
|
286
|
100
|
|
|
|
|
PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, got) : newSV(0))); |
2361
|
286
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(got))); |
2362
|
|
|
|
|
|
|
|
2363
|
|
|
|
|
|
|
/* If in scalar or void context, return data gotten, or undef on error. */ |
2364
|
|
|
|
|
|
|
} else { |
2365
|
20
|
50
|
|
|
|
|
EXTEND(SP, 1); |
2366
|
20
|
100
|
|
|
|
|
PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, got) : newSV(0))); |
2367
|
|
|
|
|
|
|
} |
2368
|
|
|
|
|
|
|
|
2369
|
306
|
|
|
|
|
|
Safefree(buf); |
2370
|
|
|
|
|
|
|
|
2371
|
|
|
|
|
|
|
void |
2372
|
|
|
|
|
|
|
SSL_peek(s,max=32768) |
2373
|
|
|
|
|
|
|
SSL * s |
2374
|
|
|
|
|
|
|
int max |
2375
|
|
|
|
|
|
|
PREINIT: |
2376
|
|
|
|
|
|
|
char *buf; |
2377
|
|
|
|
|
|
|
int got; |
2378
|
5
|
|
|
|
|
|
int succeeded = 1; |
2379
|
|
|
|
|
|
|
PPCODE: |
2380
|
5
|
|
|
|
|
|
New(0, buf, max, char); |
2381
|
|
|
|
|
|
|
|
2382
|
5
|
|
|
|
|
|
got = SSL_peek(s, buf, max); |
2383
|
5
|
100
|
|
|
|
|
if (got <= 0 && SSL_ERROR_ZERO_RETURN != SSL_get_error(s, got)) |
|
|
50
|
|
|
|
|
|
2384
|
2
|
|
|
|
|
|
succeeded = 0; |
2385
|
|
|
|
|
|
|
|
2386
|
|
|
|
|
|
|
/* If in list context, return 2-item list: |
2387
|
|
|
|
|
|
|
* first return value: data gotten, or undef on error (got<0) |
2388
|
|
|
|
|
|
|
* second return value: result from SSL_peek() |
2389
|
|
|
|
|
|
|
*/ |
2390
|
5
|
50
|
|
|
|
|
if (GIMME_V==G_ARRAY) { |
|
|
100
|
|
|
|
|
|
2391
|
2
|
50
|
|
|
|
|
EXTEND(SP, 2); |
2392
|
2
|
100
|
|
|
|
|
PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, got) : newSV(0))); |
2393
|
2
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(got))); |
2394
|
|
|
|
|
|
|
|
2395
|
|
|
|
|
|
|
/* If in scalar or void context, return data gotten, or undef on error. */ |
2396
|
|
|
|
|
|
|
} else { |
2397
|
3
|
50
|
|
|
|
|
EXTEND(SP, 1); |
2398
|
3
|
100
|
|
|
|
|
PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, got) : newSV(0))); |
2399
|
|
|
|
|
|
|
} |
2400
|
5
|
|
|
|
|
|
Safefree(buf); |
2401
|
|
|
|
|
|
|
|
2402
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.1 */ |
2403
|
|
|
|
|
|
|
|
2404
|
|
|
|
|
|
|
void |
2405
|
|
|
|
|
|
|
SSL_read_ex(s,max=32768) |
2406
|
|
|
|
|
|
|
SSL * s |
2407
|
|
|
|
|
|
|
int max |
2408
|
|
|
|
|
|
|
PREINIT: |
2409
|
|
|
|
|
|
|
char *buf; |
2410
|
|
|
|
|
|
|
size_t readbytes; |
2411
|
|
|
|
|
|
|
int succeeded; |
2412
|
|
|
|
|
|
|
PPCODE: |
2413
|
|
|
|
|
|
|
Newx(buf, max, char); |
2414
|
|
|
|
|
|
|
|
2415
|
|
|
|
|
|
|
succeeded = SSL_read_ex(s, buf, max, &readbytes); |
2416
|
|
|
|
|
|
|
|
2417
|
|
|
|
|
|
|
/* Return 2-item list: |
2418
|
|
|
|
|
|
|
* first return value: data gotten, or undef on error |
2419
|
|
|
|
|
|
|
* second return value: result from SSL_read_ex() |
2420
|
|
|
|
|
|
|
*/ |
2421
|
|
|
|
|
|
|
EXTEND(SP, 2); |
2422
|
|
|
|
|
|
|
PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, readbytes) : newSV(0))); |
2423
|
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(succeeded))); |
2424
|
|
|
|
|
|
|
|
2425
|
|
|
|
|
|
|
Safefree(buf); |
2426
|
|
|
|
|
|
|
|
2427
|
|
|
|
|
|
|
|
2428
|
|
|
|
|
|
|
void |
2429
|
|
|
|
|
|
|
SSL_peek_ex(s,max=32768) |
2430
|
|
|
|
|
|
|
SSL * s |
2431
|
|
|
|
|
|
|
int max |
2432
|
|
|
|
|
|
|
PREINIT: |
2433
|
|
|
|
|
|
|
char *buf; |
2434
|
|
|
|
|
|
|
size_t readbytes; |
2435
|
|
|
|
|
|
|
int succeeded; |
2436
|
|
|
|
|
|
|
PPCODE: |
2437
|
|
|
|
|
|
|
Newx(buf, max, char); |
2438
|
|
|
|
|
|
|
|
2439
|
|
|
|
|
|
|
succeeded = SSL_peek_ex(s, buf, max, &readbytes); |
2440
|
|
|
|
|
|
|
|
2441
|
|
|
|
|
|
|
/* Return 2-item list: |
2442
|
|
|
|
|
|
|
* first return value: data gotten, or undef on error |
2443
|
|
|
|
|
|
|
* second return value: result from SSL_peek_ex() |
2444
|
|
|
|
|
|
|
*/ |
2445
|
|
|
|
|
|
|
EXTEND(SP, 2); |
2446
|
|
|
|
|
|
|
PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, readbytes) : newSV(0))); |
2447
|
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(succeeded))); |
2448
|
|
|
|
|
|
|
|
2449
|
|
|
|
|
|
|
Safefree(buf); |
2450
|
|
|
|
|
|
|
|
2451
|
|
|
|
|
|
|
void |
2452
|
|
|
|
|
|
|
SSL_write_ex(s,buf) |
2453
|
|
|
|
|
|
|
SSL * s |
2454
|
|
|
|
|
|
|
PREINIT: |
2455
|
|
|
|
|
|
|
STRLEN len; |
2456
|
|
|
|
|
|
|
size_t written; |
2457
|
|
|
|
|
|
|
int succeeded; |
2458
|
|
|
|
|
|
|
INPUT: |
2459
|
|
|
|
|
|
|
char * buf = SvPV( ST(1), len); |
2460
|
|
|
|
|
|
|
PPCODE: |
2461
|
|
|
|
|
|
|
succeeded = SSL_write_ex(s, buf, len, &written); |
2462
|
|
|
|
|
|
|
|
2463
|
|
|
|
|
|
|
/* Return 2-item list: |
2464
|
|
|
|
|
|
|
* first return value: data gotten, or undef on error |
2465
|
|
|
|
|
|
|
* second return value: result from SSL_read_ex() |
2466
|
|
|
|
|
|
|
*/ |
2467
|
|
|
|
|
|
|
EXTEND(SP, 2); |
2468
|
|
|
|
|
|
|
PUSHs(sv_2mortal(newSVuv(written))); |
2469
|
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(succeeded))); |
2470
|
|
|
|
|
|
|
|
2471
|
|
|
|
|
|
|
#endif |
2472
|
|
|
|
|
|
|
|
2473
|
|
|
|
|
|
|
int |
2474
|
|
|
|
|
|
|
SSL_write(s,buf) |
2475
|
|
|
|
|
|
|
SSL * s |
2476
|
|
|
|
|
|
|
PREINIT: |
2477
|
|
|
|
|
|
|
STRLEN len; |
2478
|
|
|
|
|
|
|
INPUT: |
2479
|
|
|
|
|
|
|
char * buf = SvPV( ST(1), len); |
2480
|
|
|
|
|
|
|
CODE: |
2481
|
20
|
|
|
|
|
|
RETVAL = SSL_write (s, buf, (int)len); |
2482
|
|
|
|
|
|
|
OUTPUT: |
2483
|
|
|
|
|
|
|
RETVAL |
2484
|
|
|
|
|
|
|
|
2485
|
|
|
|
|
|
|
int |
2486
|
|
|
|
|
|
|
SSL_write_partial(s,from,count,buf) |
2487
|
|
|
|
|
|
|
SSL * s |
2488
|
|
|
|
|
|
|
int from |
2489
|
|
|
|
|
|
|
int count |
2490
|
|
|
|
|
|
|
PREINIT: |
2491
|
|
|
|
|
|
|
STRLEN ulen; |
2492
|
|
|
|
|
|
|
IV len; |
2493
|
|
|
|
|
|
|
INPUT: |
2494
|
|
|
|
|
|
|
char * buf = SvPV( ST(3), ulen); |
2495
|
|
|
|
|
|
|
CODE: |
2496
|
|
|
|
|
|
|
/* |
2497
|
|
|
|
|
|
|
if (SvROK( ST(3) )) { |
2498
|
|
|
|
|
|
|
SV* t = SvRV( ST(3) ); |
2499
|
|
|
|
|
|
|
buf = SvPV( t, len); |
2500
|
|
|
|
|
|
|
} else |
2501
|
|
|
|
|
|
|
buf = SvPV( ST(3), len); |
2502
|
|
|
|
|
|
|
*/ |
2503
|
|
|
|
|
|
|
PR4("write_partial from=%d count=%d len=%lu\n",from,count,ulen); |
2504
|
|
|
|
|
|
|
/*PR2("buf='%s'\n",&buf[from]); / * too noisy */ |
2505
|
22
|
|
|
|
|
|
len = (IV)ulen; |
2506
|
22
|
|
|
|
|
|
len -= from; |
2507
|
22
|
50
|
|
|
|
|
if (len < 0) { |
2508
|
0
|
|
|
|
|
|
croak("from beyound end of buffer"); |
2509
|
|
|
|
|
|
|
RETVAL = -1; |
2510
|
|
|
|
|
|
|
} else |
2511
|
22
|
|
|
|
|
|
RETVAL = SSL_write (s, &(buf[from]), (count<=len)?count:len); |
2512
|
|
|
|
|
|
|
OUTPUT: |
2513
|
|
|
|
|
|
|
RETVAL |
2514
|
|
|
|
|
|
|
|
2515
|
|
|
|
|
|
|
int |
2516
|
|
|
|
|
|
|
SSL_use_RSAPrivateKey(s,rsa) |
2517
|
|
|
|
|
|
|
SSL * s |
2518
|
|
|
|
|
|
|
RSA * rsa |
2519
|
|
|
|
|
|
|
|
2520
|
|
|
|
|
|
|
int |
2521
|
|
|
|
|
|
|
SSL_use_RSAPrivateKey_ASN1(s,d,len) |
2522
|
|
|
|
|
|
|
SSL * s |
2523
|
|
|
|
|
|
|
unsigned char * d |
2524
|
|
|
|
|
|
|
long len |
2525
|
|
|
|
|
|
|
|
2526
|
|
|
|
|
|
|
int |
2527
|
|
|
|
|
|
|
SSL_use_RSAPrivateKey_file(s,file,type) |
2528
|
|
|
|
|
|
|
SSL * s |
2529
|
|
|
|
|
|
|
char * file |
2530
|
|
|
|
|
|
|
int type |
2531
|
|
|
|
|
|
|
|
2532
|
|
|
|
|
|
|
int |
2533
|
|
|
|
|
|
|
SSL_CTX_use_RSAPrivateKey_file(ctx,file,type) |
2534
|
|
|
|
|
|
|
SSL_CTX * ctx |
2535
|
|
|
|
|
|
|
char * file |
2536
|
|
|
|
|
|
|
int type |
2537
|
|
|
|
|
|
|
|
2538
|
|
|
|
|
|
|
int |
2539
|
|
|
|
|
|
|
SSL_use_PrivateKey(s,pkey) |
2540
|
|
|
|
|
|
|
SSL * s |
2541
|
|
|
|
|
|
|
EVP_PKEY * pkey |
2542
|
|
|
|
|
|
|
|
2543
|
|
|
|
|
|
|
int |
2544
|
|
|
|
|
|
|
SSL_use_PrivateKey_ASN1(pk,s,d,len) |
2545
|
|
|
|
|
|
|
int pk |
2546
|
|
|
|
|
|
|
SSL * s |
2547
|
|
|
|
|
|
|
unsigned char * d |
2548
|
|
|
|
|
|
|
long len |
2549
|
|
|
|
|
|
|
|
2550
|
|
|
|
|
|
|
int |
2551
|
|
|
|
|
|
|
SSL_use_PrivateKey_file(s,file,type) |
2552
|
|
|
|
|
|
|
SSL * s |
2553
|
|
|
|
|
|
|
char * file |
2554
|
|
|
|
|
|
|
int type |
2555
|
|
|
|
|
|
|
|
2556
|
|
|
|
|
|
|
int |
2557
|
|
|
|
|
|
|
SSL_CTX_use_PrivateKey_file(ctx,file,type) |
2558
|
|
|
|
|
|
|
SSL_CTX * ctx |
2559
|
|
|
|
|
|
|
char * file |
2560
|
|
|
|
|
|
|
int type |
2561
|
|
|
|
|
|
|
|
2562
|
|
|
|
|
|
|
int |
2563
|
|
|
|
|
|
|
SSL_use_certificate(s,x) |
2564
|
|
|
|
|
|
|
SSL * s |
2565
|
|
|
|
|
|
|
X509 * x |
2566
|
|
|
|
|
|
|
|
2567
|
|
|
|
|
|
|
int |
2568
|
|
|
|
|
|
|
SSL_use_certificate_ASN1(s,d,len) |
2569
|
|
|
|
|
|
|
SSL * s |
2570
|
|
|
|
|
|
|
unsigned char * d |
2571
|
|
|
|
|
|
|
long len |
2572
|
|
|
|
|
|
|
|
2573
|
|
|
|
|
|
|
int |
2574
|
|
|
|
|
|
|
SSL_use_certificate_file(s,file,type) |
2575
|
|
|
|
|
|
|
SSL * s |
2576
|
|
|
|
|
|
|
char * file |
2577
|
|
|
|
|
|
|
int type |
2578
|
|
|
|
|
|
|
|
2579
|
|
|
|
|
|
|
int |
2580
|
|
|
|
|
|
|
SSL_CTX_use_certificate_file(ctx,file,type) |
2581
|
|
|
|
|
|
|
SSL_CTX * ctx |
2582
|
|
|
|
|
|
|
char * file |
2583
|
|
|
|
|
|
|
int type |
2584
|
|
|
|
|
|
|
|
2585
|
|
|
|
|
|
|
const char * |
2586
|
|
|
|
|
|
|
SSL_state_string(s) |
2587
|
|
|
|
|
|
|
SSL * s |
2588
|
|
|
|
|
|
|
|
2589
|
|
|
|
|
|
|
const char * |
2590
|
|
|
|
|
|
|
SSL_rstate_string(s) |
2591
|
|
|
|
|
|
|
SSL * s |
2592
|
|
|
|
|
|
|
|
2593
|
|
|
|
|
|
|
const char * |
2594
|
|
|
|
|
|
|
SSL_state_string_long(s) |
2595
|
|
|
|
|
|
|
SSL * s |
2596
|
|
|
|
|
|
|
|
2597
|
|
|
|
|
|
|
const char * |
2598
|
|
|
|
|
|
|
SSL_rstate_string_long(s) |
2599
|
|
|
|
|
|
|
SSL * s |
2600
|
|
|
|
|
|
|
|
2601
|
|
|
|
|
|
|
|
2602
|
|
|
|
|
|
|
long |
2603
|
|
|
|
|
|
|
SSL_get_time(ses) |
2604
|
|
|
|
|
|
|
SSL_SESSION * ses |
2605
|
|
|
|
|
|
|
|
2606
|
|
|
|
|
|
|
long |
2607
|
|
|
|
|
|
|
SSL_set_time(ses,t) |
2608
|
|
|
|
|
|
|
SSL_SESSION * ses |
2609
|
|
|
|
|
|
|
long t |
2610
|
|
|
|
|
|
|
|
2611
|
|
|
|
|
|
|
long |
2612
|
|
|
|
|
|
|
SSL_get_timeout(ses) |
2613
|
|
|
|
|
|
|
SSL_SESSION * ses |
2614
|
|
|
|
|
|
|
|
2615
|
|
|
|
|
|
|
long |
2616
|
|
|
|
|
|
|
SSL_set_timeout(ses,t) |
2617
|
|
|
|
|
|
|
SSL_SESSION * ses |
2618
|
|
|
|
|
|
|
long t |
2619
|
|
|
|
|
|
|
|
2620
|
|
|
|
|
|
|
void |
2621
|
|
|
|
|
|
|
SSL_copy_session_id(to,from) |
2622
|
|
|
|
|
|
|
SSL * to |
2623
|
|
|
|
|
|
|
SSL * from |
2624
|
|
|
|
|
|
|
|
2625
|
|
|
|
|
|
|
void |
2626
|
|
|
|
|
|
|
SSL_set_read_ahead(s,yes=1) |
2627
|
|
|
|
|
|
|
SSL * s |
2628
|
|
|
|
|
|
|
int yes |
2629
|
|
|
|
|
|
|
|
2630
|
|
|
|
|
|
|
int |
2631
|
|
|
|
|
|
|
SSL_get_read_ahead(s) |
2632
|
|
|
|
|
|
|
SSL * s |
2633
|
|
|
|
|
|
|
|
2634
|
|
|
|
|
|
|
int |
2635
|
|
|
|
|
|
|
SSL_pending(s) |
2636
|
|
|
|
|
|
|
SSL * s |
2637
|
|
|
|
|
|
|
|
2638
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x1010000fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.0 */ |
2639
|
|
|
|
|
|
|
|
2640
|
|
|
|
|
|
|
int |
2641
|
|
|
|
|
|
|
SSL_has_pending(s) |
2642
|
|
|
|
|
|
|
SSL * s |
2643
|
|
|
|
|
|
|
|
2644
|
|
|
|
|
|
|
#endif |
2645
|
|
|
|
|
|
|
|
2646
|
|
|
|
|
|
|
int |
2647
|
|
|
|
|
|
|
SSL_CTX_set_cipher_list(s,str) |
2648
|
|
|
|
|
|
|
SSL_CTX * s |
2649
|
|
|
|
|
|
|
char * str |
2650
|
|
|
|
|
|
|
|
2651
|
|
|
|
|
|
|
void |
2652
|
|
|
|
|
|
|
SSL_get_ciphers(s) |
2653
|
|
|
|
|
|
|
SSL * s |
2654
|
|
|
|
|
|
|
PREINIT: |
2655
|
4
|
|
|
|
|
|
STACK_OF(SSL_CIPHER) *sk = NULL; |
2656
|
|
|
|
|
|
|
const SSL_CIPHER *c; |
2657
|
|
|
|
|
|
|
int i; |
2658
|
|
|
|
|
|
|
PPCODE: |
2659
|
4
|
|
|
|
|
|
sk = SSL_get_ciphers(s); |
2660
|
4
|
100
|
|
|
|
|
if( sk == NULL ) { |
2661
|
2
|
|
|
|
|
|
XSRETURN_EMPTY; |
2662
|
|
|
|
|
|
|
} |
2663
|
196
|
100
|
|
|
|
|
for (i=0; i
|
2664
|
194
|
|
|
|
|
|
c = sk_SSL_CIPHER_value(sk, i); |
2665
|
194
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(c)))); |
2666
|
|
|
|
|
|
|
} |
2667
|
|
|
|
|
|
|
|
2668
|
|
|
|
|
|
|
const char * |
2669
|
|
|
|
|
|
|
SSL_get_cipher_list(s,n) |
2670
|
|
|
|
|
|
|
SSL * s |
2671
|
|
|
|
|
|
|
int n |
2672
|
|
|
|
|
|
|
|
2673
|
|
|
|
|
|
|
int |
2674
|
|
|
|
|
|
|
SSL_set_cipher_list(s,str) |
2675
|
|
|
|
|
|
|
SSL * s |
2676
|
|
|
|
|
|
|
char * str |
2677
|
|
|
|
|
|
|
|
2678
|
|
|
|
|
|
|
const char * |
2679
|
|
|
|
|
|
|
SSL_get_cipher(s) |
2680
|
|
|
|
|
|
|
SSL * s |
2681
|
|
|
|
|
|
|
|
2682
|
|
|
|
|
|
|
void |
2683
|
|
|
|
|
|
|
SSL_get_shared_ciphers(s,ignored_param1=0,ignored_param2=0) |
2684
|
|
|
|
|
|
|
SSL *s |
2685
|
|
|
|
|
|
|
int ignored_param1 |
2686
|
|
|
|
|
|
|
int ignored_param2 |
2687
|
|
|
|
|
|
|
PREINIT: |
2688
|
|
|
|
|
|
|
char buf[8192]; |
2689
|
|
|
|
|
|
|
CODE: |
2690
|
7
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* undef to start with */ |
2691
|
7
|
50
|
|
|
|
|
if(SSL_get_shared_ciphers(s, buf, sizeof(buf))) |
2692
|
7
|
|
|
|
|
|
sv_setpvn(ST(0), buf, strlen(buf)); |
2693
|
|
|
|
|
|
|
|
2694
|
|
|
|
|
|
|
X509 * |
2695
|
|
|
|
|
|
|
SSL_get_peer_certificate(s) |
2696
|
|
|
|
|
|
|
SSL * s |
2697
|
|
|
|
|
|
|
|
2698
|
|
|
|
|
|
|
void |
2699
|
|
|
|
|
|
|
SSL_get_peer_cert_chain(s) |
2700
|
|
|
|
|
|
|
SSL * s |
2701
|
|
|
|
|
|
|
PREINIT: |
2702
|
0
|
|
|
|
|
|
STACK_OF(X509) *chain = NULL; |
2703
|
|
|
|
|
|
|
X509 *x; |
2704
|
|
|
|
|
|
|
int i; |
2705
|
|
|
|
|
|
|
PPCODE: |
2706
|
0
|
|
|
|
|
|
chain = SSL_get_peer_cert_chain(s); |
2707
|
0
|
0
|
|
|
|
|
if( chain == NULL ) { |
2708
|
0
|
|
|
|
|
|
XSRETURN_EMPTY; |
2709
|
|
|
|
|
|
|
} |
2710
|
0
|
0
|
|
|
|
|
for (i=0; i
|
2711
|
0
|
|
|
|
|
|
x = sk_X509_value(chain, i); |
2712
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(x)))); |
2713
|
|
|
|
|
|
|
} |
2714
|
|
|
|
|
|
|
|
2715
|
|
|
|
|
|
|
void |
2716
|
|
|
|
|
|
|
SSL_set_verify(s,mode,callback) |
2717
|
|
|
|
|
|
|
SSL * s |
2718
|
|
|
|
|
|
|
int mode |
2719
|
|
|
|
|
|
|
SV * callback |
2720
|
|
|
|
|
|
|
CODE: |
2721
|
7
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
2722
|
0
|
|
|
|
|
|
SSL_set_verify(s, mode, NULL); |
2723
|
0
|
|
|
|
|
|
cb_data_advanced_put(s, "ssleay_verify_callback!!func", NULL); |
2724
|
|
|
|
|
|
|
} |
2725
|
|
|
|
|
|
|
else { |
2726
|
7
|
|
|
|
|
|
cb_data_advanced_put(s, "ssleay_verify_callback!!func", newSVsv(callback)); |
2727
|
7
|
|
|
|
|
|
SSL_set_verify(s, mode, &ssleay_verify_callback_invoke); |
2728
|
|
|
|
|
|
|
} |
2729
|
|
|
|
|
|
|
|
2730
|
|
|
|
|
|
|
void |
2731
|
|
|
|
|
|
|
SSL_set_bio(s,rbio,wbio) |
2732
|
|
|
|
|
|
|
SSL * s |
2733
|
|
|
|
|
|
|
BIO * rbio |
2734
|
|
|
|
|
|
|
BIO * wbio |
2735
|
|
|
|
|
|
|
|
2736
|
|
|
|
|
|
|
BIO * |
2737
|
|
|
|
|
|
|
SSL_get_rbio(s) |
2738
|
|
|
|
|
|
|
SSL * s |
2739
|
|
|
|
|
|
|
|
2740
|
|
|
|
|
|
|
BIO * |
2741
|
|
|
|
|
|
|
SSL_get_wbio(s) |
2742
|
|
|
|
|
|
|
SSL * s |
2743
|
|
|
|
|
|
|
|
2744
|
|
|
|
|
|
|
|
2745
|
|
|
|
|
|
|
SSL_SESSION * |
2746
|
|
|
|
|
|
|
SSL_SESSION_new() |
2747
|
|
|
|
|
|
|
|
2748
|
|
|
|
|
|
|
int |
2749
|
|
|
|
|
|
|
SSL_SESSION_print(fp,ses) |
2750
|
|
|
|
|
|
|
BIO * fp |
2751
|
|
|
|
|
|
|
SSL_SESSION * ses |
2752
|
|
|
|
|
|
|
|
2753
|
|
|
|
|
|
|
void |
2754
|
|
|
|
|
|
|
SSL_SESSION_free(ses) |
2755
|
|
|
|
|
|
|
SSL_SESSION * ses |
2756
|
|
|
|
|
|
|
|
2757
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10101001L && !defined(LIBRESSL_VERSION_NUMBER) |
2758
|
|
|
|
|
|
|
|
2759
|
|
|
|
|
|
|
int |
2760
|
|
|
|
|
|
|
SSL_SESSION_is_resumable(ses) |
2761
|
|
|
|
|
|
|
SSL_SESSION * ses |
2762
|
|
|
|
|
|
|
|
2763
|
|
|
|
|
|
|
SSL_SESSION * |
2764
|
|
|
|
|
|
|
SSL_SESSION_dup(sess) |
2765
|
|
|
|
|
|
|
SSL_SESSION * sess |
2766
|
|
|
|
|
|
|
|
2767
|
|
|
|
|
|
|
#endif |
2768
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.1 */ |
2769
|
|
|
|
|
|
|
|
2770
|
|
|
|
|
|
|
void |
2771
|
|
|
|
|
|
|
SSL_set_post_handshake_auth(SSL *ssl, int val) |
2772
|
|
|
|
|
|
|
|
2773
|
|
|
|
|
|
|
int |
2774
|
|
|
|
|
|
|
SSL_verify_client_post_handshake(SSL *ssl) |
2775
|
|
|
|
|
|
|
|
2776
|
|
|
|
|
|
|
#endif |
2777
|
|
|
|
|
|
|
|
2778
|
|
|
|
|
|
|
void |
2779
|
|
|
|
|
|
|
i2d_SSL_SESSION(sess) |
2780
|
|
|
|
|
|
|
SSL_SESSION * sess |
2781
|
|
|
|
|
|
|
PPCODE: |
2782
|
|
|
|
|
|
|
STRLEN len; |
2783
|
|
|
|
|
|
|
unsigned char *pc,*pi; |
2784
|
3
|
50
|
|
|
|
|
if (!(len = i2d_SSL_SESSION(sess,NULL))) croak("invalid SSL_SESSION"); |
2785
|
3
|
|
|
|
|
|
Newx(pc,len,unsigned char); |
2786
|
3
|
50
|
|
|
|
|
if (!pc) croak("out of memory"); |
2787
|
3
|
|
|
|
|
|
pi = pc; |
2788
|
3
|
|
|
|
|
|
i2d_SSL_SESSION(sess,&pi); |
2789
|
3
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((char*)pc,len))); |
2790
|
3
|
|
|
|
|
|
Safefree(pc); |
2791
|
|
|
|
|
|
|
|
2792
|
|
|
|
|
|
|
|
2793
|
|
|
|
|
|
|
SSL_SESSION * |
2794
|
|
|
|
|
|
|
d2i_SSL_SESSION(pv) |
2795
|
|
|
|
|
|
|
SV *pv |
2796
|
|
|
|
|
|
|
CODE: |
2797
|
7
|
|
|
|
|
|
RETVAL = NULL; |
2798
|
7
|
50
|
|
|
|
|
if (SvPOK(pv)) { |
2799
|
|
|
|
|
|
|
const unsigned char *p; |
2800
|
|
|
|
|
|
|
STRLEN len; |
2801
|
7
|
50
|
|
|
|
|
p = (unsigned char*)SvPV(pv,len); |
2802
|
7
|
|
|
|
|
|
RETVAL = d2i_SSL_SESSION(NULL,&p,len); |
2803
|
|
|
|
|
|
|
} |
2804
|
|
|
|
|
|
|
OUTPUT: |
2805
|
|
|
|
|
|
|
RETVAL |
2806
|
|
|
|
|
|
|
|
2807
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100004L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
2808
|
|
|
|
|
|
|
|
2809
|
|
|
|
|
|
|
int |
2810
|
|
|
|
|
|
|
SSL_SESSION_up_ref(sess) |
2811
|
|
|
|
|
|
|
SSL_SESSION * sess |
2812
|
|
|
|
|
|
|
|
2813
|
|
|
|
|
|
|
#endif |
2814
|
|
|
|
|
|
|
|
2815
|
|
|
|
|
|
|
int |
2816
|
|
|
|
|
|
|
SSL_set_session(to,ses) |
2817
|
|
|
|
|
|
|
SSL * to |
2818
|
|
|
|
|
|
|
SSL_SESSION * ses |
2819
|
|
|
|
|
|
|
|
2820
|
|
|
|
|
|
|
#define REM30 "SSLeay-0.9.0 defines these as macros. I expand them here for safety's sake" |
2821
|
|
|
|
|
|
|
|
2822
|
|
|
|
|
|
|
SSL_SESSION * |
2823
|
|
|
|
|
|
|
SSL_get_session(s) |
2824
|
|
|
|
|
|
|
SSL * s |
2825
|
|
|
|
|
|
|
ALIAS: |
2826
|
|
|
|
|
|
|
SSL_get0_session = 1 |
2827
|
|
|
|
|
|
|
|
2828
|
|
|
|
|
|
|
SSL_SESSION * |
2829
|
|
|
|
|
|
|
SSL_get1_session(s) |
2830
|
|
|
|
|
|
|
SSL * s |
2831
|
|
|
|
|
|
|
|
2832
|
|
|
|
|
|
|
X509 * |
2833
|
|
|
|
|
|
|
SSL_get_certificate(s) |
2834
|
|
|
|
|
|
|
SSL * s |
2835
|
|
|
|
|
|
|
|
2836
|
|
|
|
|
|
|
SSL_CTX * |
2837
|
|
|
|
|
|
|
SSL_get_SSL_CTX(s) |
2838
|
|
|
|
|
|
|
SSL * s |
2839
|
|
|
|
|
|
|
|
2840
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL |
2841
|
|
|
|
|
|
|
|
2842
|
|
|
|
|
|
|
SSL_CTX * |
2843
|
|
|
|
|
|
|
SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx) |
2844
|
|
|
|
|
|
|
|
2845
|
|
|
|
|
|
|
#endif |
2846
|
|
|
|
|
|
|
|
2847
|
|
|
|
|
|
|
long |
2848
|
|
|
|
|
|
|
SSL_ctrl(ssl,cmd,larg,parg) |
2849
|
|
|
|
|
|
|
SSL * ssl |
2850
|
|
|
|
|
|
|
int cmd |
2851
|
|
|
|
|
|
|
long larg |
2852
|
|
|
|
|
|
|
char * parg |
2853
|
|
|
|
|
|
|
|
2854
|
|
|
|
|
|
|
long |
2855
|
|
|
|
|
|
|
SSL_CTX_ctrl(ctx,cmd,larg,parg) |
2856
|
|
|
|
|
|
|
SSL_CTX * ctx |
2857
|
|
|
|
|
|
|
int cmd |
2858
|
|
|
|
|
|
|
long larg |
2859
|
|
|
|
|
|
|
char * parg |
2860
|
|
|
|
|
|
|
|
2861
|
|
|
|
|
|
|
#ifdef NET_SSLEAY_32BIT_CONSTANTS |
2862
|
|
|
|
|
|
|
|
2863
|
|
|
|
|
|
|
long |
2864
|
|
|
|
|
|
|
SSL_get_options(ssl) |
2865
|
|
|
|
|
|
|
SSL * ssl |
2866
|
|
|
|
|
|
|
|
2867
|
|
|
|
|
|
|
long |
2868
|
|
|
|
|
|
|
SSL_set_options(ssl,op) |
2869
|
|
|
|
|
|
|
SSL * ssl |
2870
|
|
|
|
|
|
|
long op |
2871
|
|
|
|
|
|
|
|
2872
|
|
|
|
|
|
|
long |
2873
|
|
|
|
|
|
|
SSL_CTX_get_options(ctx) |
2874
|
|
|
|
|
|
|
SSL_CTX * ctx |
2875
|
|
|
|
|
|
|
|
2876
|
|
|
|
|
|
|
long |
2877
|
|
|
|
|
|
|
SSL_CTX_set_options(ctx,op) |
2878
|
|
|
|
|
|
|
SSL_CTX * ctx |
2879
|
|
|
|
|
|
|
long op |
2880
|
|
|
|
|
|
|
|
2881
|
|
|
|
|
|
|
#else |
2882
|
|
|
|
|
|
|
|
2883
|
|
|
|
|
|
|
uint64_t |
2884
|
|
|
|
|
|
|
SSL_get_options(ssl) |
2885
|
|
|
|
|
|
|
SSL * ssl |
2886
|
|
|
|
|
|
|
|
2887
|
|
|
|
|
|
|
uint64_t |
2888
|
|
|
|
|
|
|
SSL_set_options(ssl,op) |
2889
|
|
|
|
|
|
|
SSL * ssl |
2890
|
|
|
|
|
|
|
uint64_t op |
2891
|
|
|
|
|
|
|
|
2892
|
|
|
|
|
|
|
uint64_t |
2893
|
|
|
|
|
|
|
SSL_CTX_get_options(ctx) |
2894
|
|
|
|
|
|
|
SSL_CTX * ctx |
2895
|
|
|
|
|
|
|
|
2896
|
|
|
|
|
|
|
uint64_t |
2897
|
|
|
|
|
|
|
SSL_CTX_set_options(ctx,op) |
2898
|
|
|
|
|
|
|
SSL_CTX * ctx |
2899
|
|
|
|
|
|
|
uint64_t op |
2900
|
|
|
|
|
|
|
|
2901
|
|
|
|
|
|
|
#endif |
2902
|
|
|
|
|
|
|
|
2903
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10000000L |
2904
|
|
|
|
|
|
|
|
2905
|
|
|
|
|
|
|
struct lhash_st_SSL_SESSION * |
2906
|
|
|
|
|
|
|
SSL_CTX_sessions(ctx) |
2907
|
|
|
|
|
|
|
SSL_CTX * ctx |
2908
|
|
|
|
|
|
|
|
2909
|
|
|
|
|
|
|
#else |
2910
|
|
|
|
|
|
|
|
2911
|
|
|
|
|
|
|
LHASH * |
2912
|
|
|
|
|
|
|
SSL_CTX_sessions(ctx) |
2913
|
|
|
|
|
|
|
SSL_CTX * ctx |
2914
|
|
|
|
|
|
|
CODE: |
2915
|
|
|
|
|
|
|
/* NOTE: This should be deprecated. Corresponding macro was removed from ssl.h as of 0.9.2 */ |
2916
|
|
|
|
|
|
|
if (ctx == NULL) croak("NULL SSL context passed as argument."); |
2917
|
|
|
|
|
|
|
RETVAL = ctx -> sessions; |
2918
|
|
|
|
|
|
|
OUTPUT: |
2919
|
|
|
|
|
|
|
RETVAL |
2920
|
|
|
|
|
|
|
|
2921
|
|
|
|
|
|
|
#endif |
2922
|
|
|
|
|
|
|
|
2923
|
|
|
|
|
|
|
unsigned long |
2924
|
|
|
|
|
|
|
SSL_CTX_sess_number(ctx) |
2925
|
|
|
|
|
|
|
SSL_CTX * ctx |
2926
|
|
|
|
|
|
|
|
2927
|
|
|
|
|
|
|
int |
2928
|
|
|
|
|
|
|
SSL_CTX_sess_connect(ctx) |
2929
|
|
|
|
|
|
|
SSL_CTX * ctx |
2930
|
|
|
|
|
|
|
|
2931
|
|
|
|
|
|
|
int |
2932
|
|
|
|
|
|
|
SSL_CTX_sess_connect_good(ctx) |
2933
|
|
|
|
|
|
|
SSL_CTX * ctx |
2934
|
|
|
|
|
|
|
|
2935
|
|
|
|
|
|
|
int |
2936
|
|
|
|
|
|
|
SSL_CTX_sess_connect_renegotiate(ctx) |
2937
|
|
|
|
|
|
|
SSL_CTX * ctx |
2938
|
|
|
|
|
|
|
|
2939
|
|
|
|
|
|
|
int |
2940
|
|
|
|
|
|
|
SSL_CTX_sess_accept(ctx) |
2941
|
|
|
|
|
|
|
SSL_CTX * ctx |
2942
|
|
|
|
|
|
|
|
2943
|
|
|
|
|
|
|
int |
2944
|
|
|
|
|
|
|
SSL_CTX_sess_accept_renegotiate(ctx) |
2945
|
|
|
|
|
|
|
SSL_CTX * ctx |
2946
|
|
|
|
|
|
|
|
2947
|
|
|
|
|
|
|
int |
2948
|
|
|
|
|
|
|
SSL_CTX_sess_accept_good(ctx) |
2949
|
|
|
|
|
|
|
SSL_CTX * ctx |
2950
|
|
|
|
|
|
|
|
2951
|
|
|
|
|
|
|
int |
2952
|
|
|
|
|
|
|
SSL_CTX_sess_hits(ctx) |
2953
|
|
|
|
|
|
|
SSL_CTX * ctx |
2954
|
|
|
|
|
|
|
|
2955
|
|
|
|
|
|
|
int |
2956
|
|
|
|
|
|
|
SSL_CTX_sess_cb_hits(ctx) |
2957
|
|
|
|
|
|
|
SSL_CTX * ctx |
2958
|
|
|
|
|
|
|
|
2959
|
|
|
|
|
|
|
int |
2960
|
|
|
|
|
|
|
SSL_CTX_sess_misses(ctx) |
2961
|
|
|
|
|
|
|
SSL_CTX * ctx |
2962
|
|
|
|
|
|
|
|
2963
|
|
|
|
|
|
|
int |
2964
|
|
|
|
|
|
|
SSL_CTX_sess_timeouts(ctx) |
2965
|
|
|
|
|
|
|
SSL_CTX * ctx |
2966
|
|
|
|
|
|
|
|
2967
|
|
|
|
|
|
|
int |
2968
|
|
|
|
|
|
|
SSL_CTX_sess_cache_full(ctx) |
2969
|
|
|
|
|
|
|
SSL_CTX * ctx |
2970
|
|
|
|
|
|
|
|
2971
|
|
|
|
|
|
|
int |
2972
|
|
|
|
|
|
|
SSL_CTX_sess_get_cache_size(ctx) |
2973
|
|
|
|
|
|
|
SSL_CTX * ctx |
2974
|
|
|
|
|
|
|
|
2975
|
|
|
|
|
|
|
long |
2976
|
|
|
|
|
|
|
SSL_CTX_sess_set_cache_size(ctx,size) |
2977
|
|
|
|
|
|
|
SSL_CTX * ctx |
2978
|
|
|
|
|
|
|
int size |
2979
|
|
|
|
|
|
|
|
2980
|
|
|
|
|
|
|
int |
2981
|
|
|
|
|
|
|
SSL_want(s) |
2982
|
|
|
|
|
|
|
SSL * s |
2983
|
|
|
|
|
|
|
|
2984
|
|
|
|
|
|
|
# OpenSSL 1.1.1 documents SSL_in_init and the related functions as |
2985
|
|
|
|
|
|
|
# returning 0 or 1. However, older versions and e.g. LibreSSL may |
2986
|
|
|
|
|
|
|
# return other values than 1 which we fold to 1. |
2987
|
|
|
|
|
|
|
int |
2988
|
|
|
|
|
|
|
SSL_in_before(s) |
2989
|
|
|
|
|
|
|
SSL * s |
2990
|
|
|
|
|
|
|
CODE: |
2991
|
7
|
|
|
|
|
|
RETVAL = SSL_in_before(s) == 0 ? 0 : 1; |
2992
|
|
|
|
|
|
|
OUTPUT: |
2993
|
|
|
|
|
|
|
RETVAL |
2994
|
|
|
|
|
|
|
|
2995
|
|
|
|
|
|
|
int |
2996
|
|
|
|
|
|
|
SSL_is_init_finished(s) |
2997
|
|
|
|
|
|
|
SSL * s |
2998
|
|
|
|
|
|
|
CODE: |
2999
|
7
|
|
|
|
|
|
RETVAL = SSL_is_init_finished(s) == 0 ? 0 : 1; |
3000
|
|
|
|
|
|
|
OUTPUT: |
3001
|
|
|
|
|
|
|
RETVAL |
3002
|
|
|
|
|
|
|
|
3003
|
|
|
|
|
|
|
int |
3004
|
|
|
|
|
|
|
SSL_in_init(s) |
3005
|
|
|
|
|
|
|
SSL * s |
3006
|
|
|
|
|
|
|
CODE: |
3007
|
7
|
|
|
|
|
|
RETVAL = SSL_in_init(s) == 0 ? 0 : 1; |
3008
|
|
|
|
|
|
|
OUTPUT: |
3009
|
|
|
|
|
|
|
RETVAL |
3010
|
|
|
|
|
|
|
|
3011
|
|
|
|
|
|
|
int |
3012
|
|
|
|
|
|
|
SSL_in_connect_init(s) |
3013
|
|
|
|
|
|
|
SSL * s |
3014
|
|
|
|
|
|
|
CODE: |
3015
|
2
|
|
|
|
|
|
RETVAL = SSL_in_connect_init(s) == 0 ? 0 : 1; |
3016
|
|
|
|
|
|
|
OUTPUT: |
3017
|
|
|
|
|
|
|
RETVAL |
3018
|
|
|
|
|
|
|
|
3019
|
|
|
|
|
|
|
int |
3020
|
|
|
|
|
|
|
SSL_in_accept_init(s) |
3021
|
|
|
|
|
|
|
SSL * s |
3022
|
|
|
|
|
|
|
CODE: |
3023
|
2
|
|
|
|
|
|
RETVAL = SSL_in_accept_init(s) == 0 ? 0 : 1; |
3024
|
|
|
|
|
|
|
OUTPUT: |
3025
|
|
|
|
|
|
|
RETVAL |
3026
|
|
|
|
|
|
|
|
3027
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
3028
|
|
|
|
|
|
|
int |
3029
|
|
|
|
|
|
|
SSL_state(s) |
3030
|
|
|
|
|
|
|
SSL * s |
3031
|
|
|
|
|
|
|
|
3032
|
|
|
|
|
|
|
int |
3033
|
|
|
|
|
|
|
SSL_get_state(ssl) |
3034
|
|
|
|
|
|
|
SSL * ssl |
3035
|
|
|
|
|
|
|
CODE: |
3036
|
0
|
|
|
|
|
|
RETVAL = SSL_state(ssl); |
3037
|
|
|
|
|
|
|
OUTPUT: |
3038
|
|
|
|
|
|
|
RETVAL |
3039
|
|
|
|
|
|
|
|
3040
|
|
|
|
|
|
|
|
3041
|
|
|
|
|
|
|
#else |
3042
|
|
|
|
|
|
|
int |
3043
|
|
|
|
|
|
|
SSL_state(s) |
3044
|
|
|
|
|
|
|
SSL * s |
3045
|
|
|
|
|
|
|
CODE: |
3046
|
|
|
|
|
|
|
RETVAL = SSL_get_state(s); |
3047
|
|
|
|
|
|
|
OUTPUT: |
3048
|
|
|
|
|
|
|
RETVAL |
3049
|
|
|
|
|
|
|
|
3050
|
|
|
|
|
|
|
|
3051
|
|
|
|
|
|
|
int |
3052
|
|
|
|
|
|
|
SSL_get_state(s) |
3053
|
|
|
|
|
|
|
SSL * s |
3054
|
|
|
|
|
|
|
|
3055
|
|
|
|
|
|
|
#endif |
3056
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) |
3057
|
|
|
|
|
|
|
|
3058
|
|
|
|
|
|
|
long |
3059
|
|
|
|
|
|
|
SSL_set_tlsext_host_name(SSL *ssl, const char *name) |
3060
|
|
|
|
|
|
|
|
3061
|
|
|
|
|
|
|
const char * |
3062
|
|
|
|
|
|
|
SSL_get_servername(const SSL *s, int type=TLSEXT_NAMETYPE_host_name) |
3063
|
|
|
|
|
|
|
|
3064
|
|
|
|
|
|
|
int |
3065
|
|
|
|
|
|
|
SSL_get_servername_type(const SSL *s) |
3066
|
|
|
|
|
|
|
|
3067
|
|
|
|
|
|
|
void |
3068
|
|
|
|
|
|
|
SSL_CTX_set_tlsext_servername_callback(ctx,callback=&PL_sv_undef,data=&PL_sv_undef) |
3069
|
|
|
|
|
|
|
SSL_CTX * ctx |
3070
|
|
|
|
|
|
|
SV * callback |
3071
|
|
|
|
|
|
|
SV * data |
3072
|
|
|
|
|
|
|
CODE: |
3073
|
0
|
0
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
3074
|
0
|
|
|
|
|
|
SSL_CTX_set_tlsext_servername_callback(ctx, NULL); |
3075
|
0
|
|
|
|
|
|
SSL_CTX_set_tlsext_servername_arg(ctx, NULL); |
3076
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_servername_callback!!data", NULL); |
3077
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_servername_callback!!func", NULL); |
3078
|
|
|
|
|
|
|
} else { |
3079
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_servername_callback!!data", newSVsv(data)); |
3080
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_servername_callback!!func", newSVsv(callback)); |
3081
|
0
|
|
|
|
|
|
SSL_CTX_set_tlsext_servername_callback(ctx, &tlsext_servername_callback_invoke); |
3082
|
0
|
|
|
|
|
|
SSL_CTX_set_tlsext_servername_arg(ctx, (void*)ctx); |
3083
|
|
|
|
|
|
|
} |
3084
|
|
|
|
|
|
|
|
3085
|
|
|
|
|
|
|
#endif |
3086
|
|
|
|
|
|
|
|
3087
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x1010006fL /* In OpenSSL 1.1.0 but actually called for $ssl starting from 1.1.0f */ |
3088
|
|
|
|
|
|
|
#ifndef LIBRESSL_VERSION_NUMBER |
3089
|
|
|
|
|
|
|
#ifndef OPENSSL_IS_BORINGSSL |
3090
|
|
|
|
|
|
|
void |
3091
|
|
|
|
|
|
|
SSL_set_default_passwd_cb(ssl,callback=&PL_sv_undef) |
3092
|
|
|
|
|
|
|
SSL * ssl |
3093
|
|
|
|
|
|
|
SV * callback |
3094
|
|
|
|
|
|
|
CODE: |
3095
|
|
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
3096
|
|
|
|
|
|
|
SSL_set_default_passwd_cb(ssl, NULL); |
3097
|
|
|
|
|
|
|
SSL_set_default_passwd_cb_userdata(ssl, NULL); |
3098
|
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_ssl_passwd_cb!!func", NULL); |
3099
|
|
|
|
|
|
|
} |
3100
|
|
|
|
|
|
|
else { |
3101
|
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_ssl_passwd_cb!!func", newSVsv(callback)); |
3102
|
|
|
|
|
|
|
SSL_set_default_passwd_cb_userdata(ssl, (void*)ssl); |
3103
|
|
|
|
|
|
|
SSL_set_default_passwd_cb(ssl, &ssleay_ssl_passwd_cb_invoke); |
3104
|
|
|
|
|
|
|
} |
3105
|
|
|
|
|
|
|
|
3106
|
|
|
|
|
|
|
void |
3107
|
|
|
|
|
|
|
SSL_set_default_passwd_cb_userdata(ssl,data=&PL_sv_undef) |
3108
|
|
|
|
|
|
|
SSL * ssl |
3109
|
|
|
|
|
|
|
SV * data |
3110
|
|
|
|
|
|
|
CODE: |
3111
|
|
|
|
|
|
|
/* SSL_set_default_passwd_cb_userdata is set in SSL_set_default_passwd_cb */ |
3112
|
|
|
|
|
|
|
if (data==NULL || !SvOK(data)) { |
3113
|
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_ssl_passwd_cb!!data", NULL); |
3114
|
|
|
|
|
|
|
} |
3115
|
|
|
|
|
|
|
else { |
3116
|
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_ssl_passwd_cb!!data", newSVsv(data)); |
3117
|
|
|
|
|
|
|
} |
3118
|
|
|
|
|
|
|
|
3119
|
|
|
|
|
|
|
#endif /* !BoringSSL */ |
3120
|
|
|
|
|
|
|
#endif /* !LibreSSL */ |
3121
|
|
|
|
|
|
|
#endif /* >= 1.1.0f */ |
3122
|
|
|
|
|
|
|
|
3123
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100001L && !defined(LIBRESSL_VERSION_NUMBER) |
3124
|
|
|
|
|
|
|
|
3125
|
|
|
|
|
|
|
void |
3126
|
|
|
|
|
|
|
SSL_set_security_level(SSL * ssl, int level) |
3127
|
|
|
|
|
|
|
|
3128
|
|
|
|
|
|
|
int |
3129
|
|
|
|
|
|
|
SSL_get_security_level(SSL * ssl) |
3130
|
|
|
|
|
|
|
|
3131
|
|
|
|
|
|
|
#endif |
3132
|
|
|
|
|
|
|
|
3133
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10101007L && !defined(LIBRESSL_VERSION_NUMBER) |
3134
|
|
|
|
|
|
|
|
3135
|
|
|
|
|
|
|
int |
3136
|
|
|
|
|
|
|
SSL_set_num_tickets(SSL *ssl, size_t num_tickets) |
3137
|
|
|
|
|
|
|
|
3138
|
|
|
|
|
|
|
size_t |
3139
|
|
|
|
|
|
|
SSL_get_num_tickets(SSL *ssl) |
3140
|
|
|
|
|
|
|
|
3141
|
|
|
|
|
|
|
#endif |
3142
|
|
|
|
|
|
|
|
3143
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10101003L && !defined(LIBRESSL_VERSION_NUMBER) |
3144
|
|
|
|
|
|
|
|
3145
|
|
|
|
|
|
|
int |
3146
|
|
|
|
|
|
|
SSL_set_ciphersuites(SSL *ssl, const char *str) |
3147
|
|
|
|
|
|
|
|
3148
|
|
|
|
|
|
|
#endif |
3149
|
|
|
|
|
|
|
|
3150
|
|
|
|
|
|
|
const BIO_METHOD * |
3151
|
|
|
|
|
|
|
BIO_f_ssl() |
3152
|
|
|
|
|
|
|
|
3153
|
|
|
|
|
|
|
const BIO_METHOD * |
3154
|
|
|
|
|
|
|
BIO_s_mem() |
3155
|
|
|
|
|
|
|
|
3156
|
|
|
|
|
|
|
unsigned long |
3157
|
|
|
|
|
|
|
ERR_get_error() |
3158
|
|
|
|
|
|
|
|
3159
|
|
|
|
|
|
|
unsigned long |
3160
|
|
|
|
|
|
|
ERR_peek_error() |
3161
|
|
|
|
|
|
|
|
3162
|
|
|
|
|
|
|
void |
3163
|
|
|
|
|
|
|
ERR_put_error(lib,func,reason,file,line) |
3164
|
|
|
|
|
|
|
int lib |
3165
|
|
|
|
|
|
|
int func |
3166
|
|
|
|
|
|
|
int reason |
3167
|
|
|
|
|
|
|
char * file |
3168
|
|
|
|
|
|
|
int line |
3169
|
|
|
|
|
|
|
|
3170
|
|
|
|
|
|
|
void |
3171
|
|
|
|
|
|
|
ERR_clear_error() |
3172
|
|
|
|
|
|
|
|
3173
|
|
|
|
|
|
|
char * |
3174
|
|
|
|
|
|
|
ERR_error_string(error,buf=NULL) |
3175
|
|
|
|
|
|
|
unsigned long error |
3176
|
|
|
|
|
|
|
char * buf |
3177
|
|
|
|
|
|
|
CODE: |
3178
|
4
|
|
|
|
|
|
RETVAL = ERR_error_string(error,buf); |
3179
|
|
|
|
|
|
|
OUTPUT: |
3180
|
|
|
|
|
|
|
RETVAL |
3181
|
|
|
|
|
|
|
|
3182
|
|
|
|
|
|
|
void |
3183
|
|
|
|
|
|
|
SSL_load_error_strings() |
3184
|
|
|
|
|
|
|
|
3185
|
|
|
|
|
|
|
void |
3186
|
|
|
|
|
|
|
ERR_load_crypto_strings() |
3187
|
|
|
|
|
|
|
|
3188
|
|
|
|
|
|
|
int |
3189
|
|
|
|
|
|
|
SSL_FIPS_mode_set(int onoff) |
3190
|
|
|
|
|
|
|
CODE: |
3191
|
|
|
|
|
|
|
#ifdef USE_ITHREADS |
3192
|
|
|
|
|
|
|
MUTEX_LOCK(&LIB_init_mutex); |
3193
|
|
|
|
|
|
|
#endif |
3194
|
|
|
|
|
|
|
#ifdef OPENSSL_FIPS |
3195
|
|
|
|
|
|
|
RETVAL = FIPS_mode_set(onoff); |
3196
|
|
|
|
|
|
|
if (!RETVAL) |
3197
|
|
|
|
|
|
|
{ |
3198
|
|
|
|
|
|
|
ERR_load_crypto_strings(); |
3199
|
|
|
|
|
|
|
ERR_print_errors_fp(stderr); |
3200
|
|
|
|
|
|
|
} |
3201
|
|
|
|
|
|
|
#else |
3202
|
0
|
|
|
|
|
|
RETVAL = 1; |
3203
|
0
|
|
|
|
|
|
fprintf(stderr, "SSL_FIPS_mode_set not available: OpenSSL not compiled with FIPS support\n"); |
3204
|
|
|
|
|
|
|
#endif |
3205
|
|
|
|
|
|
|
#ifdef USE_ITHREADS |
3206
|
|
|
|
|
|
|
MUTEX_UNLOCK(&LIB_init_mutex); |
3207
|
|
|
|
|
|
|
#endif |
3208
|
|
|
|
|
|
|
OUTPUT: |
3209
|
|
|
|
|
|
|
RETVAL |
3210
|
|
|
|
|
|
|
|
3211
|
|
|
|
|
|
|
|
3212
|
|
|
|
|
|
|
int |
3213
|
|
|
|
|
|
|
SSL_library_init() |
3214
|
|
|
|
|
|
|
ALIAS: |
3215
|
|
|
|
|
|
|
SSLeay_add_ssl_algorithms = 1 |
3216
|
|
|
|
|
|
|
OpenSSL_add_ssl_algorithms = 2 |
3217
|
|
|
|
|
|
|
add_ssl_algorithms = 3 |
3218
|
|
|
|
|
|
|
CODE: |
3219
|
|
|
|
|
|
|
#ifdef USE_ITHREADS |
3220
|
|
|
|
|
|
|
MUTEX_LOCK(&LIB_init_mutex); |
3221
|
|
|
|
|
|
|
#endif |
3222
|
44
|
|
|
|
|
|
RETVAL = 0; |
3223
|
44
|
100
|
|
|
|
|
if (!LIB_initialized) { |
3224
|
43
|
|
|
|
|
|
RETVAL = SSL_library_init(); |
3225
|
43
|
|
|
|
|
|
LIB_initialized = 1; |
3226
|
|
|
|
|
|
|
} |
3227
|
|
|
|
|
|
|
#ifdef USE_ITHREADS |
3228
|
|
|
|
|
|
|
MUTEX_UNLOCK(&LIB_init_mutex); |
3229
|
|
|
|
|
|
|
#endif |
3230
|
|
|
|
|
|
|
OUTPUT: |
3231
|
|
|
|
|
|
|
RETVAL |
3232
|
|
|
|
|
|
|
|
3233
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
3234
|
|
|
|
|
|
|
#define REM5 "NOTE: requires 0.9.7+" |
3235
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_ENGINE |
3236
|
|
|
|
|
|
|
|
3237
|
|
|
|
|
|
|
void |
3238
|
|
|
|
|
|
|
ENGINE_load_builtin_engines() |
3239
|
|
|
|
|
|
|
|
3240
|
|
|
|
|
|
|
void |
3241
|
|
|
|
|
|
|
ENGINE_register_all_complete() |
3242
|
|
|
|
|
|
|
|
3243
|
|
|
|
|
|
|
ENGINE* |
3244
|
|
|
|
|
|
|
ENGINE_by_id(id) |
3245
|
|
|
|
|
|
|
char * id |
3246
|
|
|
|
|
|
|
|
3247
|
|
|
|
|
|
|
int |
3248
|
|
|
|
|
|
|
ENGINE_set_default(e, flags) |
3249
|
|
|
|
|
|
|
ENGINE * e |
3250
|
|
|
|
|
|
|
int flags |
3251
|
|
|
|
|
|
|
|
3252
|
|
|
|
|
|
|
#endif /* OPENSSL_NO_ENGINE */ |
3253
|
|
|
|
|
|
|
#endif |
3254
|
|
|
|
|
|
|
|
3255
|
|
|
|
|
|
|
void |
3256
|
|
|
|
|
|
|
ERR_load_SSL_strings() |
3257
|
|
|
|
|
|
|
|
3258
|
|
|
|
|
|
|
void |
3259
|
|
|
|
|
|
|
ERR_load_RAND_strings() |
3260
|
|
|
|
|
|
|
|
3261
|
|
|
|
|
|
|
int |
3262
|
|
|
|
|
|
|
RAND_bytes(buf, num) |
3263
|
|
|
|
|
|
|
SV *buf |
3264
|
|
|
|
|
|
|
int num |
3265
|
|
|
|
|
|
|
PREINIT: |
3266
|
|
|
|
|
|
|
int rc; |
3267
|
|
|
|
|
|
|
unsigned char *random; |
3268
|
|
|
|
|
|
|
CODE: |
3269
|
7
|
|
|
|
|
|
New(0, random, num, unsigned char); |
3270
|
7
|
|
|
|
|
|
rc = RAND_bytes(random, num); |
3271
|
7
|
|
|
|
|
|
sv_setpvn(buf, (const char*)random, num); |
3272
|
7
|
|
|
|
|
|
Safefree(random); |
3273
|
7
|
|
|
|
|
|
RETVAL = rc; |
3274
|
|
|
|
|
|
|
OUTPUT: |
3275
|
|
|
|
|
|
|
RETVAL |
3276
|
|
|
|
|
|
|
|
3277
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10101001L && !defined(LIBRESSL_VERSION_NUMBER) |
3278
|
|
|
|
|
|
|
|
3279
|
|
|
|
|
|
|
int |
3280
|
|
|
|
|
|
|
RAND_priv_bytes(buf, num) |
3281
|
|
|
|
|
|
|
SV *buf |
3282
|
|
|
|
|
|
|
int num |
3283
|
|
|
|
|
|
|
PREINIT: |
3284
|
|
|
|
|
|
|
int rc; |
3285
|
|
|
|
|
|
|
unsigned char *random; |
3286
|
|
|
|
|
|
|
CODE: |
3287
|
|
|
|
|
|
|
New(0, random, num, unsigned char); |
3288
|
|
|
|
|
|
|
rc = RAND_priv_bytes(random, num); |
3289
|
|
|
|
|
|
|
sv_setpvn(buf, (const char*)random, num); |
3290
|
|
|
|
|
|
|
Safefree(random); |
3291
|
|
|
|
|
|
|
RETVAL = rc; |
3292
|
|
|
|
|
|
|
OUTPUT: |
3293
|
|
|
|
|
|
|
RETVAL |
3294
|
|
|
|
|
|
|
|
3295
|
|
|
|
|
|
|
#endif |
3296
|
|
|
|
|
|
|
|
3297
|
|
|
|
|
|
|
int |
3298
|
|
|
|
|
|
|
RAND_pseudo_bytes(buf, num) |
3299
|
|
|
|
|
|
|
SV *buf |
3300
|
|
|
|
|
|
|
int num |
3301
|
|
|
|
|
|
|
PREINIT: |
3302
|
|
|
|
|
|
|
int rc; |
3303
|
|
|
|
|
|
|
unsigned char *random; |
3304
|
|
|
|
|
|
|
CODE: |
3305
|
5
|
|
|
|
|
|
New(0, random, num, unsigned char); |
3306
|
5
|
|
|
|
|
|
rc = RAND_pseudo_bytes(random, num); |
3307
|
5
|
|
|
|
|
|
sv_setpvn(buf, (const char*)random, num); |
3308
|
5
|
|
|
|
|
|
Safefree(random); |
3309
|
5
|
|
|
|
|
|
RETVAL = rc; |
3310
|
|
|
|
|
|
|
OUTPUT: |
3311
|
|
|
|
|
|
|
RETVAL |
3312
|
|
|
|
|
|
|
|
3313
|
|
|
|
|
|
|
void |
3314
|
|
|
|
|
|
|
RAND_add(buf, num, entropy) |
3315
|
|
|
|
|
|
|
SV *buf |
3316
|
|
|
|
|
|
|
int num |
3317
|
|
|
|
|
|
|
double entropy |
3318
|
|
|
|
|
|
|
PREINIT: |
3319
|
|
|
|
|
|
|
STRLEN len; |
3320
|
|
|
|
|
|
|
CODE: |
3321
|
0
|
0
|
|
|
|
|
RAND_add((const void *)SvPV(buf, len), num, entropy); |
3322
|
|
|
|
|
|
|
|
3323
|
|
|
|
|
|
|
int |
3324
|
|
|
|
|
|
|
RAND_poll() |
3325
|
|
|
|
|
|
|
|
3326
|
|
|
|
|
|
|
int |
3327
|
|
|
|
|
|
|
RAND_status() |
3328
|
|
|
|
|
|
|
|
3329
|
|
|
|
|
|
|
SV * |
3330
|
|
|
|
|
|
|
RAND_file_name(num) |
3331
|
|
|
|
|
|
|
size_t num |
3332
|
|
|
|
|
|
|
PREINIT: |
3333
|
|
|
|
|
|
|
char *buf; |
3334
|
|
|
|
|
|
|
CODE: |
3335
|
3
|
|
|
|
|
|
Newxz(buf, num, char); |
3336
|
3
|
50
|
|
|
|
|
if (!RAND_file_name(buf, num)) { |
3337
|
0
|
|
|
|
|
|
Safefree(buf); |
3338
|
0
|
|
|
|
|
|
XSRETURN_UNDEF; |
3339
|
|
|
|
|
|
|
} |
3340
|
3
|
|
|
|
|
|
RETVAL = newSVpv(buf, 0); |
3341
|
3
|
|
|
|
|
|
Safefree(buf); |
3342
|
|
|
|
|
|
|
OUTPUT: |
3343
|
|
|
|
|
|
|
RETVAL |
3344
|
|
|
|
|
|
|
|
3345
|
|
|
|
|
|
|
void |
3346
|
|
|
|
|
|
|
RAND_seed(buf) |
3347
|
|
|
|
|
|
|
PREINIT: |
3348
|
|
|
|
|
|
|
STRLEN len; |
3349
|
|
|
|
|
|
|
INPUT: |
3350
|
|
|
|
|
|
|
char * buf = SvPV( ST(1), len); |
3351
|
|
|
|
|
|
|
CODE: |
3352
|
45
|
|
|
|
|
|
RAND_seed (buf, (int)len); |
3353
|
|
|
|
|
|
|
|
3354
|
|
|
|
|
|
|
void |
3355
|
|
|
|
|
|
|
RAND_cleanup() |
3356
|
|
|
|
|
|
|
|
3357
|
|
|
|
|
|
|
int |
3358
|
|
|
|
|
|
|
RAND_load_file(file_name, how_much) |
3359
|
|
|
|
|
|
|
char * file_name |
3360
|
|
|
|
|
|
|
int how_much |
3361
|
|
|
|
|
|
|
|
3362
|
|
|
|
|
|
|
int |
3363
|
|
|
|
|
|
|
RAND_write_file(file_name) |
3364
|
|
|
|
|
|
|
char * file_name |
3365
|
|
|
|
|
|
|
|
3366
|
|
|
|
|
|
|
#define REM40 "Minimal X509 stuff..., this is a bit ugly and should be put in its own modules Net::SSLeay::X509.pm" |
3367
|
|
|
|
|
|
|
|
3368
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2050000fL) |
3369
|
|
|
|
|
|
|
|
3370
|
|
|
|
|
|
|
int |
3371
|
|
|
|
|
|
|
X509_check_host(X509 *cert, const char *name, unsigned int flags = 0, SV *peername = &PL_sv_undef) |
3372
|
|
|
|
|
|
|
PREINIT: |
3373
|
0
|
|
|
|
|
|
char *c_peername = NULL; |
3374
|
|
|
|
|
|
|
CODE: |
3375
|
0
|
0
|
|
|
|
|
RETVAL = X509_check_host(cert, name, 0, flags, (items == 4) ? &c_peername : NULL); |
3376
|
0
|
0
|
|
|
|
|
if (items == 4) |
3377
|
0
|
|
|
|
|
|
sv_setpv(peername, c_peername); |
3378
|
|
|
|
|
|
|
OUTPUT: |
3379
|
|
|
|
|
|
|
RETVAL |
3380
|
|
|
|
|
|
|
CLEANUP: |
3381
|
0
|
0
|
|
|
|
|
if (c_peername) |
3382
|
0
|
|
|
|
|
|
OPENSSL_free(c_peername); |
3383
|
|
|
|
|
|
|
|
3384
|
|
|
|
|
|
|
int |
3385
|
|
|
|
|
|
|
X509_check_email(X509 *cert, const char *address, unsigned int flags = 0) |
3386
|
|
|
|
|
|
|
CODE: |
3387
|
0
|
|
|
|
|
|
RETVAL = X509_check_email(cert, address, 0, flags); |
3388
|
|
|
|
|
|
|
OUTPUT: |
3389
|
|
|
|
|
|
|
RETVAL |
3390
|
|
|
|
|
|
|
|
3391
|
|
|
|
|
|
|
int |
3392
|
|
|
|
|
|
|
X509_check_ip(X509 *cert, SV *address, unsigned int flags = 0) |
3393
|
|
|
|
|
|
|
PREINIT: |
3394
|
|
|
|
|
|
|
unsigned char *c_address; |
3395
|
|
|
|
|
|
|
size_t addresslen; |
3396
|
|
|
|
|
|
|
CODE: |
3397
|
0
|
0
|
|
|
|
|
c_address = (unsigned char *)SvPV(address, addresslen); |
3398
|
0
|
|
|
|
|
|
RETVAL = X509_check_ip(cert, c_address, addresslen, flags); |
3399
|
|
|
|
|
|
|
OUTPUT: |
3400
|
|
|
|
|
|
|
RETVAL |
3401
|
|
|
|
|
|
|
|
3402
|
|
|
|
|
|
|
int |
3403
|
|
|
|
|
|
|
X509_check_ip_asc(X509 *cert, const char *address, unsigned int flags = 0) |
3404
|
|
|
|
|
|
|
|
3405
|
|
|
|
|
|
|
#endif |
3406
|
|
|
|
|
|
|
|
3407
|
|
|
|
|
|
|
X509_NAME* |
3408
|
|
|
|
|
|
|
X509_get_issuer_name(cert) |
3409
|
|
|
|
|
|
|
X509 * cert |
3410
|
|
|
|
|
|
|
|
3411
|
|
|
|
|
|
|
X509_NAME* |
3412
|
|
|
|
|
|
|
X509_get_subject_name(cert) |
3413
|
|
|
|
|
|
|
X509 * cert |
3414
|
|
|
|
|
|
|
|
3415
|
|
|
|
|
|
|
void * |
3416
|
|
|
|
|
|
|
X509_get_ex_data(cert,idx) |
3417
|
|
|
|
|
|
|
X509 * cert |
3418
|
|
|
|
|
|
|
int idx |
3419
|
|
|
|
|
|
|
|
3420
|
|
|
|
|
|
|
int |
3421
|
|
|
|
|
|
|
X509_get_ex_new_index(argl,argp=NULL,new_func=NULL,dup_func=NULL,free_func=NULL) |
3422
|
|
|
|
|
|
|
long argl |
3423
|
|
|
|
|
|
|
void * argp |
3424
|
|
|
|
|
|
|
CRYPTO_EX_new * new_func |
3425
|
|
|
|
|
|
|
CRYPTO_EX_dup * dup_func |
3426
|
|
|
|
|
|
|
CRYPTO_EX_free * free_func |
3427
|
|
|
|
|
|
|
|
3428
|
|
|
|
|
|
|
void * |
3429
|
|
|
|
|
|
|
X509_get_app_data(cert) |
3430
|
|
|
|
|
|
|
X509 * cert |
3431
|
|
|
|
|
|
|
CODE: |
3432
|
0
|
|
|
|
|
|
RETVAL = X509_get_ex_data(cert,0); |
3433
|
|
|
|
|
|
|
OUTPUT: |
3434
|
|
|
|
|
|
|
RETVAL |
3435
|
|
|
|
|
|
|
|
3436
|
|
|
|
|
|
|
int |
3437
|
|
|
|
|
|
|
X509_set_ex_data(cert,idx,data) |
3438
|
|
|
|
|
|
|
X509 * cert |
3439
|
|
|
|
|
|
|
int idx |
3440
|
|
|
|
|
|
|
void * data |
3441
|
|
|
|
|
|
|
|
3442
|
|
|
|
|
|
|
int |
3443
|
|
|
|
|
|
|
X509_set_app_data(cert,arg) |
3444
|
|
|
|
|
|
|
X509 * cert |
3445
|
|
|
|
|
|
|
char * arg |
3446
|
|
|
|
|
|
|
CODE: |
3447
|
0
|
|
|
|
|
|
RETVAL = X509_set_ex_data(cert,0,arg); |
3448
|
|
|
|
|
|
|
OUTPUT: |
3449
|
|
|
|
|
|
|
RETVAL |
3450
|
|
|
|
|
|
|
|
3451
|
|
|
|
|
|
|
int |
3452
|
|
|
|
|
|
|
X509_set_issuer_name(X509 *x, X509_NAME *name) |
3453
|
|
|
|
|
|
|
|
3454
|
|
|
|
|
|
|
int |
3455
|
|
|
|
|
|
|
X509_set_subject_name(X509 *x, X509_NAME *name) |
3456
|
|
|
|
|
|
|
|
3457
|
|
|
|
|
|
|
int |
3458
|
|
|
|
|
|
|
X509_set_version(X509 *x, long version) |
3459
|
|
|
|
|
|
|
|
3460
|
|
|
|
|
|
|
int |
3461
|
|
|
|
|
|
|
X509_set_pubkey(X509 *x, EVP_PKEY *pkey) |
3462
|
|
|
|
|
|
|
|
3463
|
|
|
|
|
|
|
long |
3464
|
|
|
|
|
|
|
X509_get_version(X509 *x) |
3465
|
|
|
|
|
|
|
|
3466
|
|
|
|
|
|
|
EVP_PKEY * |
3467
|
|
|
|
|
|
|
X509_get_pubkey(X509 *x) |
3468
|
|
|
|
|
|
|
|
3469
|
|
|
|
|
|
|
ASN1_INTEGER * |
3470
|
|
|
|
|
|
|
X509_get_serialNumber(X509 *x) |
3471
|
|
|
|
|
|
|
|
3472
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2080100fL) |
3473
|
|
|
|
|
|
|
|
3474
|
|
|
|
|
|
|
const ASN1_INTEGER * |
3475
|
|
|
|
|
|
|
X509_get0_serialNumber(const X509 *x) |
3476
|
|
|
|
|
|
|
|
3477
|
|
|
|
|
|
|
#endif |
3478
|
|
|
|
|
|
|
|
3479
|
|
|
|
|
|
|
int |
3480
|
|
|
|
|
|
|
X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial) |
3481
|
|
|
|
|
|
|
|
3482
|
|
|
|
|
|
|
int |
3483
|
|
|
|
|
|
|
X509_certificate_type(X509 *x, EVP_PKEY *pubkey=NULL); |
3484
|
|
|
|
|
|
|
|
3485
|
|
|
|
|
|
|
int |
3486
|
|
|
|
|
|
|
X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) |
3487
|
|
|
|
|
|
|
|
3488
|
|
|
|
|
|
|
int |
3489
|
|
|
|
|
|
|
X509_verify(X509 *x, EVP_PKEY *r) |
3490
|
|
|
|
|
|
|
|
3491
|
|
|
|
|
|
|
X509_NAME * |
3492
|
|
|
|
|
|
|
X509_NAME_new() |
3493
|
|
|
|
|
|
|
|
3494
|
|
|
|
|
|
|
unsigned long |
3495
|
|
|
|
|
|
|
X509_NAME_hash(X509_NAME *name) |
3496
|
|
|
|
|
|
|
|
3497
|
|
|
|
|
|
|
void |
3498
|
|
|
|
|
|
|
X509_NAME_oneline(name) |
3499
|
|
|
|
|
|
|
X509_NAME * name |
3500
|
|
|
|
|
|
|
PREINIT: |
3501
|
|
|
|
|
|
|
char * buf; |
3502
|
|
|
|
|
|
|
CODE: |
3503
|
17
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
3504
|
17
|
50
|
|
|
|
|
if ((buf = X509_NAME_oneline(name, NULL, 0))) { |
3505
|
17
|
|
|
|
|
|
sv_setpvn( ST(0), buf, strlen(buf)); |
3506
|
17
|
|
|
|
|
|
OPENSSL_free(buf); /* mem was allocated by openssl */ |
3507
|
|
|
|
|
|
|
} |
3508
|
|
|
|
|
|
|
|
3509
|
|
|
|
|
|
|
void |
3510
|
|
|
|
|
|
|
X509_NAME_print_ex(name,flags=XN_FLAG_RFC2253,utf8_decode=0) |
3511
|
|
|
|
|
|
|
X509_NAME * name |
3512
|
|
|
|
|
|
|
unsigned long flags |
3513
|
|
|
|
|
|
|
int utf8_decode |
3514
|
|
|
|
|
|
|
PREINIT: |
3515
|
|
|
|
|
|
|
char * buf; |
3516
|
|
|
|
|
|
|
BIO * bp; |
3517
|
13
|
|
|
|
|
|
int n, i, ident=0; |
3518
|
|
|
|
|
|
|
CODE: |
3519
|
13
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* undef to start with */ |
3520
|
13
|
|
|
|
|
|
bp = BIO_new(BIO_s_mem()); |
3521
|
13
|
50
|
|
|
|
|
if (bp) { |
3522
|
13
|
50
|
|
|
|
|
if (X509_NAME_print_ex(bp, name, ident, flags)) { |
3523
|
13
|
|
|
|
|
|
n = BIO_ctrl_pending(bp); |
3524
|
13
|
|
|
|
|
|
New(0, buf, n, char); |
3525
|
13
|
50
|
|
|
|
|
if (buf) { |
3526
|
13
|
|
|
|
|
|
i = BIO_read(bp,buf,n); |
3527
|
13
|
50
|
|
|
|
|
if (i>=0 && i<=n) { |
|
|
50
|
|
|
|
|
|
3528
|
13
|
|
|
|
|
|
sv_setpvn(ST(0), buf, i); |
3529
|
13
|
50
|
|
|
|
|
if (utf8_decode) sv_utf8_decode(ST(0)); |
3530
|
|
|
|
|
|
|
} |
3531
|
13
|
|
|
|
|
|
Safefree(buf); |
3532
|
|
|
|
|
|
|
} |
3533
|
|
|
|
|
|
|
} |
3534
|
13
|
|
|
|
|
|
BIO_free(bp); |
3535
|
|
|
|
|
|
|
} |
3536
|
|
|
|
|
|
|
|
3537
|
|
|
|
|
|
|
void |
3538
|
|
|
|
|
|
|
X509_NAME_get_text_by_NID(name,nid) |
3539
|
|
|
|
|
|
|
X509_NAME * name |
3540
|
|
|
|
|
|
|
int nid |
3541
|
|
|
|
|
|
|
PREINIT: |
3542
|
|
|
|
|
|
|
char* buf; |
3543
|
|
|
|
|
|
|
int length; |
3544
|
|
|
|
|
|
|
CODE: |
3545
|
1
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
3546
|
1
|
|
|
|
|
|
length = X509_NAME_get_text_by_NID(name, nid, NULL, 0); |
3547
|
|
|
|
|
|
|
|
3548
|
1
|
50
|
|
|
|
|
if (length>=0) { |
3549
|
1
|
|
|
|
|
|
New(0, buf, length+1, char); |
3550
|
1
|
50
|
|
|
|
|
if (X509_NAME_get_text_by_NID(name, nid, buf, length + 1)>=0) |
3551
|
1
|
|
|
|
|
|
sv_setpvn( ST(0), buf, length); |
3552
|
1
|
|
|
|
|
|
Safefree(buf); |
3553
|
|
|
|
|
|
|
} |
3554
|
|
|
|
|
|
|
|
3555
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090500fL |
3556
|
|
|
|
|
|
|
#define REM17 "requires 0.9.5+" |
3557
|
|
|
|
|
|
|
|
3558
|
|
|
|
|
|
|
int |
3559
|
|
|
|
|
|
|
X509_NAME_add_entry_by_NID(name,nid,type,bytes,loc=-1,set=0) |
3560
|
|
|
|
|
|
|
X509_NAME *name |
3561
|
|
|
|
|
|
|
int nid |
3562
|
|
|
|
|
|
|
int type |
3563
|
|
|
|
|
|
|
int loc |
3564
|
|
|
|
|
|
|
int set |
3565
|
|
|
|
|
|
|
PREINIT: |
3566
|
|
|
|
|
|
|
STRLEN len; |
3567
|
|
|
|
|
|
|
INPUT: |
3568
|
|
|
|
|
|
|
unsigned char *bytes = (unsigned char *)SvPV(ST(3), len); |
3569
|
|
|
|
|
|
|
CODE: |
3570
|
1
|
|
|
|
|
|
RETVAL = X509_NAME_add_entry_by_NID(name,nid,type,bytes,len,loc,set); |
3571
|
|
|
|
|
|
|
OUTPUT: |
3572
|
|
|
|
|
|
|
RETVAL |
3573
|
|
|
|
|
|
|
|
3574
|
|
|
|
|
|
|
int |
3575
|
|
|
|
|
|
|
X509_NAME_add_entry_by_OBJ(name,obj,type,bytes,loc=-1,set=0) |
3576
|
|
|
|
|
|
|
X509_NAME *name |
3577
|
|
|
|
|
|
|
ASN1_OBJECT *obj |
3578
|
|
|
|
|
|
|
int type |
3579
|
|
|
|
|
|
|
int loc |
3580
|
|
|
|
|
|
|
int set |
3581
|
|
|
|
|
|
|
PREINIT: |
3582
|
|
|
|
|
|
|
STRLEN len; |
3583
|
|
|
|
|
|
|
INPUT: |
3584
|
|
|
|
|
|
|
unsigned char *bytes = (unsigned char *)SvPV(ST(3), len); |
3585
|
|
|
|
|
|
|
CODE: |
3586
|
1
|
|
|
|
|
|
RETVAL = X509_NAME_add_entry_by_OBJ(name,obj,type,bytes,len,loc,set); |
3587
|
|
|
|
|
|
|
OUTPUT: |
3588
|
|
|
|
|
|
|
RETVAL |
3589
|
|
|
|
|
|
|
|
3590
|
|
|
|
|
|
|
int |
3591
|
|
|
|
|
|
|
X509_NAME_add_entry_by_txt(name,field,type,bytes,loc=-1,set=0) |
3592
|
|
|
|
|
|
|
X509_NAME *name |
3593
|
|
|
|
|
|
|
char *field |
3594
|
|
|
|
|
|
|
int type |
3595
|
|
|
|
|
|
|
int loc |
3596
|
|
|
|
|
|
|
int set |
3597
|
|
|
|
|
|
|
PREINIT: |
3598
|
|
|
|
|
|
|
STRLEN len; |
3599
|
|
|
|
|
|
|
INPUT: |
3600
|
|
|
|
|
|
|
unsigned char *bytes = (unsigned char *)SvPV(ST(3), len); |
3601
|
|
|
|
|
|
|
CODE: |
3602
|
6
|
|
|
|
|
|
RETVAL = X509_NAME_add_entry_by_txt(name,field,type,bytes,len,loc,set); |
3603
|
|
|
|
|
|
|
OUTPUT: |
3604
|
|
|
|
|
|
|
RETVAL |
3605
|
|
|
|
|
|
|
|
3606
|
|
|
|
|
|
|
#endif |
3607
|
|
|
|
|
|
|
|
3608
|
|
|
|
|
|
|
int |
3609
|
|
|
|
|
|
|
X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) |
3610
|
|
|
|
|
|
|
|
3611
|
|
|
|
|
|
|
int |
3612
|
|
|
|
|
|
|
X509_NAME_entry_count(X509_NAME *name) |
3613
|
|
|
|
|
|
|
|
3614
|
|
|
|
|
|
|
X509_NAME_ENTRY * |
3615
|
|
|
|
|
|
|
X509_NAME_get_entry(X509_NAME *name, int loc) |
3616
|
|
|
|
|
|
|
|
3617
|
|
|
|
|
|
|
ASN1_STRING * |
3618
|
|
|
|
|
|
|
X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne) |
3619
|
|
|
|
|
|
|
|
3620
|
|
|
|
|
|
|
ASN1_OBJECT * |
3621
|
|
|
|
|
|
|
X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne) |
3622
|
|
|
|
|
|
|
|
3623
|
|
|
|
|
|
|
void |
3624
|
|
|
|
|
|
|
X509_CRL_free(X509_CRL *x) |
3625
|
|
|
|
|
|
|
|
3626
|
|
|
|
|
|
|
X509_CRL * |
3627
|
|
|
|
|
|
|
X509_CRL_new() |
3628
|
|
|
|
|
|
|
|
3629
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
3630
|
|
|
|
|
|
|
#define REM19 "requires 0.9.7+" |
3631
|
|
|
|
|
|
|
|
3632
|
|
|
|
|
|
|
int |
3633
|
|
|
|
|
|
|
X509_CRL_set_version(X509_CRL *x, long version) |
3634
|
|
|
|
|
|
|
|
3635
|
|
|
|
|
|
|
int |
3636
|
|
|
|
|
|
|
X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name) |
3637
|
|
|
|
|
|
|
|
3638
|
|
|
|
|
|
|
int |
3639
|
|
|
|
|
|
|
X509_CRL_sort(X509_CRL *x) |
3640
|
|
|
|
|
|
|
|
3641
|
|
|
|
|
|
|
#endif |
3642
|
|
|
|
|
|
|
|
3643
|
|
|
|
|
|
|
long |
3644
|
|
|
|
|
|
|
X509_CRL_get_version(X509_CRL *x) |
3645
|
|
|
|
|
|
|
|
3646
|
|
|
|
|
|
|
X509_NAME * |
3647
|
|
|
|
|
|
|
X509_CRL_get_issuer(X509_CRL *x) |
3648
|
|
|
|
|
|
|
|
3649
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
3650
|
|
|
|
|
|
|
|
3651
|
|
|
|
|
|
|
const ASN1_TIME * |
3652
|
|
|
|
|
|
|
X509_CRL_get0_lastUpdate(const X509_CRL *crl) |
3653
|
|
|
|
|
|
|
ALIAS: |
3654
|
|
|
|
|
|
|
X509_CRL_get_lastUpdate = 1 |
3655
|
|
|
|
|
|
|
|
3656
|
|
|
|
|
|
|
const ASN1_TIME * |
3657
|
|
|
|
|
|
|
X509_CRL_get0_nextUpdate(const X509_CRL *crl) |
3658
|
|
|
|
|
|
|
ALIAS: |
3659
|
|
|
|
|
|
|
X509_CRL_get_nextUpdate = 1 |
3660
|
|
|
|
|
|
|
|
3661
|
|
|
|
|
|
|
int |
3662
|
|
|
|
|
|
|
X509_CRL_set1_lastUpdate(X509_CRL *x, ASN1_TIME *tm) |
3663
|
|
|
|
|
|
|
ALIAS: |
3664
|
|
|
|
|
|
|
X509_CRL_set_lastUpdate = 1 |
3665
|
|
|
|
|
|
|
|
3666
|
|
|
|
|
|
|
int |
3667
|
|
|
|
|
|
|
X509_CRL_set1_nextUpdate(X509_CRL *x, ASN1_TIME *tm) |
3668
|
|
|
|
|
|
|
ALIAS: |
3669
|
|
|
|
|
|
|
X509_CRL_set_nextUpdate = 1 |
3670
|
|
|
|
|
|
|
|
3671
|
|
|
|
|
|
|
#else /* plain get/set is deprecated */ |
3672
|
|
|
|
|
|
|
|
3673
|
|
|
|
|
|
|
ASN1_TIME * |
3674
|
|
|
|
|
|
|
X509_CRL_get_lastUpdate(X509_CRL *x) |
3675
|
|
|
|
|
|
|
ALIAS: |
3676
|
|
|
|
|
|
|
X509_CRL_get0_lastUpdate = 1 |
3677
|
|
|
|
|
|
|
|
3678
|
|
|
|
|
|
|
ASN1_TIME * |
3679
|
|
|
|
|
|
|
X509_CRL_get_nextUpdate(X509_CRL *x) |
3680
|
|
|
|
|
|
|
ALIAS: |
3681
|
|
|
|
|
|
|
X509_CRL_get0_nextUpdate = 1 |
3682
|
|
|
|
|
|
|
|
3683
|
|
|
|
|
|
|
int |
3684
|
|
|
|
|
|
|
X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm) |
3685
|
|
|
|
|
|
|
ALIAS: |
3686
|
|
|
|
|
|
|
X509_CRL_set1_lastUpdate = 1 |
3687
|
|
|
|
|
|
|
|
3688
|
|
|
|
|
|
|
int |
3689
|
|
|
|
|
|
|
X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm) |
3690
|
|
|
|
|
|
|
ALIAS: |
3691
|
|
|
|
|
|
|
X509_CRL_set1_nextUpdate = 1 |
3692
|
|
|
|
|
|
|
|
3693
|
|
|
|
|
|
|
#endif |
3694
|
|
|
|
|
|
|
|
3695
|
|
|
|
|
|
|
int |
3696
|
|
|
|
|
|
|
X509_CRL_verify(X509_CRL *a, EVP_PKEY *r) |
3697
|
|
|
|
|
|
|
|
3698
|
|
|
|
|
|
|
int |
3699
|
|
|
|
|
|
|
X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md) |
3700
|
|
|
|
|
|
|
|
3701
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
3702
|
|
|
|
|
|
|
#define REM20 "requires 0.9.7+" |
3703
|
|
|
|
|
|
|
|
3704
|
|
|
|
|
|
|
int |
3705
|
|
|
|
|
|
|
P_X509_CRL_set_serial(crl,crl_number) |
3706
|
|
|
|
|
|
|
X509_CRL *crl |
3707
|
|
|
|
|
|
|
ASN1_INTEGER * crl_number; |
3708
|
|
|
|
|
|
|
CODE: |
3709
|
1
|
|
|
|
|
|
RETVAL = 0; |
3710
|
1
|
50
|
|
|
|
|
if (crl && crl_number) |
|
|
50
|
|
|
|
|
|
3711
|
1
|
50
|
|
|
|
|
if (X509_CRL_add1_ext_i2d(crl, NID_crl_number, crl_number, 0, 0)) RETVAL = 1; |
3712
|
|
|
|
|
|
|
OUTPUT: |
3713
|
|
|
|
|
|
|
RETVAL |
3714
|
|
|
|
|
|
|
|
3715
|
|
|
|
|
|
|
ASN1_INTEGER * |
3716
|
|
|
|
|
|
|
P_X509_CRL_get_serial(crl) |
3717
|
|
|
|
|
|
|
X509_CRL *crl |
3718
|
|
|
|
|
|
|
INIT: |
3719
|
|
|
|
|
|
|
int i; |
3720
|
|
|
|
|
|
|
CODE: |
3721
|
1
|
|
|
|
|
|
RETVAL = (ASN1_INTEGER *)X509_CRL_get_ext_d2i(crl, NID_crl_number, &i, NULL); |
3722
|
1
|
50
|
|
|
|
|
if (!RETVAL || i==-1) XSRETURN_UNDEF; |
|
|
50
|
|
|
|
|
|
3723
|
|
|
|
|
|
|
OUTPUT: |
3724
|
|
|
|
|
|
|
RETVAL |
3725
|
|
|
|
|
|
|
|
3726
|
|
|
|
|
|
|
void |
3727
|
|
|
|
|
|
|
P_X509_CRL_add_revoked_serial_hex(crl,serial_hex,rev_time,reason_code=0,comp_time=NULL) |
3728
|
|
|
|
|
|
|
X509_CRL *crl |
3729
|
|
|
|
|
|
|
char * serial_hex |
3730
|
|
|
|
|
|
|
ASN1_TIME *rev_time |
3731
|
|
|
|
|
|
|
long reason_code |
3732
|
|
|
|
|
|
|
ASN1_TIME *comp_time |
3733
|
|
|
|
|
|
|
PREINIT: |
3734
|
2
|
|
|
|
|
|
BIGNUM *bn = NULL; |
3735
|
|
|
|
|
|
|
ASN1_INTEGER *sn; |
3736
|
|
|
|
|
|
|
X509_REVOKED *rev; |
3737
|
2
|
|
|
|
|
|
ASN1_ENUMERATED *rsn = NULL; |
3738
|
|
|
|
|
|
|
int rv; |
3739
|
|
|
|
|
|
|
PPCODE: |
3740
|
2
|
|
|
|
|
|
rv=0; |
3741
|
2
|
|
|
|
|
|
rev = X509_REVOKED_new(); |
3742
|
2
|
50
|
|
|
|
|
if (rev) { |
3743
|
2
|
50
|
|
|
|
|
if (BN_hex2bn(&bn, serial_hex)) { |
3744
|
2
|
|
|
|
|
|
sn = BN_to_ASN1_INTEGER(bn, NULL); |
3745
|
2
|
50
|
|
|
|
|
if (sn) { |
3746
|
2
|
|
|
|
|
|
X509_REVOKED_set_serialNumber(rev, sn); |
3747
|
2
|
|
|
|
|
|
ASN1_INTEGER_free(sn); |
3748
|
2
|
|
|
|
|
|
rv = 1; |
3749
|
|
|
|
|
|
|
} |
3750
|
2
|
|
|
|
|
|
BN_free(bn); |
3751
|
|
|
|
|
|
|
} |
3752
|
|
|
|
|
|
|
} |
3753
|
2
|
50
|
|
|
|
|
if (!rv) XSRETURN_IV(0); |
3754
|
|
|
|
|
|
|
|
3755
|
2
|
50
|
|
|
|
|
if (!rev_time) XSRETURN_IV(0); |
3756
|
2
|
50
|
|
|
|
|
if (!X509_REVOKED_set_revocationDate(rev, rev_time)) XSRETURN_IV(0); |
3757
|
|
|
|
|
|
|
|
3758
|
2
|
50
|
|
|
|
|
if(reason_code) { |
3759
|
2
|
|
|
|
|
|
rv = 0; |
3760
|
2
|
|
|
|
|
|
rsn = ASN1_ENUMERATED_new(); |
3761
|
2
|
50
|
|
|
|
|
if (rsn) { |
3762
|
2
|
50
|
|
|
|
|
if (ASN1_ENUMERATED_set(rsn, reason_code)) |
3763
|
2
|
50
|
|
|
|
|
if (X509_REVOKED_add1_ext_i2d(rev, NID_crl_reason, rsn, 0, 0)) |
3764
|
2
|
|
|
|
|
|
rv=1; |
3765
|
2
|
|
|
|
|
|
ASN1_ENUMERATED_free(rsn); |
3766
|
|
|
|
|
|
|
} |
3767
|
2
|
50
|
|
|
|
|
if (!rv) XSRETURN_IV(0); |
3768
|
|
|
|
|
|
|
} |
3769
|
|
|
|
|
|
|
|
3770
|
2
|
50
|
|
|
|
|
if(comp_time) { |
3771
|
2
|
|
|
|
|
|
X509_REVOKED_add1_ext_i2d(rev, NID_invalidity_date, comp_time, 0, 0); |
3772
|
|
|
|
|
|
|
} |
3773
|
|
|
|
|
|
|
|
3774
|
2
|
50
|
|
|
|
|
if(!X509_CRL_add0_revoked(crl, rev)) XSRETURN_IV(0); |
3775
|
2
|
|
|
|
|
|
XSRETURN_IV(1); |
3776
|
|
|
|
|
|
|
|
3777
|
|
|
|
|
|
|
#endif |
3778
|
|
|
|
|
|
|
|
3779
|
|
|
|
|
|
|
X509_REQ * |
3780
|
|
|
|
|
|
|
X509_REQ_new() |
3781
|
|
|
|
|
|
|
|
3782
|
|
|
|
|
|
|
void |
3783
|
|
|
|
|
|
|
X509_REQ_free(X509_REQ *x) |
3784
|
|
|
|
|
|
|
|
3785
|
|
|
|
|
|
|
X509_NAME * |
3786
|
|
|
|
|
|
|
X509_REQ_get_subject_name(X509_REQ *x) |
3787
|
|
|
|
|
|
|
|
3788
|
|
|
|
|
|
|
int |
3789
|
|
|
|
|
|
|
X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name) |
3790
|
|
|
|
|
|
|
|
3791
|
|
|
|
|
|
|
int |
3792
|
|
|
|
|
|
|
X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) |
3793
|
|
|
|
|
|
|
|
3794
|
|
|
|
|
|
|
EVP_PKEY * |
3795
|
|
|
|
|
|
|
X509_REQ_get_pubkey(X509_REQ *x) |
3796
|
|
|
|
|
|
|
|
3797
|
|
|
|
|
|
|
int |
3798
|
|
|
|
|
|
|
X509_REQ_sign(X509_REQ *x, EVP_PKEY *pk, const EVP_MD *md) |
3799
|
|
|
|
|
|
|
|
3800
|
|
|
|
|
|
|
int |
3801
|
|
|
|
|
|
|
X509_REQ_verify(X509_REQ *x, EVP_PKEY *r) |
3802
|
|
|
|
|
|
|
|
3803
|
|
|
|
|
|
|
int |
3804
|
|
|
|
|
|
|
X509_REQ_set_version(X509_REQ *x, long version) |
3805
|
|
|
|
|
|
|
|
3806
|
|
|
|
|
|
|
long |
3807
|
|
|
|
|
|
|
X509_REQ_get_version(X509_REQ *x) |
3808
|
|
|
|
|
|
|
|
3809
|
|
|
|
|
|
|
int |
3810
|
|
|
|
|
|
|
X509_REQ_get_attr_count(const X509_REQ *req); |
3811
|
|
|
|
|
|
|
|
3812
|
|
|
|
|
|
|
int |
3813
|
|
|
|
|
|
|
X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos=-1) |
3814
|
|
|
|
|
|
|
|
3815
|
|
|
|
|
|
|
int |
3816
|
|
|
|
|
|
|
X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, int lastpos=-1) |
3817
|
|
|
|
|
|
|
|
3818
|
|
|
|
|
|
|
int |
3819
|
|
|
|
|
|
|
X509_REQ_add1_attr_by_NID(req,nid,type,bytes) |
3820
|
|
|
|
|
|
|
X509_REQ *req |
3821
|
|
|
|
|
|
|
int nid |
3822
|
|
|
|
|
|
|
int type |
3823
|
|
|
|
|
|
|
PREINIT: |
3824
|
|
|
|
|
|
|
STRLEN len; |
3825
|
|
|
|
|
|
|
INPUT: |
3826
|
|
|
|
|
|
|
unsigned char *bytes = (unsigned char *)SvPV(ST(3), len); |
3827
|
|
|
|
|
|
|
CODE: |
3828
|
2
|
|
|
|
|
|
RETVAL = X509_REQ_add1_attr_by_NID(req,nid,type,bytes,len); |
3829
|
|
|
|
|
|
|
OUTPUT: |
3830
|
|
|
|
|
|
|
RETVAL |
3831
|
|
|
|
|
|
|
|
3832
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
3833
|
|
|
|
|
|
|
#define REM21 "requires 0.9.7+" |
3834
|
|
|
|
|
|
|
|
3835
|
|
|
|
|
|
|
void |
3836
|
|
|
|
|
|
|
P_X509_REQ_get_attr(req,n) |
3837
|
|
|
|
|
|
|
X509_REQ *req |
3838
|
|
|
|
|
|
|
int n |
3839
|
|
|
|
|
|
|
INIT: |
3840
|
|
|
|
|
|
|
X509_ATTRIBUTE * att; |
3841
|
|
|
|
|
|
|
int count, i; |
3842
|
|
|
|
|
|
|
ASN1_STRING * s; |
3843
|
|
|
|
|
|
|
ASN1_TYPE * t; |
3844
|
|
|
|
|
|
|
PPCODE: |
3845
|
1
|
|
|
|
|
|
att = X509_REQ_get_attr(req,n); |
3846
|
1
|
|
|
|
|
|
count = X509_ATTRIBUTE_count(att); |
3847
|
2
|
100
|
|
|
|
|
for (i=0; i
|
3848
|
1
|
|
|
|
|
|
t = X509_ATTRIBUTE_get0_type(att, i); |
3849
|
1
|
|
|
|
|
|
s = t->value.asn1_string; |
3850
|
1
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(s)))); |
3851
|
|
|
|
|
|
|
} |
3852
|
|
|
|
|
|
|
|
3853
|
|
|
|
|
|
|
#endif |
3854
|
|
|
|
|
|
|
|
3855
|
|
|
|
|
|
|
int |
3856
|
|
|
|
|
|
|
P_X509_REQ_add_extensions(x,...) |
3857
|
|
|
|
|
|
|
X509_REQ *x |
3858
|
|
|
|
|
|
|
PREINIT: |
3859
|
1
|
|
|
|
|
|
int i=1; |
3860
|
|
|
|
|
|
|
int nid; |
3861
|
|
|
|
|
|
|
char *data; |
3862
|
|
|
|
|
|
|
X509_EXTENSION *ex; |
3863
|
|
|
|
|
|
|
STACK_OF(X509_EXTENSION) *stack; |
3864
|
|
|
|
|
|
|
CODE: |
3865
|
1
|
50
|
|
|
|
|
if (items>1) { |
3866
|
1
|
|
|
|
|
|
RETVAL = 1; |
3867
|
1
|
|
|
|
|
|
stack = sk_X509_EXTENSION_new_null(); |
3868
|
7
|
100
|
|
|
|
|
while(i+1
|
3869
|
6
|
50
|
|
|
|
|
nid = SvIV(ST(i)); |
3870
|
6
|
50
|
|
|
|
|
data = SvPV_nolen(ST(i+1)); |
3871
|
6
|
|
|
|
|
|
i+=2; |
3872
|
6
|
|
|
|
|
|
ex = X509V3_EXT_conf_nid(NULL, NULL, nid, data); |
3873
|
6
|
50
|
|
|
|
|
if (ex) |
3874
|
6
|
|
|
|
|
|
sk_X509_EXTENSION_push(stack, ex); |
3875
|
|
|
|
|
|
|
else |
3876
|
0
|
|
|
|
|
|
RETVAL = 0; |
3877
|
|
|
|
|
|
|
} |
3878
|
1
|
|
|
|
|
|
X509_REQ_add_extensions(x, stack); |
3879
|
1
|
|
|
|
|
|
sk_X509_EXTENSION_pop_free(stack, X509_EXTENSION_free); |
3880
|
|
|
|
|
|
|
} |
3881
|
|
|
|
|
|
|
else |
3882
|
0
|
|
|
|
|
|
RETVAL = 0; |
3883
|
|
|
|
|
|
|
OUTPUT: |
3884
|
|
|
|
|
|
|
RETVAL |
3885
|
|
|
|
|
|
|
|
3886
|
|
|
|
|
|
|
int |
3887
|
|
|
|
|
|
|
P_X509_add_extensions(x,ca_cert,...) |
3888
|
|
|
|
|
|
|
X509 *x |
3889
|
|
|
|
|
|
|
X509 *ca_cert |
3890
|
|
|
|
|
|
|
PREINIT: |
3891
|
1
|
|
|
|
|
|
int i=2; |
3892
|
|
|
|
|
|
|
int nid; |
3893
|
|
|
|
|
|
|
char *data; |
3894
|
|
|
|
|
|
|
X509_EXTENSION *ex; |
3895
|
|
|
|
|
|
|
X509V3_CTX ctx; |
3896
|
|
|
|
|
|
|
CODE: |
3897
|
1
|
50
|
|
|
|
|
if (items>1) { |
3898
|
1
|
|
|
|
|
|
RETVAL = 1; |
3899
|
7
|
100
|
|
|
|
|
while(i+1
|
3900
|
6
|
50
|
|
|
|
|
nid = SvIV(ST(i)); |
3901
|
6
|
50
|
|
|
|
|
data = SvPV_nolen(ST(i+1)); |
3902
|
6
|
|
|
|
|
|
i+=2; |
3903
|
6
|
|
|
|
|
|
X509V3_set_ctx(&ctx, ca_cert, x, NULL, NULL, 0); |
3904
|
6
|
|
|
|
|
|
ex = X509V3_EXT_conf_nid(NULL, &ctx, nid, data); |
3905
|
6
|
50
|
|
|
|
|
if (ex) { |
3906
|
6
|
|
|
|
|
|
X509_add_ext(x,ex,-1); |
3907
|
6
|
|
|
|
|
|
X509_EXTENSION_free(ex); |
3908
|
|
|
|
|
|
|
} |
3909
|
|
|
|
|
|
|
else { |
3910
|
0
|
|
|
|
|
|
warn("failure during X509V3_EXT_conf_nid() for nid=%d\n", nid); |
3911
|
0
|
|
|
|
|
|
ERR_print_errors_fp(stderr); |
3912
|
0
|
|
|
|
|
|
RETVAL = 0; |
3913
|
|
|
|
|
|
|
} |
3914
|
|
|
|
|
|
|
} |
3915
|
|
|
|
|
|
|
} |
3916
|
|
|
|
|
|
|
else |
3917
|
0
|
|
|
|
|
|
RETVAL = 0; |
3918
|
|
|
|
|
|
|
OUTPUT: |
3919
|
|
|
|
|
|
|
RETVAL |
3920
|
|
|
|
|
|
|
|
3921
|
|
|
|
|
|
|
int |
3922
|
|
|
|
|
|
|
P_X509_CRL_add_extensions(x,ca_cert,...) |
3923
|
|
|
|
|
|
|
X509_CRL *x |
3924
|
|
|
|
|
|
|
X509 *ca_cert |
3925
|
|
|
|
|
|
|
PREINIT: |
3926
|
1
|
|
|
|
|
|
int i=2; |
3927
|
|
|
|
|
|
|
int nid; |
3928
|
|
|
|
|
|
|
char *data; |
3929
|
|
|
|
|
|
|
X509_EXTENSION *ex; |
3930
|
|
|
|
|
|
|
X509V3_CTX ctx; |
3931
|
|
|
|
|
|
|
CODE: |
3932
|
1
|
50
|
|
|
|
|
if (items>1) { |
3933
|
1
|
|
|
|
|
|
RETVAL = 1; |
3934
|
2
|
100
|
|
|
|
|
while(i+1
|
3935
|
1
|
50
|
|
|
|
|
nid = SvIV(ST(i)); |
3936
|
1
|
50
|
|
|
|
|
data = SvPV_nolen(ST(i+1)); |
3937
|
1
|
|
|
|
|
|
i+=2; |
3938
|
1
|
|
|
|
|
|
X509V3_set_ctx(&ctx, ca_cert, NULL, NULL, x, 0); |
3939
|
1
|
|
|
|
|
|
ex = X509V3_EXT_conf_nid(NULL, &ctx, nid, data); |
3940
|
1
|
50
|
|
|
|
|
if (ex) { |
3941
|
1
|
|
|
|
|
|
X509_CRL_add_ext(x,ex,-1); |
3942
|
1
|
|
|
|
|
|
X509_EXTENSION_free(ex); |
3943
|
|
|
|
|
|
|
} |
3944
|
|
|
|
|
|
|
else { |
3945
|
0
|
|
|
|
|
|
warn("failure during X509V3_EXT_conf_nid() for nid=%d\n", nid); |
3946
|
0
|
|
|
|
|
|
ERR_print_errors_fp(stderr); |
3947
|
0
|
|
|
|
|
|
RETVAL = 0; |
3948
|
|
|
|
|
|
|
} |
3949
|
|
|
|
|
|
|
} |
3950
|
|
|
|
|
|
|
} |
3951
|
|
|
|
|
|
|
else |
3952
|
0
|
|
|
|
|
|
RETVAL = 0; |
3953
|
|
|
|
|
|
|
OUTPUT: |
3954
|
|
|
|
|
|
|
RETVAL |
3955
|
|
|
|
|
|
|
|
3956
|
|
|
|
|
|
|
void |
3957
|
|
|
|
|
|
|
P_X509_copy_extensions(x509_req,x509,override=1) |
3958
|
|
|
|
|
|
|
X509_REQ *x509_req |
3959
|
|
|
|
|
|
|
X509 *x509 |
3960
|
|
|
|
|
|
|
int override |
3961
|
|
|
|
|
|
|
PREINIT: |
3962
|
1
|
|
|
|
|
|
STACK_OF(X509_EXTENSION) *exts = NULL; |
3963
|
|
|
|
|
|
|
X509_EXTENSION *ext, *tmpext; |
3964
|
|
|
|
|
|
|
ASN1_OBJECT *obj; |
3965
|
1
|
|
|
|
|
|
int i, idx, ret = 1; |
3966
|
|
|
|
|
|
|
PPCODE: |
3967
|
1
|
50
|
|
|
|
|
if (!x509 || !x509_req) XSRETURN_IV(0); |
|
|
50
|
|
|
|
|
|
3968
|
1
|
|
|
|
|
|
exts = X509_REQ_get_extensions(x509_req); |
3969
|
7
|
100
|
|
|
|
|
for(i = 0; i < sk_X509_EXTENSION_num(exts); i++) { |
3970
|
6
|
|
|
|
|
|
ext = sk_X509_EXTENSION_value(exts, i); |
3971
|
6
|
|
|
|
|
|
obj = X509_EXTENSION_get_object(ext); |
3972
|
6
|
|
|
|
|
|
idx = X509_get_ext_by_OBJ(x509, obj, -1); |
3973
|
|
|
|
|
|
|
/* Does extension exist? */ |
3974
|
6
|
50
|
|
|
|
|
if (idx != -1) { |
3975
|
0
|
0
|
|
|
|
|
if (override) continue; /* don't override existing extension */ |
3976
|
|
|
|
|
|
|
/* Delete all extensions of same type */ |
3977
|
|
|
|
|
|
|
do { |
3978
|
0
|
|
|
|
|
|
tmpext = X509_get_ext(x509, idx); |
3979
|
0
|
|
|
|
|
|
X509_delete_ext(x509, idx); |
3980
|
0
|
|
|
|
|
|
X509_EXTENSION_free(tmpext); |
3981
|
0
|
|
|
|
|
|
idx = X509_get_ext_by_OBJ(x509, obj, -1); |
3982
|
0
|
0
|
|
|
|
|
} while (idx != -1); |
3983
|
|
|
|
|
|
|
} |
3984
|
6
|
50
|
|
|
|
|
if (!X509_add_ext(x509, ext, -1)) ret = 0; |
3985
|
|
|
|
|
|
|
} |
3986
|
1
|
|
|
|
|
|
sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); |
3987
|
1
|
|
|
|
|
|
XSRETURN_IV(ret); |
3988
|
|
|
|
|
|
|
|
3989
|
|
|
|
|
|
|
X509 * |
3990
|
|
|
|
|
|
|
X509_STORE_CTX_get_current_cert(x509_store_ctx) |
3991
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
3992
|
|
|
|
|
|
|
|
3993
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) /* OpenSSL 1.1.0-pre5, LibreSSL 2.7.0 */ |
3994
|
|
|
|
|
|
|
|
3995
|
|
|
|
|
|
|
X509 * |
3996
|
|
|
|
|
|
|
X509_STORE_CTX_get0_cert(x509_store_ctx) |
3997
|
|
|
|
|
|
|
X509_STORE_CTX *x509_store_ctx |
3998
|
|
|
|
|
|
|
|
3999
|
|
|
|
|
|
|
#endif |
4000
|
|
|
|
|
|
|
|
4001
|
|
|
|
|
|
|
STACK_OF(X509) * |
4002
|
|
|
|
|
|
|
X509_STORE_CTX_get1_chain(x509_store_ctx) |
4003
|
|
|
|
|
|
|
X509_STORE_CTX *x509_store_ctx |
4004
|
|
|
|
|
|
|
|
4005
|
|
|
|
|
|
|
|
4006
|
|
|
|
|
|
|
int |
4007
|
|
|
|
|
|
|
X509_STORE_CTX_get_ex_new_index(argl,argp=NULL,new_func=NULL,dup_func=NULL,free_func=NULL) |
4008
|
|
|
|
|
|
|
long argl |
4009
|
|
|
|
|
|
|
void * argp |
4010
|
|
|
|
|
|
|
CRYPTO_EX_new * new_func |
4011
|
|
|
|
|
|
|
CRYPTO_EX_dup * dup_func |
4012
|
|
|
|
|
|
|
CRYPTO_EX_free * free_func |
4013
|
|
|
|
|
|
|
|
4014
|
|
|
|
|
|
|
void * |
4015
|
|
|
|
|
|
|
X509_STORE_CTX_get_ex_data(x509_store_ctx,idx) |
4016
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
4017
|
|
|
|
|
|
|
int idx |
4018
|
|
|
|
|
|
|
|
4019
|
|
|
|
|
|
|
void * |
4020
|
|
|
|
|
|
|
X509_STORE_CTX_get_app_data(x509_store_ctx) |
4021
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
4022
|
|
|
|
|
|
|
CODE: |
4023
|
0
|
|
|
|
|
|
RETVAL = X509_STORE_CTX_get_ex_data(x509_store_ctx,0); |
4024
|
|
|
|
|
|
|
OUTPUT: |
4025
|
|
|
|
|
|
|
RETVAL |
4026
|
|
|
|
|
|
|
|
4027
|
|
|
|
|
|
|
void |
4028
|
|
|
|
|
|
|
X509_get_fingerprint(cert,type) |
4029
|
|
|
|
|
|
|
X509 * cert |
4030
|
|
|
|
|
|
|
char * type |
4031
|
|
|
|
|
|
|
PREINIT: |
4032
|
9
|
|
|
|
|
|
const EVP_MD *digest_tp = NULL; |
4033
|
|
|
|
|
|
|
unsigned char digest[EVP_MAX_MD_SIZE]; |
4034
|
9
|
|
|
|
|
|
unsigned int dsz, k = 0; |
4035
|
|
|
|
|
|
|
char text[EVP_MAX_MD_SIZE * 3 + 1]; |
4036
|
|
|
|
|
|
|
CODE: |
4037
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_MD5 |
4038
|
9
|
50
|
|
|
|
|
if (!k && !strcmp(type,"md5")) { |
|
|
100
|
|
|
|
|
|
4039
|
4
|
|
|
|
|
|
k = 1; digest_tp = EVP_md5(); |
4040
|
|
|
|
|
|
|
} |
4041
|
|
|
|
|
|
|
#endif |
4042
|
9
|
100
|
|
|
|
|
if (!k && !strcmp(type,"sha1")) { |
|
|
100
|
|
|
|
|
|
4043
|
4
|
|
|
|
|
|
k = 1; digest_tp = EVP_sha1(); |
4044
|
|
|
|
|
|
|
} |
4045
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL |
4046
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_SHA256 |
4047
|
9
|
100
|
|
|
|
|
if (!k && !strcmp(type,"sha256")) { |
|
|
50
|
|
|
|
|
|
4048
|
0
|
|
|
|
|
|
k = 1; digest_tp = EVP_sha256(); |
4049
|
|
|
|
|
|
|
} |
4050
|
|
|
|
|
|
|
#endif |
4051
|
|
|
|
|
|
|
#endif |
4052
|
9
|
100
|
|
|
|
|
if (!k && !strcmp(type,"ripemd160")) { |
|
|
50
|
|
|
|
|
|
4053
|
0
|
|
|
|
|
|
k = 1; digest_tp = EVP_ripemd160(); |
4054
|
|
|
|
|
|
|
} |
4055
|
9
|
100
|
|
|
|
|
if (!k) /* Default digest */ |
4056
|
1
|
|
|
|
|
|
digest_tp = EVP_sha1(); |
4057
|
9
|
50
|
|
|
|
|
if ( digest_tp == NULL ) { |
4058
|
|
|
|
|
|
|
/* Out of memory */ |
4059
|
0
|
|
|
|
|
|
XSRETURN_UNDEF; |
4060
|
|
|
|
|
|
|
} |
4061
|
9
|
50
|
|
|
|
|
if (!X509_digest(cert, digest_tp, digest, &dsz)) { |
4062
|
|
|
|
|
|
|
/* Out of memory */ |
4063
|
0
|
|
|
|
|
|
XSRETURN_UNDEF; |
4064
|
|
|
|
|
|
|
} |
4065
|
9
|
|
|
|
|
|
text[0] = '\0'; |
4066
|
173
|
100
|
|
|
|
|
for(k=0; k
|
4067
|
164
|
|
|
|
|
|
sprintf(&text[strlen(text)], "%02X:", digest[k]); |
4068
|
|
|
|
|
|
|
} |
4069
|
9
|
|
|
|
|
|
text[strlen(text)-1] = '\0'; |
4070
|
9
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
4071
|
9
|
|
|
|
|
|
sv_setpvn( ST(0), text, strlen(text)); |
4072
|
|
|
|
|
|
|
|
4073
|
|
|
|
|
|
|
void |
4074
|
|
|
|
|
|
|
X509_get_subjectAltNames(cert) |
4075
|
|
|
|
|
|
|
X509 * cert |
4076
|
|
|
|
|
|
|
PPCODE: |
4077
|
5
|
|
|
|
|
|
int i, j, count = 0; |
4078
|
5
|
|
|
|
|
|
X509_EXTENSION *subjAltNameExt = NULL; |
4079
|
5
|
|
|
|
|
|
STACK_OF(GENERAL_NAME) *subjAltNameDNs = NULL; |
4080
|
5
|
|
|
|
|
|
GENERAL_NAME *subjAltNameDN = NULL; |
4081
|
|
|
|
|
|
|
int num_gnames; |
4082
|
5
|
100
|
|
|
|
|
if ( (i = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1)) >= 0 |
4083
|
3
|
50
|
|
|
|
|
&& (subjAltNameExt = X509_get_ext(cert, i)) |
4084
|
3
|
50
|
|
|
|
|
&& (subjAltNameDNs = X509V3_EXT_d2i(subjAltNameExt))) |
4085
|
|
|
|
|
|
|
{ |
4086
|
3
|
|
|
|
|
|
num_gnames = sk_GENERAL_NAME_num(subjAltNameDNs); |
4087
|
|
|
|
|
|
|
|
4088
|
19
|
100
|
|
|
|
|
for (j = 0; j < num_gnames; j++) |
4089
|
|
|
|
|
|
|
{ |
4090
|
16
|
|
|
|
|
|
subjAltNameDN = sk_GENERAL_NAME_value(subjAltNameDNs, j); |
4091
|
|
|
|
|
|
|
|
4092
|
16
|
|
|
|
|
|
switch (subjAltNameDN->type) |
4093
|
|
|
|
|
|
|
{ |
4094
|
|
|
|
|
|
|
case GEN_OTHERNAME: |
4095
|
2
|
50
|
|
|
|
|
EXTEND(SP, 2); |
4096
|
2
|
|
|
|
|
|
count++; |
4097
|
2
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(subjAltNameDN->type))); |
4098
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
4099
|
|
|
|
|
|
|
PUSHs(sv_2mortal(newSVpv((const char*)ASN1_STRING_get0_data(subjAltNameDN->d.otherName->value->value.utf8string), ASN1_STRING_length(subjAltNameDN->d.otherName->value->value.utf8string)))); |
4100
|
|
|
|
|
|
|
#else |
4101
|
2
|
|
|
|
|
|
PUSHs(sv_2mortal(newSVpv((const char*)ASN1_STRING_data(subjAltNameDN->d.otherName->value->value.utf8string), ASN1_STRING_length(subjAltNameDN->d.otherName->value->value.utf8string)))); |
4102
|
|
|
|
|
|
|
#endif |
4103
|
2
|
|
|
|
|
|
break; |
4104
|
|
|
|
|
|
|
|
4105
|
|
|
|
|
|
|
case GEN_EMAIL: |
4106
|
|
|
|
|
|
|
case GEN_DNS: |
4107
|
|
|
|
|
|
|
case GEN_URI: |
4108
|
8
|
50
|
|
|
|
|
EXTEND(SP, 2); |
4109
|
8
|
|
|
|
|
|
count++; |
4110
|
8
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(subjAltNameDN->type))); |
4111
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
4112
|
|
|
|
|
|
|
PUSHs(sv_2mortal(newSVpv((const char*)ASN1_STRING_get0_data(subjAltNameDN->d.ia5), ASN1_STRING_length(subjAltNameDN->d.ia5)))); |
4113
|
|
|
|
|
|
|
#else |
4114
|
8
|
|
|
|
|
|
PUSHs(sv_2mortal(newSVpv((const char*)ASN1_STRING_data(subjAltNameDN->d.ia5), ASN1_STRING_length(subjAltNameDN->d.ia5)))); |
4115
|
|
|
|
|
|
|
#endif |
4116
|
8
|
|
|
|
|
|
break; |
4117
|
|
|
|
|
|
|
|
4118
|
|
|
|
|
|
|
case GEN_DIRNAME: |
4119
|
|
|
|
|
|
|
{ |
4120
|
0
|
|
|
|
|
|
char * buf = X509_NAME_oneline(subjAltNameDN->d.dirn, NULL, 0); |
4121
|
0
|
0
|
|
|
|
|
EXTEND(SP, 2); |
4122
|
0
|
|
|
|
|
|
count++; |
4123
|
0
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(subjAltNameDN->type))); |
4124
|
0
|
|
|
|
|
|
PUSHs(sv_2mortal(newSVpv((buf), strlen((buf))))); |
4125
|
|
|
|
|
|
|
} |
4126
|
0
|
|
|
|
|
|
break; |
4127
|
|
|
|
|
|
|
|
4128
|
|
|
|
|
|
|
case GEN_RID: |
4129
|
|
|
|
|
|
|
{ |
4130
|
|
|
|
|
|
|
char buf[2501]; /* Much more than what's suggested on OBJ_obj2txt manual page */ |
4131
|
2
|
|
|
|
|
|
int len = OBJ_obj2txt(buf, sizeof(buf), subjAltNameDN->d.rid, 1); |
4132
|
2
|
50
|
|
|
|
|
if (len < 0 || len > (int)((sizeof(buf) - 1))) |
|
|
50
|
|
|
|
|
|
4133
|
|
|
|
|
|
|
break; /* Skip bad or overly long RID */ |
4134
|
2
|
50
|
|
|
|
|
EXTEND(SP, 2); |
4135
|
2
|
|
|
|
|
|
count++; |
4136
|
2
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(subjAltNameDN->type))); |
4137
|
2
|
|
|
|
|
|
PUSHs(sv_2mortal(newSVpv(buf, 0))); |
4138
|
|
|
|
|
|
|
} |
4139
|
2
|
|
|
|
|
|
break; |
4140
|
|
|
|
|
|
|
|
4141
|
|
|
|
|
|
|
case GEN_IPADD: |
4142
|
4
|
50
|
|
|
|
|
EXTEND(SP, 2); |
4143
|
4
|
|
|
|
|
|
count++; |
4144
|
4
|
|
|
|
|
|
PUSHs(sv_2mortal(newSViv(subjAltNameDN->type))); |
4145
|
4
|
|
|
|
|
|
PUSHs(sv_2mortal(newSVpv((const char*)subjAltNameDN->d.ip->data, subjAltNameDN->d.ip->length))); |
4146
|
4
|
|
|
|
|
|
break; |
4147
|
|
|
|
|
|
|
|
4148
|
|
|
|
|
|
|
} |
4149
|
|
|
|
|
|
|
} |
4150
|
3
|
|
|
|
|
|
sk_GENERAL_NAME_pop_free(subjAltNameDNs, GENERAL_NAME_free); |
4151
|
|
|
|
|
|
|
} |
4152
|
5
|
|
|
|
|
|
XSRETURN(count * 2); |
4153
|
|
|
|
|
|
|
|
4154
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
4155
|
|
|
|
|
|
|
|
4156
|
|
|
|
|
|
|
void |
4157
|
|
|
|
|
|
|
P_X509_get_crl_distribution_points(cert) |
4158
|
|
|
|
|
|
|
X509 * cert |
4159
|
|
|
|
|
|
|
INIT: |
4160
|
|
|
|
|
|
|
GENERAL_NAMES *gnames; |
4161
|
|
|
|
|
|
|
GENERAL_NAME *gn; |
4162
|
|
|
|
|
|
|
STACK_OF(DIST_POINT) *points; |
4163
|
|
|
|
|
|
|
DIST_POINT *p; |
4164
|
|
|
|
|
|
|
int i, j; |
4165
|
|
|
|
|
|
|
PPCODE: |
4166
|
4
|
|
|
|
|
|
points = X509_get_ext_d2i(cert, NID_crl_distribution_points, NULL, NULL); |
4167
|
4
|
100
|
|
|
|
|
if (points) |
4168
|
3
|
100
|
|
|
|
|
for (i = 0; i < sk_DIST_POINT_num(points); i++) { |
4169
|
2
|
|
|
|
|
|
p = sk_DIST_POINT_value(points, i); |
4170
|
2
|
50
|
|
|
|
|
if (!p->distpoint) |
4171
|
0
|
|
|
|
|
|
continue; |
4172
|
2
|
50
|
|
|
|
|
if (p->distpoint->type == 0) { |
4173
|
|
|
|
|
|
|
/* full name */ |
4174
|
2
|
|
|
|
|
|
gnames = p->distpoint->name.fullname; |
4175
|
4
|
100
|
|
|
|
|
for (j = 0; j < sk_GENERAL_NAME_num(gnames); j++) { |
4176
|
2
|
|
|
|
|
|
gn = sk_GENERAL_NAME_value(gnames, j); |
4177
|
|
|
|
|
|
|
|
4178
|
2
|
50
|
|
|
|
|
if (gn->type == GEN_URI) { |
4179
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
4180
|
|
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((char*)ASN1_STRING_get0_data(gn->d.ia5),ASN1_STRING_length(gn->d.ia5)))); |
4181
|
|
|
|
|
|
|
#else |
4182
|
2
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((char*)ASN1_STRING_data(gn->d.ia5),ASN1_STRING_length(gn->d.ia5)))); |
4183
|
|
|
|
|
|
|
#endif |
4184
|
|
|
|
|
|
|
} |
4185
|
|
|
|
|
|
|
} |
4186
|
|
|
|
|
|
|
} |
4187
|
|
|
|
|
|
|
else { |
4188
|
|
|
|
|
|
|
/* relative name - not supported */ |
4189
|
|
|
|
|
|
|
/* XXX-TODO: the code below is just an idea; do not enable it without proper test case |
4190
|
|
|
|
|
|
|
BIO *bp; |
4191
|
|
|
|
|
|
|
char *buf; |
4192
|
|
|
|
|
|
|
int n; |
4193
|
|
|
|
|
|
|
X509_NAME ntmp; |
4194
|
|
|
|
|
|
|
ntmp.entries = p->distpoint->name.relativename; |
4195
|
|
|
|
|
|
|
bp = BIO_new(BIO_s_mem()); |
4196
|
|
|
|
|
|
|
if (bp) { |
4197
|
|
|
|
|
|
|
X509_NAME_print_ex(bp, &ntmp, 0, XN_FLAG_RFC2253); |
4198
|
|
|
|
|
|
|
n = BIO_ctrl_pending(bp); |
4199
|
|
|
|
|
|
|
New(0, buf, n, char); |
4200
|
|
|
|
|
|
|
if (buf) { |
4201
|
|
|
|
|
|
|
j = BIO_read(bp,buf,n); |
4202
|
|
|
|
|
|
|
if (j>=0 && j<=n) XPUSHs(sv_2mortal(newSVpvn(buf,j))); |
4203
|
|
|
|
|
|
|
Safefree(buf); |
4204
|
|
|
|
|
|
|
} |
4205
|
|
|
|
|
|
|
BIO_free(bp); |
4206
|
|
|
|
|
|
|
} |
4207
|
|
|
|
|
|
|
*/ |
4208
|
|
|
|
|
|
|
} |
4209
|
|
|
|
|
|
|
} |
4210
|
|
|
|
|
|
|
|
4211
|
|
|
|
|
|
|
void |
4212
|
|
|
|
|
|
|
P_X509_get_ocsp_uri(cert) |
4213
|
|
|
|
|
|
|
X509 * cert |
4214
|
|
|
|
|
|
|
PPCODE: |
4215
|
|
|
|
|
|
|
AUTHORITY_INFO_ACCESS *info; |
4216
|
|
|
|
|
|
|
int i; |
4217
|
0
|
|
|
|
|
|
info = X509_get_ext_d2i(cert, NID_info_access, NULL, NULL); |
4218
|
0
|
0
|
|
|
|
|
if (!info) XSRETURN_UNDEF; |
4219
|
|
|
|
|
|
|
|
4220
|
0
|
0
|
|
|
|
|
for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) { |
4221
|
0
|
|
|
|
|
|
ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i); |
4222
|
0
|
0
|
|
|
|
|
if (OBJ_obj2nid(ad->method) == NID_ad_OCSP |
4223
|
0
|
0
|
|
|
|
|
&& ad->location->type == GEN_URI) { |
4224
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv( |
4225
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
4226
|
|
|
|
|
|
|
(char*)ASN1_STRING_get0_data(ad->location->d.uniformResourceIdentifier), |
4227
|
|
|
|
|
|
|
#else |
4228
|
|
|
|
|
|
|
(char*)ASN1_STRING_data(ad->location->d.uniformResourceIdentifier), |
4229
|
|
|
|
|
|
|
#endif |
4230
|
|
|
|
|
|
|
ASN1_STRING_length(ad->location->d.uniformResourceIdentifier) |
4231
|
|
|
|
|
|
|
))); |
4232
|
0
|
0
|
|
|
|
|
if (GIMME == G_SCALAR) break; /* get only first */ |
|
|
0
|
|
|
|
|
|
4233
|
|
|
|
|
|
|
} |
4234
|
|
|
|
|
|
|
} |
4235
|
|
|
|
|
|
|
|
4236
|
|
|
|
|
|
|
|
4237
|
|
|
|
|
|
|
void |
4238
|
|
|
|
|
|
|
P_X509_get_ext_key_usage(cert,format=0) |
4239
|
|
|
|
|
|
|
X509 * cert |
4240
|
|
|
|
|
|
|
int format |
4241
|
|
|
|
|
|
|
PREINIT: |
4242
|
|
|
|
|
|
|
EXTENDED_KEY_USAGE *extusage; |
4243
|
|
|
|
|
|
|
int i, nid; |
4244
|
|
|
|
|
|
|
char buffer[100]; /* openssl doc: a buffer length of 80 should be more than enough to handle any OID encountered in practice */ |
4245
|
|
|
|
|
|
|
ASN1_OBJECT *o; |
4246
|
|
|
|
|
|
|
PPCODE: |
4247
|
16
|
|
|
|
|
|
extusage = X509_get_ext_d2i(cert, NID_ext_key_usage, NULL, NULL); |
4248
|
92
|
100
|
|
|
|
|
for(i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) { |
4249
|
76
|
|
|
|
|
|
o = sk_ASN1_OBJECT_value(extusage,i); |
4250
|
76
|
|
|
|
|
|
nid = OBJ_obj2nid(o); |
4251
|
76
|
|
|
|
|
|
OBJ_obj2txt(buffer, sizeof(buffer)-1, o, 1); |
4252
|
76
|
100
|
|
|
|
|
if(format==0) |
4253
|
19
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv(buffer,0))); /* format 0: oid */ |
4254
|
57
|
100
|
|
|
|
|
else if(format==1 && nid>0) |
|
|
100
|
|
|
|
|
|
4255
|
16
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(nid))); /* format 1: nid */ |
4256
|
41
|
100
|
|
|
|
|
else if(format==2 && nid>0) |
|
|
100
|
|
|
|
|
|
4257
|
16
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv(OBJ_nid2sn(nid),0))); /* format 2: shortname */ |
4258
|
25
|
100
|
|
|
|
|
else if(format==3 && nid>0) |
|
|
100
|
|
|
|
|
|
4259
|
16
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv(OBJ_nid2ln(nid),0))); /* format 3: longname */ |
4260
|
|
|
|
|
|
|
} |
4261
|
|
|
|
|
|
|
|
4262
|
|
|
|
|
|
|
#endif |
4263
|
|
|
|
|
|
|
|
4264
|
|
|
|
|
|
|
void |
4265
|
|
|
|
|
|
|
P_X509_get_key_usage(cert) |
4266
|
|
|
|
|
|
|
X509 * cert |
4267
|
|
|
|
|
|
|
INIT: |
4268
|
|
|
|
|
|
|
ASN1_BIT_STRING * u; |
4269
|
|
|
|
|
|
|
PPCODE: |
4270
|
4
|
|
|
|
|
|
u = X509_get_ext_d2i(cert, NID_key_usage, NULL, NULL); |
4271
|
4
|
50
|
|
|
|
|
if (u) { |
4272
|
4
|
50
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,0)) XPUSHs(sv_2mortal(newSVpv("digitalSignature",0))); |
|
|
50
|
|
|
|
|
|
4273
|
4
|
100
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,1)) XPUSHs(sv_2mortal(newSVpv("nonRepudiation",0))); |
|
|
50
|
|
|
|
|
|
4274
|
4
|
50
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,2)) XPUSHs(sv_2mortal(newSVpv("keyEncipherment",0))); |
|
|
50
|
|
|
|
|
|
4275
|
4
|
100
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,3)) XPUSHs(sv_2mortal(newSVpv("dataEncipherment",0))); |
|
|
50
|
|
|
|
|
|
4276
|
4
|
100
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,4)) XPUSHs(sv_2mortal(newSVpv("keyAgreement",0))); |
|
|
50
|
|
|
|
|
|
4277
|
4
|
100
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,5)) XPUSHs(sv_2mortal(newSVpv("keyCertSign",0))); |
|
|
50
|
|
|
|
|
|
4278
|
4
|
100
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,6)) XPUSHs(sv_2mortal(newSVpv("cRLSign",0))); |
|
|
50
|
|
|
|
|
|
4279
|
4
|
50
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,7)) XPUSHs(sv_2mortal(newSVpv("encipherOnly",0))); |
|
|
0
|
|
|
|
|
|
4280
|
4
|
100
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,8)) XPUSHs(sv_2mortal(newSVpv("decipherOnly",0))); |
|
|
50
|
|
|
|
|
|
4281
|
|
|
|
|
|
|
} |
4282
|
|
|
|
|
|
|
|
4283
|
|
|
|
|
|
|
void |
4284
|
|
|
|
|
|
|
P_X509_get_netscape_cert_type(cert) |
4285
|
|
|
|
|
|
|
X509 * cert |
4286
|
|
|
|
|
|
|
INIT: |
4287
|
|
|
|
|
|
|
ASN1_BIT_STRING * u; |
4288
|
|
|
|
|
|
|
PPCODE: |
4289
|
4
|
|
|
|
|
|
u = X509_get_ext_d2i(cert, NID_netscape_cert_type, NULL, NULL); |
4290
|
4
|
50
|
|
|
|
|
if (u) { |
4291
|
0
|
0
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,0)) XPUSHs(sv_2mortal(newSVpv("client",0))); |
|
|
0
|
|
|
|
|
|
4292
|
0
|
0
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,1)) XPUSHs(sv_2mortal(newSVpv("server",0))); |
|
|
0
|
|
|
|
|
|
4293
|
0
|
0
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,2)) XPUSHs(sv_2mortal(newSVpv("email",0))); |
|
|
0
|
|
|
|
|
|
4294
|
0
|
0
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,3)) XPUSHs(sv_2mortal(newSVpv("objsign",0))); |
|
|
0
|
|
|
|
|
|
4295
|
0
|
0
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,4)) XPUSHs(sv_2mortal(newSVpv("reserved",0))); |
|
|
0
|
|
|
|
|
|
4296
|
0
|
0
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,5)) XPUSHs(sv_2mortal(newSVpv("sslCA",0))); |
|
|
0
|
|
|
|
|
|
4297
|
0
|
0
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,6)) XPUSHs(sv_2mortal(newSVpv("emailCA",0))); |
|
|
0
|
|
|
|
|
|
4298
|
0
|
0
|
|
|
|
|
if (ASN1_BIT_STRING_get_bit(u,7)) XPUSHs(sv_2mortal(newSVpv("objCA",0))); |
|
|
0
|
|
|
|
|
|
4299
|
|
|
|
|
|
|
} |
4300
|
|
|
|
|
|
|
|
4301
|
|
|
|
|
|
|
int |
4302
|
|
|
|
|
|
|
X509_get_ext_by_NID(x,nid,loc=-1) |
4303
|
|
|
|
|
|
|
X509* x |
4304
|
|
|
|
|
|
|
int nid |
4305
|
|
|
|
|
|
|
int loc |
4306
|
|
|
|
|
|
|
|
4307
|
|
|
|
|
|
|
X509_EXTENSION * |
4308
|
|
|
|
|
|
|
X509_get_ext(x,loc) |
4309
|
|
|
|
|
|
|
X509* x |
4310
|
|
|
|
|
|
|
int loc |
4311
|
|
|
|
|
|
|
|
4312
|
|
|
|
|
|
|
int |
4313
|
|
|
|
|
|
|
X509_EXTENSION_get_critical(X509_EXTENSION *ex) |
4314
|
|
|
|
|
|
|
|
4315
|
|
|
|
|
|
|
ASN1_OCTET_STRING * |
4316
|
|
|
|
|
|
|
X509_EXTENSION_get_data(X509_EXTENSION *ne) |
4317
|
|
|
|
|
|
|
|
4318
|
|
|
|
|
|
|
ASN1_OBJECT * |
4319
|
|
|
|
|
|
|
X509_EXTENSION_get_object(X509_EXTENSION *ex) |
4320
|
|
|
|
|
|
|
|
4321
|
|
|
|
|
|
|
int |
4322
|
|
|
|
|
|
|
X509_get_ext_count(X509 *x) |
4323
|
|
|
|
|
|
|
|
4324
|
|
|
|
|
|
|
int |
4325
|
|
|
|
|
|
|
X509_CRL_get_ext_count(X509_CRL *x) |
4326
|
|
|
|
|
|
|
|
4327
|
|
|
|
|
|
|
int |
4328
|
|
|
|
|
|
|
X509_CRL_get_ext_by_NID(x,ni,loc=-1) |
4329
|
|
|
|
|
|
|
X509_CRL* x |
4330
|
|
|
|
|
|
|
int ni |
4331
|
|
|
|
|
|
|
int loc |
4332
|
|
|
|
|
|
|
|
4333
|
|
|
|
|
|
|
X509_EXTENSION * |
4334
|
|
|
|
|
|
|
X509_CRL_get_ext(x,loc) |
4335
|
|
|
|
|
|
|
X509_CRL* x |
4336
|
|
|
|
|
|
|
int loc |
4337
|
|
|
|
|
|
|
|
4338
|
|
|
|
|
|
|
void |
4339
|
|
|
|
|
|
|
X509V3_EXT_print(ext,flags=0,utf8_decode=0) |
4340
|
|
|
|
|
|
|
X509_EXTENSION * ext |
4341
|
|
|
|
|
|
|
unsigned long flags |
4342
|
|
|
|
|
|
|
int utf8_decode |
4343
|
|
|
|
|
|
|
PREINIT: |
4344
|
|
|
|
|
|
|
BIO * bp; |
4345
|
|
|
|
|
|
|
char * buf; |
4346
|
|
|
|
|
|
|
int i, n; |
4347
|
21
|
|
|
|
|
|
int indent=0; |
4348
|
|
|
|
|
|
|
CODE: |
4349
|
21
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* undef to start with */ |
4350
|
21
|
|
|
|
|
|
bp = BIO_new(BIO_s_mem()); |
4351
|
21
|
50
|
|
|
|
|
if (bp) { |
4352
|
21
|
50
|
|
|
|
|
if(X509V3_EXT_print(bp,ext,flags,indent)) { |
4353
|
21
|
|
|
|
|
|
n = BIO_ctrl_pending(bp); |
4354
|
21
|
|
|
|
|
|
New(0, buf, n, char); |
4355
|
21
|
50
|
|
|
|
|
if (buf) { |
4356
|
21
|
|
|
|
|
|
i = BIO_read(bp,buf,n); |
4357
|
21
|
50
|
|
|
|
|
if (i>=0 && i<=n) { |
|
|
50
|
|
|
|
|
|
4358
|
21
|
|
|
|
|
|
sv_setpvn(ST(0), buf, i); |
4359
|
21
|
50
|
|
|
|
|
if (utf8_decode) sv_utf8_decode(ST(0)); |
4360
|
|
|
|
|
|
|
} |
4361
|
21
|
|
|
|
|
|
Safefree(buf); |
4362
|
|
|
|
|
|
|
} |
4363
|
|
|
|
|
|
|
} |
4364
|
21
|
|
|
|
|
|
BIO_free(bp); |
4365
|
|
|
|
|
|
|
} |
4366
|
|
|
|
|
|
|
|
4367
|
|
|
|
|
|
|
void * |
4368
|
|
|
|
|
|
|
X509V3_EXT_d2i(ext) |
4369
|
|
|
|
|
|
|
X509_EXTENSION *ext |
4370
|
|
|
|
|
|
|
|
4371
|
|
|
|
|
|
|
X509_STORE_CTX * |
4372
|
|
|
|
|
|
|
X509_STORE_CTX_new() |
4373
|
|
|
|
|
|
|
|
4374
|
|
|
|
|
|
|
int |
4375
|
|
|
|
|
|
|
X509_STORE_CTX_init(ctx, store=NULL, x509=NULL, chain=NULL) |
4376
|
|
|
|
|
|
|
X509_STORE_CTX * ctx |
4377
|
|
|
|
|
|
|
X509_STORE * store |
4378
|
|
|
|
|
|
|
X509 * x509 |
4379
|
|
|
|
|
|
|
STACK_OF(X509) * chain |
4380
|
|
|
|
|
|
|
|
4381
|
|
|
|
|
|
|
void |
4382
|
|
|
|
|
|
|
X509_STORE_CTX_free(ctx) |
4383
|
|
|
|
|
|
|
X509_STORE_CTX * ctx |
4384
|
|
|
|
|
|
|
|
4385
|
|
|
|
|
|
|
int |
4386
|
|
|
|
|
|
|
X509_verify_cert(x509_store_ctx) |
4387
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
4388
|
|
|
|
|
|
|
|
4389
|
|
|
|
|
|
|
int |
4390
|
|
|
|
|
|
|
X509_STORE_CTX_get_error(x509_store_ctx) |
4391
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
4392
|
|
|
|
|
|
|
|
4393
|
|
|
|
|
|
|
int |
4394
|
|
|
|
|
|
|
X509_STORE_CTX_get_error_depth(x509_store_ctx) |
4395
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
4396
|
|
|
|
|
|
|
|
4397
|
|
|
|
|
|
|
int |
4398
|
|
|
|
|
|
|
X509_STORE_CTX_set_ex_data(x509_store_ctx,idx,data) |
4399
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
4400
|
|
|
|
|
|
|
int idx |
4401
|
|
|
|
|
|
|
void * data |
4402
|
|
|
|
|
|
|
|
4403
|
|
|
|
|
|
|
int |
4404
|
|
|
|
|
|
|
X509_STORE_CTX_set_app_data(x509_store_ctx,arg) |
4405
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
4406
|
|
|
|
|
|
|
char * arg |
4407
|
|
|
|
|
|
|
CODE: |
4408
|
0
|
|
|
|
|
|
RETVAL = X509_STORE_CTX_set_ex_data(x509_store_ctx,0,arg); |
4409
|
|
|
|
|
|
|
OUTPUT: |
4410
|
|
|
|
|
|
|
RETVAL |
4411
|
|
|
|
|
|
|
|
4412
|
|
|
|
|
|
|
void |
4413
|
|
|
|
|
|
|
X509_STORE_CTX_set_error(x509_store_ctx,s) |
4414
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
4415
|
|
|
|
|
|
|
int s |
4416
|
|
|
|
|
|
|
|
4417
|
|
|
|
|
|
|
void |
4418
|
|
|
|
|
|
|
X509_STORE_CTX_set_cert(x509_store_ctx,x) |
4419
|
|
|
|
|
|
|
X509_STORE_CTX * x509_store_ctx |
4420
|
|
|
|
|
|
|
X509 * x |
4421
|
|
|
|
|
|
|
|
4422
|
|
|
|
|
|
|
X509_STORE * |
4423
|
|
|
|
|
|
|
X509_STORE_new() |
4424
|
|
|
|
|
|
|
|
4425
|
|
|
|
|
|
|
void |
4426
|
|
|
|
|
|
|
X509_STORE_free(store) |
4427
|
|
|
|
|
|
|
X509_STORE * store |
4428
|
|
|
|
|
|
|
|
4429
|
|
|
|
|
|
|
X509_LOOKUP * |
4430
|
|
|
|
|
|
|
X509_STORE_add_lookup(store, method) |
4431
|
|
|
|
|
|
|
X509_STORE * store |
4432
|
|
|
|
|
|
|
X509_LOOKUP_METHOD * method |
4433
|
|
|
|
|
|
|
|
4434
|
|
|
|
|
|
|
int |
4435
|
|
|
|
|
|
|
X509_STORE_add_cert(ctx, x) |
4436
|
|
|
|
|
|
|
X509_STORE *ctx |
4437
|
|
|
|
|
|
|
X509 *x |
4438
|
|
|
|
|
|
|
|
4439
|
|
|
|
|
|
|
int |
4440
|
|
|
|
|
|
|
X509_STORE_add_crl(ctx, x) |
4441
|
|
|
|
|
|
|
X509_STORE *ctx |
4442
|
|
|
|
|
|
|
X509_CRL *x |
4443
|
|
|
|
|
|
|
|
4444
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL |
4445
|
|
|
|
|
|
|
|
4446
|
|
|
|
|
|
|
void |
4447
|
|
|
|
|
|
|
X509_STORE_set_flags(ctx, flags) |
4448
|
|
|
|
|
|
|
X509_STORE *ctx |
4449
|
|
|
|
|
|
|
long flags |
4450
|
|
|
|
|
|
|
|
4451
|
|
|
|
|
|
|
void |
4452
|
|
|
|
|
|
|
X509_STORE_set_purpose(ctx, purpose) |
4453
|
|
|
|
|
|
|
X509_STORE *ctx |
4454
|
|
|
|
|
|
|
int purpose |
4455
|
|
|
|
|
|
|
|
4456
|
|
|
|
|
|
|
void |
4457
|
|
|
|
|
|
|
X509_STORE_set_trust(ctx, trust) |
4458
|
|
|
|
|
|
|
X509_STORE *ctx |
4459
|
|
|
|
|
|
|
int trust |
4460
|
|
|
|
|
|
|
|
4461
|
|
|
|
|
|
|
int |
4462
|
|
|
|
|
|
|
X509_STORE_set1_param(ctx, pm) |
4463
|
|
|
|
|
|
|
X509_STORE *ctx |
4464
|
|
|
|
|
|
|
X509_VERIFY_PARAM *pm |
4465
|
|
|
|
|
|
|
|
4466
|
|
|
|
|
|
|
#endif |
4467
|
|
|
|
|
|
|
|
4468
|
|
|
|
|
|
|
X509_LOOKUP_METHOD * |
4469
|
|
|
|
|
|
|
X509_LOOKUP_hash_dir() |
4470
|
|
|
|
|
|
|
|
4471
|
|
|
|
|
|
|
void |
4472
|
|
|
|
|
|
|
X509_LOOKUP_add_dir(lookup, dir, type) |
4473
|
|
|
|
|
|
|
X509_LOOKUP * lookup |
4474
|
|
|
|
|
|
|
char * dir |
4475
|
|
|
|
|
|
|
int type |
4476
|
|
|
|
|
|
|
|
4477
|
|
|
|
|
|
|
int |
4478
|
|
|
|
|
|
|
X509_load_cert_file(ctx, file, type) |
4479
|
|
|
|
|
|
|
X509_LOOKUP *ctx |
4480
|
|
|
|
|
|
|
char *file |
4481
|
|
|
|
|
|
|
int type |
4482
|
|
|
|
|
|
|
|
4483
|
|
|
|
|
|
|
int |
4484
|
|
|
|
|
|
|
X509_load_crl_file(ctx, file, type) |
4485
|
|
|
|
|
|
|
X509_LOOKUP *ctx |
4486
|
|
|
|
|
|
|
char *file |
4487
|
|
|
|
|
|
|
int type |
4488
|
|
|
|
|
|
|
|
4489
|
|
|
|
|
|
|
int |
4490
|
|
|
|
|
|
|
X509_load_cert_crl_file(ctx, file, type) |
4491
|
|
|
|
|
|
|
X509_LOOKUP *ctx |
4492
|
|
|
|
|
|
|
char *file |
4493
|
|
|
|
|
|
|
int type |
4494
|
|
|
|
|
|
|
|
4495
|
|
|
|
|
|
|
const char * |
4496
|
|
|
|
|
|
|
X509_verify_cert_error_string(n) |
4497
|
|
|
|
|
|
|
long n |
4498
|
|
|
|
|
|
|
|
4499
|
|
|
|
|
|
|
ASN1_INTEGER * |
4500
|
|
|
|
|
|
|
ASN1_INTEGER_new() |
4501
|
|
|
|
|
|
|
|
4502
|
|
|
|
|
|
|
void |
4503
|
|
|
|
|
|
|
ASN1_INTEGER_free(ASN1_INTEGER *i) |
4504
|
|
|
|
|
|
|
|
4505
|
|
|
|
|
|
|
int |
4506
|
|
|
|
|
|
|
ASN1_INTEGER_set(ASN1_INTEGER *i, long val) |
4507
|
|
|
|
|
|
|
|
4508
|
|
|
|
|
|
|
long |
4509
|
|
|
|
|
|
|
ASN1_INTEGER_get(ASN1_INTEGER *a) |
4510
|
|
|
|
|
|
|
|
4511
|
|
|
|
|
|
|
void |
4512
|
|
|
|
|
|
|
P_ASN1_INTEGER_set_hex(i,str) |
4513
|
|
|
|
|
|
|
ASN1_INTEGER * i |
4514
|
|
|
|
|
|
|
char * str |
4515
|
|
|
|
|
|
|
INIT: |
4516
|
|
|
|
|
|
|
BIGNUM *bn; |
4517
|
3
|
|
|
|
|
|
int rv = 1; |
4518
|
|
|
|
|
|
|
PPCODE: |
4519
|
3
|
|
|
|
|
|
bn = BN_new(); |
4520
|
3
|
50
|
|
|
|
|
if (!BN_hex2bn(&bn, str)) XSRETURN_IV(0); |
4521
|
3
|
50
|
|
|
|
|
if (!BN_to_ASN1_INTEGER(bn, i)) rv = 0; |
4522
|
3
|
|
|
|
|
|
BN_free(bn); |
4523
|
3
|
|
|
|
|
|
XSRETURN_IV(rv); |
4524
|
|
|
|
|
|
|
|
4525
|
|
|
|
|
|
|
void |
4526
|
|
|
|
|
|
|
P_ASN1_INTEGER_set_dec(i,str) |
4527
|
|
|
|
|
|
|
ASN1_INTEGER * i |
4528
|
|
|
|
|
|
|
char * str |
4529
|
|
|
|
|
|
|
INIT: |
4530
|
|
|
|
|
|
|
BIGNUM *bn; |
4531
|
1
|
|
|
|
|
|
int rv = 1; |
4532
|
|
|
|
|
|
|
PPCODE: |
4533
|
1
|
|
|
|
|
|
bn = BN_new(); |
4534
|
1
|
50
|
|
|
|
|
if (!BN_dec2bn(&bn, str)) XSRETURN_IV(0); |
4535
|
1
|
50
|
|
|
|
|
if (!BN_to_ASN1_INTEGER(bn, i)) rv = 0; |
4536
|
1
|
|
|
|
|
|
BN_free(bn); |
4537
|
1
|
|
|
|
|
|
XSRETURN_IV(rv); |
4538
|
|
|
|
|
|
|
|
4539
|
|
|
|
|
|
|
void |
4540
|
|
|
|
|
|
|
P_ASN1_INTEGER_get_hex(i) |
4541
|
|
|
|
|
|
|
ASN1_INTEGER * i |
4542
|
|
|
|
|
|
|
INIT: |
4543
|
|
|
|
|
|
|
BIGNUM *bn; |
4544
|
|
|
|
|
|
|
char *result; |
4545
|
|
|
|
|
|
|
PPCODE: |
4546
|
6
|
|
|
|
|
|
bn = BN_new(); |
4547
|
6
|
50
|
|
|
|
|
if (!bn) XSRETURN_UNDEF; |
4548
|
6
|
|
|
|
|
|
ASN1_INTEGER_to_BN(i, bn); |
4549
|
6
|
|
|
|
|
|
result = BN_bn2hex(bn); |
4550
|
6
|
|
|
|
|
|
BN_free(bn); |
4551
|
6
|
50
|
|
|
|
|
if (!result) XSRETURN_UNDEF; |
4552
|
6
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((const char*)result, strlen(result)))); |
4553
|
6
|
|
|
|
|
|
OPENSSL_free(result); |
4554
|
|
|
|
|
|
|
|
4555
|
|
|
|
|
|
|
void |
4556
|
|
|
|
|
|
|
P_ASN1_INTEGER_get_dec(i) |
4557
|
|
|
|
|
|
|
ASN1_INTEGER * i |
4558
|
|
|
|
|
|
|
INIT: |
4559
|
|
|
|
|
|
|
BIGNUM *bn; |
4560
|
|
|
|
|
|
|
char *result; |
4561
|
|
|
|
|
|
|
PPCODE: |
4562
|
5
|
|
|
|
|
|
bn = BN_new(); |
4563
|
5
|
50
|
|
|
|
|
if (!bn) XSRETURN_UNDEF; |
4564
|
5
|
|
|
|
|
|
ASN1_INTEGER_to_BN(i, bn); |
4565
|
5
|
|
|
|
|
|
result = BN_bn2dec(bn); |
4566
|
5
|
|
|
|
|
|
BN_free(bn); |
4567
|
5
|
50
|
|
|
|
|
if (!result) XSRETURN_UNDEF; |
4568
|
5
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((const char*)result, strlen(result)))); |
4569
|
5
|
|
|
|
|
|
OPENSSL_free(result); |
4570
|
|
|
|
|
|
|
|
4571
|
|
|
|
|
|
|
void |
4572
|
|
|
|
|
|
|
P_ASN1_STRING_get(s,utf8_decode=0) |
4573
|
|
|
|
|
|
|
ASN1_STRING * s |
4574
|
|
|
|
|
|
|
int utf8_decode |
4575
|
|
|
|
|
|
|
PREINIT: |
4576
|
|
|
|
|
|
|
SV * u8; |
4577
|
|
|
|
|
|
|
PPCODE: |
4578
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
4579
|
|
|
|
|
|
|
u8 = newSVpv((const char*)ASN1_STRING_get0_data(s), ASN1_STRING_length(s)); |
4580
|
|
|
|
|
|
|
#else |
4581
|
87
|
|
|
|
|
|
u8 = newSVpv((const char*)ASN1_STRING_data(s), ASN1_STRING_length(s)); |
4582
|
|
|
|
|
|
|
#endif |
4583
|
87
|
100
|
|
|
|
|
if (utf8_decode) sv_utf8_decode(u8); |
4584
|
87
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(u8)); |
4585
|
|
|
|
|
|
|
|
4586
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
4587
|
|
|
|
|
|
|
|
4588
|
|
|
|
|
|
|
const ASN1_TIME * |
4589
|
|
|
|
|
|
|
X509_get0_notBefore(const X509 *cert) |
4590
|
|
|
|
|
|
|
|
4591
|
|
|
|
|
|
|
const ASN1_TIME * |
4592
|
|
|
|
|
|
|
X509_get0_notAfter(const X509 *cert) |
4593
|
|
|
|
|
|
|
|
4594
|
|
|
|
|
|
|
ASN1_TIME * |
4595
|
|
|
|
|
|
|
X509_getm_notBefore(const X509 *cert) |
4596
|
|
|
|
|
|
|
ALIAS: |
4597
|
|
|
|
|
|
|
X509_get_notBefore = 1 |
4598
|
|
|
|
|
|
|
|
4599
|
|
|
|
|
|
|
ASN1_TIME * |
4600
|
|
|
|
|
|
|
X509_getm_notAfter(const X509 *cert) |
4601
|
|
|
|
|
|
|
ALIAS: |
4602
|
|
|
|
|
|
|
X509_get_notAfter = 1 |
4603
|
|
|
|
|
|
|
|
4604
|
|
|
|
|
|
|
#else /* plain get_ is deprecated */ |
4605
|
|
|
|
|
|
|
|
4606
|
|
|
|
|
|
|
ASN1_TIME * |
4607
|
|
|
|
|
|
|
X509_get_notBefore(X509 *cert) |
4608
|
|
|
|
|
|
|
ALIAS: |
4609
|
|
|
|
|
|
|
X509_get0_notBefore = 1 |
4610
|
|
|
|
|
|
|
X509_getm_notBefore = 2 |
4611
|
|
|
|
|
|
|
|
4612
|
|
|
|
|
|
|
ASN1_TIME * |
4613
|
|
|
|
|
|
|
X509_get_notAfter(X509 *cert) |
4614
|
|
|
|
|
|
|
ALIAS: |
4615
|
|
|
|
|
|
|
X509_get0_notAfter = 1 |
4616
|
|
|
|
|
|
|
X509_getm_notAfter = 2 |
4617
|
|
|
|
|
|
|
|
4618
|
|
|
|
|
|
|
#endif |
4619
|
|
|
|
|
|
|
|
4620
|
|
|
|
|
|
|
ASN1_TIME * |
4621
|
|
|
|
|
|
|
X509_gmtime_adj(s, adj) |
4622
|
|
|
|
|
|
|
ASN1_TIME * s |
4623
|
|
|
|
|
|
|
long adj |
4624
|
|
|
|
|
|
|
|
4625
|
|
|
|
|
|
|
ASN1_TIME * |
4626
|
|
|
|
|
|
|
ASN1_TIME_set(s,t) |
4627
|
|
|
|
|
|
|
ASN1_TIME *s |
4628
|
|
|
|
|
|
|
time_t t |
4629
|
|
|
|
|
|
|
|
4630
|
|
|
|
|
|
|
void |
4631
|
|
|
|
|
|
|
ASN1_TIME_free(s) |
4632
|
|
|
|
|
|
|
ASN1_TIME *s |
4633
|
|
|
|
|
|
|
|
4634
|
|
|
|
|
|
|
time_t |
4635
|
|
|
|
|
|
|
ASN1_TIME_timet(s) |
4636
|
|
|
|
|
|
|
ASN1_TIME *s |
4637
|
|
|
|
|
|
|
CODE: |
4638
|
0
|
|
|
|
|
|
RETVAL = ASN1_TIME_timet(s,NULL); |
4639
|
|
|
|
|
|
|
OUTPUT: |
4640
|
|
|
|
|
|
|
RETVAL |
4641
|
|
|
|
|
|
|
|
4642
|
|
|
|
|
|
|
ASN1_TIME * |
4643
|
|
|
|
|
|
|
ASN1_TIME_new() |
4644
|
|
|
|
|
|
|
|
4645
|
|
|
|
|
|
|
void |
4646
|
|
|
|
|
|
|
P_ASN1_TIME_put2string(tm) |
4647
|
|
|
|
|
|
|
ASN1_TIME * tm |
4648
|
|
|
|
|
|
|
PREINIT: |
4649
|
4
|
|
|
|
|
|
BIO *bp=NULL; |
4650
|
4
|
|
|
|
|
|
int i=0; |
4651
|
|
|
|
|
|
|
char buffer[256]; |
4652
|
|
|
|
|
|
|
ALIAS: |
4653
|
|
|
|
|
|
|
P_ASN1_UTCTIME_put2string = 1 |
4654
|
|
|
|
|
|
|
CODE: |
4655
|
4
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* undef retval to start with */ |
4656
|
4
|
50
|
|
|
|
|
if (tm) { |
4657
|
4
|
|
|
|
|
|
bp = BIO_new(BIO_s_mem()); |
4658
|
4
|
50
|
|
|
|
|
if (bp) { |
4659
|
4
|
|
|
|
|
|
ASN1_TIME_print(bp,tm); |
4660
|
4
|
|
|
|
|
|
i = BIO_read(bp,buffer,255); |
4661
|
4
|
|
|
|
|
|
buffer[i] = '\0'; |
4662
|
4
|
50
|
|
|
|
|
if (i>0) |
4663
|
4
|
|
|
|
|
|
sv_setpvn(ST(0), buffer, i); |
4664
|
4
|
|
|
|
|
|
BIO_free(bp); |
4665
|
|
|
|
|
|
|
} |
4666
|
|
|
|
|
|
|
} |
4667
|
|
|
|
|
|
|
|
4668
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090705f |
4669
|
|
|
|
|
|
|
#define REM15 "NOTE: requires 0.9.7e+" |
4670
|
|
|
|
|
|
|
|
4671
|
|
|
|
|
|
|
void |
4672
|
|
|
|
|
|
|
P_ASN1_TIME_get_isotime(tm) |
4673
|
|
|
|
|
|
|
ASN1_TIME *tm |
4674
|
|
|
|
|
|
|
PREINIT: |
4675
|
34
|
|
|
|
|
|
ASN1_GENERALIZEDTIME *tmp = NULL; |
4676
|
|
|
|
|
|
|
char buf[256]; |
4677
|
|
|
|
|
|
|
CODE: |
4678
|
34
|
|
|
|
|
|
buf[0] = '\0'; |
4679
|
|
|
|
|
|
|
/* ASN1_TIME_to_generalizedtime is buggy on pre-0.9.7e */ |
4680
|
34
|
|
|
|
|
|
ASN1_TIME_to_generalizedtime(tm,&tmp); |
4681
|
34
|
50
|
|
|
|
|
if (tmp) { |
4682
|
34
|
50
|
|
|
|
|
if (ASN1_GENERALIZEDTIME_check(tmp)) { |
4683
|
34
|
50
|
|
|
|
|
if (strlen((char*)tmp->data)>=14 && strlen((char*)tmp->data)<200) { |
|
|
50
|
|
|
|
|
|
4684
|
34
|
|
|
|
|
|
strcpy (buf,"yyyy-mm-ddThh:mm:ss"); |
4685
|
34
|
|
|
|
|
|
strncpy(buf, (char*)tmp->data, 4); |
4686
|
34
|
|
|
|
|
|
strncpy(buf+5, (char*)tmp->data+4, 2); |
4687
|
34
|
|
|
|
|
|
strncpy(buf+8, (char*)tmp->data+6, 2); |
4688
|
34
|
|
|
|
|
|
strncpy(buf+11,(char*)tmp->data+8, 2); |
4689
|
34
|
|
|
|
|
|
strncpy(buf+14,(char*)tmp->data+10,2); |
4690
|
34
|
|
|
|
|
|
strncpy(buf+17,(char*)tmp->data+12,2); |
4691
|
34
|
50
|
|
|
|
|
if (strlen((char*)tmp->data)>14) strcat(buf+19,(char*)tmp->data+14); |
4692
|
|
|
|
|
|
|
} |
4693
|
|
|
|
|
|
|
} |
4694
|
34
|
|
|
|
|
|
ASN1_GENERALIZEDTIME_free(tmp); |
4695
|
|
|
|
|
|
|
} |
4696
|
34
|
|
|
|
|
|
ST(0) = sv_newmortal(); |
4697
|
34
|
|
|
|
|
|
sv_setpv(ST(0), buf); |
4698
|
|
|
|
|
|
|
|
4699
|
|
|
|
|
|
|
void |
4700
|
|
|
|
|
|
|
P_ASN1_TIME_set_isotime(tm,str) |
4701
|
|
|
|
|
|
|
ASN1_TIME *tm |
4702
|
|
|
|
|
|
|
const char *str |
4703
|
|
|
|
|
|
|
PREINIT: |
4704
|
|
|
|
|
|
|
ASN1_TIME t; |
4705
|
|
|
|
|
|
|
char buf[256]; |
4706
|
|
|
|
|
|
|
int i,rv; |
4707
|
|
|
|
|
|
|
CODE: |
4708
|
13
|
50
|
|
|
|
|
if (!tm) XSRETURN_UNDEF; |
4709
|
|
|
|
|
|
|
/* we support only "2012-03-22T23:55:33" or "2012-03-22T23:55:33Z" or "2012-03-22T23:55:33" */ |
4710
|
13
|
50
|
|
|
|
|
if (strlen(str) < 19) XSRETURN_UNDEF; |
4711
|
65
|
50
|
|
|
|
|
for (i=0; i<4; i++) if ((str[i] > '9') || (str[i] < '0')) XSRETURN_UNDEF; |
|
|
50
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
4712
|
39
|
50
|
|
|
|
|
for (i=5; i<7; i++) if ((str[i] > '9') || (str[i] < '0')) XSRETURN_UNDEF; |
|
|
50
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
4713
|
39
|
50
|
|
|
|
|
for (i=8; i<10; i++) if ((str[i] > '9') || (str[i] < '0')) XSRETURN_UNDEF; |
|
|
50
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
4714
|
39
|
50
|
|
|
|
|
for (i=11; i<13; i++) if ((str[i] > '9') || (str[i] < '0')) XSRETURN_UNDEF; |
|
|
50
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
4715
|
39
|
50
|
|
|
|
|
for (i=14; i<16; i++) if ((str[i] > '9') || (str[i] < '0')) XSRETURN_UNDEF; |
|
|
50
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
4716
|
39
|
50
|
|
|
|
|
for (i=17; i<19; i++) if ((str[i] > '9') || (str[i] < '0')) XSRETURN_UNDEF; |
|
|
50
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
4717
|
13
|
|
|
|
|
|
strncpy(buf, str, 4); |
4718
|
13
|
|
|
|
|
|
strncpy(buf+4, str+5, 2); |
4719
|
13
|
|
|
|
|
|
strncpy(buf+6, str+8, 2); |
4720
|
13
|
|
|
|
|
|
strncpy(buf+8, str+11, 2); |
4721
|
13
|
|
|
|
|
|
strncpy(buf+10, str+14, 2); |
4722
|
13
|
|
|
|
|
|
strncpy(buf+12, str+17, 2); |
4723
|
13
|
|
|
|
|
|
buf[14] = '\0'; |
4724
|
13
|
50
|
|
|
|
|
if (strlen(str)>19 && strlen(str)<200) strcat(buf,str+19); |
|
|
50
|
|
|
|
|
|
4725
|
|
|
|
|
|
|
|
4726
|
|
|
|
|
|
|
/* WORKAROUND: ASN1_TIME_set_string() not available in 0.9.8 !!!*/ |
4727
|
|
|
|
|
|
|
/* in 1.0.0 we would simply: rv = ASN1_TIME_set_string(tm,buf); */ |
4728
|
13
|
|
|
|
|
|
t.length = strlen(buf); |
4729
|
13
|
|
|
|
|
|
t.data = (unsigned char *)buf; |
4730
|
13
|
|
|
|
|
|
t.flags = 0; |
4731
|
13
|
|
|
|
|
|
t.type = V_ASN1_UTCTIME; |
4732
|
13
|
50
|
|
|
|
|
if (!ASN1_TIME_check(&t)) { |
4733
|
13
|
|
|
|
|
|
t.type = V_ASN1_GENERALIZEDTIME; |
4734
|
13
|
50
|
|
|
|
|
if (!ASN1_TIME_check(&t)) XSRETURN_UNDEF; |
4735
|
|
|
|
|
|
|
} |
4736
|
13
|
|
|
|
|
|
tm->type = t.type; |
4737
|
13
|
|
|
|
|
|
tm->flags = t.flags; |
4738
|
13
|
50
|
|
|
|
|
if (!ASN1_STRING_set(tm,t.data,t.length)) XSRETURN_UNDEF; |
4739
|
13
|
|
|
|
|
|
rv = 1; |
4740
|
|
|
|
|
|
|
|
4741
|
|
|
|
|
|
|
/* end of ASN1_TIME_set_string() reimplementation */ |
4742
|
|
|
|
|
|
|
|
4743
|
13
|
|
|
|
|
|
ST(0) = sv_newmortal(); |
4744
|
13
|
|
|
|
|
|
sv_setiv(ST(0), rv); /* 1 = success, undef = failure */ |
4745
|
|
|
|
|
|
|
|
4746
|
|
|
|
|
|
|
#endif |
4747
|
|
|
|
|
|
|
|
4748
|
|
|
|
|
|
|
int |
4749
|
|
|
|
|
|
|
EVP_PKEY_copy_parameters(to,from) |
4750
|
|
|
|
|
|
|
EVP_PKEY * to |
4751
|
|
|
|
|
|
|
EVP_PKEY * from |
4752
|
|
|
|
|
|
|
|
4753
|
|
|
|
|
|
|
EVP_PKEY * |
4754
|
|
|
|
|
|
|
EVP_PKEY_new() |
4755
|
|
|
|
|
|
|
|
4756
|
|
|
|
|
|
|
void |
4757
|
|
|
|
|
|
|
EVP_PKEY_free(EVP_PKEY *pkey) |
4758
|
|
|
|
|
|
|
|
4759
|
|
|
|
|
|
|
int |
4760
|
|
|
|
|
|
|
EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) |
4761
|
|
|
|
|
|
|
|
4762
|
|
|
|
|
|
|
int |
4763
|
|
|
|
|
|
|
EVP_PKEY_bits(EVP_PKEY *pkey) |
4764
|
|
|
|
|
|
|
|
4765
|
|
|
|
|
|
|
int |
4766
|
|
|
|
|
|
|
EVP_PKEY_size(EVP_PKEY *pkey) |
4767
|
|
|
|
|
|
|
|
4768
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x1000000fL |
4769
|
|
|
|
|
|
|
|
4770
|
|
|
|
|
|
|
int |
4771
|
|
|
|
|
|
|
EVP_PKEY_id(const EVP_PKEY *pkey) |
4772
|
|
|
|
|
|
|
|
4773
|
|
|
|
|
|
|
#endif |
4774
|
|
|
|
|
|
|
|
4775
|
|
|
|
|
|
|
void |
4776
|
|
|
|
|
|
|
PEM_get_string_X509(x509) |
4777
|
|
|
|
|
|
|
X509 * x509 |
4778
|
|
|
|
|
|
|
PREINIT: |
4779
|
|
|
|
|
|
|
BIO *bp; |
4780
|
|
|
|
|
|
|
int i, n; |
4781
|
|
|
|
|
|
|
char *buf; |
4782
|
|
|
|
|
|
|
CODE: |
4783
|
3
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* undef to start with */ |
4784
|
3
|
|
|
|
|
|
bp = BIO_new(BIO_s_mem()); |
4785
|
3
|
50
|
|
|
|
|
if (bp && x509) { |
|
|
50
|
|
|
|
|
|
4786
|
3
|
|
|
|
|
|
PEM_write_bio_X509(bp,x509); |
4787
|
3
|
|
|
|
|
|
n = BIO_ctrl_pending(bp); |
4788
|
3
|
|
|
|
|
|
New(0, buf, n, char); |
4789
|
3
|
50
|
|
|
|
|
if (buf) { |
4790
|
3
|
|
|
|
|
|
i = BIO_read(bp,buf,n); |
4791
|
3
|
50
|
|
|
|
|
if (i>=0 && i<=n) sv_setpvn(ST(0), buf, i); |
|
|
50
|
|
|
|
|
|
4792
|
3
|
|
|
|
|
|
Safefree(buf); |
4793
|
|
|
|
|
|
|
} |
4794
|
3
|
|
|
|
|
|
BIO_free(bp); |
4795
|
|
|
|
|
|
|
} |
4796
|
|
|
|
|
|
|
|
4797
|
|
|
|
|
|
|
void |
4798
|
|
|
|
|
|
|
PEM_get_string_X509_REQ(x509_req) |
4799
|
|
|
|
|
|
|
X509_REQ * x509_req |
4800
|
|
|
|
|
|
|
PREINIT: |
4801
|
|
|
|
|
|
|
BIO *bp; |
4802
|
|
|
|
|
|
|
int i, n; |
4803
|
|
|
|
|
|
|
char *buf; |
4804
|
|
|
|
|
|
|
CODE: |
4805
|
1
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* undef to start with */ |
4806
|
1
|
|
|
|
|
|
bp = BIO_new(BIO_s_mem()); |
4807
|
1
|
50
|
|
|
|
|
if (bp && x509_req) { |
|
|
50
|
|
|
|
|
|
4808
|
1
|
|
|
|
|
|
PEM_write_bio_X509_REQ(bp,x509_req); |
4809
|
1
|
|
|
|
|
|
n = BIO_ctrl_pending(bp); |
4810
|
1
|
|
|
|
|
|
New(0, buf, n, char); |
4811
|
1
|
50
|
|
|
|
|
if (buf) { |
4812
|
1
|
|
|
|
|
|
i = BIO_read(bp,buf,n); |
4813
|
1
|
50
|
|
|
|
|
if (i>=0 && i<=n) sv_setpvn(ST(0), buf, i); |
|
|
50
|
|
|
|
|
|
4814
|
1
|
|
|
|
|
|
Safefree(buf); |
4815
|
|
|
|
|
|
|
} |
4816
|
1
|
|
|
|
|
|
BIO_free(bp); |
4817
|
|
|
|
|
|
|
} |
4818
|
|
|
|
|
|
|
|
4819
|
|
|
|
|
|
|
void |
4820
|
|
|
|
|
|
|
PEM_get_string_X509_CRL(x509_crl) |
4821
|
|
|
|
|
|
|
X509_CRL * x509_crl |
4822
|
|
|
|
|
|
|
PREINIT: |
4823
|
|
|
|
|
|
|
BIO *bp; |
4824
|
|
|
|
|
|
|
int i, n; |
4825
|
|
|
|
|
|
|
char *buf; |
4826
|
|
|
|
|
|
|
CODE: |
4827
|
1
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* undef to start with */ |
4828
|
1
|
|
|
|
|
|
bp = BIO_new(BIO_s_mem()); |
4829
|
1
|
50
|
|
|
|
|
if (bp && x509_crl) { |
|
|
50
|
|
|
|
|
|
4830
|
1
|
|
|
|
|
|
PEM_write_bio_X509_CRL(bp,x509_crl); |
4831
|
1
|
|
|
|
|
|
n = BIO_ctrl_pending(bp); |
4832
|
1
|
|
|
|
|
|
New(0, buf, n, char); |
4833
|
1
|
50
|
|
|
|
|
if (buf) { |
4834
|
1
|
|
|
|
|
|
i = BIO_read(bp,buf,n); |
4835
|
1
|
50
|
|
|
|
|
if (i>=0 && i<=n) sv_setpvn(ST(0), buf, i); |
|
|
50
|
|
|
|
|
|
4836
|
1
|
|
|
|
|
|
Safefree(buf); |
4837
|
|
|
|
|
|
|
} |
4838
|
1
|
|
|
|
|
|
BIO_free(bp); |
4839
|
|
|
|
|
|
|
} |
4840
|
|
|
|
|
|
|
|
4841
|
|
|
|
|
|
|
void |
4842
|
|
|
|
|
|
|
PEM_get_string_PrivateKey(pk,passwd=NULL,enc_alg=NULL) |
4843
|
|
|
|
|
|
|
EVP_PKEY * pk |
4844
|
|
|
|
|
|
|
char * passwd |
4845
|
|
|
|
|
|
|
const EVP_CIPHER * enc_alg |
4846
|
|
|
|
|
|
|
PREINIT: |
4847
|
|
|
|
|
|
|
BIO *bp; |
4848
|
|
|
|
|
|
|
int i, n; |
4849
|
|
|
|
|
|
|
char *buf; |
4850
|
6
|
|
|
|
|
|
size_t passwd_len = 0; |
4851
|
6
|
|
|
|
|
|
pem_password_cb * cb = NULL; |
4852
|
6
|
|
|
|
|
|
void * u = NULL; |
4853
|
|
|
|
|
|
|
CODE: |
4854
|
6
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* undef to start with */ |
4855
|
6
|
|
|
|
|
|
bp = BIO_new(BIO_s_mem()); |
4856
|
6
|
50
|
|
|
|
|
if (bp && pk) { |
|
|
50
|
|
|
|
|
|
4857
|
6
|
100
|
|
|
|
|
if (passwd) passwd_len = strlen(passwd); |
4858
|
6
|
100
|
|
|
|
|
if (passwd_len>0) { |
4859
|
|
|
|
|
|
|
/* encrypted key */ |
4860
|
2
|
100
|
|
|
|
|
if (!enc_alg) |
4861
|
1
|
|
|
|
|
|
PEM_write_bio_PrivateKey(bp,pk,EVP_des_cbc(),(unsigned char *)passwd,passwd_len,cb,u); |
4862
|
|
|
|
|
|
|
else |
4863
|
2
|
|
|
|
|
|
PEM_write_bio_PrivateKey(bp,pk,enc_alg,(unsigned char *)passwd,passwd_len,cb,u); |
4864
|
|
|
|
|
|
|
} |
4865
|
|
|
|
|
|
|
else { |
4866
|
|
|
|
|
|
|
/* unencrypted key */ |
4867
|
4
|
|
|
|
|
|
PEM_write_bio_PrivateKey(bp,pk,NULL,(unsigned char *)passwd,passwd_len,cb,u); |
4868
|
|
|
|
|
|
|
} |
4869
|
6
|
|
|
|
|
|
n = BIO_ctrl_pending(bp); |
4870
|
6
|
|
|
|
|
|
New(0, buf, n, char); |
4871
|
6
|
50
|
|
|
|
|
if (buf) { |
4872
|
6
|
|
|
|
|
|
i = BIO_read(bp,buf,n); |
4873
|
6
|
50
|
|
|
|
|
if (i>=0 && i<=n) sv_setpvn(ST(0), buf, i); |
|
|
50
|
|
|
|
|
|
4874
|
6
|
|
|
|
|
|
Safefree(buf); |
4875
|
|
|
|
|
|
|
} |
4876
|
6
|
|
|
|
|
|
BIO_free(bp); |
4877
|
|
|
|
|
|
|
} |
4878
|
|
|
|
|
|
|
|
4879
|
|
|
|
|
|
|
int |
4880
|
|
|
|
|
|
|
CTX_use_PKCS12_file(ctx, file, password=NULL) |
4881
|
|
|
|
|
|
|
SSL_CTX *ctx |
4882
|
|
|
|
|
|
|
char *file |
4883
|
|
|
|
|
|
|
char *password |
4884
|
|
|
|
|
|
|
PREINIT: |
4885
|
|
|
|
|
|
|
PKCS12 *p12; |
4886
|
|
|
|
|
|
|
EVP_PKEY *private_key; |
4887
|
|
|
|
|
|
|
X509 *certificate; |
4888
|
|
|
|
|
|
|
FILE *fp; |
4889
|
|
|
|
|
|
|
CODE: |
4890
|
0
|
|
|
|
|
|
RETVAL = 0; |
4891
|
0
|
0
|
|
|
|
|
if ((fp = fopen (file, "rb"))) { |
4892
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
4893
|
0
|
|
|
|
|
|
OPENSSL_add_all_algorithms_noconf(); |
4894
|
|
|
|
|
|
|
#else |
4895
|
|
|
|
|
|
|
OpenSSL_add_all_algorithms(); |
4896
|
|
|
|
|
|
|
#endif |
4897
|
0
|
0
|
|
|
|
|
if ((p12 = d2i_PKCS12_fp(fp, NULL))) { |
4898
|
0
|
0
|
|
|
|
|
if (PKCS12_parse(p12, password, &private_key, &certificate, NULL)) { |
4899
|
0
|
0
|
|
|
|
|
if (private_key) { |
4900
|
0
|
0
|
|
|
|
|
if (SSL_CTX_use_PrivateKey(ctx, private_key)) RETVAL = 1; |
4901
|
0
|
|
|
|
|
|
EVP_PKEY_free(private_key); |
4902
|
|
|
|
|
|
|
} |
4903
|
0
|
0
|
|
|
|
|
if (certificate) { |
4904
|
0
|
0
|
|
|
|
|
if (SSL_CTX_use_certificate(ctx, certificate)) RETVAL = 1; |
4905
|
0
|
|
|
|
|
|
X509_free(certificate); |
4906
|
|
|
|
|
|
|
} |
4907
|
|
|
|
|
|
|
} |
4908
|
0
|
|
|
|
|
|
PKCS12_free(p12); |
4909
|
|
|
|
|
|
|
} |
4910
|
0
|
0
|
|
|
|
|
if (!RETVAL) ERR_print_errors_fp(stderr); |
4911
|
0
|
|
|
|
|
|
fclose(fp); |
4912
|
|
|
|
|
|
|
} |
4913
|
|
|
|
|
|
|
OUTPUT: |
4914
|
|
|
|
|
|
|
RETVAL |
4915
|
|
|
|
|
|
|
|
4916
|
|
|
|
|
|
|
void |
4917
|
|
|
|
|
|
|
P_PKCS12_load_file(file, load_chain=0, password=NULL) |
4918
|
|
|
|
|
|
|
char *file |
4919
|
|
|
|
|
|
|
int load_chain |
4920
|
|
|
|
|
|
|
char *password |
4921
|
|
|
|
|
|
|
PREINIT: |
4922
|
|
|
|
|
|
|
PKCS12 *p12; |
4923
|
4
|
|
|
|
|
|
EVP_PKEY *private_key = NULL; |
4924
|
4
|
|
|
|
|
|
X509 *certificate = NULL; |
4925
|
4
|
|
|
|
|
|
STACK_OF(X509) *cachain = NULL; |
4926
|
|
|
|
|
|
|
X509 *x; |
4927
|
|
|
|
|
|
|
FILE *fp; |
4928
|
|
|
|
|
|
|
int i, result; |
4929
|
|
|
|
|
|
|
PPCODE: |
4930
|
4
|
50
|
|
|
|
|
if ((fp = fopen (file, "rb"))) { |
4931
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
4932
|
4
|
|
|
|
|
|
OPENSSL_add_all_algorithms_noconf(); |
4933
|
|
|
|
|
|
|
#else |
4934
|
|
|
|
|
|
|
OpenSSL_add_all_algorithms(); |
4935
|
|
|
|
|
|
|
#endif |
4936
|
4
|
50
|
|
|
|
|
if ((p12 = d2i_PKCS12_fp(fp, NULL))) { |
4937
|
4
|
100
|
|
|
|
|
if(load_chain) |
4938
|
3
|
|
|
|
|
|
result= PKCS12_parse(p12, password, &private_key, &certificate, &cachain); |
4939
|
|
|
|
|
|
|
else |
4940
|
1
|
|
|
|
|
|
result= PKCS12_parse(p12, password, &private_key, &certificate, NULL); |
4941
|
4
|
50
|
|
|
|
|
if (result) { |
4942
|
4
|
50
|
|
|
|
|
if (private_key) |
4943
|
4
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(private_key)))); |
4944
|
|
|
|
|
|
|
else |
4945
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv(NULL,0))); /* undef */ |
4946
|
4
|
50
|
|
|
|
|
if (certificate) |
4947
|
4
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(certificate)))); |
4948
|
|
|
|
|
|
|
else |
4949
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv(NULL,0))); /* undef */ |
4950
|
4
|
100
|
|
|
|
|
if (cachain) { |
4951
|
3
|
100
|
|
|
|
|
for (i=0; i
|
4952
|
2
|
|
|
|
|
|
x = sk_X509_value(cachain, i); |
4953
|
2
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(PTR2IV(x)))); |
4954
|
|
|
|
|
|
|
} |
4955
|
1
|
|
|
|
|
|
sk_X509_free(cachain); |
4956
|
|
|
|
|
|
|
} |
4957
|
|
|
|
|
|
|
} |
4958
|
4
|
|
|
|
|
|
PKCS12_free(p12); |
4959
|
|
|
|
|
|
|
} |
4960
|
4
|
|
|
|
|
|
fclose(fp); |
4961
|
|
|
|
|
|
|
} |
4962
|
|
|
|
|
|
|
|
4963
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_MD2 |
4964
|
|
|
|
|
|
|
|
4965
|
|
|
|
|
|
|
void |
4966
|
|
|
|
|
|
|
MD2(data) |
4967
|
|
|
|
|
|
|
PREINIT: |
4968
|
|
|
|
|
|
|
STRLEN len; |
4969
|
|
|
|
|
|
|
unsigned char md[MD2_DIGEST_LENGTH]; |
4970
|
|
|
|
|
|
|
unsigned char * ret; |
4971
|
|
|
|
|
|
|
INPUT: |
4972
|
|
|
|
|
|
|
unsigned char* data = (unsigned char *) SvPV( ST(0), len); |
4973
|
|
|
|
|
|
|
CODE: |
4974
|
|
|
|
|
|
|
ret = MD2(data,len,md); |
4975
|
|
|
|
|
|
|
if (ret!=NULL) { |
4976
|
|
|
|
|
|
|
XSRETURN_PVN((char *) md, MD2_DIGEST_LENGTH); |
4977
|
|
|
|
|
|
|
} else { |
4978
|
|
|
|
|
|
|
XSRETURN_UNDEF; |
4979
|
|
|
|
|
|
|
} |
4980
|
|
|
|
|
|
|
|
4981
|
|
|
|
|
|
|
#endif |
4982
|
|
|
|
|
|
|
|
4983
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_MD4 |
4984
|
|
|
|
|
|
|
|
4985
|
|
|
|
|
|
|
void |
4986
|
|
|
|
|
|
|
MD4(data) |
4987
|
|
|
|
|
|
|
PREINIT: |
4988
|
|
|
|
|
|
|
STRLEN len; |
4989
|
|
|
|
|
|
|
unsigned char md[MD4_DIGEST_LENGTH]; |
4990
|
|
|
|
|
|
|
INPUT: |
4991
|
|
|
|
|
|
|
unsigned char* data = (unsigned char *) SvPV( ST(0), len ); |
4992
|
|
|
|
|
|
|
CODE: |
4993
|
9
|
50
|
|
|
|
|
if (MD4(data,len,md)) { |
4994
|
9
|
|
|
|
|
|
XSRETURN_PVN((char *) md, MD4_DIGEST_LENGTH); |
4995
|
|
|
|
|
|
|
} else { |
4996
|
9
|
|
|
|
|
|
XSRETURN_UNDEF; |
4997
|
|
|
|
|
|
|
} |
4998
|
|
|
|
|
|
|
|
4999
|
|
|
|
|
|
|
#endif |
5000
|
|
|
|
|
|
|
|
5001
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_MD5 |
5002
|
|
|
|
|
|
|
|
5003
|
|
|
|
|
|
|
void |
5004
|
|
|
|
|
|
|
MD5(data) |
5005
|
|
|
|
|
|
|
PREINIT: |
5006
|
|
|
|
|
|
|
STRLEN len; |
5007
|
|
|
|
|
|
|
unsigned char md[MD5_DIGEST_LENGTH]; |
5008
|
|
|
|
|
|
|
INPUT: |
5009
|
|
|
|
|
|
|
unsigned char * data = (unsigned char *) SvPV( ST(0), len); |
5010
|
|
|
|
|
|
|
CODE: |
5011
|
9
|
50
|
|
|
|
|
if (MD5(data,len,md)) { |
5012
|
9
|
|
|
|
|
|
XSRETURN_PVN((char *) md, MD5_DIGEST_LENGTH); |
5013
|
|
|
|
|
|
|
} else { |
5014
|
9
|
|
|
|
|
|
XSRETURN_UNDEF; |
5015
|
|
|
|
|
|
|
} |
5016
|
|
|
|
|
|
|
|
5017
|
|
|
|
|
|
|
#endif |
5018
|
|
|
|
|
|
|
|
5019
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x00905000L |
5020
|
|
|
|
|
|
|
|
5021
|
|
|
|
|
|
|
void |
5022
|
|
|
|
|
|
|
RIPEMD160(data) |
5023
|
|
|
|
|
|
|
PREINIT: |
5024
|
|
|
|
|
|
|
STRLEN len; |
5025
|
|
|
|
|
|
|
unsigned char md[RIPEMD160_DIGEST_LENGTH]; |
5026
|
|
|
|
|
|
|
INPUT: |
5027
|
|
|
|
|
|
|
unsigned char * data = (unsigned char *) SvPV( ST(0), len); |
5028
|
|
|
|
|
|
|
CODE: |
5029
|
9
|
50
|
|
|
|
|
if (RIPEMD160(data,len,md)) { |
5030
|
9
|
|
|
|
|
|
XSRETURN_PVN((char *) md, RIPEMD160_DIGEST_LENGTH); |
5031
|
|
|
|
|
|
|
} else { |
5032
|
9
|
|
|
|
|
|
XSRETURN_UNDEF; |
5033
|
|
|
|
|
|
|
} |
5034
|
|
|
|
|
|
|
|
5035
|
|
|
|
|
|
|
#endif |
5036
|
|
|
|
|
|
|
|
5037
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SHA) |
5038
|
|
|
|
|
|
|
|
5039
|
|
|
|
|
|
|
void |
5040
|
|
|
|
|
|
|
SHA1(data) |
5041
|
|
|
|
|
|
|
PREINIT: |
5042
|
|
|
|
|
|
|
STRLEN len; |
5043
|
|
|
|
|
|
|
unsigned char md[SHA_DIGEST_LENGTH]; |
5044
|
|
|
|
|
|
|
INPUT: |
5045
|
|
|
|
|
|
|
unsigned char * data = (unsigned char *) SvPV( ST(0), len); |
5046
|
|
|
|
|
|
|
CODE: |
5047
|
8
|
50
|
|
|
|
|
if (SHA1(data,len,md)) { |
5048
|
8
|
|
|
|
|
|
XSRETURN_PVN((char *) md, SHA_DIGEST_LENGTH); |
5049
|
|
|
|
|
|
|
} else { |
5050
|
8
|
|
|
|
|
|
XSRETURN_UNDEF; |
5051
|
|
|
|
|
|
|
} |
5052
|
|
|
|
|
|
|
|
5053
|
|
|
|
|
|
|
#endif |
5054
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SHA256) && OPENSSL_VERSION_NUMBER >= 0x0090800fL |
5055
|
|
|
|
|
|
|
|
5056
|
|
|
|
|
|
|
void |
5057
|
|
|
|
|
|
|
SHA256(data) |
5058
|
|
|
|
|
|
|
PREINIT: |
5059
|
|
|
|
|
|
|
STRLEN len; |
5060
|
|
|
|
|
|
|
unsigned char md[SHA256_DIGEST_LENGTH]; |
5061
|
|
|
|
|
|
|
INPUT: |
5062
|
|
|
|
|
|
|
unsigned char * data = (unsigned char *) SvPV( ST(0), len); |
5063
|
|
|
|
|
|
|
CODE: |
5064
|
8
|
50
|
|
|
|
|
if (SHA256(data,len,md)) { |
5065
|
8
|
|
|
|
|
|
XSRETURN_PVN((char *) md, SHA256_DIGEST_LENGTH); |
5066
|
|
|
|
|
|
|
} else { |
5067
|
8
|
|
|
|
|
|
XSRETURN_UNDEF; |
5068
|
|
|
|
|
|
|
} |
5069
|
|
|
|
|
|
|
|
5070
|
|
|
|
|
|
|
#endif |
5071
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SHA512) && OPENSSL_VERSION_NUMBER >= 0x0090800fL |
5072
|
|
|
|
|
|
|
|
5073
|
|
|
|
|
|
|
void |
5074
|
|
|
|
|
|
|
SHA512(data) |
5075
|
|
|
|
|
|
|
PREINIT: |
5076
|
|
|
|
|
|
|
STRLEN len; |
5077
|
|
|
|
|
|
|
unsigned char md[SHA512_DIGEST_LENGTH]; |
5078
|
|
|
|
|
|
|
INPUT: |
5079
|
|
|
|
|
|
|
unsigned char * data = (unsigned char *) SvPV( ST(0), len); |
5080
|
|
|
|
|
|
|
CODE: |
5081
|
8
|
50
|
|
|
|
|
if (SHA512(data,len,md)) { |
5082
|
8
|
|
|
|
|
|
XSRETURN_PVN((char *) md, SHA512_DIGEST_LENGTH); |
5083
|
|
|
|
|
|
|
} else { |
5084
|
8
|
|
|
|
|
|
XSRETURN_UNDEF; |
5085
|
|
|
|
|
|
|
} |
5086
|
|
|
|
|
|
|
|
5087
|
|
|
|
|
|
|
#endif |
5088
|
|
|
|
|
|
|
|
5089
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_SSL2 |
5090
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10000000L |
5091
|
|
|
|
|
|
|
|
5092
|
|
|
|
|
|
|
const SSL_METHOD * |
5093
|
|
|
|
|
|
|
SSLv2_method() |
5094
|
|
|
|
|
|
|
|
5095
|
|
|
|
|
|
|
#endif |
5096
|
|
|
|
|
|
|
#endif |
5097
|
|
|
|
|
|
|
|
5098
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_SSL3 |
5099
|
|
|
|
|
|
|
|
5100
|
|
|
|
|
|
|
const SSL_METHOD * |
5101
|
|
|
|
|
|
|
SSLv3_method() |
5102
|
|
|
|
|
|
|
|
5103
|
|
|
|
|
|
|
#endif |
5104
|
|
|
|
|
|
|
|
5105
|
|
|
|
|
|
|
const SSL_METHOD * |
5106
|
|
|
|
|
|
|
SSLv23_method() |
5107
|
|
|
|
|
|
|
|
5108
|
|
|
|
|
|
|
const SSL_METHOD * |
5109
|
|
|
|
|
|
|
SSLv23_server_method() |
5110
|
|
|
|
|
|
|
|
5111
|
|
|
|
|
|
|
const SSL_METHOD * |
5112
|
|
|
|
|
|
|
SSLv23_client_method() |
5113
|
|
|
|
|
|
|
|
5114
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_TLS1_METHOD) |
5115
|
|
|
|
|
|
|
|
5116
|
|
|
|
|
|
|
const SSL_METHOD * |
5117
|
|
|
|
|
|
|
TLSv1_method() |
5118
|
|
|
|
|
|
|
|
5119
|
|
|
|
|
|
|
const SSL_METHOD * |
5120
|
|
|
|
|
|
|
TLSv1_server_method() |
5121
|
|
|
|
|
|
|
|
5122
|
|
|
|
|
|
|
const SSL_METHOD * |
5123
|
|
|
|
|
|
|
TLSv1_client_method() |
5124
|
|
|
|
|
|
|
|
5125
|
|
|
|
|
|
|
#endif |
5126
|
|
|
|
|
|
|
|
5127
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10001001L && !defined(OPENSSL_NO_TLS1_1_METHOD)) /* OpenSSL 1.0.1-beta1 */ |
5128
|
|
|
|
|
|
|
|
5129
|
|
|
|
|
|
|
const SSL_METHOD * |
5130
|
|
|
|
|
|
|
TLSv1_1_method() |
5131
|
|
|
|
|
|
|
|
5132
|
|
|
|
|
|
|
const SSL_METHOD * |
5133
|
|
|
|
|
|
|
TLSv1_1_server_method() |
5134
|
|
|
|
|
|
|
|
5135
|
|
|
|
|
|
|
const SSL_METHOD * |
5136
|
|
|
|
|
|
|
TLSv1_1_client_method() |
5137
|
|
|
|
|
|
|
|
5138
|
|
|
|
|
|
|
#endif |
5139
|
|
|
|
|
|
|
|
5140
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10001001L && !defined(OPENSSL_NO_TLS1_2_METHOD)) /* OpenSSL 1.0.1-beta1 */ |
5141
|
|
|
|
|
|
|
|
5142
|
|
|
|
|
|
|
const SSL_METHOD * |
5143
|
|
|
|
|
|
|
TLSv1_2_method() |
5144
|
|
|
|
|
|
|
|
5145
|
|
|
|
|
|
|
const SSL_METHOD * |
5146
|
|
|
|
|
|
|
TLSv1_2_server_method() |
5147
|
|
|
|
|
|
|
|
5148
|
|
|
|
|
|
|
const SSL_METHOD * |
5149
|
|
|
|
|
|
|
TLSv1_2_client_method() |
5150
|
|
|
|
|
|
|
|
5151
|
|
|
|
|
|
|
#endif |
5152
|
|
|
|
|
|
|
|
5153
|
|
|
|
|
|
|
|
5154
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x20020002L) |
5155
|
|
|
|
|
|
|
|
5156
|
|
|
|
|
|
|
const SSL_METHOD * |
5157
|
|
|
|
|
|
|
TLS_method() |
5158
|
|
|
|
|
|
|
|
5159
|
|
|
|
|
|
|
const SSL_METHOD * |
5160
|
|
|
|
|
|
|
TLS_server_method() |
5161
|
|
|
|
|
|
|
|
5162
|
|
|
|
|
|
|
const SSL_METHOD * |
5163
|
|
|
|
|
|
|
TLS_client_method() |
5164
|
|
|
|
|
|
|
|
5165
|
|
|
|
|
|
|
#endif /* OpenSSL 1.1.0 or LibreSSL 2.2.2 */ |
5166
|
|
|
|
|
|
|
|
5167
|
|
|
|
|
|
|
|
5168
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100002L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2060000fL) |
5169
|
|
|
|
|
|
|
|
5170
|
|
|
|
|
|
|
int |
5171
|
|
|
|
|
|
|
SSL_CTX_set_min_proto_version(ctx, version) |
5172
|
|
|
|
|
|
|
SSL_CTX * ctx |
5173
|
|
|
|
|
|
|
int version |
5174
|
|
|
|
|
|
|
|
5175
|
|
|
|
|
|
|
int |
5176
|
|
|
|
|
|
|
SSL_CTX_set_max_proto_version(ctx, version) |
5177
|
|
|
|
|
|
|
SSL_CTX * ctx |
5178
|
|
|
|
|
|
|
int version |
5179
|
|
|
|
|
|
|
|
5180
|
|
|
|
|
|
|
int |
5181
|
|
|
|
|
|
|
SSL_set_min_proto_version(ssl, version) |
5182
|
|
|
|
|
|
|
SSL * ssl |
5183
|
|
|
|
|
|
|
int version |
5184
|
|
|
|
|
|
|
|
5185
|
|
|
|
|
|
|
int |
5186
|
|
|
|
|
|
|
SSL_set_max_proto_version(ssl, version) |
5187
|
|
|
|
|
|
|
SSL * ssl |
5188
|
|
|
|
|
|
|
int version |
5189
|
|
|
|
|
|
|
|
5190
|
|
|
|
|
|
|
#endif /* OpenSSL 1.1.0-pre2 or LibreSSL 2.6.0 */ |
5191
|
|
|
|
|
|
|
|
5192
|
|
|
|
|
|
|
|
5193
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x1010007fL && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x3040000fL) |
5194
|
|
|
|
|
|
|
|
5195
|
|
|
|
|
|
|
int |
5196
|
|
|
|
|
|
|
SSL_CTX_get_min_proto_version(ctx) |
5197
|
|
|
|
|
|
|
SSL_CTX * ctx |
5198
|
|
|
|
|
|
|
|
5199
|
|
|
|
|
|
|
int |
5200
|
|
|
|
|
|
|
SSL_CTX_get_max_proto_version(ctx) |
5201
|
|
|
|
|
|
|
SSL_CTX * ctx |
5202
|
|
|
|
|
|
|
|
5203
|
|
|
|
|
|
|
int |
5204
|
|
|
|
|
|
|
SSL_get_min_proto_version(ssl) |
5205
|
|
|
|
|
|
|
SSL * ssl |
5206
|
|
|
|
|
|
|
|
5207
|
|
|
|
|
|
|
int |
5208
|
|
|
|
|
|
|
SSL_get_max_proto_version(ssl) |
5209
|
|
|
|
|
|
|
SSL * ssl |
5210
|
|
|
|
|
|
|
|
5211
|
|
|
|
|
|
|
#endif /* OpenSSL 1.1.0g or LibreSSL 3.4.0 */ |
5212
|
|
|
|
|
|
|
|
5213
|
|
|
|
|
|
|
|
5214
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10000000L |
5215
|
|
|
|
|
|
|
|
5216
|
|
|
|
|
|
|
int |
5217
|
|
|
|
|
|
|
SSL_set_ssl_method(ssl, method) |
5218
|
|
|
|
|
|
|
SSL * ssl |
5219
|
|
|
|
|
|
|
SSL_METHOD * method |
5220
|
|
|
|
|
|
|
|
5221
|
|
|
|
|
|
|
#else |
5222
|
|
|
|
|
|
|
|
5223
|
|
|
|
|
|
|
int |
5224
|
|
|
|
|
|
|
SSL_set_ssl_method(ssl, method) |
5225
|
|
|
|
|
|
|
SSL * ssl |
5226
|
|
|
|
|
|
|
const SSL_METHOD * method |
5227
|
|
|
|
|
|
|
|
5228
|
|
|
|
|
|
|
#endif |
5229
|
|
|
|
|
|
|
|
5230
|
|
|
|
|
|
|
const SSL_METHOD * |
5231
|
|
|
|
|
|
|
SSL_get_ssl_method(ssl) |
5232
|
|
|
|
|
|
|
SSL * ssl |
5233
|
|
|
|
|
|
|
|
5234
|
|
|
|
|
|
|
#define REM_AUTOMATICALLY_GENERATED_1_09 |
5235
|
|
|
|
|
|
|
|
5236
|
|
|
|
|
|
|
BIO * |
5237
|
|
|
|
|
|
|
BIO_new_buffer_ssl_connect(ctx) |
5238
|
|
|
|
|
|
|
SSL_CTX * ctx |
5239
|
|
|
|
|
|
|
|
5240
|
|
|
|
|
|
|
BIO * |
5241
|
|
|
|
|
|
|
BIO_new_file(filename,mode) |
5242
|
|
|
|
|
|
|
char * filename |
5243
|
|
|
|
|
|
|
char * mode |
5244
|
|
|
|
|
|
|
|
5245
|
|
|
|
|
|
|
BIO * |
5246
|
|
|
|
|
|
|
BIO_new_ssl(ctx,client) |
5247
|
|
|
|
|
|
|
SSL_CTX * ctx |
5248
|
|
|
|
|
|
|
int client |
5249
|
|
|
|
|
|
|
|
5250
|
|
|
|
|
|
|
BIO * |
5251
|
|
|
|
|
|
|
BIO_new_ssl_connect(ctx) |
5252
|
|
|
|
|
|
|
SSL_CTX * ctx |
5253
|
|
|
|
|
|
|
|
5254
|
|
|
|
|
|
|
BIO * |
5255
|
|
|
|
|
|
|
BIO_new(type) |
5256
|
|
|
|
|
|
|
BIO_METHOD * type; |
5257
|
|
|
|
|
|
|
|
5258
|
|
|
|
|
|
|
int |
5259
|
|
|
|
|
|
|
BIO_free(bio) |
5260
|
|
|
|
|
|
|
BIO * bio; |
5261
|
|
|
|
|
|
|
|
5262
|
|
|
|
|
|
|
void |
5263
|
|
|
|
|
|
|
BIO_read(s,max=32768) |
5264
|
|
|
|
|
|
|
BIO * s |
5265
|
|
|
|
|
|
|
int max |
5266
|
|
|
|
|
|
|
PREINIT: |
5267
|
138
|
|
|
|
|
|
char *buf = NULL; |
5268
|
|
|
|
|
|
|
int got; |
5269
|
|
|
|
|
|
|
CODE: |
5270
|
138
|
|
|
|
|
|
New(0, buf, max, char); |
5271
|
138
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
5272
|
138
|
100
|
|
|
|
|
if ((got = BIO_read(s, buf, max)) >= 0) |
5273
|
55
|
|
|
|
|
|
sv_setpvn( ST(0), buf, got); |
5274
|
138
|
|
|
|
|
|
Safefree(buf); |
5275
|
|
|
|
|
|
|
|
5276
|
|
|
|
|
|
|
int |
5277
|
|
|
|
|
|
|
BIO_write(s,buf) |
5278
|
|
|
|
|
|
|
BIO * s |
5279
|
|
|
|
|
|
|
PREINIT: |
5280
|
|
|
|
|
|
|
STRLEN len; |
5281
|
|
|
|
|
|
|
INPUT: |
5282
|
|
|
|
|
|
|
char * buf = SvPV( ST(1), len); |
5283
|
|
|
|
|
|
|
CODE: |
5284
|
55
|
|
|
|
|
|
RETVAL = BIO_write (s, buf, (int)len); |
5285
|
|
|
|
|
|
|
OUTPUT: |
5286
|
|
|
|
|
|
|
RETVAL |
5287
|
|
|
|
|
|
|
|
5288
|
|
|
|
|
|
|
int |
5289
|
|
|
|
|
|
|
BIO_eof(s) |
5290
|
|
|
|
|
|
|
BIO * s |
5291
|
|
|
|
|
|
|
|
5292
|
|
|
|
|
|
|
int |
5293
|
|
|
|
|
|
|
BIO_pending(s) |
5294
|
|
|
|
|
|
|
BIO * s |
5295
|
|
|
|
|
|
|
|
5296
|
|
|
|
|
|
|
int |
5297
|
|
|
|
|
|
|
BIO_wpending(s) |
5298
|
|
|
|
|
|
|
BIO * s |
5299
|
|
|
|
|
|
|
|
5300
|
|
|
|
|
|
|
int |
5301
|
|
|
|
|
|
|
BIO_ssl_copy_session_id(to,from) |
5302
|
|
|
|
|
|
|
BIO * to |
5303
|
|
|
|
|
|
|
BIO * from |
5304
|
|
|
|
|
|
|
|
5305
|
|
|
|
|
|
|
void |
5306
|
|
|
|
|
|
|
BIO_ssl_shutdown(ssl_bio) |
5307
|
|
|
|
|
|
|
BIO * ssl_bio |
5308
|
|
|
|
|
|
|
|
5309
|
|
|
|
|
|
|
int |
5310
|
|
|
|
|
|
|
SSL_add_client_CA(ssl,x) |
5311
|
|
|
|
|
|
|
SSL * ssl |
5312
|
|
|
|
|
|
|
X509 * x |
5313
|
|
|
|
|
|
|
|
5314
|
|
|
|
|
|
|
const char * |
5315
|
|
|
|
|
|
|
SSL_alert_desc_string(value) |
5316
|
|
|
|
|
|
|
int value |
5317
|
|
|
|
|
|
|
|
5318
|
|
|
|
|
|
|
const char * |
5319
|
|
|
|
|
|
|
SSL_alert_desc_string_long(value) |
5320
|
|
|
|
|
|
|
int value |
5321
|
|
|
|
|
|
|
|
5322
|
|
|
|
|
|
|
const char * |
5323
|
|
|
|
|
|
|
SSL_alert_type_string(value) |
5324
|
|
|
|
|
|
|
int value |
5325
|
|
|
|
|
|
|
|
5326
|
|
|
|
|
|
|
const char * |
5327
|
|
|
|
|
|
|
SSL_alert_type_string_long(value) |
5328
|
|
|
|
|
|
|
int value |
5329
|
|
|
|
|
|
|
|
5330
|
|
|
|
|
|
|
long |
5331
|
|
|
|
|
|
|
SSL_callback_ctrl(ssl,i,fp) |
5332
|
|
|
|
|
|
|
SSL * ssl |
5333
|
|
|
|
|
|
|
int i |
5334
|
|
|
|
|
|
|
callback_no_ret * fp |
5335
|
|
|
|
|
|
|
|
5336
|
|
|
|
|
|
|
int |
5337
|
|
|
|
|
|
|
SSL_check_private_key(ctx) |
5338
|
|
|
|
|
|
|
SSL * ctx |
5339
|
|
|
|
|
|
|
|
5340
|
|
|
|
|
|
|
# /* buf and size were required with Net::SSLeay 1.88 and earlier. */ |
5341
|
|
|
|
|
|
|
# /* With OpenSSL 0.9.8l and older compile can warn about discarded const. */ |
5342
|
|
|
|
|
|
|
void |
5343
|
|
|
|
|
|
|
SSL_CIPHER_description(const SSL_CIPHER *cipher, char *unused_buf=NULL, int unused_size=0) |
5344
|
|
|
|
|
|
|
PREINIT: |
5345
|
|
|
|
|
|
|
char *description; |
5346
|
|
|
|
|
|
|
char buf[512]; |
5347
|
|
|
|
|
|
|
PPCODE: |
5348
|
194
|
|
|
|
|
|
description = SSL_CIPHER_description(cipher, buf, sizeof(buf)); |
5349
|
194
|
50
|
|
|
|
|
if(description == NULL) { |
5350
|
0
|
|
|
|
|
|
XSRETURN_EMPTY; |
5351
|
|
|
|
|
|
|
} |
5352
|
194
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv(description, 0))); |
5353
|
|
|
|
|
|
|
|
5354
|
|
|
|
|
|
|
const char * |
5355
|
|
|
|
|
|
|
SSL_CIPHER_get_name(const SSL_CIPHER *c) |
5356
|
|
|
|
|
|
|
|
5357
|
|
|
|
|
|
|
int |
5358
|
|
|
|
|
|
|
SSL_CIPHER_get_bits(c, ...) |
5359
|
|
|
|
|
|
|
const SSL_CIPHER * c |
5360
|
|
|
|
|
|
|
CODE: |
5361
|
|
|
|
|
|
|
int alg_bits; |
5362
|
390
|
|
|
|
|
|
RETVAL = SSL_CIPHER_get_bits(c, &alg_bits); |
5363
|
390
|
50
|
|
|
|
|
if (items > 2) croak("SSL_CIPHER_get_bits: Need to call with one or two parameters"); |
5364
|
390
|
100
|
|
|
|
|
if (items > 1) sv_setsv(ST(1), sv_2mortal(newSViv(alg_bits))); |
5365
|
|
|
|
|
|
|
OUTPUT: |
5366
|
|
|
|
|
|
|
RETVAL |
5367
|
|
|
|
|
|
|
|
5368
|
|
|
|
|
|
|
const char * |
5369
|
|
|
|
|
|
|
SSL_CIPHER_get_version(const SSL_CIPHER *cipher) |
5370
|
|
|
|
|
|
|
|
5371
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_COMP |
5372
|
|
|
|
|
|
|
|
5373
|
|
|
|
|
|
|
int |
5374
|
|
|
|
|
|
|
SSL_COMP_add_compression_method(id,cm) |
5375
|
|
|
|
|
|
|
int id |
5376
|
|
|
|
|
|
|
COMP_METHOD * cm |
5377
|
|
|
|
|
|
|
|
5378
|
|
|
|
|
|
|
#endif |
5379
|
|
|
|
|
|
|
|
5380
|
|
|
|
|
|
|
int |
5381
|
|
|
|
|
|
|
SSL_CTX_add_client_CA(ctx,x) |
5382
|
|
|
|
|
|
|
SSL_CTX * ctx |
5383
|
|
|
|
|
|
|
X509 * x |
5384
|
|
|
|
|
|
|
|
5385
|
|
|
|
|
|
|
long |
5386
|
|
|
|
|
|
|
SSL_CTX_callback_ctrl(ctx,i,fp) |
5387
|
|
|
|
|
|
|
SSL_CTX * ctx |
5388
|
|
|
|
|
|
|
int i |
5389
|
|
|
|
|
|
|
callback_no_ret * fp |
5390
|
|
|
|
|
|
|
|
5391
|
|
|
|
|
|
|
int |
5392
|
|
|
|
|
|
|
SSL_CTX_check_private_key(ctx) |
5393
|
|
|
|
|
|
|
SSL_CTX * ctx |
5394
|
|
|
|
|
|
|
|
5395
|
|
|
|
|
|
|
void * |
5396
|
|
|
|
|
|
|
SSL_CTX_get_ex_data(ssl,idx) |
5397
|
|
|
|
|
|
|
SSL_CTX * ssl |
5398
|
|
|
|
|
|
|
int idx |
5399
|
|
|
|
|
|
|
|
5400
|
|
|
|
|
|
|
int |
5401
|
|
|
|
|
|
|
SSL_CTX_get_quiet_shutdown(ctx) |
5402
|
|
|
|
|
|
|
SSL_CTX * ctx |
5403
|
|
|
|
|
|
|
|
5404
|
|
|
|
|
|
|
long |
5405
|
|
|
|
|
|
|
SSL_CTX_get_timeout(ctx) |
5406
|
|
|
|
|
|
|
SSL_CTX * ctx |
5407
|
|
|
|
|
|
|
|
5408
|
|
|
|
|
|
|
int |
5409
|
|
|
|
|
|
|
SSL_CTX_get_verify_depth(ctx) |
5410
|
|
|
|
|
|
|
SSL_CTX * ctx |
5411
|
|
|
|
|
|
|
|
5412
|
|
|
|
|
|
|
int |
5413
|
|
|
|
|
|
|
SSL_CTX_get_verify_mode(ctx) |
5414
|
|
|
|
|
|
|
SSL_CTX * ctx |
5415
|
|
|
|
|
|
|
|
5416
|
|
|
|
|
|
|
void |
5417
|
|
|
|
|
|
|
SSL_CTX_set_cert_store(ctx,store) |
5418
|
|
|
|
|
|
|
SSL_CTX * ctx |
5419
|
|
|
|
|
|
|
X509_STORE * store |
5420
|
|
|
|
|
|
|
|
5421
|
|
|
|
|
|
|
X509_STORE * |
5422
|
|
|
|
|
|
|
SSL_CTX_get_cert_store(ctx) |
5423
|
|
|
|
|
|
|
SSL_CTX * ctx |
5424
|
|
|
|
|
|
|
|
5425
|
|
|
|
|
|
|
void |
5426
|
|
|
|
|
|
|
SSL_CTX_set_cert_verify_callback(ctx,callback,data=&PL_sv_undef) |
5427
|
|
|
|
|
|
|
SSL_CTX * ctx |
5428
|
|
|
|
|
|
|
SV * callback |
5429
|
|
|
|
|
|
|
SV * data |
5430
|
|
|
|
|
|
|
CODE: |
5431
|
1
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
5432
|
0
|
|
|
|
|
|
SSL_CTX_set_cert_verify_callback(ctx, NULL, NULL); |
5433
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_cert_verify_cb!!func", NULL); |
5434
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_cert_verify_cb!!data", NULL); |
5435
|
|
|
|
|
|
|
} |
5436
|
|
|
|
|
|
|
else { |
5437
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_cert_verify_cb!!func", newSVsv(callback)); |
5438
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_cert_verify_cb!!data", newSVsv(data)); |
5439
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
5440
|
1
|
|
|
|
|
|
SSL_CTX_set_cert_verify_callback(ctx, ssleay_ctx_cert_verify_cb_invoke, ctx); |
5441
|
|
|
|
|
|
|
#else |
5442
|
|
|
|
|
|
|
SSL_CTX_set_cert_verify_callback(ctx, ssleay_ctx_cert_verify_cb_invoke, (char*)ctx); |
5443
|
|
|
|
|
|
|
#endif |
5444
|
|
|
|
|
|
|
} |
5445
|
|
|
|
|
|
|
|
5446
|
|
|
|
|
|
|
X509_NAME_STACK * |
5447
|
|
|
|
|
|
|
SSL_CTX_get_client_CA_list(ctx) |
5448
|
|
|
|
|
|
|
SSL_CTX *ctx |
5449
|
|
|
|
|
|
|
|
5450
|
|
|
|
|
|
|
void |
5451
|
|
|
|
|
|
|
SSL_CTX_set_client_CA_list(ctx,list) |
5452
|
|
|
|
|
|
|
SSL_CTX * ctx |
5453
|
|
|
|
|
|
|
X509_NAME_STACK * list |
5454
|
|
|
|
|
|
|
|
5455
|
|
|
|
|
|
|
void |
5456
|
|
|
|
|
|
|
SSL_CTX_set_default_passwd_cb(ctx,callback=&PL_sv_undef) |
5457
|
|
|
|
|
|
|
SSL_CTX * ctx |
5458
|
|
|
|
|
|
|
SV * callback |
5459
|
|
|
|
|
|
|
CODE: |
5460
|
4
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
5461
|
0
|
|
|
|
|
|
SSL_CTX_set_default_passwd_cb(ctx, NULL); |
5462
|
0
|
|
|
|
|
|
SSL_CTX_set_default_passwd_cb_userdata(ctx, NULL); |
5463
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_passwd_cb!!func", NULL); |
5464
|
|
|
|
|
|
|
} |
5465
|
|
|
|
|
|
|
else { |
5466
|
4
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_passwd_cb!!func", newSVsv(callback)); |
5467
|
4
|
|
|
|
|
|
SSL_CTX_set_default_passwd_cb_userdata(ctx, (void*)ctx); |
5468
|
4
|
|
|
|
|
|
SSL_CTX_set_default_passwd_cb(ctx, &ssleay_ctx_passwd_cb_invoke); |
5469
|
|
|
|
|
|
|
} |
5470
|
|
|
|
|
|
|
|
5471
|
|
|
|
|
|
|
void |
5472
|
|
|
|
|
|
|
SSL_CTX_set_default_passwd_cb_userdata(ctx,data=&PL_sv_undef) |
5473
|
|
|
|
|
|
|
SSL_CTX * ctx |
5474
|
|
|
|
|
|
|
SV * data |
5475
|
|
|
|
|
|
|
CODE: |
5476
|
|
|
|
|
|
|
/* SSL_CTX_set_default_passwd_cb_userdata is set in SSL_CTX_set_default_passwd_cb */ |
5477
|
2
|
50
|
|
|
|
|
if (data==NULL || !SvOK(data)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
5478
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_passwd_cb!!data", NULL); |
5479
|
|
|
|
|
|
|
} |
5480
|
|
|
|
|
|
|
else { |
5481
|
2
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_passwd_cb!!data", newSVsv(data)); |
5482
|
|
|
|
|
|
|
} |
5483
|
|
|
|
|
|
|
|
5484
|
|
|
|
|
|
|
int |
5485
|
|
|
|
|
|
|
SSL_CTX_set_ex_data(ssl,idx,data) |
5486
|
|
|
|
|
|
|
SSL_CTX * ssl |
5487
|
|
|
|
|
|
|
int idx |
5488
|
|
|
|
|
|
|
void * data |
5489
|
|
|
|
|
|
|
|
5490
|
|
|
|
|
|
|
int |
5491
|
|
|
|
|
|
|
SSL_CTX_set_purpose(s,purpose) |
5492
|
|
|
|
|
|
|
SSL_CTX * s |
5493
|
|
|
|
|
|
|
int purpose |
5494
|
|
|
|
|
|
|
|
5495
|
|
|
|
|
|
|
void |
5496
|
|
|
|
|
|
|
SSL_CTX_set_quiet_shutdown(ctx,mode) |
5497
|
|
|
|
|
|
|
SSL_CTX * ctx |
5498
|
|
|
|
|
|
|
int mode |
5499
|
|
|
|
|
|
|
|
5500
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10000000L |
5501
|
|
|
|
|
|
|
|
5502
|
|
|
|
|
|
|
int |
5503
|
|
|
|
|
|
|
SSL_CTX_set_ssl_version(ctx,meth) |
5504
|
|
|
|
|
|
|
SSL_CTX * ctx |
5505
|
|
|
|
|
|
|
SSL_METHOD * meth |
5506
|
|
|
|
|
|
|
|
5507
|
|
|
|
|
|
|
#else |
5508
|
|
|
|
|
|
|
|
5509
|
|
|
|
|
|
|
int |
5510
|
|
|
|
|
|
|
SSL_CTX_set_ssl_version(ctx,meth) |
5511
|
|
|
|
|
|
|
SSL_CTX * ctx |
5512
|
|
|
|
|
|
|
const SSL_METHOD * meth |
5513
|
|
|
|
|
|
|
|
5514
|
|
|
|
|
|
|
#endif |
5515
|
|
|
|
|
|
|
|
5516
|
|
|
|
|
|
|
long |
5517
|
|
|
|
|
|
|
SSL_CTX_set_timeout(ctx,t) |
5518
|
|
|
|
|
|
|
SSL_CTX * ctx |
5519
|
|
|
|
|
|
|
long t |
5520
|
|
|
|
|
|
|
|
5521
|
|
|
|
|
|
|
int |
5522
|
|
|
|
|
|
|
SSL_CTX_set_trust(s,trust) |
5523
|
|
|
|
|
|
|
SSL_CTX * s |
5524
|
|
|
|
|
|
|
int trust |
5525
|
|
|
|
|
|
|
|
5526
|
|
|
|
|
|
|
void |
5527
|
|
|
|
|
|
|
SSL_CTX_set_verify_depth(ctx,depth) |
5528
|
|
|
|
|
|
|
SSL_CTX * ctx |
5529
|
|
|
|
|
|
|
int depth |
5530
|
|
|
|
|
|
|
|
5531
|
|
|
|
|
|
|
int |
5532
|
|
|
|
|
|
|
SSL_CTX_use_certificate(ctx,x) |
5533
|
|
|
|
|
|
|
SSL_CTX * ctx |
5534
|
|
|
|
|
|
|
X509 * x |
5535
|
|
|
|
|
|
|
|
5536
|
|
|
|
|
|
|
int |
5537
|
|
|
|
|
|
|
SSL_CTX_use_certificate_chain_file(ctx,file) |
5538
|
|
|
|
|
|
|
SSL_CTX * ctx |
5539
|
|
|
|
|
|
|
const char * file |
5540
|
|
|
|
|
|
|
|
5541
|
|
|
|
|
|
|
|
5542
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) |
5543
|
|
|
|
|
|
|
|
5544
|
|
|
|
|
|
|
int |
5545
|
|
|
|
|
|
|
SSL_use_certificate_chain_file(ssl,file) |
5546
|
|
|
|
|
|
|
SSL * ssl |
5547
|
|
|
|
|
|
|
const char * file |
5548
|
|
|
|
|
|
|
|
5549
|
|
|
|
|
|
|
#endif /* OpenSSL 1.1.0 */ |
5550
|
|
|
|
|
|
|
|
5551
|
|
|
|
|
|
|
int |
5552
|
|
|
|
|
|
|
SSL_CTX_use_PrivateKey(ctx,pkey) |
5553
|
|
|
|
|
|
|
SSL_CTX * ctx |
5554
|
|
|
|
|
|
|
EVP_PKEY * pkey |
5555
|
|
|
|
|
|
|
|
5556
|
|
|
|
|
|
|
int |
5557
|
|
|
|
|
|
|
SSL_CTX_use_RSAPrivateKey(ctx,rsa) |
5558
|
|
|
|
|
|
|
SSL_CTX * ctx |
5559
|
|
|
|
|
|
|
RSA * rsa |
5560
|
|
|
|
|
|
|
|
5561
|
|
|
|
|
|
|
int |
5562
|
|
|
|
|
|
|
SSL_do_handshake(s) |
5563
|
|
|
|
|
|
|
SSL * s |
5564
|
|
|
|
|
|
|
|
5565
|
|
|
|
|
|
|
SSL * |
5566
|
|
|
|
|
|
|
SSL_dup(ssl) |
5567
|
|
|
|
|
|
|
SSL * ssl |
5568
|
|
|
|
|
|
|
|
5569
|
|
|
|
|
|
|
const SSL_CIPHER * |
5570
|
|
|
|
|
|
|
SSL_get_current_cipher(s) |
5571
|
|
|
|
|
|
|
SSL * s |
5572
|
|
|
|
|
|
|
|
5573
|
|
|
|
|
|
|
long |
5574
|
|
|
|
|
|
|
SSL_get_default_timeout(s) |
5575
|
|
|
|
|
|
|
SSL * s |
5576
|
|
|
|
|
|
|
|
5577
|
|
|
|
|
|
|
void * |
5578
|
|
|
|
|
|
|
SSL_get_ex_data(ssl,idx) |
5579
|
|
|
|
|
|
|
SSL * ssl |
5580
|
|
|
|
|
|
|
int idx |
5581
|
|
|
|
|
|
|
|
5582
|
|
|
|
|
|
|
size_t |
5583
|
|
|
|
|
|
|
SSL_get_finished(ssl,buf,count=2*EVP_MAX_MD_SIZE) |
5584
|
|
|
|
|
|
|
SSL *ssl |
5585
|
|
|
|
|
|
|
SV *buf |
5586
|
|
|
|
|
|
|
size_t count |
5587
|
|
|
|
|
|
|
PREINIT: |
5588
|
|
|
|
|
|
|
unsigned char *finished; |
5589
|
|
|
|
|
|
|
size_t finished_len; |
5590
|
|
|
|
|
|
|
CODE: |
5591
|
4
|
|
|
|
|
|
Newx(finished, count, unsigned char); |
5592
|
4
|
|
|
|
|
|
finished_len = SSL_get_finished(ssl, finished, count); |
5593
|
4
|
100
|
|
|
|
|
if (count > finished_len) |
5594
|
3
|
|
|
|
|
|
count = finished_len; |
5595
|
4
|
|
|
|
|
|
sv_setpvn(buf, (const char *)finished, count); |
5596
|
4
|
|
|
|
|
|
Safefree(finished); |
5597
|
4
|
|
|
|
|
|
RETVAL = finished_len; |
5598
|
|
|
|
|
|
|
OUTPUT: |
5599
|
|
|
|
|
|
|
RETVAL |
5600
|
|
|
|
|
|
|
|
5601
|
|
|
|
|
|
|
size_t |
5602
|
|
|
|
|
|
|
SSL_get_peer_finished(ssl,buf,count=2*EVP_MAX_MD_SIZE) |
5603
|
|
|
|
|
|
|
SSL *ssl |
5604
|
|
|
|
|
|
|
SV *buf |
5605
|
|
|
|
|
|
|
size_t count |
5606
|
|
|
|
|
|
|
PREINIT: |
5607
|
|
|
|
|
|
|
unsigned char *finished; |
5608
|
|
|
|
|
|
|
size_t finished_len; |
5609
|
|
|
|
|
|
|
CODE: |
5610
|
4
|
|
|
|
|
|
Newx(finished, count, unsigned char); |
5611
|
4
|
|
|
|
|
|
finished_len = SSL_get_peer_finished(ssl, finished, count); |
5612
|
4
|
100
|
|
|
|
|
if (count > finished_len) |
5613
|
3
|
|
|
|
|
|
count = finished_len; |
5614
|
4
|
|
|
|
|
|
sv_setpvn(buf, (const char *)finished, count); |
5615
|
4
|
|
|
|
|
|
Safefree(finished); |
5616
|
4
|
|
|
|
|
|
RETVAL = finished_len; |
5617
|
|
|
|
|
|
|
OUTPUT: |
5618
|
|
|
|
|
|
|
RETVAL |
5619
|
|
|
|
|
|
|
|
5620
|
|
|
|
|
|
|
int |
5621
|
|
|
|
|
|
|
SSL_get_quiet_shutdown(ssl) |
5622
|
|
|
|
|
|
|
SSL * ssl |
5623
|
|
|
|
|
|
|
|
5624
|
|
|
|
|
|
|
int |
5625
|
|
|
|
|
|
|
SSL_get_shutdown(ssl) |
5626
|
|
|
|
|
|
|
SSL * ssl |
5627
|
|
|
|
|
|
|
|
5628
|
|
|
|
|
|
|
int |
5629
|
|
|
|
|
|
|
SSL_get_verify_depth(s) |
5630
|
|
|
|
|
|
|
SSL * s |
5631
|
|
|
|
|
|
|
|
5632
|
|
|
|
|
|
|
int |
5633
|
|
|
|
|
|
|
SSL_get_verify_mode(s) |
5634
|
|
|
|
|
|
|
SSL * s |
5635
|
|
|
|
|
|
|
|
5636
|
|
|
|
|
|
|
long |
5637
|
|
|
|
|
|
|
SSL_get_verify_result(ssl) |
5638
|
|
|
|
|
|
|
SSL * ssl |
5639
|
|
|
|
|
|
|
|
5640
|
|
|
|
|
|
|
int |
5641
|
|
|
|
|
|
|
SSL_renegotiate(s) |
5642
|
|
|
|
|
|
|
SSL * s |
5643
|
|
|
|
|
|
|
|
5644
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10000000L |
5645
|
|
|
|
|
|
|
|
5646
|
|
|
|
|
|
|
int |
5647
|
|
|
|
|
|
|
SSL_SESSION_cmp(a,b) |
5648
|
|
|
|
|
|
|
SSL_SESSION * a |
5649
|
|
|
|
|
|
|
SSL_SESSION * b |
5650
|
|
|
|
|
|
|
|
5651
|
|
|
|
|
|
|
#endif |
5652
|
|
|
|
|
|
|
|
5653
|
|
|
|
|
|
|
void * |
5654
|
|
|
|
|
|
|
SSL_SESSION_get_ex_data(ss,idx) |
5655
|
|
|
|
|
|
|
SSL_SESSION * ss |
5656
|
|
|
|
|
|
|
int idx |
5657
|
|
|
|
|
|
|
|
5658
|
|
|
|
|
|
|
long |
5659
|
|
|
|
|
|
|
SSL_SESSION_get_time(s) |
5660
|
|
|
|
|
|
|
SSL_SESSION * s |
5661
|
|
|
|
|
|
|
|
5662
|
|
|
|
|
|
|
long |
5663
|
|
|
|
|
|
|
SSL_SESSION_get_timeout(s) |
5664
|
|
|
|
|
|
|
SSL_SESSION * s |
5665
|
|
|
|
|
|
|
|
5666
|
|
|
|
|
|
|
int |
5667
|
|
|
|
|
|
|
SSL_SESSION_print_fp(fp,ses) |
5668
|
|
|
|
|
|
|
FILE * fp |
5669
|
|
|
|
|
|
|
SSL_SESSION * ses |
5670
|
|
|
|
|
|
|
|
5671
|
|
|
|
|
|
|
int |
5672
|
|
|
|
|
|
|
SSL_SESSION_set_ex_data(ss,idx,data) |
5673
|
|
|
|
|
|
|
SSL_SESSION * ss |
5674
|
|
|
|
|
|
|
int idx |
5675
|
|
|
|
|
|
|
void * data |
5676
|
|
|
|
|
|
|
|
5677
|
|
|
|
|
|
|
long |
5678
|
|
|
|
|
|
|
SSL_SESSION_set_time(s,t) |
5679
|
|
|
|
|
|
|
SSL_SESSION * s |
5680
|
|
|
|
|
|
|
long t |
5681
|
|
|
|
|
|
|
|
5682
|
|
|
|
|
|
|
long |
5683
|
|
|
|
|
|
|
SSL_SESSION_set_timeout(s,t) |
5684
|
|
|
|
|
|
|
SSL_SESSION * s |
5685
|
|
|
|
|
|
|
long t |
5686
|
|
|
|
|
|
|
|
5687
|
|
|
|
|
|
|
void |
5688
|
|
|
|
|
|
|
SSL_set_accept_state(s) |
5689
|
|
|
|
|
|
|
SSL * s |
5690
|
|
|
|
|
|
|
|
5691
|
|
|
|
|
|
|
void |
5692
|
|
|
|
|
|
|
sk_X509_NAME_free(sk) |
5693
|
|
|
|
|
|
|
X509_NAME_STACK *sk |
5694
|
|
|
|
|
|
|
|
5695
|
|
|
|
|
|
|
int |
5696
|
|
|
|
|
|
|
sk_X509_NAME_num(sk) |
5697
|
|
|
|
|
|
|
X509_NAME_STACK *sk |
5698
|
|
|
|
|
|
|
|
5699
|
|
|
|
|
|
|
X509_NAME * |
5700
|
|
|
|
|
|
|
sk_X509_NAME_value(sk,i) |
5701
|
|
|
|
|
|
|
X509_NAME_STACK *sk |
5702
|
|
|
|
|
|
|
int i |
5703
|
|
|
|
|
|
|
|
5704
|
|
|
|
|
|
|
X509_NAME_STACK * |
5705
|
|
|
|
|
|
|
SSL_get_client_CA_list(s) |
5706
|
|
|
|
|
|
|
SSL * s |
5707
|
|
|
|
|
|
|
|
5708
|
|
|
|
|
|
|
void |
5709
|
|
|
|
|
|
|
SSL_set_client_CA_list(s,list) |
5710
|
|
|
|
|
|
|
SSL * s |
5711
|
|
|
|
|
|
|
X509_NAME_STACK * list |
5712
|
|
|
|
|
|
|
|
5713
|
|
|
|
|
|
|
void |
5714
|
|
|
|
|
|
|
SSL_set_connect_state(s) |
5715
|
|
|
|
|
|
|
SSL * s |
5716
|
|
|
|
|
|
|
|
5717
|
|
|
|
|
|
|
int |
5718
|
|
|
|
|
|
|
SSL_set_ex_data(ssl,idx,data) |
5719
|
|
|
|
|
|
|
SSL * ssl |
5720
|
|
|
|
|
|
|
int idx |
5721
|
|
|
|
|
|
|
void * data |
5722
|
|
|
|
|
|
|
|
5723
|
|
|
|
|
|
|
|
5724
|
|
|
|
|
|
|
void |
5725
|
|
|
|
|
|
|
SSL_set_info_callback(ssl,callback,data=&PL_sv_undef) |
5726
|
|
|
|
|
|
|
SSL * ssl |
5727
|
|
|
|
|
|
|
SV * callback |
5728
|
|
|
|
|
|
|
SV * data |
5729
|
|
|
|
|
|
|
CODE: |
5730
|
1
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
5731
|
0
|
|
|
|
|
|
SSL_set_info_callback(ssl, NULL); |
5732
|
0
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_info_cb!!func", NULL); |
5733
|
0
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_info_cb!!data", NULL); |
5734
|
|
|
|
|
|
|
} else { |
5735
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_info_cb!!func", newSVsv(callback)); |
5736
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_info_cb!!data", newSVsv(data)); |
5737
|
1
|
|
|
|
|
|
SSL_set_info_callback(ssl, ssleay_info_cb_invoke); |
5738
|
|
|
|
|
|
|
} |
5739
|
|
|
|
|
|
|
|
5740
|
|
|
|
|
|
|
void |
5741
|
|
|
|
|
|
|
SSL_CTX_set_info_callback(ctx,callback,data=&PL_sv_undef) |
5742
|
|
|
|
|
|
|
SSL_CTX * ctx |
5743
|
|
|
|
|
|
|
SV * callback |
5744
|
|
|
|
|
|
|
SV * data |
5745
|
|
|
|
|
|
|
CODE: |
5746
|
148
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
5747
|
0
|
|
|
|
|
|
SSL_CTX_set_info_callback(ctx, NULL); |
5748
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_info_cb!!func", NULL); |
5749
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_info_cb!!data", NULL); |
5750
|
|
|
|
|
|
|
} else { |
5751
|
148
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_info_cb!!func", newSVsv(callback)); |
5752
|
148
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_info_cb!!data", newSVsv(data)); |
5753
|
148
|
|
|
|
|
|
SSL_CTX_set_info_callback(ctx, ssleay_ctx_info_cb_invoke); |
5754
|
|
|
|
|
|
|
} |
5755
|
|
|
|
|
|
|
|
5756
|
|
|
|
|
|
|
void |
5757
|
|
|
|
|
|
|
SSL_set_msg_callback(ssl,callback,data=&PL_sv_undef) |
5758
|
|
|
|
|
|
|
SSL * ssl |
5759
|
|
|
|
|
|
|
SV * callback |
5760
|
|
|
|
|
|
|
SV * data |
5761
|
|
|
|
|
|
|
CODE: |
5762
|
2
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
100
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
5763
|
1
|
|
|
|
|
|
SSL_set_msg_callback(ssl, NULL); |
5764
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_msg_cb!!func", NULL); |
5765
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_msg_cb!!data", NULL); |
5766
|
|
|
|
|
|
|
} else { |
5767
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_msg_cb!!func", newSVsv(callback)); |
5768
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "ssleay_msg_cb!!data", newSVsv(data)); |
5769
|
1
|
|
|
|
|
|
SSL_set_msg_callback(ssl, ssleay_msg_cb_invoke); |
5770
|
|
|
|
|
|
|
} |
5771
|
|
|
|
|
|
|
|
5772
|
|
|
|
|
|
|
void |
5773
|
|
|
|
|
|
|
SSL_CTX_set_msg_callback(ctx,callback,data=&PL_sv_undef) |
5774
|
|
|
|
|
|
|
SSL_CTX * ctx |
5775
|
|
|
|
|
|
|
SV * callback |
5776
|
|
|
|
|
|
|
SV * data |
5777
|
|
|
|
|
|
|
CODE: |
5778
|
2
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
100
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
5779
|
1
|
|
|
|
|
|
SSL_CTX_set_msg_callback(ctx, NULL); |
5780
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_msg_cb!!func", NULL); |
5781
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_msg_cb!!data", NULL); |
5782
|
|
|
|
|
|
|
} else { |
5783
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_msg_cb!!func", newSVsv(callback)); |
5784
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_msg_cb!!data", newSVsv(data)); |
5785
|
1
|
|
|
|
|
|
SSL_CTX_set_msg_callback(ctx, ssleay_ctx_msg_cb_invoke); |
5786
|
|
|
|
|
|
|
} |
5787
|
|
|
|
|
|
|
|
5788
|
|
|
|
|
|
|
|
5789
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10101001 && !defined(LIBRESSL_VERSION_NUMBER) |
5790
|
|
|
|
|
|
|
|
5791
|
|
|
|
|
|
|
void |
5792
|
|
|
|
|
|
|
SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SV *callback) |
5793
|
|
|
|
|
|
|
CODE: |
5794
|
|
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
5795
|
|
|
|
|
|
|
SSL_CTX_set_keylog_callback(ctx, NULL); |
5796
|
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ssl_ctx_keylog_callback!!func", NULL); |
5797
|
|
|
|
|
|
|
} else { |
5798
|
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ssl_ctx_keylog_callback!!func", newSVsv(callback)); |
5799
|
|
|
|
|
|
|
SSL_CTX_set_keylog_callback(ctx, ssl_ctx_keylog_cb_func_invoke); |
5800
|
|
|
|
|
|
|
} |
5801
|
|
|
|
|
|
|
|
5802
|
|
|
|
|
|
|
SV * |
5803
|
|
|
|
|
|
|
SSL_CTX_get_keylog_callback(const SSL_CTX *ctx) |
5804
|
|
|
|
|
|
|
CODE: |
5805
|
|
|
|
|
|
|
SV *func = cb_data_advanced_get(ctx, "ssleay_ssl_ctx_keylog_callback!!func"); |
5806
|
|
|
|
|
|
|
/* without increment the reference will go away and ssl_ctx_keylog_cb_func_invoke croaks */ |
5807
|
|
|
|
|
|
|
SvREFCNT_inc(func); |
5808
|
|
|
|
|
|
|
RETVAL = func; |
5809
|
|
|
|
|
|
|
OUTPUT: |
5810
|
|
|
|
|
|
|
RETVAL |
5811
|
|
|
|
|
|
|
|
5812
|
|
|
|
|
|
|
#endif |
5813
|
|
|
|
|
|
|
|
5814
|
|
|
|
|
|
|
|
5815
|
|
|
|
|
|
|
int |
5816
|
|
|
|
|
|
|
SSL_set_purpose(s,purpose) |
5817
|
|
|
|
|
|
|
SSL * s |
5818
|
|
|
|
|
|
|
int purpose |
5819
|
|
|
|
|
|
|
|
5820
|
|
|
|
|
|
|
void |
5821
|
|
|
|
|
|
|
SSL_set_quiet_shutdown(ssl,mode) |
5822
|
|
|
|
|
|
|
SSL * ssl |
5823
|
|
|
|
|
|
|
int mode |
5824
|
|
|
|
|
|
|
|
5825
|
|
|
|
|
|
|
void |
5826
|
|
|
|
|
|
|
SSL_set_shutdown(ssl,mode) |
5827
|
|
|
|
|
|
|
SSL * ssl |
5828
|
|
|
|
|
|
|
int mode |
5829
|
|
|
|
|
|
|
|
5830
|
|
|
|
|
|
|
int |
5831
|
|
|
|
|
|
|
SSL_set_trust(s,trust) |
5832
|
|
|
|
|
|
|
SSL * s |
5833
|
|
|
|
|
|
|
int trust |
5834
|
|
|
|
|
|
|
|
5835
|
|
|
|
|
|
|
void |
5836
|
|
|
|
|
|
|
SSL_set_verify_depth(s,depth) |
5837
|
|
|
|
|
|
|
SSL * s |
5838
|
|
|
|
|
|
|
int depth |
5839
|
|
|
|
|
|
|
|
5840
|
|
|
|
|
|
|
void |
5841
|
|
|
|
|
|
|
SSL_set_verify_result(ssl,v) |
5842
|
|
|
|
|
|
|
SSL * ssl |
5843
|
|
|
|
|
|
|
long v |
5844
|
|
|
|
|
|
|
|
5845
|
|
|
|
|
|
|
int |
5846
|
|
|
|
|
|
|
SSL_shutdown(s) |
5847
|
|
|
|
|
|
|
SSL * s |
5848
|
|
|
|
|
|
|
|
5849
|
|
|
|
|
|
|
const char * |
5850
|
|
|
|
|
|
|
SSL_get_version(ssl) |
5851
|
|
|
|
|
|
|
const SSL * ssl |
5852
|
|
|
|
|
|
|
|
5853
|
|
|
|
|
|
|
int |
5854
|
|
|
|
|
|
|
SSL_version(ssl) |
5855
|
|
|
|
|
|
|
SSL * ssl |
5856
|
|
|
|
|
|
|
|
5857
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100006L && !defined(LIBRESSL_VERSION_NUMBER) /* 1.1.0-pre6 */ |
5858
|
|
|
|
|
|
|
|
5859
|
|
|
|
|
|
|
int |
5860
|
|
|
|
|
|
|
SSL_client_version(ssl) |
5861
|
|
|
|
|
|
|
const SSL * ssl |
5862
|
|
|
|
|
|
|
|
5863
|
|
|
|
|
|
|
int |
5864
|
|
|
|
|
|
|
SSL_is_dtls(ssl) |
5865
|
|
|
|
|
|
|
const SSL * ssl |
5866
|
|
|
|
|
|
|
|
5867
|
|
|
|
|
|
|
#endif |
5868
|
|
|
|
|
|
|
|
5869
|
|
|
|
|
|
|
#define REM_MANUALLY_ADDED_1_09 |
5870
|
|
|
|
|
|
|
|
5871
|
|
|
|
|
|
|
X509_NAME_STACK * |
5872
|
|
|
|
|
|
|
SSL_load_client_CA_file(file) |
5873
|
|
|
|
|
|
|
const char * file |
5874
|
|
|
|
|
|
|
|
5875
|
|
|
|
|
|
|
int |
5876
|
|
|
|
|
|
|
SSL_add_file_cert_subjects_to_stack(stackCAs,file) |
5877
|
|
|
|
|
|
|
X509_NAME_STACK * stackCAs |
5878
|
|
|
|
|
|
|
const char * file |
5879
|
|
|
|
|
|
|
|
5880
|
|
|
|
|
|
|
#ifndef WIN32 |
5881
|
|
|
|
|
|
|
#ifndef VMS |
5882
|
|
|
|
|
|
|
#ifndef MAC_OS_pre_X |
5883
|
|
|
|
|
|
|
|
5884
|
|
|
|
|
|
|
int |
5885
|
|
|
|
|
|
|
SSL_add_dir_cert_subjects_to_stack(stackCAs,dir) |
5886
|
|
|
|
|
|
|
X509_NAME_STACK * stackCAs |
5887
|
|
|
|
|
|
|
const char * dir |
5888
|
|
|
|
|
|
|
|
5889
|
|
|
|
|
|
|
#endif |
5890
|
|
|
|
|
|
|
#endif |
5891
|
|
|
|
|
|
|
#endif |
5892
|
|
|
|
|
|
|
|
5893
|
|
|
|
|
|
|
int |
5894
|
|
|
|
|
|
|
SSL_CTX_get_ex_new_index(argl,argp=NULL,new_func=NULL,dup_func=NULL,free_func=NULL) |
5895
|
|
|
|
|
|
|
long argl |
5896
|
|
|
|
|
|
|
void * argp |
5897
|
|
|
|
|
|
|
CRYPTO_EX_new * new_func |
5898
|
|
|
|
|
|
|
CRYPTO_EX_dup * dup_func |
5899
|
|
|
|
|
|
|
CRYPTO_EX_free * free_func |
5900
|
|
|
|
|
|
|
|
5901
|
|
|
|
|
|
|
int |
5902
|
|
|
|
|
|
|
SSL_CTX_set_session_id_context(ctx,sid_ctx,sid_ctx_len) |
5903
|
|
|
|
|
|
|
SSL_CTX * ctx |
5904
|
|
|
|
|
|
|
const unsigned char * sid_ctx |
5905
|
|
|
|
|
|
|
unsigned int sid_ctx_len |
5906
|
|
|
|
|
|
|
|
5907
|
|
|
|
|
|
|
int |
5908
|
|
|
|
|
|
|
SSL_set_session_id_context(ssl,sid_ctx,sid_ctx_len) |
5909
|
|
|
|
|
|
|
SSL * ssl |
5910
|
|
|
|
|
|
|
const unsigned char * sid_ctx |
5911
|
|
|
|
|
|
|
unsigned int sid_ctx_len |
5912
|
|
|
|
|
|
|
|
5913
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
5914
|
|
|
|
|
|
|
void |
5915
|
|
|
|
|
|
|
SSL_CTX_set_tmp_rsa_callback(ctx, cb) |
5916
|
|
|
|
|
|
|
SSL_CTX * ctx |
5917
|
|
|
|
|
|
|
cb_ssl_int_int_ret_RSA * cb |
5918
|
|
|
|
|
|
|
|
5919
|
|
|
|
|
|
|
void |
5920
|
|
|
|
|
|
|
SSL_set_tmp_rsa_callback(ssl, cb) |
5921
|
|
|
|
|
|
|
SSL * ssl |
5922
|
|
|
|
|
|
|
cb_ssl_int_int_ret_RSA * cb |
5923
|
|
|
|
|
|
|
|
5924
|
|
|
|
|
|
|
#endif |
5925
|
|
|
|
|
|
|
|
5926
|
|
|
|
|
|
|
void |
5927
|
|
|
|
|
|
|
SSL_CTX_set_tmp_dh_callback(ctx, dh) |
5928
|
|
|
|
|
|
|
SSL_CTX * ctx |
5929
|
|
|
|
|
|
|
cb_ssl_int_int_ret_DH * dh |
5930
|
|
|
|
|
|
|
|
5931
|
|
|
|
|
|
|
void |
5932
|
|
|
|
|
|
|
SSL_set_tmp_dh_callback(ssl,dh) |
5933
|
|
|
|
|
|
|
SSL * ssl |
5934
|
|
|
|
|
|
|
cb_ssl_int_int_ret_DH * dh |
5935
|
|
|
|
|
|
|
|
5936
|
|
|
|
|
|
|
int |
5937
|
|
|
|
|
|
|
SSL_get_ex_new_index(argl,argp=NULL,new_func=NULL,dup_func=NULL,free_func=NULL) |
5938
|
|
|
|
|
|
|
long argl |
5939
|
|
|
|
|
|
|
void * argp |
5940
|
|
|
|
|
|
|
CRYPTO_EX_new * new_func |
5941
|
|
|
|
|
|
|
CRYPTO_EX_dup * dup_func |
5942
|
|
|
|
|
|
|
CRYPTO_EX_free * free_func |
5943
|
|
|
|
|
|
|
|
5944
|
|
|
|
|
|
|
int |
5945
|
|
|
|
|
|
|
SSL_SESSION_get_ex_new_index(argl,argp=NULL,new_func=NULL,dup_func=NULL,free_func=NULL) |
5946
|
|
|
|
|
|
|
long argl |
5947
|
|
|
|
|
|
|
void * argp |
5948
|
|
|
|
|
|
|
CRYPTO_EX_new * new_func |
5949
|
|
|
|
|
|
|
CRYPTO_EX_dup * dup_func |
5950
|
|
|
|
|
|
|
CRYPTO_EX_free * free_func |
5951
|
|
|
|
|
|
|
|
5952
|
|
|
|
|
|
|
#define REM_SEMIAUTOMATIC_MACRO_GEN_1_09 |
5953
|
|
|
|
|
|
|
|
5954
|
|
|
|
|
|
|
long |
5955
|
|
|
|
|
|
|
SSL_clear_num_renegotiations(ssl) |
5956
|
|
|
|
|
|
|
SSL * ssl |
5957
|
|
|
|
|
|
|
CODE: |
5958
|
0
|
|
|
|
|
|
RETVAL = SSL_ctrl(ssl,SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL); |
5959
|
|
|
|
|
|
|
OUTPUT: |
5960
|
|
|
|
|
|
|
RETVAL |
5961
|
|
|
|
|
|
|
|
5962
|
|
|
|
|
|
|
long |
5963
|
|
|
|
|
|
|
SSL_CTX_add_extra_chain_cert(ctx,x509) |
5964
|
|
|
|
|
|
|
SSL_CTX * ctx |
5965
|
|
|
|
|
|
|
X509 * x509 |
5966
|
|
|
|
|
|
|
CODE: |
5967
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char*)x509); |
5968
|
|
|
|
|
|
|
OUTPUT: |
5969
|
|
|
|
|
|
|
RETVAL |
5970
|
|
|
|
|
|
|
|
5971
|
|
|
|
|
|
|
void * |
5972
|
|
|
|
|
|
|
SSL_CTX_get_app_data(ctx) |
5973
|
|
|
|
|
|
|
SSL_CTX * ctx |
5974
|
|
|
|
|
|
|
CODE: |
5975
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_get_ex_data(ctx,0); |
5976
|
|
|
|
|
|
|
OUTPUT: |
5977
|
|
|
|
|
|
|
RETVAL |
5978
|
|
|
|
|
|
|
|
5979
|
|
|
|
|
|
|
long |
5980
|
|
|
|
|
|
|
SSL_CTX_get_mode(ctx) |
5981
|
|
|
|
|
|
|
SSL_CTX * ctx |
5982
|
|
|
|
|
|
|
CODE: |
5983
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,0,NULL); |
5984
|
|
|
|
|
|
|
OUTPUT: |
5985
|
|
|
|
|
|
|
RETVAL |
5986
|
|
|
|
|
|
|
|
5987
|
|
|
|
|
|
|
long |
5988
|
|
|
|
|
|
|
SSL_CTX_get_read_ahead(ctx) |
5989
|
|
|
|
|
|
|
SSL_CTX * ctx |
5990
|
|
|
|
|
|
|
CODE: |
5991
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL); |
5992
|
|
|
|
|
|
|
OUTPUT: |
5993
|
|
|
|
|
|
|
RETVAL |
5994
|
|
|
|
|
|
|
|
5995
|
|
|
|
|
|
|
long |
5996
|
|
|
|
|
|
|
SSL_CTX_get_session_cache_mode(ctx) |
5997
|
|
|
|
|
|
|
SSL_CTX * ctx |
5998
|
|
|
|
|
|
|
CODE: |
5999
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL); |
6000
|
|
|
|
|
|
|
OUTPUT: |
6001
|
|
|
|
|
|
|
RETVAL |
6002
|
|
|
|
|
|
|
|
6003
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
6004
|
|
|
|
|
|
|
long |
6005
|
|
|
|
|
|
|
SSL_CTX_need_tmp_RSA(ctx) |
6006
|
|
|
|
|
|
|
SSL_CTX * ctx |
6007
|
|
|
|
|
|
|
CODE: |
6008
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL); |
6009
|
|
|
|
|
|
|
OUTPUT: |
6010
|
|
|
|
|
|
|
RETVAL |
6011
|
|
|
|
|
|
|
|
6012
|
|
|
|
|
|
|
#endif |
6013
|
|
|
|
|
|
|
|
6014
|
|
|
|
|
|
|
int |
6015
|
|
|
|
|
|
|
SSL_CTX_set_app_data(ctx,arg) |
6016
|
|
|
|
|
|
|
SSL_CTX * ctx |
6017
|
|
|
|
|
|
|
char * arg |
6018
|
|
|
|
|
|
|
CODE: |
6019
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_set_ex_data(ctx,0,arg); |
6020
|
|
|
|
|
|
|
OUTPUT: |
6021
|
|
|
|
|
|
|
RETVAL |
6022
|
|
|
|
|
|
|
|
6023
|
|
|
|
|
|
|
long |
6024
|
|
|
|
|
|
|
SSL_CTX_set_mode(ctx,op) |
6025
|
|
|
|
|
|
|
SSL_CTX * ctx |
6026
|
|
|
|
|
|
|
long op |
6027
|
|
|
|
|
|
|
CODE: |
6028
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,op,NULL); |
6029
|
|
|
|
|
|
|
OUTPUT: |
6030
|
|
|
|
|
|
|
RETVAL |
6031
|
|
|
|
|
|
|
|
6032
|
|
|
|
|
|
|
long |
6033
|
|
|
|
|
|
|
SSL_CTX_set_read_ahead(ctx,m) |
6034
|
|
|
|
|
|
|
SSL_CTX * ctx |
6035
|
|
|
|
|
|
|
long m |
6036
|
|
|
|
|
|
|
CODE: |
6037
|
0
|
|
|
|
|
|
RETVAL = SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL); |
6038
|
|
|
|
|
|
|
OUTPUT: |
6039
|
|
|
|
|
|
|
RETVAL |
6040
|
|
|
|
|
|
|
|
6041
|
|
|
|
|
|
|
long |
6042
|
|
|
|
|
|
|
SSL_CTX_set_session_cache_mode(ctx,m) |
6043
|
|
|
|
|
|
|
SSL_CTX * ctx |
6044
|
|
|
|
|
|
|
long m |
6045
|
|
|
|
|
|
|
CODE: |
6046
|
6
|
|
|
|
|
|
RETVAL = SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL); |
6047
|
|
|
|
|
|
|
OUTPUT: |
6048
|
|
|
|
|
|
|
RETVAL |
6049
|
|
|
|
|
|
|
|
6050
|
|
|
|
|
|
|
long |
6051
|
|
|
|
|
|
|
SSL_CTX_set_tmp_dh(ctx,dh) |
6052
|
|
|
|
|
|
|
SSL_CTX * ctx |
6053
|
|
|
|
|
|
|
DH * dh |
6054
|
|
|
|
|
|
|
|
6055
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
6056
|
|
|
|
|
|
|
long |
6057
|
|
|
|
|
|
|
SSL_CTX_set_tmp_rsa(ctx,rsa) |
6058
|
|
|
|
|
|
|
SSL_CTX * ctx |
6059
|
|
|
|
|
|
|
RSA * rsa |
6060
|
|
|
|
|
|
|
|
6061
|
|
|
|
|
|
|
#endif |
6062
|
|
|
|
|
|
|
|
6063
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER > 0x10000000L && !defined OPENSSL_NO_EC |
6064
|
|
|
|
|
|
|
|
6065
|
|
|
|
|
|
|
EC_KEY * |
6066
|
|
|
|
|
|
|
EC_KEY_new_by_curve_name(nid) |
6067
|
|
|
|
|
|
|
int nid |
6068
|
|
|
|
|
|
|
|
6069
|
|
|
|
|
|
|
void |
6070
|
|
|
|
|
|
|
EC_KEY_free(key) |
6071
|
|
|
|
|
|
|
EC_KEY * key |
6072
|
|
|
|
|
|
|
|
6073
|
|
|
|
|
|
|
long |
6074
|
|
|
|
|
|
|
SSL_CTX_set_tmp_ecdh(ctx,ecdh) |
6075
|
|
|
|
|
|
|
SSL_CTX * ctx |
6076
|
|
|
|
|
|
|
EC_KEY * ecdh |
6077
|
|
|
|
|
|
|
|
6078
|
|
|
|
|
|
|
int |
6079
|
|
|
|
|
|
|
EVP_PKEY_assign_EC_KEY(pkey,key) |
6080
|
|
|
|
|
|
|
EVP_PKEY * pkey |
6081
|
|
|
|
|
|
|
EC_KEY * key |
6082
|
|
|
|
|
|
|
|
6083
|
|
|
|
|
|
|
|
6084
|
|
|
|
|
|
|
EC_KEY * |
6085
|
|
|
|
|
|
|
EC_KEY_generate_key(curve) |
6086
|
|
|
|
|
|
|
SV *curve; |
6087
|
|
|
|
|
|
|
CODE: |
6088
|
1
|
|
|
|
|
|
EC_GROUP *group = NULL; |
6089
|
1
|
|
|
|
|
|
EC_KEY *eckey = NULL; |
6090
|
|
|
|
|
|
|
int nid; |
6091
|
|
|
|
|
|
|
|
6092
|
1
|
|
|
|
|
|
RETVAL = 0; |
6093
|
1
|
50
|
|
|
|
|
if (SvIOK(curve)) { |
6094
|
0
|
0
|
|
|
|
|
nid = SvIV(curve); |
6095
|
|
|
|
|
|
|
} else { |
6096
|
1
|
50
|
|
|
|
|
nid = OBJ_sn2nid(SvPV_nolen(curve)); |
6097
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER > 0x10002000L |
6098
|
1
|
50
|
|
|
|
|
if (!nid) nid = EC_curve_nist2nid(SvPV_nolen(curve)); |
|
|
0
|
|
|
|
|
|
6099
|
|
|
|
|
|
|
#endif |
6100
|
1
|
50
|
|
|
|
|
if (!nid) croak("unknown curve %s",SvPV_nolen(curve)); |
|
|
0
|
|
|
|
|
|
6101
|
|
|
|
|
|
|
} |
6102
|
|
|
|
|
|
|
|
6103
|
1
|
|
|
|
|
|
group = EC_GROUP_new_by_curve_name(nid); |
6104
|
1
|
50
|
|
|
|
|
if (!group) croak("unknown curve nid=%d",nid); |
6105
|
1
|
|
|
|
|
|
EC_GROUP_set_asn1_flag(group,OPENSSL_EC_NAMED_CURVE); |
6106
|
|
|
|
|
|
|
|
6107
|
1
|
|
|
|
|
|
eckey = EC_KEY_new(); |
6108
|
1
|
50
|
|
|
|
|
if ( eckey |
6109
|
1
|
50
|
|
|
|
|
&& EC_KEY_set_group(eckey, group) |
6110
|
1
|
50
|
|
|
|
|
&& EC_KEY_generate_key(eckey)) { |
6111
|
1
|
|
|
|
|
|
RETVAL = eckey; |
6112
|
|
|
|
|
|
|
} else { |
6113
|
0
|
0
|
|
|
|
|
if (eckey) EC_KEY_free(eckey); |
6114
|
|
|
|
|
|
|
} |
6115
|
1
|
50
|
|
|
|
|
if (group) EC_GROUP_free(group); |
6116
|
|
|
|
|
|
|
|
6117
|
|
|
|
|
|
|
OUTPUT: |
6118
|
|
|
|
|
|
|
RETVAL |
6119
|
|
|
|
|
|
|
|
6120
|
|
|
|
|
|
|
|
6121
|
|
|
|
|
|
|
#ifdef SSL_CTRL_SET_ECDH_AUTO |
6122
|
|
|
|
|
|
|
|
6123
|
|
|
|
|
|
|
long |
6124
|
|
|
|
|
|
|
SSL_CTX_set_ecdh_auto(ctx,onoff) |
6125
|
|
|
|
|
|
|
SSL_CTX * ctx |
6126
|
|
|
|
|
|
|
int onoff |
6127
|
|
|
|
|
|
|
|
6128
|
|
|
|
|
|
|
long |
6129
|
|
|
|
|
|
|
SSL_set_ecdh_auto(ssl,onoff) |
6130
|
|
|
|
|
|
|
SSL * ssl |
6131
|
|
|
|
|
|
|
int onoff |
6132
|
|
|
|
|
|
|
|
6133
|
|
|
|
|
|
|
#endif |
6134
|
|
|
|
|
|
|
|
6135
|
|
|
|
|
|
|
#ifdef SSL_CTRL_SET_CURVES_LIST |
6136
|
|
|
|
|
|
|
|
6137
|
|
|
|
|
|
|
long |
6138
|
|
|
|
|
|
|
SSL_CTX_set1_curves_list(ctx,list) |
6139
|
|
|
|
|
|
|
SSL_CTX * ctx |
6140
|
|
|
|
|
|
|
char * list |
6141
|
|
|
|
|
|
|
|
6142
|
|
|
|
|
|
|
long |
6143
|
|
|
|
|
|
|
SSL_set1_curves_list(ssl,list) |
6144
|
|
|
|
|
|
|
SSL * ssl |
6145
|
|
|
|
|
|
|
char * list |
6146
|
|
|
|
|
|
|
|
6147
|
|
|
|
|
|
|
#endif |
6148
|
|
|
|
|
|
|
|
6149
|
|
|
|
|
|
|
#if SSL_CTRL_SET_GROUPS_LIST |
6150
|
|
|
|
|
|
|
|
6151
|
|
|
|
|
|
|
long |
6152
|
|
|
|
|
|
|
SSL_CTX_set1_groups_list(ctx,list) |
6153
|
|
|
|
|
|
|
SSL_CTX * ctx |
6154
|
|
|
|
|
|
|
char * list |
6155
|
|
|
|
|
|
|
|
6156
|
|
|
|
|
|
|
long |
6157
|
|
|
|
|
|
|
SSL_set1_groups_list(ssl,list) |
6158
|
|
|
|
|
|
|
SSL * ssl |
6159
|
|
|
|
|
|
|
char * list |
6160
|
|
|
|
|
|
|
|
6161
|
|
|
|
|
|
|
#endif |
6162
|
|
|
|
|
|
|
|
6163
|
|
|
|
|
|
|
|
6164
|
|
|
|
|
|
|
|
6165
|
|
|
|
|
|
|
#endif |
6166
|
|
|
|
|
|
|
|
6167
|
|
|
|
|
|
|
void * |
6168
|
|
|
|
|
|
|
SSL_get_app_data(s) |
6169
|
|
|
|
|
|
|
SSL * s |
6170
|
|
|
|
|
|
|
CODE: |
6171
|
0
|
|
|
|
|
|
RETVAL = SSL_get_ex_data(s,0); |
6172
|
|
|
|
|
|
|
OUTPUT: |
6173
|
|
|
|
|
|
|
RETVAL |
6174
|
|
|
|
|
|
|
|
6175
|
|
|
|
|
|
|
int |
6176
|
|
|
|
|
|
|
SSL_get_cipher_bits(s,np=NULL) |
6177
|
|
|
|
|
|
|
SSL * s |
6178
|
|
|
|
|
|
|
int * np |
6179
|
|
|
|
|
|
|
CODE: |
6180
|
0
|
|
|
|
|
|
RETVAL = SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np); |
6181
|
|
|
|
|
|
|
OUTPUT: |
6182
|
|
|
|
|
|
|
RETVAL |
6183
|
|
|
|
|
|
|
|
6184
|
|
|
|
|
|
|
long |
6185
|
|
|
|
|
|
|
SSL_get_mode(ssl) |
6186
|
|
|
|
|
|
|
SSL * ssl |
6187
|
|
|
|
|
|
|
CODE: |
6188
|
0
|
|
|
|
|
|
RETVAL = SSL_ctrl(ssl,SSL_CTRL_MODE,0,NULL); |
6189
|
|
|
|
|
|
|
OUTPUT: |
6190
|
|
|
|
|
|
|
RETVAL |
6191
|
|
|
|
|
|
|
|
6192
|
|
|
|
|
|
|
void |
6193
|
|
|
|
|
|
|
SSL_set_state(ssl,state) |
6194
|
|
|
|
|
|
|
SSL * ssl |
6195
|
|
|
|
|
|
|
int state |
6196
|
|
|
|
|
|
|
CODE: |
6197
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
6198
|
|
|
|
|
|
|
/* not available */ |
6199
|
|
|
|
|
|
|
#elif defined(OPENSSL_NO_SSL_INTERN) |
6200
|
|
|
|
|
|
|
SSL_set_state(ssl,state); |
6201
|
|
|
|
|
|
|
#else |
6202
|
0
|
|
|
|
|
|
ssl->state = state; |
6203
|
|
|
|
|
|
|
#endif |
6204
|
|
|
|
|
|
|
|
6205
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
6206
|
|
|
|
|
|
|
long |
6207
|
|
|
|
|
|
|
SSL_need_tmp_RSA(ssl) |
6208
|
|
|
|
|
|
|
SSL * ssl |
6209
|
|
|
|
|
|
|
CODE: |
6210
|
0
|
|
|
|
|
|
RETVAL = SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL); |
6211
|
|
|
|
|
|
|
OUTPUT: |
6212
|
|
|
|
|
|
|
RETVAL |
6213
|
|
|
|
|
|
|
|
6214
|
|
|
|
|
|
|
|
6215
|
|
|
|
|
|
|
#endif |
6216
|
|
|
|
|
|
|
|
6217
|
|
|
|
|
|
|
long |
6218
|
|
|
|
|
|
|
SSL_num_renegotiations(ssl) |
6219
|
|
|
|
|
|
|
SSL * ssl |
6220
|
|
|
|
|
|
|
CODE: |
6221
|
0
|
|
|
|
|
|
RETVAL = SSL_ctrl(ssl,SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL); |
6222
|
|
|
|
|
|
|
OUTPUT: |
6223
|
|
|
|
|
|
|
RETVAL |
6224
|
|
|
|
|
|
|
|
6225
|
|
|
|
|
|
|
void * |
6226
|
|
|
|
|
|
|
SSL_SESSION_get_app_data(ses) |
6227
|
|
|
|
|
|
|
SSL_SESSION * ses |
6228
|
|
|
|
|
|
|
CODE: |
6229
|
0
|
|
|
|
|
|
RETVAL = SSL_SESSION_get_ex_data(ses,0); |
6230
|
|
|
|
|
|
|
OUTPUT: |
6231
|
|
|
|
|
|
|
RETVAL |
6232
|
|
|
|
|
|
|
|
6233
|
|
|
|
|
|
|
long |
6234
|
|
|
|
|
|
|
SSL_session_reused(ssl) |
6235
|
|
|
|
|
|
|
SSL * ssl |
6236
|
|
|
|
|
|
|
|
6237
|
|
|
|
|
|
|
int |
6238
|
|
|
|
|
|
|
SSL_SESSION_set_app_data(s,a) |
6239
|
|
|
|
|
|
|
SSL_SESSION * s |
6240
|
|
|
|
|
|
|
void * a |
6241
|
|
|
|
|
|
|
CODE: |
6242
|
0
|
|
|
|
|
|
RETVAL = SSL_SESSION_set_ex_data(s,0,(char *)a); |
6243
|
|
|
|
|
|
|
OUTPUT: |
6244
|
|
|
|
|
|
|
RETVAL |
6245
|
|
|
|
|
|
|
|
6246
|
|
|
|
|
|
|
int |
6247
|
|
|
|
|
|
|
SSL_set_app_data(s,arg) |
6248
|
|
|
|
|
|
|
SSL * s |
6249
|
|
|
|
|
|
|
void * arg |
6250
|
|
|
|
|
|
|
CODE: |
6251
|
0
|
|
|
|
|
|
RETVAL = SSL_set_ex_data(s,0,(char *)arg); |
6252
|
|
|
|
|
|
|
OUTPUT: |
6253
|
|
|
|
|
|
|
RETVAL |
6254
|
|
|
|
|
|
|
|
6255
|
|
|
|
|
|
|
long |
6256
|
|
|
|
|
|
|
SSL_set_mode(ssl,op) |
6257
|
|
|
|
|
|
|
SSL * ssl |
6258
|
|
|
|
|
|
|
long op |
6259
|
|
|
|
|
|
|
CODE: |
6260
|
0
|
|
|
|
|
|
RETVAL = SSL_ctrl(ssl,SSL_CTRL_MODE,op,NULL); |
6261
|
|
|
|
|
|
|
OUTPUT: |
6262
|
|
|
|
|
|
|
RETVAL |
6263
|
|
|
|
|
|
|
|
6264
|
|
|
|
|
|
|
int |
6265
|
|
|
|
|
|
|
SSL_set_pref_cipher(s,n) |
6266
|
|
|
|
|
|
|
SSL * s |
6267
|
|
|
|
|
|
|
const char * n |
6268
|
|
|
|
|
|
|
CODE: |
6269
|
0
|
|
|
|
|
|
RETVAL = SSL_set_cipher_list(s,n); |
6270
|
|
|
|
|
|
|
OUTPUT: |
6271
|
|
|
|
|
|
|
RETVAL |
6272
|
|
|
|
|
|
|
|
6273
|
|
|
|
|
|
|
long |
6274
|
|
|
|
|
|
|
SSL_set_tmp_dh(ssl,dh) |
6275
|
|
|
|
|
|
|
SSL * ssl |
6276
|
|
|
|
|
|
|
DH * dh |
6277
|
|
|
|
|
|
|
|
6278
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
6279
|
|
|
|
|
|
|
long |
6280
|
|
|
|
|
|
|
SSL_set_tmp_rsa(ssl,rsa) |
6281
|
|
|
|
|
|
|
SSL * ssl |
6282
|
|
|
|
|
|
|
char * rsa |
6283
|
|
|
|
|
|
|
CODE: |
6284
|
0
|
|
|
|
|
|
RETVAL = SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa); |
6285
|
|
|
|
|
|
|
OUTPUT: |
6286
|
|
|
|
|
|
|
RETVAL |
6287
|
|
|
|
|
|
|
|
6288
|
|
|
|
|
|
|
#endif |
6289
|
|
|
|
|
|
|
|
6290
|
|
|
|
|
|
|
BIGNUM * |
6291
|
|
|
|
|
|
|
BN_dup(const BIGNUM *from) |
6292
|
|
|
|
|
|
|
|
6293
|
|
|
|
|
|
|
void |
6294
|
|
|
|
|
|
|
BN_clear(BIGNUM *bn) |
6295
|
|
|
|
|
|
|
|
6296
|
|
|
|
|
|
|
void |
6297
|
|
|
|
|
|
|
BN_clear_free(BIGNUM *bn) |
6298
|
|
|
|
|
|
|
|
6299
|
|
|
|
|
|
|
void |
6300
|
|
|
|
|
|
|
BN_free(BIGNUM *bn) |
6301
|
|
|
|
|
|
|
|
6302
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL |
6303
|
|
|
|
|
|
|
|
6304
|
|
|
|
|
|
|
RSA * |
6305
|
|
|
|
|
|
|
RSA_generate_key(bits,ee,perl_cb=&PL_sv_undef,perl_data=&PL_sv_undef) |
6306
|
|
|
|
|
|
|
int bits |
6307
|
|
|
|
|
|
|
unsigned long ee |
6308
|
|
|
|
|
|
|
SV* perl_cb |
6309
|
|
|
|
|
|
|
SV* perl_data |
6310
|
|
|
|
|
|
|
PREINIT: |
6311
|
8
|
|
|
|
|
|
simple_cb_data_t* cb_data = NULL; |
6312
|
|
|
|
|
|
|
CODE: |
6313
|
|
|
|
|
|
|
/* openssl 0.9.8 deprecated RSA_generate_key. */ |
6314
|
|
|
|
|
|
|
/* This equivalent was contributed by Brian Fraser for Android, */ |
6315
|
|
|
|
|
|
|
/* but was not portable to old OpenSSLs where RSA_generate_key_ex is not available. */ |
6316
|
|
|
|
|
|
|
/* It should now be more versatile. */ |
6317
|
|
|
|
|
|
|
/* as of openssl 1.1.0-pre1 it is not possible anymore to generate the BN_GENCB structure directly. */ |
6318
|
|
|
|
|
|
|
/* instead BN_EGNCB_new() has to be used. */ |
6319
|
|
|
|
|
|
|
int rc; |
6320
|
|
|
|
|
|
|
RSA * ret; |
6321
|
|
|
|
|
|
|
BIGNUM *e; |
6322
|
8
|
|
|
|
|
|
e = BN_new(); |
6323
|
8
|
50
|
|
|
|
|
if(!e) |
6324
|
0
|
|
|
|
|
|
croak("Net::SSLeay: RSA_generate_key perl function could not create BN structure.\n"); |
6325
|
8
|
|
|
|
|
|
BN_set_word(e, ee); |
6326
|
8
|
|
|
|
|
|
cb_data = simple_cb_data_new(perl_cb, perl_data); |
6327
|
|
|
|
|
|
|
|
6328
|
8
|
|
|
|
|
|
ret = RSA_new(); |
6329
|
8
|
50
|
|
|
|
|
if(!ret) { |
6330
|
0
|
|
|
|
|
|
simple_cb_data_free(cb_data); |
6331
|
0
|
|
|
|
|
|
BN_free(e); |
6332
|
0
|
|
|
|
|
|
croak("Net::SSLeay: RSA_generate_key perl function could not create RSA structure.\n"); |
6333
|
|
|
|
|
|
|
} |
6334
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100001L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
6335
|
|
|
|
|
|
|
BN_GENCB *new_cb; |
6336
|
|
|
|
|
|
|
new_cb = BN_GENCB_new(); |
6337
|
|
|
|
|
|
|
if(!new_cb) { |
6338
|
|
|
|
|
|
|
simple_cb_data_free(cb_data); |
6339
|
|
|
|
|
|
|
BN_free(e); |
6340
|
|
|
|
|
|
|
RSA_free(ret); |
6341
|
|
|
|
|
|
|
croak("Net::SSLeay: RSA_generate_key perl function could not create BN_GENCB structure.\n"); |
6342
|
|
|
|
|
|
|
} |
6343
|
|
|
|
|
|
|
BN_GENCB_set_old(new_cb, ssleay_RSA_generate_key_cb_invoke, cb_data); |
6344
|
|
|
|
|
|
|
rc = RSA_generate_key_ex(ret, bits, e, new_cb); |
6345
|
|
|
|
|
|
|
BN_GENCB_free(new_cb); |
6346
|
|
|
|
|
|
|
#else |
6347
|
|
|
|
|
|
|
BN_GENCB new_cb; |
6348
|
8
|
|
|
|
|
|
BN_GENCB_set_old(&new_cb, ssleay_RSA_generate_key_cb_invoke, cb_data); |
6349
|
8
|
|
|
|
|
|
rc = RSA_generate_key_ex(ret, bits, e, &new_cb); |
6350
|
|
|
|
|
|
|
#endif |
6351
|
7
|
|
|
|
|
|
simple_cb_data_free(cb_data); |
6352
|
7
|
|
|
|
|
|
BN_free(e); |
6353
|
7
|
50
|
|
|
|
|
if (rc == -1 || ret == NULL) { |
|
|
50
|
|
|
|
|
|
6354
|
0
|
0
|
|
|
|
|
if (ret) RSA_free(ret); |
6355
|
0
|
|
|
|
|
|
croak("Net::SSLeay: Couldn't generate RSA key"); |
6356
|
|
|
|
|
|
|
} |
6357
|
7
|
|
|
|
|
|
e = NULL; |
6358
|
7
|
|
|
|
|
|
RETVAL = ret; |
6359
|
|
|
|
|
|
|
OUTPUT: |
6360
|
|
|
|
|
|
|
RETVAL |
6361
|
|
|
|
|
|
|
|
6362
|
|
|
|
|
|
|
#else |
6363
|
|
|
|
|
|
|
|
6364
|
|
|
|
|
|
|
RSA * |
6365
|
|
|
|
|
|
|
RSA_generate_key(bits,e,perl_cb=&PL_sv_undef,perl_data=&PL_sv_undef) |
6366
|
|
|
|
|
|
|
int bits |
6367
|
|
|
|
|
|
|
unsigned long e |
6368
|
|
|
|
|
|
|
SV* perl_cb |
6369
|
|
|
|
|
|
|
SV* perl_data |
6370
|
|
|
|
|
|
|
PREINIT: |
6371
|
|
|
|
|
|
|
simple_cb_data_t* cb = NULL; |
6372
|
|
|
|
|
|
|
CODE: |
6373
|
|
|
|
|
|
|
cb = simple_cb_data_new(perl_cb, perl_data); |
6374
|
|
|
|
|
|
|
RETVAL = RSA_generate_key(bits, e, ssleay_RSA_generate_key_cb_invoke, cb); |
6375
|
|
|
|
|
|
|
simple_cb_data_free(cb); |
6376
|
|
|
|
|
|
|
OUTPUT: |
6377
|
|
|
|
|
|
|
RETVAL |
6378
|
|
|
|
|
|
|
|
6379
|
|
|
|
|
|
|
#endif |
6380
|
|
|
|
|
|
|
|
6381
|
|
|
|
|
|
|
void |
6382
|
|
|
|
|
|
|
RSA_get_key_parameters(rsa) |
6383
|
|
|
|
|
|
|
RSA * rsa |
6384
|
|
|
|
|
|
|
PREINIT: |
6385
|
|
|
|
|
|
|
#if (!defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x1010000fL)) || (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x3050000fL)) |
6386
|
|
|
|
|
|
|
const BIGNUM *n, *e, *d; |
6387
|
|
|
|
|
|
|
const BIGNUM *p, *q; |
6388
|
|
|
|
|
|
|
const BIGNUM *dmp1, *dmq1, *iqmp; |
6389
|
|
|
|
|
|
|
#endif |
6390
|
|
|
|
|
|
|
PPCODE: |
6391
|
|
|
|
|
|
|
{ |
6392
|
|
|
|
|
|
|
#if (!defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x1010000fL)) || (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x3050000fL)) |
6393
|
|
|
|
|
|
|
RSA_get0_key(rsa, &n, &e, &d); |
6394
|
|
|
|
|
|
|
RSA_get0_factors(rsa, &p, &q); |
6395
|
|
|
|
|
|
|
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); |
6396
|
|
|
|
|
|
|
/* Caution: returned list consists of SV pointers to BIGNUMs, which would need to be blessed as Crypt::OpenSSL::Bignum for further use */ |
6397
|
|
|
|
|
|
|
XPUSHs(bn2sv(n)); |
6398
|
|
|
|
|
|
|
XPUSHs(bn2sv(e)); |
6399
|
|
|
|
|
|
|
XPUSHs(bn2sv(d)); |
6400
|
|
|
|
|
|
|
XPUSHs(bn2sv(p)); |
6401
|
|
|
|
|
|
|
XPUSHs(bn2sv(q)); |
6402
|
|
|
|
|
|
|
XPUSHs(bn2sv(dmp1)); |
6403
|
|
|
|
|
|
|
XPUSHs(bn2sv(dmq1)); |
6404
|
|
|
|
|
|
|
XPUSHs(bn2sv(iqmp)); |
6405
|
|
|
|
|
|
|
#else |
6406
|
|
|
|
|
|
|
/* Caution: returned list consists of SV pointers to BIGNUMs, which would need to be blessed as Crypt::OpenSSL::Bignum for further use */ |
6407
|
1
|
50
|
|
|
|
|
XPUSHs(bn2sv(rsa->n)); |
6408
|
1
|
50
|
|
|
|
|
XPUSHs(bn2sv(rsa->e)); |
6409
|
1
|
50
|
|
|
|
|
XPUSHs(bn2sv(rsa->d)); |
6410
|
1
|
50
|
|
|
|
|
XPUSHs(bn2sv(rsa->p)); |
6411
|
1
|
50
|
|
|
|
|
XPUSHs(bn2sv(rsa->q)); |
6412
|
1
|
50
|
|
|
|
|
XPUSHs(bn2sv(rsa->dmp1)); |
6413
|
1
|
50
|
|
|
|
|
XPUSHs(bn2sv(rsa->dmq1)); |
6414
|
1
|
50
|
|
|
|
|
XPUSHs(bn2sv(rsa->iqmp)); |
6415
|
|
|
|
|
|
|
#endif |
6416
|
|
|
|
|
|
|
} |
6417
|
|
|
|
|
|
|
|
6418
|
|
|
|
|
|
|
void |
6419
|
|
|
|
|
|
|
RSA_free(r) |
6420
|
|
|
|
|
|
|
RSA * r |
6421
|
|
|
|
|
|
|
|
6422
|
|
|
|
|
|
|
X509 * |
6423
|
|
|
|
|
|
|
X509_new() |
6424
|
|
|
|
|
|
|
|
6425
|
|
|
|
|
|
|
void |
6426
|
|
|
|
|
|
|
X509_free(a) |
6427
|
|
|
|
|
|
|
X509 * a |
6428
|
|
|
|
|
|
|
|
6429
|
|
|
|
|
|
|
X509_CRL * |
6430
|
|
|
|
|
|
|
d2i_X509_CRL_bio(BIO *bp,void *unused=NULL) |
6431
|
|
|
|
|
|
|
|
6432
|
|
|
|
|
|
|
X509_REQ * |
6433
|
|
|
|
|
|
|
d2i_X509_REQ_bio(BIO *bp,void *unused=NULL) |
6434
|
|
|
|
|
|
|
|
6435
|
|
|
|
|
|
|
X509 * |
6436
|
|
|
|
|
|
|
d2i_X509_bio(BIO *bp,void *unused=NULL) |
6437
|
|
|
|
|
|
|
|
6438
|
|
|
|
|
|
|
DH * |
6439
|
|
|
|
|
|
|
PEM_read_bio_DHparams(bio,x=NULL,cb=NULL,u=NULL) |
6440
|
|
|
|
|
|
|
BIO * bio |
6441
|
|
|
|
|
|
|
void * x |
6442
|
|
|
|
|
|
|
pem_password_cb * cb |
6443
|
|
|
|
|
|
|
void * u |
6444
|
|
|
|
|
|
|
|
6445
|
|
|
|
|
|
|
X509_CRL * |
6446
|
|
|
|
|
|
|
PEM_read_bio_X509_CRL(bio,x=NULL,cb=NULL,u=NULL) |
6447
|
|
|
|
|
|
|
BIO * bio |
6448
|
|
|
|
|
|
|
void * x |
6449
|
|
|
|
|
|
|
pem_password_cb * cb |
6450
|
|
|
|
|
|
|
void * u |
6451
|
|
|
|
|
|
|
|
6452
|
|
|
|
|
|
|
X509 * |
6453
|
|
|
|
|
|
|
PEM_read_bio_X509(BIO *bio,void *x=NULL,void *cb=NULL,void *u=NULL) |
6454
|
|
|
|
|
|
|
|
6455
|
|
|
|
|
|
|
STACK_OF(X509_INFO) * |
6456
|
|
|
|
|
|
|
PEM_X509_INFO_read_bio(bio, stack=NULL, cb=NULL, u=NULL) |
6457
|
|
|
|
|
|
|
BIO * bio |
6458
|
|
|
|
|
|
|
STACK_OF(X509_INFO) * stack |
6459
|
|
|
|
|
|
|
pem_password_cb * cb |
6460
|
|
|
|
|
|
|
void * u |
6461
|
|
|
|
|
|
|
|
6462
|
|
|
|
|
|
|
int |
6463
|
|
|
|
|
|
|
sk_X509_INFO_num(stack) |
6464
|
|
|
|
|
|
|
STACK_OF(X509_INFO) * stack |
6465
|
|
|
|
|
|
|
|
6466
|
|
|
|
|
|
|
X509_INFO * |
6467
|
|
|
|
|
|
|
sk_X509_INFO_value(stack, index) |
6468
|
|
|
|
|
|
|
const STACK_OF(X509_INFO) * stack |
6469
|
|
|
|
|
|
|
int index |
6470
|
|
|
|
|
|
|
|
6471
|
|
|
|
|
|
|
void |
6472
|
|
|
|
|
|
|
sk_X509_INFO_free(stack) |
6473
|
|
|
|
|
|
|
STACK_OF(X509_INFO) * stack |
6474
|
|
|
|
|
|
|
|
6475
|
|
|
|
|
|
|
STACK_OF(X509) * |
6476
|
|
|
|
|
|
|
sk_X509_new_null() |
6477
|
|
|
|
|
|
|
|
6478
|
|
|
|
|
|
|
void |
6479
|
|
|
|
|
|
|
sk_X509_free(stack) |
6480
|
|
|
|
|
|
|
STACK_OF(X509) * stack |
6481
|
|
|
|
|
|
|
|
6482
|
|
|
|
|
|
|
int |
6483
|
|
|
|
|
|
|
sk_X509_push(stack, data) |
6484
|
|
|
|
|
|
|
STACK_OF(X509) * stack |
6485
|
|
|
|
|
|
|
X509 * data |
6486
|
|
|
|
|
|
|
|
6487
|
|
|
|
|
|
|
X509 * |
6488
|
|
|
|
|
|
|
sk_X509_pop(stack) |
6489
|
|
|
|
|
|
|
STACK_OF(X509) * stack |
6490
|
|
|
|
|
|
|
|
6491
|
|
|
|
|
|
|
X509 * |
6492
|
|
|
|
|
|
|
sk_X509_shift(stack) |
6493
|
|
|
|
|
|
|
STACK_OF(X509) * stack |
6494
|
|
|
|
|
|
|
|
6495
|
|
|
|
|
|
|
int |
6496
|
|
|
|
|
|
|
sk_X509_unshift(stack,x509) |
6497
|
|
|
|
|
|
|
STACK_OF(X509) * stack |
6498
|
|
|
|
|
|
|
X509 * x509 |
6499
|
|
|
|
|
|
|
|
6500
|
|
|
|
|
|
|
int |
6501
|
|
|
|
|
|
|
sk_X509_insert(stack,x509,index) |
6502
|
|
|
|
|
|
|
STACK_OF(X509) * stack |
6503
|
|
|
|
|
|
|
X509 * x509 |
6504
|
|
|
|
|
|
|
int index |
6505
|
|
|
|
|
|
|
|
6506
|
|
|
|
|
|
|
X509 * |
6507
|
|
|
|
|
|
|
sk_X509_delete(stack,index) |
6508
|
|
|
|
|
|
|
STACK_OF(X509) * stack |
6509
|
|
|
|
|
|
|
int index |
6510
|
|
|
|
|
|
|
|
6511
|
|
|
|
|
|
|
X509 * |
6512
|
|
|
|
|
|
|
sk_X509_value(stack,index) |
6513
|
|
|
|
|
|
|
STACK_OF(X509) * stack |
6514
|
|
|
|
|
|
|
int index |
6515
|
|
|
|
|
|
|
|
6516
|
|
|
|
|
|
|
int |
6517
|
|
|
|
|
|
|
sk_X509_num(stack) |
6518
|
|
|
|
|
|
|
STACK_OF(X509) * stack |
6519
|
|
|
|
|
|
|
|
6520
|
|
|
|
|
|
|
X509 * |
6521
|
|
|
|
|
|
|
P_X509_INFO_get_x509(info) |
6522
|
|
|
|
|
|
|
X509_INFO * info |
6523
|
|
|
|
|
|
|
CODE: |
6524
|
3
|
|
|
|
|
|
RETVAL = info->x509; |
6525
|
|
|
|
|
|
|
OUTPUT: |
6526
|
|
|
|
|
|
|
RETVAL |
6527
|
|
|
|
|
|
|
|
6528
|
|
|
|
|
|
|
X509_REQ * |
6529
|
|
|
|
|
|
|
PEM_read_bio_X509_REQ(BIO *bio,void *x=NULL,pem_password_cb *cb=NULL,void *u=NULL) |
6530
|
|
|
|
|
|
|
|
6531
|
|
|
|
|
|
|
EVP_PKEY * |
6532
|
|
|
|
|
|
|
PEM_read_bio_PrivateKey(bio,perl_cb=&PL_sv_undef,perl_data=&PL_sv_undef) |
6533
|
|
|
|
|
|
|
BIO *bio |
6534
|
|
|
|
|
|
|
SV* perl_cb |
6535
|
|
|
|
|
|
|
SV* perl_data |
6536
|
|
|
|
|
|
|
PREINIT: |
6537
|
8
|
|
|
|
|
|
simple_cb_data_t* cb = NULL; |
6538
|
|
|
|
|
|
|
CODE: |
6539
|
8
|
|
|
|
|
|
RETVAL = 0; |
6540
|
8
|
100
|
|
|
|
|
if (SvOK(perl_cb)) { |
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
6541
|
|
|
|
|
|
|
/* setup our callback */ |
6542
|
2
|
|
|
|
|
|
cb = simple_cb_data_new(perl_cb, perl_data); |
6543
|
2
|
|
|
|
|
|
RETVAL = PEM_read_bio_PrivateKey(bio, NULL, pem_password_cb_invoke, (void*)cb); |
6544
|
2
|
|
|
|
|
|
simple_cb_data_free(cb); |
6545
|
|
|
|
|
|
|
} |
6546
|
6
|
50
|
|
|
|
|
else if (!SvOK(perl_cb) && SvOK(perl_data) && SvPOK(perl_data)) { |
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
6547
|
|
|
|
|
|
|
/* use perl_data as the password */ |
6548
|
2
|
|
|
|
|
|
RETVAL = PEM_read_bio_PrivateKey(bio, NULL, NULL, SvPVX(perl_data)); |
6549
|
|
|
|
|
|
|
} |
6550
|
4
|
50
|
|
|
|
|
else if (!SvOK(perl_cb) && !SvOK(perl_data)) { |
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
6551
|
|
|
|
|
|
|
/* will trigger default password callback */ |
6552
|
4
|
|
|
|
|
|
RETVAL = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); |
6553
|
|
|
|
|
|
|
} |
6554
|
|
|
|
|
|
|
OUTPUT: |
6555
|
|
|
|
|
|
|
RETVAL |
6556
|
|
|
|
|
|
|
|
6557
|
|
|
|
|
|
|
void |
6558
|
|
|
|
|
|
|
DH_free(dh) |
6559
|
|
|
|
|
|
|
DH * dh |
6560
|
|
|
|
|
|
|
|
6561
|
|
|
|
|
|
|
long |
6562
|
|
|
|
|
|
|
SSL_total_renegotiations(ssl) |
6563
|
|
|
|
|
|
|
SSL * ssl |
6564
|
|
|
|
|
|
|
CODE: |
6565
|
0
|
|
|
|
|
|
RETVAL = SSL_ctrl(ssl,SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL); |
6566
|
|
|
|
|
|
|
OUTPUT: |
6567
|
|
|
|
|
|
|
RETVAL |
6568
|
|
|
|
|
|
|
|
6569
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
6570
|
|
|
|
|
|
|
void |
6571
|
|
|
|
|
|
|
SSL_SESSION_get_master_key(s) |
6572
|
|
|
|
|
|
|
SSL_SESSION * s |
6573
|
|
|
|
|
|
|
PREINIT: |
6574
|
|
|
|
|
|
|
size_t master_key_length; |
6575
|
|
|
|
|
|
|
unsigned char* master_key; |
6576
|
|
|
|
|
|
|
CODE: |
6577
|
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
6578
|
|
|
|
|
|
|
master_key_length = SSL_SESSION_get_master_key(s, 0, 0); /* get the length */ |
6579
|
|
|
|
|
|
|
New(0, master_key, master_key_length, unsigned char); |
6580
|
|
|
|
|
|
|
SSL_SESSION_get_master_key(s, master_key, master_key_length); |
6581
|
|
|
|
|
|
|
sv_setpvn(ST(0), (const char*)master_key, master_key_length); |
6582
|
|
|
|
|
|
|
Safefree(master_key); |
6583
|
|
|
|
|
|
|
|
6584
|
|
|
|
|
|
|
#else |
6585
|
|
|
|
|
|
|
void |
6586
|
|
|
|
|
|
|
SSL_SESSION_get_master_key(s) |
6587
|
|
|
|
|
|
|
SSL_SESSION * s |
6588
|
|
|
|
|
|
|
CODE: |
6589
|
0
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
6590
|
0
|
|
|
|
|
|
sv_setpvn(ST(0), (const char*)s->master_key, s->master_key_length); |
6591
|
|
|
|
|
|
|
|
6592
|
|
|
|
|
|
|
#endif |
6593
|
|
|
|
|
|
|
|
6594
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
6595
|
|
|
|
|
|
|
|
6596
|
|
|
|
|
|
|
void |
6597
|
|
|
|
|
|
|
SSL_SESSION_set_master_key(s,key) |
6598
|
|
|
|
|
|
|
SSL_SESSION * s |
6599
|
|
|
|
|
|
|
PREINIT: |
6600
|
|
|
|
|
|
|
STRLEN len; |
6601
|
|
|
|
|
|
|
INPUT: |
6602
|
|
|
|
|
|
|
char * key = SvPV(ST(1), len); |
6603
|
|
|
|
|
|
|
CODE: |
6604
|
0
|
|
|
|
|
|
memcpy(s->master_key, key, len); |
6605
|
0
|
|
|
|
|
|
s->master_key_length = len; |
6606
|
|
|
|
|
|
|
|
6607
|
|
|
|
|
|
|
#endif |
6608
|
|
|
|
|
|
|
|
6609
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
6610
|
|
|
|
|
|
|
|
6611
|
|
|
|
|
|
|
void |
6612
|
|
|
|
|
|
|
SSL_get_client_random(s) |
6613
|
|
|
|
|
|
|
SSL * s |
6614
|
|
|
|
|
|
|
PREINIT: |
6615
|
|
|
|
|
|
|
size_t random_length; |
6616
|
|
|
|
|
|
|
unsigned char* random_data; |
6617
|
|
|
|
|
|
|
CODE: |
6618
|
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
6619
|
|
|
|
|
|
|
random_length = SSL_get_client_random(s, 0, 0); /* get the length */ |
6620
|
|
|
|
|
|
|
New(0, random_data, random_length, unsigned char); |
6621
|
|
|
|
|
|
|
SSL_get_client_random(s, random_data, random_length); |
6622
|
|
|
|
|
|
|
sv_setpvn(ST(0), (const char*)random_data, random_length); |
6623
|
|
|
|
|
|
|
Safefree(random_data); |
6624
|
|
|
|
|
|
|
|
6625
|
|
|
|
|
|
|
#else |
6626
|
|
|
|
|
|
|
|
6627
|
|
|
|
|
|
|
void |
6628
|
|
|
|
|
|
|
SSL_get_client_random(s) |
6629
|
|
|
|
|
|
|
SSL * s |
6630
|
|
|
|
|
|
|
CODE: |
6631
|
0
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
6632
|
0
|
|
|
|
|
|
sv_setpvn(ST(0), (const char*)s->s3->client_random, SSL3_RANDOM_SIZE); |
6633
|
|
|
|
|
|
|
|
6634
|
|
|
|
|
|
|
#endif |
6635
|
|
|
|
|
|
|
|
6636
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
6637
|
|
|
|
|
|
|
|
6638
|
|
|
|
|
|
|
void |
6639
|
|
|
|
|
|
|
SSL_get_server_random(s) |
6640
|
|
|
|
|
|
|
SSL * s |
6641
|
|
|
|
|
|
|
PREINIT: |
6642
|
|
|
|
|
|
|
size_t random_length; |
6643
|
|
|
|
|
|
|
unsigned char* random_data; |
6644
|
|
|
|
|
|
|
CODE: |
6645
|
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
6646
|
|
|
|
|
|
|
random_length = SSL_get_server_random(s, 0, 0); /* get the length */ |
6647
|
|
|
|
|
|
|
New(0, random_data, random_length, unsigned char); |
6648
|
|
|
|
|
|
|
SSL_get_server_random(s, random_data, random_length); |
6649
|
|
|
|
|
|
|
sv_setpvn(ST(0), (const char*)random_data, random_length); |
6650
|
|
|
|
|
|
|
Safefree(random_data); |
6651
|
|
|
|
|
|
|
|
6652
|
|
|
|
|
|
|
#else |
6653
|
|
|
|
|
|
|
|
6654
|
|
|
|
|
|
|
void |
6655
|
|
|
|
|
|
|
SSL_get_server_random(s) |
6656
|
|
|
|
|
|
|
SSL * s |
6657
|
|
|
|
|
|
|
CODE: |
6658
|
0
|
|
|
|
|
|
ST(0) = sv_newmortal(); /* Undefined to start with */ |
6659
|
0
|
|
|
|
|
|
sv_setpvn(ST(0), (const char*)s->s3->server_random, SSL3_RANDOM_SIZE); |
6660
|
|
|
|
|
|
|
|
6661
|
|
|
|
|
|
|
#endif |
6662
|
|
|
|
|
|
|
|
6663
|
|
|
|
|
|
|
int |
6664
|
|
|
|
|
|
|
SSL_get_keyblock_size(s) |
6665
|
|
|
|
|
|
|
SSL * s |
6666
|
|
|
|
|
|
|
CODE: |
6667
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) |
6668
|
|
|
|
|
|
|
const SSL_CIPHER *ssl_cipher; |
6669
|
|
|
|
|
|
|
int cipher = NID_undef, digest = NID_undef, mac_secret_size = 0; |
6670
|
|
|
|
|
|
|
const EVP_CIPHER *c = NULL; |
6671
|
|
|
|
|
|
|
const EVP_MD *h = NULL; |
6672
|
|
|
|
|
|
|
|
6673
|
|
|
|
|
|
|
ssl_cipher = SSL_get_current_cipher(s); |
6674
|
|
|
|
|
|
|
if (ssl_cipher) |
6675
|
|
|
|
|
|
|
cipher = SSL_CIPHER_get_cipher_nid(ssl_cipher); |
6676
|
|
|
|
|
|
|
if (cipher != NID_undef) |
6677
|
|
|
|
|
|
|
c = EVP_get_cipherbynid(cipher); |
6678
|
|
|
|
|
|
|
|
6679
|
|
|
|
|
|
|
if (ssl_cipher) |
6680
|
|
|
|
|
|
|
digest = SSL_CIPHER_get_digest_nid(ssl_cipher); |
6681
|
|
|
|
|
|
|
if (digest != NID_undef) /* No digest if e.g., AEAD cipher */ |
6682
|
|
|
|
|
|
|
h = EVP_get_digestbynid(digest); |
6683
|
|
|
|
|
|
|
if (h) |
6684
|
|
|
|
|
|
|
mac_secret_size = EVP_MD_size(h); |
6685
|
|
|
|
|
|
|
|
6686
|
|
|
|
|
|
|
RETVAL = -1; |
6687
|
|
|
|
|
|
|
if (c) |
6688
|
|
|
|
|
|
|
RETVAL = 2 * (EVP_CIPHER_key_length(c) + mac_secret_size + |
6689
|
|
|
|
|
|
|
EVP_CIPHER_iv_length(c)); |
6690
|
|
|
|
|
|
|
#else |
6691
|
1
|
50
|
|
|
|
|
if (s == NULL || |
|
|
50
|
|
|
|
|
|
6692
|
1
|
50
|
|
|
|
|
s->enc_read_ctx == NULL || |
6693
|
1
|
50
|
|
|
|
|
s->enc_read_ctx->cipher == NULL || |
6694
|
1
|
|
|
|
|
|
s->read_hash == NULL) |
6695
|
|
|
|
|
|
|
{ |
6696
|
0
|
|
|
|
|
|
RETVAL = -1; |
6697
|
|
|
|
|
|
|
} |
6698
|
|
|
|
|
|
|
else |
6699
|
|
|
|
|
|
|
{ |
6700
|
|
|
|
|
|
|
const EVP_CIPHER *c; |
6701
|
|
|
|
|
|
|
const EVP_MD *h; |
6702
|
1
|
|
|
|
|
|
int md_size = -1; |
6703
|
1
|
|
|
|
|
|
c = s->enc_read_ctx->cipher; |
6704
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10001000L |
6705
|
1
|
|
|
|
|
|
h = NULL; |
6706
|
1
|
50
|
|
|
|
|
if (s->s3) |
6707
|
1
|
|
|
|
|
|
md_size = s->s3->tmp.new_mac_secret_size; |
6708
|
|
|
|
|
|
|
#elif OPENSSL_VERSION_NUMBER >= 0x00909000L |
6709
|
|
|
|
|
|
|
h = EVP_MD_CTX_md(s->read_hash); |
6710
|
|
|
|
|
|
|
md_size = EVP_MD_size(h); |
6711
|
|
|
|
|
|
|
#else |
6712
|
|
|
|
|
|
|
h = s->read_hash; |
6713
|
|
|
|
|
|
|
md_size = EVP_MD_size(h); |
6714
|
|
|
|
|
|
|
#endif |
6715
|
|
|
|
|
|
|
/* No digest if e.g., AEAD cipher */ |
6716
|
2
|
|
|
|
|
|
RETVAL = (md_size >= 0) ? (2 * (EVP_CIPHER_key_length(c) + |
6717
|
1
|
|
|
|
|
|
md_size + |
6718
|
1
|
|
|
|
|
|
EVP_CIPHER_iv_length(c))) |
6719
|
2
|
50
|
|
|
|
|
: -1; |
6720
|
|
|
|
|
|
|
} |
6721
|
|
|
|
|
|
|
#endif |
6722
|
|
|
|
|
|
|
|
6723
|
|
|
|
|
|
|
OUTPUT: |
6724
|
|
|
|
|
|
|
RETVAL |
6725
|
|
|
|
|
|
|
|
6726
|
|
|
|
|
|
|
|
6727
|
|
|
|
|
|
|
|
6728
|
|
|
|
|
|
|
#if defined(SSL_F_SSL_SET_HELLO_EXTENSION) |
6729
|
|
|
|
|
|
|
int |
6730
|
|
|
|
|
|
|
SSL_set_hello_extension(s, type, data) |
6731
|
|
|
|
|
|
|
SSL * s |
6732
|
|
|
|
|
|
|
int type |
6733
|
|
|
|
|
|
|
PREINIT: |
6734
|
|
|
|
|
|
|
STRLEN len; |
6735
|
|
|
|
|
|
|
INPUT: |
6736
|
|
|
|
|
|
|
char * data = SvPV( ST(2), len); |
6737
|
|
|
|
|
|
|
CODE: |
6738
|
|
|
|
|
|
|
RETVAL = SSL_set_hello_extension(s, type, data, len); |
6739
|
|
|
|
|
|
|
OUTPUT: |
6740
|
|
|
|
|
|
|
RETVAL |
6741
|
|
|
|
|
|
|
|
6742
|
|
|
|
|
|
|
#endif |
6743
|
|
|
|
|
|
|
|
6744
|
|
|
|
|
|
|
#if defined(SSL_F_SSL_SET_HELLO_EXTENSION) || defined(SSL_F_SSL_SET_SESSION_TICKET_EXT) |
6745
|
|
|
|
|
|
|
|
6746
|
|
|
|
|
|
|
void |
6747
|
|
|
|
|
|
|
SSL_set_session_secret_cb(s,callback=&PL_sv_undef,data=&PL_sv_undef) |
6748
|
|
|
|
|
|
|
SSL * s |
6749
|
|
|
|
|
|
|
SV * callback |
6750
|
|
|
|
|
|
|
SV * data |
6751
|
|
|
|
|
|
|
CODE: |
6752
|
0
|
0
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
6753
|
0
|
|
|
|
|
|
SSL_set_session_secret_cb(s, NULL, NULL); |
6754
|
0
|
|
|
|
|
|
cb_data_advanced_put(s, "ssleay_session_secret_cb!!func", NULL); |
6755
|
0
|
|
|
|
|
|
cb_data_advanced_put(s, "ssleay_session_secret_cb!!data", NULL); |
6756
|
|
|
|
|
|
|
} |
6757
|
|
|
|
|
|
|
else { |
6758
|
0
|
|
|
|
|
|
cb_data_advanced_put(s, "ssleay_session_secret_cb!!func", newSVsv(callback)); |
6759
|
0
|
|
|
|
|
|
cb_data_advanced_put(s, "ssleay_session_secret_cb!!data", newSVsv(data)); |
6760
|
0
|
|
|
|
|
|
SSL_set_session_secret_cb(s, (tls_session_secret_cb_fn)&ssleay_session_secret_cb_invoke, s); |
6761
|
|
|
|
|
|
|
} |
6762
|
|
|
|
|
|
|
|
6763
|
|
|
|
|
|
|
#endif |
6764
|
|
|
|
|
|
|
|
6765
|
|
|
|
|
|
|
#ifdef NET_SSLEAY_CAN_PSK_CLIENT_CALLBACK |
6766
|
|
|
|
|
|
|
|
6767
|
|
|
|
|
|
|
void |
6768
|
|
|
|
|
|
|
SSL_set_psk_client_callback(s,callback=&PL_sv_undef) |
6769
|
|
|
|
|
|
|
SSL * s |
6770
|
|
|
|
|
|
|
SV * callback |
6771
|
|
|
|
|
|
|
CODE: |
6772
|
0
|
0
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
6773
|
0
|
|
|
|
|
|
SSL_set_psk_client_callback(s, NULL); |
6774
|
0
|
|
|
|
|
|
cb_data_advanced_put(s, "ssleay_set_psk_client_callback!!func", NULL); |
6775
|
|
|
|
|
|
|
} |
6776
|
|
|
|
|
|
|
else { |
6777
|
0
|
|
|
|
|
|
cb_data_advanced_put(s, "ssleay_set_psk_client_callback!!func", newSVsv(callback)); |
6778
|
0
|
|
|
|
|
|
SSL_set_psk_client_callback(s, ssleay_set_psk_client_callback_invoke); |
6779
|
|
|
|
|
|
|
} |
6780
|
|
|
|
|
|
|
|
6781
|
|
|
|
|
|
|
void |
6782
|
|
|
|
|
|
|
SSL_CTX_set_psk_client_callback(ctx,callback=&PL_sv_undef) |
6783
|
|
|
|
|
|
|
SSL_CTX * ctx |
6784
|
|
|
|
|
|
|
SV * callback |
6785
|
|
|
|
|
|
|
CODE: |
6786
|
0
|
0
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
6787
|
0
|
|
|
|
|
|
SSL_CTX_set_psk_client_callback(ctx, NULL); |
6788
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_set_psk_client_callback!!func", NULL); |
6789
|
|
|
|
|
|
|
} |
6790
|
|
|
|
|
|
|
else { |
6791
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "ssleay_ctx_set_psk_client_callback!!func", newSVsv(callback)); |
6792
|
0
|
|
|
|
|
|
SSL_CTX_set_psk_client_callback(ctx, ssleay_ctx_set_psk_client_callback_invoke); |
6793
|
|
|
|
|
|
|
} |
6794
|
|
|
|
|
|
|
|
6795
|
|
|
|
|
|
|
#endif |
6796
|
|
|
|
|
|
|
|
6797
|
|
|
|
|
|
|
#ifdef NET_SSLEAY_CAN_TICKET_KEY_CB |
6798
|
|
|
|
|
|
|
|
6799
|
|
|
|
|
|
|
void |
6800
|
|
|
|
|
|
|
SSL_CTX_set_tlsext_ticket_getkey_cb(ctx,callback=&PL_sv_undef,data=&PL_sv_undef) |
6801
|
|
|
|
|
|
|
SSL_CTX * ctx |
6802
|
|
|
|
|
|
|
SV * callback |
6803
|
|
|
|
|
|
|
SV * data |
6804
|
|
|
|
|
|
|
CODE: |
6805
|
3
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
6806
|
0
|
|
|
|
|
|
SSL_CTX_set_tlsext_ticket_key_cb(ctx, NULL); |
6807
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_ticket_key_cb!!func", NULL); |
6808
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_ticket_key_cb!!data", NULL); |
6809
|
|
|
|
|
|
|
} |
6810
|
|
|
|
|
|
|
else { |
6811
|
3
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_ticket_key_cb!!func", newSVsv(callback)); |
6812
|
3
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_ticket_key_cb!!data", newSVsv(data)); |
6813
|
3
|
|
|
|
|
|
SSL_CTX_set_tlsext_ticket_key_cb(ctx, &tlsext_ticket_key_cb_invoke); |
6814
|
|
|
|
|
|
|
} |
6815
|
|
|
|
|
|
|
|
6816
|
|
|
|
|
|
|
|
6817
|
|
|
|
|
|
|
#endif |
6818
|
|
|
|
|
|
|
|
6819
|
|
|
|
|
|
|
|
6820
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x0090700fL |
6821
|
|
|
|
|
|
|
#define REM11 "NOTE: before 0.9.7" |
6822
|
|
|
|
|
|
|
|
6823
|
|
|
|
|
|
|
int EVP_add_digest(EVP_MD *digest) |
6824
|
|
|
|
|
|
|
|
6825
|
|
|
|
|
|
|
#else |
6826
|
|
|
|
|
|
|
|
6827
|
|
|
|
|
|
|
int EVP_add_digest(const EVP_MD *digest) |
6828
|
|
|
|
|
|
|
|
6829
|
|
|
|
|
|
|
#endif |
6830
|
|
|
|
|
|
|
|
6831
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_SHA |
6832
|
|
|
|
|
|
|
|
6833
|
|
|
|
|
|
|
const EVP_MD *EVP_sha1() |
6834
|
|
|
|
|
|
|
|
6835
|
|
|
|
|
|
|
#endif |
6836
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SHA256) && OPENSSL_VERSION_NUMBER >= 0x0090800fL |
6837
|
|
|
|
|
|
|
|
6838
|
|
|
|
|
|
|
const EVP_MD *EVP_sha256() |
6839
|
|
|
|
|
|
|
|
6840
|
|
|
|
|
|
|
#endif |
6841
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SHA512) && OPENSSL_VERSION_NUMBER >= 0x0090800fL |
6842
|
|
|
|
|
|
|
|
6843
|
|
|
|
|
|
|
const EVP_MD *EVP_sha512() |
6844
|
|
|
|
|
|
|
|
6845
|
|
|
|
|
|
|
#endif |
6846
|
|
|
|
|
|
|
void OpenSSL_add_all_digests() |
6847
|
|
|
|
|
|
|
|
6848
|
|
|
|
|
|
|
const EVP_MD * EVP_get_digestbyname(const char *name) |
6849
|
|
|
|
|
|
|
|
6850
|
|
|
|
|
|
|
int EVP_MD_type(const EVP_MD *md) |
6851
|
|
|
|
|
|
|
|
6852
|
|
|
|
|
|
|
int EVP_MD_size(const EVP_MD *md) |
6853
|
|
|
|
|
|
|
|
6854
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x1000000fL |
6855
|
|
|
|
|
|
|
|
6856
|
|
|
|
|
|
|
SV* |
6857
|
|
|
|
|
|
|
P_EVP_MD_list_all() |
6858
|
|
|
|
|
|
|
INIT: |
6859
|
|
|
|
|
|
|
AV * results; |
6860
|
|
|
|
|
|
|
CODE: |
6861
|
2
|
|
|
|
|
|
results = (AV *)sv_2mortal((SV *)newAV()); |
6862
|
2
|
|
|
|
|
|
EVP_MD_do_all_sorted(handler_list_md_fn, results); |
6863
|
2
|
|
|
|
|
|
RETVAL = newRV((SV *)results); |
6864
|
|
|
|
|
|
|
OUTPUT: |
6865
|
|
|
|
|
|
|
RETVAL |
6866
|
|
|
|
|
|
|
|
6867
|
|
|
|
|
|
|
#endif |
6868
|
|
|
|
|
|
|
|
6869
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
6870
|
|
|
|
|
|
|
#define REM16 "NOTE: requires 0.9.7+" |
6871
|
|
|
|
|
|
|
|
6872
|
|
|
|
|
|
|
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) |
6873
|
|
|
|
|
|
|
|
6874
|
|
|
|
|
|
|
EVP_MD_CTX *EVP_MD_CTX_create() |
6875
|
|
|
|
|
|
|
|
6876
|
|
|
|
|
|
|
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) |
6877
|
|
|
|
|
|
|
|
6878
|
|
|
|
|
|
|
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) |
6879
|
|
|
|
|
|
|
|
6880
|
|
|
|
|
|
|
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) |
6881
|
|
|
|
|
|
|
|
6882
|
|
|
|
|
|
|
void |
6883
|
|
|
|
|
|
|
EVP_DigestUpdate(ctx,data) |
6884
|
|
|
|
|
|
|
PREINIT: |
6885
|
|
|
|
|
|
|
STRLEN len; |
6886
|
|
|
|
|
|
|
INPUT: |
6887
|
|
|
|
|
|
|
EVP_MD_CTX *ctx = INT2PTR(EVP_MD_CTX *, SvIV(ST(0))); |
6888
|
|
|
|
|
|
|
unsigned char *data = (unsigned char *) SvPV(ST(1), len); |
6889
|
|
|
|
|
|
|
CODE: |
6890
|
9138
|
|
|
|
|
|
XSRETURN_IV(EVP_DigestUpdate(ctx,data,len)); |
6891
|
|
|
|
|
|
|
|
6892
|
|
|
|
|
|
|
void |
6893
|
|
|
|
|
|
|
EVP_DigestFinal(ctx) |
6894
|
|
|
|
|
|
|
EVP_MD_CTX *ctx |
6895
|
|
|
|
|
|
|
INIT: |
6896
|
|
|
|
|
|
|
unsigned char md[EVP_MAX_MD_SIZE]; |
6897
|
|
|
|
|
|
|
unsigned int md_size; |
6898
|
|
|
|
|
|
|
CODE: |
6899
|
57
|
50
|
|
|
|
|
if (EVP_DigestFinal(ctx,md,&md_size)) |
6900
|
57
|
|
|
|
|
|
XSRETURN_PVN((char *)md, md_size); |
6901
|
|
|
|
|
|
|
else |
6902
|
57
|
|
|
|
|
|
XSRETURN_UNDEF; |
6903
|
|
|
|
|
|
|
|
6904
|
|
|
|
|
|
|
void |
6905
|
|
|
|
|
|
|
EVP_DigestFinal_ex(ctx) |
6906
|
|
|
|
|
|
|
EVP_MD_CTX *ctx |
6907
|
|
|
|
|
|
|
INIT: |
6908
|
|
|
|
|
|
|
unsigned char md[EVP_MAX_MD_SIZE]; |
6909
|
|
|
|
|
|
|
unsigned int md_size; |
6910
|
|
|
|
|
|
|
CODE: |
6911
|
9
|
50
|
|
|
|
|
if (EVP_DigestFinal_ex(ctx,md,&md_size)) |
6912
|
9
|
|
|
|
|
|
XSRETURN_PVN((char *)md, md_size); |
6913
|
|
|
|
|
|
|
else |
6914
|
9
|
|
|
|
|
|
XSRETURN_UNDEF; |
6915
|
|
|
|
|
|
|
|
6916
|
|
|
|
|
|
|
void |
6917
|
|
|
|
|
|
|
EVP_Digest(...) |
6918
|
|
|
|
|
|
|
PREINIT: |
6919
|
|
|
|
|
|
|
STRLEN len; |
6920
|
|
|
|
|
|
|
unsigned char md[EVP_MAX_MD_SIZE]; |
6921
|
|
|
|
|
|
|
unsigned int md_size; |
6922
|
|
|
|
|
|
|
INPUT: |
6923
|
|
|
|
|
|
|
unsigned char *data = (unsigned char *) SvPV(ST(0), len); |
6924
|
|
|
|
|
|
|
EVP_MD *type = INT2PTR(EVP_MD *, SvIV(ST(1))); |
6925
|
|
|
|
|
|
|
ENGINE *impl = (items>2 && SvOK(ST(2))) ? INT2PTR(ENGINE *, SvIV(ST(2))) : NULL; |
6926
|
|
|
|
|
|
|
CODE: |
6927
|
48
|
50
|
|
|
|
|
if (EVP_Digest(data,len,md,&md_size,type,impl)) |
6928
|
48
|
|
|
|
|
|
XSRETURN_PVN((char *)md, md_size); |
6929
|
|
|
|
|
|
|
else |
6930
|
48
|
|
|
|
|
|
XSRETURN_UNDEF; |
6931
|
|
|
|
|
|
|
|
6932
|
|
|
|
|
|
|
#endif |
6933
|
|
|
|
|
|
|
|
6934
|
|
|
|
|
|
|
const EVP_CIPHER * |
6935
|
|
|
|
|
|
|
EVP_get_cipherbyname(const char *name) |
6936
|
|
|
|
|
|
|
|
6937
|
|
|
|
|
|
|
void |
6938
|
|
|
|
|
|
|
OpenSSL_add_all_algorithms() |
6939
|
|
|
|
|
|
|
|
6940
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
6941
|
|
|
|
|
|
|
|
6942
|
|
|
|
|
|
|
void |
6943
|
|
|
|
|
|
|
OPENSSL_add_all_algorithms_noconf() |
6944
|
|
|
|
|
|
|
|
6945
|
|
|
|
|
|
|
void |
6946
|
|
|
|
|
|
|
OPENSSL_add_all_algorithms_conf() |
6947
|
|
|
|
|
|
|
|
6948
|
|
|
|
|
|
|
#endif |
6949
|
|
|
|
|
|
|
|
6950
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10000003L |
6951
|
|
|
|
|
|
|
|
6952
|
|
|
|
|
|
|
int |
6953
|
|
|
|
|
|
|
SSL_CTX_set1_param(ctx, vpm) |
6954
|
|
|
|
|
|
|
SSL_CTX * ctx |
6955
|
|
|
|
|
|
|
X509_VERIFY_PARAM *vpm |
6956
|
|
|
|
|
|
|
|
6957
|
|
|
|
|
|
|
int |
6958
|
|
|
|
|
|
|
SSL_set1_param(ctx, vpm) |
6959
|
|
|
|
|
|
|
SSL * ctx |
6960
|
|
|
|
|
|
|
X509_VERIFY_PARAM *vpm |
6961
|
|
|
|
|
|
|
|
6962
|
|
|
|
|
|
|
#endif |
6963
|
|
|
|
|
|
|
|
6964
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL |
6965
|
|
|
|
|
|
|
|
6966
|
|
|
|
|
|
|
X509_VERIFY_PARAM * |
6967
|
|
|
|
|
|
|
X509_VERIFY_PARAM_new() |
6968
|
|
|
|
|
|
|
|
6969
|
|
|
|
|
|
|
void |
6970
|
|
|
|
|
|
|
X509_VERIFY_PARAM_free(param) |
6971
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
6972
|
|
|
|
|
|
|
|
6973
|
|
|
|
|
|
|
int |
6974
|
|
|
|
|
|
|
X509_VERIFY_PARAM_inherit(to, from) |
6975
|
|
|
|
|
|
|
X509_VERIFY_PARAM *to |
6976
|
|
|
|
|
|
|
X509_VERIFY_PARAM *from |
6977
|
|
|
|
|
|
|
|
6978
|
|
|
|
|
|
|
int |
6979
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set1(to, from) |
6980
|
|
|
|
|
|
|
X509_VERIFY_PARAM *to |
6981
|
|
|
|
|
|
|
X509_VERIFY_PARAM *from |
6982
|
|
|
|
|
|
|
|
6983
|
|
|
|
|
|
|
int |
6984
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set1_name(param, name) |
6985
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
6986
|
|
|
|
|
|
|
const char *name |
6987
|
|
|
|
|
|
|
|
6988
|
|
|
|
|
|
|
int |
6989
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set_flags(param, flags) |
6990
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
6991
|
|
|
|
|
|
|
unsigned long flags |
6992
|
|
|
|
|
|
|
|
6993
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090801fL |
6994
|
|
|
|
|
|
|
#define REM13 "NOTE: requires 0.9.8a+" |
6995
|
|
|
|
|
|
|
|
6996
|
|
|
|
|
|
|
int |
6997
|
|
|
|
|
|
|
X509_VERIFY_PARAM_clear_flags(param, flags) |
6998
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
6999
|
|
|
|
|
|
|
unsigned long flags |
7000
|
|
|
|
|
|
|
|
7001
|
|
|
|
|
|
|
unsigned long |
7002
|
|
|
|
|
|
|
X509_VERIFY_PARAM_get_flags(param) |
7003
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7004
|
|
|
|
|
|
|
|
7005
|
|
|
|
|
|
|
#endif |
7006
|
|
|
|
|
|
|
|
7007
|
|
|
|
|
|
|
int |
7008
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set_purpose(param, purpose) |
7009
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7010
|
|
|
|
|
|
|
int purpose |
7011
|
|
|
|
|
|
|
|
7012
|
|
|
|
|
|
|
int |
7013
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set_trust(param, trust) |
7014
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7015
|
|
|
|
|
|
|
int trust |
7016
|
|
|
|
|
|
|
|
7017
|
|
|
|
|
|
|
void |
7018
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set_depth(param, depth) |
7019
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7020
|
|
|
|
|
|
|
int depth |
7021
|
|
|
|
|
|
|
|
7022
|
|
|
|
|
|
|
void |
7023
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set_time(param, t) |
7024
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7025
|
|
|
|
|
|
|
time_t t |
7026
|
|
|
|
|
|
|
|
7027
|
|
|
|
|
|
|
int |
7028
|
|
|
|
|
|
|
X509_VERIFY_PARAM_add0_policy(param, policy) |
7029
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7030
|
|
|
|
|
|
|
ASN1_OBJECT *policy |
7031
|
|
|
|
|
|
|
|
7032
|
|
|
|
|
|
|
int |
7033
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set1_policies(param, policies) |
7034
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7035
|
|
|
|
|
|
|
STACK_OF(ASN1_OBJECT) *policies |
7036
|
|
|
|
|
|
|
|
7037
|
|
|
|
|
|
|
int |
7038
|
|
|
|
|
|
|
X509_VERIFY_PARAM_get_depth(param) |
7039
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7040
|
|
|
|
|
|
|
|
7041
|
|
|
|
|
|
|
int |
7042
|
|
|
|
|
|
|
X509_VERIFY_PARAM_add0_table(param) |
7043
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7044
|
|
|
|
|
|
|
|
7045
|
|
|
|
|
|
|
const X509_VERIFY_PARAM * |
7046
|
|
|
|
|
|
|
X509_VERIFY_PARAM_lookup(name) |
7047
|
|
|
|
|
|
|
const char *name |
7048
|
|
|
|
|
|
|
|
7049
|
|
|
|
|
|
|
void |
7050
|
|
|
|
|
|
|
X509_VERIFY_PARAM_table_cleanup() |
7051
|
|
|
|
|
|
|
|
7052
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10002001L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) /* OpenSSL 1.0.2-beta1, LibreSSL 2.7.0 */ |
7053
|
|
|
|
|
|
|
|
7054
|
|
|
|
|
|
|
X509_VERIFY_PARAM * |
7055
|
|
|
|
|
|
|
SSL_CTX_get0_param(ctx) |
7056
|
|
|
|
|
|
|
SSL_CTX * ctx |
7057
|
|
|
|
|
|
|
|
7058
|
|
|
|
|
|
|
X509_VERIFY_PARAM * |
7059
|
|
|
|
|
|
|
SSL_get0_param(ssl) |
7060
|
|
|
|
|
|
|
SSL * ssl |
7061
|
|
|
|
|
|
|
|
7062
|
|
|
|
|
|
|
int |
7063
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set1_host(param, name) |
7064
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7065
|
|
|
|
|
|
|
PREINIT: |
7066
|
|
|
|
|
|
|
STRLEN namelen; |
7067
|
|
|
|
|
|
|
INPUT: |
7068
|
|
|
|
|
|
|
const char * name = SvPV(ST(1), namelen); |
7069
|
|
|
|
|
|
|
CODE: |
7070
|
2
|
|
|
|
|
|
RETVAL = X509_VERIFY_PARAM_set1_host(param, name, namelen); |
7071
|
|
|
|
|
|
|
OUTPUT: |
7072
|
|
|
|
|
|
|
RETVAL |
7073
|
|
|
|
|
|
|
|
7074
|
|
|
|
|
|
|
int |
7075
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set1_email(param, email) |
7076
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7077
|
|
|
|
|
|
|
PREINIT: |
7078
|
|
|
|
|
|
|
STRLEN emaillen; |
7079
|
|
|
|
|
|
|
INPUT: |
7080
|
|
|
|
|
|
|
const char * email = SvPV(ST(1), emaillen); |
7081
|
|
|
|
|
|
|
CODE: |
7082
|
2
|
|
|
|
|
|
RETVAL = X509_VERIFY_PARAM_set1_email(param, email, emaillen); |
7083
|
|
|
|
|
|
|
OUTPUT: |
7084
|
|
|
|
|
|
|
RETVAL |
7085
|
|
|
|
|
|
|
|
7086
|
|
|
|
|
|
|
int |
7087
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set1_ip(param, ip) |
7088
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7089
|
|
|
|
|
|
|
PREINIT: |
7090
|
|
|
|
|
|
|
STRLEN iplen; |
7091
|
|
|
|
|
|
|
INPUT: |
7092
|
|
|
|
|
|
|
const unsigned char * ip = (const unsigned char *)SvPV(ST(1), iplen); |
7093
|
|
|
|
|
|
|
CODE: |
7094
|
6
|
|
|
|
|
|
RETVAL = X509_VERIFY_PARAM_set1_ip(param, ip, iplen); |
7095
|
|
|
|
|
|
|
OUTPUT: |
7096
|
|
|
|
|
|
|
RETVAL |
7097
|
|
|
|
|
|
|
|
7098
|
|
|
|
|
|
|
int |
7099
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set1_ip_asc(param, ipasc) |
7100
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7101
|
|
|
|
|
|
|
const char *ipasc |
7102
|
|
|
|
|
|
|
|
7103
|
|
|
|
|
|
|
#endif /* OpenSSL 1.0.2-beta1, LibreSSL 2.7.0 */ |
7104
|
|
|
|
|
|
|
|
7105
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10002002L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) /* OpenSSL 1.0.2-beta2, LibreSSL 2.7.0 */ |
7106
|
|
|
|
|
|
|
|
7107
|
|
|
|
|
|
|
int |
7108
|
|
|
|
|
|
|
X509_VERIFY_PARAM_add1_host(param, name) |
7109
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7110
|
|
|
|
|
|
|
PREINIT: |
7111
|
|
|
|
|
|
|
STRLEN namelen; |
7112
|
|
|
|
|
|
|
INPUT: |
7113
|
|
|
|
|
|
|
const char * name = SvPV(ST(1), namelen); |
7114
|
|
|
|
|
|
|
CODE: |
7115
|
1
|
|
|
|
|
|
RETVAL = X509_VERIFY_PARAM_add1_host(param, name, namelen); |
7116
|
|
|
|
|
|
|
OUTPUT: |
7117
|
|
|
|
|
|
|
RETVAL |
7118
|
|
|
|
|
|
|
|
7119
|
|
|
|
|
|
|
void |
7120
|
|
|
|
|
|
|
X509_VERIFY_PARAM_set_hostflags(param, flags) |
7121
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7122
|
|
|
|
|
|
|
unsigned int flags |
7123
|
|
|
|
|
|
|
|
7124
|
|
|
|
|
|
|
char * |
7125
|
|
|
|
|
|
|
X509_VERIFY_PARAM_get0_peername(param) |
7126
|
|
|
|
|
|
|
X509_VERIFY_PARAM *param |
7127
|
|
|
|
|
|
|
|
7128
|
|
|
|
|
|
|
#endif /* OpenSSL 1.0.2-beta2, LibreSSL 2.7.0 */ |
7129
|
|
|
|
|
|
|
|
7130
|
|
|
|
|
|
|
void |
7131
|
|
|
|
|
|
|
X509_policy_tree_free(tree) |
7132
|
|
|
|
|
|
|
X509_POLICY_TREE *tree |
7133
|
|
|
|
|
|
|
|
7134
|
|
|
|
|
|
|
int |
7135
|
|
|
|
|
|
|
X509_policy_tree_level_count(tree) |
7136
|
|
|
|
|
|
|
X509_POLICY_TREE *tree |
7137
|
|
|
|
|
|
|
|
7138
|
|
|
|
|
|
|
X509_POLICY_LEVEL * |
7139
|
|
|
|
|
|
|
X509_policy_tree_get0_level(tree, i) |
7140
|
|
|
|
|
|
|
X509_POLICY_TREE *tree |
7141
|
|
|
|
|
|
|
int i |
7142
|
|
|
|
|
|
|
|
7143
|
|
|
|
|
|
|
STACK_OF(X509_POLICY_NODE) * |
7144
|
|
|
|
|
|
|
X509_policy_tree_get0_policies(tree) |
7145
|
|
|
|
|
|
|
X509_POLICY_TREE *tree |
7146
|
|
|
|
|
|
|
|
7147
|
|
|
|
|
|
|
STACK_OF(X509_POLICY_NODE) * |
7148
|
|
|
|
|
|
|
X509_policy_tree_get0_user_policies(tree) |
7149
|
|
|
|
|
|
|
X509_POLICY_TREE *tree |
7150
|
|
|
|
|
|
|
|
7151
|
|
|
|
|
|
|
int |
7152
|
|
|
|
|
|
|
X509_policy_level_node_count(level) |
7153
|
|
|
|
|
|
|
X509_POLICY_LEVEL *level |
7154
|
|
|
|
|
|
|
|
7155
|
|
|
|
|
|
|
X509_POLICY_NODE * |
7156
|
|
|
|
|
|
|
X509_policy_level_get0_node(level, i) |
7157
|
|
|
|
|
|
|
X509_POLICY_LEVEL *level |
7158
|
|
|
|
|
|
|
int i |
7159
|
|
|
|
|
|
|
|
7160
|
|
|
|
|
|
|
const ASN1_OBJECT * |
7161
|
|
|
|
|
|
|
X509_policy_node_get0_policy(node) |
7162
|
|
|
|
|
|
|
const X509_POLICY_NODE *node |
7163
|
|
|
|
|
|
|
|
7164
|
|
|
|
|
|
|
STACK_OF(POLICYQUALINFO) * |
7165
|
|
|
|
|
|
|
X509_policy_node_get0_qualifiers(node) |
7166
|
|
|
|
|
|
|
X509_POLICY_NODE *node |
7167
|
|
|
|
|
|
|
|
7168
|
|
|
|
|
|
|
const X509_POLICY_NODE * |
7169
|
|
|
|
|
|
|
X509_policy_node_get0_parent(node) |
7170
|
|
|
|
|
|
|
const X509_POLICY_NODE *node |
7171
|
|
|
|
|
|
|
|
7172
|
|
|
|
|
|
|
#endif |
7173
|
|
|
|
|
|
|
|
7174
|
|
|
|
|
|
|
ASN1_OBJECT * |
7175
|
|
|
|
|
|
|
OBJ_dup(o) |
7176
|
|
|
|
|
|
|
ASN1_OBJECT *o |
7177
|
|
|
|
|
|
|
|
7178
|
|
|
|
|
|
|
ASN1_OBJECT * |
7179
|
|
|
|
|
|
|
OBJ_nid2obj(n) |
7180
|
|
|
|
|
|
|
int n |
7181
|
|
|
|
|
|
|
|
7182
|
|
|
|
|
|
|
const char * |
7183
|
|
|
|
|
|
|
OBJ_nid2ln(n) |
7184
|
|
|
|
|
|
|
int n |
7185
|
|
|
|
|
|
|
|
7186
|
|
|
|
|
|
|
const char * |
7187
|
|
|
|
|
|
|
OBJ_nid2sn(n) |
7188
|
|
|
|
|
|
|
int n |
7189
|
|
|
|
|
|
|
|
7190
|
|
|
|
|
|
|
int |
7191
|
|
|
|
|
|
|
OBJ_obj2nid(o) |
7192
|
|
|
|
|
|
|
ASN1_OBJECT *o |
7193
|
|
|
|
|
|
|
|
7194
|
|
|
|
|
|
|
ASN1_OBJECT * |
7195
|
|
|
|
|
|
|
OBJ_txt2obj(s, no_name=0) |
7196
|
|
|
|
|
|
|
const char *s |
7197
|
|
|
|
|
|
|
int no_name |
7198
|
|
|
|
|
|
|
|
7199
|
|
|
|
|
|
|
void |
7200
|
|
|
|
|
|
|
OBJ_obj2txt(a, no_name=0) |
7201
|
|
|
|
|
|
|
ASN1_OBJECT *a |
7202
|
|
|
|
|
|
|
int no_name |
7203
|
|
|
|
|
|
|
PREINIT: |
7204
|
|
|
|
|
|
|
char buf[100]; /* openssl doc: a buffer length of 80 should be more than enough to handle any OID encountered in practice */ |
7205
|
|
|
|
|
|
|
int len; |
7206
|
|
|
|
|
|
|
CODE: |
7207
|
73
|
|
|
|
|
|
len = OBJ_obj2txt(buf, sizeof(buf), a, no_name); |
7208
|
73
|
|
|
|
|
|
ST(0) = sv_newmortal(); |
7209
|
73
|
|
|
|
|
|
sv_setpvn(ST(0), buf, len); |
7210
|
|
|
|
|
|
|
|
7211
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x0090700fL |
7212
|
|
|
|
|
|
|
#define REM14 "NOTE: before 0.9.7" |
7213
|
|
|
|
|
|
|
|
7214
|
|
|
|
|
|
|
int |
7215
|
|
|
|
|
|
|
OBJ_txt2nid(s) |
7216
|
|
|
|
|
|
|
char *s |
7217
|
|
|
|
|
|
|
|
7218
|
|
|
|
|
|
|
#else |
7219
|
|
|
|
|
|
|
|
7220
|
|
|
|
|
|
|
int |
7221
|
|
|
|
|
|
|
OBJ_txt2nid(s) |
7222
|
|
|
|
|
|
|
const char *s |
7223
|
|
|
|
|
|
|
|
7224
|
|
|
|
|
|
|
#endif |
7225
|
|
|
|
|
|
|
|
7226
|
|
|
|
|
|
|
int |
7227
|
|
|
|
|
|
|
OBJ_ln2nid(s) |
7228
|
|
|
|
|
|
|
const char *s |
7229
|
|
|
|
|
|
|
|
7230
|
|
|
|
|
|
|
int |
7231
|
|
|
|
|
|
|
OBJ_sn2nid(s) |
7232
|
|
|
|
|
|
|
const char *s |
7233
|
|
|
|
|
|
|
|
7234
|
|
|
|
|
|
|
int |
7235
|
|
|
|
|
|
|
OBJ_cmp(a, b) |
7236
|
|
|
|
|
|
|
ASN1_OBJECT *a |
7237
|
|
|
|
|
|
|
ASN1_OBJECT *b |
7238
|
|
|
|
|
|
|
|
7239
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL |
7240
|
|
|
|
|
|
|
|
7241
|
|
|
|
|
|
|
void |
7242
|
|
|
|
|
|
|
X509_pubkey_digest(data,type) |
7243
|
|
|
|
|
|
|
const X509 *data |
7244
|
|
|
|
|
|
|
const EVP_MD *type |
7245
|
|
|
|
|
|
|
PREINIT: |
7246
|
|
|
|
|
|
|
unsigned char md[EVP_MAX_MD_SIZE]; |
7247
|
|
|
|
|
|
|
unsigned int md_size; |
7248
|
|
|
|
|
|
|
PPCODE: |
7249
|
4
|
50
|
|
|
|
|
if (X509_pubkey_digest(data,type,md,&md_size)) |
7250
|
4
|
|
|
|
|
|
XSRETURN_PVN((char *)md, md_size); |
7251
|
|
|
|
|
|
|
else |
7252
|
4
|
|
|
|
|
|
XSRETURN_UNDEF; |
7253
|
|
|
|
|
|
|
|
7254
|
|
|
|
|
|
|
#endif |
7255
|
|
|
|
|
|
|
|
7256
|
|
|
|
|
|
|
void |
7257
|
|
|
|
|
|
|
X509_digest(data,type) |
7258
|
|
|
|
|
|
|
const X509 *data |
7259
|
|
|
|
|
|
|
const EVP_MD *type |
7260
|
|
|
|
|
|
|
PREINIT: |
7261
|
|
|
|
|
|
|
unsigned char md[EVP_MAX_MD_SIZE]; |
7262
|
|
|
|
|
|
|
unsigned int md_size; |
7263
|
|
|
|
|
|
|
PPCODE: |
7264
|
4
|
50
|
|
|
|
|
if (X509_digest(data,type,md,&md_size)) |
7265
|
4
|
|
|
|
|
|
XSRETURN_PVN((char *)md, md_size); |
7266
|
4
|
|
|
|
|
|
XSRETURN_UNDEF; |
7267
|
|
|
|
|
|
|
|
7268
|
|
|
|
|
|
|
void |
7269
|
|
|
|
|
|
|
X509_CRL_digest(data,type) |
7270
|
|
|
|
|
|
|
const X509_CRL *data |
7271
|
|
|
|
|
|
|
const EVP_MD *type |
7272
|
|
|
|
|
|
|
PREINIT: |
7273
|
|
|
|
|
|
|
unsigned char md[EVP_MAX_MD_SIZE]; |
7274
|
|
|
|
|
|
|
unsigned int md_size; |
7275
|
|
|
|
|
|
|
PPCODE: |
7276
|
1
|
50
|
|
|
|
|
if (X509_CRL_digest(data,type,md,&md_size)) |
7277
|
1
|
|
|
|
|
|
XSRETURN_PVN((char *)md, md_size); |
7278
|
1
|
|
|
|
|
|
XSRETURN_UNDEF; |
7279
|
|
|
|
|
|
|
|
7280
|
|
|
|
|
|
|
void |
7281
|
|
|
|
|
|
|
X509_REQ_digest(data,type) |
7282
|
|
|
|
|
|
|
const X509_REQ *data |
7283
|
|
|
|
|
|
|
const EVP_MD *type |
7284
|
|
|
|
|
|
|
PREINIT: |
7285
|
|
|
|
|
|
|
unsigned char md[EVP_MAX_MD_SIZE]; |
7286
|
|
|
|
|
|
|
unsigned int md_size; |
7287
|
|
|
|
|
|
|
PPCODE: |
7288
|
1
|
50
|
|
|
|
|
if (X509_REQ_digest(data,type,md,&md_size)) |
7289
|
1
|
|
|
|
|
|
XSRETURN_PVN((char *)md, md_size); |
7290
|
1
|
|
|
|
|
|
XSRETURN_UNDEF; |
7291
|
|
|
|
|
|
|
|
7292
|
|
|
|
|
|
|
void |
7293
|
|
|
|
|
|
|
X509_NAME_digest(data,type) |
7294
|
|
|
|
|
|
|
const X509_NAME *data |
7295
|
|
|
|
|
|
|
const EVP_MD *type |
7296
|
|
|
|
|
|
|
PREINIT: |
7297
|
|
|
|
|
|
|
unsigned char md[EVP_MAX_MD_SIZE]; |
7298
|
|
|
|
|
|
|
unsigned int md_size; |
7299
|
|
|
|
|
|
|
PPCODE: |
7300
|
0
|
0
|
|
|
|
|
if (X509_NAME_digest(data,type,md,&md_size)) |
7301
|
0
|
|
|
|
|
|
XSRETURN_PVN((char *)md, md_size); |
7302
|
0
|
|
|
|
|
|
XSRETURN_UNDEF; |
7303
|
|
|
|
|
|
|
|
7304
|
|
|
|
|
|
|
unsigned long |
7305
|
|
|
|
|
|
|
X509_subject_name_hash(X509 *x) |
7306
|
|
|
|
|
|
|
|
7307
|
|
|
|
|
|
|
unsigned long |
7308
|
|
|
|
|
|
|
X509_issuer_name_hash(X509 *a) |
7309
|
|
|
|
|
|
|
|
7310
|
|
|
|
|
|
|
unsigned long |
7311
|
|
|
|
|
|
|
X509_issuer_and_serial_hash(X509 *a) |
7312
|
|
|
|
|
|
|
|
7313
|
|
|
|
|
|
|
ASN1_OBJECT * |
7314
|
|
|
|
|
|
|
P_X509_get_signature_alg(x) |
7315
|
|
|
|
|
|
|
X509 * x |
7316
|
|
|
|
|
|
|
CODE: |
7317
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x3050000fL) |
7318
|
|
|
|
|
|
|
RETVAL = (X509_get0_tbs_sigalg(x)->algorithm); |
7319
|
|
|
|
|
|
|
#else |
7320
|
4
|
|
|
|
|
|
RETVAL = (x->cert_info->signature->algorithm); |
7321
|
|
|
|
|
|
|
#endif |
7322
|
|
|
|
|
|
|
OUTPUT: |
7323
|
|
|
|
|
|
|
RETVAL |
7324
|
|
|
|
|
|
|
|
7325
|
|
|
|
|
|
|
ASN1_OBJECT * |
7326
|
|
|
|
|
|
|
P_X509_get_pubkey_alg(x) |
7327
|
|
|
|
|
|
|
X509 * x |
7328
|
|
|
|
|
|
|
PREINIT: |
7329
|
|
|
|
|
|
|
CODE: |
7330
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
7331
|
|
|
|
|
|
|
{ |
7332
|
|
|
|
|
|
|
X509_ALGOR * algor; |
7333
|
|
|
|
|
|
|
X509_PUBKEY_get0_param(0, 0, 0, &algor, X509_get_X509_PUBKEY(x)); |
7334
|
|
|
|
|
|
|
RETVAL = (algor->algorithm); |
7335
|
|
|
|
|
|
|
} |
7336
|
|
|
|
|
|
|
#else |
7337
|
4
|
|
|
|
|
|
RETVAL = (x->cert_info->key->algor->algorithm); |
7338
|
|
|
|
|
|
|
#endif |
7339
|
|
|
|
|
|
|
OUTPUT: |
7340
|
|
|
|
|
|
|
RETVAL |
7341
|
|
|
|
|
|
|
|
7342
|
|
|
|
|
|
|
void |
7343
|
|
|
|
|
|
|
X509_get_X509_PUBKEY(x) |
7344
|
|
|
|
|
|
|
const X509 *x |
7345
|
|
|
|
|
|
|
PPCODE: |
7346
|
|
|
|
|
|
|
X509_PUBKEY *pkey; |
7347
|
|
|
|
|
|
|
STRLEN len; |
7348
|
|
|
|
|
|
|
unsigned char *pc, *pi; |
7349
|
1
|
50
|
|
|
|
|
if (!(pkey = X509_get_X509_PUBKEY(x))) croak("invalid certificate"); |
7350
|
1
|
50
|
|
|
|
|
if (!(len = i2d_X509_PUBKEY(pkey, NULL))) croak("invalid certificate public key"); |
7351
|
1
|
|
|
|
|
|
Newx(pc,len,unsigned char); |
7352
|
1
|
50
|
|
|
|
|
if (!pc) croak("out of memory"); |
7353
|
1
|
|
|
|
|
|
pi = pc; |
7354
|
1
|
|
|
|
|
|
i2d_X509_PUBKEY(pkey, &pi); |
7355
|
1
|
50
|
|
|
|
|
if (pi-pc != len) croak("invalid encoded length"); |
7356
|
1
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((char*)pc,len))); |
7357
|
1
|
|
|
|
|
|
Safefree(pc); |
7358
|
|
|
|
|
|
|
|
7359
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) |
7360
|
|
|
|
|
|
|
|
7361
|
|
|
|
|
|
|
int |
7362
|
|
|
|
|
|
|
SSL_CTX_set_next_protos_advertised_cb(ctx,callback,data=&PL_sv_undef) |
7363
|
|
|
|
|
|
|
SSL_CTX * ctx |
7364
|
|
|
|
|
|
|
SV * callback |
7365
|
|
|
|
|
|
|
SV * data |
7366
|
|
|
|
|
|
|
CODE: |
7367
|
1
|
|
|
|
|
|
RETVAL = 1; |
7368
|
1
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
7369
|
0
|
|
|
|
|
|
SSL_CTX_set_next_protos_advertised_cb(ctx, NULL, NULL); |
7370
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_protos_advertised_cb!!func", NULL); |
7371
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_protos_advertised_cb!!data", NULL); |
7372
|
|
|
|
|
|
|
PR1("SSL_CTX_set_next_protos_advertised_cb - undef\n"); |
7373
|
|
|
|
|
|
|
} |
7374
|
1
|
50
|
|
|
|
|
else if (SvROK(callback) && (SvTYPE(SvRV(callback)) == SVt_PVAV)) { |
|
|
50
|
|
|
|
|
|
7375
|
|
|
|
|
|
|
/* callback param array ref like ['proto1','proto2'] */ |
7376
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_protos_advertised_cb!!func", NULL); |
7377
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_protos_advertised_cb!!data", newSVsv(callback)); |
7378
|
1
|
|
|
|
|
|
SSL_CTX_set_next_protos_advertised_cb(ctx, next_protos_advertised_cb_invoke, ctx); |
7379
|
|
|
|
|
|
|
PR2("SSL_CTX_set_next_protos_advertised_cb - simple ctx=%p\n",ctx); |
7380
|
|
|
|
|
|
|
} |
7381
|
0
|
0
|
|
|
|
|
else if (SvROK(callback) && (SvTYPE(SvRV(callback)) == SVt_PVCV)) { |
|
|
0
|
|
|
|
|
|
7382
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_protos_advertised_cb!!func", newSVsv(callback)); |
7383
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_protos_advertised_cb!!data", newSVsv(data)); |
7384
|
0
|
|
|
|
|
|
SSL_CTX_set_next_protos_advertised_cb(ctx, next_protos_advertised_cb_invoke, ctx); |
7385
|
|
|
|
|
|
|
PR2("SSL_CTX_set_next_protos_advertised_cb - advanced ctx=%p\n",ctx); |
7386
|
|
|
|
|
|
|
} |
7387
|
|
|
|
|
|
|
else { |
7388
|
0
|
|
|
|
|
|
RETVAL = 0; |
7389
|
|
|
|
|
|
|
} |
7390
|
|
|
|
|
|
|
OUTPUT: |
7391
|
|
|
|
|
|
|
RETVAL |
7392
|
|
|
|
|
|
|
|
7393
|
|
|
|
|
|
|
int |
7394
|
|
|
|
|
|
|
SSL_CTX_set_next_proto_select_cb(ctx,callback,data=&PL_sv_undef) |
7395
|
|
|
|
|
|
|
SSL_CTX * ctx |
7396
|
|
|
|
|
|
|
SV * callback |
7397
|
|
|
|
|
|
|
SV * data |
7398
|
|
|
|
|
|
|
CODE: |
7399
|
1
|
|
|
|
|
|
RETVAL = 1; |
7400
|
1
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
7401
|
0
|
|
|
|
|
|
SSL_CTX_set_next_proto_select_cb(ctx, NULL, NULL); |
7402
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_proto_select_cb!!func", NULL); |
7403
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_proto_select_cb!!data", NULL); |
7404
|
|
|
|
|
|
|
PR1("SSL_CTX_set_next_proto_select_cb - undef\n"); |
7405
|
|
|
|
|
|
|
} |
7406
|
1
|
50
|
|
|
|
|
else if (SvROK(callback) && (SvTYPE(SvRV(callback)) == SVt_PVAV)) { |
|
|
50
|
|
|
|
|
|
7407
|
|
|
|
|
|
|
/* callback param array ref like ['proto1','proto2'] */ |
7408
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_proto_select_cb!!func", NULL); |
7409
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_proto_select_cb!!data", newSVsv(callback)); |
7410
|
1
|
|
|
|
|
|
SSL_CTX_set_next_proto_select_cb(ctx, next_proto_select_cb_invoke, ctx); |
7411
|
|
|
|
|
|
|
PR2("SSL_CTX_set_next_proto_select_cb - simple ctx=%p\n",ctx); |
7412
|
|
|
|
|
|
|
} |
7413
|
0
|
0
|
|
|
|
|
else if (SvROK(callback) && (SvTYPE(SvRV(callback)) == SVt_PVCV)) { |
|
|
0
|
|
|
|
|
|
7414
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_proto_select_cb!!func", newSVsv(callback)); |
7415
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "next_proto_select_cb!!data", newSVsv(data)); |
7416
|
0
|
|
|
|
|
|
SSL_CTX_set_next_proto_select_cb(ctx, next_proto_select_cb_invoke, ctx); |
7417
|
|
|
|
|
|
|
PR2("SSL_CTX_set_next_proto_select_cb - advanced ctx=%p\n",ctx); |
7418
|
|
|
|
|
|
|
} |
7419
|
|
|
|
|
|
|
else { |
7420
|
0
|
|
|
|
|
|
RETVAL = 0; |
7421
|
|
|
|
|
|
|
} |
7422
|
|
|
|
|
|
|
OUTPUT: |
7423
|
|
|
|
|
|
|
RETVAL |
7424
|
|
|
|
|
|
|
|
7425
|
|
|
|
|
|
|
void |
7426
|
|
|
|
|
|
|
P_next_proto_negotiated(s) |
7427
|
|
|
|
|
|
|
const SSL *s |
7428
|
|
|
|
|
|
|
PREINIT: |
7429
|
|
|
|
|
|
|
const unsigned char *data; |
7430
|
|
|
|
|
|
|
unsigned int len; |
7431
|
|
|
|
|
|
|
PPCODE: |
7432
|
2
|
|
|
|
|
|
SSL_get0_next_proto_negotiated(s, &data, &len); |
7433
|
2
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((char *)data, len))); |
7434
|
|
|
|
|
|
|
|
7435
|
|
|
|
|
|
|
void |
7436
|
|
|
|
|
|
|
P_next_proto_last_status(s) |
7437
|
|
|
|
|
|
|
const SSL *s |
7438
|
|
|
|
|
|
|
PPCODE: |
7439
|
1
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVsv(cb_data_advanced_get((void*)s, "next_proto_select_cb!!last_status")))); |
7440
|
|
|
|
|
|
|
|
7441
|
|
|
|
|
|
|
#endif |
7442
|
|
|
|
|
|
|
|
7443
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10000000L |
7444
|
|
|
|
|
|
|
|
7445
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_TLSEXT) |
7446
|
|
|
|
|
|
|
|
7447
|
|
|
|
|
|
|
int |
7448
|
|
|
|
|
|
|
SSL_set_tlsext_status_type(SSL *ssl,int cmd) |
7449
|
|
|
|
|
|
|
|
7450
|
|
|
|
|
|
|
long |
7451
|
|
|
|
|
|
|
SSL_set_tlsext_status_ocsp_resp(ssl,staple) |
7452
|
|
|
|
|
|
|
SSL * ssl |
7453
|
|
|
|
|
|
|
PREINIT: |
7454
|
|
|
|
|
|
|
char * p; |
7455
|
|
|
|
|
|
|
STRLEN staplelen; |
7456
|
|
|
|
|
|
|
INPUT: |
7457
|
|
|
|
|
|
|
char * staple = SvPV( ST(1), staplelen); |
7458
|
|
|
|
|
|
|
CODE: |
7459
|
|
|
|
|
|
|
/* OpenSSL will free the memory */ |
7460
|
0
|
|
|
|
|
|
New(0, p, staplelen, char); |
7461
|
0
|
|
|
|
|
|
memcpy(p, staple, staplelen); |
7462
|
0
|
|
|
|
|
|
RETVAL = SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,staplelen,(void *)p); |
7463
|
|
|
|
|
|
|
OUTPUT: |
7464
|
|
|
|
|
|
|
RETVAL |
7465
|
|
|
|
|
|
|
|
7466
|
|
|
|
|
|
|
int |
7467
|
|
|
|
|
|
|
SSL_CTX_set_tlsext_status_cb(ctx,callback,data=&PL_sv_undef) |
7468
|
|
|
|
|
|
|
SSL_CTX * ctx |
7469
|
|
|
|
|
|
|
SV * callback |
7470
|
|
|
|
|
|
|
SV * data |
7471
|
|
|
|
|
|
|
CODE: |
7472
|
0
|
|
|
|
|
|
RETVAL = 1; |
7473
|
0
|
0
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
7474
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_status_cb!!func", NULL); |
7475
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_status_cb!!data", NULL); |
7476
|
0
|
|
|
|
|
|
SSL_CTX_set_tlsext_status_cb(ctx, NULL); |
7477
|
0
|
0
|
|
|
|
|
} else if (SvROK(callback) && (SvTYPE(SvRV(callback)) == SVt_PVCV)) { |
|
|
0
|
|
|
|
|
|
7478
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_status_cb!!func", newSVsv(callback)); |
7479
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "tlsext_status_cb!!data", newSVsv(data)); |
7480
|
0
|
|
|
|
|
|
SSL_CTX_set_tlsext_status_cb(ctx, tlsext_status_cb_invoke); |
7481
|
|
|
|
|
|
|
} else { |
7482
|
0
|
|
|
|
|
|
croak("argument must be code reference"); |
7483
|
|
|
|
|
|
|
} |
7484
|
|
|
|
|
|
|
OUTPUT: |
7485
|
|
|
|
|
|
|
RETVAL |
7486
|
|
|
|
|
|
|
|
7487
|
|
|
|
|
|
|
int |
7488
|
|
|
|
|
|
|
SSL_set_session_ticket_ext_cb(ssl,callback,data=&PL_sv_undef) |
7489
|
|
|
|
|
|
|
SSL * ssl |
7490
|
|
|
|
|
|
|
SV * callback |
7491
|
|
|
|
|
|
|
SV * data |
7492
|
|
|
|
|
|
|
CODE: |
7493
|
1
|
|
|
|
|
|
RETVAL = 1; |
7494
|
1
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
7495
|
0
|
|
|
|
|
|
cb_data_advanced_put(ssl, "session_ticket_ext_cb!!func", NULL); |
7496
|
0
|
|
|
|
|
|
cb_data_advanced_put(ssl, "session_ticket_ext_cb!!data", NULL); |
7497
|
0
|
|
|
|
|
|
SSL_set_session_ticket_ext_cb(ssl, NULL, NULL); |
7498
|
1
|
50
|
|
|
|
|
} else if (SvROK(callback) && (SvTYPE(SvRV(callback)) == SVt_PVCV)) { |
|
|
50
|
|
|
|
|
|
7499
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "session_ticket_ext_cb!!func", newSVsv(callback)); |
7500
|
1
|
|
|
|
|
|
cb_data_advanced_put(ssl, "session_ticket_ext_cb!!data", newSVsv(data)); |
7501
|
1
|
|
|
|
|
|
SSL_set_session_ticket_ext_cb(ssl, (tls_session_ticket_ext_cb_fn)&session_ticket_ext_cb_invoke, ssl); |
7502
|
|
|
|
|
|
|
} else { |
7503
|
0
|
|
|
|
|
|
croak("argument must be code reference"); |
7504
|
|
|
|
|
|
|
} |
7505
|
|
|
|
|
|
|
OUTPUT: |
7506
|
|
|
|
|
|
|
RETVAL |
7507
|
|
|
|
|
|
|
|
7508
|
|
|
|
|
|
|
int |
7509
|
|
|
|
|
|
|
SSL_set_session_ticket_ext(ssl,ticket) |
7510
|
|
|
|
|
|
|
SSL *ssl |
7511
|
|
|
|
|
|
|
PREINIT: |
7512
|
|
|
|
|
|
|
unsigned char * p; |
7513
|
|
|
|
|
|
|
STRLEN ticketlen; |
7514
|
|
|
|
|
|
|
INPUT: |
7515
|
|
|
|
|
|
|
unsigned char * ticket = (unsigned char *)SvPV( ST(1), ticketlen); |
7516
|
|
|
|
|
|
|
CODE: |
7517
|
1
|
|
|
|
|
|
RETVAL = 0; |
7518
|
1
|
50
|
|
|
|
|
if (ticketlen > 0) { |
7519
|
1
|
|
|
|
|
|
Newx(p, ticketlen, unsigned char); |
7520
|
1
|
50
|
|
|
|
|
if (!p) |
7521
|
0
|
|
|
|
|
|
croak("Net::SSLeay: set_session_ticket_ext could not allocate memory.\n"); |
7522
|
1
|
|
|
|
|
|
memcpy(p, ticket, ticketlen); |
7523
|
1
|
|
|
|
|
|
RETVAL = SSL_set_session_ticket_ext(ssl, p, ticketlen); |
7524
|
1
|
|
|
|
|
|
Safefree(p); |
7525
|
|
|
|
|
|
|
} |
7526
|
|
|
|
|
|
|
OUTPUT: |
7527
|
|
|
|
|
|
|
RETVAL |
7528
|
|
|
|
|
|
|
|
7529
|
|
|
|
|
|
|
#endif |
7530
|
|
|
|
|
|
|
|
7531
|
|
|
|
|
|
|
OCSP_RESPONSE * |
7532
|
|
|
|
|
|
|
d2i_OCSP_RESPONSE(pv) |
7533
|
|
|
|
|
|
|
SV *pv |
7534
|
|
|
|
|
|
|
CODE: |
7535
|
0
|
|
|
|
|
|
RETVAL = NULL; |
7536
|
0
|
0
|
|
|
|
|
if (SvPOK(pv)) { |
7537
|
|
|
|
|
|
|
const unsigned char *p; |
7538
|
|
|
|
|
|
|
STRLEN len; |
7539
|
0
|
0
|
|
|
|
|
p = (unsigned char*)SvPV(pv,len); |
7540
|
0
|
|
|
|
|
|
RETVAL = d2i_OCSP_RESPONSE(NULL,&p,len); |
7541
|
|
|
|
|
|
|
} |
7542
|
|
|
|
|
|
|
OUTPUT: |
7543
|
|
|
|
|
|
|
RETVAL |
7544
|
|
|
|
|
|
|
|
7545
|
|
|
|
|
|
|
void |
7546
|
|
|
|
|
|
|
i2d_OCSP_RESPONSE(r) |
7547
|
|
|
|
|
|
|
OCSP_RESPONSE * r |
7548
|
|
|
|
|
|
|
PPCODE: |
7549
|
|
|
|
|
|
|
STRLEN len; |
7550
|
|
|
|
|
|
|
unsigned char *pc,*pi; |
7551
|
0
|
0
|
|
|
|
|
if (!(len = i2d_OCSP_RESPONSE(r,NULL))) croak("invalid OCSP response"); |
7552
|
0
|
|
|
|
|
|
Newx(pc,len,unsigned char); |
7553
|
0
|
0
|
|
|
|
|
if (!pc) croak("out of memory"); |
7554
|
0
|
|
|
|
|
|
pi = pc; |
7555
|
0
|
|
|
|
|
|
i2d_OCSP_RESPONSE(r,&pi); |
7556
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((char*)pc,len))); |
7557
|
0
|
|
|
|
|
|
Safefree(pc); |
7558
|
|
|
|
|
|
|
|
7559
|
|
|
|
|
|
|
void |
7560
|
|
|
|
|
|
|
OCSP_RESPONSE_free(r) |
7561
|
|
|
|
|
|
|
OCSP_RESPONSE * r |
7562
|
|
|
|
|
|
|
|
7563
|
|
|
|
|
|
|
|
7564
|
|
|
|
|
|
|
OCSP_REQUEST * |
7565
|
|
|
|
|
|
|
d2i_OCSP_REQUEST(pv) |
7566
|
|
|
|
|
|
|
SV *pv |
7567
|
|
|
|
|
|
|
CODE: |
7568
|
0
|
|
|
|
|
|
RETVAL = NULL; |
7569
|
0
|
0
|
|
|
|
|
if (SvPOK(pv)) { |
7570
|
|
|
|
|
|
|
const unsigned char *p; |
7571
|
|
|
|
|
|
|
STRLEN len; |
7572
|
0
|
0
|
|
|
|
|
p = (unsigned char*)SvPV(pv,len); |
7573
|
0
|
|
|
|
|
|
RETVAL = d2i_OCSP_REQUEST(NULL,&p,len); |
7574
|
|
|
|
|
|
|
} |
7575
|
|
|
|
|
|
|
OUTPUT: |
7576
|
|
|
|
|
|
|
RETVAL |
7577
|
|
|
|
|
|
|
|
7578
|
|
|
|
|
|
|
void |
7579
|
|
|
|
|
|
|
i2d_OCSP_REQUEST(r) |
7580
|
|
|
|
|
|
|
OCSP_REQUEST * r |
7581
|
|
|
|
|
|
|
PPCODE: |
7582
|
|
|
|
|
|
|
STRLEN len; |
7583
|
|
|
|
|
|
|
unsigned char *pc,*pi; |
7584
|
0
|
0
|
|
|
|
|
if (!(len = i2d_OCSP_REQUEST(r,NULL))) croak("invalid OCSP request"); |
7585
|
0
|
|
|
|
|
|
Newx(pc,len,unsigned char); |
7586
|
0
|
0
|
|
|
|
|
if (!pc) croak("out of memory"); |
7587
|
0
|
|
|
|
|
|
pi = pc; |
7588
|
0
|
|
|
|
|
|
i2d_OCSP_REQUEST(r,&pi); |
7589
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((char*)pc,len))); |
7590
|
0
|
|
|
|
|
|
Safefree(pc); |
7591
|
|
|
|
|
|
|
|
7592
|
|
|
|
|
|
|
|
7593
|
|
|
|
|
|
|
void |
7594
|
|
|
|
|
|
|
OCSP_REQUEST_free(r) |
7595
|
|
|
|
|
|
|
OCSP_REQUEST * r |
7596
|
|
|
|
|
|
|
|
7597
|
|
|
|
|
|
|
|
7598
|
|
|
|
|
|
|
const char * |
7599
|
|
|
|
|
|
|
OCSP_response_status_str(long status) |
7600
|
|
|
|
|
|
|
|
7601
|
|
|
|
|
|
|
long |
7602
|
|
|
|
|
|
|
OCSP_response_status(OCSP_RESPONSE *r) |
7603
|
|
|
|
|
|
|
|
7604
|
|
|
|
|
|
|
void |
7605
|
|
|
|
|
|
|
SSL_OCSP_cert2ids(ssl,...) |
7606
|
|
|
|
|
|
|
SSL *ssl |
7607
|
|
|
|
|
|
|
PPCODE: |
7608
|
|
|
|
|
|
|
SSL_CTX *ctx; |
7609
|
|
|
|
|
|
|
X509_STORE *store; |
7610
|
|
|
|
|
|
|
STACK_OF(X509) *chain; |
7611
|
|
|
|
|
|
|
X509 *cert,*issuer; |
7612
|
|
|
|
|
|
|
OCSP_CERTID *id; |
7613
|
|
|
|
|
|
|
int i; |
7614
|
|
|
|
|
|
|
STRLEN len; |
7615
|
|
|
|
|
|
|
unsigned char *pi; |
7616
|
|
|
|
|
|
|
|
7617
|
0
|
0
|
|
|
|
|
if (!ssl) croak("not a SSL object"); |
7618
|
0
|
|
|
|
|
|
ctx = SSL_get_SSL_CTX(ssl); |
7619
|
0
|
0
|
|
|
|
|
if (!ctx) croak("invalid SSL object - no context"); |
7620
|
0
|
|
|
|
|
|
store = SSL_CTX_get_cert_store(ctx); |
7621
|
0
|
|
|
|
|
|
chain = SSL_get_peer_cert_chain(ssl); |
7622
|
|
|
|
|
|
|
|
7623
|
0
|
0
|
|
|
|
|
for(i=0;i
|
7624
|
0
|
0
|
|
|
|
|
cert = INT2PTR(X509*,SvIV(ST(i+1))); |
7625
|
0
|
0
|
|
|
|
|
if (X509_check_issued(cert,cert) == X509_V_OK) |
7626
|
0
|
|
|
|
|
|
croak("no OCSP request for self-signed certificate"); |
7627
|
0
|
0
|
|
|
|
|
if (!(issuer = find_issuer(cert,store,chain))) |
7628
|
0
|
|
|
|
|
|
croak("cannot find issuer certificate"); |
7629
|
0
|
|
|
|
|
|
id = OCSP_cert_to_id(EVP_sha1(),cert,issuer); |
7630
|
0
|
|
|
|
|
|
X509_free(issuer); |
7631
|
0
|
0
|
|
|
|
|
if (!id) |
7632
|
0
|
|
|
|
|
|
croak("out of memory for generating OCSP certid"); |
7633
|
|
|
|
|
|
|
|
7634
|
0
|
|
|
|
|
|
pi = NULL; |
7635
|
0
|
0
|
|
|
|
|
if (!(len = i2d_OCSP_CERTID(id,&pi))) |
7636
|
0
|
|
|
|
|
|
croak("OCSP certid has no length"); |
7637
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpvn((char *)pi, len))); |
7638
|
|
|
|
|
|
|
|
7639
|
0
|
|
|
|
|
|
OPENSSL_free(pi); |
7640
|
0
|
|
|
|
|
|
OCSP_CERTID_free(id); |
7641
|
|
|
|
|
|
|
} |
7642
|
|
|
|
|
|
|
|
7643
|
|
|
|
|
|
|
|
7644
|
|
|
|
|
|
|
OCSP_REQUEST * |
7645
|
|
|
|
|
|
|
OCSP_ids2req(...) |
7646
|
|
|
|
|
|
|
CODE: |
7647
|
|
|
|
|
|
|
OCSP_REQUEST *req; |
7648
|
|
|
|
|
|
|
OCSP_CERTID *id; |
7649
|
|
|
|
|
|
|
int i; |
7650
|
|
|
|
|
|
|
|
7651
|
0
|
|
|
|
|
|
req = OCSP_REQUEST_new(); |
7652
|
0
|
0
|
|
|
|
|
if (!req) croak("out of memory"); |
7653
|
0
|
|
|
|
|
|
OCSP_request_add1_nonce(req,NULL,-1); |
7654
|
|
|
|
|
|
|
|
7655
|
0
|
0
|
|
|
|
|
for(i=0;i
|
7656
|
|
|
|
|
|
|
STRLEN len; |
7657
|
0
|
0
|
|
|
|
|
const unsigned char *p = (unsigned char*)SvPV(ST(i),len); |
7658
|
0
|
|
|
|
|
|
id = d2i_OCSP_CERTID(NULL,&p,len); |
7659
|
0
|
0
|
|
|
|
|
if (!id) { |
7660
|
0
|
|
|
|
|
|
OCSP_REQUEST_free(req); |
7661
|
0
|
|
|
|
|
|
croak("failed to get OCSP certid from string"); |
7662
|
|
|
|
|
|
|
} |
7663
|
0
|
|
|
|
|
|
OCSP_request_add0_id(req,id); |
7664
|
|
|
|
|
|
|
} |
7665
|
0
|
|
|
|
|
|
RETVAL = req; |
7666
|
|
|
|
|
|
|
OUTPUT: |
7667
|
|
|
|
|
|
|
RETVAL |
7668
|
|
|
|
|
|
|
|
7669
|
|
|
|
|
|
|
|
7670
|
|
|
|
|
|
|
|
7671
|
|
|
|
|
|
|
int |
7672
|
|
|
|
|
|
|
SSL_OCSP_response_verify(ssl,rsp,svreq=NULL,flags=0) |
7673
|
|
|
|
|
|
|
SSL *ssl |
7674
|
|
|
|
|
|
|
OCSP_RESPONSE *rsp |
7675
|
|
|
|
|
|
|
SV *svreq |
7676
|
|
|
|
|
|
|
unsigned long flags |
7677
|
|
|
|
|
|
|
PREINIT: |
7678
|
|
|
|
|
|
|
SSL_CTX *ctx; |
7679
|
|
|
|
|
|
|
X509_STORE *store; |
7680
|
|
|
|
|
|
|
OCSP_BASICRESP *bsr; |
7681
|
0
|
|
|
|
|
|
OCSP_REQUEST *req = NULL; |
7682
|
|
|
|
|
|
|
int i; |
7683
|
|
|
|
|
|
|
CODE: |
7684
|
0
|
0
|
|
|
|
|
if (!ssl) croak("not a SSL object"); |
7685
|
0
|
|
|
|
|
|
ctx = SSL_get_SSL_CTX(ssl); |
7686
|
0
|
0
|
|
|
|
|
if (!ctx) croak("invalid SSL object - no context"); |
7687
|
|
|
|
|
|
|
|
7688
|
0
|
|
|
|
|
|
bsr = OCSP_response_get1_basic(rsp); |
7689
|
0
|
0
|
|
|
|
|
if (!bsr) croak("invalid OCSP response"); |
7690
|
|
|
|
|
|
|
|
7691
|
|
|
|
|
|
|
/* if we get a nonce it should match our nonce, if we get no nonce |
7692
|
|
|
|
|
|
|
* it was probably pre-signed */ |
7693
|
0
|
0
|
|
|
|
|
if (svreq && SvOK(svreq) && |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
7694
|
0
|
0
|
|
|
|
|
(req = INT2PTR(OCSP_REQUEST*,SvIV(svreq)))) { |
7695
|
0
|
|
|
|
|
|
i = OCSP_check_nonce(req,bsr); |
7696
|
0
|
0
|
|
|
|
|
if ( i <= 0 ) { |
7697
|
0
|
0
|
|
|
|
|
if (i == -1) { |
7698
|
0
|
|
|
|
|
|
TRACE(2,"SSL_OCSP_response_verify: no nonce in response"); |
7699
|
|
|
|
|
|
|
} else { |
7700
|
0
|
|
|
|
|
|
OCSP_BASICRESP_free(bsr); |
7701
|
0
|
|
|
|
|
|
croak("nonce in OCSP response does not match request"); |
7702
|
|
|
|
|
|
|
} |
7703
|
|
|
|
|
|
|
} |
7704
|
|
|
|
|
|
|
} |
7705
|
|
|
|
|
|
|
|
7706
|
0
|
|
|
|
|
|
RETVAL = 0; |
7707
|
0
|
0
|
|
|
|
|
if ((store = SSL_CTX_get_cert_store(ctx))) { |
7708
|
|
|
|
|
|
|
/* add the SSL uchain to the uchain of the OCSP basic response, this |
7709
|
|
|
|
|
|
|
* looks like the easiest way to handle the case where the OCSP |
7710
|
|
|
|
|
|
|
* response does not contain the chain up to the trusted root */ |
7711
|
0
|
|
|
|
|
|
STACK_OF(X509) *chain = SSL_get_peer_cert_chain(ssl); |
7712
|
0
|
0
|
|
|
|
|
for(i=0;i
|
7713
|
0
|
|
|
|
|
|
OCSP_basic_add1_cert(bsr, sk_X509_value(chain,i)); |
7714
|
|
|
|
|
|
|
} |
7715
|
0
|
|
|
|
|
|
TRACE(1,"run basic verify"); |
7716
|
0
|
|
|
|
|
|
RETVAL = OCSP_basic_verify(bsr, NULL, store, flags); |
7717
|
0
|
0
|
|
|
|
|
if (chain && !RETVAL) { |
|
|
0
|
|
|
|
|
|
7718
|
|
|
|
|
|
|
/* some CAs don't add a certificate to their OCSP responses and |
7719
|
|
|
|
|
|
|
* openssl does not include the trusted CA which signed the |
7720
|
|
|
|
|
|
|
* lowest chain certificate when looking for the signer. |
7721
|
|
|
|
|
|
|
* So find this CA ourself and retry verification. */ |
7722
|
|
|
|
|
|
|
X509 *issuer; |
7723
|
0
|
|
|
|
|
|
X509 *last = sk_X509_value(chain,sk_X509_num(chain)-1); |
7724
|
0
|
|
|
|
|
|
ERR_clear_error(); /* clear error from last OCSP_basic_verify */ |
7725
|
0
|
0
|
|
|
|
|
if (last && (issuer = find_issuer(last,store,chain))) { |
|
|
0
|
|
|
|
|
|
7726
|
0
|
|
|
|
|
|
OCSP_basic_add1_cert(bsr, issuer); |
7727
|
0
|
|
|
|
|
|
X509_free(issuer); |
7728
|
0
|
|
|
|
|
|
TRACE(1,"run OCSP_basic_verify with issuer for last chain element"); |
7729
|
0
|
|
|
|
|
|
RETVAL = OCSP_basic_verify(bsr, NULL, store, flags); |
7730
|
|
|
|
|
|
|
} |
7731
|
|
|
|
|
|
|
} |
7732
|
|
|
|
|
|
|
} |
7733
|
0
|
|
|
|
|
|
OCSP_BASICRESP_free(bsr); |
7734
|
|
|
|
|
|
|
OUTPUT: |
7735
|
|
|
|
|
|
|
RETVAL |
7736
|
|
|
|
|
|
|
|
7737
|
|
|
|
|
|
|
|
7738
|
|
|
|
|
|
|
void |
7739
|
|
|
|
|
|
|
OCSP_response_results(rsp,...) |
7740
|
|
|
|
|
|
|
OCSP_RESPONSE *rsp |
7741
|
|
|
|
|
|
|
PPCODE: |
7742
|
|
|
|
|
|
|
OCSP_BASICRESP *bsr; |
7743
|
|
|
|
|
|
|
int i,want_array; |
7744
|
0
|
|
|
|
|
|
time_t nextupd = 0; |
7745
|
0
|
|
|
|
|
|
time_t gmtoff = -1; |
7746
|
|
|
|
|
|
|
int getall,sksn; |
7747
|
|
|
|
|
|
|
|
7748
|
0
|
|
|
|
|
|
bsr = OCSP_response_get1_basic(rsp); |
7749
|
0
|
0
|
|
|
|
|
if (!bsr) croak("invalid OCSP response"); |
7750
|
|
|
|
|
|
|
|
7751
|
0
|
0
|
|
|
|
|
want_array = (GIMME == G_ARRAY); |
7752
|
0
|
|
|
|
|
|
getall = (items <= 1); |
7753
|
0
|
|
|
|
|
|
sksn = OCSP_resp_count(bsr); |
7754
|
|
|
|
|
|
|
|
7755
|
0
|
0
|
|
|
|
|
for(i=0; i < (getall ? sksn : items-1); i++) { |
|
|
0
|
|
|
|
|
|
7756
|
0
|
|
|
|
|
|
const char *error = NULL; |
7757
|
0
|
|
|
|
|
|
OCSP_SINGLERESP *sir = NULL; |
7758
|
0
|
|
|
|
|
|
OCSP_CERTID *certid = NULL; |
7759
|
0
|
|
|
|
|
|
SV *idsv = NULL; |
7760
|
|
|
|
|
|
|
int first, status, revocationReason; |
7761
|
|
|
|
|
|
|
ASN1_GENERALIZEDTIME *revocationTime, *thisupdate, *nextupdate; |
7762
|
|
|
|
|
|
|
|
7763
|
0
|
0
|
|
|
|
|
if(getall) { |
7764
|
0
|
|
|
|
|
|
sir = OCSP_resp_get0(bsr,i); |
7765
|
|
|
|
|
|
|
} else { |
7766
|
|
|
|
|
|
|
STRLEN len; |
7767
|
|
|
|
|
|
|
const unsigned char *p; |
7768
|
|
|
|
|
|
|
|
7769
|
0
|
|
|
|
|
|
idsv = ST(i+1); |
7770
|
0
|
0
|
|
|
|
|
if (!SvOK(idsv)) croak("undefined certid in arguments"); |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
7771
|
0
|
0
|
|
|
|
|
p = (unsigned char*)SvPV(idsv,len); |
7772
|
0
|
0
|
|
|
|
|
if (!(certid = d2i_OCSP_CERTID(NULL,&p,len))) { |
7773
|
0
|
|
|
|
|
|
error = "failed to get OCSP certid from string"; |
7774
|
0
|
|
|
|
|
|
goto end; |
7775
|
|
|
|
|
|
|
} |
7776
|
0
|
|
|
|
|
|
first = OCSP_resp_find(bsr, certid, -1); /* Find the first matching */ |
7777
|
0
|
0
|
|
|
|
|
if (first >= 0) |
7778
|
0
|
|
|
|
|
|
sir = OCSP_resp_get0(bsr,first); |
7779
|
|
|
|
|
|
|
} |
7780
|
|
|
|
|
|
|
|
7781
|
0
|
0
|
|
|
|
|
if (sir) |
7782
|
|
|
|
|
|
|
{ |
7783
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
7784
|
|
|
|
|
|
|
status = OCSP_single_get0_status(sir, &revocationReason, &revocationTime, &thisupdate, &nextupdate); |
7785
|
|
|
|
|
|
|
#else |
7786
|
0
|
|
|
|
|
|
status = sir->certStatus->type; |
7787
|
0
|
0
|
|
|
|
|
if (status == V_OCSP_CERTSTATUS_REVOKED) |
7788
|
0
|
|
|
|
|
|
revocationTime = sir->certStatus->value.revoked->revocationTime; |
7789
|
0
|
|
|
|
|
|
thisupdate = sir->thisUpdate; |
7790
|
0
|
|
|
|
|
|
nextupdate = sir->nextUpdate; |
7791
|
|
|
|
|
|
|
#endif |
7792
|
0
|
0
|
|
|
|
|
if (status == V_OCSP_CERTSTATUS_REVOKED) { |
7793
|
0
|
|
|
|
|
|
error = "certificate status is revoked"; |
7794
|
0
|
0
|
|
|
|
|
} else if (status != V_OCSP_CERTSTATUS_GOOD) { |
7795
|
0
|
|
|
|
|
|
error = "certificate status is unknown"; |
7796
|
|
|
|
|
|
|
} |
7797
|
0
|
0
|
|
|
|
|
else if (!OCSP_check_validity(thisupdate, nextupdate, 0, -1)) { |
7798
|
0
|
|
|
|
|
|
error = "response not yet valid or expired"; |
7799
|
|
|
|
|
|
|
} |
7800
|
|
|
|
|
|
|
} else { |
7801
|
0
|
|
|
|
|
|
error = "cannot find entry for certificate in OCSP response"; |
7802
|
|
|
|
|
|
|
} |
7803
|
|
|
|
|
|
|
|
7804
|
|
|
|
|
|
|
end: |
7805
|
0
|
0
|
|
|
|
|
if (want_array) { |
7806
|
0
|
|
|
|
|
|
AV *idav = newAV(); |
7807
|
0
|
0
|
|
|
|
|
if (!idsv) { |
7808
|
|
|
|
|
|
|
/* getall: create new SV with OCSP_CERTID */ |
7809
|
|
|
|
|
|
|
unsigned char *pi,*pc; |
7810
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x3050000fL) |
7811
|
|
|
|
|
|
|
int len = i2d_OCSP_CERTID((OCSP_CERTID *)OCSP_SINGLERESP_get0_id(sir),NULL); |
7812
|
|
|
|
|
|
|
#else |
7813
|
0
|
|
|
|
|
|
int len = i2d_OCSP_CERTID(sir->certId,NULL); |
7814
|
|
|
|
|
|
|
#endif |
7815
|
0
|
0
|
|
|
|
|
if(!len) continue; |
7816
|
0
|
|
|
|
|
|
Newx(pc,len,unsigned char); |
7817
|
0
|
0
|
|
|
|
|
if (!pc) croak("out of memory"); |
7818
|
0
|
|
|
|
|
|
pi = pc; |
7819
|
|
|
|
|
|
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x3050000fL) |
7820
|
|
|
|
|
|
|
i2d_OCSP_CERTID((OCSP_CERTID *)OCSP_SINGLERESP_get0_id(sir),&pi); |
7821
|
|
|
|
|
|
|
#else |
7822
|
0
|
|
|
|
|
|
i2d_OCSP_CERTID(sir->certId,&pi); |
7823
|
|
|
|
|
|
|
#endif |
7824
|
0
|
|
|
|
|
|
idsv = newSVpv((char*)pc,len); |
7825
|
0
|
|
|
|
|
|
Safefree(pc); |
7826
|
|
|
|
|
|
|
} else { |
7827
|
|
|
|
|
|
|
/* reuse idsv from ST(..), but increment refcount */ |
7828
|
0
|
|
|
|
|
|
idsv = SvREFCNT_inc(idsv); |
7829
|
|
|
|
|
|
|
} |
7830
|
0
|
|
|
|
|
|
av_push(idav, idsv); |
7831
|
0
|
0
|
|
|
|
|
av_push(idav, error ? newSVpv(error,0) : newSV(0)); |
7832
|
0
|
0
|
|
|
|
|
if (sir) { |
7833
|
0
|
|
|
|
|
|
HV *details = newHV(); |
7834
|
0
|
|
|
|
|
|
av_push(idav,newRV_noinc((SV*)details)); |
7835
|
0
|
|
|
|
|
|
hv_store(details,"statusType",10, |
7836
|
|
|
|
|
|
|
newSViv(status),0); |
7837
|
0
|
0
|
|
|
|
|
if (nextupdate) hv_store(details,"nextUpdate",10, |
7838
|
|
|
|
|
|
|
newSViv(ASN1_TIME_timet(nextupdate, &gmtoff)),0); |
7839
|
0
|
0
|
|
|
|
|
if (thisupdate) hv_store(details,"thisUpdate",10, |
7840
|
|
|
|
|
|
|
newSViv(ASN1_TIME_timet(thisupdate, &gmtoff)),0); |
7841
|
0
|
0
|
|
|
|
|
if (status == V_OCSP_CERTSTATUS_REVOKED) { |
7842
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
7843
|
0
|
|
|
|
|
|
OCSP_REVOKEDINFO *rev = sir->certStatus->value.revoked; |
7844
|
0
|
|
|
|
|
|
revocationReason = ASN1_ENUMERATED_get(rev->revocationReason); |
7845
|
|
|
|
|
|
|
#endif |
7846
|
0
|
|
|
|
|
|
hv_store(details,"revocationTime",14,newSViv(ASN1_TIME_timet(revocationTime, &gmtoff)),0); |
7847
|
0
|
|
|
|
|
|
hv_store(details,"revocationReason",16,newSViv(revocationReason),0); |
7848
|
0
|
|
|
|
|
|
hv_store(details,"revocationReason_str",20,newSVpv( |
7849
|
|
|
|
|
|
|
OCSP_crl_reason_str(revocationReason),0),0); |
7850
|
|
|
|
|
|
|
} |
7851
|
|
|
|
|
|
|
} |
7852
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newRV_noinc((SV*)idav))); |
7853
|
0
|
0
|
|
|
|
|
} else if (!error) { |
7854
|
|
|
|
|
|
|
/* compute lowest nextUpdate */ |
7855
|
0
|
|
|
|
|
|
time_t nu = ASN1_TIME_timet(nextupdate, &gmtoff); |
7856
|
0
|
0
|
|
|
|
|
if (!nextupd || nextupd>nu) nextupd = nu; |
|
|
0
|
|
|
|
|
|
7857
|
|
|
|
|
|
|
} |
7858
|
|
|
|
|
|
|
|
7859
|
0
|
0
|
|
|
|
|
if (certid) OCSP_CERTID_free(certid); |
7860
|
0
|
0
|
|
|
|
|
if (error && !want_array) { |
|
|
0
|
|
|
|
|
|
7861
|
0
|
|
|
|
|
|
OCSP_BASICRESP_free(bsr); |
7862
|
0
|
|
|
|
|
|
croak("%s", error); |
7863
|
|
|
|
|
|
|
} |
7864
|
|
|
|
|
|
|
} |
7865
|
0
|
|
|
|
|
|
OCSP_BASICRESP_free(bsr); |
7866
|
0
|
0
|
|
|
|
|
if (!want_array) |
7867
|
0
|
0
|
|
|
|
|
XPUSHs(sv_2mortal(newSViv(nextupd))); |
7868
|
|
|
|
|
|
|
|
7869
|
|
|
|
|
|
|
|
7870
|
|
|
|
|
|
|
|
7871
|
|
|
|
|
|
|
#endif |
7872
|
|
|
|
|
|
|
|
7873
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_TLSEXT) |
7874
|
|
|
|
|
|
|
|
7875
|
|
|
|
|
|
|
int |
7876
|
|
|
|
|
|
|
SSL_CTX_set_alpn_select_cb(ctx,callback,data=&PL_sv_undef) |
7877
|
|
|
|
|
|
|
SSL_CTX * ctx |
7878
|
|
|
|
|
|
|
SV * callback |
7879
|
|
|
|
|
|
|
SV * data |
7880
|
|
|
|
|
|
|
CODE: |
7881
|
1
|
|
|
|
|
|
RETVAL = 1; |
7882
|
1
|
50
|
|
|
|
|
if (callback==NULL || !SvOK(callback)) { |
|
|
50
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
7883
|
0
|
|
|
|
|
|
SSL_CTX_set_alpn_select_cb(ctx, NULL, NULL); |
7884
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "alpn_select_cb!!func", NULL); |
7885
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "alpn_select_cb!!data", NULL); |
7886
|
|
|
|
|
|
|
PR1("SSL_CTX_set_alpn_select_cb - undef\n"); |
7887
|
|
|
|
|
|
|
} |
7888
|
1
|
50
|
|
|
|
|
else if (SvROK(callback) && (SvTYPE(SvRV(callback)) == SVt_PVAV)) { |
|
|
50
|
|
|
|
|
|
7889
|
|
|
|
|
|
|
/* callback param array ref like ['proto1','proto2'] */ |
7890
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "alpn_select_cb!!func", NULL); |
7891
|
1
|
|
|
|
|
|
cb_data_advanced_put(ctx, "alpn_select_cb!!data", newSVsv(callback)); |
7892
|
1
|
|
|
|
|
|
SSL_CTX_set_alpn_select_cb(ctx, alpn_select_cb_invoke, ctx); |
7893
|
|
|
|
|
|
|
PR2("SSL_CTX_set_alpn_select_cb - simple ctx=%p\n",ctx); |
7894
|
|
|
|
|
|
|
} |
7895
|
0
|
0
|
|
|
|
|
else if (SvROK(callback) && (SvTYPE(SvRV(callback)) == SVt_PVCV)) { |
|
|
0
|
|
|
|
|
|
7896
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "alpn_select_cb!!func", newSVsv(callback)); |
7897
|
0
|
|
|
|
|
|
cb_data_advanced_put(ctx, "alpn_select_cb!!data", newSVsv(data)); |
7898
|
0
|
|
|
|
|
|
SSL_CTX_set_alpn_select_cb(ctx, alpn_select_cb_invoke, ctx); |
7899
|
|
|
|
|
|
|
PR2("SSL_CTX_set_alpn_select_cb - advanced ctx=%p\n",ctx); |
7900
|
|
|
|
|
|
|
} |
7901
|
|
|
|
|
|
|
else { |
7902
|
0
|
|
|
|
|
|
RETVAL = 0; |
7903
|
|
|
|
|
|
|
} |
7904
|
|
|
|
|
|
|
OUTPUT: |
7905
|
|
|
|
|
|
|
RETVAL |
7906
|
|
|
|
|
|
|
|
7907
|
|
|
|
|
|
|
int |
7908
|
|
|
|
|
|
|
SSL_CTX_set_alpn_protos(ctx,data=&PL_sv_undef) |
7909
|
|
|
|
|
|
|
SSL_CTX * ctx |
7910
|
|
|
|
|
|
|
SV * data |
7911
|
|
|
|
|
|
|
PREINIT: |
7912
|
|
|
|
|
|
|
unsigned char *alpn_data; |
7913
|
|
|
|
|
|
|
unsigned char alpn_len; |
7914
|
|
|
|
|
|
|
|
7915
|
|
|
|
|
|
|
CODE: |
7916
|
1
|
|
|
|
|
|
RETVAL = -1; |
7917
|
|
|
|
|
|
|
|
7918
|
1
|
50
|
|
|
|
|
if (!SvROK(data) || (SvTYPE(SvRV(data)) != SVt_PVAV)) |
|
|
50
|
|
|
|
|
|
7919
|
0
|
|
|
|
|
|
croak("Net::SSLeay: CTX_set_alpn_protos needs a single array reference.\n"); |
7920
|
1
|
|
|
|
|
|
alpn_len = next_proto_helper_AV2protodata((AV*)SvRV(data), NULL); |
7921
|
1
|
|
|
|
|
|
Newx(alpn_data, alpn_len, unsigned char); |
7922
|
1
|
50
|
|
|
|
|
if (!alpn_data) |
7923
|
0
|
|
|
|
|
|
croak("Net::SSLeay: CTX_set_alpn_protos could not allocate memory.\n"); |
7924
|
1
|
|
|
|
|
|
alpn_len = next_proto_helper_AV2protodata((AV*)SvRV(data), alpn_data); |
7925
|
1
|
|
|
|
|
|
RETVAL = SSL_CTX_set_alpn_protos(ctx, alpn_data, alpn_len); |
7926
|
1
|
|
|
|
|
|
Safefree(alpn_data); |
7927
|
|
|
|
|
|
|
|
7928
|
|
|
|
|
|
|
OUTPUT: |
7929
|
|
|
|
|
|
|
RETVAL |
7930
|
|
|
|
|
|
|
|
7931
|
|
|
|
|
|
|
int |
7932
|
|
|
|
|
|
|
SSL_set_alpn_protos(ssl,data=&PL_sv_undef) |
7933
|
|
|
|
|
|
|
SSL * ssl |
7934
|
|
|
|
|
|
|
SV * data |
7935
|
|
|
|
|
|
|
PREINIT: |
7936
|
|
|
|
|
|
|
unsigned char *alpn_data; |
7937
|
|
|
|
|
|
|
unsigned char alpn_len; |
7938
|
|
|
|
|
|
|
|
7939
|
|
|
|
|
|
|
CODE: |
7940
|
0
|
|
|
|
|
|
RETVAL = -1; |
7941
|
|
|
|
|
|
|
|
7942
|
0
|
0
|
|
|
|
|
if (!SvROK(data) || (SvTYPE(SvRV(data)) != SVt_PVAV)) |
|
|
0
|
|
|
|
|
|
7943
|
0
|
|
|
|
|
|
croak("Net::SSLeay: set_alpn_protos needs a single array reference.\n"); |
7944
|
0
|
|
|
|
|
|
alpn_len = next_proto_helper_AV2protodata((AV*)SvRV(data), NULL); |
7945
|
0
|
|
|
|
|
|
Newx(alpn_data, alpn_len, unsigned char); |
7946
|
0
|
0
|
|
|
|
|
if (!alpn_data) |
7947
|
0
|
|
|
|
|
|
croak("Net::SSLeay: set_alpn_protos could not allocate memory.\n"); |
7948
|
0
|
|
|
|
|
|
alpn_len = next_proto_helper_AV2protodata((AV*)SvRV(data), alpn_data); |
7949
|
0
|
|
|
|
|
|
RETVAL = SSL_set_alpn_protos(ssl, alpn_data, alpn_len); |
7950
|
0
|
|
|
|
|
|
Safefree(alpn_data); |
7951
|
|
|
|
|
|
|
|
7952
|
|
|
|
|
|
|
OUTPUT: |
7953
|
|
|
|
|
|
|
RETVAL |
7954
|
|
|
|
|
|
|
|
7955
|
|
|
|
|
|
|
void |
7956
|
|
|
|
|
|
|
P_alpn_selected(s) |
7957
|
|
|
|
|
|
|
const SSL *s |
7958
|
|
|
|
|
|
|
PREINIT: |
7959
|
|
|
|
|
|
|
const unsigned char *data; |
7960
|
|
|
|
|
|
|
unsigned int len; |
7961
|
|
|
|
|
|
|
PPCODE: |
7962
|
2
|
|
|
|
|
|
SSL_get0_alpn_selected(s, &data, &len); |
7963
|
2
|
50
|
|
|
|
|
XPUSHs(sv_2mortal(newSVpv((char *)data, len))); |
7964
|
|
|
|
|
|
|
|
7965
|
|
|
|
|
|
|
#endif |
7966
|
|
|
|
|
|
|
|
7967
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10001000L |
7968
|
|
|
|
|
|
|
|
7969
|
|
|
|
|
|
|
void |
7970
|
|
|
|
|
|
|
SSL_export_keying_material(ssl, outlen, label, context=&PL_sv_undef) |
7971
|
|
|
|
|
|
|
SSL * ssl |
7972
|
|
|
|
|
|
|
int outlen |
7973
|
|
|
|
|
|
|
SV * context |
7974
|
|
|
|
|
|
|
PREINIT: |
7975
|
|
|
|
|
|
|
unsigned char * out; |
7976
|
|
|
|
|
|
|
STRLEN llen; |
7977
|
15
|
|
|
|
|
|
STRLEN contextlen = 0; |
7978
|
15
|
|
|
|
|
|
char *context_arg = NULL; |
7979
|
15
|
|
|
|
|
|
int use_context = 0; |
7980
|
|
|
|
|
|
|
int ret; |
7981
|
|
|
|
|
|
|
INPUT: |
7982
|
|
|
|
|
|
|
char * label = SvPV( ST(2), llen); |
7983
|
|
|
|
|
|
|
PPCODE: |
7984
|
15
|
|
|
|
|
|
Newx(out, outlen, unsigned char); |
7985
|
|
|
|
|
|
|
|
7986
|
15
|
100
|
|
|
|
|
if (context != &PL_sv_undef) { |
7987
|
9
|
|
|
|
|
|
use_context = 1; |
7988
|
9
|
50
|
|
|
|
|
context_arg = SvPV( ST(3), contextlen); |
7989
|
|
|
|
|
|
|
} |
7990
|
15
|
|
|
|
|
|
ret = SSL_export_keying_material(ssl, out, outlen, label, llen, (unsigned char*)context_arg, contextlen, use_context); |
7991
|
15
|
50
|
|
|
|
|
PUSHs(sv_2mortal(ret>0 ? newSVpvn((const char *)out, outlen) : newSV(0))); |
7992
|
15
|
50
|
|
|
|
|
EXTEND(SP, 1); |
7993
|
15
|
|
|
|
|
|
Safefree(out); |
7994
|
|
|
|
|
|
|
|
7995
|
|
|
|
|
|
|
#endif |
7996
|
|
|
|
|
|
|
|
7997
|
|
|
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x30000000L |
7998
|
|
|
|
|
|
|
|
7999
|
|
|
|
|
|
|
OSSL_LIB_CTX * |
8000
|
|
|
|
|
|
|
OSSL_LIB_CTX_get0_global_default() |
8001
|
|
|
|
|
|
|
|
8002
|
|
|
|
|
|
|
|
8003
|
|
|
|
|
|
|
OSSL_PROVIDER * |
8004
|
|
|
|
|
|
|
OSSL_PROVIDER_load(SV *libctx, const char *name) |
8005
|
|
|
|
|
|
|
CODE: |
8006
|
|
|
|
|
|
|
OSSL_LIB_CTX *ctx = NULL; |
8007
|
|
|
|
|
|
|
if (libctx != &PL_sv_undef) |
8008
|
|
|
|
|
|
|
ctx = INT2PTR(OSSL_LIB_CTX *, SvIV(libctx)); |
8009
|
|
|
|
|
|
|
RETVAL = OSSL_PROVIDER_load(ctx, name); |
8010
|
|
|
|
|
|
|
if (RETVAL == NULL) |
8011
|
|
|
|
|
|
|
XSRETURN_UNDEF; |
8012
|
|
|
|
|
|
|
OUTPUT: |
8013
|
|
|
|
|
|
|
RETVAL |
8014
|
|
|
|
|
|
|
|
8015
|
|
|
|
|
|
|
OSSL_PROVIDER * |
8016
|
|
|
|
|
|
|
OSSL_PROVIDER_try_load(SV *libctx, const char *name, int retain_fallbacks) |
8017
|
|
|
|
|
|
|
CODE: |
8018
|
|
|
|
|
|
|
OSSL_LIB_CTX *ctx = NULL; |
8019
|
|
|
|
|
|
|
if (libctx != &PL_sv_undef) |
8020
|
|
|
|
|
|
|
ctx = INT2PTR(OSSL_LIB_CTX *, SvIV(libctx)); |
8021
|
|
|
|
|
|
|
RETVAL = OSSL_PROVIDER_try_load(ctx, name, retain_fallbacks); |
8022
|
|
|
|
|
|
|
if (RETVAL == NULL) |
8023
|
|
|
|
|
|
|
XSRETURN_UNDEF; |
8024
|
|
|
|
|
|
|
OUTPUT: |
8025
|
|
|
|
|
|
|
RETVAL |
8026
|
|
|
|
|
|
|
|
8027
|
|
|
|
|
|
|
int |
8028
|
|
|
|
|
|
|
OSSL_PROVIDER_unload(OSSL_PROVIDER *prov) |
8029
|
|
|
|
|
|
|
|
8030
|
|
|
|
|
|
|
int |
8031
|
|
|
|
|
|
|
OSSL_PROVIDER_available(SV *libctx, const char *name) |
8032
|
|
|
|
|
|
|
CODE: |
8033
|
|
|
|
|
|
|
OSSL_LIB_CTX *ctx = NULL; |
8034
|
|
|
|
|
|
|
if (libctx != &PL_sv_undef) |
8035
|
|
|
|
|
|
|
ctx = INT2PTR(OSSL_LIB_CTX *, SvIV(libctx)); |
8036
|
|
|
|
|
|
|
RETVAL = OSSL_PROVIDER_available(ctx, name); |
8037
|
|
|
|
|
|
|
OUTPUT: |
8038
|
|
|
|
|
|
|
RETVAL |
8039
|
|
|
|
|
|
|
|
8040
|
|
|
|
|
|
|
int |
8041
|
|
|
|
|
|
|
OSSL_PROVIDER_do_all(SV *libctx, SV *perl_cb, SV *perl_cbdata = &PL_sv_undef) |
8042
|
|
|
|
|
|
|
PREINIT: |
8043
|
|
|
|
|
|
|
simple_cb_data_t* cbdata = NULL; |
8044
|
|
|
|
|
|
|
CODE: |
8045
|
|
|
|
|
|
|
OSSL_LIB_CTX *ctx = NULL; |
8046
|
|
|
|
|
|
|
if (libctx != &PL_sv_undef) |
8047
|
|
|
|
|
|
|
ctx = INT2PTR(OSSL_LIB_CTX *, SvIV(libctx)); |
8048
|
|
|
|
|
|
|
|
8049
|
|
|
|
|
|
|
/* setup our callback */ |
8050
|
|
|
|
|
|
|
cbdata = simple_cb_data_new(perl_cb, perl_cbdata); |
8051
|
|
|
|
|
|
|
RETVAL = OSSL_PROVIDER_do_all(ctx, ossl_provider_do_all_cb_invoke, cbdata); |
8052
|
|
|
|
|
|
|
simple_cb_data_free(cbdata); |
8053
|
|
|
|
|
|
|
OUTPUT: |
8054
|
|
|
|
|
|
|
RETVAL |
8055
|
|
|
|
|
|
|
|
8056
|
|
|
|
|
|
|
const char * |
8057
|
|
|
|
|
|
|
OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov) |
8058
|
|
|
|
|
|
|
|
8059
|
|
|
|
|
|
|
int |
8060
|
|
|
|
|
|
|
OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov) |
8061
|
|
|
|
|
|
|
|
8062
|
|
|
|
|
|
|
#endif |
8063
|
|
|
|
|
|
|
|
8064
|
|
|
|
|
|
|
#define REM_EOF "/* EOF - SSLeay.xs */" |