1 /* $OpenBSD: ssl_methods.c,v 1.4 2019/03/17 17:28:08 jsing Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
60 #include "tls13_internal.h"
62 static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = {
63 .version = DTLS1_VERSION,
64 .min_version = DTLS1_VERSION,
65 .max_version = DTLS1_VERSION,
67 .ssl_clear = dtls1_clear,
68 .ssl_free = dtls1_free,
69 .ssl_accept = ssl_undefined_function,
70 .ssl_connect = ssl3_connect,
71 .get_ssl_method = dtls1_get_client_method,
72 .get_timeout = dtls1_default_timeout,
73 .ssl_version = ssl_undefined_void_function,
74 .ssl_renegotiate = ssl3_renegotiate,
75 .ssl_renegotiate_check = ssl3_renegotiate_check,
76 .ssl_get_message = dtls1_get_message,
77 .ssl_read_bytes = dtls1_read_bytes,
78 .ssl_write_bytes = dtls1_write_app_data_bytes,
79 .ssl3_enc = &DTLSv1_enc_data,
82 static const SSL_METHOD DTLSv1_client_method_data = {
83 .ssl_dispatch_alert = dtls1_dispatch_alert,
84 .num_ciphers = ssl3_num_ciphers,
85 .get_cipher = dtls1_get_cipher,
86 .get_cipher_by_char = ssl3_get_cipher_by_char,
87 .put_cipher_by_char = ssl3_put_cipher_by_char,
88 .internal = &DTLSv1_client_method_internal_data,
92 DTLSv1_client_method(void)
94 return &DTLSv1_client_method_data;
98 DTLS_client_method(void)
100 return DTLSv1_client_method();
104 dtls1_get_client_method(int ver)
106 if (ver == DTLS1_VERSION)
107 return (DTLSv1_client_method());
111 static const SSL_METHOD *dtls1_get_method(int ver);
113 static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
114 .version = DTLS1_VERSION,
115 .min_version = DTLS1_VERSION,
116 .max_version = DTLS1_VERSION,
117 .ssl_new = dtls1_new,
118 .ssl_clear = dtls1_clear,
119 .ssl_free = dtls1_free,
120 .ssl_accept = ssl3_accept,
121 .ssl_connect = ssl3_connect,
122 .get_ssl_method = dtls1_get_method,
123 .get_timeout = dtls1_default_timeout,
124 .ssl_version = ssl_undefined_void_function,
125 .ssl_renegotiate = ssl3_renegotiate,
126 .ssl_renegotiate_check = ssl3_renegotiate_check,
127 .ssl_get_message = dtls1_get_message,
128 .ssl_read_bytes = dtls1_read_bytes,
129 .ssl_write_bytes = dtls1_write_app_data_bytes,
130 .ssl3_enc = &DTLSv1_enc_data,
133 static const SSL_METHOD DTLSv1_method_data = {
134 .ssl_dispatch_alert = dtls1_dispatch_alert,
135 .num_ciphers = ssl3_num_ciphers,
136 .get_cipher = dtls1_get_cipher,
137 .get_cipher_by_char = ssl3_get_cipher_by_char,
138 .put_cipher_by_char = ssl3_put_cipher_by_char,
139 .internal = &DTLSv1_method_internal_data,
145 return &DTLSv1_method_data;
151 return DTLSv1_method();
154 static const SSL_METHOD *
155 dtls1_get_method(int ver)
157 if (ver == DTLS1_VERSION)
158 return (DTLSv1_method());
162 static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = {
163 .version = DTLS1_VERSION,
164 .min_version = DTLS1_VERSION,
165 .max_version = DTLS1_VERSION,
166 .ssl_new = dtls1_new,
167 .ssl_clear = dtls1_clear,
168 .ssl_free = dtls1_free,
169 .ssl_accept = ssl3_accept,
170 .ssl_connect = ssl_undefined_function,
171 .get_ssl_method = dtls1_get_server_method,
172 .get_timeout = dtls1_default_timeout,
173 .ssl_version = ssl_undefined_void_function,
174 .ssl_renegotiate = ssl3_renegotiate,
175 .ssl_renegotiate_check = ssl3_renegotiate_check,
176 .ssl_get_message = dtls1_get_message,
177 .ssl_read_bytes = dtls1_read_bytes,
178 .ssl_write_bytes = dtls1_write_app_data_bytes,
179 .ssl3_enc = &DTLSv1_enc_data,
182 static const SSL_METHOD DTLSv1_server_method_data = {
183 .ssl_dispatch_alert = dtls1_dispatch_alert,
184 .num_ciphers = ssl3_num_ciphers,
185 .get_cipher = dtls1_get_cipher,
186 .get_cipher_by_char = ssl3_get_cipher_by_char,
187 .put_cipher_by_char = ssl3_put_cipher_by_char,
188 .internal = &DTLSv1_server_method_internal_data,
192 DTLSv1_server_method(void)
194 return &DTLSv1_server_method_data;
198 DTLS_server_method(void)
200 return DTLSv1_server_method();
204 dtls1_get_server_method(int ver)
206 if (ver == DTLS1_VERSION)
207 return (DTLSv1_server_method());
211 #ifdef LIBRESSL_HAS_TLS1_3
212 static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = {
213 .version = TLS1_3_VERSION,
214 .min_version = TLS1_VERSION,
215 .max_version = TLS1_3_VERSION,
217 .ssl_clear = tls1_clear,
218 .ssl_free = tls1_free,
219 .ssl_accept = ssl_undefined_function,
220 .ssl_connect = tls13_legacy_connect,
221 .get_ssl_method = tls1_get_client_method,
222 .get_timeout = tls1_default_timeout,
223 .ssl_version = ssl_undefined_void_function,
224 .ssl_renegotiate = ssl_undefined_function,
225 .ssl_renegotiate_check = ssl_ok,
226 .ssl_get_message = ssl3_get_message,
227 .ssl_read_bytes = tls13_legacy_read_bytes,
228 .ssl_write_bytes = tls13_legacy_write_bytes,
229 .ssl3_enc = &TLSv1_2_enc_data,
232 static const SSL_METHOD TLS_client_method_data = {
233 .ssl_dispatch_alert = ssl3_dispatch_alert,
234 .num_ciphers = ssl3_num_ciphers,
235 .get_cipher = ssl3_get_cipher,
236 .get_cipher_by_char = ssl3_get_cipher_by_char,
237 .put_cipher_by_char = ssl3_put_cipher_by_char,
238 .internal = &TLS_client_method_internal_data,
242 static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = {
243 .version = TLS1_2_VERSION,
244 .min_version = TLS1_VERSION,
245 .max_version = TLS1_2_VERSION,
247 .ssl_clear = tls1_clear,
248 .ssl_free = tls1_free,
249 .ssl_accept = ssl_undefined_function,
250 .ssl_connect = ssl3_connect,
251 .get_ssl_method = tls1_get_client_method,
252 .get_timeout = tls1_default_timeout,
253 .ssl_version = ssl_undefined_void_function,
254 .ssl_renegotiate = ssl_undefined_function,
255 .ssl_renegotiate_check = ssl_ok,
256 .ssl_get_message = ssl3_get_message,
257 .ssl_read_bytes = ssl3_read_bytes,
258 .ssl_write_bytes = ssl3_write_bytes,
259 .ssl3_enc = &TLSv1_2_enc_data,
262 static const SSL_METHOD TLS_legacy_client_method_data = {
263 .ssl_dispatch_alert = ssl3_dispatch_alert,
264 .num_ciphers = ssl3_num_ciphers,
265 .get_cipher = ssl3_get_cipher,
266 .get_cipher_by_char = ssl3_get_cipher_by_char,
267 .put_cipher_by_char = ssl3_put_cipher_by_char,
268 .internal = &TLS_legacy_client_method_internal_data,
271 static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = {
272 .version = TLS1_VERSION,
273 .min_version = TLS1_VERSION,
274 .max_version = TLS1_VERSION,
276 .ssl_clear = tls1_clear,
277 .ssl_free = tls1_free,
278 .ssl_accept = ssl_undefined_function,
279 .ssl_connect = ssl3_connect,
280 .get_ssl_method = tls1_get_client_method,
281 .get_timeout = tls1_default_timeout,
282 .ssl_version = ssl_undefined_void_function,
283 .ssl_renegotiate = ssl3_renegotiate,
284 .ssl_renegotiate_check = ssl3_renegotiate_check,
285 .ssl_get_message = ssl3_get_message,
286 .ssl_read_bytes = ssl3_read_bytes,
287 .ssl_write_bytes = ssl3_write_bytes,
288 .ssl3_enc = &TLSv1_enc_data,
291 static const SSL_METHOD TLSv1_client_method_data = {
292 .ssl_dispatch_alert = ssl3_dispatch_alert,
293 .num_ciphers = ssl3_num_ciphers,
294 .get_cipher = ssl3_get_cipher,
295 .get_cipher_by_char = ssl3_get_cipher_by_char,
296 .put_cipher_by_char = ssl3_put_cipher_by_char,
297 .internal = &TLSv1_client_method_internal_data,
300 static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = {
301 .version = TLS1_1_VERSION,
302 .min_version = TLS1_1_VERSION,
303 .max_version = TLS1_1_VERSION,
305 .ssl_clear = tls1_clear,
306 .ssl_free = tls1_free,
307 .ssl_accept = ssl_undefined_function,
308 .ssl_connect = ssl3_connect,
309 .get_ssl_method = tls1_get_client_method,
310 .get_timeout = tls1_default_timeout,
311 .ssl_version = ssl_undefined_void_function,
312 .ssl_renegotiate = ssl3_renegotiate,
313 .ssl_renegotiate_check = ssl3_renegotiate_check,
314 .ssl_get_message = ssl3_get_message,
315 .ssl_read_bytes = ssl3_read_bytes,
316 .ssl_write_bytes = ssl3_write_bytes,
317 .ssl3_enc = &TLSv1_1_enc_data,
320 static const SSL_METHOD TLSv1_1_client_method_data = {
321 .ssl_dispatch_alert = ssl3_dispatch_alert,
322 .num_ciphers = ssl3_num_ciphers,
323 .get_cipher = ssl3_get_cipher,
324 .get_cipher_by_char = ssl3_get_cipher_by_char,
325 .put_cipher_by_char = ssl3_put_cipher_by_char,
326 .internal = &TLSv1_1_client_method_internal_data,
329 static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = {
330 .version = TLS1_2_VERSION,
331 .min_version = TLS1_2_VERSION,
332 .max_version = TLS1_2_VERSION,
334 .ssl_clear = tls1_clear,
335 .ssl_free = tls1_free,
336 .ssl_accept = ssl_undefined_function,
337 .ssl_connect = ssl3_connect,
338 .get_ssl_method = tls1_get_client_method,
339 .get_timeout = tls1_default_timeout,
340 .ssl_version = ssl_undefined_void_function,
341 .ssl_renegotiate = ssl3_renegotiate,
342 .ssl_renegotiate_check = ssl3_renegotiate_check,
343 .ssl_get_message = ssl3_get_message,
344 .ssl_read_bytes = ssl3_read_bytes,
345 .ssl_write_bytes = ssl3_write_bytes,
346 .ssl3_enc = &TLSv1_2_enc_data,
349 static const SSL_METHOD TLSv1_2_client_method_data = {
350 .ssl_dispatch_alert = ssl3_dispatch_alert,
351 .num_ciphers = ssl3_num_ciphers,
352 .get_cipher = ssl3_get_cipher,
353 .get_cipher_by_char = ssl3_get_cipher_by_char,
354 .put_cipher_by_char = ssl3_put_cipher_by_char,
355 .internal = &TLSv1_2_client_method_internal_data,
359 tls1_get_client_method(int ver)
361 if (ver == TLS1_2_VERSION)
362 return (TLSv1_2_client_method());
363 if (ver == TLS1_1_VERSION)
364 return (TLSv1_1_client_method());
365 if (ver == TLS1_VERSION)
366 return (TLSv1_client_method());
371 SSLv23_client_method(void)
373 return (TLS_client_method());
377 TLS_client_method(void)
379 #ifdef LIBRESSL_HAS_TLS1_3
380 return (&TLS_client_method_data);
382 return tls_legacy_client_method();
387 tls_legacy_client_method(void)
389 return (&TLS_legacy_client_method_data);
393 TLSv1_client_method(void)
395 return (&TLSv1_client_method_data);
399 TLSv1_1_client_method(void)
401 return (&TLSv1_1_client_method_data);
405 TLSv1_2_client_method(void)
407 return (&TLSv1_2_client_method_data);
410 static const SSL_METHOD *tls1_get_method(int ver);
412 static const SSL_METHOD_INTERNAL TLS_method_internal_data = {
413 .version = TLS1_2_VERSION,
414 .min_version = TLS1_VERSION,
415 .max_version = TLS1_2_VERSION,
417 .ssl_clear = tls1_clear,
418 .ssl_free = tls1_free,
419 .ssl_accept = ssl3_accept,
420 .ssl_connect = ssl3_connect,
421 .get_ssl_method = tls1_get_method,
422 .get_timeout = tls1_default_timeout,
423 .ssl_version = ssl_undefined_void_function,
424 .ssl_renegotiate = ssl_undefined_function,
425 .ssl_renegotiate_check = ssl_ok,
426 .ssl_get_message = ssl3_get_message,
427 .ssl_read_bytes = ssl3_read_bytes,
428 .ssl_write_bytes = ssl3_write_bytes,
429 .ssl3_enc = &TLSv1_2_enc_data,
432 static const SSL_METHOD TLS_method_data = {
433 .ssl_dispatch_alert = ssl3_dispatch_alert,
434 .num_ciphers = ssl3_num_ciphers,
435 .get_cipher = ssl3_get_cipher,
436 .get_cipher_by_char = ssl3_get_cipher_by_char,
437 .put_cipher_by_char = ssl3_put_cipher_by_char,
438 .internal = &TLS_method_internal_data,
441 static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = {
442 .version = TLS1_VERSION,
443 .min_version = TLS1_VERSION,
444 .max_version = TLS1_VERSION,
446 .ssl_clear = tls1_clear,
447 .ssl_free = tls1_free,
448 .ssl_accept = ssl3_accept,
449 .ssl_connect = ssl3_connect,
450 .get_ssl_method = tls1_get_method,
451 .get_timeout = tls1_default_timeout,
452 .ssl_version = ssl_undefined_void_function,
453 .ssl_renegotiate = ssl3_renegotiate,
454 .ssl_renegotiate_check = ssl3_renegotiate_check,
455 .ssl_get_message = ssl3_get_message,
456 .ssl_read_bytes = ssl3_read_bytes,
457 .ssl_write_bytes = ssl3_write_bytes,
458 .ssl3_enc = &TLSv1_enc_data,
461 static const SSL_METHOD TLSv1_method_data = {
462 .ssl_dispatch_alert = ssl3_dispatch_alert,
463 .num_ciphers = ssl3_num_ciphers,
464 .get_cipher = ssl3_get_cipher,
465 .get_cipher_by_char = ssl3_get_cipher_by_char,
466 .put_cipher_by_char = ssl3_put_cipher_by_char,
467 .internal = &TLSv1_method_internal_data,
470 static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = {
471 .version = TLS1_1_VERSION,
472 .min_version = TLS1_1_VERSION,
473 .max_version = TLS1_1_VERSION,
475 .ssl_clear = tls1_clear,
476 .ssl_free = tls1_free,
477 .ssl_accept = ssl3_accept,
478 .ssl_connect = ssl3_connect,
479 .get_ssl_method = tls1_get_method,
480 .get_timeout = tls1_default_timeout,
481 .ssl_version = ssl_undefined_void_function,
482 .ssl_renegotiate = ssl3_renegotiate,
483 .ssl_renegotiate_check = ssl3_renegotiate_check,
484 .ssl_get_message = ssl3_get_message,
485 .ssl_read_bytes = ssl3_read_bytes,
486 .ssl_write_bytes = ssl3_write_bytes,
487 .ssl3_enc = &TLSv1_1_enc_data,
490 static const SSL_METHOD TLSv1_1_method_data = {
491 .ssl_dispatch_alert = ssl3_dispatch_alert,
492 .num_ciphers = ssl3_num_ciphers,
493 .get_cipher = ssl3_get_cipher,
494 .get_cipher_by_char = ssl3_get_cipher_by_char,
495 .put_cipher_by_char = ssl3_put_cipher_by_char,
496 .internal = &TLSv1_1_method_internal_data,
499 static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = {
500 .version = TLS1_2_VERSION,
501 .min_version = TLS1_2_VERSION,
502 .max_version = TLS1_2_VERSION,
504 .ssl_clear = tls1_clear,
505 .ssl_free = tls1_free,
506 .ssl_accept = ssl3_accept,
507 .ssl_connect = ssl3_connect,
508 .get_ssl_method = tls1_get_method,
509 .get_timeout = tls1_default_timeout,
510 .ssl_version = ssl_undefined_void_function,
511 .ssl_renegotiate = ssl3_renegotiate,
512 .ssl_renegotiate_check = ssl3_renegotiate_check,
513 .ssl_get_message = ssl3_get_message,
514 .ssl_read_bytes = ssl3_read_bytes,
515 .ssl_write_bytes = ssl3_write_bytes,
516 .ssl3_enc = &TLSv1_2_enc_data,
519 static const SSL_METHOD TLSv1_2_method_data = {
520 .ssl_dispatch_alert = ssl3_dispatch_alert,
521 .num_ciphers = ssl3_num_ciphers,
522 .get_cipher = ssl3_get_cipher,
523 .get_cipher_by_char = ssl3_get_cipher_by_char,
524 .put_cipher_by_char = ssl3_put_cipher_by_char,
525 .internal = &TLSv1_2_method_internal_data,
528 static const SSL_METHOD *
529 tls1_get_method(int ver)
531 if (ver == TLS1_2_VERSION)
532 return (TLSv1_2_method());
533 if (ver == TLS1_1_VERSION)
534 return (TLSv1_1_method());
535 if (ver == TLS1_VERSION)
536 return (TLSv1_method());
543 return (TLS_method());
549 return &TLS_method_data;
555 return (&TLSv1_method_data);
561 return (&TLSv1_1_method_data);
567 return (&TLSv1_2_method_data);
570 static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = {
571 .version = TLS1_2_VERSION,
572 .min_version = TLS1_VERSION,
573 .max_version = TLS1_2_VERSION,
575 .ssl_clear = tls1_clear,
576 .ssl_free = tls1_free,
577 .ssl_accept = ssl3_accept,
578 .ssl_connect = ssl_undefined_function,
579 .get_ssl_method = tls1_get_server_method,
580 .get_timeout = tls1_default_timeout,
581 .ssl_version = ssl_undefined_void_function,
582 .ssl_renegotiate = ssl_undefined_function,
583 .ssl_renegotiate_check = ssl_ok,
584 .ssl_get_message = ssl3_get_message,
585 .ssl_read_bytes = ssl3_read_bytes,
586 .ssl_write_bytes = ssl3_write_bytes,
587 .ssl3_enc = &TLSv1_2_enc_data,
590 static const SSL_METHOD TLS_server_method_data = {
591 .ssl_dispatch_alert = ssl3_dispatch_alert,
592 .num_ciphers = ssl3_num_ciphers,
593 .get_cipher = ssl3_get_cipher,
594 .get_cipher_by_char = ssl3_get_cipher_by_char,
595 .put_cipher_by_char = ssl3_put_cipher_by_char,
596 .internal = &TLS_server_method_internal_data,
599 static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = {
600 .version = TLS1_VERSION,
601 .min_version = TLS1_VERSION,
602 .max_version = TLS1_VERSION,
604 .ssl_clear = tls1_clear,
605 .ssl_free = tls1_free,
606 .ssl_accept = ssl3_accept,
607 .ssl_connect = ssl_undefined_function,
608 .get_ssl_method = tls1_get_server_method,
609 .get_timeout = tls1_default_timeout,
610 .ssl_version = ssl_undefined_void_function,
611 .ssl_renegotiate = ssl3_renegotiate,
612 .ssl_renegotiate_check = ssl3_renegotiate_check,
613 .ssl_get_message = ssl3_get_message,
614 .ssl_read_bytes = ssl3_read_bytes,
615 .ssl_write_bytes = ssl3_write_bytes,
616 .ssl3_enc = &TLSv1_enc_data,
619 static const SSL_METHOD TLSv1_server_method_data = {
620 .ssl_dispatch_alert = ssl3_dispatch_alert,
621 .num_ciphers = ssl3_num_ciphers,
622 .get_cipher = ssl3_get_cipher,
623 .get_cipher_by_char = ssl3_get_cipher_by_char,
624 .put_cipher_by_char = ssl3_put_cipher_by_char,
625 .internal = &TLSv1_server_method_internal_data,
628 static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = {
629 .version = TLS1_1_VERSION,
630 .min_version = TLS1_1_VERSION,
631 .max_version = TLS1_1_VERSION,
633 .ssl_clear = tls1_clear,
634 .ssl_free = tls1_free,
635 .ssl_accept = ssl3_accept,
636 .ssl_connect = ssl_undefined_function,
637 .get_ssl_method = tls1_get_server_method,
638 .get_timeout = tls1_default_timeout,
639 .ssl_version = ssl_undefined_void_function,
640 .ssl_renegotiate = ssl3_renegotiate,
641 .ssl_renegotiate_check = ssl3_renegotiate_check,
642 .ssl_get_message = ssl3_get_message,
643 .ssl_read_bytes = ssl3_read_bytes,
644 .ssl_write_bytes = ssl3_write_bytes,
645 .ssl3_enc = &TLSv1_1_enc_data,
648 static const SSL_METHOD TLSv1_1_server_method_data = {
649 .ssl_dispatch_alert = ssl3_dispatch_alert,
650 .num_ciphers = ssl3_num_ciphers,
651 .get_cipher = ssl3_get_cipher,
652 .get_cipher_by_char = ssl3_get_cipher_by_char,
653 .put_cipher_by_char = ssl3_put_cipher_by_char,
654 .internal = &TLSv1_1_server_method_internal_data,
657 static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = {
658 .version = TLS1_2_VERSION,
659 .min_version = TLS1_2_VERSION,
660 .max_version = TLS1_2_VERSION,
662 .ssl_clear = tls1_clear,
663 .ssl_free = tls1_free,
664 .ssl_accept = ssl3_accept,
665 .ssl_connect = ssl_undefined_function,
666 .get_ssl_method = tls1_get_server_method,
667 .get_timeout = tls1_default_timeout,
668 .ssl_version = ssl_undefined_void_function,
669 .ssl_renegotiate = ssl3_renegotiate,
670 .ssl_renegotiate_check = ssl3_renegotiate_check,
671 .ssl_get_message = ssl3_get_message,
672 .ssl_read_bytes = ssl3_read_bytes,
673 .ssl_write_bytes = ssl3_write_bytes,
674 .ssl3_enc = &TLSv1_2_enc_data,
677 static const SSL_METHOD TLSv1_2_server_method_data = {
678 .ssl_dispatch_alert = ssl3_dispatch_alert,
679 .num_ciphers = ssl3_num_ciphers,
680 .get_cipher = ssl3_get_cipher,
681 .get_cipher_by_char = ssl3_get_cipher_by_char,
682 .put_cipher_by_char = ssl3_put_cipher_by_char,
683 .internal = &TLSv1_2_server_method_internal_data,
687 tls1_get_server_method(int ver)
689 if (ver == TLS1_2_VERSION)
690 return (TLSv1_2_server_method());
691 if (ver == TLS1_1_VERSION)
692 return (TLSv1_1_server_method());
693 if (ver == TLS1_VERSION)
694 return (TLSv1_server_method());
699 SSLv23_server_method(void)
701 return (TLS_server_method());
705 TLS_server_method(void)
707 return (&TLS_server_method_data);
711 TLSv1_server_method(void)
713 return (&TLSv1_server_method_data);
717 TLSv1_1_server_method(void)
719 return (&TLSv1_1_server_method_data);
723 TLSv1_2_server_method(void)
725 return (&TLSv1_2_server_method_data);