crypto/libressl/ssl/ssl_methods.c

   1 /* $OpenBSD: ssl_methods.c,v 1.4 2019/03/17 17:28:08 jsing Exp $ */
   2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58
  59 #include "ssl_locl.h"
  60 #include "tls13_internal.h"
  61
  62 static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = {
  63         .version = DTLS1_VERSION,
  64         .min_version = DTLS1_VERSION,
  65         .max_version = DTLS1_VERSION,
  66         .ssl_new = dtls1_new,
  67         .ssl_clear = dtls1_clear,
  68         .ssl_free = dtls1_free,
  69         .ssl_accept = ssl_undefined_function,
  70         .ssl_connect = ssl3_connect,
  71         .get_ssl_method = dtls1_get_client_method,
  72         .get_timeout = dtls1_default_timeout,
  73         .ssl_version = ssl_undefined_void_function,
  74         .ssl_renegotiate = ssl3_renegotiate,
  75         .ssl_renegotiate_check = ssl3_renegotiate_check,
  76         .ssl_get_message = dtls1_get_message,
  77         .ssl_read_bytes = dtls1_read_bytes,
  78         .ssl_write_bytes = dtls1_write_app_data_bytes,
  79         .ssl3_enc = &DTLSv1_enc_data,
  80 };
  81
  82 static const SSL_METHOD DTLSv1_client_method_data = {
  83         .ssl_dispatch_alert = dtls1_dispatch_alert,
  84         .num_ciphers = ssl3_num_ciphers,
  85         .get_cipher = dtls1_get_cipher,
  86         .get_cipher_by_char = ssl3_get_cipher_by_char,
  87         .put_cipher_by_char = ssl3_put_cipher_by_char,
  88         .internal = &DTLSv1_client_method_internal_data,
  89 };
  90
  91 const SSL_METHOD *
  92 DTLSv1_client_method(void)
  93 {
  94         return &DTLSv1_client_method_data;
  95 }
  96
  97 const SSL_METHOD *
  98 DTLS_client_method(void)
  99 {
 100         return DTLSv1_client_method();
 101 }
 102
 103 const SSL_METHOD *
 104 dtls1_get_client_method(int ver)
 105 {
 106         if (ver == DTLS1_VERSION)
 107                 return (DTLSv1_client_method());
 108         return (NULL);
 109 }
 110
 111 static const SSL_METHOD *dtls1_get_method(int ver);
 112
 113 static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
 114         .version = DTLS1_VERSION,
 115         .min_version = DTLS1_VERSION,
 116         .max_version = DTLS1_VERSION,
 117         .ssl_new = dtls1_new,
 118         .ssl_clear = dtls1_clear,
 119         .ssl_free = dtls1_free,
 120         .ssl_accept = ssl3_accept,
 121         .ssl_connect = ssl3_connect,
 122         .get_ssl_method = dtls1_get_method,
 123         .get_timeout = dtls1_default_timeout,
 124         .ssl_version = ssl_undefined_void_function,
 125         .ssl_renegotiate = ssl3_renegotiate,
 126         .ssl_renegotiate_check = ssl3_renegotiate_check,
 127         .ssl_get_message = dtls1_get_message,
 128         .ssl_read_bytes = dtls1_read_bytes,
 129         .ssl_write_bytes = dtls1_write_app_data_bytes,
 130         .ssl3_enc = &DTLSv1_enc_data,
 131 };
 132
 133 static const SSL_METHOD DTLSv1_method_data = {
 134         .ssl_dispatch_alert = dtls1_dispatch_alert,
 135         .num_ciphers = ssl3_num_ciphers,
 136         .get_cipher = dtls1_get_cipher,
 137         .get_cipher_by_char = ssl3_get_cipher_by_char,
 138         .put_cipher_by_char = ssl3_put_cipher_by_char,
 139         .internal = &DTLSv1_method_internal_data,
 140 };
 141
 142 const SSL_METHOD *
 143 DTLSv1_method(void)
 144 {
 145         return &DTLSv1_method_data;
 146 }
 147
 148 const SSL_METHOD *
 149 DTLS_method(void)
 150 {
 151         return DTLSv1_method();
 152 }
 153
 154 static const SSL_METHOD *
 155 dtls1_get_method(int ver)
 156 {
 157         if (ver == DTLS1_VERSION)
 158                 return (DTLSv1_method());
 159         return (NULL);
 160 }
 161
 162 static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = {
 163         .version = DTLS1_VERSION,
 164         .min_version = DTLS1_VERSION,
 165         .max_version = DTLS1_VERSION,
 166         .ssl_new = dtls1_new,
 167         .ssl_clear = dtls1_clear,
 168         .ssl_free = dtls1_free,
 169         .ssl_accept = ssl3_accept,
 170         .ssl_connect = ssl_undefined_function,
 171         .get_ssl_method = dtls1_get_server_method,
 172         .get_timeout = dtls1_default_timeout,
 173         .ssl_version = ssl_undefined_void_function,
 174         .ssl_renegotiate = ssl3_renegotiate,
 175         .ssl_renegotiate_check = ssl3_renegotiate_check,
 176         .ssl_get_message = dtls1_get_message,
 177         .ssl_read_bytes = dtls1_read_bytes,
 178         .ssl_write_bytes = dtls1_write_app_data_bytes,
 179         .ssl3_enc = &DTLSv1_enc_data,
 180 };
 181
 182 static const SSL_METHOD DTLSv1_server_method_data = {
 183         .ssl_dispatch_alert = dtls1_dispatch_alert,
 184         .num_ciphers = ssl3_num_ciphers,
 185         .get_cipher = dtls1_get_cipher,
 186         .get_cipher_by_char = ssl3_get_cipher_by_char,
 187         .put_cipher_by_char = ssl3_put_cipher_by_char,
 188         .internal = &DTLSv1_server_method_internal_data,
 189 };
 190
 191 const SSL_METHOD *
 192 DTLSv1_server_method(void)
 193 {
 194         return &DTLSv1_server_method_data;
 195 }
 196
 197 const SSL_METHOD *
 198 DTLS_server_method(void)
 199 {
 200         return DTLSv1_server_method();
 201 }
 202
 203 const SSL_METHOD *
 204 dtls1_get_server_method(int ver)
 205 {
 206         if (ver == DTLS1_VERSION)
 207                 return (DTLSv1_server_method());
 208         return (NULL);
 209 }
 210
 211 #ifdef LIBRESSL_HAS_TLS1_3
 212 static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = {
 213         .version = TLS1_3_VERSION,
 214         .min_version = TLS1_VERSION,
 215         .max_version = TLS1_3_VERSION,
 216         .ssl_new = tls1_new,
 217         .ssl_clear = tls1_clear,
 218         .ssl_free = tls1_free,
 219         .ssl_accept = ssl_undefined_function,
 220         .ssl_connect = tls13_legacy_connect,
 221         .get_ssl_method = tls1_get_client_method,
 222         .get_timeout = tls1_default_timeout,
 223         .ssl_version = ssl_undefined_void_function,
 224         .ssl_renegotiate = ssl_undefined_function,
 225         .ssl_renegotiate_check = ssl_ok,
 226         .ssl_get_message = ssl3_get_message,
 227         .ssl_read_bytes = tls13_legacy_read_bytes,
 228         .ssl_write_bytes = tls13_legacy_write_bytes,
 229         .ssl3_enc = &TLSv1_2_enc_data,
 230 };
 231
 232 static const SSL_METHOD TLS_client_method_data = {
 233         .ssl_dispatch_alert = ssl3_dispatch_alert,
 234         .num_ciphers = ssl3_num_ciphers,
 235         .get_cipher = ssl3_get_cipher,
 236         .get_cipher_by_char = ssl3_get_cipher_by_char,
 237         .put_cipher_by_char = ssl3_put_cipher_by_char,
 238         .internal = &TLS_client_method_internal_data,
 239 };
 240 #endif
 241
 242 static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = {
 243         .version = TLS1_2_VERSION,
 244         .min_version = TLS1_VERSION,
 245         .max_version = TLS1_2_VERSION,
 246         .ssl_new = tls1_new,
 247         .ssl_clear = tls1_clear,
 248         .ssl_free = tls1_free,
 249         .ssl_accept = ssl_undefined_function,
 250         .ssl_connect = ssl3_connect,
 251         .get_ssl_method = tls1_get_client_method,
 252         .get_timeout = tls1_default_timeout,
 253         .ssl_version = ssl_undefined_void_function,
 254         .ssl_renegotiate = ssl_undefined_function,
 255         .ssl_renegotiate_check = ssl_ok,
 256         .ssl_get_message = ssl3_get_message,
 257         .ssl_read_bytes = ssl3_read_bytes,
 258         .ssl_write_bytes = ssl3_write_bytes,
 259         .ssl3_enc = &TLSv1_2_enc_data,
 260 };
 261
 262 static const SSL_METHOD TLS_legacy_client_method_data = {
 263         .ssl_dispatch_alert = ssl3_dispatch_alert,
 264         .num_ciphers = ssl3_num_ciphers,
 265         .get_cipher = ssl3_get_cipher,
 266         .get_cipher_by_char = ssl3_get_cipher_by_char,
 267         .put_cipher_by_char = ssl3_put_cipher_by_char,
 268         .internal = &TLS_legacy_client_method_internal_data,
 269 };
 270
 271 static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = {
 272         .version = TLS1_VERSION,
 273         .min_version = TLS1_VERSION,
 274         .max_version = TLS1_VERSION,
 275         .ssl_new = tls1_new,
 276         .ssl_clear = tls1_clear,
 277         .ssl_free = tls1_free,
 278         .ssl_accept = ssl_undefined_function,
 279         .ssl_connect = ssl3_connect,
 280         .get_ssl_method = tls1_get_client_method,
 281         .get_timeout = tls1_default_timeout,
 282         .ssl_version = ssl_undefined_void_function,
 283         .ssl_renegotiate = ssl3_renegotiate,
 284         .ssl_renegotiate_check = ssl3_renegotiate_check,
 285         .ssl_get_message = ssl3_get_message,
 286         .ssl_read_bytes = ssl3_read_bytes,
 287         .ssl_write_bytes = ssl3_write_bytes,
 288         .ssl3_enc = &TLSv1_enc_data,
 289 };
 290
 291 static const SSL_METHOD TLSv1_client_method_data = {
 292         .ssl_dispatch_alert = ssl3_dispatch_alert,
 293         .num_ciphers = ssl3_num_ciphers,
 294         .get_cipher = ssl3_get_cipher,
 295         .get_cipher_by_char = ssl3_get_cipher_by_char,
 296         .put_cipher_by_char = ssl3_put_cipher_by_char,
 297         .internal = &TLSv1_client_method_internal_data,
 298 };
 299
 300 static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = {
 301         .version = TLS1_1_VERSION,
 302         .min_version = TLS1_1_VERSION,
 303         .max_version = TLS1_1_VERSION,
 304         .ssl_new = tls1_new,
 305         .ssl_clear = tls1_clear,
 306         .ssl_free = tls1_free,
 307         .ssl_accept = ssl_undefined_function,
 308         .ssl_connect = ssl3_connect,
 309         .get_ssl_method = tls1_get_client_method,
 310         .get_timeout = tls1_default_timeout,
 311         .ssl_version = ssl_undefined_void_function,
 312         .ssl_renegotiate = ssl3_renegotiate,
 313         .ssl_renegotiate_check = ssl3_renegotiate_check,
 314         .ssl_get_message = ssl3_get_message,
 315         .ssl_read_bytes = ssl3_read_bytes,
 316         .ssl_write_bytes = ssl3_write_bytes,
 317         .ssl3_enc = &TLSv1_1_enc_data,
 318 };
 319
 320 static const SSL_METHOD TLSv1_1_client_method_data = {
 321         .ssl_dispatch_alert = ssl3_dispatch_alert,
 322         .num_ciphers = ssl3_num_ciphers,
 323         .get_cipher = ssl3_get_cipher,
 324         .get_cipher_by_char = ssl3_get_cipher_by_char,
 325         .put_cipher_by_char = ssl3_put_cipher_by_char,
 326         .internal = &TLSv1_1_client_method_internal_data,
 327 };
 328
 329 static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = {
 330         .version = TLS1_2_VERSION,
 331         .min_version = TLS1_2_VERSION,
 332         .max_version = TLS1_2_VERSION,
 333         .ssl_new = tls1_new,
 334         .ssl_clear = tls1_clear,
 335         .ssl_free = tls1_free,
 336         .ssl_accept = ssl_undefined_function,
 337         .ssl_connect = ssl3_connect,
 338         .get_ssl_method = tls1_get_client_method,
 339         .get_timeout = tls1_default_timeout,
 340         .ssl_version = ssl_undefined_void_function,
 341         .ssl_renegotiate = ssl3_renegotiate,
 342         .ssl_renegotiate_check = ssl3_renegotiate_check,
 343         .ssl_get_message = ssl3_get_message,
 344         .ssl_read_bytes = ssl3_read_bytes,
 345         .ssl_write_bytes = ssl3_write_bytes,
 346         .ssl3_enc = &TLSv1_2_enc_data,
 347 };
 348
 349 static const SSL_METHOD TLSv1_2_client_method_data = {
 350         .ssl_dispatch_alert = ssl3_dispatch_alert,
 351         .num_ciphers = ssl3_num_ciphers,
 352         .get_cipher = ssl3_get_cipher,
 353         .get_cipher_by_char = ssl3_get_cipher_by_char,
 354         .put_cipher_by_char = ssl3_put_cipher_by_char,
 355         .internal = &TLSv1_2_client_method_internal_data,
 356 };
 357
 358 const SSL_METHOD *
 359 tls1_get_client_method(int ver)
 360 {
 361         if (ver == TLS1_2_VERSION)
 362                 return (TLSv1_2_client_method());
 363         if (ver == TLS1_1_VERSION)
 364                 return (TLSv1_1_client_method());
 365         if (ver == TLS1_VERSION)
 366                 return (TLSv1_client_method());
 367         return (NULL);
 368 }
 369
 370 const SSL_METHOD *
 371 SSLv23_client_method(void)
 372 {
 373         return (TLS_client_method());
 374 }
 375
 376 const SSL_METHOD *
 377 TLS_client_method(void)
 378 {
 379 #ifdef LIBRESSL_HAS_TLS1_3
 380         return (&TLS_client_method_data);
 381 #else
 382         return tls_legacy_client_method();
 383 #endif
 384 }
 385
 386 const SSL_METHOD *
 387 tls_legacy_client_method(void)
 388 {
 389         return (&TLS_legacy_client_method_data);
 390 }
 391
 392 const SSL_METHOD *
 393 TLSv1_client_method(void)
 394 {
 395         return (&TLSv1_client_method_data);
 396 }
 397
 398 const SSL_METHOD *
 399 TLSv1_1_client_method(void)
 400 {
 401         return (&TLSv1_1_client_method_data);
 402 }
 403
 404 const SSL_METHOD *
 405 TLSv1_2_client_method(void)
 406 {
 407         return (&TLSv1_2_client_method_data);
 408 }
 409
 410 static const SSL_METHOD *tls1_get_method(int ver);
 411
 412 static const SSL_METHOD_INTERNAL TLS_method_internal_data = {
 413         .version = TLS1_2_VERSION,
 414         .min_version = TLS1_VERSION,
 415         .max_version = TLS1_2_VERSION,
 416         .ssl_new = tls1_new,
 417         .ssl_clear = tls1_clear,
 418         .ssl_free = tls1_free,
 419         .ssl_accept = ssl3_accept,
 420         .ssl_connect = ssl3_connect,
 421         .get_ssl_method = tls1_get_method,
 422         .get_timeout = tls1_default_timeout,
 423         .ssl_version = ssl_undefined_void_function,
 424         .ssl_renegotiate = ssl_undefined_function,
 425         .ssl_renegotiate_check = ssl_ok,
 426         .ssl_get_message = ssl3_get_message,
 427         .ssl_read_bytes = ssl3_read_bytes,
 428         .ssl_write_bytes = ssl3_write_bytes,
 429         .ssl3_enc = &TLSv1_2_enc_data,
 430 };
 431
 432 static const SSL_METHOD TLS_method_data = {
 433         .ssl_dispatch_alert = ssl3_dispatch_alert,
 434         .num_ciphers = ssl3_num_ciphers,
 435         .get_cipher = ssl3_get_cipher,
 436         .get_cipher_by_char = ssl3_get_cipher_by_char,
 437         .put_cipher_by_char = ssl3_put_cipher_by_char,
 438         .internal = &TLS_method_internal_data,
 439 };
 440
 441 static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = {
 442         .version = TLS1_VERSION,
 443         .min_version = TLS1_VERSION,
 444         .max_version = TLS1_VERSION,
 445         .ssl_new = tls1_new,
 446         .ssl_clear = tls1_clear,
 447         .ssl_free = tls1_free,
 448         .ssl_accept = ssl3_accept,
 449         .ssl_connect = ssl3_connect,
 450         .get_ssl_method = tls1_get_method,
 451         .get_timeout = tls1_default_timeout,
 452         .ssl_version = ssl_undefined_void_function,
 453         .ssl_renegotiate = ssl3_renegotiate,
 454         .ssl_renegotiate_check = ssl3_renegotiate_check,
 455         .ssl_get_message = ssl3_get_message,
 456         .ssl_read_bytes = ssl3_read_bytes,
 457         .ssl_write_bytes = ssl3_write_bytes,
 458         .ssl3_enc = &TLSv1_enc_data,
 459 };
 460
 461 static const SSL_METHOD TLSv1_method_data = {
 462         .ssl_dispatch_alert = ssl3_dispatch_alert,
 463         .num_ciphers = ssl3_num_ciphers,
 464         .get_cipher = ssl3_get_cipher,
 465         .get_cipher_by_char = ssl3_get_cipher_by_char,
 466         .put_cipher_by_char = ssl3_put_cipher_by_char,
 467         .internal = &TLSv1_method_internal_data,
 468 };
 469
 470 static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = {
 471         .version = TLS1_1_VERSION,
 472         .min_version = TLS1_1_VERSION,
 473         .max_version = TLS1_1_VERSION,
 474         .ssl_new = tls1_new,
 475         .ssl_clear = tls1_clear,
 476         .ssl_free = tls1_free,
 477         .ssl_accept = ssl3_accept,
 478         .ssl_connect = ssl3_connect,
 479         .get_ssl_method = tls1_get_method,
 480         .get_timeout = tls1_default_timeout,
 481         .ssl_version = ssl_undefined_void_function,
 482         .ssl_renegotiate = ssl3_renegotiate,
 483         .ssl_renegotiate_check = ssl3_renegotiate_check,
 484         .ssl_get_message = ssl3_get_message,
 485         .ssl_read_bytes = ssl3_read_bytes,
 486         .ssl_write_bytes = ssl3_write_bytes,
 487         .ssl3_enc = &TLSv1_1_enc_data,
 488 };
 489
 490 static const SSL_METHOD TLSv1_1_method_data = {
 491         .ssl_dispatch_alert = ssl3_dispatch_alert,
 492         .num_ciphers = ssl3_num_ciphers,
 493         .get_cipher = ssl3_get_cipher,
 494         .get_cipher_by_char = ssl3_get_cipher_by_char,
 495         .put_cipher_by_char = ssl3_put_cipher_by_char,
 496         .internal = &TLSv1_1_method_internal_data,
 497 };
 498
 499 static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = {
 500         .version = TLS1_2_VERSION,
 501         .min_version = TLS1_2_VERSION,
 502         .max_version = TLS1_2_VERSION,
 503         .ssl_new = tls1_new,
 504         .ssl_clear = tls1_clear,
 505         .ssl_free = tls1_free,
 506         .ssl_accept = ssl3_accept,
 507         .ssl_connect = ssl3_connect,
 508         .get_ssl_method = tls1_get_method,
 509         .get_timeout = tls1_default_timeout,
 510         .ssl_version = ssl_undefined_void_function,
 511         .ssl_renegotiate = ssl3_renegotiate,
 512         .ssl_renegotiate_check = ssl3_renegotiate_check,
 513         .ssl_get_message = ssl3_get_message,
 514         .ssl_read_bytes = ssl3_read_bytes,
 515         .ssl_write_bytes = ssl3_write_bytes,
 516         .ssl3_enc = &TLSv1_2_enc_data,
 517 };
 518
 519 static const SSL_METHOD TLSv1_2_method_data = {
 520         .ssl_dispatch_alert = ssl3_dispatch_alert,
 521         .num_ciphers = ssl3_num_ciphers,
 522         .get_cipher = ssl3_get_cipher,
 523         .get_cipher_by_char = ssl3_get_cipher_by_char,
 524         .put_cipher_by_char = ssl3_put_cipher_by_char,
 525         .internal = &TLSv1_2_method_internal_data,
 526 };
 527
 528 static const SSL_METHOD *
 529 tls1_get_method(int ver)
 530 {
 531         if (ver == TLS1_2_VERSION)
 532                 return (TLSv1_2_method());
 533         if (ver == TLS1_1_VERSION)
 534                 return (TLSv1_1_method());
 535         if (ver == TLS1_VERSION)
 536                 return (TLSv1_method());
 537         return (NULL);
 538 }
 539
 540 const SSL_METHOD *
 541 SSLv23_method(void)
 542 {
 543         return (TLS_method());
 544 }
 545
 546 const SSL_METHOD *
 547 TLS_method(void)
 548 {
 549         return &TLS_method_data;
 550 }
 551
 552 const SSL_METHOD *
 553 TLSv1_method(void)
 554 {
 555         return (&TLSv1_method_data);
 556 }
 557
 558 const SSL_METHOD *
 559 TLSv1_1_method(void)
 560 {
 561         return (&TLSv1_1_method_data);
 562 }
 563
 564 const SSL_METHOD *
 565 TLSv1_2_method(void)
 566 {
 567         return (&TLSv1_2_method_data);
 568 }
 569
 570 static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = {
 571         .version = TLS1_2_VERSION,
 572         .min_version = TLS1_VERSION,
 573         .max_version = TLS1_2_VERSION,
 574         .ssl_new = tls1_new,
 575         .ssl_clear = tls1_clear,
 576         .ssl_free = tls1_free,
 577         .ssl_accept = ssl3_accept,
 578         .ssl_connect = ssl_undefined_function,
 579         .get_ssl_method = tls1_get_server_method,
 580         .get_timeout = tls1_default_timeout,
 581         .ssl_version = ssl_undefined_void_function,
 582         .ssl_renegotiate = ssl_undefined_function,
 583         .ssl_renegotiate_check = ssl_ok,
 584         .ssl_get_message = ssl3_get_message,
 585         .ssl_read_bytes = ssl3_read_bytes,
 586         .ssl_write_bytes = ssl3_write_bytes,
 587         .ssl3_enc = &TLSv1_2_enc_data,
 588 };
 589
 590 static const SSL_METHOD TLS_server_method_data = {
 591         .ssl_dispatch_alert = ssl3_dispatch_alert,
 592         .num_ciphers = ssl3_num_ciphers,
 593         .get_cipher = ssl3_get_cipher,
 594         .get_cipher_by_char = ssl3_get_cipher_by_char,
 595         .put_cipher_by_char = ssl3_put_cipher_by_char,
 596         .internal = &TLS_server_method_internal_data,
 597 };
 598
 599 static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = {
 600         .version = TLS1_VERSION,
 601         .min_version = TLS1_VERSION,
 602         .max_version = TLS1_VERSION,
 603         .ssl_new = tls1_new,
 604         .ssl_clear = tls1_clear,
 605         .ssl_free = tls1_free,
 606         .ssl_accept = ssl3_accept,
 607         .ssl_connect = ssl_undefined_function,
 608         .get_ssl_method = tls1_get_server_method,
 609         .get_timeout = tls1_default_timeout,
 610         .ssl_version = ssl_undefined_void_function,
 611         .ssl_renegotiate = ssl3_renegotiate,
 612         .ssl_renegotiate_check = ssl3_renegotiate_check,
 613         .ssl_get_message = ssl3_get_message,
 614         .ssl_read_bytes = ssl3_read_bytes,
 615         .ssl_write_bytes = ssl3_write_bytes,
 616         .ssl3_enc = &TLSv1_enc_data,
 617 };
 618
 619 static const SSL_METHOD TLSv1_server_method_data = {
 620         .ssl_dispatch_alert = ssl3_dispatch_alert,
 621         .num_ciphers = ssl3_num_ciphers,
 622         .get_cipher = ssl3_get_cipher,
 623         .get_cipher_by_char = ssl3_get_cipher_by_char,
 624         .put_cipher_by_char = ssl3_put_cipher_by_char,
 625         .internal = &TLSv1_server_method_internal_data,
 626 };
 627
 628 static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = {
 629         .version = TLS1_1_VERSION,
 630         .min_version = TLS1_1_VERSION,
 631         .max_version = TLS1_1_VERSION,
 632         .ssl_new = tls1_new,
 633         .ssl_clear = tls1_clear,
 634         .ssl_free = tls1_free,
 635         .ssl_accept = ssl3_accept,
 636         .ssl_connect = ssl_undefined_function,
 637         .get_ssl_method = tls1_get_server_method,
 638         .get_timeout = tls1_default_timeout,
 639         .ssl_version = ssl_undefined_void_function,
 640         .ssl_renegotiate = ssl3_renegotiate,
 641         .ssl_renegotiate_check = ssl3_renegotiate_check,
 642         .ssl_get_message = ssl3_get_message,
 643         .ssl_read_bytes = ssl3_read_bytes,
 644         .ssl_write_bytes = ssl3_write_bytes,
 645         .ssl3_enc = &TLSv1_1_enc_data,
 646 };
 647
 648 static const SSL_METHOD TLSv1_1_server_method_data = {
 649         .ssl_dispatch_alert = ssl3_dispatch_alert,
 650         .num_ciphers = ssl3_num_ciphers,
 651         .get_cipher = ssl3_get_cipher,
 652         .get_cipher_by_char = ssl3_get_cipher_by_char,
 653         .put_cipher_by_char = ssl3_put_cipher_by_char,
 654         .internal = &TLSv1_1_server_method_internal_data,
 655 };
 656
 657 static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = {
 658         .version = TLS1_2_VERSION,
 659         .min_version = TLS1_2_VERSION,
 660         .max_version = TLS1_2_VERSION,
 661         .ssl_new = tls1_new,
 662         .ssl_clear = tls1_clear,
 663         .ssl_free = tls1_free,
 664         .ssl_accept = ssl3_accept,
 665         .ssl_connect = ssl_undefined_function,
 666         .get_ssl_method = tls1_get_server_method,
 667         .get_timeout = tls1_default_timeout,
 668         .ssl_version = ssl_undefined_void_function,
 669         .ssl_renegotiate = ssl3_renegotiate,
 670         .ssl_renegotiate_check = ssl3_renegotiate_check,
 671         .ssl_get_message = ssl3_get_message,
 672         .ssl_read_bytes = ssl3_read_bytes,
 673         .ssl_write_bytes = ssl3_write_bytes,
 674         .ssl3_enc = &TLSv1_2_enc_data,
 675 };
 676
 677 static const SSL_METHOD TLSv1_2_server_method_data = {
 678         .ssl_dispatch_alert = ssl3_dispatch_alert,
 679         .num_ciphers = ssl3_num_ciphers,
 680         .get_cipher = ssl3_get_cipher,
 681         .get_cipher_by_char = ssl3_get_cipher_by_char,
 682         .put_cipher_by_char = ssl3_put_cipher_by_char,
 683         .internal = &TLSv1_2_server_method_internal_data,
 684 };
 685
 686 const SSL_METHOD *
 687 tls1_get_server_method(int ver)
 688 {
 689         if (ver == TLS1_2_VERSION)
 690                 return (TLSv1_2_server_method());
 691         if (ver == TLS1_1_VERSION)
 692                 return (TLSv1_1_server_method());
 693         if (ver == TLS1_VERSION)
 694                 return (TLSv1_server_method());
 695         return (NULL);
 696 }
 697
 698 const SSL_METHOD *
 699 SSLv23_server_method(void)
 700 {
 701         return (TLS_server_method());
 702 }
 703
 704 const SSL_METHOD *
 705 TLS_server_method(void)
 706 {
 707         return (&TLS_server_method_data);
 708 }
 709
 710 const SSL_METHOD *
 711 TLSv1_server_method(void)
 712 {
 713         return (&TLSv1_server_method_data);
 714 }
 715
 716 const SSL_METHOD *
 717 TLSv1_1_server_method(void)
 718 {
 719         return (&TLSv1_1_server_method_data);
 720 }
 721
 722 const SSL_METHOD *
 723 TLSv1_2_server_method(void)
 724 {
 725         return (&TLSv1_2_server_method_data);
 726 }