1 /* $OpenBSD: ssl_methods.c,v 1.16 2020/09/17 15:23:29 jsing Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
60 #include "tls13_internal.h"
62 static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = {
63 .version = DTLS1_VERSION,
64 .min_version = DTLS1_VERSION,
65 .max_version = DTLS1_VERSION,
67 .ssl_clear = dtls1_clear,
68 .ssl_free = dtls1_free,
69 .ssl_accept = ssl_undefined_function,
70 .ssl_connect = ssl3_connect,
71 .ssl_shutdown = ssl3_shutdown,
72 .ssl_renegotiate = ssl3_renegotiate,
73 .ssl_renegotiate_check = ssl3_renegotiate_check,
74 .ssl_pending = ssl3_pending,
75 .ssl_read_bytes = dtls1_read_bytes,
76 .ssl_write_bytes = dtls1_write_app_data_bytes,
77 .ssl3_enc = &DTLSv1_enc_data,
80 static const SSL_METHOD DTLSv1_client_method_data = {
81 .ssl_dispatch_alert = dtls1_dispatch_alert,
82 .num_ciphers = ssl3_num_ciphers,
83 .get_cipher = dtls1_get_cipher,
84 .get_cipher_by_char = ssl3_get_cipher_by_char,
85 .put_cipher_by_char = ssl3_put_cipher_by_char,
86 .internal = &DTLSv1_client_method_internal_data,
90 DTLSv1_client_method(void)
92 return &DTLSv1_client_method_data;
96 DTLS_client_method(void)
98 return DTLSv1_client_method();
101 static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
102 .version = DTLS1_VERSION,
103 .min_version = DTLS1_VERSION,
104 .max_version = DTLS1_VERSION,
105 .ssl_new = dtls1_new,
106 .ssl_clear = dtls1_clear,
107 .ssl_free = dtls1_free,
108 .ssl_accept = ssl3_accept,
109 .ssl_connect = ssl3_connect,
110 .ssl_shutdown = ssl3_shutdown,
111 .ssl_renegotiate = ssl3_renegotiate,
112 .ssl_renegotiate_check = ssl3_renegotiate_check,
113 .ssl_pending = ssl3_pending,
114 .ssl_read_bytes = dtls1_read_bytes,
115 .ssl_write_bytes = dtls1_write_app_data_bytes,
116 .ssl3_enc = &DTLSv1_enc_data,
119 static const SSL_METHOD DTLSv1_method_data = {
120 .ssl_dispatch_alert = dtls1_dispatch_alert,
121 .num_ciphers = ssl3_num_ciphers,
122 .get_cipher = dtls1_get_cipher,
123 .get_cipher_by_char = ssl3_get_cipher_by_char,
124 .put_cipher_by_char = ssl3_put_cipher_by_char,
125 .internal = &DTLSv1_method_internal_data,
131 return &DTLSv1_method_data;
137 return DTLSv1_method();
140 static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = {
141 .version = DTLS1_VERSION,
142 .min_version = DTLS1_VERSION,
143 .max_version = DTLS1_VERSION,
144 .ssl_new = dtls1_new,
145 .ssl_clear = dtls1_clear,
146 .ssl_free = dtls1_free,
147 .ssl_accept = ssl3_accept,
148 .ssl_connect = ssl_undefined_function,
149 .ssl_shutdown = ssl3_shutdown,
150 .ssl_renegotiate = ssl3_renegotiate,
151 .ssl_renegotiate_check = ssl3_renegotiate_check,
152 .ssl_pending = ssl3_pending,
153 .ssl_read_bytes = dtls1_read_bytes,
154 .ssl_write_bytes = dtls1_write_app_data_bytes,
155 .ssl3_enc = &DTLSv1_enc_data,
158 static const SSL_METHOD DTLSv1_server_method_data = {
159 .ssl_dispatch_alert = dtls1_dispatch_alert,
160 .num_ciphers = ssl3_num_ciphers,
161 .get_cipher = dtls1_get_cipher,
162 .get_cipher_by_char = ssl3_get_cipher_by_char,
163 .put_cipher_by_char = ssl3_put_cipher_by_char,
164 .internal = &DTLSv1_server_method_internal_data,
168 DTLSv1_server_method(void)
170 return &DTLSv1_server_method_data;
174 DTLS_server_method(void)
176 return DTLSv1_server_method();
179 #ifdef LIBRESSL_HAS_TLS1_3_CLIENT
180 static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = {
181 .version = TLS1_3_VERSION,
182 .min_version = TLS1_VERSION,
183 .max_version = TLS1_3_VERSION,
185 .ssl_clear = tls1_clear,
186 .ssl_free = tls1_free,
187 .ssl_accept = ssl_undefined_function,
188 .ssl_connect = tls13_legacy_connect,
189 .ssl_shutdown = tls13_legacy_shutdown,
190 .ssl_renegotiate = ssl_undefined_function,
191 .ssl_renegotiate_check = ssl_ok,
192 .ssl_pending = tls13_legacy_pending,
193 .ssl_read_bytes = tls13_legacy_read_bytes,
194 .ssl_write_bytes = tls13_legacy_write_bytes,
195 .ssl3_enc = &TLSv1_3_enc_data,
198 static const SSL_METHOD TLS_client_method_data = {
199 .ssl_dispatch_alert = ssl3_dispatch_alert,
200 .num_ciphers = ssl3_num_ciphers,
201 .get_cipher = ssl3_get_cipher,
202 .get_cipher_by_char = ssl3_get_cipher_by_char,
203 .put_cipher_by_char = ssl3_put_cipher_by_char,
204 .internal = &TLS_client_method_internal_data,
208 static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = {
209 .version = TLS1_2_VERSION,
210 .min_version = TLS1_VERSION,
211 .max_version = TLS1_2_VERSION,
213 .ssl_clear = tls1_clear,
214 .ssl_free = tls1_free,
215 .ssl_accept = ssl_undefined_function,
216 .ssl_connect = ssl3_connect,
217 .ssl_shutdown = ssl3_shutdown,
218 .ssl_renegotiate = ssl_undefined_function,
219 .ssl_renegotiate_check = ssl_ok,
220 .ssl_pending = ssl3_pending,
221 .ssl_read_bytes = ssl3_read_bytes,
222 .ssl_write_bytes = ssl3_write_bytes,
223 .ssl3_enc = &TLSv1_2_enc_data,
226 static const SSL_METHOD TLS_legacy_client_method_data = {
227 .ssl_dispatch_alert = ssl3_dispatch_alert,
228 .num_ciphers = ssl3_num_ciphers,
229 .get_cipher = ssl3_get_cipher,
230 .get_cipher_by_char = ssl3_get_cipher_by_char,
231 .put_cipher_by_char = ssl3_put_cipher_by_char,
232 .internal = &TLS_legacy_client_method_internal_data,
235 static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = {
236 .version = TLS1_VERSION,
237 .min_version = TLS1_VERSION,
238 .max_version = TLS1_VERSION,
240 .ssl_clear = tls1_clear,
241 .ssl_free = tls1_free,
242 .ssl_accept = ssl_undefined_function,
243 .ssl_connect = ssl3_connect,
244 .ssl_shutdown = ssl3_shutdown,
245 .ssl_renegotiate = ssl3_renegotiate,
246 .ssl_renegotiate_check = ssl3_renegotiate_check,
247 .ssl_pending = ssl3_pending,
248 .ssl_read_bytes = ssl3_read_bytes,
249 .ssl_write_bytes = ssl3_write_bytes,
250 .ssl3_enc = &TLSv1_enc_data,
253 static const SSL_METHOD TLSv1_client_method_data = {
254 .ssl_dispatch_alert = ssl3_dispatch_alert,
255 .num_ciphers = ssl3_num_ciphers,
256 .get_cipher = ssl3_get_cipher,
257 .get_cipher_by_char = ssl3_get_cipher_by_char,
258 .put_cipher_by_char = ssl3_put_cipher_by_char,
259 .internal = &TLSv1_client_method_internal_data,
262 static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = {
263 .version = TLS1_1_VERSION,
264 .min_version = TLS1_1_VERSION,
265 .max_version = TLS1_1_VERSION,
267 .ssl_clear = tls1_clear,
268 .ssl_free = tls1_free,
269 .ssl_accept = ssl_undefined_function,
270 .ssl_connect = ssl3_connect,
271 .ssl_shutdown = ssl3_shutdown,
272 .ssl_renegotiate = ssl3_renegotiate,
273 .ssl_renegotiate_check = ssl3_renegotiate_check,
274 .ssl_pending = ssl3_pending,
275 .ssl_read_bytes = ssl3_read_bytes,
276 .ssl_write_bytes = ssl3_write_bytes,
277 .ssl3_enc = &TLSv1_1_enc_data,
280 static const SSL_METHOD TLSv1_1_client_method_data = {
281 .ssl_dispatch_alert = ssl3_dispatch_alert,
282 .num_ciphers = ssl3_num_ciphers,
283 .get_cipher = ssl3_get_cipher,
284 .get_cipher_by_char = ssl3_get_cipher_by_char,
285 .put_cipher_by_char = ssl3_put_cipher_by_char,
286 .internal = &TLSv1_1_client_method_internal_data,
289 static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = {
290 .version = TLS1_2_VERSION,
291 .min_version = TLS1_2_VERSION,
292 .max_version = TLS1_2_VERSION,
294 .ssl_clear = tls1_clear,
295 .ssl_free = tls1_free,
296 .ssl_accept = ssl_undefined_function,
297 .ssl_connect = ssl3_connect,
298 .ssl_shutdown = ssl3_shutdown,
299 .ssl_renegotiate = ssl3_renegotiate,
300 .ssl_renegotiate_check = ssl3_renegotiate_check,
301 .ssl_pending = ssl3_pending,
302 .ssl_read_bytes = ssl3_read_bytes,
303 .ssl_write_bytes = ssl3_write_bytes,
304 .ssl3_enc = &TLSv1_2_enc_data,
307 static const SSL_METHOD TLSv1_2_client_method_data = {
308 .ssl_dispatch_alert = ssl3_dispatch_alert,
309 .num_ciphers = ssl3_num_ciphers,
310 .get_cipher = ssl3_get_cipher,
311 .get_cipher_by_char = ssl3_get_cipher_by_char,
312 .put_cipher_by_char = ssl3_put_cipher_by_char,
313 .internal = &TLSv1_2_client_method_internal_data,
317 SSLv23_client_method(void)
319 return (TLS_client_method());
323 TLS_client_method(void)
325 #ifdef LIBRESSL_HAS_TLS1_3_CLIENT
326 return (&TLS_client_method_data);
328 return tls_legacy_client_method();
333 tls_legacy_client_method(void)
335 return (&TLS_legacy_client_method_data);
339 TLSv1_client_method(void)
341 return (&TLSv1_client_method_data);
345 TLSv1_1_client_method(void)
347 return (&TLSv1_1_client_method_data);
351 TLSv1_2_client_method(void)
353 return (&TLSv1_2_client_method_data);
356 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
357 static const SSL_METHOD_INTERNAL TLS_method_internal_data = {
358 .version = TLS1_3_VERSION,
359 .min_version = TLS1_VERSION,
360 .max_version = TLS1_3_VERSION,
362 .ssl_clear = tls1_clear,
363 .ssl_free = tls1_free,
364 .ssl_accept = tls13_legacy_accept,
365 .ssl_connect = tls13_legacy_connect,
366 .ssl_shutdown = tls13_legacy_shutdown,
367 .ssl_renegotiate = ssl_undefined_function,
368 .ssl_renegotiate_check = ssl_ok,
369 .ssl_pending = tls13_legacy_pending,
370 .ssl_read_bytes = tls13_legacy_read_bytes,
371 .ssl_write_bytes = tls13_legacy_write_bytes,
372 .ssl3_enc = &TLSv1_3_enc_data,
375 static const SSL_METHOD TLS_method_data = {
376 .ssl_dispatch_alert = ssl3_dispatch_alert,
377 .num_ciphers = ssl3_num_ciphers,
378 .get_cipher = ssl3_get_cipher,
379 .get_cipher_by_char = ssl3_get_cipher_by_char,
380 .put_cipher_by_char = ssl3_put_cipher_by_char,
381 .internal = &TLS_method_internal_data,
385 static const SSL_METHOD_INTERNAL TLS_legacy_method_internal_data = {
386 .version = TLS1_2_VERSION,
387 .min_version = TLS1_VERSION,
388 .max_version = TLS1_2_VERSION,
390 .ssl_clear = tls1_clear,
391 .ssl_free = tls1_free,
392 .ssl_accept = ssl3_accept,
393 .ssl_connect = ssl3_connect,
394 .ssl_shutdown = ssl3_shutdown,
395 .ssl_renegotiate = ssl_undefined_function,
396 .ssl_renegotiate_check = ssl_ok,
397 .ssl_pending = ssl3_pending,
398 .ssl_read_bytes = ssl3_read_bytes,
399 .ssl_write_bytes = ssl3_write_bytes,
400 .ssl3_enc = &TLSv1_2_enc_data,
403 static const SSL_METHOD TLS_legacy_method_data = {
404 .ssl_dispatch_alert = ssl3_dispatch_alert,
405 .num_ciphers = ssl3_num_ciphers,
406 .get_cipher = ssl3_get_cipher,
407 .get_cipher_by_char = ssl3_get_cipher_by_char,
408 .put_cipher_by_char = ssl3_put_cipher_by_char,
409 .internal = &TLS_legacy_method_internal_data,
412 static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = {
413 .version = TLS1_VERSION,
414 .min_version = TLS1_VERSION,
415 .max_version = TLS1_VERSION,
417 .ssl_clear = tls1_clear,
418 .ssl_free = tls1_free,
419 .ssl_accept = ssl3_accept,
420 .ssl_connect = ssl3_connect,
421 .ssl_shutdown = ssl3_shutdown,
422 .ssl_renegotiate = ssl3_renegotiate,
423 .ssl_renegotiate_check = ssl3_renegotiate_check,
424 .ssl_pending = ssl3_pending,
425 .ssl_read_bytes = ssl3_read_bytes,
426 .ssl_write_bytes = ssl3_write_bytes,
427 .ssl3_enc = &TLSv1_enc_data,
430 static const SSL_METHOD TLSv1_method_data = {
431 .ssl_dispatch_alert = ssl3_dispatch_alert,
432 .num_ciphers = ssl3_num_ciphers,
433 .get_cipher = ssl3_get_cipher,
434 .get_cipher_by_char = ssl3_get_cipher_by_char,
435 .put_cipher_by_char = ssl3_put_cipher_by_char,
436 .internal = &TLSv1_method_internal_data,
439 static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = {
440 .version = TLS1_1_VERSION,
441 .min_version = TLS1_1_VERSION,
442 .max_version = TLS1_1_VERSION,
444 .ssl_clear = tls1_clear,
445 .ssl_free = tls1_free,
446 .ssl_accept = ssl3_accept,
447 .ssl_connect = ssl3_connect,
448 .ssl_shutdown = ssl3_shutdown,
449 .ssl_renegotiate = ssl3_renegotiate,
450 .ssl_renegotiate_check = ssl3_renegotiate_check,
451 .ssl_pending = ssl3_pending,
452 .ssl_read_bytes = ssl3_read_bytes,
453 .ssl_write_bytes = ssl3_write_bytes,
454 .ssl3_enc = &TLSv1_1_enc_data,
457 static const SSL_METHOD TLSv1_1_method_data = {
458 .ssl_dispatch_alert = ssl3_dispatch_alert,
459 .num_ciphers = ssl3_num_ciphers,
460 .get_cipher = ssl3_get_cipher,
461 .get_cipher_by_char = ssl3_get_cipher_by_char,
462 .put_cipher_by_char = ssl3_put_cipher_by_char,
463 .internal = &TLSv1_1_method_internal_data,
466 static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = {
467 .version = TLS1_2_VERSION,
468 .min_version = TLS1_2_VERSION,
469 .max_version = TLS1_2_VERSION,
471 .ssl_clear = tls1_clear,
472 .ssl_free = tls1_free,
473 .ssl_accept = ssl3_accept,
474 .ssl_connect = ssl3_connect,
475 .ssl_shutdown = ssl3_shutdown,
476 .ssl_renegotiate = ssl3_renegotiate,
477 .ssl_renegotiate_check = ssl3_renegotiate_check,
478 .ssl_pending = ssl3_pending,
479 .ssl_read_bytes = ssl3_read_bytes,
480 .ssl_write_bytes = ssl3_write_bytes,
481 .ssl3_enc = &TLSv1_2_enc_data,
484 static const SSL_METHOD TLSv1_2_method_data = {
485 .ssl_dispatch_alert = ssl3_dispatch_alert,
486 .num_ciphers = ssl3_num_ciphers,
487 .get_cipher = ssl3_get_cipher,
488 .get_cipher_by_char = ssl3_get_cipher_by_char,
489 .put_cipher_by_char = ssl3_put_cipher_by_char,
490 .internal = &TLSv1_2_method_internal_data,
496 return (TLS_method());
502 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
503 return (&TLS_method_data);
505 return tls_legacy_method();
510 tls_legacy_method(void)
512 return (&TLS_legacy_method_data);
518 return (&TLSv1_method_data);
524 return (&TLSv1_1_method_data);
530 return (&TLSv1_2_method_data);
533 #ifdef LIBRESSL_HAS_TLS1_3_SERVER
534 static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = {
535 .version = TLS1_3_VERSION,
536 .min_version = TLS1_VERSION,
537 .max_version = TLS1_3_VERSION,
539 .ssl_clear = tls1_clear,
540 .ssl_free = tls1_free,
541 .ssl_accept = tls13_legacy_accept,
542 .ssl_connect = ssl_undefined_function,
543 .ssl_shutdown = tls13_legacy_shutdown,
544 .ssl_renegotiate = ssl_undefined_function,
545 .ssl_renegotiate_check = ssl_ok,
546 .ssl_pending = tls13_legacy_pending,
547 .ssl_read_bytes = tls13_legacy_read_bytes,
548 .ssl_write_bytes = tls13_legacy_write_bytes,
549 .ssl3_enc = &TLSv1_3_enc_data,
552 static const SSL_METHOD TLS_server_method_data = {
553 .ssl_dispatch_alert = ssl3_dispatch_alert,
554 .num_ciphers = ssl3_num_ciphers,
555 .get_cipher = ssl3_get_cipher,
556 .get_cipher_by_char = ssl3_get_cipher_by_char,
557 .put_cipher_by_char = ssl3_put_cipher_by_char,
558 .internal = &TLS_server_method_internal_data,
562 static const SSL_METHOD_INTERNAL TLS_legacy_server_method_internal_data = {
563 .version = TLS1_2_VERSION,
564 .min_version = TLS1_VERSION,
565 .max_version = TLS1_2_VERSION,
567 .ssl_clear = tls1_clear,
568 .ssl_free = tls1_free,
569 .ssl_accept = ssl3_accept,
570 .ssl_connect = ssl_undefined_function,
571 .ssl_shutdown = ssl3_shutdown,
572 .ssl_renegotiate = ssl_undefined_function,
573 .ssl_renegotiate_check = ssl_ok,
574 .ssl_pending = ssl3_pending,
575 .ssl_read_bytes = ssl3_read_bytes,
576 .ssl_write_bytes = ssl3_write_bytes,
577 .ssl3_enc = &TLSv1_2_enc_data,
580 static const SSL_METHOD TLS_legacy_server_method_data = {
581 .ssl_dispatch_alert = ssl3_dispatch_alert,
582 .num_ciphers = ssl3_num_ciphers,
583 .get_cipher = ssl3_get_cipher,
584 .get_cipher_by_char = ssl3_get_cipher_by_char,
585 .put_cipher_by_char = ssl3_put_cipher_by_char,
586 .internal = &TLS_legacy_server_method_internal_data,
589 static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = {
590 .version = TLS1_VERSION,
591 .min_version = TLS1_VERSION,
592 .max_version = TLS1_VERSION,
594 .ssl_clear = tls1_clear,
595 .ssl_free = tls1_free,
596 .ssl_accept = ssl3_accept,
597 .ssl_connect = ssl_undefined_function,
598 .ssl_shutdown = ssl3_shutdown,
599 .ssl_renegotiate = ssl3_renegotiate,
600 .ssl_renegotiate_check = ssl3_renegotiate_check,
601 .ssl_pending = ssl3_pending,
602 .ssl_read_bytes = ssl3_read_bytes,
603 .ssl_write_bytes = ssl3_write_bytes,
604 .ssl3_enc = &TLSv1_enc_data,
607 static const SSL_METHOD TLSv1_server_method_data = {
608 .ssl_dispatch_alert = ssl3_dispatch_alert,
609 .num_ciphers = ssl3_num_ciphers,
610 .get_cipher = ssl3_get_cipher,
611 .get_cipher_by_char = ssl3_get_cipher_by_char,
612 .put_cipher_by_char = ssl3_put_cipher_by_char,
613 .internal = &TLSv1_server_method_internal_data,
616 static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = {
617 .version = TLS1_1_VERSION,
618 .min_version = TLS1_1_VERSION,
619 .max_version = TLS1_1_VERSION,
621 .ssl_clear = tls1_clear,
622 .ssl_free = tls1_free,
623 .ssl_accept = ssl3_accept,
624 .ssl_connect = ssl_undefined_function,
625 .ssl_shutdown = ssl3_shutdown,
626 .ssl_renegotiate = ssl3_renegotiate,
627 .ssl_renegotiate_check = ssl3_renegotiate_check,
628 .ssl_pending = ssl3_pending,
629 .ssl_read_bytes = ssl3_read_bytes,
630 .ssl_write_bytes = ssl3_write_bytes,
631 .ssl3_enc = &TLSv1_1_enc_data,
634 static const SSL_METHOD TLSv1_1_server_method_data = {
635 .ssl_dispatch_alert = ssl3_dispatch_alert,
636 .num_ciphers = ssl3_num_ciphers,
637 .get_cipher = ssl3_get_cipher,
638 .get_cipher_by_char = ssl3_get_cipher_by_char,
639 .put_cipher_by_char = ssl3_put_cipher_by_char,
640 .internal = &TLSv1_1_server_method_internal_data,
643 static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = {
644 .version = TLS1_2_VERSION,
645 .min_version = TLS1_2_VERSION,
646 .max_version = TLS1_2_VERSION,
648 .ssl_clear = tls1_clear,
649 .ssl_free = tls1_free,
650 .ssl_accept = ssl3_accept,
651 .ssl_connect = ssl_undefined_function,
652 .ssl_shutdown = ssl3_shutdown,
653 .ssl_renegotiate = ssl3_renegotiate,
654 .ssl_renegotiate_check = ssl3_renegotiate_check,
655 .ssl_pending = ssl3_pending,
656 .ssl_read_bytes = ssl3_read_bytes,
657 .ssl_write_bytes = ssl3_write_bytes,
658 .ssl3_enc = &TLSv1_2_enc_data,
661 static const SSL_METHOD TLSv1_2_server_method_data = {
662 .ssl_dispatch_alert = ssl3_dispatch_alert,
663 .num_ciphers = ssl3_num_ciphers,
664 .get_cipher = ssl3_get_cipher,
665 .get_cipher_by_char = ssl3_get_cipher_by_char,
666 .put_cipher_by_char = ssl3_put_cipher_by_char,
667 .internal = &TLSv1_2_server_method_internal_data,
671 SSLv23_server_method(void)
673 return (TLS_server_method());
677 TLS_server_method(void)
679 #ifdef LIBRESSL_HAS_TLS1_3_SERVER
680 return (&TLS_server_method_data);
682 return tls_legacy_server_method();
687 tls_legacy_server_method(void)
689 return (&TLS_legacy_server_method_data);
693 TLSv1_server_method(void)
695 return (&TLSv1_server_method_data);
699 TLSv1_1_server_method(void)
701 return (&TLSv1_1_server_method_data);
705 TLSv1_2_server_method(void)
707 return (&TLSv1_2_server_method_data);
711 ssl_get_client_method(uint16_t version)
713 if (version == TLS1_3_VERSION)
714 return (TLS_client_method());
715 if (version == TLS1_2_VERSION)
716 return (TLSv1_2_client_method());
717 if (version == TLS1_1_VERSION)
718 return (TLSv1_1_client_method());
719 if (version == TLS1_VERSION)
720 return (TLSv1_client_method());
721 if (version == DTLS1_VERSION)
722 return (DTLSv1_client_method());
728 ssl_get_server_method(uint16_t version)
730 if (version == TLS1_3_VERSION)
731 return (TLS_server_method());
732 if (version == TLS1_2_VERSION)
733 return (TLSv1_2_server_method());
734 if (version == TLS1_1_VERSION)
735 return (TLSv1_1_server_method());
736 if (version == TLS1_VERSION)
737 return (TLSv1_server_method());
738 if (version == DTLS1_VERSION)
739 return (DTLSv1_server_method());