1 /* $OpenBSD: ssl_methods.c,v 1.12 2020/02/06 16:05:58 jsing Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
60 #include "tls13_internal.h"
62 static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = {
63 .version = DTLS1_VERSION,
64 .min_version = DTLS1_VERSION,
65 .max_version = DTLS1_VERSION,
67 .ssl_clear = dtls1_clear,
68 .ssl_free = dtls1_free,
69 .ssl_accept = ssl_undefined_function,
70 .ssl_connect = ssl3_connect,
71 .ssl_shutdown = ssl3_shutdown,
72 .get_ssl_method = dtls1_get_client_method,
73 .get_timeout = dtls1_default_timeout,
74 .ssl_version = ssl_undefined_void_function,
75 .ssl_renegotiate = ssl3_renegotiate,
76 .ssl_renegotiate_check = ssl3_renegotiate_check,
77 .ssl_pending = ssl3_pending,
78 .ssl_read_bytes = dtls1_read_bytes,
79 .ssl_write_bytes = dtls1_write_app_data_bytes,
80 .ssl3_enc = &DTLSv1_enc_data,
83 static const SSL_METHOD DTLSv1_client_method_data = {
84 .ssl_dispatch_alert = dtls1_dispatch_alert,
85 .num_ciphers = ssl3_num_ciphers,
86 .get_cipher = dtls1_get_cipher,
87 .get_cipher_by_char = ssl3_get_cipher_by_char,
88 .put_cipher_by_char = ssl3_put_cipher_by_char,
89 .internal = &DTLSv1_client_method_internal_data,
93 DTLSv1_client_method(void)
95 return &DTLSv1_client_method_data;
99 DTLS_client_method(void)
101 return DTLSv1_client_method();
105 dtls1_get_client_method(int ver)
107 if (ver == DTLS1_VERSION)
108 return (DTLSv1_client_method());
112 static const SSL_METHOD *dtls1_get_method(int ver);
114 static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
115 .version = DTLS1_VERSION,
116 .min_version = DTLS1_VERSION,
117 .max_version = DTLS1_VERSION,
118 .ssl_new = dtls1_new,
119 .ssl_clear = dtls1_clear,
120 .ssl_free = dtls1_free,
121 .ssl_accept = ssl3_accept,
122 .ssl_connect = ssl3_connect,
123 .ssl_shutdown = ssl3_shutdown,
124 .get_ssl_method = dtls1_get_method,
125 .get_timeout = dtls1_default_timeout,
126 .ssl_version = ssl_undefined_void_function,
127 .ssl_renegotiate = ssl3_renegotiate,
128 .ssl_renegotiate_check = ssl3_renegotiate_check,
129 .ssl_pending = ssl3_pending,
130 .ssl_read_bytes = dtls1_read_bytes,
131 .ssl_write_bytes = dtls1_write_app_data_bytes,
132 .ssl3_enc = &DTLSv1_enc_data,
135 static const SSL_METHOD DTLSv1_method_data = {
136 .ssl_dispatch_alert = dtls1_dispatch_alert,
137 .num_ciphers = ssl3_num_ciphers,
138 .get_cipher = dtls1_get_cipher,
139 .get_cipher_by_char = ssl3_get_cipher_by_char,
140 .put_cipher_by_char = ssl3_put_cipher_by_char,
141 .internal = &DTLSv1_method_internal_data,
147 return &DTLSv1_method_data;
153 return DTLSv1_method();
156 static const SSL_METHOD *
157 dtls1_get_method(int ver)
159 if (ver == DTLS1_VERSION)
160 return (DTLSv1_method());
164 static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = {
165 .version = DTLS1_VERSION,
166 .min_version = DTLS1_VERSION,
167 .max_version = DTLS1_VERSION,
168 .ssl_new = dtls1_new,
169 .ssl_clear = dtls1_clear,
170 .ssl_free = dtls1_free,
171 .ssl_accept = ssl3_accept,
172 .ssl_connect = ssl_undefined_function,
173 .ssl_shutdown = ssl3_shutdown,
174 .get_ssl_method = dtls1_get_server_method,
175 .get_timeout = dtls1_default_timeout,
176 .ssl_version = ssl_undefined_void_function,
177 .ssl_renegotiate = ssl3_renegotiate,
178 .ssl_renegotiate_check = ssl3_renegotiate_check,
179 .ssl_pending = ssl3_pending,
180 .ssl_read_bytes = dtls1_read_bytes,
181 .ssl_write_bytes = dtls1_write_app_data_bytes,
182 .ssl3_enc = &DTLSv1_enc_data,
185 static const SSL_METHOD DTLSv1_server_method_data = {
186 .ssl_dispatch_alert = dtls1_dispatch_alert,
187 .num_ciphers = ssl3_num_ciphers,
188 .get_cipher = dtls1_get_cipher,
189 .get_cipher_by_char = ssl3_get_cipher_by_char,
190 .put_cipher_by_char = ssl3_put_cipher_by_char,
191 .internal = &DTLSv1_server_method_internal_data,
195 DTLSv1_server_method(void)
197 return &DTLSv1_server_method_data;
201 DTLS_server_method(void)
203 return DTLSv1_server_method();
207 dtls1_get_server_method(int ver)
209 if (ver == DTLS1_VERSION)
210 return (DTLSv1_server_method());
214 #ifdef LIBRESSL_HAS_TLS1_3_CLIENT
215 static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = {
216 .version = TLS1_3_VERSION,
217 .min_version = TLS1_VERSION,
218 .max_version = TLS1_3_VERSION,
220 .ssl_clear = tls1_clear,
221 .ssl_free = tls1_free,
222 .ssl_accept = ssl_undefined_function,
223 .ssl_connect = tls13_legacy_connect,
224 .ssl_shutdown = tls13_legacy_shutdown,
225 .get_ssl_method = tls1_get_client_method,
226 .get_timeout = tls1_default_timeout,
227 .ssl_version = ssl_undefined_void_function,
228 .ssl_renegotiate = ssl_undefined_function,
229 .ssl_renegotiate_check = ssl_ok,
230 .ssl_pending = tls13_legacy_pending,
231 .ssl_read_bytes = tls13_legacy_read_bytes,
232 .ssl_write_bytes = tls13_legacy_write_bytes,
233 .ssl3_enc = &TLSv1_3_enc_data,
236 static const SSL_METHOD TLS_client_method_data = {
237 .ssl_dispatch_alert = ssl3_dispatch_alert,
238 .num_ciphers = ssl3_num_ciphers,
239 .get_cipher = ssl3_get_cipher,
240 .get_cipher_by_char = ssl3_get_cipher_by_char,
241 .put_cipher_by_char = ssl3_put_cipher_by_char,
242 .internal = &TLS_client_method_internal_data,
246 static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = {
247 .version = TLS1_2_VERSION,
248 .min_version = TLS1_VERSION,
249 .max_version = TLS1_2_VERSION,
251 .ssl_clear = tls1_clear,
252 .ssl_free = tls1_free,
253 .ssl_accept = ssl_undefined_function,
254 .ssl_connect = ssl3_connect,
255 .ssl_shutdown = ssl3_shutdown,
256 .get_ssl_method = tls1_get_client_method,
257 .get_timeout = tls1_default_timeout,
258 .ssl_version = ssl_undefined_void_function,
259 .ssl_renegotiate = ssl_undefined_function,
260 .ssl_renegotiate_check = ssl_ok,
261 .ssl_pending = ssl3_pending,
262 .ssl_read_bytes = ssl3_read_bytes,
263 .ssl_write_bytes = ssl3_write_bytes,
264 .ssl3_enc = &TLSv1_2_enc_data,
267 static const SSL_METHOD TLS_legacy_client_method_data = {
268 .ssl_dispatch_alert = ssl3_dispatch_alert,
269 .num_ciphers = ssl3_num_ciphers,
270 .get_cipher = ssl3_get_cipher,
271 .get_cipher_by_char = ssl3_get_cipher_by_char,
272 .put_cipher_by_char = ssl3_put_cipher_by_char,
273 .internal = &TLS_legacy_client_method_internal_data,
276 static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = {
277 .version = TLS1_VERSION,
278 .min_version = TLS1_VERSION,
279 .max_version = TLS1_VERSION,
281 .ssl_clear = tls1_clear,
282 .ssl_free = tls1_free,
283 .ssl_accept = ssl_undefined_function,
284 .ssl_connect = ssl3_connect,
285 .ssl_shutdown = ssl3_shutdown,
286 .get_ssl_method = tls1_get_client_method,
287 .get_timeout = tls1_default_timeout,
288 .ssl_version = ssl_undefined_void_function,
289 .ssl_renegotiate = ssl3_renegotiate,
290 .ssl_renegotiate_check = ssl3_renegotiate_check,
291 .ssl_pending = ssl3_pending,
292 .ssl_read_bytes = ssl3_read_bytes,
293 .ssl_write_bytes = ssl3_write_bytes,
294 .ssl3_enc = &TLSv1_enc_data,
297 static const SSL_METHOD TLSv1_client_method_data = {
298 .ssl_dispatch_alert = ssl3_dispatch_alert,
299 .num_ciphers = ssl3_num_ciphers,
300 .get_cipher = ssl3_get_cipher,
301 .get_cipher_by_char = ssl3_get_cipher_by_char,
302 .put_cipher_by_char = ssl3_put_cipher_by_char,
303 .internal = &TLSv1_client_method_internal_data,
306 static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = {
307 .version = TLS1_1_VERSION,
308 .min_version = TLS1_1_VERSION,
309 .max_version = TLS1_1_VERSION,
311 .ssl_clear = tls1_clear,
312 .ssl_free = tls1_free,
313 .ssl_accept = ssl_undefined_function,
314 .ssl_connect = ssl3_connect,
315 .ssl_shutdown = ssl3_shutdown,
316 .get_ssl_method = tls1_get_client_method,
317 .get_timeout = tls1_default_timeout,
318 .ssl_version = ssl_undefined_void_function,
319 .ssl_renegotiate = ssl3_renegotiate,
320 .ssl_renegotiate_check = ssl3_renegotiate_check,
321 .ssl_pending = ssl3_pending,
322 .ssl_read_bytes = ssl3_read_bytes,
323 .ssl_write_bytes = ssl3_write_bytes,
324 .ssl3_enc = &TLSv1_1_enc_data,
327 static const SSL_METHOD TLSv1_1_client_method_data = {
328 .ssl_dispatch_alert = ssl3_dispatch_alert,
329 .num_ciphers = ssl3_num_ciphers,
330 .get_cipher = ssl3_get_cipher,
331 .get_cipher_by_char = ssl3_get_cipher_by_char,
332 .put_cipher_by_char = ssl3_put_cipher_by_char,
333 .internal = &TLSv1_1_client_method_internal_data,
336 static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = {
337 .version = TLS1_2_VERSION,
338 .min_version = TLS1_2_VERSION,
339 .max_version = TLS1_2_VERSION,
341 .ssl_clear = tls1_clear,
342 .ssl_free = tls1_free,
343 .ssl_accept = ssl_undefined_function,
344 .ssl_connect = ssl3_connect,
345 .ssl_shutdown = ssl3_shutdown,
346 .get_ssl_method = tls1_get_client_method,
347 .get_timeout = tls1_default_timeout,
348 .ssl_version = ssl_undefined_void_function,
349 .ssl_renegotiate = ssl3_renegotiate,
350 .ssl_renegotiate_check = ssl3_renegotiate_check,
351 .ssl_pending = ssl3_pending,
352 .ssl_read_bytes = ssl3_read_bytes,
353 .ssl_write_bytes = ssl3_write_bytes,
354 .ssl3_enc = &TLSv1_2_enc_data,
357 static const SSL_METHOD TLSv1_2_client_method_data = {
358 .ssl_dispatch_alert = ssl3_dispatch_alert,
359 .num_ciphers = ssl3_num_ciphers,
360 .get_cipher = ssl3_get_cipher,
361 .get_cipher_by_char = ssl3_get_cipher_by_char,
362 .put_cipher_by_char = ssl3_put_cipher_by_char,
363 .internal = &TLSv1_2_client_method_internal_data,
367 tls1_get_client_method(int ver)
369 #ifdef LIBRESSL_HAS_TLS1_3_CLIENT
370 if (ver == TLS1_3_VERSION)
371 return (TLS_client_method());
373 if (ver == TLS1_2_VERSION)
374 return (TLSv1_2_client_method());
375 if (ver == TLS1_1_VERSION)
376 return (TLSv1_1_client_method());
377 if (ver == TLS1_VERSION)
378 return (TLSv1_client_method());
383 SSLv23_client_method(void)
385 return (TLS_client_method());
389 TLS_client_method(void)
391 #ifdef LIBRESSL_HAS_TLS1_3_CLIENT
392 return (&TLS_client_method_data);
394 return tls_legacy_client_method();
399 tls_legacy_client_method(void)
401 return (&TLS_legacy_client_method_data);
405 TLSv1_client_method(void)
407 return (&TLSv1_client_method_data);
411 TLSv1_1_client_method(void)
413 return (&TLSv1_1_client_method_data);
417 TLSv1_2_client_method(void)
419 return (&TLSv1_2_client_method_data);
422 static const SSL_METHOD *tls1_get_method(int ver);
424 static const SSL_METHOD_INTERNAL TLS_method_internal_data = {
425 .version = TLS1_2_VERSION,
426 .min_version = TLS1_VERSION,
427 .max_version = TLS1_2_VERSION,
429 .ssl_clear = tls1_clear,
430 .ssl_free = tls1_free,
431 .ssl_accept = ssl3_accept,
432 .ssl_connect = ssl3_connect,
433 .ssl_shutdown = ssl3_shutdown,
434 .get_ssl_method = tls1_get_method,
435 .get_timeout = tls1_default_timeout,
436 .ssl_version = ssl_undefined_void_function,
437 .ssl_renegotiate = ssl_undefined_function,
438 .ssl_renegotiate_check = ssl_ok,
439 .ssl_pending = ssl3_pending,
440 .ssl_read_bytes = ssl3_read_bytes,
441 .ssl_write_bytes = ssl3_write_bytes,
442 .ssl3_enc = &TLSv1_2_enc_data,
445 static const SSL_METHOD TLS_method_data = {
446 .ssl_dispatch_alert = ssl3_dispatch_alert,
447 .num_ciphers = ssl3_num_ciphers,
448 .get_cipher = ssl3_get_cipher,
449 .get_cipher_by_char = ssl3_get_cipher_by_char,
450 .put_cipher_by_char = ssl3_put_cipher_by_char,
451 .internal = &TLS_method_internal_data,
454 static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = {
455 .version = TLS1_VERSION,
456 .min_version = TLS1_VERSION,
457 .max_version = TLS1_VERSION,
459 .ssl_clear = tls1_clear,
460 .ssl_free = tls1_free,
461 .ssl_accept = ssl3_accept,
462 .ssl_connect = ssl3_connect,
463 .ssl_shutdown = ssl3_shutdown,
464 .get_ssl_method = tls1_get_method,
465 .get_timeout = tls1_default_timeout,
466 .ssl_version = ssl_undefined_void_function,
467 .ssl_renegotiate = ssl3_renegotiate,
468 .ssl_renegotiate_check = ssl3_renegotiate_check,
469 .ssl_pending = ssl3_pending,
470 .ssl_read_bytes = ssl3_read_bytes,
471 .ssl_write_bytes = ssl3_write_bytes,
472 .ssl3_enc = &TLSv1_enc_data,
475 static const SSL_METHOD TLSv1_method_data = {
476 .ssl_dispatch_alert = ssl3_dispatch_alert,
477 .num_ciphers = ssl3_num_ciphers,
478 .get_cipher = ssl3_get_cipher,
479 .get_cipher_by_char = ssl3_get_cipher_by_char,
480 .put_cipher_by_char = ssl3_put_cipher_by_char,
481 .internal = &TLSv1_method_internal_data,
484 static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = {
485 .version = TLS1_1_VERSION,
486 .min_version = TLS1_1_VERSION,
487 .max_version = TLS1_1_VERSION,
489 .ssl_clear = tls1_clear,
490 .ssl_free = tls1_free,
491 .ssl_accept = ssl3_accept,
492 .ssl_connect = ssl3_connect,
493 .ssl_shutdown = ssl3_shutdown,
494 .get_ssl_method = tls1_get_method,
495 .get_timeout = tls1_default_timeout,
496 .ssl_version = ssl_undefined_void_function,
497 .ssl_renegotiate = ssl3_renegotiate,
498 .ssl_renegotiate_check = ssl3_renegotiate_check,
499 .ssl_pending = ssl3_pending,
500 .ssl_read_bytes = ssl3_read_bytes,
501 .ssl_write_bytes = ssl3_write_bytes,
502 .ssl3_enc = &TLSv1_1_enc_data,
505 static const SSL_METHOD TLSv1_1_method_data = {
506 .ssl_dispatch_alert = ssl3_dispatch_alert,
507 .num_ciphers = ssl3_num_ciphers,
508 .get_cipher = ssl3_get_cipher,
509 .get_cipher_by_char = ssl3_get_cipher_by_char,
510 .put_cipher_by_char = ssl3_put_cipher_by_char,
511 .internal = &TLSv1_1_method_internal_data,
514 static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = {
515 .version = TLS1_2_VERSION,
516 .min_version = TLS1_2_VERSION,
517 .max_version = TLS1_2_VERSION,
519 .ssl_clear = tls1_clear,
520 .ssl_free = tls1_free,
521 .ssl_accept = ssl3_accept,
522 .ssl_connect = ssl3_connect,
523 .ssl_shutdown = ssl3_shutdown,
524 .get_ssl_method = tls1_get_method,
525 .get_timeout = tls1_default_timeout,
526 .ssl_version = ssl_undefined_void_function,
527 .ssl_renegotiate = ssl3_renegotiate,
528 .ssl_renegotiate_check = ssl3_renegotiate_check,
529 .ssl_pending = ssl3_pending,
530 .ssl_read_bytes = ssl3_read_bytes,
531 .ssl_write_bytes = ssl3_write_bytes,
532 .ssl3_enc = &TLSv1_2_enc_data,
535 static const SSL_METHOD TLSv1_2_method_data = {
536 .ssl_dispatch_alert = ssl3_dispatch_alert,
537 .num_ciphers = ssl3_num_ciphers,
538 .get_cipher = ssl3_get_cipher,
539 .get_cipher_by_char = ssl3_get_cipher_by_char,
540 .put_cipher_by_char = ssl3_put_cipher_by_char,
541 .internal = &TLSv1_2_method_internal_data,
544 static const SSL_METHOD *
545 tls1_get_method(int ver)
547 if (ver == TLS1_2_VERSION)
548 return (TLSv1_2_method());
549 if (ver == TLS1_1_VERSION)
550 return (TLSv1_1_method());
551 if (ver == TLS1_VERSION)
552 return (TLSv1_method());
559 return (TLS_method());
565 return &TLS_method_data;
571 return (&TLSv1_method_data);
577 return (&TLSv1_1_method_data);
583 return (&TLSv1_2_method_data);
586 #ifdef LIBRESSL_HAS_TLS1_3_SERVER
587 static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = {
588 .version = TLS1_3_VERSION,
589 .min_version = TLS1_VERSION,
590 .max_version = TLS1_3_VERSION,
592 .ssl_clear = tls1_clear,
593 .ssl_free = tls1_free,
594 .ssl_accept = tls13_legacy_accept,
595 .ssl_connect = ssl_undefined_function,
596 .ssl_shutdown = tls13_legacy_shutdown,
597 .get_ssl_method = tls1_get_server_method,
598 .get_timeout = tls1_default_timeout,
599 .ssl_version = ssl_undefined_void_function,
600 .ssl_renegotiate = ssl_undefined_function,
601 .ssl_renegotiate_check = ssl_ok,
602 .ssl_pending = tls13_legacy_pending,
603 .ssl_read_bytes = tls13_legacy_read_bytes,
604 .ssl_write_bytes = tls13_legacy_write_bytes,
605 .ssl3_enc = &TLSv1_3_enc_data,
608 static const SSL_METHOD TLS_server_method_data = {
609 .ssl_dispatch_alert = ssl3_dispatch_alert,
610 .num_ciphers = ssl3_num_ciphers,
611 .get_cipher = ssl3_get_cipher,
612 .get_cipher_by_char = ssl3_get_cipher_by_char,
613 .put_cipher_by_char = ssl3_put_cipher_by_char,
614 .internal = &TLS_server_method_internal_data,
618 static const SSL_METHOD_INTERNAL TLS_legacy_server_method_internal_data = {
619 .version = TLS1_2_VERSION,
620 .min_version = TLS1_VERSION,
621 .max_version = TLS1_2_VERSION,
623 .ssl_clear = tls1_clear,
624 .ssl_free = tls1_free,
625 .ssl_accept = ssl3_accept,
626 .ssl_connect = ssl_undefined_function,
627 .ssl_shutdown = ssl3_shutdown,
628 .get_ssl_method = tls1_get_server_method,
629 .get_timeout = tls1_default_timeout,
630 .ssl_version = ssl_undefined_void_function,
631 .ssl_renegotiate = ssl_undefined_function,
632 .ssl_renegotiate_check = ssl_ok,
633 .ssl_pending = ssl3_pending,
634 .ssl_read_bytes = ssl3_read_bytes,
635 .ssl_write_bytes = ssl3_write_bytes,
636 .ssl3_enc = &TLSv1_2_enc_data,
639 static const SSL_METHOD TLS_legacy_server_method_data = {
640 .ssl_dispatch_alert = ssl3_dispatch_alert,
641 .num_ciphers = ssl3_num_ciphers,
642 .get_cipher = ssl3_get_cipher,
643 .get_cipher_by_char = ssl3_get_cipher_by_char,
644 .put_cipher_by_char = ssl3_put_cipher_by_char,
645 .internal = &TLS_legacy_server_method_internal_data,
648 static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = {
649 .version = TLS1_VERSION,
650 .min_version = TLS1_VERSION,
651 .max_version = TLS1_VERSION,
653 .ssl_clear = tls1_clear,
654 .ssl_free = tls1_free,
655 .ssl_accept = ssl3_accept,
656 .ssl_connect = ssl_undefined_function,
657 .ssl_shutdown = ssl3_shutdown,
658 .get_ssl_method = tls1_get_server_method,
659 .get_timeout = tls1_default_timeout,
660 .ssl_version = ssl_undefined_void_function,
661 .ssl_renegotiate = ssl3_renegotiate,
662 .ssl_renegotiate_check = ssl3_renegotiate_check,
663 .ssl_pending = ssl3_pending,
664 .ssl_read_bytes = ssl3_read_bytes,
665 .ssl_write_bytes = ssl3_write_bytes,
666 .ssl3_enc = &TLSv1_enc_data,
669 static const SSL_METHOD TLSv1_server_method_data = {
670 .ssl_dispatch_alert = ssl3_dispatch_alert,
671 .num_ciphers = ssl3_num_ciphers,
672 .get_cipher = ssl3_get_cipher,
673 .get_cipher_by_char = ssl3_get_cipher_by_char,
674 .put_cipher_by_char = ssl3_put_cipher_by_char,
675 .internal = &TLSv1_server_method_internal_data,
678 static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = {
679 .version = TLS1_1_VERSION,
680 .min_version = TLS1_1_VERSION,
681 .max_version = TLS1_1_VERSION,
683 .ssl_clear = tls1_clear,
684 .ssl_free = tls1_free,
685 .ssl_accept = ssl3_accept,
686 .ssl_connect = ssl_undefined_function,
687 .ssl_shutdown = ssl3_shutdown,
688 .get_ssl_method = tls1_get_server_method,
689 .get_timeout = tls1_default_timeout,
690 .ssl_version = ssl_undefined_void_function,
691 .ssl_renegotiate = ssl3_renegotiate,
692 .ssl_renegotiate_check = ssl3_renegotiate_check,
693 .ssl_pending = ssl3_pending,
694 .ssl_read_bytes = ssl3_read_bytes,
695 .ssl_write_bytes = ssl3_write_bytes,
696 .ssl3_enc = &TLSv1_1_enc_data,
699 static const SSL_METHOD TLSv1_1_server_method_data = {
700 .ssl_dispatch_alert = ssl3_dispatch_alert,
701 .num_ciphers = ssl3_num_ciphers,
702 .get_cipher = ssl3_get_cipher,
703 .get_cipher_by_char = ssl3_get_cipher_by_char,
704 .put_cipher_by_char = ssl3_put_cipher_by_char,
705 .internal = &TLSv1_1_server_method_internal_data,
708 static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = {
709 .version = TLS1_2_VERSION,
710 .min_version = TLS1_2_VERSION,
711 .max_version = TLS1_2_VERSION,
713 .ssl_clear = tls1_clear,
714 .ssl_free = tls1_free,
715 .ssl_accept = ssl3_accept,
716 .ssl_connect = ssl_undefined_function,
717 .ssl_shutdown = ssl3_shutdown,
718 .get_ssl_method = tls1_get_server_method,
719 .get_timeout = tls1_default_timeout,
720 .ssl_version = ssl_undefined_void_function,
721 .ssl_renegotiate = ssl3_renegotiate,
722 .ssl_renegotiate_check = ssl3_renegotiate_check,
723 .ssl_pending = ssl3_pending,
724 .ssl_read_bytes = ssl3_read_bytes,
725 .ssl_write_bytes = ssl3_write_bytes,
726 .ssl3_enc = &TLSv1_2_enc_data,
729 static const SSL_METHOD TLSv1_2_server_method_data = {
730 .ssl_dispatch_alert = ssl3_dispatch_alert,
731 .num_ciphers = ssl3_num_ciphers,
732 .get_cipher = ssl3_get_cipher,
733 .get_cipher_by_char = ssl3_get_cipher_by_char,
734 .put_cipher_by_char = ssl3_put_cipher_by_char,
735 .internal = &TLSv1_2_server_method_internal_data,
739 tls1_get_server_method(int ver)
741 #ifdef LIBRESSL_HAS_TLS1_3_SERVER
742 if (ver == TLS1_3_VERSION)
743 return (TLS_server_method());
745 if (ver == TLS1_2_VERSION)
746 return (TLSv1_2_server_method());
747 if (ver == TLS1_1_VERSION)
748 return (TLSv1_1_server_method());
749 if (ver == TLS1_VERSION)
750 return (TLSv1_server_method());
755 SSLv23_server_method(void)
757 return (TLS_server_method());
761 TLS_server_method(void)
763 #ifdef LIBRESSL_HAS_TLS1_3_SERVER
764 return (&TLS_server_method_data);
766 return tls_legacy_server_method();
771 tls_legacy_server_method(void)
773 return (&TLS_legacy_server_method_data);
777 TLSv1_server_method(void)
779 return (&TLSv1_server_method_data);
783 TLSv1_1_server_method(void)
785 return (&TLSv1_1_server_method_data);
789 TLSv1_2_server_method(void)
791 return (&TLSv1_2_server_method_data);