Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
e1056435
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
9 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
e1056435
编写于
7月 02, 1999
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
New functions SSL[_CTX]_{set,get}_mode; the initial set of mode flags is
SSL_MODE_ENABLE_PARTIAL_WRITE, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
上级
e0371fe4
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
68 addition
and
10 deletion
+68
-10
CHANGES
CHANGES
+16
-0
ssl/s2_pkt.c
ssl/s2_pkt.c
+9
-3
ssl/s3_pkt.c
ssl/s3_pkt.c
+9
-2
ssl/ssl.h
ssl/ssl.h
+29
-5
ssl/ssl_lib.c
ssl/ssl_lib.c
+5
-0
未找到文件。
CHANGES
浏览文件 @
e1056435
...
@@ -4,6 +4,22 @@
...
@@ -4,6 +4,22 @@
Changes between 0.9.3a and 0.9.4
Changes between 0.9.3a and 0.9.4
*) Introduce "mode" for SSL structures (with defaults in SSL_CTX),
which largely parallels "options", but is for changing API behaviour,
whereas "options" are about protocol behaviour.
Initial "mode" flags (still experimental) are:
SSL_MODE_ENABLE_PARTIAL_WRITE Allow SSL_write to report success when
a single record has been written.
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER Don't insist that SSL_write
retries use the same buffer location.
(But all of the contents must be
copied!)
[Bodo Moeller]
*) Bugfix: SSL_set_mode ignored its parameter, only SSL_CTX_set_mode
worked.
*) Fix problems with no-hmac etc.
*) Fix problems with no-hmac etc.
[Ulf Möller, pointed out by Brian Wellington <bwelling@tislabs.com>]
[Ulf Möller, pointed out by Brian Wellington <bwelling@tislabs.com>]
...
...
ssl/s2_pkt.c
浏览文件 @
e1056435
...
@@ -391,8 +391,12 @@ int ssl2_write(SSL *s, const void *_buf, int len)
...
@@ -391,8 +391,12 @@ int ssl2_write(SSL *s, const void *_buf, int len)
s
->
s2
->
wnum
=
tot
;
s
->
s2
->
wnum
=
tot
;
return
(
i
);
return
(
i
);
}
}
if
(
i
==
(
int
)
n
)
return
(
tot
+
i
);
if
((
i
==
(
int
)
n
)
||
(
s
->
mode
|
SSL_MODE_ENABLE_PARTIAL_WRITE
))
{
return
(
tot
+
i
);
}
n
-=
i
;
n
-=
i
;
tot
+=
i
;
tot
+=
i
;
}
}
...
@@ -406,7 +410,9 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
...
@@ -406,7 +410,9 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
/* check that they have given us the same buffer to
/* check that they have given us the same buffer to
* write */
* write */
if
((
s
->
s2
->
wpend_tot
>
(
int
)
len
)
||
(
s
->
s2
->
wpend_buf
!=
buf
))
if
((
s
->
s2
->
wpend_tot
>
(
int
)
len
)
||
((
s
->
s2
->
wpend_buf
!=
buf
)
&&
(
!
s
->
mode
&
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
)))
{
{
SSLerr
(
SSL_F_WRITE_PENDING
,
SSL_R_BAD_WRITE_RETRY
);
SSLerr
(
SSL_F_WRITE_PENDING
,
SSL_R_BAD_WRITE_RETRY
);
return
(
-
1
);
return
(
-
1
);
...
...
ssl/s3_pkt.c
浏览文件 @
e1056435
...
@@ -468,7 +468,12 @@ int ssl3_write_bytes(SSL *s, int type, const void *_buf, int len)
...
@@ -468,7 +468,12 @@ int ssl3_write_bytes(SSL *s, int type, const void *_buf, int len)
if
(
type
==
SSL3_RT_HANDSHAKE
)
if
(
type
==
SSL3_RT_HANDSHAKE
)
ssl3_finish_mac
(
s
,
&
(
buf
[
tot
]),
i
);
ssl3_finish_mac
(
s
,
&
(
buf
[
tot
]),
i
);
if
(
i
==
(
int
)
n
)
return
(
tot
+
i
);
if
((
i
==
(
int
)
n
)
||
(
type
==
SSL3_RT_APPLICATION_DATA
&&
(
s
->
mode
|
SSL_MODE_ENABLE_PARTIAL_WRITE
)))
{
return
(
tot
+
i
);
}
n
-=
i
;
n
-=
i
;
tot
+=
i
;
tot
+=
i
;
...
@@ -596,7 +601,9 @@ static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
...
@@ -596,7 +601,9 @@ static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
int
i
;
int
i
;
/* XXXX */
/* XXXX */
if
((
s
->
s3
->
wpend_tot
>
(
int
)
len
)
||
(
s
->
s3
->
wpend_buf
!=
buf
)
if
((
s
->
s3
->
wpend_tot
>
(
int
)
len
)
||
((
s
->
s3
->
wpend_buf
!=
buf
)
&&
(
!
s
->
mode
&
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
))
||
(
s
->
s3
->
wpend_type
!=
type
))
||
(
s
->
s3
->
wpend_type
!=
type
))
{
{
SSLerr
(
SSL_F_SSL3_WRITE_PENDING
,
SSL_R_BAD_WRITE_RETRY
);
SSLerr
(
SSL_F_SSL3_WRITE_PENDING
,
SSL_R_BAD_WRITE_RETRY
);
...
...
ssl/ssl.h
浏览文件 @
e1056435
...
@@ -295,18 +295,39 @@ typedef struct ssl_session_st
...
@@ -295,18 +295,39 @@ typedef struct ssl_session_st
#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L
#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L
#define SSL_OP_ALL 0x000FFFFFL
#define SSL_OP_ALL 0x000FFFFFL
#define SSL_OP_NO_SSLv2 0x01000000L
#define SSL_OP_NO_SSLv3 0x02000000L
#define SSL_OP_NO_TLSv1 0x04000000L
/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
* when just a single record has been written): */
#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
/* Make it possible to retry SSL_write() with changed buffer location
* (buffer contents must stay the same!); this is not the default to avoid
* the misconception that non-blocking SSL_write() behaves like
* non-blocking write(): */
#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
* they cannot be used to clear bits. */
#define SSL_CTX_set_options(ctx,op) \
#define SSL_CTX_set_options(ctx,op) \
SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,op,NULL)
SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,op,NULL)
#define SSL_CTX_get_options(ctx) \
#define SSL_CTX_get_options(ctx) \
SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,0,NULL)
SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,0,NULL)
#define SSL_set_options(ssl,op) \
#define SSL_set_options(ssl,op) \
SSL_ctrl(ssl,SSL_CTRL_OPTIONS,
0
,NULL)
SSL_ctrl(ssl,SSL_CTRL_OPTIONS,
op
,NULL)
#define SSL_get_options(ssl) \
#define SSL_get_options(ssl) \
SSL_ctrl(ssl,SSL_CTRL_OPTIONS,0,NULL)
SSL_ctrl(ssl,SSL_CTRL_OPTIONS,0,NULL)
#define SSL_OP_NO_SSLv2 0x01000000L
#define SSL_CTX_set_mode(ctx,op) \
#define SSL_OP_NO_SSLv3 0x02000000L
SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,op,NULL)
#define SSL_OP_NO_TLSv1 0x04000000L
#define SSL_CTX_get_mode(ctx) \
SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,0,NULL)
#define SSL_set_mode(ssl,op) \
SSL_ctrl(ssl,SSL_CTRL_MODE,op,NULL)
#define SSL_get_mode(ssl) \
SSL_ctrl(ssl,SSL_CTRL_MODE,0,NULL)
#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
...
@@ -327,6 +348,7 @@ struct ssl_ctx_st
...
@@ -327,6 +348,7 @@ struct ssl_ctx_st
{
{
SSL_METHOD
*
method
;
SSL_METHOD
*
method
;
unsigned
long
options
;
unsigned
long
options
;
unsigned
long
mode
;
STACK_OF
(
SSL_CIPHER
)
*
cipher_list
;
STACK_OF
(
SSL_CIPHER
)
*
cipher_list
;
/* same as above but sorted for lookup */
/* same as above but sorted for lookup */
...
@@ -605,7 +627,8 @@ struct ssl_st
...
@@ -605,7 +627,8 @@ struct ssl_st
STACK_OF
(
X509_NAME
)
*
client_CA
;
STACK_OF
(
X509_NAME
)
*
client_CA
;
int
references
;
int
references
;
unsigned
long
options
;
unsigned
long
options
;
/* protocol behaviour */
unsigned
long
mode
;
/* API behaviour */
int
first_packet
;
int
first_packet
;
int
client_version
;
/* what was passed, used for
int
client_version
;
/* what was passed, used for
* SSLv3/TLS rolback check */
* SSLv3/TLS rolback check */
...
@@ -780,6 +803,7 @@ struct ssl_st
...
@@ -780,6 +803,7 @@ struct ssl_st
#define SSL_CTRL_SESS_TIMEOUTS 30
#define SSL_CTRL_SESS_TIMEOUTS 30
#define SSL_CTRL_SESS_CACHE_FULL 31
#define SSL_CTRL_SESS_CACHE_FULL 31
#define SSL_CTRL_OPTIONS 32
#define SSL_CTRL_OPTIONS 32
#define SSL_CTRL_MODE 33
#define SSL_CTRL_GET_READ_AHEAD 40
#define SSL_CTRL_GET_READ_AHEAD 40
#define SSL_CTRL_SET_READ_AHEAD 41
#define SSL_CTRL_SET_READ_AHEAD 41
...
...
ssl/ssl_lib.c
浏览文件 @
e1056435
...
@@ -215,6 +215,7 @@ SSL *SSL_new(SSL_CTX *ctx)
...
@@ -215,6 +215,7 @@ SSL *SSL_new(SSL_CTX *ctx)
s
->
references
=
1
;
s
->
references
=
1
;
s
->
server
=
(
ctx
->
method
->
ssl_accept
==
ssl_undefined_function
)
?
0
:
1
;
s
->
server
=
(
ctx
->
method
->
ssl_accept
==
ssl_undefined_function
)
?
0
:
1
;
s
->
options
=
ctx
->
options
;
s
->
options
=
ctx
->
options
;
s
->
mode
=
ctx
->
mode
;
SSL_clear
(
s
);
SSL_clear
(
s
);
CRYPTO_new_ex_data
(
ssl_meth
,(
char
*
)
s
,
&
s
->
ex_data
);
CRYPTO_new_ex_data
(
ssl_meth
,(
char
*
)
s
,
&
s
->
ex_data
);
...
@@ -695,6 +696,8 @@ long SSL_ctrl(SSL *s,int cmd,long larg,char *parg)
...
@@ -695,6 +696,8 @@ long SSL_ctrl(SSL *s,int cmd,long larg,char *parg)
return
(
l
);
return
(
l
);
case
SSL_CTRL_OPTIONS
:
case
SSL_CTRL_OPTIONS
:
return
(
s
->
options
|=
larg
);
return
(
s
->
options
|=
larg
);
case
SSL_CTRL_MODE
:
return
(
s
->
mode
|=
larg
);
default:
default:
return
(
s
->
method
->
ssl_ctrl
(
s
,
cmd
,
larg
,
parg
));
return
(
s
->
method
->
ssl_ctrl
(
s
,
cmd
,
larg
,
parg
));
}
}
...
@@ -752,6 +755,8 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,char *parg)
...
@@ -752,6 +755,8 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,char *parg)
return
(
ctx
->
stats
.
sess_cache_full
);
return
(
ctx
->
stats
.
sess_cache_full
);
case
SSL_CTRL_OPTIONS
:
case
SSL_CTRL_OPTIONS
:
return
(
ctx
->
options
|=
larg
);
return
(
ctx
->
options
|=
larg
);
case
SSL_CTRL_MODE
:
return
(
ctx
->
mode
|=
larg
);
default:
default:
return
(
ctx
->
method
->
ssl_ctx_ctrl
(
ctx
,
cmd
,
larg
,
parg
));
return
(
ctx
->
method
->
ssl_ctx_ctrl
(
ctx
,
cmd
,
larg
,
parg
));
}
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录