../deps/openssl/openssl/ssl/ssl

Bug Summary

File:	out/../deps/openssl/openssl/ssl/ssl_lib.c
Warning:	line 464, column 13 Value stored to 'min_version' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

Show analyzer invocation

clang -cc1 -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name ssl_lib.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/home/maurizio/node-v18.6.0/out -resource-dir /usr/local/lib/clang/16.0.0 -D V8_DEPRECATION_WARNINGS -D V8_IMMINENT_DEPRECATION_WARNINGS -D _GLIBCXX_USE_CXX11_ABI=1 -D NODE_OPENSSL_CONF_NAME=nodejs_conf -D NODE_OPENSSL_HAS_QUIC -D __STDC_FORMAT_MACROS -D OPENSSL_NO_PINSHARED -D OPENSSL_THREADS -D OPENSSL_NO_HW -D OPENSSL_API_COMPAT=0x10100001L -D STATIC_LEGACY -D NDEBUG -D OPENSSL_USE_NODELETE -D L_ENDIAN -D OPENSSL_BUILDING_OPENSSL -D AES_ASM -D BSAES_ASM -D CMLL_ASM -D ECP_NISTZ256_ASM -D GHASH_ASM -D KECCAK1600_ASM -D MD5_ASM -D OPENSSL_BN_ASM_GF2m -D OPENSSL_BN_ASM_MONT -D OPENSSL_BN_ASM_MONT5 -D OPENSSL_CPUID_OBJ -D OPENSSL_IA32_SSE2 -D PADLOCK_ASM -D POLY1305_ASM -D SHA1_ASM -D SHA256_ASM -D SHA512_ASM -D VPAES_ASM -D WHIRLPOOL_ASM -D X25519_ASM -D OPENSSL_PIC -D MODULESDIR="/home/maurizio/node-v18.6.0/out/Release/obj.target/deps/openssl/lib/openssl-modules" -D OPENSSLDIR="/home/maurizio/node-v18.6.0/out/Release/obj.target/deps/openssl" -D OPENSSLDIR="/etc/ssl" -D ENGINESDIR="/dev/null" -D TERMIOS -I ../deps/openssl/openssl -I ../deps/openssl/openssl/include -I ../deps/openssl/openssl/crypto -I ../deps/openssl/openssl/crypto/include -I ../deps/openssl/openssl/crypto/modes -I ../deps/openssl/openssl/crypto/ec/curve448 -I ../deps/openssl/openssl/crypto/ec/curve448/arch_32 -I ../deps/openssl/openssl/providers/common/include -I ../deps/openssl/openssl/providers/implementations/include -I ../deps/openssl/config -I ../deps/openssl/config/archs/linux-x86_64/asm -I ../deps/openssl/config/archs/linux-x86_64/asm/include -I ../deps/openssl/config/archs/linux-x86_64/asm/crypto -I ../deps/openssl/config/archs/linux-x86_64/asm/crypto/include/internal -I ../deps/openssl/config/archs/linux-x86_64/asm/providers/common/include -internal-isystem /usr/local/lib/clang/16.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-redhat-linux/8/../../../../x86_64-redhat-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O3 -Wno-unused-parameter -Wno-missing-field-initializers -Wno-old-style-declaration -fdebug-compilation-dir=/home/maurizio/node-v18.6.0/out -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2022-08-22-142216-507842-1 -x c ../deps/openssl/openssl/ssl/ssl_lib.c

1	/*
2	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4	* Copyright 2005 Nokia. All rights reserved.
5	*
6	* Licensed under the Apache License 2.0 (the "License"). You may not use
7	* this file except in compliance with the License. You can obtain a copy
8	* in the file LICENSE in the source distribution or at
9	* https://www.openssl.org/source/license.html
10	*/
11
12	#include <stdio.h>
13	#include "ssl_local.h"
14	#include "e_os.h"
15	#include <openssl/objects.h>
16	#include <openssl/x509v3.h>
17	#include <openssl/rand.h>
18	#include <openssl/ocsp.h>
19	#include <openssl/dh.h>
20	#include <openssl/engine.h>
21	#include <openssl/async.h>
22	#include <openssl/ct.h>
23	#include <openssl/trace.h>
24	#include "internal/cryptlib.h"
25	#include "internal/refcount.h"
26	#include "internal/ktls.h"
27
28	static int ssl_undefined_function_1(SSL ssl, SSL3_RECORD r, size_t s, int t,
29	SSL_MAC_BUF *mac, size_t macsize)
30	{
31	return ssl_undefined_function(ssl);
32	}
33
34	static int ssl_undefined_function_2(SSL ssl, SSL3_RECORD r, unsigned char *s,
35	int t)
36	{
37	return ssl_undefined_function(ssl);
38	}
39
40	static int ssl_undefined_function_3(SSL ssl, unsigned char r,
41	unsigned char s, size_t t, size_t u)
42	{
43	return ssl_undefined_function(ssl);
44	}
45
46	static int ssl_undefined_function_4(SSL *ssl, int r)
47	{
48	return ssl_undefined_function(ssl);
49	}
50
51	static size_t ssl_undefined_function_5(SSL ssl, const char r, size_t s,
52	unsigned char *t)
53	{
54	return ssl_undefined_function(ssl);
55	}
56
57	static int ssl_undefined_function_6(int r)
58	{
59	return ssl_undefined_function(NULL((void*)0));
60	}
61
62	static int ssl_undefined_function_7(SSL ssl, unsigned char r, size_t s,
63	const char *t, size_t u,
64	const unsigned char *v, size_t w, int x)
65	{
66	return ssl_undefined_function(ssl);
67	}
68
69	SSL3_ENC_METHOD ssl3_undef_enc_method = {
70	ssl_undefined_function_1,
71	ssl_undefined_function_2,
72	ssl_undefined_function,
73	ssl_undefined_function_3,
74	ssl_undefined_function_4,
75	ssl_undefined_function_5,
76	NULL((void)0), / client_finished_label */
77	0, /* client_finished_label_len */
78	NULL((void)0), / server_finished_label */
79	0, /* server_finished_label_len */
80	ssl_undefined_function_6,
81	ssl_undefined_function_7,
82	};
83
84	struct ssl_async_args {
85	SSL *s;
86	void *buf;
87	size_t num;
88	enum { READFUNC, WRITEFUNC, OTHERFUNC } type;
89	union {
90	int (func_read) (SSL , void , size_t, size_t );
91	int (func_write) (SSL , const void , size_t, size_t );
92	int (func_other) (SSL );
93	} f;
94	};
95
96	static const struct {
97	uint8_t mtype;
98	uint8_t ord;
99	int nid;
100	} dane_mds[] = {
101	{
102	DANETLS_MATCHING_FULL0, 0, NID_undef0
103	},
104	{
105	DANETLS_MATCHING_22561, 1, NID_sha256672
106	},
107	{
108	DANETLS_MATCHING_25122, 2, NID_sha512674
109	},
110	};
111
112	static int dane_ctx_enable(struct dane_ctx_st *dctx)
113	{
114	const EVP_MD **mdevp;
115	uint8_t *mdord;
116	uint8_t mdmax = DANETLS_MATCHING_LAST2;
117	int n = ((int)mdmax) + 1; /* int to handle PrivMatch(255) */
118	size_t i;
119
120	if (dctx->mdevp != NULL((void*)0))
121	return 1;
122
123	mdevp = OPENSSL_zalloc(n * sizeof(mdevp))CRYPTO_zalloc(n sizeof(*mdevp), "../deps/openssl/openssl/ssl/ssl_lib.c" , 123);
124	mdord = OPENSSL_zalloc(n * sizeof(mdord))CRYPTO_zalloc(n sizeof(*mdord), "../deps/openssl/openssl/ssl/ssl_lib.c" , 124);
125
126	if (mdord == NULL((void)0) \|\| mdevp == NULL((void)0)) {
127	OPENSSL_free(mdord)CRYPTO_free(mdord, "../deps/openssl/openssl/ssl/ssl_lib.c", 127 );
128	OPENSSL_free(mdevp)CRYPTO_free(mdevp, "../deps/openssl/openssl/ssl/ssl_lib.c", 128 );
129	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,129,__func__), ERR_set_error)((20),((256\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
130	return 0;
131	}
132
133	/* Install default entries */
134	for (i = 0; i < OSSL_NELEM(dane_mds)(sizeof(dane_mds)/sizeof((dane_mds)[0])); ++i) {
135	const EVP_MD *md;
136
137	if (dane_mds[i].nid == NID_undef0 \|\|
138	(md = EVP_get_digestbynid(dane_mds[i].nid)EVP_get_digestbyname(OBJ_nid2sn(dane_mds[i].nid))) == NULL((void*)0))
139	continue;
140	mdevp[dane_mds[i].mtype] = md;
141	mdord[dane_mds[i].mtype] = dane_mds[i].ord;
142	}
143
144	dctx->mdevp = mdevp;
145	dctx->mdord = mdord;
146	dctx->mdmax = mdmax;
147
148	return 1;
149	}
150
151	static void dane_ctx_final(struct dane_ctx_st *dctx)
152	{
153	OPENSSL_free(dctx->mdevp)CRYPTO_free(dctx->mdevp, "../deps/openssl/openssl/ssl/ssl_lib.c" , 153);
154	dctx->mdevp = NULL((void*)0);
155
156	OPENSSL_free(dctx->mdord)CRYPTO_free(dctx->mdord, "../deps/openssl/openssl/ssl/ssl_lib.c" , 156);
157	dctx->mdord = NULL((void*)0);
158	dctx->mdmax = 0;
159	}
160
161	static void tlsa_free(danetls_record *t)
162	{
163	if (t == NULL((void*)0))
164	return;
165	OPENSSL_free(t->data)CRYPTO_free(t->data, "../deps/openssl/openssl/ssl/ssl_lib.c" , 165);
166	EVP_PKEY_free(t->spki);
167	OPENSSL_free(t)CRYPTO_free(t, "../deps/openssl/openssl/ssl/ssl_lib.c", 167);
168	}
169
170	static void dane_final(SSL_DANE *dane)
171	{
172	sk_danetls_record_pop_free(dane->trecs, tlsa_free);
173	dane->trecs = NULL((void*)0);
174
175	sk_X509_pop_free(dane->certs, X509_free)OPENSSL_sk_pop_free(ossl_check_X509_sk_type(dane->certs),ossl_check_X509_freefunc_type (X509_free));
176	dane->certs = NULL((void*)0);
177
178	X509_free(dane->mcert);
179	dane->mcert = NULL((void*)0);
180	dane->mtlsa = NULL((void*)0);
181	dane->mdpth = -1;
182	dane->pdpth = -1;
183	}
184
185	/*
186	* dane_copy - Copy dane configuration, sans verification state.
187	*/
188	static int ssl_dane_dup(SSL to, SSL from)
189	{
190	int num;
191	int i;
192
193	if (!DANETLS_ENABLED(&from->dane)((&from->dane) != ((void*)0) && sk_danetls_record_num ((&from->dane)->trecs) > 0))
194	return 1;
195
196	num = sk_danetls_record_num(from->dane.trecs);
197	dane_final(&to->dane);
198	to->dane.flags = from->dane.flags;
199	to->dane.dctx = &to->ctx->dane;
200	to->dane.trecs = sk_danetls_record_new_reserve(NULL((void*)0), num);
201
202	if (to->dane.trecs == NULL((void*)0)) {
203	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,203,__func__), ERR_set_error)((20),((256\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
204	return 0;
205	}
206
207	for (i = 0; i < num; ++i) {
208	danetls_record *t = sk_danetls_record_value(from->dane.trecs, i);
209
210	if (SSL_dane_tlsa_add(to, t->usage, t->selector, t->mtype,
211	t->data, t->dlen) <= 0)
212	return 0;
213	}
214	return 1;
215	}
216
217	static int dane_mtype_set(struct dane_ctx_st *dctx,
218	const EVP_MD *md, uint8_t mtype, uint8_t ord)
219	{
220	int i;
221
222	if (mtype == DANETLS_MATCHING_FULL0 && md != NULL((void*)0)) {
223	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,223,__func__), ERR_set_error)((20),(173),((void*)0));
224	return 0;
225	}
226
227	if (mtype > dctx->mdmax) {
228	const EVP_MD **mdevp;
229	uint8_t *mdord;
230	int n = ((int)mtype) + 1;
231
232	mdevp = OPENSSL_realloc(dctx->mdevp, n * sizeof(mdevp))CRYPTO_realloc(dctx->mdevp, n sizeof(*mdevp), "../deps/openssl/openssl/ssl/ssl_lib.c" , 232);
233	if (mdevp == NULL((void*)0)) {
234	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,234,__func__), ERR_set_error)((20),((256\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
235	return -1;
236	}
237	dctx->mdevp = mdevp;
238
239	mdord = OPENSSL_realloc(dctx->mdord, n * sizeof(mdord))CRYPTO_realloc(dctx->mdord, n sizeof(*mdord), "../deps/openssl/openssl/ssl/ssl_lib.c" , 239);
240	if (mdord == NULL((void*)0)) {
241	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,241,__func__), ERR_set_error)((20),((256\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
242	return -1;
243	}
244	dctx->mdord = mdord;
245
246	/* Zero-fill any gaps */
247	for (i = dctx->mdmax + 1; i < mtype; ++i) {
248	mdevp[i] = NULL((void*)0);
249	mdord[i] = 0;
250	}
251
252	dctx->mdmax = mtype;
253	}
254
255	dctx->mdevp[mtype] = md;
256	/* Coerce ordinal of disabled matching types to 0 */
257	dctx->mdord[mtype] = (md == NULL((void*)0)) ? 0 : ord;
258
259	return 1;
260	}
261
262	static const EVP_MD tlsa_md_get(SSL_DANE dane, uint8_t mtype)
263	{
264	if (mtype > dane->dctx->mdmax)
265	return NULL((void*)0);
266	return dane->dctx->mdevp[mtype];
267	}
268
269	static int dane_tlsa_add(SSL_DANE *dane,
270	uint8_t usage,
271	uint8_t selector,
272	uint8_t mtype, const unsigned char *data, size_t dlen)
273	{
274	danetls_record *t;
275	const EVP_MD md = NULL((void)0);
276	int ilen = (int)dlen;
277	int i;
278	int num;
279
280	if (dane->trecs == NULL((void*)0)) {
281	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_NOT_ENABLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,281,__func__), ERR_set_error)((20),(175),((void*)0));
282	return -1;
283	}
284
285	if (ilen < 0 \|\| dlen != (size_t)ilen) {
286	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DATA_LENGTH)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,286,__func__), ERR_set_error)((20),(189),((void*)0));
287	return 0;
288	}
289
290	if (usage > DANETLS_USAGE_LAST3) {
291	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,291,__func__), ERR_set_error)((20),(184),((void*)0));
292	return 0;
293	}
294
295	if (selector > DANETLS_SELECTOR_LAST1) {
296	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_SELECTOR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,296,__func__), ERR_set_error)((20),(202),((void*)0));
297	return 0;
298	}
299
300	if (mtype != DANETLS_MATCHING_FULL0) {
301	md = tlsa_md_get(dane, mtype);
302	if (md == NULL((void*)0)) {
303	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_MATCHING_TYPE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,303,__func__), ERR_set_error)((20),(200),((void*)0));
304	return 0;
305	}
306	}
307
308	if (md != NULL((void*)0) && dlen != (size_t)EVP_MD_get_size(md)) {
309	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,309,__func__), ERR_set_error)((20),(192),((void*)0));
310	return 0;
311	}
312	if (!data) {
313	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_NULL_DATA)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,313,__func__), ERR_set_error)((20),(203),((void*)0));
314	return 0;
315	}
316
317	if ((t = OPENSSL_zalloc(sizeof(t))CRYPTO_zalloc(sizeof(t), "../deps/openssl/openssl/ssl/ssl_lib.c" , 317)) == NULL((void*)0)) {
318	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,318,__func__), ERR_set_error)((20),((256\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
319	return -1;
320	}
321
322	t->usage = usage;
323	t->selector = selector;
324	t->mtype = mtype;
325	t->data = OPENSSL_malloc(dlen)CRYPTO_malloc(dlen, "../deps/openssl/openssl/ssl/ssl_lib.c", 325 );
326	if (t->data == NULL((void*)0)) {
327	tlsa_free(t);
328	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,328,__func__), ERR_set_error)((20),((256\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
329	return -1;
330	}
331	memcpy(t->data, data, dlen);
332	t->dlen = dlen;
333
334	/* Validate and cache full certificate or public key */
335	if (mtype == DANETLS_MATCHING_FULL0) {
336	const unsigned char *p = data;
337	X509 cert = NULL((void)0);
338	EVP_PKEY pkey = NULL((void)0);
339
340	switch (selector) {
341	case DANETLS_SELECTOR_CERT0:
342	if (!d2i_X509(&cert, &p, ilen) \|\| p < data \|\|
343	dlen != (size_t)(p - data)) {
344	tlsa_free(t);
345	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,345,__func__), ERR_set_error)((20),(180),((void*)0));
346	return 0;
347	}
348	if (X509_get0_pubkey(cert) == NULL((void*)0)) {
349	tlsa_free(t);
350	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_CERTIFICATE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,350,__func__), ERR_set_error)((20),(180),((void*)0));
351	return 0;
352	}
353
354	if ((DANETLS_USAGE_BIT(usage)(((uint32_t)1) << usage) & DANETLS_TA_MASK(((((uint32_t)1) << 0)) \| ((((uint32_t)1) << 2)))) == 0) {
355	X509_free(cert);
356	break;
357	}
358
359	/*
360	* For usage DANE-TA(2), we support authentication via "2 0 0" TLSA
361	* records that contain full certificates of trust-anchors that are
362	* not present in the wire chain. For usage PKIX-TA(0), we augment
363	* the chain with untrusted Full(0) certificates from DNS, in case
364	* they are missing from the chain.
365	*/
366	if ((dane->certs == NULL((void*)0) &&
367	(dane->certs = sk_X509_new_null()((struct stack_st_X509 )OPENSSL_sk_new_null())) == NULL((void)0)) \|\|
368	!sk_X509_push(dane->certs, cert)OPENSSL_sk_push(ossl_check_X509_sk_type(dane->certs), ossl_check_X509_type (cert))) {
369	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,369,__func__), ERR_set_error)((20),((256\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
370	X509_free(cert);
371	tlsa_free(t);
372	return -1;
373	}
374	break;
375
376	case DANETLS_SELECTOR_SPKI1:
377	if (!d2i_PUBKEY(&pkey, &p, ilen) \|\| p < data \|\|
378	dlen != (size_t)(p - data)) {
379	tlsa_free(t);
380	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_PUBLIC_KEY)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,380,__func__), ERR_set_error)((20),(201),((void*)0));
381	return 0;
382	}
383
384	/*
385	* For usage DANE-TA(2), we support authentication via "2 1 0" TLSA
386	* records that contain full bare keys of trust-anchors that are
387	* not present in the wire chain.
388	*/
389	if (usage == DANETLS_USAGE_DANE_TA2)
390	t->spki = pkey;
391	else
392	EVP_PKEY_free(pkey);
393	break;
394	}
395	}
396
397	/*-
398	* Find the right insertion point for the new record.
399	*
400	* See crypto/x509/x509_vfy.c. We sort DANE-EE(3) records first, so that
401	* they can be processed first, as they require no chain building, and no
402	* expiration or hostname checks. Because DANE-EE(3) is numerically
403	* largest, this is accomplished via descending sort by "usage".
404	*
405	* We also sort in descending order by matching ordinal to simplify
406	* the implementation of digest agility in the verification code.
407	*
408	* The choice of order for the selector is not significant, so we
409	* use the same descending order for consistency.
410	*/
411	num = sk_danetls_record_num(dane->trecs);
412	for (i = 0; i < num; ++i) {
413	danetls_record *rec = sk_danetls_record_value(dane->trecs, i);
414
415	if (rec->usage > usage)
416	continue;
417	if (rec->usage < usage)
418	break;
419	if (rec->selector > selector)
420	continue;
421	if (rec->selector < selector)
422	break;
423	if (dane->dctx->mdord[rec->mtype] > dane->dctx->mdord[mtype])
424	continue;
425	break;
426	}
427
428	if (!sk_danetls_record_insert(dane->trecs, t, i)) {
429	tlsa_free(t);
430	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,430,__func__), ERR_set_error)((20),((256\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
431	return -1;
432	}
433	dane->umask \|= DANETLS_USAGE_BIT(usage)(((uint32_t)1) << usage);
434
435	return 1;
436	}
437
438	/*
439	* Return 0 if there is only one version configured and it was disabled
440	* at configure time. Return 1 otherwise.
441	*/
442	static int ssl_check_allowed_versions(int min_version, int max_version)
443	{
444	int minisdtls = 0, maxisdtls = 0;
445
446	/* Figure out if we're doing DTLS versions or TLS versions */
447	if (min_version == DTLS1_BAD_VER0x0100
448	\|\| min_version >> 8 == DTLS1_VERSION_MAJOR0xFE)
449	minisdtls = 1;
450	if (max_version == DTLS1_BAD_VER0x0100
451	\|\| max_version >> 8 == DTLS1_VERSION_MAJOR0xFE)
452	maxisdtls = 1;
453	/* A wildcard version of 0 could be DTLS or TLS. */
454	if ((minisdtls && !maxisdtls && max_version != 0)
455	\|\| (maxisdtls && !minisdtls && min_version != 0)) {
456	/* Mixing DTLS and TLS versions will lead to sadness; deny it. */
457	return 0;
458	}
459
460	if (minisdtls \|\| maxisdtls) {
461	/* Do DTLS version checks. */
462	if (min_version == 0)
463	/* Ignore DTLS1_BAD_VER */
464	min_version = DTLS1_VERSION0xFEFF;
	Value stored to 'min_version' is never read
465	if (max_version == 0)
466	max_version = DTLS1_2_VERSION0xFEFD;
467	#ifdef OPENSSL_NO_DTLS1_2
468	if (max_version == DTLS1_2_VERSION0xFEFD)
469	max_version = DTLS1_VERSION0xFEFF;
470	#endif
471	#ifdef OPENSSL_NO_DTLS1
472	if (min_version == DTLS1_VERSION0xFEFF)
473	min_version = DTLS1_2_VERSION0xFEFD;
474	#endif
475	/* Done massaging versions; do the check. */
476	if (0
477	#ifdef OPENSSL_NO_DTLS1
478	\|\| (DTLS_VERSION_GE(min_version, DTLS1_VERSION)((((min_version) == 0x0100) ? 0xff00 : (min_version)) <= ( ((0xFEFF) == 0x0100) ? 0xff00 : (0xFEFF)))
479	&& DTLS_VERSION_GE(DTLS1_VERSION, max_version)((((0xFEFF) == 0x0100) ? 0xff00 : (0xFEFF)) <= (((max_version ) == 0x0100) ? 0xff00 : (max_version))))
480	#endif
481	#ifdef OPENSSL_NO_DTLS1_2
482	\|\| (DTLS_VERSION_GE(min_version, DTLS1_2_VERSION)((((min_version) == 0x0100) ? 0xff00 : (min_version)) <= ( ((0xFEFD) == 0x0100) ? 0xff00 : (0xFEFD)))
483	&& DTLS_VERSION_GE(DTLS1_2_VERSION, max_version)((((0xFEFD) == 0x0100) ? 0xff00 : (0xFEFD)) <= (((max_version ) == 0x0100) ? 0xff00 : (max_version))))
484	#endif
485	)
486	return 0;
487	} else {
488	/* Regular TLS version checks. */
489	if (min_version == 0)
490	min_version = SSL3_VERSION0x0300;
491	if (max_version == 0)
492	max_version = TLS1_3_VERSION0x0304;
493	#ifdef OPENSSL_NO_TLS1_3
494	if (max_version == TLS1_3_VERSION0x0304)
495	max_version = TLS1_2_VERSION0x0303;
496	#endif
497	#ifdef OPENSSL_NO_TLS1_2
498	if (max_version == TLS1_2_VERSION0x0303)
499	max_version = TLS1_1_VERSION0x0302;
500	#endif
501	#ifdef OPENSSL_NO_TLS1_1
502	if (max_version == TLS1_1_VERSION0x0302)
503	max_version = TLS1_VERSION0x0301;
504	#endif
505	#ifdef OPENSSL_NO_TLS1
506	if (max_version == TLS1_VERSION0x0301)
507	max_version = SSL3_VERSION0x0300;
508	#endif
509	#ifdef OPENSSL_NO_SSL3
510	if (min_version == SSL3_VERSION0x0300)
511	min_version = TLS1_VERSION0x0301;
512	#endif
513	#ifdef OPENSSL_NO_TLS1
514	if (min_version == TLS1_VERSION0x0301)
515	min_version = TLS1_1_VERSION0x0302;
516	#endif
517	#ifdef OPENSSL_NO_TLS1_1
518	if (min_version == TLS1_1_VERSION0x0302)
519	min_version = TLS1_2_VERSION0x0303;
520	#endif
521	#ifdef OPENSSL_NO_TLS1_2
522	if (min_version == TLS1_2_VERSION0x0303)
523	min_version = TLS1_3_VERSION0x0304;
524	#endif
525	/* Done massaging versions; do the check. */
526	if (0
527	#ifdef OPENSSL_NO_SSL3
528	\|\| (min_version <= SSL3_VERSION0x0300 && SSL3_VERSION0x0300 <= max_version)
529	#endif
530	#ifdef OPENSSL_NO_TLS1
531	\|\| (min_version <= TLS1_VERSION0x0301 && TLS1_VERSION0x0301 <= max_version)
532	#endif
533	#ifdef OPENSSL_NO_TLS1_1
534	\|\| (min_version <= TLS1_1_VERSION0x0302 && TLS1_1_VERSION0x0302 <= max_version)
535	#endif
536	#ifdef OPENSSL_NO_TLS1_2
537	\|\| (min_version <= TLS1_2_VERSION0x0303 && TLS1_2_VERSION0x0303 <= max_version)
538	#endif
539	#ifdef OPENSSL_NO_TLS1_3
540	\|\| (min_version <= TLS1_3_VERSION0x0304 && TLS1_3_VERSION0x0304 <= max_version)
541	#endif
542	)
543	return 0;
544	}
545	return 1;
546	}
547
548	#if defined(__TANDEM) && defined(OPENSSL_VPROC)
549	/*
550	* Define a VPROC function for HP NonStop build ssl library.
551	* This is used by platform version identification tools.
552	* Do not inline this procedure or make it static.
553	*/
554	# define OPENSSL_VPROC_STRING_(x) x##_SSL
555	# define OPENSSL_VPROC_STRING(x) OPENSSL_VPROC_STRING_(x)
556	# define OPENSSL_VPROC_FUNC OPENSSL_VPROC_STRING(OPENSSL_VPROC)
557	void OPENSSL_VPROC_FUNC(void) {}
558	#endif
559
560
561	static void clear_ciphers(SSL *s)
562	{
563	/* clear the current cipher */
564	ssl_clear_cipher_ctx(s);
565	ssl_clear_hash_ctx(&s->read_hash);
566	ssl_clear_hash_ctx(&s->write_hash);
567	}
568
569	#ifndef OPENSSL_NO_QUIC
570	int SSL_clear(SSL *s)
571	{
572	if (!SSL_clear_not_quic(s))
573	return 0;
574	return SSL_clear_quic(s);
575	}
576
577	int SSL_clear_quic(SSL *s)
578	{
579	OPENSSL_free(s->ext.peer_quic_transport_params_draft)CRYPTO_free(s->ext.peer_quic_transport_params_draft, "../deps/openssl/openssl/ssl/ssl_lib.c" , 579);
580	s->ext.peer_quic_transport_params_draft = NULL((void*)0);
581	s->ext.peer_quic_transport_params_draft_len = 0;
582	OPENSSL_free(s->ext.peer_quic_transport_params)CRYPTO_free(s->ext.peer_quic_transport_params, "../deps/openssl/openssl/ssl/ssl_lib.c" , 582);
583	s->ext.peer_quic_transport_params = NULL((void*)0);
584	s->ext.peer_quic_transport_params_len = 0;
585	s->quic_read_level = ssl_encryption_initial;
586	s->quic_write_level = ssl_encryption_initial;
587	s->quic_latest_level_received = ssl_encryption_initial;
588	while (s->quic_input_data_head != NULL((void*)0)) {
589	QUIC_DATA *qd;
590
591	qd = s->quic_input_data_head;
592	s->quic_input_data_head = qd->next;
593	OPENSSL_free(qd)CRYPTO_free(qd, "../deps/openssl/openssl/ssl/ssl_lib.c", 593);
594	}
595	s->quic_input_data_tail = NULL((void*)0);
596	BUF_MEM_free(s->quic_buf);
597	s->quic_buf = NULL((void*)0);
598	s->quic_next_record_start = 0;
599	memset(s->client_hand_traffic_secret, 0, EVP_MAX_MD_SIZE64);
600	memset(s->server_hand_traffic_secret, 0, EVP_MAX_MD_SIZE64);
601	memset(s->client_early_traffic_secret, 0, EVP_MAX_MD_SIZE64);
602	/*
603	* CONFIG - DON'T CLEAR
604	* s->ext.quic_transport_params
605	* s->ext.quic_transport_params_len
606	* s->quic_transport_version
607	* s->quic_method = NULL;
608	*/
609	return 1;
610	}
611	#endif
612
613	/* Keep this conditional very local */
614	#ifndef OPENSSL_NO_QUIC
615	int SSL_clear_not_quic(SSL *s)
616	#else
617	int SSL_clear(SSL *s)
618	#endif
619	{
620	if (s->method == NULL((void*)0)) {
621	ERR_raise(ERR_LIB_SSL, SSL_R_NO_METHOD_SPECIFIED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,621,__func__), ERR_set_error)((20),(188),((void*)0));
622	return 0;
623	}
624
625	if (ssl_clear_bad_session(s)) {
626	SSL_SESSION_free(s->session);
627	s->session = NULL((void*)0);
628	}
629	SSL_SESSION_free(s->psksession);
630	s->psksession = NULL((void*)0);
631	OPENSSL_free(s->psksession_id)CRYPTO_free(s->psksession_id, "../deps/openssl/openssl/ssl/ssl_lib.c" , 631);
632	s->psksession_id = NULL((void*)0);
633	s->psksession_id_len = 0;
634	s->hello_retry_request = 0;
635	s->sent_tickets = 0;
636
637	s->error = 0;
638	s->hit = 0;
639	s->shutdown = 0;
640
641	if (s->renegotiate) {
642	ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,642,__func__), ERR_set_error)((20),((259\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
643	return 0;
644	}
645
646	ossl_statem_clear(s);
647
648	s->version = s->method->version;
649	s->client_version = s->version;
650	s->rwstate = SSL_NOTHING1;
651
652	BUF_MEM_free(s->init_buf);
653	s->init_buf = NULL((void*)0);
654	clear_ciphers(s);
655	s->first_packet = 0;
656
657	s->key_update = SSL_KEY_UPDATE_NONE-1;
658
659	EVP_MD_CTX_free(s->pha_dgst);
660	s->pha_dgst = NULL((void*)0);
661
662	/* Reset DANE verification result state */
663	s->dane.mdpth = -1;
664	s->dane.pdpth = -1;
665	X509_free(s->dane.mcert);
666	s->dane.mcert = NULL((void*)0);
667	s->dane.mtlsa = NULL((void*)0);
668
669	/* Clear the verification result peername */
670	X509_VERIFY_PARAM_move_peername(s->param, NULL((void*)0));
671
672	/* Clear any shared connection state */
673	OPENSSL_free(s->shared_sigalgs)CRYPTO_free(s->shared_sigalgs, "../deps/openssl/openssl/ssl/ssl_lib.c" , 673);
674	s->shared_sigalgs = NULL((void*)0);
675	s->shared_sigalgslen = 0;
676
677	/*
678	* Check to see if we were changed into a different method, if so, revert
679	* back.
680	*/
681	if (s->method != s->ctx->method) {
682	s->method->ssl_free(s);
683	s->method = s->ctx->method;
684	if (!s->method->ssl_new(s))
685	return 0;
686	} else {
687	if (!s->method->ssl_clear(s))
688	return 0;
689	}
690
691	RECORD_LAYER_clear(&s->rlayer);
692
693	return 1;
694	}
695
696	#ifndef OPENSSL_NO_DEPRECATED_3_0
697	/** Used to change an SSL_CTXs default SSL method type */
698	int SSL_CTX_set_ssl_version(SSL_CTX ctx, const SSL_METHOD meth)
699	{
700	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER *sk;
701
702	ctx->method = meth;
703
704	if (!SSL_CTX_set_ciphersuites(ctx, OSSL_default_ciphersuites())) {
705	ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,705,__func__), ERR_set_error)((20),(230),((void*)0));
706	return 0;
707	}
708	sk = ssl_create_cipher_list(ctx,
709	ctx->tls13_ciphersuites,
710	&(ctx->cipher_list),
711	&(ctx->cipher_list_by_id),
712	OSSL_default_cipher_list(), ctx->cert);
713	if ((sk == NULL((void*)0)) \|\| (sk_SSL_CIPHER_num(sk)OPENSSL_sk_num(ossl_check_const_SSL_CIPHER_sk_type(sk)) <= 0)) {
714	ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,714,__func__), ERR_set_error)((20),(230),((void*)0));
715	return 0;
716	}
717	return 1;
718	}
719	#endif
720
721	SSL SSL_new(SSL_CTX ctx)
722	{
723	SSL *s;
724
725	if (ctx == NULL((void*)0)) {
726	ERR_raise(ERR_LIB_SSL, SSL_R_NULL_SSL_CTX)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,726,__func__), ERR_set_error)((20),(195),((void*)0));
727	return NULL((void*)0);
728	}
729	if (ctx->method == NULL((void*)0)) {
730	ERR_raise(ERR_LIB_SSL, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,730,__func__), ERR_set_error)((20),(228),((void*)0));
731	return NULL((void*)0);
732	}
733
734	s = OPENSSL_zalloc(sizeof(s))CRYPTO_zalloc(sizeof(s), "../deps/openssl/openssl/ssl/ssl_lib.c" , 734);
735	if (s == NULL((void*)0))
736	goto err;
737
738	s->references = 1;
739	s->lock = CRYPTO_THREAD_lock_new();
740	if (s->lock == NULL((void*)0)) {
741	OPENSSL_free(s)CRYPTO_free(s, "../deps/openssl/openssl/ssl/ssl_lib.c", 741);
742	s = NULL((void*)0);
743	goto err;
744	}
745
746	RECORD_LAYER_init(&s->rlayer, s);
747
748	s->options = ctx->options;
749	s->dane.flags = ctx->dane.flags;
750	s->min_proto_version = ctx->min_proto_version;
751	s->max_proto_version = ctx->max_proto_version;
752	s->mode = ctx->mode;
753	s->max_cert_list = ctx->max_cert_list;
754	s->max_early_data = ctx->max_early_data;
755	s->recv_max_early_data = ctx->recv_max_early_data;
756	s->num_tickets = ctx->num_tickets;
757	s->pha_enabled = ctx->pha_enabled;
758
759	/* Shallow copy of the ciphersuites stack */
760	s->tls13_ciphersuites = sk_SSL_CIPHER_dup(ctx->tls13_ciphersuites)((struct stack_st_SSL_CIPHER *)OPENSSL_sk_dup(ossl_check_const_SSL_CIPHER_sk_type (ctx->tls13_ciphersuites)));
761	if (s->tls13_ciphersuites == NULL((void*)0))
762	goto err;
763
764	/*
765	* Earlier library versions used to copy the pointer to the CERT, not
766	* its contents; only when setting new parameters for the per-SSL
767	* copy, ssl_cert_new would be called (and the direct reference to
768	* the per-SSL_CTX settings would be lost, but those still were
769	* indirectly accessed for various purposes, and for that reason they
770	* used to be known as s->ctx->default_cert). Now we don't look at the
771	* SSL_CTX's CERT after having duplicated it once.
772	*/
773	s->cert = ssl_cert_dup(ctx->cert);
774	if (s->cert == NULL((void*)0))
775	goto err;
776
777	RECORD_LAYER_set_read_ahead(&s->rlayer, ctx->read_ahead)((&s->rlayer)->read_ahead = (ctx->read_ahead));
778	s->msg_callback = ctx->msg_callback;
779	s->msg_callback_arg = ctx->msg_callback_arg;
780	s->verify_mode = ctx->verify_mode;
781	s->not_resumable_session_cb = ctx->not_resumable_session_cb;
782	s->record_padding_cb = ctx->record_padding_cb;
783	s->record_padding_arg = ctx->record_padding_arg;
784	s->block_padding = ctx->block_padding;
785	s->sid_ctx_length = ctx->sid_ctx_length;
786	if (!ossl_assert(s->sid_ctx_length <= sizeof(s->sid_ctx))((s->sid_ctx_length <= sizeof(s->sid_ctx)) != 0))
787	goto err;
788	memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
789	s->verify_callback = ctx->default_verify_callback;
790	s->generate_session_id = ctx->generate_session_id;
791
792	s->param = X509_VERIFY_PARAM_new();
793	if (s->param == NULL((void*)0))
794	goto err;
795	X509_VERIFY_PARAM_inherit(s->param, ctx->param);
796	s->quiet_shutdown = ctx->quiet_shutdown;
797
798	s->ext.max_fragment_len_mode = ctx->ext.max_fragment_len_mode;
799	s->max_send_fragment = ctx->max_send_fragment;
800	s->split_send_fragment = ctx->split_send_fragment;
801	s->max_pipelines = ctx->max_pipelines;
802	if (s->max_pipelines > 1)
803	RECORD_LAYER_set_read_ahead(&s->rlayer, 1)((&s->rlayer)->read_ahead = (1));
804	if (ctx->default_read_buf_len > 0)
805	SSL_set_default_read_buffer_len(s, ctx->default_read_buf_len);
806
807	SSL_CTX_up_ref(ctx);
808	s->ctx = ctx;
809	s->ext.debug_cb = 0;
810	s->ext.debug_arg = NULL((void*)0);
811	s->ext.ticket_expected = 0;
812	s->ext.status_type = ctx->ext.status_type;
813	s->ext.status_expected = 0;
814	s->ext.ocsp.ids = NULL((void*)0);
815	s->ext.ocsp.exts = NULL((void*)0);
816	s->ext.ocsp.resp = NULL((void*)0);
817	s->ext.ocsp.resp_len = 0;
818	SSL_CTX_up_ref(ctx);
819	s->session_ctx = ctx;
820	if (ctx->ext.ecpointformats) {
821	s->ext.ecpointformats =
822	OPENSSL_memdup(ctx->ext.ecpointformats,CRYPTO_memdup((ctx->ext.ecpointformats), ctx->ext.ecpointformats_len , "../deps/openssl/openssl/ssl/ssl_lib.c", 823)
823	ctx->ext.ecpointformats_len)CRYPTO_memdup((ctx->ext.ecpointformats), ctx->ext.ecpointformats_len , "../deps/openssl/openssl/ssl/ssl_lib.c", 823);
824	if (!s->ext.ecpointformats) {
825	s->ext.ecpointformats_len = 0;
826	goto err;
827	}
828	s->ext.ecpointformats_len =
829	ctx->ext.ecpointformats_len;
830	}
831	if (ctx->ext.supportedgroups) {
832	s->ext.supportedgroups =
833	OPENSSL_memdup(ctx->ext.supportedgroups,CRYPTO_memdup((ctx->ext.supportedgroups), ctx->ext.supportedgroups_len * sizeof(*ctx->ext.supportedgroups), "../deps/openssl/openssl/ssl/ssl_lib.c" , 835)
834	ctx->ext.supportedgroups_lenCRYPTO_memdup((ctx->ext.supportedgroups), ctx->ext.supportedgroups_len * sizeof(*ctx->ext.supportedgroups), "../deps/openssl/openssl/ssl/ssl_lib.c" , 835)
835	* sizeof(ctx->ext.supportedgroups))CRYPTO_memdup((ctx->ext.supportedgroups), ctx->ext.supportedgroups_len sizeof(*ctx->ext.supportedgroups), "../deps/openssl/openssl/ssl/ssl_lib.c" , 835);
836	if (!s->ext.supportedgroups) {
837	s->ext.supportedgroups_len = 0;
838	goto err;
839	}
840	s->ext.supportedgroups_len = ctx->ext.supportedgroups_len;
841	}
842
843	#ifndef OPENSSL_NO_NEXTPROTONEG
844	s->ext.npn = NULL((void*)0);
845	#endif
846
847	if (s->ctx->ext.alpn) {
848	s->ext.alpn = OPENSSL_malloc(s->ctx->ext.alpn_len)CRYPTO_malloc(s->ctx->ext.alpn_len, "../deps/openssl/openssl/ssl/ssl_lib.c" , 848);
849	if (s->ext.alpn == NULL((void*)0)) {
850	s->ext.alpn_len = 0;
851	goto err;
852	}
853	memcpy(s->ext.alpn, s->ctx->ext.alpn, s->ctx->ext.alpn_len);
854	s->ext.alpn_len = s->ctx->ext.alpn_len;
855	}
856
857	s->verified_chain = NULL((void*)0);
858	s->verify_result = X509_V_OK0;
859
860	s->default_passwd_callback = ctx->default_passwd_callback;
861	s->default_passwd_callback_userdata = ctx->default_passwd_callback_userdata;
862
863	s->method = ctx->method;
864
865	s->key_update = SSL_KEY_UPDATE_NONE-1;
866
867	s->allow_early_data_cb = ctx->allow_early_data_cb;
868	s->allow_early_data_cb_data = ctx->allow_early_data_cb_data;
869
870	if (!s->method->ssl_new(s))
871	goto err;
872
873	s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
874
875	if (!SSL_clear(s))
876	goto err;
877
878	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL0, s, &s->ex_data))
879	goto err;
880
881	#ifndef OPENSSL_NO_PSK
882	s->psk_client_callback = ctx->psk_client_callback;
883	s->psk_server_callback = ctx->psk_server_callback;
884	#endif
885	s->psk_find_session_cb = ctx->psk_find_session_cb;
886	s->psk_use_session_cb = ctx->psk_use_session_cb;
887
888	s->async_cb = ctx->async_cb;
889	s->async_cb_arg = ctx->async_cb_arg;
890
891	s->job = NULL((void*)0);
892
893	#ifndef OPENSSL_NO_QUIC
894	s->quic_method = ctx->quic_method;
895	#endif
896
897	#ifndef OPENSSL_NO_CT
898	if (!SSL_set_ct_validation_callback(s, ctx->ct_validation_callback,
899	ctx->ct_validation_callback_arg))
900	goto err;
901	#endif
902
903	return s;
904	err:
905	SSL_free(s);
906	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,906,__func__), ERR_set_error)((20),((256\|((0x1 << 18L) \|(0x2 << 18L)))),((void*)0));
907	return NULL((void*)0);
908	}
909
910	int SSL_is_dtls(const SSL *s)
911	{
912	return SSL_IS_DTLS(s)(s->method->ssl3_enc->enc_flags & 0x8) ? 1 : 0;
913	}
914
915	int SSL_up_ref(SSL *s)
916	{
917	int i;
918
919	if (CRYPTO_UP_REF(&s->references, &i, s->lock) <= 0)
920	return 0;
921
922	REF_PRINT_COUNT("SSL", s)((void)0);;
923	REF_ASSERT_ISNT(i < 2);
924	return ((i > 1) ? 1 : 0);
925	}
926
927	int SSL_CTX_set_session_id_context(SSL_CTX ctx, const unsigned char sid_ctx,
928	unsigned int sid_ctx_len)
929	{
930	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH32) {
931	ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,931,__func__), ERR_set_error)((20),(273),((void*)0));
932	return 0;
933	}
934	ctx->sid_ctx_length = sid_ctx_len;
935	memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
936
937	return 1;
938	}
939
940	int SSL_set_session_id_context(SSL ssl, const unsigned char sid_ctx,
941	unsigned int sid_ctx_len)
942	{
943	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH32) {
944	ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,944,__func__), ERR_set_error)((20),(273),((void*)0));
945	return 0;
946	}
947	ssl->sid_ctx_length = sid_ctx_len;
948	memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
949
950	return 1;
951	}
952
953	int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
954	{
955	if (!CRYPTO_THREAD_write_lock(ctx->lock))
956	return 0;
957	ctx->generate_session_id = cb;
958	CRYPTO_THREAD_unlock(ctx->lock);
959	return 1;
960	}
961
962	int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
963	{
964	if (!CRYPTO_THREAD_write_lock(ssl->lock))
965	return 0;
966	ssl->generate_session_id = cb;
967	CRYPTO_THREAD_unlock(ssl->lock);
968	return 1;
969	}
970
971	int SSL_has_matching_session_id(const SSL ssl, const unsigned char id,
972	unsigned int id_len)
973	{
974	/*
975	* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
976	* we can "construct" a session to give us the desired check - i.e. to
977	* find if there's a session in the hash table that would conflict with
978	* any new session built out of this id/id_len and the ssl_version in use
979	* by this SSL.
980	*/
981	SSL_SESSION r, *p;
982
983	if (id_len > sizeof(r.session_id))
984	return 0;
985
986	r.ssl_version = ssl->version;
987	r.session_id_length = id_len;
988	memcpy(r.session_id, id, id_len);
989
990	if (!CRYPTO_THREAD_read_lock(ssl->session_ctx->lock))
991	return 0;
992	p = lh_SSL_SESSION_retrieve(ssl->session_ctx->sessions, &r);
993	CRYPTO_THREAD_unlock(ssl->session_ctx->lock);
994	return (p != NULL((void*)0));
995	}
996
997	int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
998	{
999	return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
1000	}
1001
1002	int SSL_set_purpose(SSL *s, int purpose)
1003	{
1004	return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
1005	}
1006
1007	int SSL_CTX_set_trust(SSL_CTX *s, int trust)
1008	{
1009	return X509_VERIFY_PARAM_set_trust(s->param, trust);
1010	}
1011
1012	int SSL_set_trust(SSL *s, int trust)
1013	{
1014	return X509_VERIFY_PARAM_set_trust(s->param, trust);
1015	}
1016
1017	int SSL_set1_host(SSL s, const char hostname)
1018	{
1019	/* If a hostname is provided and parses as an IP address,
1020	* treat it as such. */
1021	if (hostname && X509_VERIFY_PARAM_set1_ip_asc(s->param, hostname) == 1)
1022	return 1;
1023
1024	return X509_VERIFY_PARAM_set1_host(s->param, hostname, 0);
1025	}
1026
1027	int SSL_add1_host(SSL s, const char hostname)
1028	{
1029	/* If a hostname is provided and parses as an IP address,
1030	* treat it as such. */
1031	if (hostname)
1032	{
1033	ASN1_OCTET_STRING *ip;
1034	char *old_ip;
1035
1036	ip = a2i_IPADDRESS(hostname);
1037	if (ip) {
1038	/* We didn't want it; only to check if it is an IP address */
1039	ASN1_OCTET_STRING_free(ip);
1040
1041	old_ip = X509_VERIFY_PARAM_get1_ip_asc(s->param);
1042	if (old_ip)
1043	{
1044	OPENSSL_free(old_ip)CRYPTO_free(old_ip, "../deps/openssl/openssl/ssl/ssl_lib.c", 1044 );
1045	/* There can be only one IP address */
1046	return 0;
1047	}
1048
1049	return X509_VERIFY_PARAM_set1_ip_asc(s->param, hostname);
1050	}
1051	}
1052
1053	return X509_VERIFY_PARAM_add1_host(s->param, hostname, 0);
1054	}
1055
1056	void SSL_set_hostflags(SSL *s, unsigned int flags)
1057	{
1058	X509_VERIFY_PARAM_set_hostflags(s->param, flags);
1059	}
1060
1061	const char SSL_get0_peername(SSL s)
1062	{
1063	return X509_VERIFY_PARAM_get0_peername(s->param);
1064	}
1065
1066	int SSL_CTX_dane_enable(SSL_CTX *ctx)
1067	{
1068	return dane_ctx_enable(&ctx->dane);
1069	}
1070
1071	unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags)
1072	{
1073	unsigned long orig = ctx->dane.flags;
1074
1075	ctx->dane.flags \|= flags;
1076	return orig;
1077	}
1078
1079	unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags)
1080	{
1081	unsigned long orig = ctx->dane.flags;
1082
1083	ctx->dane.flags &= ~flags;
1084	return orig;
1085	}
1086
1087	int SSL_dane_enable(SSL s, const char basedomain)
1088	{
1089	SSL_DANE *dane = &s->dane;
1090
1091	if (s->ctx->dane.mdmax == 0) {
1092	ERR_raise(ERR_LIB_SSL, SSL_R_CONTEXT_NOT_DANE_ENABLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1092,__func__), ERR_set_error)((20),(167),((void*)0));
1093	return 0;
1094	}
1095	if (dane->trecs != NULL((void*)0)) {
1096	ERR_raise(ERR_LIB_SSL, SSL_R_DANE_ALREADY_ENABLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1096,__func__), ERR_set_error)((20),(172),((void*)0));
1097	return 0;
1098	}
1099
1100	/*
1101	* Default SNI name. This rejects empty names, while set1_host below
1102	* accepts them and disables host name checks. To avoid side-effects with
1103	* invalid input, set the SNI name first.
1104	*/
1105	if (s->ext.hostname == NULL((void*)0)) {
1106	if (!SSL_set_tlsext_host_name(s, basedomain)SSL_ctrl(s,55,0, (void *)basedomain)) {
1107	ERR_raise(ERR_LIB_SSL, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1107,__func__), ERR_set_error)((20),(204),((void*)0));
1108	return -1;
1109	}
1110	}
1111
1112	/* Primary RFC6125 reference identifier */
1113	if (!X509_VERIFY_PARAM_set1_host(s->param, basedomain, 0)) {
1114	ERR_raise(ERR_LIB_SSL, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1114,__func__), ERR_set_error)((20),(204),((void*)0));
1115	return -1;
1116	}
1117
1118	dane->mdpth = -1;
1119	dane->pdpth = -1;
1120	dane->dctx = &s->ctx->dane;
1121	dane->trecs = sk_danetls_record_new_null();
1122
1123	if (dane->trecs == NULL((void*)0)) {
1124	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1124,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
1125	return -1;
1126	}
1127	return 1;
1128	}
1129
1130	unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags)
1131	{
1132	unsigned long orig = ssl->dane.flags;
1133
1134	ssl->dane.flags \|= flags;
1135	return orig;
1136	}
1137
1138	unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags)
1139	{
1140	unsigned long orig = ssl->dane.flags;
1141
1142	ssl->dane.flags &= ~flags;
1143	return orig;
1144	}
1145
1146	int SSL_get0_dane_authority(SSL s, X509 mcert, EVP_PKEY *mspki)
1147	{
1148	SSL_DANE *dane = &s->dane;
1149
1150	if (!DANETLS_ENABLED(dane)((dane) != ((void*)0) && sk_danetls_record_num((dane) ->trecs) > 0) \|\| s->verify_result != X509_V_OK0)
1151	return -1;
1152	if (dane->mtlsa) {
1153	if (mcert)
1154	*mcert = dane->mcert;
1155	if (mspki)
1156	mspki = (dane->mcert == NULL((void)0)) ? dane->mtlsa->spki : NULL((void*)0);
1157	}
1158	return dane->mdpth;
1159	}
1160
1161	int SSL_get0_dane_tlsa(SSL s, uint8_t usage, uint8_t *selector,
1162	uint8_t mtype, const unsigned char data, size_t dlen)
1163	{
1164	SSL_DANE *dane = &s->dane;
1165
1166	if (!DANETLS_ENABLED(dane)((dane) != ((void*)0) && sk_danetls_record_num((dane) ->trecs) > 0) \|\| s->verify_result != X509_V_OK0)
1167	return -1;
1168	if (dane->mtlsa) {
1169	if (usage)
1170	*usage = dane->mtlsa->usage;
1171	if (selector)
1172	*selector = dane->mtlsa->selector;
1173	if (mtype)
1174	*mtype = dane->mtlsa->mtype;
1175	if (data)
1176	*data = dane->mtlsa->data;
1177	if (dlen)
1178	*dlen = dane->mtlsa->dlen;
1179	}
1180	return dane->mdpth;
1181	}
1182
1183	SSL_DANE SSL_get0_dane(SSL s)
1184	{
1185	return &s->dane;
1186	}
1187
1188	int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
1189	uint8_t mtype, const unsigned char *data, size_t dlen)
1190	{
1191	return dane_tlsa_add(&s->dane, usage, selector, mtype, data, dlen);
1192	}
1193
1194	int SSL_CTX_dane_mtype_set(SSL_CTX ctx, const EVP_MD md, uint8_t mtype,
1195	uint8_t ord)
1196	{
1197	return dane_mtype_set(&ctx->dane, md, mtype, ord);
1198	}
1199
1200	int SSL_CTX_set1_param(SSL_CTX ctx, X509_VERIFY_PARAM vpm)
1201	{
1202	return X509_VERIFY_PARAM_set1(ctx->param, vpm);
1203	}
1204
1205	int SSL_set1_param(SSL ssl, X509_VERIFY_PARAM vpm)
1206	{
1207	return X509_VERIFY_PARAM_set1(ssl->param, vpm);
1208	}
1209
1210	X509_VERIFY_PARAM SSL_CTX_get0_param(SSL_CTX ctx)
1211	{
1212	return ctx->param;
1213	}
1214
1215	X509_VERIFY_PARAM SSL_get0_param(SSL ssl)
1216	{
1217	return ssl->param;
1218	}
1219
1220	void SSL_certs_clear(SSL *s)
1221	{
1222	ssl_cert_clear_certs(s->cert);
1223	}
1224
1225	void SSL_free(SSL *s)
1226	{
1227	int i;
1228
1229	if (s == NULL((void*)0))
1230	return;
1231	CRYPTO_DOWN_REF(&s->references, &i, s->lock);
1232	REF_PRINT_COUNT("SSL", s)((void)0);;
1233	if (i > 0)
1234	return;
1235	REF_ASSERT_ISNT(i < 0);
1236
1237	X509_VERIFY_PARAM_free(s->param);
1238	dane_final(&s->dane);
1239	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL0, s, &s->ex_data);
1240
1241	RECORD_LAYER_release(&s->rlayer);
1242
1243	/* Ignore return value */
1244	ssl_free_wbio_buffer(s);
1245
1246	BIO_free_all(s->wbio);
1247	s->wbio = NULL((void*)0);
1248	BIO_free_all(s->rbio);
1249	s->rbio = NULL((void*)0);
1250
1251	BUF_MEM_free(s->init_buf);
1252
1253	/* add extra stuff */
1254	sk_SSL_CIPHER_free(s->cipher_list)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(s->cipher_list ));
1255	sk_SSL_CIPHER_free(s->cipher_list_by_id)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(s->cipher_list_by_id ));
1256	sk_SSL_CIPHER_free(s->tls13_ciphersuites)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(s->tls13_ciphersuites ));
1257	sk_SSL_CIPHER_free(s->peer_ciphers)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(s->peer_ciphers ));
1258
1259	/* Make the next call work :-) */
1260	if (s->session != NULL((void*)0)) {
1261	ssl_clear_bad_session(s);
1262	SSL_SESSION_free(s->session);
1263	}
1264	SSL_SESSION_free(s->psksession);
1265	OPENSSL_free(s->psksession_id)CRYPTO_free(s->psksession_id, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1265);
1266
1267	clear_ciphers(s);
1268
1269	ssl_cert_free(s->cert);
1270	OPENSSL_free(s->shared_sigalgs)CRYPTO_free(s->shared_sigalgs, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1270);
1271	/* Free up if allocated */
1272
1273	OPENSSL_free(s->ext.hostname)CRYPTO_free(s->ext.hostname, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1273);
1274	SSL_CTX_free(s->session_ctx);
1275	OPENSSL_free(s->ext.ecpointformats)CRYPTO_free(s->ext.ecpointformats, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1275);
1276	OPENSSL_free(s->ext.peer_ecpointformats)CRYPTO_free(s->ext.peer_ecpointformats, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1276);
1277	OPENSSL_free(s->ext.supportedgroups)CRYPTO_free(s->ext.supportedgroups, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1277);
1278	OPENSSL_free(s->ext.peer_supportedgroups)CRYPTO_free(s->ext.peer_supportedgroups, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1278);
1279	sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts, X509_EXTENSION_free)OPENSSL_sk_pop_free(ossl_check_X509_EXTENSION_sk_type(s->ext .ocsp.exts),ossl_check_X509_EXTENSION_freefunc_type(X509_EXTENSION_free ));
1280	#ifndef OPENSSL_NO_OCSP
1281	sk_OCSP_RESPID_pop_free(s->ext.ocsp.ids, OCSP_RESPID_free)OPENSSL_sk_pop_free(ossl_check_OCSP_RESPID_sk_type(s->ext. ocsp.ids),ossl_check_OCSP_RESPID_freefunc_type(OCSP_RESPID_free ));
1282	#endif
1283	#ifndef OPENSSL_NO_CT
1284	SCT_LIST_free(s->scts);
1285	OPENSSL_free(s->ext.scts)CRYPTO_free(s->ext.scts, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1285);
1286	#endif
1287	OPENSSL_free(s->ext.ocsp.resp)CRYPTO_free(s->ext.ocsp.resp, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1287);
1288	OPENSSL_free(s->ext.alpn)CRYPTO_free(s->ext.alpn, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1288);
1289	OPENSSL_free(s->ext.tls13_cookie)CRYPTO_free(s->ext.tls13_cookie, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1289);
1290	if (s->clienthello != NULL((void*)0))
1291	OPENSSL_free(s->clienthello->pre_proc_exts)CRYPTO_free(s->clienthello->pre_proc_exts, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1291);
1292	OPENSSL_free(s->clienthello)CRYPTO_free(s->clienthello, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1292);
1293	OPENSSL_free(s->pha_context)CRYPTO_free(s->pha_context, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1293);
1294	EVP_MD_CTX_free(s->pha_dgst);
1295
1296	#ifndef OPENSSL_NO_QUIC
1297	OPENSSL_free(s->ext.quic_transport_params)CRYPTO_free(s->ext.quic_transport_params, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1297);
1298	OPENSSL_free(s->ext.peer_quic_transport_params_draft)CRYPTO_free(s->ext.peer_quic_transport_params_draft, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1298);
1299	OPENSSL_free(s->ext.peer_quic_transport_params)CRYPTO_free(s->ext.peer_quic_transport_params, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1299);
1300	BUF_MEM_free(s->quic_buf);
1301	while (s->quic_input_data_head != NULL((void*)0)) {
1302	QUIC_DATA *qd;
1303
1304	qd = s->quic_input_data_head;
1305	s->quic_input_data_head = qd->next;
1306	OPENSSL_free(qd)CRYPTO_free(qd, "../deps/openssl/openssl/ssl/ssl_lib.c", 1306 );
1307	}
1308	#endif
1309
1310	sk_X509_NAME_pop_free(s->ca_names, X509_NAME_free)OPENSSL_sk_pop_free(ossl_check_X509_NAME_sk_type(s->ca_names ),ossl_check_X509_NAME_freefunc_type(X509_NAME_free));
1311	sk_X509_NAME_pop_free(s->client_ca_names, X509_NAME_free)OPENSSL_sk_pop_free(ossl_check_X509_NAME_sk_type(s->client_ca_names ),ossl_check_X509_NAME_freefunc_type(X509_NAME_free));
1312
1313	sk_X509_pop_free(s->verified_chain, X509_free)OPENSSL_sk_pop_free(ossl_check_X509_sk_type(s->verified_chain ),ossl_check_X509_freefunc_type(X509_free));
1314
1315	if (s->method != NULL((void*)0))
1316	s->method->ssl_free(s);
1317
1318	SSL_CTX_free(s->ctx);
1319
1320	ASYNC_WAIT_CTX_free(s->waitctx);
1321
1322	#if !defined(OPENSSL_NO_NEXTPROTONEG)
1323	OPENSSL_free(s->ext.npn)CRYPTO_free(s->ext.npn, "../deps/openssl/openssl/ssl/ssl_lib.c" , 1323);
1324	#endif
1325
1326	#ifndef OPENSSL_NO_SRTP
1327	sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles)OPENSSL_sk_free(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(s-> srtp_profiles));
1328	#endif
1329
1330	CRYPTO_THREAD_lock_free(s->lock);
1331
1332	OPENSSL_free(s)CRYPTO_free(s, "../deps/openssl/openssl/ssl/ssl_lib.c", 1332);
1333	}
1334
1335	void SSL_set0_rbio(SSL s, BIO rbio)
1336	{
1337	BIO_free_all(s->rbio);
1338	s->rbio = rbio;
1339	}
1340
1341	void SSL_set0_wbio(SSL s, BIO wbio)
1342	{
1343	/*
1344	* If the output buffering BIO is still in place, remove it
1345	*/
1346	if (s->bbio != NULL((void*)0))
1347	s->wbio = BIO_pop(s->wbio);
1348
1349	BIO_free_all(s->wbio);
1350	s->wbio = wbio;
1351
1352	/* Re-attach \|bbio\| to the new \|wbio\|. */
1353	if (s->bbio != NULL((void*)0))
1354	s->wbio = BIO_push(s->bbio, s->wbio);
1355	}
1356
1357	void SSL_set_bio(SSL s, BIO rbio, BIO *wbio)
1358	{
1359	/*
1360	* For historical reasons, this function has many different cases in
1361	* ownership handling.
1362	*/
1363
1364	/* If nothing has changed, do nothing */
1365	if (rbio == SSL_get_rbio(s) && wbio == SSL_get_wbio(s))
1366	return;
1367
1368	/*
1369	* If the two arguments are equal then one fewer reference is granted by the
1370	* caller than we want to take
1371	*/
1372	if (rbio != NULL((void*)0) && rbio == wbio)
1373	BIO_up_ref(rbio);
1374
1375	/*
1376	* If only the wbio is changed only adopt one reference.
1377	*/
1378	if (rbio == SSL_get_rbio(s)) {
1379	SSL_set0_wbio(s, wbio);
1380	return;
1381	}
1382	/*
1383	* There is an asymmetry here for historical reasons. If only the rbio is
1384	* changed AND the rbio and wbio were originally different, then we only
1385	* adopt one reference.
1386	*/
1387	if (wbio == SSL_get_wbio(s) && SSL_get_rbio(s) != SSL_get_wbio(s)) {
1388	SSL_set0_rbio(s, rbio);
1389	return;
1390	}
1391
1392	/* Otherwise, adopt both references. */
1393	SSL_set0_rbio(s, rbio);
1394	SSL_set0_wbio(s, wbio);
1395	}
1396
1397	BIO SSL_get_rbio(const SSL s)
1398	{
1399	return s->rbio;
1400	}
1401
1402	BIO SSL_get_wbio(const SSL s)
1403	{
1404	if (s->bbio != NULL((void*)0)) {
1405	/*
1406	* If \|bbio\| is active, the true caller-configured BIO is its
1407	* \|next_bio\|.
1408	*/
1409	return BIO_next(s->bbio);
1410	}
1411	return s->wbio;
1412	}
1413
1414	int SSL_get_fd(const SSL *s)
1415	{
1416	return SSL_get_rfd(s);
1417	}
1418
1419	int SSL_get_rfd(const SSL *s)
1420	{
1421	int ret = -1;
1422	BIO b, r;
1423
1424	b = SSL_get_rbio(s);
1425	r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR0x0100);
1426	if (r != NULL((void*)0))
1427	BIO_get_fd(r, &ret)BIO_ctrl(r,105,0,(char *)(&ret));
1428	return ret;
1429	}
1430
1431	int SSL_get_wfd(const SSL *s)
1432	{
1433	int ret = -1;
1434	BIO b, r;
1435
1436	b = SSL_get_wbio(s);
1437	r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR0x0100);
1438	if (r != NULL((void*)0))
1439	BIO_get_fd(r, &ret)BIO_ctrl(r,105,0,(char *)(&ret));
1440	return ret;
1441	}
1442
1443	#ifndef OPENSSL_NO_SOCK
1444	int SSL_set_fd(SSL *s, int fd)
1445	{
1446	int ret = 0;
1447	BIO bio = NULL((void)0);
1448
1449	bio = BIO_new(BIO_s_socket());
1450
1451	if (bio == NULL((void*)0)) {
1452	ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1452,__func__), ERR_set_error)((20),((7 \| (0x2 << 18L) )),((void*)0));
1453	goto err;
1454	}
1455	BIO_set_fd(bio, fd, BIO_NOCLOSE)BIO_int_ctrl(bio,104,0x00,fd);
1456	SSL_set_bio(s, bio, bio);
1457	#ifndef OPENSSL_NO_KTLS
1458	/*
1459	* The new socket is created successfully regardless of ktls_enable.
1460	* ktls_enable doesn't change any functionality of the socket, except
1461	* changing the setsockopt to enable the processing of ktls_start.
1462	* Thus, it is not a problem to call it for non-TLS sockets.
1463	*/
1464	ktls_enable(fd);
1465	#endif /* OPENSSL_NO_KTLS */
1466	ret = 1;
1467	err:
1468	return ret;
1469	}
1470
1471	int SSL_set_wfd(SSL *s, int fd)
1472	{
1473	BIO *rbio = SSL_get_rbio(s);
1474
1475	if (rbio == NULL((void*)0) \|\| BIO_method_type(rbio) != BIO_TYPE_SOCKET( 5\|0x0400\|0x0100)
1476	\|\| (int)BIO_get_fd(rbio, NULL)BIO_ctrl(rbio,105,0,(char )(((void)0))) != fd) {
1477	BIO *bio = BIO_new(BIO_s_socket());
1478
1479	if (bio == NULL((void*)0)) {
1480	ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1480,__func__), ERR_set_error)((20),((7 \| (0x2 << 18L) )),((void*)0));
1481	return 0;
1482	}
1483	BIO_set_fd(bio, fd, BIO_NOCLOSE)BIO_int_ctrl(bio,104,0x00,fd);
1484	SSL_set0_wbio(s, bio);
1485	#ifndef OPENSSL_NO_KTLS
1486	/*
1487	* The new socket is created successfully regardless of ktls_enable.
1488	* ktls_enable doesn't change any functionality of the socket, except
1489	* changing the setsockopt to enable the processing of ktls_start.
1490	* Thus, it is not a problem to call it for non-TLS sockets.
1491	*/
1492	ktls_enable(fd);
1493	#endif /* OPENSSL_NO_KTLS */
1494	} else {
1495	BIO_up_ref(rbio);
1496	SSL_set0_wbio(s, rbio);
1497	}
1498	return 1;
1499	}
1500
1501	int SSL_set_rfd(SSL *s, int fd)
1502	{
1503	BIO *wbio = SSL_get_wbio(s);
1504
1505	if (wbio == NULL((void*)0) \|\| BIO_method_type(wbio) != BIO_TYPE_SOCKET( 5\|0x0400\|0x0100)
1506	\|\| ((int)BIO_get_fd(wbio, NULL)BIO_ctrl(wbio,105,0,(char )(((void)0))) != fd)) {
1507	BIO *bio = BIO_new(BIO_s_socket());
1508
1509	if (bio == NULL((void*)0)) {
1510	ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1510,__func__), ERR_set_error)((20),((7 \| (0x2 << 18L) )),((void*)0));
1511	return 0;
1512	}
1513	BIO_set_fd(bio, fd, BIO_NOCLOSE)BIO_int_ctrl(bio,104,0x00,fd);
1514	SSL_set0_rbio(s, bio);
1515	} else {
1516	BIO_up_ref(wbio);
1517	SSL_set0_rbio(s, wbio);
1518	}
1519
1520	return 1;
1521	}
1522	#endif
1523
1524	/* return length of latest Finished message we sent, copy to 'buf' */
1525	size_t SSL_get_finished(const SSL s, void buf, size_t count)
1526	{
1527	size_t ret = 0;
1528
1529	ret = s->s3.tmp.finish_md_len;
1530	if (count > ret)
1531	count = ret;
1532	memcpy(buf, s->s3.tmp.finish_md, count);
1533	return ret;
1534	}
1535
1536	/* return length of latest Finished message we expected, copy to 'buf' */
1537	size_t SSL_get_peer_finished(const SSL s, void buf, size_t count)
1538	{
1539	size_t ret = 0;
1540
1541	ret = s->s3.tmp.peer_finish_md_len;
1542	if (count > ret)
1543	count = ret;
1544	memcpy(buf, s->s3.tmp.peer_finish_md, count);
1545	return ret;
1546	}
1547
1548	int SSL_get_verify_mode(const SSL *s)
1549	{
1550	return s->verify_mode;
1551	}
1552
1553	int SSL_get_verify_depth(const SSL *s)
1554	{
1555	return X509_VERIFY_PARAM_get_depth(s->param);
1556	}
1557
1558	int (SSL_get_verify_callback(const SSL s)) (int, X509_STORE_CTX *) {
1559	return s->verify_callback;
1560	}
1561
1562	int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
1563	{
1564	return ctx->verify_mode;
1565	}
1566
1567	int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
1568	{
1569	return X509_VERIFY_PARAM_get_depth(ctx->param);
1570	}
1571
1572	int (SSL_CTX_get_verify_callback(const SSL_CTX ctx)) (int, X509_STORE_CTX *) {
1573	return ctx->default_verify_callback;
1574	}
1575
1576	void SSL_set_verify(SSL *s, int mode,
1577	int (callback) (int ok, X509_STORE_CTX ctx))
1578	{
1579	s->verify_mode = mode;
1580	if (callback != NULL((void*)0))
1581	s->verify_callback = callback;
1582	}
1583
1584	void SSL_set_verify_depth(SSL *s, int depth)
1585	{
1586	X509_VERIFY_PARAM_set_depth(s->param, depth);
1587	}
1588
1589	void SSL_set_read_ahead(SSL *s, int yes)
1590	{
1591	RECORD_LAYER_set_read_ahead(&s->rlayer, yes)((&s->rlayer)->read_ahead = (yes));
1592	}
1593
1594	int SSL_get_read_ahead(const SSL *s)
1595	{
1596	return RECORD_LAYER_get_read_ahead(&s->rlayer)((&s->rlayer)->read_ahead);
1597	}
1598
1599	int SSL_pending(const SSL *s)
1600	{
1601	size_t pending = s->method->ssl_pending(s);
1602
1603	/*
1604	* SSL_pending cannot work properly if read-ahead is enabled
1605	* (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is
1606	* impossible to fix since SSL_pending cannot report errors that may be
1607	* observed while scanning the new data. (Note that SSL_pending() is
1608	* often used as a boolean value, so we'd better not return -1.)
1609	*
1610	* SSL_pending also cannot work properly if the value >INT_MAX. In that case
1611	* we just return INT_MAX.
1612	*/
1613	return pending < INT_MAX2147483647 ? (int)pending : INT_MAX2147483647;
1614	}
1615
1616	int SSL_has_pending(const SSL *s)
1617	{
1618	/*
1619	* Similar to SSL_pending() but returns a 1 to indicate that we have
1620	* unprocessed data available or 0 otherwise (as opposed to the number of
1621	* bytes available). Unlike SSL_pending() this will take into account
1622	* read_ahead data. A 1 return simply indicates that we have unprocessed
1623	* data. That data may not result in any application data, or we may fail
1624	* to parse the records for some reason.
1625	*/
1626	if (RECORD_LAYER_processed_read_pending(&s->rlayer))
1627	return 1;
1628
1629	return RECORD_LAYER_read_pending(&s->rlayer);
1630	}
1631
1632	X509 SSL_get1_peer_certificate(const SSL s)
1633	{
1634	X509 *r = SSL_get0_peer_certificate(s);
1635
1636	if (r != NULL((void*)0))
1637	X509_up_ref(r);
1638
1639	return r;
1640	}
1641
1642	X509 SSL_get0_peer_certificate(const SSL s)
1643	{
1644	if ((s == NULL((void)0)) \|\| (s->session == NULL((void)0)))
1645	return NULL((void*)0);
1646	else
1647	return s->session->peer;
1648	}
1649
1650	STACK_OF(X509)struct stack_st_X509 SSL_get_peer_cert_chain(const SSL s)
1651	{
1652	STACK_OF(X509)struct stack_st_X509 *r;
1653
1654	if ((s == NULL((void)0)) \|\| (s->session == NULL((void)0)))
1655	r = NULL((void*)0);
1656	else
1657	r = s->session->peer_chain;
1658
1659	/*
1660	* If we are a client, cert_chain includes the peer's own certificate; if
1661	* we are a server, it does not.
1662	*/
1663
1664	return r;
1665	}
1666
1667	/*
1668	* Now in theory, since the calling process own 't' it should be safe to
1669	* modify. We need to be able to read f without being hassled
1670	*/
1671	int SSL_copy_session_id(SSL t, const SSL f)
1672	{
1673	int i;
1674	/* Do we need to do SSL locking? */
1675	if (!SSL_set_session(t, SSL_get_session(f))) {
1676	return 0;
1677	}
1678
1679	/*
1680	* what if we are setup for one protocol version but want to talk another
1681	*/
1682	if (t->method != f->method) {
1683	t->method->ssl_free(t);
1684	t->method = f->method;
1685	if (t->method->ssl_new(t) == 0)
1686	return 0;
1687	}
1688
1689	CRYPTO_UP_REF(&f->cert->references, &i, f->cert->lock);
1690	ssl_cert_free(t->cert);
1691	t->cert = f->cert;
1692	if (!SSL_set_session_id_context(t, f->sid_ctx, (int)f->sid_ctx_length)) {
1693	return 0;
1694	}
1695
1696	return 1;
1697	}
1698
1699	/* Fix this so it checks all the valid key/cert options */
1700	int SSL_CTX_check_private_key(const SSL_CTX *ctx)
1701	{
1702	if ((ctx == NULL((void)0)) \|\| (ctx->cert->key->x509 == NULL((void)0))) {
1703	ERR_raise(ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_ASSIGNED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1703,__func__), ERR_set_error)((20),(177),((void*)0));
1704	return 0;
1705	}
1706	if (ctx->cert->key->privatekey == NULL((void*)0)) {
1707	ERR_raise(ERR_LIB_SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1707,__func__), ERR_set_error)((20),(190),((void*)0));
1708	return 0;
1709	}
1710	return X509_check_private_key
1711	(ctx->cert->key->x509, ctx->cert->key->privatekey);
1712	}
1713
1714	/* Fix this function so that it takes an optional type parameter */
1715	int SSL_check_private_key(const SSL *ssl)
1716	{
1717	if (ssl == NULL((void*)0)) {
1718	ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1718,__func__), ERR_set_error)((20),((258\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
1719	return 0;
1720	}
1721	if (ssl->cert->key->x509 == NULL((void*)0)) {
1722	ERR_raise(ERR_LIB_SSL, SSL_R_NO_CERTIFICATE_ASSIGNED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1722,__func__), ERR_set_error)((20),(177),((void*)0));
1723	return 0;
1724	}
1725	if (ssl->cert->key->privatekey == NULL((void*)0)) {
1726	ERR_raise(ERR_LIB_SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1726,__func__), ERR_set_error)((20),(190),((void*)0));
1727	return 0;
1728	}
1729	return X509_check_private_key(ssl->cert->key->x509,
1730	ssl->cert->key->privatekey);
1731	}
1732
1733	int SSL_waiting_for_async(SSL *s)
1734	{
1735	if (s->job)
1736	return 1;
1737
1738	return 0;
1739	}
1740
1741	int SSL_get_all_async_fds(SSL s, OSSL_ASYNC_FDint fds, size_t *numfds)
1742	{
1743	ASYNC_WAIT_CTX *ctx = s->waitctx;
1744
1745	if (ctx == NULL((void*)0))
1746	return 0;
1747	return ASYNC_WAIT_CTX_get_all_fds(ctx, fds, numfds);
1748	}
1749
1750	int SSL_get_changed_async_fds(SSL s, OSSL_ASYNC_FDint addfd, size_t *numaddfds,
1751	OSSL_ASYNC_FDint delfd, size_t numdelfds)
1752	{
1753	ASYNC_WAIT_CTX *ctx = s->waitctx;
1754
1755	if (ctx == NULL((void*)0))
1756	return 0;
1757	return ASYNC_WAIT_CTX_get_changed_fds(ctx, addfd, numaddfds, delfd,
1758	numdelfds);
1759	}
1760
1761	int SSL_CTX_set_async_callback(SSL_CTX *ctx, SSL_async_callback_fn callback)
1762	{
1763	ctx->async_cb = callback;
1764	return 1;
1765	}
1766
1767	int SSL_CTX_set_async_callback_arg(SSL_CTX ctx, void arg)
1768	{
1769	ctx->async_cb_arg = arg;
1770	return 1;
1771	}
1772
1773	int SSL_set_async_callback(SSL *s, SSL_async_callback_fn callback)
1774	{
1775	s->async_cb = callback;
1776	return 1;
1777	}
1778
1779	int SSL_set_async_callback_arg(SSL s, void arg)
1780	{
1781	s->async_cb_arg = arg;
1782	return 1;
1783	}
1784
1785	int SSL_get_async_status(SSL s, int status)
1786	{
1787	ASYNC_WAIT_CTX *ctx = s->waitctx;
1788
1789	if (ctx == NULL((void*)0))
1790	return 0;
1791	*status = ASYNC_WAIT_CTX_get_status(ctx);
1792	return 1;
1793	}
1794
1795	int SSL_accept(SSL *s)
1796	{
1797	if (s->handshake_func == NULL((void*)0)) {
1798	/* Not properly initialized yet */
1799	SSL_set_accept_state(s);
1800	}
1801
1802	return SSL_do_handshake(s);
1803	}
1804
1805	int SSL_connect(SSL *s)
1806	{
1807	if (s->handshake_func == NULL((void*)0)) {
1808	/* Not properly initialized yet */
1809	SSL_set_connect_state(s);
1810	}
1811
1812	return SSL_do_handshake(s);
1813	}
1814
1815	long SSL_get_default_timeout(const SSL *s)
1816	{
1817	return s->method->get_timeout();
1818	}
1819
1820	static int ssl_async_wait_ctx_cb(void *arg)
1821	{
1822	SSL s = (SSL )arg;
1823
1824	return s->async_cb(s, s->async_cb_arg);
1825	}
1826
1827	static int ssl_start_async_job(SSL s, struct ssl_async_args args,
1828	int (func) (void ))
1829	{
1830	int ret;
1831	if (s->waitctx == NULL((void*)0)) {
1832	s->waitctx = ASYNC_WAIT_CTX_new();
1833	if (s->waitctx == NULL((void*)0))
1834	return -1;
1835	if (s->async_cb != NULL((void*)0)
1836	&& !ASYNC_WAIT_CTX_set_callback
1837	(s->waitctx, ssl_async_wait_ctx_cb, s))
1838	return -1;
1839	}
1840
1841	s->rwstate = SSL_NOTHING1;
1842	switch (ASYNC_start_job(&s->job, s->waitctx, &ret, func, args,
1843	sizeof(struct ssl_async_args))) {
1844	case ASYNC_ERR0:
1845	s->rwstate = SSL_NOTHING1;
1846	ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_INIT_ASYNC)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1846,__func__), ERR_set_error)((20),(405),((void*)0));
1847	return -1;
1848	case ASYNC_PAUSE2:
1849	s->rwstate = SSL_ASYNC_PAUSED5;
1850	return -1;
1851	case ASYNC_NO_JOBS1:
1852	s->rwstate = SSL_ASYNC_NO_JOBS6;
1853	return -1;
1854	case ASYNC_FINISH3:
1855	s->job = NULL((void*)0);
1856	return ret;
1857	default:
1858	s->rwstate = SSL_NOTHING1;
1859	ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1859,__func__), ERR_set_error)((20),((259\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
1860	/* Shouldn't happen */
1861	return -1;
1862	}
1863	}
1864
1865	static int ssl_io_intern(void *vargs)
1866	{
1867	struct ssl_async_args *args;
1868	SSL *s;
1869	void *buf;
1870	size_t num;
1871
1872	args = (struct ssl_async_args *)vargs;
1873	s = args->s;
1874	buf = args->buf;
1875	num = args->num;
1876	switch (args->type) {
1877	case READFUNC:
1878	return args->f.func_read(s, buf, num, &s->asyncrw);
1879	case WRITEFUNC:
1880	return args->f.func_write(s, buf, num, &s->asyncrw);
1881	case OTHERFUNC:
1882	return args->f.func_other(s);
1883	}
1884	return -1;
1885	}
1886
1887	int ssl_read_internal(SSL s, void buf, size_t num, size_t *readbytes)
1888	{
1889	#ifndef OPENSSL_NO_QUIC
1890	if (SSL_IS_QUIC(s)(s->quic_method != ((void*)0))) {
1891	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1891,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
1892	return -1;
1893	}
1894	#endif
1895	if (s->handshake_func == NULL((void*)0)) {
1896	ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1896,__func__), ERR_set_error)((20),(276),((void*)0));
1897	return -1;
1898	}
1899
1900	if (s->shutdown & SSL_RECEIVED_SHUTDOWN2) {
1901	s->rwstate = SSL_NOTHING1;
1902	return 0;
1903	}
1904
1905	if (s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY
1906	\|\| s->early_data_state == SSL_EARLY_DATA_ACCEPT_RETRY) {
1907	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1907,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
1908	return 0;
1909	}
1910	/*
1911	* If we are a client and haven't received the ServerHello etc then we
1912	* better do that
1913	*/
1914	ossl_statem_check_finish_init(s, 0);
1915
1916	if ((s->mode & SSL_MODE_ASYNC0x00000100U) && ASYNC_get_current_job() == NULL((void*)0)) {
1917	struct ssl_async_args args;
1918	int ret;
1919
1920	args.s = s;
1921	args.buf = buf;
1922	args.num = num;
1923	args.type = READFUNC;
1924	args.f.func_read = s->method->ssl_read;
1925
1926	ret = ssl_start_async_job(s, &args, ssl_io_intern);
1927	*readbytes = s->asyncrw;
1928	return ret;
1929	} else {
1930	return s->method->ssl_read(s, buf, num, readbytes);
1931	}
1932	}
1933
1934	int SSL_read(SSL s, void buf, int num)
1935	{
1936	int ret;
1937	size_t readbytes;
1938
1939	if (num < 0) {
1940	ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1940,__func__), ERR_set_error)((20),(271),((void*)0));
1941	return -1;
1942	}
1943
1944	ret = ssl_read_internal(s, buf, (size_t)num, &readbytes);
1945
1946	/*
1947	* The cast is safe here because ret should be <= INT_MAX because num is
1948	* <= INT_MAX
1949	*/
1950	if (ret > 0)
1951	ret = (int)readbytes;
1952
1953	return ret;
1954	}
1955
1956	int SSL_read_ex(SSL s, void buf, size_t num, size_t *readbytes)
1957	{
1958	int ret = ssl_read_internal(s, buf, num, readbytes);
1959
1960	if (ret < 0)
1961	ret = 0;
1962	return ret;
1963	}
1964
1965	int SSL_read_early_data(SSL s, void buf, size_t num, size_t *readbytes)
1966	{
1967	int ret;
1968
1969	if (!s->server) {
1970	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1970,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
1971	return SSL_READ_EARLY_DATA_ERROR0;
1972	}
1973
1974	switch (s->early_data_state) {
1975	case SSL_EARLY_DATA_NONE:
1976	if (!SSL_in_before(s)) {
1977	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,1977,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
1978	return SSL_READ_EARLY_DATA_ERROR0;
1979	}
1980	/* fall through */
1981
1982	case SSL_EARLY_DATA_ACCEPT_RETRY:
1983	s->early_data_state = SSL_EARLY_DATA_ACCEPTING;
1984	ret = SSL_accept(s);
1985	if (ret <= 0) {
1986	/* NBIO or error */
1987	s->early_data_state = SSL_EARLY_DATA_ACCEPT_RETRY;
1988	return SSL_READ_EARLY_DATA_ERROR0;
1989	}
1990	/* fall through */
1991
1992	case SSL_EARLY_DATA_READ_RETRY:
1993	if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED2) {
1994	s->early_data_state = SSL_EARLY_DATA_READING;
1995	ret = SSL_read_ex(s, buf, num, readbytes);
1996	/*
1997	* State machine will update early_data_state to
1998	* SSL_EARLY_DATA_FINISHED_READING if we get an EndOfEarlyData
1999	* message
2000	*/
2001	if (ret > 0 \|\| (ret <= 0 && s->early_data_state
2002	!= SSL_EARLY_DATA_FINISHED_READING)) {
2003	s->early_data_state = SSL_EARLY_DATA_READ_RETRY;
2004	return ret > 0 ? SSL_READ_EARLY_DATA_SUCCESS1
2005	: SSL_READ_EARLY_DATA_ERROR0;
2006	}
2007	} else {
2008	s->early_data_state = SSL_EARLY_DATA_FINISHED_READING;
2009	}
2010	*readbytes = 0;
2011	return SSL_READ_EARLY_DATA_FINISH2;
2012
2013	default:
2014	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2014,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
2015	return SSL_READ_EARLY_DATA_ERROR0;
2016	}
2017	}
2018
2019	int SSL_get_early_data_status(const SSL *s)
2020	{
2021	return s->ext.early_data;
2022	}
2023
2024	static int ssl_peek_internal(SSL s, void buf, size_t num, size_t *readbytes)
2025	{
2026	#ifndef OPENSSL_NO_QUIC
2027	if (SSL_IS_QUIC(s)(s->quic_method != ((void*)0))) {
2028	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2028,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
2029	return -1;
2030	}
2031	#endif
2032	if (s->handshake_func == NULL((void*)0)) {
2033	ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2033,__func__), ERR_set_error)((20),(276),((void*)0));
2034	return -1;
2035	}
2036
2037	if (s->shutdown & SSL_RECEIVED_SHUTDOWN2) {
2038	return 0;
2039	}
2040	if ((s->mode & SSL_MODE_ASYNC0x00000100U) && ASYNC_get_current_job() == NULL((void*)0)) {
2041	struct ssl_async_args args;
2042	int ret;
2043
2044	args.s = s;
2045	args.buf = buf;
2046	args.num = num;
2047	args.type = READFUNC;
2048	args.f.func_read = s->method->ssl_peek;
2049
2050	ret = ssl_start_async_job(s, &args, ssl_io_intern);
2051	*readbytes = s->asyncrw;
2052	return ret;
2053	} else {
2054	return s->method->ssl_peek(s, buf, num, readbytes);
2055	}
2056	}
2057
2058	int SSL_peek(SSL s, void buf, int num)
2059	{
2060	int ret;
2061	size_t readbytes;
2062
2063	if (num < 0) {
2064	ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2064,__func__), ERR_set_error)((20),(271),((void*)0));
2065	return -1;
2066	}
2067
2068	ret = ssl_peek_internal(s, buf, (size_t)num, &readbytes);
2069
2070	/*
2071	* The cast is safe here because ret should be <= INT_MAX because num is
2072	* <= INT_MAX
2073	*/
2074	if (ret > 0)
2075	ret = (int)readbytes;
2076
2077	return ret;
2078	}
2079
2080
2081	int SSL_peek_ex(SSL s, void buf, size_t num, size_t *readbytes)
2082	{
2083	int ret = ssl_peek_internal(s, buf, num, readbytes);
2084
2085	if (ret < 0)
2086	ret = 0;
2087	return ret;
2088	}
2089
2090	int ssl_write_internal(SSL s, const void buf, size_t num, size_t *written)
2091	{
2092	#ifndef OPENSSL_NO_QUIC
2093	if (SSL_IS_QUIC(s)(s->quic_method != ((void*)0))) {
2094	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2094,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
2095	return -1;
2096	}
2097	#endif
2098	if (s->handshake_func == NULL((void*)0)) {
2099	ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2099,__func__), ERR_set_error)((20),(276),((void*)0));
2100	return -1;
2101	}
2102
2103	if (s->shutdown & SSL_SENT_SHUTDOWN1) {
2104	s->rwstate = SSL_NOTHING1;
2105	ERR_raise(ERR_LIB_SSL, SSL_R_PROTOCOL_IS_SHUTDOWN)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2105,__func__), ERR_set_error)((20),(207),((void*)0));
2106	return -1;
2107	}
2108
2109	if (s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY
2110	\|\| s->early_data_state == SSL_EARLY_DATA_ACCEPT_RETRY
2111	\|\| s->early_data_state == SSL_EARLY_DATA_READ_RETRY) {
2112	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2112,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
2113	return 0;
2114	}
2115	/* If we are a client and haven't sent the Finished we better do that */
2116	ossl_statem_check_finish_init(s, 1);
2117
2118	if ((s->mode & SSL_MODE_ASYNC0x00000100U) && ASYNC_get_current_job() == NULL((void*)0)) {
2119	int ret;
2120	struct ssl_async_args args;
2121
2122	args.s = s;
2123	args.buf = (void *)buf;
2124	args.num = num;
2125	args.type = WRITEFUNC;
2126	args.f.func_write = s->method->ssl_write;
2127
2128	ret = ssl_start_async_job(s, &args, ssl_io_intern);
2129	*written = s->asyncrw;
2130	return ret;
2131	} else {
2132	return s->method->ssl_write(s, buf, num, written);
2133	}
2134	}
2135
2136	ossl_ssize_tssize_t SSL_sendfile(SSL *s, int fd, off_t offset, size_t size, int flags)
2137	{
2138	ossl_ssize_tssize_t ret;
2139
2140	if (s->handshake_func == NULL((void*)0)) {
2141	ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2141,__func__), ERR_set_error)((20),(276),((void*)0));
2142	return -1;
2143	}
2144
2145	if (s->shutdown & SSL_SENT_SHUTDOWN1) {
2146	s->rwstate = SSL_NOTHING1;
2147	ERR_raise(ERR_LIB_SSL, SSL_R_PROTOCOL_IS_SHUTDOWN)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2147,__func__), ERR_set_error)((20),(207),((void*)0));
2148	return -1;
2149	}
2150
2151	if (!BIO_get_ktls_send(s->wbio)(0)) {
2152	ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2152,__func__), ERR_set_error)((20),(276),((void*)0));
2153	return -1;
2154	}
2155
2156	/* If we have an alert to send, lets send it */
2157	if (s->s3.alert_dispatch) {
2158	ret = (ossl_ssize_tssize_t)s->method->ssl_dispatch_alert(s);
2159	if (ret <= 0) {
2160	/* SSLfatal() already called if appropriate */
2161	return ret;
2162	}
2163	/* if it went, fall through and send more stuff */
2164	}
2165
2166	s->rwstate = SSL_WRITING2;
2167	if (BIO_flush(s->wbio)(int)BIO_ctrl(s->wbio,11,0,((void*)0)) <= 0) {
2168	if (!BIO_should_retry(s->wbio)BIO_test_flags(s->wbio, 0x08)) {
2169	s->rwstate = SSL_NOTHING1;
2170	} else {
2171	#ifdef EAGAIN11
2172	set_sys_error(EAGAIN)(*__errno_location ())=(11);
2173	#endif
2174	}
2175	return -1;
2176	}
2177
2178	#ifdef OPENSSL_NO_KTLS
2179	ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2179,__func__), ERR_set_error)(ERR_LIB_SSL20, ERR_R_INTERNAL_ERROR(259\|((0x1 << 18L)\|(0x2 << 18L))),
2180	"can't call ktls_sendfile(), ktls disabled");
2181	return -1;
2182	#else
2183	ret = ktls_sendfile(SSL_get_wfd(s), fd, offset, size, flags);
2184	if (ret < 0) {
2185	#if defined(EAGAIN11) && defined(EINTR4) && defined(EBUSY16)
2186	if ((get_last_sys_error()(*__errno_location ()) == EAGAIN11) \|\|
2187	(get_last_sys_error()(*__errno_location ()) == EINTR4) \|\|
2188	(get_last_sys_error()(*__errno_location ()) == EBUSY16))
2189	BIO_set_retry_write(s->wbio)BIO_set_flags(s->wbio, (0x02\|0x08));
2190	else
2191	#endif
2192	ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2192,__func__), ERR_set_error)((20),(276),((void*)0));
2193	return ret;
2194	}
2195	s->rwstate = SSL_NOTHING1;
2196	return ret;
2197	#endif
2198	}
2199
2200	int SSL_write(SSL s, const void buf, int num)
2201	{
2202	int ret;
2203	size_t written;
2204
2205	if (num < 0) {
2206	ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2206,__func__), ERR_set_error)((20),(271),((void*)0));
2207	return -1;
2208	}
2209
2210	ret = ssl_write_internal(s, buf, (size_t)num, &written);
2211
2212	/*
2213	* The cast is safe here because ret should be <= INT_MAX because num is
2214	* <= INT_MAX
2215	*/
2216	if (ret > 0)
2217	ret = (int)written;
2218
2219	return ret;
2220	}
2221
2222	int SSL_write_ex(SSL s, const void buf, size_t num, size_t *written)
2223	{
2224	int ret = ssl_write_internal(s, buf, num, written);
2225
2226	if (ret < 0)
2227	ret = 0;
2228	return ret;
2229	}
2230
2231	int SSL_write_early_data(SSL s, const void buf, size_t num, size_t *written)
2232	{
2233	int ret, early_data_state;
2234	size_t writtmp;
2235	uint32_t partialwrite;
2236
2237	switch (s->early_data_state) {
2238	case SSL_EARLY_DATA_NONE:
2239	if (s->server
2240	\|\| !SSL_in_before(s)
2241	\|\| ((s->session == NULL((void*)0) \|\| s->session->ext.max_early_data == 0)
2242	&& (s->psk_use_session_cb == NULL((void*)0)))) {
2243	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2243,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
2244	return 0;
2245	}
2246	/* fall through */
2247
2248	case SSL_EARLY_DATA_CONNECT_RETRY:
2249	s->early_data_state = SSL_EARLY_DATA_CONNECTING;
2250	ret = SSL_connect(s);
2251	if (ret <= 0) {
2252	/* NBIO or error */
2253	s->early_data_state = SSL_EARLY_DATA_CONNECT_RETRY;
2254	return 0;
2255	}
2256	/* fall through */
2257
2258	case SSL_EARLY_DATA_WRITE_RETRY:
2259	s->early_data_state = SSL_EARLY_DATA_WRITING;
2260	/*
2261	* We disable partial write for early data because we don't keep track
2262	* of how many bytes we've written between the SSL_write_ex() call and
2263	* the flush if the flush needs to be retried)
2264	*/
2265	partialwrite = s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE0x00000001U;
2266	s->mode &= ~SSL_MODE_ENABLE_PARTIAL_WRITE0x00000001U;
2267	ret = SSL_write_ex(s, buf, num, &writtmp);
2268	s->mode \|= partialwrite;
2269	if (!ret) {
2270	s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY;
2271	return ret;
2272	}
2273	s->early_data_state = SSL_EARLY_DATA_WRITE_FLUSH;
2274	/* fall through */
2275
2276	case SSL_EARLY_DATA_WRITE_FLUSH:
2277	/* The buffering BIO is still in place so we need to flush it */
2278	if (statem_flush(s) != 1)
2279	return 0;
2280	*written = num;
2281	s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY;
2282	return 1;
2283
2284	case SSL_EARLY_DATA_FINISHED_READING:
2285	case SSL_EARLY_DATA_READ_RETRY:
2286	early_data_state = s->early_data_state;
2287	/* We are a server writing to an unauthenticated client */
2288	s->early_data_state = SSL_EARLY_DATA_UNAUTH_WRITING;
2289	ret = SSL_write_ex(s, buf, num, written);
2290	/* The buffering BIO is still in place */
2291	if (ret)
2292	(void)BIO_flush(s->wbio)(int)BIO_ctrl(s->wbio,11,0,((void*)0));
2293	s->early_data_state = early_data_state;
2294	return ret;
2295
2296	default:
2297	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2297,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
2298	return 0;
2299	}
2300	}
2301
2302	int SSL_shutdown(SSL *s)
2303	{
2304	/*
2305	* Note that this function behaves differently from what one might
2306	* expect. Return values are 0 for no success (yet), 1 for success; but
2307	* calling it once is usually not enough, even if blocking I/O is used
2308	* (see ssl3_shutdown).
2309	*/
2310
2311	if (s->handshake_func == NULL((void*)0)) {
2312	ERR_raise(ERR_LIB_SSL, SSL_R_UNINITIALIZED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2312,__func__), ERR_set_error)((20),(276),((void*)0));
2313	return -1;
2314	}
2315
2316	if (!SSL_in_init(s)) {
2317	if ((s->mode & SSL_MODE_ASYNC0x00000100U) && ASYNC_get_current_job() == NULL((void*)0)) {
2318	struct ssl_async_args args;
2319
2320	memset(&args, 0, sizeof(args));
2321	args.s = s;
2322	args.type = OTHERFUNC;
2323	args.f.func_other = s->method->ssl_shutdown;
2324
2325	return ssl_start_async_job(s, &args, ssl_io_intern);
2326	} else {
2327	return s->method->ssl_shutdown(s);
2328	}
2329	} else {
2330	ERR_raise(ERR_LIB_SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2330,__func__), ERR_set_error)((20),(407),((void*)0));
2331	return -1;
2332	}
2333	}
2334
2335	int SSL_key_update(SSL *s, int updatetype)
2336	{
2337	if (!SSL_IS_TLS13(s)(!(s->method->ssl3_enc->enc_flags & 0x8) && (s)->method->version >= 0x0304 && (s)->method ->version != 0x10000)) {
2338	ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2338,__func__), ERR_set_error)((20),(266),((void*)0));
2339	return 0;
2340	}
2341
2342	if (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED0
2343	&& updatetype != SSL_KEY_UPDATE_REQUESTED1) {
2344	ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_KEY_UPDATE_TYPE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2344,__func__), ERR_set_error)((20),(120),((void*)0));
2345	return 0;
2346	}
2347
2348	if (!SSL_is_init_finished(s)) {
2349	ERR_raise(ERR_LIB_SSL, SSL_R_STILL_IN_INIT)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2349,__func__), ERR_set_error)((20),(121),((void*)0));
2350	return 0;
2351	}
2352
2353	if (RECORD_LAYER_write_pending(&s->rlayer)) {
2354	ERR_raise(ERR_LIB_SSL, SSL_R_BAD_WRITE_RETRY)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2354,__func__), ERR_set_error)((20),(127),((void*)0));
2355	return 0;
2356	}
2357
2358	ossl_statem_set_in_init(s, 1);
2359	s->key_update = updatetype;
2360	return 1;
2361	}
2362
2363	int SSL_get_key_update_type(const SSL *s)
2364	{
2365	return s->key_update;
2366	}
2367
2368	/*
2369	* Can we accept a renegotiation request? If yes, set the flag and
2370	* return 1 if yes. If not, raise error and return 0.
2371	*/
2372	static int can_renegotiate(const SSL *s)
2373	{
2374	if (SSL_IS_TLS13(s)(!(s->method->ssl3_enc->enc_flags & 0x8) && (s)->method->version >= 0x0304 && (s)->method ->version != 0x10000)) {
2375	ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2375,__func__), ERR_set_error)((20),(266),((void*)0));
2376	return 0;
2377	}
2378
2379	if ((s->options & SSL_OP_NO_RENEGOTIATION((uint64_t)1 << (uint64_t)30)) != 0) {
2380	ERR_raise(ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2380,__func__), ERR_set_error)((20),(339),((void*)0));
2381	return 0;
2382	}
2383
2384	return 1;
2385	}
2386
2387	int SSL_renegotiate(SSL *s)
2388	{
2389	if (!can_renegotiate(s))
2390	return 0;
2391
2392	s->renegotiate = 1;
2393	s->new_session = 1;
2394	return s->method->ssl_renegotiate(s);
2395	}
2396
2397	int SSL_renegotiate_abbreviated(SSL *s)
2398	{
2399	if (!can_renegotiate(s))
2400	return 0;
2401
2402	s->renegotiate = 1;
2403	s->new_session = 0;
2404	return s->method->ssl_renegotiate(s);
2405	}
2406
2407	int SSL_renegotiate_pending(const SSL *s)
2408	{
2409	/*
2410	* becomes true when negotiation is requested; false again once a
2411	* handshake has finished
2412	*/
2413	return (s->renegotiate != 0);
2414	}
2415
2416	int SSL_new_session_ticket(SSL *s)
2417	{
2418	/* If we are in init because we're sending tickets, okay to send more. */
2419	if ((SSL_in_init(s) && s->ext.extra_tickets_expected == 0)
2420	\|\| SSL_IS_FIRST_HANDSHAKE(s)((s)->s3.tmp.finish_md_len == 0 \|\| (s)->s3.tmp.peer_finish_md_len == 0) \|\| !s->server
2421	\|\| !SSL_IS_TLS13(s)(!(s->method->ssl3_enc->enc_flags & 0x8) && (s)->method->version >= 0x0304 && (s)->method ->version != 0x10000))
2422	return 0;
2423	s->ext.extra_tickets_expected++;
2424	if (!RECORD_LAYER_write_pending(&s->rlayer) && !SSL_in_init(s))
2425	ossl_statem_set_in_init(s, 1);
2426	return 1;
2427	}
2428
2429	long SSL_ctrl(SSL s, int cmd, long larg, void parg)
2430	{
2431	long l;
2432
2433	switch (cmd) {
2434	case SSL_CTRL_GET_READ_AHEAD40:
2435	return RECORD_LAYER_get_read_ahead(&s->rlayer)((&s->rlayer)->read_ahead);
2436	case SSL_CTRL_SET_READ_AHEAD41:
2437	l = RECORD_LAYER_get_read_ahead(&s->rlayer)((&s->rlayer)->read_ahead);
2438	RECORD_LAYER_set_read_ahead(&s->rlayer, larg)((&s->rlayer)->read_ahead = (larg));
2439	return l;
2440
2441	case SSL_CTRL_SET_MSG_CALLBACK_ARG16:
2442	s->msg_callback_arg = parg;
2443	return 1;
2444
2445	case SSL_CTRL_MODE33:
2446	return (s->mode \|= larg);
2447	case SSL_CTRL_CLEAR_MODE78:
2448	return (s->mode &= ~larg);
2449	case SSL_CTRL_GET_MAX_CERT_LIST50:
2450	return (long)s->max_cert_list;
2451	case SSL_CTRL_SET_MAX_CERT_LIST51:
2452	if (larg < 0)
2453	return 0;
2454	l = (long)s->max_cert_list;
2455	s->max_cert_list = (size_t)larg;
2456	return l;
2457	case SSL_CTRL_SET_MAX_SEND_FRAGMENT52:
2458	if (larg < 512 \|\| larg > SSL3_RT_MAX_PLAIN_LENGTH16384)
2459	return 0;
2460	#ifndef OPENSSL_NO_KTLS
2461	if (s->wbio != NULL((void*)0) && BIO_get_ktls_send(s->wbio)(0))
2462	return 0;
2463	#endif /* OPENSSL_NO_KTLS */
2464	s->max_send_fragment = larg;
2465	if (s->max_send_fragment < s->split_send_fragment)
2466	s->split_send_fragment = s->max_send_fragment;
2467	return 1;
2468	case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT125:
2469	if ((size_t)larg > s->max_send_fragment \|\| larg == 0)
2470	return 0;
2471	s->split_send_fragment = larg;
2472	return 1;
2473	case SSL_CTRL_SET_MAX_PIPELINES126:
2474	if (larg < 1 \|\| larg > SSL_MAX_PIPELINES32)
2475	return 0;
2476	s->max_pipelines = larg;
2477	if (larg > 1)
2478	RECORD_LAYER_set_read_ahead(&s->rlayer, 1)((&s->rlayer)->read_ahead = (1));
2479	return 1;
2480	case SSL_CTRL_GET_RI_SUPPORT76:
2481	return s->s3.send_connection_binding;
2482	case SSL_CTRL_SET_RETRY_VERIFY136:
2483	s->rwstate = SSL_RETRY_VERIFY8;
2484	return 1;
2485	case SSL_CTRL_CERT_FLAGS99:
2486	return (s->cert->cert_flags \|= larg);
2487	case SSL_CTRL_CLEAR_CERT_FLAGS100:
2488	return (s->cert->cert_flags &= ~larg);
2489
2490	case SSL_CTRL_GET_RAW_CIPHERLIST110:
2491	if (parg) {
2492	if (s->s3.tmp.ciphers_raw == NULL((void*)0))
2493	return 0;
2494	(unsigned char *)parg = s->s3.tmp.ciphers_raw;
2495	return (int)s->s3.tmp.ciphers_rawlen;
2496	} else {
2497	return TLS_CIPHER_LEN2;
2498	}
2499	case SSL_CTRL_GET_EXTMS_SUPPORT122:
2500	if (!s->session \|\| SSL_in_init(s) \|\| ossl_statem_get_in_handshake(s))
2501	return -1;
2502	if (s->session->flags & SSL_SESS_FLAG_EXTMS0x1)
2503	return 1;
2504	else
2505	return 0;
2506	case SSL_CTRL_SET_MIN_PROTO_VERSION123:
2507	return ssl_check_allowed_versions(larg, s->max_proto_version)
2508	&& ssl_set_version_bound(s->ctx->method->version, (int)larg,
2509	&s->min_proto_version);
2510	case SSL_CTRL_GET_MIN_PROTO_VERSION130:
2511	return s->min_proto_version;
2512	case SSL_CTRL_SET_MAX_PROTO_VERSION124:
2513	return ssl_check_allowed_versions(s->min_proto_version, larg)
2514	&& ssl_set_version_bound(s->ctx->method->version, (int)larg,
2515	&s->max_proto_version);
2516	case SSL_CTRL_GET_MAX_PROTO_VERSION131:
2517	return s->max_proto_version;
2518	default:
2519	return s->method->ssl_ctrl(s, cmd, larg, parg);
2520	}
2521	}
2522
2523	long SSL_callback_ctrl(SSL s, int cmd, void (fp) (void))
2524	{
2525	switch (cmd) {
2526	case SSL_CTRL_SET_MSG_CALLBACK15:
2527	s->msg_callback = (void (*)
2528	(int write_p, int version, int content_type,
2529	const void buf, size_t len, SSL ssl,
2530	void *arg))(fp);
2531	return 1;
2532
2533	default:
2534	return s->method->ssl_callback_ctrl(s, cmd, fp);
2535	}
2536	}
2537
2538	LHASH_OF(SSL_SESSION)struct lhash_st_SSL_SESSION SSL_CTX_sessions(SSL_CTX ctx)
2539	{
2540	return ctx->sessions;
2541	}
2542
2543	static int ssl_tsan_load(SSL_CTX ctx, TSAN_QUALIFIER_Atomic int stat)
2544	{
2545	int res = 0;
2546
2547	if (ssl_tsan_lock(ctx)) {
2548	res = tsan_load(stat)__c11_atomic_load((stat), memory_order_relaxed);
2549	ssl_tsan_unlock(ctx);
2550	}
2551	return res;
2552	}
2553
2554	long SSL_CTX_ctrl(SSL_CTX ctx, int cmd, long larg, void parg)
2555	{
2556	long l;
2557	/* For some cases with ctx == NULL perform syntax checks */
2558	if (ctx == NULL((void*)0)) {
2559	switch (cmd) {
2560	case SSL_CTRL_SET_GROUPS_LIST92:
2561	return tls1_set_groups_list(ctx, NULL((void)0), NULL((void)0), parg);
2562	case SSL_CTRL_SET_SIGALGS_LIST98:
2563	case SSL_CTRL_SET_CLIENT_SIGALGS_LIST102:
2564	return tls1_set_sigalgs_list(NULL((void*)0), parg, 0);
2565	default:
2566	return 0;
2567	}
2568	}
2569
2570	switch (cmd) {
2571	case SSL_CTRL_GET_READ_AHEAD40:
2572	return ctx->read_ahead;
2573	case SSL_CTRL_SET_READ_AHEAD41:
2574	l = ctx->read_ahead;
2575	ctx->read_ahead = larg;
2576	return l;
2577
2578	case SSL_CTRL_SET_MSG_CALLBACK_ARG16:
2579	ctx->msg_callback_arg = parg;
2580	return 1;
2581
2582	case SSL_CTRL_GET_MAX_CERT_LIST50:
2583	return (long)ctx->max_cert_list;
2584	case SSL_CTRL_SET_MAX_CERT_LIST51:
2585	if (larg < 0)
2586	return 0;
2587	l = (long)ctx->max_cert_list;
2588	ctx->max_cert_list = (size_t)larg;
2589	return l;
2590
2591	case SSL_CTRL_SET_SESS_CACHE_SIZE42:
2592	if (larg < 0)
2593	return 0;
2594	l = (long)ctx->session_cache_size;
2595	ctx->session_cache_size = (size_t)larg;
2596	return l;
2597	case SSL_CTRL_GET_SESS_CACHE_SIZE43:
2598	return (long)ctx->session_cache_size;
2599	case SSL_CTRL_SET_SESS_CACHE_MODE44:
2600	l = ctx->session_cache_mode;
2601	ctx->session_cache_mode = larg;
2602	return l;
2603	case SSL_CTRL_GET_SESS_CACHE_MODE45:
2604	return ctx->session_cache_mode;
2605
2606	case SSL_CTRL_SESS_NUMBER20:
2607	return lh_SSL_SESSION_num_items(ctx->sessions);
2608	case SSL_CTRL_SESS_CONNECT21:
2609	return ssl_tsan_load(ctx, &ctx->stats.sess_connect);
2610	case SSL_CTRL_SESS_CONNECT_GOOD22:
2611	return ssl_tsan_load(ctx, &ctx->stats.sess_connect_good);
2612	case SSL_CTRL_SESS_CONNECT_RENEGOTIATE23:
2613	return ssl_tsan_load(ctx, &ctx->stats.sess_connect_renegotiate);
2614	case SSL_CTRL_SESS_ACCEPT24:
2615	return ssl_tsan_load(ctx, &ctx->stats.sess_accept);
2616	case SSL_CTRL_SESS_ACCEPT_GOOD25:
2617	return ssl_tsan_load(ctx, &ctx->stats.sess_accept_good);
2618	case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE26:
2619	return ssl_tsan_load(ctx, &ctx->stats.sess_accept_renegotiate);
2620	case SSL_CTRL_SESS_HIT27:
2621	return ssl_tsan_load(ctx, &ctx->stats.sess_hit);
2622	case SSL_CTRL_SESS_CB_HIT28:
2623	return ssl_tsan_load(ctx, &ctx->stats.sess_cb_hit);
2624	case SSL_CTRL_SESS_MISSES29:
2625	return ssl_tsan_load(ctx, &ctx->stats.sess_miss);
2626	case SSL_CTRL_SESS_TIMEOUTS30:
2627	return ssl_tsan_load(ctx, &ctx->stats.sess_timeout);
2628	case SSL_CTRL_SESS_CACHE_FULL31:
2629	return ssl_tsan_load(ctx, &ctx->stats.sess_cache_full);
2630	case SSL_CTRL_MODE33:
2631	return (ctx->mode \|= larg);
2632	case SSL_CTRL_CLEAR_MODE78:
2633	return (ctx->mode &= ~larg);
2634	case SSL_CTRL_SET_MAX_SEND_FRAGMENT52:
2635	if (larg < 512 \|\| larg > SSL3_RT_MAX_PLAIN_LENGTH16384)
2636	return 0;
2637	ctx->max_send_fragment = larg;
2638	if (ctx->max_send_fragment < ctx->split_send_fragment)
2639	ctx->split_send_fragment = ctx->max_send_fragment;
2640	return 1;
2641	case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT125:
2642	if ((size_t)larg > ctx->max_send_fragment \|\| larg == 0)
2643	return 0;
2644	ctx->split_send_fragment = larg;
2645	return 1;
2646	case SSL_CTRL_SET_MAX_PIPELINES126:
2647	if (larg < 1 \|\| larg > SSL_MAX_PIPELINES32)
2648	return 0;
2649	ctx->max_pipelines = larg;
2650	return 1;
2651	case SSL_CTRL_CERT_FLAGS99:
2652	return (ctx->cert->cert_flags \|= larg);
2653	case SSL_CTRL_CLEAR_CERT_FLAGS100:
2654	return (ctx->cert->cert_flags &= ~larg);
2655	case SSL_CTRL_SET_MIN_PROTO_VERSION123:
2656	return ssl_check_allowed_versions(larg, ctx->max_proto_version)
2657	&& ssl_set_version_bound(ctx->method->version, (int)larg,
2658	&ctx->min_proto_version);
2659	case SSL_CTRL_GET_MIN_PROTO_VERSION130:
2660	return ctx->min_proto_version;
2661	case SSL_CTRL_SET_MAX_PROTO_VERSION124:
2662	return ssl_check_allowed_versions(ctx->min_proto_version, larg)
2663	&& ssl_set_version_bound(ctx->method->version, (int)larg,
2664	&ctx->max_proto_version);
2665	case SSL_CTRL_GET_MAX_PROTO_VERSION131:
2666	return ctx->max_proto_version;
2667	default:
2668	return ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg);
2669	}
2670	}
2671
2672	long SSL_CTX_callback_ctrl(SSL_CTX ctx, int cmd, void (fp) (void))
2673	{
2674	switch (cmd) {
2675	case SSL_CTRL_SET_MSG_CALLBACK15:
2676	ctx->msg_callback = (void (*)
2677	(int write_p, int version, int content_type,
2678	const void buf, size_t len, SSL ssl,
2679	void *arg))(fp);
2680	return 1;
2681
2682	default:
2683	return ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp);
2684	}
2685	}
2686
2687	int ssl_cipher_id_cmp(const SSL_CIPHER a, const SSL_CIPHER b)
2688	{
2689	if (a->id > b->id)
2690	return 1;
2691	if (a->id < b->id)
2692	return -1;
2693	return 0;
2694	}
2695
2696	int ssl_cipher_ptr_id_cmp(const SSL_CIPHER const ap,
2697	const SSL_CIPHER const bp)
2698	{
2699	if ((ap)->id > (bp)->id)
2700	return 1;
2701	if ((ap)->id < (bp)->id)
2702	return -1;
2703	return 0;
2704	}
2705
2706	/** return a STACK of the ciphers available for the SSL and in order of
2707	* preference */
2708	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER SSL_get_ciphers(const SSL s)
2709	{
2710	if (s != NULL((void*)0)) {
2711	if (s->cipher_list != NULL((void*)0)) {
2712	return s->cipher_list;
2713	} else if ((s->ctx != NULL((void)0)) && (s->ctx->cipher_list != NULL((void)0))) {
2714	return s->ctx->cipher_list;
2715	}
2716	}
2717	return NULL((void*)0);
2718	}
2719
2720	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER SSL_get_client_ciphers(const SSL s)
2721	{
2722	if ((s == NULL((void*)0)) \|\| !s->server)
2723	return NULL((void*)0);
2724	return s->peer_ciphers;
2725	}
2726
2727	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER SSL_get1_supported_ciphers(SSL s)
2728	{
2729	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER sk = NULL((void)0), *ciphers;
2730	int i;
2731
2732	ciphers = SSL_get_ciphers(s);
2733	if (!ciphers)
2734	return NULL((void*)0);
2735	if (!ssl_set_client_disabled(s))
2736	return NULL((void*)0);
2737	for (i = 0; i < sk_SSL_CIPHER_num(ciphers)OPENSSL_sk_num(ossl_check_const_SSL_CIPHER_sk_type(ciphers)); i++) {
2738	const SSL_CIPHER c = sk_SSL_CIPHER_value(ciphers, i)((const SSL_CIPHER )OPENSSL_sk_value(ossl_check_const_SSL_CIPHER_sk_type (ciphers), (i)));
2739	if (!ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED(1 \| (1 << 16)), 0)) {
2740	if (!sk)
2741	sk = sk_SSL_CIPHER_new_null()((struct stack_st_SSL_CIPHER *)OPENSSL_sk_new_null());
2742	if (!sk)
2743	return NULL((void*)0);
2744	if (!sk_SSL_CIPHER_push(sk, c)OPENSSL_sk_push(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_type (c))) {
2745	sk_SSL_CIPHER_free(sk)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(sk));
2746	return NULL((void*)0);
2747	}
2748	}
2749	}
2750	return sk;
2751	}
2752
2753	/** return a STACK of the ciphers available for the SSL and in order of
2754	* algorithm id */
2755	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER ssl_get_ciphers_by_id(SSL s)
2756	{
2757	if (s != NULL((void*)0)) {
2758	if (s->cipher_list_by_id != NULL((void*)0)) {
2759	return s->cipher_list_by_id;
2760	} else if ((s->ctx != NULL((void)0)) && (s->ctx->cipher_list_by_id != NULL((void)0))) {
2761	return s->ctx->cipher_list_by_id;
2762	}
2763	}
2764	return NULL((void*)0);
2765	}
2766
2767	/** The old interface to get the same thing as SSL_get_ciphers() */
2768	const char SSL_get_cipher_list(const SSL s, int n)
2769	{
2770	const SSL_CIPHER *c;
2771	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER *sk;
2772
2773	if (s == NULL((void*)0))
2774	return NULL((void*)0);
2775	sk = SSL_get_ciphers(s);
2776	if ((sk == NULL((void*)0)) \|\| (sk_SSL_CIPHER_num(sk)OPENSSL_sk_num(ossl_check_const_SSL_CIPHER_sk_type(sk)) <= n))
2777	return NULL((void*)0);
2778	c = sk_SSL_CIPHER_value(sk, n)((const SSL_CIPHER *)OPENSSL_sk_value(ossl_check_const_SSL_CIPHER_sk_type (sk), (n)));
2779	if (c == NULL((void*)0))
2780	return NULL((void*)0);
2781	return c->name;
2782	}
2783
2784	/** return a STACK of the ciphers available for the SSL_CTX and in order of
2785	* preference */
2786	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER SSL_CTX_get_ciphers(const SSL_CTX ctx)
2787	{
2788	if (ctx != NULL((void*)0))
2789	return ctx->cipher_list;
2790	return NULL((void*)0);
2791	}
2792
2793	/*
2794	* Distinguish between ciphers controlled by set_ciphersuite() and
2795	* set_cipher_list() when counting.
2796	*/
2797	static int cipher_list_tls12_num(STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER *sk)
2798	{
2799	int i, num = 0;
2800	const SSL_CIPHER *c;
2801
2802	if (sk == NULL((void*)0))
2803	return 0;
2804	for (i = 0; i < sk_SSL_CIPHER_num(sk)OPENSSL_sk_num(ossl_check_const_SSL_CIPHER_sk_type(sk)); ++i) {
2805	c = sk_SSL_CIPHER_value(sk, i)((const SSL_CIPHER *)OPENSSL_sk_value(ossl_check_const_SSL_CIPHER_sk_type (sk), (i)));
2806	if (c->min_tls >= TLS1_3_VERSION0x0304)
2807	continue;
2808	num++;
2809	}
2810	return num;
2811	}
2812
2813	/** specify the ciphers to be used by default by the SSL_CTX */
2814	int SSL_CTX_set_cipher_list(SSL_CTX ctx, const char str)
2815	{
2816	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER *sk;
2817
2818	sk = ssl_create_cipher_list(ctx, ctx->tls13_ciphersuites,
2819	&ctx->cipher_list, &ctx->cipher_list_by_id, str,
2820	ctx->cert);
2821	/*
2822	* ssl_create_cipher_list may return an empty stack if it was unable to
2823	* find a cipher matching the given rule string (for example if the rule
2824	* string specifies a cipher which has been disabled). This is not an
2825	* error as far as ssl_create_cipher_list is concerned, and hence
2826	* ctx->cipher_list and ctx->cipher_list_by_id has been updated.
2827	*/
2828	if (sk == NULL((void*)0))
2829	return 0;
2830	else if (cipher_list_tls12_num(sk) == 0) {
2831	ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2831,__func__), ERR_set_error)((20),(185),((void*)0));
2832	return 0;
2833	}
2834	return 1;
2835	}
2836
2837	/** specify the ciphers to be used by the SSL */
2838	int SSL_set_cipher_list(SSL s, const char str)
2839	{
2840	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER *sk;
2841
2842	sk = ssl_create_cipher_list(s->ctx, s->tls13_ciphersuites,
2843	&s->cipher_list, &s->cipher_list_by_id, str,
2844	s->cert);
2845	/* see comment in SSL_CTX_set_cipher_list */
2846	if (sk == NULL((void*)0))
2847	return 0;
2848	else if (cipher_list_tls12_num(sk) == 0) {
2849	ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHER_MATCH)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,2849,__func__), ERR_set_error)((20),(185),((void*)0));
2850	return 0;
2851	}
2852	return 1;
2853	}
2854
2855	char SSL_get_shared_ciphers(const SSL s, char *buf, int size)
2856	{
2857	char *p;
2858	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER clntsk, srvrsk;
2859	const SSL_CIPHER *c;
2860	int i;
2861
2862	if (!s->server
2863	\|\| s->peer_ciphers == NULL((void*)0)
2864	\|\| size < 2)
2865	return NULL((void*)0);
2866
2867	p = buf;
2868	clntsk = s->peer_ciphers;
2869	srvrsk = SSL_get_ciphers(s);
2870	if (clntsk == NULL((void)0) \|\| srvrsk == NULL((void)0))
2871	return NULL((void*)0);
2872
2873	if (sk_SSL_CIPHER_num(clntsk)OPENSSL_sk_num(ossl_check_const_SSL_CIPHER_sk_type(clntsk)) == 0 \|\| sk_SSL_CIPHER_num(srvrsk)OPENSSL_sk_num(ossl_check_const_SSL_CIPHER_sk_type(srvrsk)) == 0)
2874	return NULL((void*)0);
2875
2876	for (i = 0; i < sk_SSL_CIPHER_num(clntsk)OPENSSL_sk_num(ossl_check_const_SSL_CIPHER_sk_type(clntsk)); i++) {
2877	int n;
2878
2879	c = sk_SSL_CIPHER_value(clntsk, i)((const SSL_CIPHER *)OPENSSL_sk_value(ossl_check_const_SSL_CIPHER_sk_type (clntsk), (i)));
2880	if (sk_SSL_CIPHER_find(srvrsk, c)OPENSSL_sk_find(ossl_check_SSL_CIPHER_sk_type(srvrsk), ossl_check_SSL_CIPHER_type (c)) < 0)
2881	continue;
2882
2883	n = strlen(c->name);
2884	if (n + 1 > size) {
2885	if (p != buf)
2886	--p;
2887	*p = '\0';
2888	return buf;
2889	}
2890	strcpy(p, c->name);
2891	p += n;
2892	*(p++) = ':';
2893	size -= n + 1;
2894	}
2895	p[-1] = '\0';
2896	return buf;
2897	}
2898
2899	/**
2900	* Return the requested servername (SNI) value. Note that the behaviour varies
2901	* depending on:
2902	* - whether this is called by the client or the server,
2903	* - if we are before or during/after the handshake,
2904	* - if a resumption or normal handshake is being attempted/has occurred
2905	* - whether we have negotiated TLSv1.2 (or below) or TLSv1.3
2906	*
2907	* Note that only the host_name type is defined (RFC 3546).
2908	*/
2909	const char SSL_get_servername(const SSL s, const int type)
2910	{
2911	/*
2912	* If we don't know if we are the client or the server yet then we assume
2913	* client.
2914	*/
2915	int server = s->handshake_func == NULL((void*)0) ? 0 : s->server;
2916	if (type != TLSEXT_NAMETYPE_host_name0)
2917	return NULL((void*)0);
2918
2919	if (server) {
2920	/**
2921	* Server side
2922	* In TLSv1.3 on the server SNI is not associated with the session
2923	* but in TLSv1.2 or below it is.
2924	*
2925	* Before the handshake:
2926	* - return NULL
2927	*
2928	* During/after the handshake (TLSv1.2 or below resumption occurred):
2929	* - If a servername was accepted by the server in the original
2930	* handshake then it will return that servername, or NULL otherwise.
2931	*
2932	* During/after the handshake (TLSv1.2 or below resumption did not occur):
2933	* - The function will return the servername requested by the client in
2934	* this handshake or NULL if none was requested.
2935	*/
2936	if (s->hit && !SSL_IS_TLS13(s)(!(s->method->ssl3_enc->enc_flags & 0x8) && (s)->method->version >= 0x0304 && (s)->method ->version != 0x10000))
2937	return s->session->ext.hostname;
2938	} else {
2939	/**
2940	* Client side
2941	*
2942	* Before the handshake:
2943	* - If a servername has been set via a call to
2944	* SSL_set_tlsext_host_name() then it will return that servername
2945	* - If one has not been set, but a TLSv1.2 resumption is being
2946	* attempted and the session from the original handshake had a
2947	* servername accepted by the server then it will return that
2948	* servername
2949	* - Otherwise it returns NULL
2950	*
2951	* During/after the handshake (TLSv1.2 or below resumption occurred):
2952	* - If the session from the original handshake had a servername accepted
2953	* by the server then it will return that servername.
2954	* - Otherwise it returns the servername set via
2955	* SSL_set_tlsext_host_name() (or NULL if it was not called).
2956	*
2957	* During/after the handshake (TLSv1.2 or below resumption did not occur):
2958	* - It will return the servername set via SSL_set_tlsext_host_name()
2959	* (or NULL if it was not called).
2960	*/
2961	if (SSL_in_before(s)) {
2962	if (s->ext.hostname == NULL((void*)0)
2963	&& s->session != NULL((void*)0)
2964	&& s->session->ssl_version != TLS1_3_VERSION0x0304)
2965	return s->session->ext.hostname;
2966	} else {
2967	if (!SSL_IS_TLS13(s)(!(s->method->ssl3_enc->enc_flags & 0x8) && (s)->method->version >= 0x0304 && (s)->method ->version != 0x10000) && s->hit && s->session->ext.hostname != NULL((void*)0))
2968	return s->session->ext.hostname;
2969	}
2970	}
2971
2972	return s->ext.hostname;
2973	}
2974
2975	int SSL_get_servername_type(const SSL *s)
2976	{
2977	if (SSL_get_servername(s, TLSEXT_NAMETYPE_host_name0) != NULL((void*)0))
2978	return TLSEXT_NAMETYPE_host_name0;
2979	return -1;
2980	}
2981
2982	/*
2983	* SSL_select_next_proto implements the standard protocol selection. It is
2984	* expected that this function is called from the callback set by
2985	* SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a
2986	* vector of 8-bit, length prefixed byte strings. The length byte itself is
2987	* not included in the length. A byte string of length 0 is invalid. No byte
2988	* string may be truncated. The current, but experimental algorithm for
2989	* selecting the protocol is: 1) If the server doesn't support NPN then this
2990	* is indicated to the callback. In this case, the client application has to
2991	* abort the connection or have a default application level protocol. 2) If
2992	* the server supports NPN, but advertises an empty list then the client
2993	* selects the first protocol in its list, but indicates via the API that this
2994	* fallback case was enacted. 3) Otherwise, the client finds the first
2995	* protocol in the server's list that it supports and selects this protocol.
2996	* This is because it's assumed that the server has better information about
2997	* which protocol a client should use. 4) If the client doesn't support any
2998	* of the server's advertised protocols, then this is treated the same as
2999	* case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was
3000	* found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
3001	*/
3002	int SSL_select_next_proto(unsigned char *out, unsigned char outlen,
3003	const unsigned char *server,
3004	unsigned int server_len,
3005	const unsigned char *client, unsigned int client_len)
3006	{
3007	unsigned int i, j;
3008	const unsigned char *result;
3009	int status = OPENSSL_NPN_UNSUPPORTED0;
3010
3011	/*
3012	* For each protocol in server preference order, see if we support it.
3013	*/
3014	for (i = 0; i < server_len;) {
3015	for (j = 0; j < client_len;) {
3016	if (server[i] == client[j] &&
3017	memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
3018	/* We found a match */
3019	result = &server[i];
3020	status = OPENSSL_NPN_NEGOTIATED1;
3021	goto found;
3022	}
3023	j += client[j];
3024	j++;
3025	}
3026	i += server[i];
3027	i++;
3028	}
3029
3030	/* There's no overlap between our protocols and the server's list. */
3031	result = client;
3032	status = OPENSSL_NPN_NO_OVERLAP2;
3033
3034	found:
3035	out = (unsigned char )result + 1;
3036	*outlen = result[0];
3037	return status;
3038	}
3039
3040	#ifndef OPENSSL_NO_NEXTPROTONEG
3041	/*
3042	* SSL_get0_next_proto_negotiated sets data and len to point to the
3043	* client's requested protocol for this connection and returns 0. If the
3044	* client didn't request any protocol, then *data is set to NULL. Note that
3045	* the client can request any protocol it chooses. The value returned from
3046	* this function need not be a member of the list of supported protocols
3047	* provided by the callback.
3048	*/
3049	void SSL_get0_next_proto_negotiated(const SSL s, const unsigned char *data,
3050	unsigned *len)
3051	{
3052	*data = s->ext.npn;
3053	if (data == NULL((void)0)) {
3054	*len = 0;
3055	} else {
3056	*len = (unsigned int)s->ext.npn_len;
3057	}
3058	}
3059
3060	/*
3061	* SSL_CTX_set_npn_advertised_cb sets a callback that is called when
3062	* a TLS server needs a list of supported protocols for Next Protocol
3063	* Negotiation. The returned list must be in wire format. The list is
3064	* returned by setting \|out\| to point to it and \|outlen\| to its length. This
3065	* memory will not be modified, but one should assume that the SSL* keeps a
3066	* reference to it. The callback should return SSL_TLSEXT_ERR_OK if it
3067	* wishes to advertise. Otherwise, no such extension will be included in the
3068	* ServerHello.
3069	*/
3070	void SSL_CTX_set_npn_advertised_cbSSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
3071	SSL_CTX_npn_advertised_cb_func cb,
3072	void *arg)
3073	{
3074	ctx->ext.npn_advertised_cb = cb;
3075	ctx->ext.npn_advertised_cb_arg = arg;
3076	}
3077
3078	/*
3079	* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
3080	* client needs to select a protocol from the server's provided list. \|out\|
3081	* must be set to point to the selected protocol (which may be within \|in\|).
3082	* The length of the protocol name must be written into \|outlen\|. The
3083	* server's advertised protocols are provided in \|in\| and \|inlen\|. The
3084	* callback can assume that \|in\| is syntactically valid. The client must
3085	* select a protocol. It is fatal to the connection if this callback returns
3086	* a value other than SSL_TLSEXT_ERR_OK.
3087	*/
3088	void SSL_CTX_set_npn_select_cbSSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
3089	SSL_CTX_npn_select_cb_func cb,
3090	void *arg)
3091	{
3092	ctx->ext.npn_select_cb = cb;
3093	ctx->ext.npn_select_cb_arg = arg;
3094	}
3095	#endif
3096
3097	static int alpn_value_ok(const unsigned char *protos, unsigned int protos_len)
3098	{
3099	unsigned int idx;
3100
3101	if (protos_len < 2 \|\| protos == NULL((void*)0))
3102	return 0;
3103
3104	for (idx = 0; idx < protos_len; idx += protos[idx] + 1) {
3105	if (protos[idx] == 0)
3106	return 0;
3107	}
3108	return idx == protos_len;
3109	}
3110	/*
3111	* SSL_CTX_set_alpn_protos sets the ALPN protocol list on \|ctx\| to \|protos\|.
3112	* \|protos\| must be in wire-format (i.e. a series of non-empty, 8-bit
3113	* length-prefixed strings). Returns 0 on success.
3114	*/
3115	int SSL_CTX_set_alpn_protos(SSL_CTX ctx, const unsigned char protos,
3116	unsigned int protos_len)
3117	{
3118	unsigned char *alpn;
3119
3120	if (protos_len == 0 \|\| protos == NULL((void*)0)) {
3121	OPENSSL_free(ctx->ext.alpn)CRYPTO_free(ctx->ext.alpn, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3121);
3122	ctx->ext.alpn = NULL((void*)0);
3123	ctx->ext.alpn_len = 0;
3124	return 0;
3125	}
3126	/* Not valid per RFC */
3127	if (!alpn_value_ok(protos, protos_len))
3128	return 1;
3129
3130	alpn = OPENSSL_memdup(protos, protos_len)CRYPTO_memdup((protos), protos_len, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3130);
3131	if (alpn == NULL((void*)0)) {
3132	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3132,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
3133	return 1;
3134	}
3135	OPENSSL_free(ctx->ext.alpn)CRYPTO_free(ctx->ext.alpn, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3135);
3136	ctx->ext.alpn = alpn;
3137	ctx->ext.alpn_len = protos_len;
3138
3139	return 0;
3140	}
3141
3142	/*
3143	* SSL_set_alpn_protos sets the ALPN protocol list on \|ssl\| to \|protos\|.
3144	* \|protos\| must be in wire-format (i.e. a series of non-empty, 8-bit
3145	* length-prefixed strings). Returns 0 on success.
3146	*/
3147	int SSL_set_alpn_protos(SSL ssl, const unsigned char protos,
3148	unsigned int protos_len)
3149	{
3150	unsigned char *alpn;
3151
3152	if (protos_len == 0 \|\| protos == NULL((void*)0)) {
3153	OPENSSL_free(ssl->ext.alpn)CRYPTO_free(ssl->ext.alpn, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3153);
3154	ssl->ext.alpn = NULL((void*)0);
3155	ssl->ext.alpn_len = 0;
3156	return 0;
3157	}
3158	/* Not valid per RFC */
3159	if (!alpn_value_ok(protos, protos_len))
3160	return 1;
3161
3162	alpn = OPENSSL_memdup(protos, protos_len)CRYPTO_memdup((protos), protos_len, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3162);
3163	if (alpn == NULL((void*)0)) {
3164	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3164,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
3165	return 1;
3166	}
3167	OPENSSL_free(ssl->ext.alpn)CRYPTO_free(ssl->ext.alpn, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3167);
3168	ssl->ext.alpn = alpn;
3169	ssl->ext.alpn_len = protos_len;
3170
3171	return 0;
3172	}
3173
3174	/*
3175	* SSL_CTX_set_alpn_select_cb sets a callback function on \|ctx\| that is
3176	* called during ClientHello processing in order to select an ALPN protocol
3177	* from the client's list of offered protocols.
3178	*/
3179	void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
3180	SSL_CTX_alpn_select_cb_func cb,
3181	void *arg)
3182	{
3183	ctx->ext.alpn_select_cb = cb;
3184	ctx->ext.alpn_select_cb_arg = arg;
3185	}
3186
3187	/*
3188	* SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from \|ssl\|.
3189	* On return it sets \|data\| to point to \|len\| bytes of protocol name
3190	* (not including the leading length-prefix byte). If the server didn't
3191	* respond with a negotiated protocol then \|*len\| will be zero.
3192	*/
3193	void SSL_get0_alpn_selected(const SSL ssl, const unsigned char *data,
3194	unsigned int *len)
3195	{
3196	*data = ssl->s3.alpn_selected;
3197	if (data == NULL((void)0))
3198	*len = 0;
3199	else
3200	*len = (unsigned int)ssl->s3.alpn_selected_len;
3201	}
3202
3203	int SSL_export_keying_material(SSL s, unsigned char out, size_t olen,
3204	const char *label, size_t llen,
3205	const unsigned char *context, size_t contextlen,
3206	int use_context)
3207	{
3208	if (s->session == NULL((void*)0)
3209	\|\| (s->version < TLS1_VERSION0x0301 && s->version != DTLS1_BAD_VER0x0100))
3210	return -1;
3211
3212	return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
3213	llen, context,
3214	contextlen, use_context);
3215	}
3216
3217	int SSL_export_keying_material_early(SSL s, unsigned char out, size_t olen,
3218	const char *label, size_t llen,
3219	const unsigned char *context,
3220	size_t contextlen)
3221	{
3222	if (s->version != TLS1_3_VERSION0x0304)
3223	return 0;
3224
3225	return tls13_export_keying_material_early(s, out, olen, label, llen,
3226	context, contextlen);
3227	}
3228
3229	static unsigned long ssl_session_hash(const SSL_SESSION *a)
3230	{
3231	const unsigned char *session_id = a->session_id;
3232	unsigned long l;
3233	unsigned char tmp_storage[4];
3234
3235	if (a->session_id_length < sizeof(tmp_storage)) {
3236	memset(tmp_storage, 0, sizeof(tmp_storage));
3237	memcpy(tmp_storage, a->session_id, a->session_id_length);
3238	session_id = tmp_storage;
3239	}
3240
3241	l = (unsigned long)
3242	((unsigned long)session_id[0]) \|
3243	((unsigned long)session_id[1] << 8L) \|
3244	((unsigned long)session_id[2] << 16L) \|
3245	((unsigned long)session_id[3] << 24L);
3246	return l;
3247	}
3248
3249	/*
3250	* NB: If this function (or indeed the hash function which uses a sort of
3251	* coarser function than this one) is changed, ensure
3252	* SSL_CTX_has_matching_session_id() is checked accordingly. It relies on
3253	* being able to construct an SSL_SESSION that will collide with any existing
3254	* session with a matching session ID.
3255	*/
3256	static int ssl_session_cmp(const SSL_SESSION a, const SSL_SESSION b)
3257	{
3258	if (a->ssl_version != b->ssl_version)
3259	return 1;
3260	if (a->session_id_length != b->session_id_length)
3261	return 1;
3262	return memcmp(a->session_id, b->session_id, a->session_id_length);
3263	}
3264
3265	/*
3266	* These wrapper functions should remain rather than redeclaring
3267	* SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
3268	* variable. The reason is that the functions aren't static, they're exposed
3269	* via ssl.h.
3270	*/
3271
3272	SSL_CTX SSL_CTX_new_ex(OSSL_LIB_CTX libctx, const char *propq,
3273	const SSL_METHOD *meth)
3274	{
3275	SSL_CTX ret = NULL((void)0);
3276
3277	if (meth == NULL((void*)0)) {
3278	ERR_raise(ERR_LIB_SSL, SSL_R_NULL_SSL_METHOD_PASSED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3278,__func__), ERR_set_error)((20),(196),((void*)0));
3279	return NULL((void*)0);
3280	}
3281
3282	if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS0x00200000L, NULL((void*)0)))
3283	return NULL((void*)0);
3284
3285	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
3286	ERR_raise(ERR_LIB_SSL, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3286,__func__), ERR_set_error)((20),(269),((void*)0));
3287	goto err;
3288	}
3289	ret = OPENSSL_zalloc(sizeof(ret))CRYPTO_zalloc(sizeof(ret), "../deps/openssl/openssl/ssl/ssl_lib.c" , 3289);
3290	if (ret == NULL((void*)0))
3291	goto err;
3292
3293	/* Init the reference counting before any call to SSL_CTX_free */
3294	ret->references = 1;
3295	ret->lock = CRYPTO_THREAD_lock_new();
3296	if (ret->lock == NULL((void*)0)) {
3297	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3297,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
3298	OPENSSL_free(ret)CRYPTO_free(ret, "../deps/openssl/openssl/ssl/ssl_lib.c", 3298 );
3299	return NULL((void*)0);
3300	}
3301
3302	#ifdef TSAN_REQUIRES_LOCKING
3303	ret->tsan_lock = CRYPTO_THREAD_lock_new();
3304	if (ret->tsan_lock == NULL((void*)0)) {
3305	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3305,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
3306	goto err;
3307	}
3308	#endif
3309
3310	ret->libctx = libctx;
3311	if (propq != NULL((void*)0)) {
3312	ret->propq = OPENSSL_strdup(propq)CRYPTO_strdup(propq, "../deps/openssl/openssl/ssl/ssl_lib.c", 3312);
3313	if (ret->propq == NULL((void*)0))
3314	goto err;
3315	}
3316
3317	ret->method = meth;
3318	ret->min_proto_version = 0;
3319	ret->max_proto_version = 0;
3320	ret->mode = SSL_MODE_AUTO_RETRY0x00000004U;
3321	ret->session_cache_mode = SSL_SESS_CACHE_SERVER0x0002;
3322	ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT(1024*20);
3323	/* We take the system default. */
3324	ret->session_timeout = meth->get_timeout();
3325	ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT(1024*100);
3326	ret->verify_mode = SSL_VERIFY_NONE0x00;
3327	if ((ret->cert = ssl_cert_new()) == NULL((void*)0))
3328	goto err;
3329
3330	ret->sessions = lh_SSL_SESSION_new(ssl_session_hash, ssl_session_cmp);
3331	if (ret->sessions == NULL((void*)0))
3332	goto err;
3333	ret->cert_store = X509_STORE_new();
3334	if (ret->cert_store == NULL((void*)0))
3335	goto err;
3336	#ifndef OPENSSL_NO_CT
3337	ret->ctlog_store = CTLOG_STORE_new_ex(libctx, propq);
3338	if (ret->ctlog_store == NULL((void*)0))
3339	goto err;
3340	#endif
3341
3342	/* initialize cipher/digest methods table */
3343	if (!ssl_load_ciphers(ret))
3344	goto err2;
3345	/* initialise sig algs */
3346	if (!ssl_setup_sig_algs(ret))
3347	goto err2;
3348
3349
3350	if (!ssl_load_groups(ret))
3351	goto err2;
3352
3353	if (!SSL_CTX_set_ciphersuites(ret, OSSL_default_ciphersuites()))
3354	goto err;
3355
3356	if (!ssl_create_cipher_list(ret,
3357	ret->tls13_ciphersuites,
3358	&ret->cipher_list, &ret->cipher_list_by_id,
3359	OSSL_default_cipher_list(), ret->cert)
3360	\|\| sk_SSL_CIPHER_num(ret->cipher_list)OPENSSL_sk_num(ossl_check_const_SSL_CIPHER_sk_type(ret->cipher_list )) <= 0) {
3361	ERR_raise(ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3361,__func__), ERR_set_error)((20),(161),((void*)0));
3362	goto err2;
3363	}
3364
3365	ret->param = X509_VERIFY_PARAM_new();
3366	if (ret->param == NULL((void*)0))
3367	goto err;
3368
3369	/*
3370	* If these aren't available from the provider we'll get NULL returns.
3371	* That's fine but will cause errors later if SSLv3 is negotiated
3372	*/
3373	ret->md5 = ssl_evp_md_fetch(libctx, NID_md54, propq);
3374	ret->sha1 = ssl_evp_md_fetch(libctx, NID_sha164, propq);
3375
3376	if ((ret->ca_names = sk_X509_NAME_new_null()((struct stack_st_X509_NAME )OPENSSL_sk_new_null())) == NULL((void)0))
3377	goto err;
3378
3379	if ((ret->client_ca_names = sk_X509_NAME_new_null()((struct stack_st_X509_NAME )OPENSSL_sk_new_null())) == NULL((void)0))
3380	goto err;
3381
3382	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX1, ret, &ret->ex_data))
3383	goto err;
3384
3385	if ((ret->ext.secure = OPENSSL_secure_zalloc(sizeof(ret->ext.secure))CRYPTO_secure_zalloc(sizeof(ret->ext.secure), "../deps/openssl/openssl/ssl/ssl_lib.c" , 3385)) == NULL((void*)0))
3386	goto err;
3387
3388	/* No compression for DTLS */
3389	if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS0x8))
3390	ret->comp_methods = SSL_COMP_get_compression_methods();
3391
3392	ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH16384;
3393	ret->split_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH16384;
3394
3395	/* Setup RFC5077 ticket keys */
3396	if ((RAND_bytes_ex(libctx, ret->ext.tick_key_name,
3397	sizeof(ret->ext.tick_key_name), 0) <= 0)
3398	\|\| (RAND_priv_bytes_ex(libctx, ret->ext.secure->tick_hmac_key,
3399	sizeof(ret->ext.secure->tick_hmac_key), 0) <= 0)
3400	\|\| (RAND_priv_bytes_ex(libctx, ret->ext.secure->tick_aes_key,
3401	sizeof(ret->ext.secure->tick_aes_key), 0) <= 0))
3402	ret->options \|= SSL_OP_NO_TICKET((uint64_t)1 << (uint64_t)14);
3403
3404	if (RAND_priv_bytes_ex(libctx, ret->ext.cookie_hmac_key,
3405	sizeof(ret->ext.cookie_hmac_key), 0) <= 0)
3406	goto err;
3407
3408	#ifndef OPENSSL_NO_SRP
3409	if (!ssl_ctx_srp_ctx_init_intern(ret))
3410	goto err;
3411	#endif
3412	#ifndef OPENSSL_NO_ENGINE
3413	# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
3414	# define eng_strx(x) #x
3415	# define eng_str(x) eng_strx(x)
3416	/* Use specific client engine automatically... ignore errors */
3417	{
3418	ENGINE *eng;
3419	eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
3420	if (!eng) {
3421	ERR_clear_error();
3422	ENGINE_load_builtin_engines();
3423	eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
3424	}
3425	if (!eng \|\| !SSL_CTX_set_client_cert_engine(ret, eng))
3426	ERR_clear_error();
3427	}
3428	# endif
3429	#endif
3430	/*
3431	* Disable compression by default to prevent CRIME. Applications can
3432	* re-enable compression by configuring
3433	* SSL_CTX_clear_options(ctx, SSL_OP_NO_COMPRESSION);
3434	* or by using the SSL_CONF library. Similarly we also enable TLSv1.3
3435	* middlebox compatibility by default. This may be disabled by default in
3436	* a later OpenSSL version.
3437	*/
3438	ret->options \|= SSL_OP_NO_COMPRESSION((uint64_t)1 << (uint64_t)17) \| SSL_OP_ENABLE_MIDDLEBOX_COMPAT((uint64_t)1 << (uint64_t)20);
3439
3440	ret->ext.status_type = TLSEXT_STATUSTYPE_nothing-1;
3441
3442	/*
3443	* We cannot usefully set a default max_early_data here (which gets
3444	* propagated in SSL_new(), for the following reason: setting the
3445	* SSL field causes tls_construct_stoc_early_data() to tell the
3446	* client that early data will be accepted when constructing a TLS 1.3
3447	* session ticket, and the client will accordingly send us early data
3448	* when using that ticket (if the client has early data to send).
3449	* However, in order for the early data to actually be consumed by
3450	* the application, the application must also have calls to
3451	* SSL_read_early_data(); otherwise we'll just skip past the early data
3452	* and ignore it. So, since the application must add calls to
3453	* SSL_read_early_data(), we also require them to add
3454	* calls to SSL_CTX_set_max_early_data() in order to use early data,
3455	* eliminating the bandwidth-wasting early data in the case described
3456	* above.
3457	*/
3458	ret->max_early_data = 0;
3459
3460	/*
3461	* Default recv_max_early_data is a fully loaded single record. Could be
3462	* split across multiple records in practice. We set this differently to
3463	* max_early_data so that, in the default case, we do not advertise any
3464	* support for early_data, but if a client were to send us some (e.g.
3465	* because of an old, stale ticket) then we will tolerate it and skip over
3466	* it.
3467	*/
3468	ret->recv_max_early_data = SSL3_RT_MAX_PLAIN_LENGTH16384;
3469
3470	/* By default we send two session tickets automatically in TLSv1.3 */
3471	ret->num_tickets = 2;
3472
3473	ssl_ctx_system_config(ret);
3474
3475	return ret;
3476	err:
3477	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3477,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
3478	err2:
3479	SSL_CTX_free(ret);
3480	return NULL((void*)0);
3481	}
3482
3483	SSL_CTX SSL_CTX_new(const SSL_METHOD meth)
3484	{
3485	return SSL_CTX_new_ex(NULL((void)0), NULL((void)0), meth);
3486	}
3487
3488	int SSL_CTX_up_ref(SSL_CTX *ctx)
3489	{
3490	int i;
3491
3492	if (CRYPTO_UP_REF(&ctx->references, &i, ctx->lock) <= 0)
3493	return 0;
3494
3495	REF_PRINT_COUNT("SSL_CTX", ctx)((void)0);;
3496	REF_ASSERT_ISNT(i < 2);
3497	return ((i > 1) ? 1 : 0);
3498	}
3499
3500	void SSL_CTX_free(SSL_CTX *a)
3501	{
3502	int i;
3503	size_t j;
3504
3505	if (a == NULL((void*)0))
3506	return;
3507
3508	CRYPTO_DOWN_REF(&a->references, &i, a->lock);
3509	REF_PRINT_COUNT("SSL_CTX", a)((void)0);;
3510	if (i > 0)
3511	return;
3512	REF_ASSERT_ISNT(i < 0);
3513
3514	X509_VERIFY_PARAM_free(a->param);
3515	dane_ctx_final(&a->dane);
3516
3517	/*
3518	* Free internal session cache. However: the remove_cb() may reference
3519	* the ex_data of SSL_CTX, thus the ex_data store can only be removed
3520	* after the sessions were flushed.
3521	* As the ex_data handling routines might also touch the session cache,
3522	* the most secure solution seems to be: empty (flush) the cache, then
3523	* free ex_data, then finally free the cache.
3524	* (See ticket [openssl.org #212].)
3525	*/
3526	if (a->sessions != NULL((void*)0))
3527	SSL_CTX_flush_sessions(a, 0);
3528
3529	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX1, a, &a->ex_data);
3530	lh_SSL_SESSION_free(a->sessions);
3531	X509_STORE_free(a->cert_store);
3532	#ifndef OPENSSL_NO_CT
3533	CTLOG_STORE_free(a->ctlog_store);
3534	#endif
3535	sk_SSL_CIPHER_free(a->cipher_list)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(a->cipher_list ));
3536	sk_SSL_CIPHER_free(a->cipher_list_by_id)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(a->cipher_list_by_id ));
3537	sk_SSL_CIPHER_free(a->tls13_ciphersuites)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(a->tls13_ciphersuites ));
3538	ssl_cert_free(a->cert);
3539	sk_X509_NAME_pop_free(a->ca_names, X509_NAME_free)OPENSSL_sk_pop_free(ossl_check_X509_NAME_sk_type(a->ca_names ),ossl_check_X509_NAME_freefunc_type(X509_NAME_free));
3540	sk_X509_NAME_pop_free(a->client_ca_names, X509_NAME_free)OPENSSL_sk_pop_free(ossl_check_X509_NAME_sk_type(a->client_ca_names ),ossl_check_X509_NAME_freefunc_type(X509_NAME_free));
3541	sk_X509_pop_free(a->extra_certs, X509_free)OPENSSL_sk_pop_free(ossl_check_X509_sk_type(a->extra_certs ),ossl_check_X509_freefunc_type(X509_free));
3542	a->comp_methods = NULL((void*)0);
3543	#ifndef OPENSSL_NO_SRTP
3544	sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles)OPENSSL_sk_free(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(a-> srtp_profiles));
3545	#endif
3546	#ifndef OPENSSL_NO_SRP
3547	ssl_ctx_srp_ctx_free_intern(a);
3548	#endif
3549	#ifndef OPENSSL_NO_ENGINE
3550	tls_engine_finish(a->client_cert_engine);
3551	#endif
3552
3553	OPENSSL_free(a->ext.ecpointformats)CRYPTO_free(a->ext.ecpointformats, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3553);
3554	OPENSSL_free(a->ext.supportedgroups)CRYPTO_free(a->ext.supportedgroups, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3554);
3555	OPENSSL_free(a->ext.supported_groups_default)CRYPTO_free(a->ext.supported_groups_default, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3555);
3556	OPENSSL_free(a->ext.alpn)CRYPTO_free(a->ext.alpn, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3556);
3557	OPENSSL_secure_free(a->ext.secure)CRYPTO_secure_free(a->ext.secure, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3557);
3558
3559	ssl_evp_md_free(a->md5);
3560	ssl_evp_md_free(a->sha1);
3561
3562	for (j = 0; j < SSL_ENC_NUM_IDX24; j++)
3563	ssl_evp_cipher_free(a->ssl_cipher_methods[j]);
3564	for (j = 0; j < SSL_MD_NUM_IDX14; j++)
3565	ssl_evp_md_free(a->ssl_digest_methods[j]);
3566	for (j = 0; j < a->group_list_len; j++) {
3567	OPENSSL_free(a->group_list[j].tlsname)CRYPTO_free(a->group_list[j].tlsname, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3567);
3568	OPENSSL_free(a->group_list[j].realname)CRYPTO_free(a->group_list[j].realname, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3568);
3569	OPENSSL_free(a->group_list[j].algorithm)CRYPTO_free(a->group_list[j].algorithm, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3569);
3570	}
3571	OPENSSL_free(a->group_list)CRYPTO_free(a->group_list, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3571);
3572
3573	OPENSSL_free(a->sigalg_lookup_cache)CRYPTO_free(a->sigalg_lookup_cache, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3573);
3574
3575	CRYPTO_THREAD_lock_free(a->lock);
3576	#ifdef TSAN_REQUIRES_LOCKING
3577	CRYPTO_THREAD_lock_free(a->tsan_lock);
3578	#endif
3579
3580	OPENSSL_free(a->propq)CRYPTO_free(a->propq, "../deps/openssl/openssl/ssl/ssl_lib.c" , 3580);
3581
3582	OPENSSL_free(a)CRYPTO_free(a, "../deps/openssl/openssl/ssl/ssl_lib.c", 3582);
3583	}
3584
3585	void SSL_CTX_set_default_passwd_cb(SSL_CTX ctx, pem_password_cb cb)
3586	{
3587	ctx->default_passwd_callback = cb;
3588	}
3589
3590	void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX ctx, void u)
3591	{
3592	ctx->default_passwd_callback_userdata = u;
3593	}
3594
3595	pem_password_cb SSL_CTX_get_default_passwd_cb(SSL_CTX ctx)
3596	{
3597	return ctx->default_passwd_callback;
3598	}
3599
3600	void SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX ctx)
3601	{
3602	return ctx->default_passwd_callback_userdata;
3603	}
3604
3605	void SSL_set_default_passwd_cb(SSL s, pem_password_cb cb)
3606	{
3607	s->default_passwd_callback = cb;
3608	}
3609
3610	void SSL_set_default_passwd_cb_userdata(SSL s, void u)
3611	{
3612	s->default_passwd_callback_userdata = u;
3613	}
3614
3615	pem_password_cb SSL_get_default_passwd_cb(SSL s)
3616	{
3617	return s->default_passwd_callback;
3618	}
3619
3620	void SSL_get_default_passwd_cb_userdata(SSL s)
3621	{
3622	return s->default_passwd_callback_userdata;
3623	}
3624
3625	void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
3626	int (cb) (X509_STORE_CTX , void *),
3627	void *arg)
3628	{
3629	ctx->app_verify_callback = cb;
3630	ctx->app_verify_arg = arg;
3631	}
3632
3633	void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
3634	int (cb) (int, X509_STORE_CTX ))
3635	{
3636	ctx->verify_mode = mode;
3637	ctx->default_verify_callback = cb;
3638	}
3639
3640	void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
3641	{
3642	X509_VERIFY_PARAM_set_depth(ctx->param, depth);
3643	}
3644
3645	void SSL_CTX_set_cert_cb(SSL_CTX c, int (cb) (SSL ssl, void arg), void *arg)
3646	{
3647	ssl_cert_set_cert_cb(c->cert, cb, arg);
3648	}
3649
3650	void SSL_set_cert_cb(SSL s, int (cb) (SSL ssl, void arg), void *arg)
3651	{
3652	ssl_cert_set_cert_cb(s->cert, cb, arg);
3653	}
3654
3655	void ssl_set_masks(SSL *s)
3656	{
3657	CERT *c = s->cert;
3658	uint32_t *pvalid = s->s3.tmp.valid_flags;
3659	int rsa_enc, rsa_sign, dh_tmp, dsa_sign;
3660	unsigned long mask_k, mask_a;
3661	int have_ecc_cert, ecdsa_ok;
3662
3663	if (c == NULL((void*)0))
3664	return;
3665
3666	dh_tmp = (c->dh_tmp != NULL((void*)0)
3667	\|\| c->dh_tmp_cb != NULL((void*)0)
3668	\|\| c->dh_tmp_auto);
3669
3670	rsa_enc = pvalid[SSL_PKEY_RSA0] & CERT_PKEY_VALID0x1;
3671	rsa_sign = pvalid[SSL_PKEY_RSA0] & CERT_PKEY_VALID0x1;
3672	dsa_sign = pvalid[SSL_PKEY_DSA_SIGN2] & CERT_PKEY_VALID0x1;
3673	have_ecc_cert = pvalid[SSL_PKEY_ECC3] & CERT_PKEY_VALID0x1;
3674	mask_k = 0;
3675	mask_a = 0;
3676
3677	OSSL_TRACE4(TLS_CIPHER, "dh_tmp=%d rsa_enc=%d rsa_sign=%d dsa_sign=%d\n",((void)0)
3678	dh_tmp, rsa_enc, rsa_sign, dsa_sign)((void)0);
3679
3680	#ifndef OPENSSL_NO_GOST
3681	if (ssl_has_cert(s, SSL_PKEY_GOST12_5126)) {
3682	mask_k \|= SSL_kGOST0x00000010U \| SSL_kGOST180x00000200U;
3683	mask_a \|= SSL_aGOST120x00000080U;
3684	}
3685	if (ssl_has_cert(s, SSL_PKEY_GOST12_2565)) {
3686	mask_k \|= SSL_kGOST0x00000010U \| SSL_kGOST180x00000200U;
3687	mask_a \|= SSL_aGOST120x00000080U;
3688	}
3689	if (ssl_has_cert(s, SSL_PKEY_GOST014)) {
3690	mask_k \|= SSL_kGOST0x00000010U;
3691	mask_a \|= SSL_aGOST010x00000020U;
3692	}
3693	#endif
3694
3695	if (rsa_enc)
3696	mask_k \|= SSL_kRSA0x00000001U;
3697
3698	if (dh_tmp)
3699	mask_k \|= SSL_kDHE0x00000002U;
3700
3701	/*
3702	* If we only have an RSA-PSS certificate allow RSA authentication
3703	* if TLS 1.2 and peer supports it.
3704	*/
3705
3706	if (rsa_enc \|\| rsa_sign \|\| (ssl_has_cert(s, SSL_PKEY_RSA_PSS_SIGN1)
3707	&& pvalid[SSL_PKEY_RSA_PSS_SIGN1] & CERT_PKEY_EXPLICIT_SIGN0x100
3708	&& TLS1_get_version(s)((SSL_version(s) >> 8) == 0x03 ? SSL_version(s) : 0) == TLS1_2_VERSION0x0303))
3709	mask_a \|= SSL_aRSA0x00000001U;
3710
3711	if (dsa_sign) {
3712	mask_a \|= SSL_aDSS0x00000002U;
3713	}
3714
3715	mask_a \|= SSL_aNULL0x00000004U;
3716
3717	/*
3718	* An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
3719	* depending on the key usage extension.
3720	*/
3721	if (have_ecc_cert) {
3722	uint32_t ex_kusage;
3723	ex_kusage = X509_get_key_usage(c->pkeys[SSL_PKEY_ECC3].x509);
3724	ecdsa_ok = ex_kusage & X509v3_KU_DIGITAL_SIGNATURE0x0080;
3725	if (!(pvalid[SSL_PKEY_ECC3] & CERT_PKEY_SIGN0x2))
3726	ecdsa_ok = 0;
3727	if (ecdsa_ok)
3728	mask_a \|= SSL_aECDSA0x00000008U;
3729	}
3730	/* Allow Ed25519 for TLS 1.2 if peer supports it */
3731	if (!(mask_a & SSL_aECDSA0x00000008U) && ssl_has_cert(s, SSL_PKEY_ED255197)
3732	&& pvalid[SSL_PKEY_ED255197] & CERT_PKEY_EXPLICIT_SIGN0x100
3733	&& TLS1_get_version(s)((SSL_version(s) >> 8) == 0x03 ? SSL_version(s) : 0) == TLS1_2_VERSION0x0303)
3734	mask_a \|= SSL_aECDSA0x00000008U;
3735
3736	/* Allow Ed448 for TLS 1.2 if peer supports it */
3737	if (!(mask_a & SSL_aECDSA0x00000008U) && ssl_has_cert(s, SSL_PKEY_ED4488)
3738	&& pvalid[SSL_PKEY_ED4488] & CERT_PKEY_EXPLICIT_SIGN0x100
3739	&& TLS1_get_version(s)((SSL_version(s) >> 8) == 0x03 ? SSL_version(s) : 0) == TLS1_2_VERSION0x0303)
3740	mask_a \|= SSL_aECDSA0x00000008U;
3741
3742	mask_k \|= SSL_kECDHE0x00000004U;
3743
3744	#ifndef OPENSSL_NO_PSK
3745	mask_k \|= SSL_kPSK0x00000008U;
3746	mask_a \|= SSL_aPSK0x00000010U;
3747	if (mask_k & SSL_kRSA0x00000001U)
3748	mask_k \|= SSL_kRSAPSK0x00000040U;
3749	if (mask_k & SSL_kDHE0x00000002U)
3750	mask_k \|= SSL_kDHEPSK0x00000100U;
3751	if (mask_k & SSL_kECDHE0x00000004U)
3752	mask_k \|= SSL_kECDHEPSK0x00000080U;
3753	#endif
3754
3755	s->s3.tmp.mask_k = mask_k;
3756	s->s3.tmp.mask_a = mask_a;
3757	}
3758
3759	int ssl_check_srvr_ecc_cert_and_alg(X509 x, SSL s)
3760	{
3761	if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aECDSA0x00000008U) {
3762	/* key usage, if present, must allow signing */
3763	if (!(X509_get_key_usage(x) & X509v3_KU_DIGITAL_SIGNATURE0x0080)) {
3764	ERR_raise(ERR_LIB_SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3764,__func__), ERR_set_error)((20),(318),((void*)0));
3765	return 0;
3766	}
3767	}
3768	return 1; /* all checks are ok */
3769	}
3770
3771	int ssl_get_server_cert_serverinfo(SSL s, const unsigned char *serverinfo,
3772	size_t *serverinfo_length)
3773	{
3774	CERT_PKEY *cpk = s->s3.tmp.cert;
3775	*serverinfo_length = 0;
3776
3777	if (cpk == NULL((void)0) \|\| cpk->serverinfo == NULL((void)0))
3778	return 0;
3779
3780	*serverinfo = cpk->serverinfo;
3781	*serverinfo_length = cpk->serverinfo_length;
3782	return 1;
3783	}
3784
3785	void ssl_update_cache(SSL *s, int mode)
3786	{
3787	int i;
3788
3789	/*
3790	* If the session_id_length is 0, we are not supposed to cache it, and it
3791	* would be rather hard to do anyway :-)
3792	*/
3793	if (s->session->session_id_length == 0)
3794	return;
3795
3796	/*
3797	* If sid_ctx_length is 0 there is no specific application context
3798	* associated with this session, so when we try to resume it and
3799	* SSL_VERIFY_PEER is requested to verify the client identity, we have no
3800	* indication that this is actually a session for the proper application
3801	* context, and the handshake will fail, not just the resumption attempt.
3802	* Do not cache (on the server) these sessions that are not resumable
3803	* (clients can set SSL_VERIFY_PEER without needing a sid_ctx set).
3804	*/
3805	if (s->server && s->session->sid_ctx_length == 0
3806	&& (s->verify_mode & SSL_VERIFY_PEER0x01) != 0)
3807	return;
3808
3809	i = s->session_ctx->session_cache_mode;
3810	if ((i & mode) != 0
3811	&& (!s->hit \|\| SSL_IS_TLS13(s)(!(s->method->ssl3_enc->enc_flags & 0x8) && (s)->method->version >= 0x0304 && (s)->method ->version != 0x10000))) {
3812	/*
3813	* Add the session to the internal cache. In server side TLSv1.3 we
3814	* normally don't do this because by default it's a full stateless ticket
3815	* with only a dummy session id so there is no reason to cache it,
3816	* unless:
3817	* - we are doing early_data, in which case we cache so that we can
3818	* detect replays
3819	* - the application has set a remove_session_cb so needs to know about
3820	* session timeout events
3821	* - SSL_OP_NO_TICKET is set in which case it is a stateful ticket
3822	*/
3823	if ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE0x0200) == 0
3824	&& (!SSL_IS_TLS13(s)(!(s->method->ssl3_enc->enc_flags & 0x8) && (s)->method->version >= 0x0304 && (s)->method ->version != 0x10000)
3825	\|\| !s->server
3826	\|\| (s->max_early_data > 0
3827	&& (s->options & SSL_OP_NO_ANTI_REPLAY((uint64_t)1 << (uint64_t)24)) == 0)
3828	\|\| s->session_ctx->remove_session_cb != NULL((void*)0)
3829	\|\| (s->options & SSL_OP_NO_TICKET((uint64_t)1 << (uint64_t)14)) != 0))
3830	SSL_CTX_add_session(s->session_ctx, s->session);
3831
3832	/*
3833	* Add the session to the external cache. We do this even in server side
3834	* TLSv1.3 without early data because some applications just want to
3835	* know about the creation of a session and aren't doing a full cache.
3836	*/
3837	if (s->session_ctx->new_session_cb != NULL((void*)0)) {
3838	SSL_SESSION_up_ref(s->session);
3839	if (!s->session_ctx->new_session_cb(s, s->session))
3840	SSL_SESSION_free(s->session);
3841	}
3842	}
3843
3844	/* auto flush every 255 connections */
3845	if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR0x0080)) && ((i & mode) == mode)) {
3846	TSAN_QUALIFIER_Atomic int *stat;
3847
3848	if (mode & SSL_SESS_CACHE_CLIENT0x0001)
3849	stat = &s->session_ctx->stats.sess_connect_good;
3850	else
3851	stat = &s->session_ctx->stats.sess_accept_good;
3852	if ((ssl_tsan_load(s->session_ctx, stat) & 0xff) == 0xff)
3853	SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL((void*)0)));
3854	}
3855	}
3856
3857	const SSL_METHOD SSL_CTX_get_ssl_method(const SSL_CTX ctx)
3858	{
3859	return ctx->method;
3860	}
3861
3862	const SSL_METHOD SSL_get_ssl_method(const SSL s)
3863	{
3864	return s->method;
3865	}
3866
3867	int SSL_set_ssl_method(SSL s, const SSL_METHOD meth)
3868	{
3869	int ret = 1;
3870
3871	if (s->method != meth) {
3872	const SSL_METHOD *sm = s->method;
3873	int (hf) (SSL ) = s->handshake_func;
3874
3875	if (sm->version == meth->version)
3876	s->method = meth;
3877	else {
3878	sm->ssl_free(s);
3879	s->method = meth;
3880	ret = s->method->ssl_new(s);
3881	}
3882
3883	if (hf == sm->ssl_connect)
3884	s->handshake_func = meth->ssl_connect;
3885	else if (hf == sm->ssl_accept)
3886	s->handshake_func = meth->ssl_accept;
3887	}
3888	return ret;
3889	}
3890
3891	int SSL_get_error(const SSL *s, int i)
3892	{
3893	int reason;
3894	unsigned long l;
3895	BIO *bio;
3896
3897	if (i > 0)
3898	return SSL_ERROR_NONE0;
3899
3900	/*
3901	* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
3902	* where we do encode the error
3903	*/
3904	if ((l = ERR_peek_error()) != 0) {
3905	if (ERR_GET_LIB(l) == ERR_LIB_SYS2)
3906	return SSL_ERROR_SYSCALL5;
3907	else
3908	return SSL_ERROR_SSL1;
3909	}
3910
3911	if (SSL_want_read(s)(SSL_want(s) == 3)) {
3912	#ifndef OPENSSL_NO_QUIC
3913	if (SSL_IS_QUIC(s)(s->quic_method != ((void*)0))) {
3914	return SSL_ERROR_WANT_READ2;
3915	}
3916	#endif
3917	bio = SSL_get_rbio(s);
3918	if (BIO_should_read(bio)BIO_test_flags(bio, 0x01))
3919	return SSL_ERROR_WANT_READ2;
3920	else if (BIO_should_write(bio)BIO_test_flags(bio, 0x02))
3921	/*
3922	* This one doesn't make too much sense ... We never try to write
3923	* to the rbio, and an application program where rbio and wbio
3924	* are separate couldn't even know what it should wait for.
3925	* However if we ever set s->rwstate incorrectly (so that we have
3926	* SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
3927	* wbio are the same, this test works around that bug; so it
3928	* might be safer to keep it.
3929	*/
3930	return SSL_ERROR_WANT_WRITE3;
3931	else if (BIO_should_io_special(bio)BIO_test_flags(bio, 0x04)) {
3932	reason = BIO_get_retry_reason(bio);
3933	if (reason == BIO_RR_CONNECT0x02)
3934	return SSL_ERROR_WANT_CONNECT7;
3935	else if (reason == BIO_RR_ACCEPT0x03)
3936	return SSL_ERROR_WANT_ACCEPT8;
3937	else
3938	return SSL_ERROR_SYSCALL5; /* unknown */
3939	}
3940	}
3941
3942	if (SSL_want_write(s)(SSL_want(s) == 2)) {
3943	/* Access wbio directly - in order to use the buffered bio if present */
3944	bio = s->wbio;
3945	if (BIO_should_write(bio)BIO_test_flags(bio, 0x02))
3946	return SSL_ERROR_WANT_WRITE3;
3947	else if (BIO_should_read(bio)BIO_test_flags(bio, 0x01))
3948	/*
3949	* See above (SSL_want_read(s) with BIO_should_write(bio))
3950	*/
3951	return SSL_ERROR_WANT_READ2;
3952	else if (BIO_should_io_special(bio)BIO_test_flags(bio, 0x04)) {
3953	reason = BIO_get_retry_reason(bio);
3954	if (reason == BIO_RR_CONNECT0x02)
3955	return SSL_ERROR_WANT_CONNECT7;
3956	else if (reason == BIO_RR_ACCEPT0x03)
3957	return SSL_ERROR_WANT_ACCEPT8;
3958	else
3959	return SSL_ERROR_SYSCALL5;
3960	}
3961	}
3962	if (SSL_want_x509_lookup(s)(SSL_want(s) == 4))
3963	return SSL_ERROR_WANT_X509_LOOKUP4;
3964	if (SSL_want_retry_verify(s)(SSL_want(s) == 8))
3965	return SSL_ERROR_WANT_RETRY_VERIFY12;
3966	if (SSL_want_async(s)(SSL_want(s) == 5))
3967	return SSL_ERROR_WANT_ASYNC9;
3968	if (SSL_want_async_job(s)(SSL_want(s) == 6))
3969	return SSL_ERROR_WANT_ASYNC_JOB10;
3970	if (SSL_want_client_hello_cb(s)(SSL_want(s) == 7))
3971	return SSL_ERROR_WANT_CLIENT_HELLO_CB11;
3972
3973	if ((s->shutdown & SSL_RECEIVED_SHUTDOWN2) &&
3974	(s->s3.warn_alert == SSL_AD_CLOSE_NOTIFY0))
3975	return SSL_ERROR_ZERO_RETURN6;
3976
3977	return SSL_ERROR_SYSCALL5;
3978	}
3979
3980	static int ssl_do_handshake_intern(void *vargs)
3981	{
3982	struct ssl_async_args *args;
3983	SSL *s;
3984
3985	args = (struct ssl_async_args *)vargs;
3986	s = args->s;
3987
3988	return s->handshake_func(s);
3989	}
3990
3991	int SSL_do_handshake(SSL *s)
3992	{
3993	int ret = 1;
3994
3995	if (s->handshake_func == NULL((void*)0)) {
3996	ERR_raise(ERR_LIB_SSL, SSL_R_CONNECTION_TYPE_NOT_SET)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,3996,__func__), ERR_set_error)((20),(144),((void*)0));
3997	return -1;
3998	}
3999
4000	ossl_statem_check_finish_init(s, -1);
4001
4002	s->method->ssl_renegotiate_check(s, 0);
4003
4004	if (SSL_in_init(s) \|\| SSL_in_before(s)) {
4005	if ((s->mode & SSL_MODE_ASYNC0x00000100U) && ASYNC_get_current_job() == NULL((void*)0)) {
4006	struct ssl_async_args args;
4007
4008	memset(&args, 0, sizeof(args));
4009	args.s = s;
4010
4011	ret = ssl_start_async_job(s, &args, ssl_do_handshake_intern);
4012	} else {
4013	ret = s->handshake_func(s);
4014	}
4015	}
4016	#ifndef OPENSSL_NO_QUIC
4017	if (SSL_IS_QUIC(s)(s->quic_method != ((void*)0)) && ret == 1) {
4018	if (s->server) {
4019	if (s->early_data_state == SSL_EARLY_DATA_ACCEPTING) {
4020	s->early_data_state = SSL_EARLY_DATA_FINISHED_READING;
4021	s->rwstate = SSL_READING3;
4022	ret = 0;
4023	}
4024	} else if (s->early_data_state == SSL_EARLY_DATA_CONNECTING) {
4025	s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY;
4026	s->rwstate = SSL_READING3;
4027	ret = 0;
4028	}
4029	}
4030	#endif
4031	return ret;
4032	}
4033
4034	void SSL_set_accept_state(SSL *s)
4035	{
4036	s->server = 1;
4037	s->shutdown = 0;
4038	ossl_statem_clear(s);
4039	s->handshake_func = s->method->ssl_accept;
4040	clear_ciphers(s);
4041	}
4042
4043	void SSL_set_connect_state(SSL *s)
4044	{
4045	s->server = 0;
4046	s->shutdown = 0;
4047	ossl_statem_clear(s);
4048	s->handshake_func = s->method->ssl_connect;
4049	clear_ciphers(s);
4050	}
4051
4052	int ssl_undefined_function(SSL *s)
4053	{
4054	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,4054,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
4055	return 0;
4056	}
4057
4058	int ssl_undefined_void_function(void)
4059	{
4060	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,4060,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
4061	return 0;
4062	}
4063
4064	int ssl_undefined_const_function(const SSL *s)
4065	{
4066	return 0;
4067	}
4068
4069	const SSL_METHOD *ssl_bad_method(int ver)
4070	{
4071	ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,4071,__func__), ERR_set_error)((20),((257\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
4072	return NULL((void*)0);
4073	}
4074
4075	const char *ssl_protocol_to_string(int version)
4076	{
4077	switch(version)
4078	{
4079	case TLS1_3_VERSION0x0304:
4080	return "TLSv1.3";
4081
4082	case TLS1_2_VERSION0x0303:
4083	return "TLSv1.2";
4084
4085	case TLS1_1_VERSION0x0302:
4086	return "TLSv1.1";
4087
4088	case TLS1_VERSION0x0301:
4089	return "TLSv1";
4090
4091	case SSL3_VERSION0x0300:
4092	return "SSLv3";
4093
4094	case DTLS1_BAD_VER0x0100:
4095	return "DTLSv0.9";
4096
4097	case DTLS1_VERSION0xFEFF:
4098	return "DTLSv1";
4099
4100	case DTLS1_2_VERSION0xFEFD:
4101	return "DTLSv1.2";
4102
4103	default:
4104	return "unknown";
4105	}
4106	}
4107
4108	const char SSL_get_version(const SSL s)
4109	{
4110	return ssl_protocol_to_string(s->version);
4111	}
4112
4113	static int dup_ca_names(STACK_OF(X509_NAME)struct stack_st_X509_NAME *dst, STACK_OF(X509_NAME)struct stack_st_X509_NAME src)
4114	{
4115	STACK_OF(X509_NAME)struct stack_st_X509_NAME *sk;
4116	X509_NAME *xn;
4117	int i;
4118
4119	if (src == NULL((void*)0)) {
4120	dst = NULL((void)0);
4121	return 1;
4122	}
4123
4124	if ((sk = sk_X509_NAME_new_null()((struct stack_st_X509_NAME )OPENSSL_sk_new_null())) == NULL((void)0))
4125	return 0;
4126	for (i = 0; i < sk_X509_NAME_num(src)OPENSSL_sk_num(ossl_check_const_X509_NAME_sk_type(src)); i++) {
4127	xn = X509_NAME_dup(sk_X509_NAME_value(src, i)((X509_NAME *)OPENSSL_sk_value(ossl_check_const_X509_NAME_sk_type (src), (i))));
4128	if (xn == NULL((void*)0)) {
4129	sk_X509_NAME_pop_free(sk, X509_NAME_free)OPENSSL_sk_pop_free(ossl_check_X509_NAME_sk_type(sk),ossl_check_X509_NAME_freefunc_type (X509_NAME_free));
4130	return 0;
4131	}
4132	if (sk_X509_NAME_insert(sk, xn, i)OPENSSL_sk_insert(ossl_check_X509_NAME_sk_type(sk), ossl_check_X509_NAME_type (xn), (i)) == 0) {
4133	X509_NAME_free(xn);
4134	sk_X509_NAME_pop_free(sk, X509_NAME_free)OPENSSL_sk_pop_free(ossl_check_X509_NAME_sk_type(sk),ossl_check_X509_NAME_freefunc_type (X509_NAME_free));
4135	return 0;
4136	}
4137	}
4138	*dst = sk;
4139
4140	return 1;
4141	}
4142
4143	SSL SSL_dup(SSL s)
4144	{
4145	SSL *ret;
4146	int i;
4147
4148	/* If we're not quiescent, just up_ref! */
4149	if (!SSL_in_init(s) \|\| !SSL_in_before(s)) {
4150	CRYPTO_UP_REF(&s->references, &i, s->lock);
4151	return s;
4152	}
4153
4154	/*
4155	* Otherwise, copy configuration state, and session if set.
4156	*/
4157	if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL((void*)0))
4158	return NULL((void*)0);
4159
4160	if (s->session != NULL((void*)0)) {
4161	/*
4162	* Arranges to share the same session via up_ref. This "copies"
4163	* session-id, SSL_METHOD, sid_ctx, and 'cert'
4164	*/
4165	if (!SSL_copy_session_id(ret, s))
4166	goto err;
4167	} else {
4168	/*
4169	* No session has been established yet, so we have to expect that
4170	* s->cert or ret->cert will be changed later -- they should not both
4171	* point to the same object, and thus we can't use
4172	* SSL_copy_session_id.
4173	*/
4174	if (!SSL_set_ssl_method(ret, s->method))
4175	goto err;
4176
4177	if (s->cert != NULL((void*)0)) {
4178	ssl_cert_free(ret->cert);
4179	ret->cert = ssl_cert_dup(s->cert);
4180	if (ret->cert == NULL((void*)0))
4181	goto err;
4182	}
4183
4184	if (!SSL_set_session_id_context(ret, s->sid_ctx,
4185	(int)s->sid_ctx_length))
4186	goto err;
4187	}
4188
4189	if (!ssl_dane_dup(ret, s))
4190	goto err;
4191	ret->version = s->version;
4192	ret->options = s->options;
4193	ret->min_proto_version = s->min_proto_version;
4194	ret->max_proto_version = s->max_proto_version;
4195	ret->mode = s->mode;
4196	SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s))SSL_ctrl(ret,51,SSL_ctrl(s,50,0,((void)0)),((void)0));
4197	SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
4198	ret->msg_callback = s->msg_callback;
4199	ret->msg_callback_arg = s->msg_callback_arg;
4200	SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s));
4201	SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
4202	ret->generate_session_id = s->generate_session_id;
4203
4204	SSL_set_info_callback(ret, SSL_get_info_callback(s));
4205
4206	/* copy app data, a little dangerous perhaps */
4207	if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL0, &ret->ex_data, &s->ex_data))
4208	goto err;
4209
4210	ret->server = s->server;
4211	if (s->handshake_func) {
4212	if (s->server)
4213	SSL_set_accept_state(ret);
4214	else
4215	SSL_set_connect_state(ret);
4216	}
4217	ret->shutdown = s->shutdown;
4218	ret->hit = s->hit;
4219
4220	ret->default_passwd_callback = s->default_passwd_callback;
4221	ret->default_passwd_callback_userdata = s->default_passwd_callback_userdata;
4222
4223	X509_VERIFY_PARAM_inherit(ret->param, s->param);
4224
4225	/* dup the cipher_list and cipher_list_by_id stacks */
4226	if (s->cipher_list != NULL((void*)0)) {
4227	if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)((struct stack_st_SSL_CIPHER )OPENSSL_sk_dup(ossl_check_const_SSL_CIPHER_sk_type (s->cipher_list)))) == NULL((void)0))
4228	goto err;
4229	}
4230	if (s->cipher_list_by_id != NULL((void*)0))
4231	if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id)((struct stack_st_SSL_CIPHER *)OPENSSL_sk_dup(ossl_check_const_SSL_CIPHER_sk_type (s->cipher_list_by_id))))
4232	== NULL((void*)0))
4233	goto err;
4234
4235	/* Dup the client_CA list */
4236	if (!dup_ca_names(&ret->ca_names, s->ca_names)
4237	\|\| !dup_ca_names(&ret->client_ca_names, s->client_ca_names))
4238	goto err;
4239
4240	return ret;
4241
4242	err:
4243	SSL_free(ret);
4244	return NULL((void*)0);
4245	}
4246
4247	void ssl_clear_cipher_ctx(SSL *s)
4248	{
4249	if (s->enc_read_ctx != NULL((void*)0)) {
4250	EVP_CIPHER_CTX_free(s->enc_read_ctx);
4251	s->enc_read_ctx = NULL((void*)0);
4252	}
4253	if (s->enc_write_ctx != NULL((void*)0)) {
4254	EVP_CIPHER_CTX_free(s->enc_write_ctx);
4255	s->enc_write_ctx = NULL((void*)0);
4256	}
4257	#ifndef OPENSSL_NO_COMP
4258	COMP_CTX_free(s->expand);
4259	s->expand = NULL((void*)0);
4260	COMP_CTX_free(s->compress);
4261	s->compress = NULL((void*)0);
4262	#endif
4263	}
4264
4265	X509 SSL_get_certificate(const SSL s)
4266	{
4267	if (s->cert != NULL((void*)0))
4268	return s->cert->key->x509;
4269	else
4270	return NULL((void*)0);
4271	}
4272
4273	EVP_PKEY SSL_get_privatekey(const SSL s)
4274	{
4275	if (s->cert != NULL((void*)0))
4276	return s->cert->key->privatekey;
4277	else
4278	return NULL((void*)0);
4279	}
4280
4281	X509 SSL_CTX_get0_certificate(const SSL_CTX ctx)
4282	{
4283	if (ctx->cert != NULL((void*)0))
4284	return ctx->cert->key->x509;
4285	else
4286	return NULL((void*)0);
4287	}
4288
4289	EVP_PKEY SSL_CTX_get0_privatekey(const SSL_CTX ctx)
4290	{
4291	if (ctx->cert != NULL((void*)0))
4292	return ctx->cert->key->privatekey;
4293	else
4294	return NULL((void*)0);
4295	}
4296
4297	const SSL_CIPHER SSL_get_current_cipher(const SSL s)
4298	{
4299	if ((s->session != NULL((void)0)) && (s->session->cipher != NULL((void)0)))
4300	return s->session->cipher;
4301	return NULL((void*)0);
4302	}
4303
4304	const SSL_CIPHER SSL_get_pending_cipher(const SSL s)
4305	{
4306	return s->s3.tmp.new_cipher;
4307	}
4308
4309	const COMP_METHOD SSL_get_current_compression(const SSL s)
4310	{
4311	#ifndef OPENSSL_NO_COMP
4312	return s->compress ? COMP_CTX_get_method(s->compress) : NULL((void*)0);
4313	#else
4314	return NULL((void*)0);
4315	#endif
4316	}
4317
4318	const COMP_METHOD SSL_get_current_expansion(const SSL s)
4319	{
4320	#ifndef OPENSSL_NO_COMP
4321	return s->expand ? COMP_CTX_get_method(s->expand) : NULL((void*)0);
4322	#else
4323	return NULL((void*)0);
4324	#endif
4325	}
4326
4327	int ssl_init_wbio_buffer(SSL *s)
4328	{
4329	BIO *bbio;
4330
4331	if (s->bbio != NULL((void*)0)) {
4332	/* Already buffered. */
4333	return 1;
4334	}
4335
4336	bbio = BIO_new(BIO_f_buffer());
4337	if (bbio == NULL((void*)0) \|\| !BIO_set_read_buffer_size(bbio, 1)BIO_int_ctrl(bbio,117,1,0)) {
4338	BIO_free(bbio);
4339	ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,4339,__func__), ERR_set_error)((20),((7 \| (0x2 << 18L) )),((void*)0));
4340	return 0;
4341	}
4342	s->bbio = bbio;
4343	s->wbio = BIO_push(bbio, s->wbio);
4344
4345	return 1;
4346	}
4347
4348	int ssl_free_wbio_buffer(SSL *s)
4349	{
4350	/* callers ensure s is never null */
4351	if (s->bbio == NULL((void*)0))
4352	return 1;
4353
4354	s->wbio = BIO_pop(s->wbio);
4355	BIO_free(s->bbio);
4356	s->bbio = NULL((void*)0);
4357
4358	return 1;
4359	}
4360
4361	void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
4362	{
4363	ctx->quiet_shutdown = mode;
4364	}
4365
4366	int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
4367	{
4368	return ctx->quiet_shutdown;
4369	}
4370
4371	void SSL_set_quiet_shutdown(SSL *s, int mode)
4372	{
4373	s->quiet_shutdown = mode;
4374	}
4375
4376	int SSL_get_quiet_shutdown(const SSL *s)
4377	{
4378	return s->quiet_shutdown;
4379	}
4380
4381	void SSL_set_shutdown(SSL *s, int mode)
4382	{
4383	s->shutdown = mode;
4384	}
4385
4386	int SSL_get_shutdown(const SSL *s)
4387	{
4388	return s->shutdown;
4389	}
4390
4391	int SSL_version(const SSL *s)
4392	{
4393	return s->version;
4394	}
4395
4396	int SSL_client_version(const SSL *s)
4397	{
4398	return s->client_version;
4399	}
4400
4401	SSL_CTX SSL_get_SSL_CTX(const SSL ssl)
4402	{
4403	return ssl->ctx;
4404	}
4405
4406	SSL_CTX SSL_set_SSL_CTX(SSL ssl, SSL_CTX *ctx)
4407	{
4408	CERT *new_cert;
4409	if (ssl->ctx == ctx)
4410	return ssl->ctx;
4411	if (ctx == NULL((void*)0))
4412	ctx = ssl->session_ctx;
4413	new_cert = ssl_cert_dup(ctx->cert);
4414	if (new_cert == NULL((void*)0)) {
4415	return NULL((void*)0);
4416	}
4417
4418	if (!custom_exts_copy_flags(&new_cert->custext, &ssl->cert->custext)) {
4419	ssl_cert_free(new_cert);
4420	return NULL((void*)0);
4421	}
4422
4423	ssl_cert_free(ssl->cert);
4424	ssl->cert = new_cert;
4425
4426	/*
4427	* Program invariant: \|sid_ctx\| has fixed size (SSL_MAX_SID_CTX_LENGTH),
4428	* so setter APIs must prevent invalid lengths from entering the system.
4429	*/
4430	if (!ossl_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx))((ssl->sid_ctx_length <= sizeof(ssl->sid_ctx)) != 0))
4431	return NULL((void*)0);
4432
4433	/*
4434	* If the session ID context matches that of the parent SSL_CTX,
4435	* inherit it from the new SSL_CTX as well. If however the context does
4436	* not match (i.e., it was set per-ssl with SSL_set_session_id_context),
4437	* leave it unchanged.
4438	*/
4439	if ((ssl->ctx != NULL((void*)0)) &&
4440	(ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) &&
4441	(memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) {
4442	ssl->sid_ctx_length = ctx->sid_ctx_length;
4443	memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
4444	}
4445
4446	SSL_CTX_up_ref(ctx);
4447	SSL_CTX_free(ssl->ctx); /* decrement reference count */
4448	ssl->ctx = ctx;
4449
4450	return ssl->ctx;
4451	}
4452
4453	int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
4454	{
4455	return X509_STORE_set_default_paths_ex(ctx->cert_store, ctx->libctx,
4456	ctx->propq);
4457	}
4458
4459	int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx)
4460	{
4461	X509_LOOKUP *lookup;
4462
4463	lookup = X509_STORE_add_lookup(ctx->cert_store, X509_LOOKUP_hash_dir());
4464	if (lookup == NULL((void*)0))
4465	return 0;
4466
4467	/* We ignore errors, in case the directory doesn't exist */
4468	ERR_set_mark();
4469
4470	X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT)X509_LOOKUP_ctrl((lookup),2,(((void)0)),(long)(3),((void)0) );
4471
4472	ERR_pop_to_mark();
4473
4474	return 1;
4475	}
4476
4477	int SSL_CTX_set_default_verify_file(SSL_CTX *ctx)
4478	{
4479	X509_LOOKUP *lookup;
4480
4481	lookup = X509_STORE_add_lookup(ctx->cert_store, X509_LOOKUP_file());
4482	if (lookup == NULL((void*)0))
4483	return 0;
4484
4485	/* We ignore errors, in case the file doesn't exist */
4486	ERR_set_mark();
4487
4488	X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, ctx->libctx,X509_LOOKUP_ctrl_ex((lookup), 1, (((void)0)), (long)(3), ((void )0), (ctx->libctx), (ctx->propq))
4489	ctx->propq)X509_LOOKUP_ctrl_ex((lookup), 1, (((void)0)), (long)(3), ((void )0), (ctx->libctx), (ctx->propq));
4490
4491	ERR_pop_to_mark();
4492
4493	return 1;
4494	}
4495
4496	int SSL_CTX_set_default_verify_store(SSL_CTX *ctx)
4497	{
4498	X509_LOOKUP *lookup;
4499
4500	lookup = X509_STORE_add_lookup(ctx->cert_store, X509_LOOKUP_store());
4501	if (lookup == NULL((void*)0))
4502	return 0;
4503
4504	/* We ignore errors, in case the directory doesn't exist */
4505	ERR_set_mark();
4506
4507	X509_LOOKUP_add_store_ex(lookup, NULL, ctx->libctx, ctx->propq)X509_LOOKUP_ctrl_ex((lookup), 3, (((void)0)), 0, ((void)0), (ctx->libctx), (ctx->propq));
4508
4509	ERR_pop_to_mark();
4510
4511	return 1;
4512	}
4513
4514	int SSL_CTX_load_verify_file(SSL_CTX ctx, const char CAfile)
4515	{
4516	return X509_STORE_load_file_ex(ctx->cert_store, CAfile, ctx->libctx,
4517	ctx->propq);
4518	}
4519
4520	int SSL_CTX_load_verify_dir(SSL_CTX ctx, const char CApath)
4521	{
4522	return X509_STORE_load_path(ctx->cert_store, CApath);
4523	}
4524
4525	int SSL_CTX_load_verify_store(SSL_CTX ctx, const char CAstore)
4526	{
4527	return X509_STORE_load_store_ex(ctx->cert_store, CAstore, ctx->libctx,
4528	ctx->propq);
4529	}
4530
4531	int SSL_CTX_load_verify_locations(SSL_CTX ctx, const char CAfile,
4532	const char *CApath)
4533	{
4534	if (CAfile == NULL((void)0) && CApath == NULL((void)0))
4535	return 0;
4536	if (CAfile != NULL((void*)0) && !SSL_CTX_load_verify_file(ctx, CAfile))
4537	return 0;
4538	if (CApath != NULL((void*)0) && !SSL_CTX_load_verify_dir(ctx, CApath))
4539	return 0;
4540	return 1;
4541	}
4542
4543	void SSL_set_info_callback(SSL *ssl,
4544	void (cb) (const SSL ssl, int type, int val))
4545	{
4546	ssl->info_callback = cb;
4547	}
4548
4549	/*
4550	* One compiler (Diab DCC) doesn't like argument names in returned function
4551	* pointer.
4552	*/
4553	void (SSL_get_info_callback(const SSL ssl)) (const SSL * /* ssl */ ,
4554	int /* type */ ,
4555	int /* val */ ) {
4556	return ssl->info_callback;
4557	}
4558
4559	void SSL_set_verify_result(SSL *ssl, long arg)
4560	{
4561	ssl->verify_result = arg;
4562	}
4563
4564	long SSL_get_verify_result(const SSL *ssl)
4565	{
4566	return ssl->verify_result;
4567	}
4568
4569	size_t SSL_get_client_random(const SSL ssl, unsigned char out, size_t outlen)
4570	{
4571	if (outlen == 0)
4572	return sizeof(ssl->s3.client_random);
4573	if (outlen > sizeof(ssl->s3.client_random))
4574	outlen = sizeof(ssl->s3.client_random);
4575	memcpy(out, ssl->s3.client_random, outlen);
4576	return outlen;
4577	}
4578
4579	size_t SSL_get_server_random(const SSL ssl, unsigned char out, size_t outlen)
4580	{
4581	if (outlen == 0)
4582	return sizeof(ssl->s3.server_random);
4583	if (outlen > sizeof(ssl->s3.server_random))
4584	outlen = sizeof(ssl->s3.server_random);
4585	memcpy(out, ssl->s3.server_random, outlen);
4586	return outlen;
4587	}
4588
4589	size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
4590	unsigned char *out, size_t outlen)
4591	{
4592	if (outlen == 0)
4593	return session->master_key_length;
4594	if (outlen > session->master_key_length)
4595	outlen = session->master_key_length;
4596	memcpy(out, session->master_key, outlen);
4597	return outlen;
4598	}
4599
4600	int SSL_SESSION_set1_master_key(SSL_SESSION sess, const unsigned char in,
4601	size_t len)
4602	{
4603	if (len > sizeof(sess->master_key))
4604	return 0;
4605
4606	memcpy(sess->master_key, in, len);
4607	sess->master_key_length = len;
4608	return 1;
4609	}
4610
4611
4612	int SSL_set_ex_data(SSL s, int idx, void arg)
4613	{
4614	return CRYPTO_set_ex_data(&s->ex_data, idx, arg);
4615	}
4616
4617	void SSL_get_ex_data(const SSL s, int idx)
4618	{
4619	return CRYPTO_get_ex_data(&s->ex_data, idx);
4620	}
4621
4622	int SSL_CTX_set_ex_data(SSL_CTX s, int idx, void arg)
4623	{
4624	return CRYPTO_set_ex_data(&s->ex_data, idx, arg);
4625	}
4626
4627	void SSL_CTX_get_ex_data(const SSL_CTX s, int idx)
4628	{
4629	return CRYPTO_get_ex_data(&s->ex_data, idx);
4630	}
4631
4632	X509_STORE SSL_CTX_get_cert_store(const SSL_CTX ctx)
4633	{
4634	return ctx->cert_store;
4635	}
4636
4637	void SSL_CTX_set_cert_store(SSL_CTX ctx, X509_STORE store)
4638	{
4639	X509_STORE_free(ctx->cert_store);
4640	ctx->cert_store = store;
4641	}
4642
4643	void SSL_CTX_set1_cert_store(SSL_CTX ctx, X509_STORE store)
4644	{
4645	if (store != NULL((void*)0))
4646	X509_STORE_up_ref(store);
4647	SSL_CTX_set_cert_store(ctx, store);
4648	}
4649
4650	int SSL_want(const SSL *s)
4651	{
4652	return s->rwstate;
4653	}
4654
4655	#ifndef OPENSSL_NO_PSK
4656	int SSL_CTX_use_psk_identity_hint(SSL_CTX ctx, const char identity_hint)
4657	{
4658	if (identity_hint != NULL((void*)0) && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN256) {
4659	ERR_raise(ERR_LIB_SSL, SSL_R_DATA_LENGTH_TOO_LONG)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,4659,__func__), ERR_set_error)((20),(146),((void*)0));
4660	return 0;
4661	}
4662	OPENSSL_free(ctx->cert->psk_identity_hint)CRYPTO_free(ctx->cert->psk_identity_hint, "../deps/openssl/openssl/ssl/ssl_lib.c" , 4662);
4663	if (identity_hint != NULL((void*)0)) {
4664	ctx->cert->psk_identity_hint = OPENSSL_strdup(identity_hint)CRYPTO_strdup(identity_hint, "../deps/openssl/openssl/ssl/ssl_lib.c" , 4664);
4665	if (ctx->cert->psk_identity_hint == NULL((void*)0))
4666	return 0;
4667	} else
4668	ctx->cert->psk_identity_hint = NULL((void*)0);
4669	return 1;
4670	}
4671
4672	int SSL_use_psk_identity_hint(SSL s, const char identity_hint)
4673	{
4674	if (s == NULL((void*)0))
4675	return 0;
4676
4677	if (identity_hint != NULL((void*)0) && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN256) {
4678	ERR_raise(ERR_LIB_SSL, SSL_R_DATA_LENGTH_TOO_LONG)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,4678,__func__), ERR_set_error)((20),(146),((void*)0));
4679	return 0;
4680	}
4681	OPENSSL_free(s->cert->psk_identity_hint)CRYPTO_free(s->cert->psk_identity_hint, "../deps/openssl/openssl/ssl/ssl_lib.c" , 4681);
4682	if (identity_hint != NULL((void*)0)) {
4683	s->cert->psk_identity_hint = OPENSSL_strdup(identity_hint)CRYPTO_strdup(identity_hint, "../deps/openssl/openssl/ssl/ssl_lib.c" , 4683);
4684	if (s->cert->psk_identity_hint == NULL((void*)0))
4685	return 0;
4686	} else
4687	s->cert->psk_identity_hint = NULL((void*)0);
4688	return 1;
4689	}
4690
4691	const char SSL_get_psk_identity_hint(const SSL s)
4692	{
4693	if (s == NULL((void)0) \|\| s->session == NULL((void)0))
4694	return NULL((void*)0);
4695	return s->session->psk_identity_hint;
4696	}
4697
4698	const char SSL_get_psk_identity(const SSL s)
4699	{
4700	if (s == NULL((void)0) \|\| s->session == NULL((void)0))
4701	return NULL((void*)0);
4702	return s->session->psk_identity;
4703	}
4704
4705	void SSL_set_psk_client_callback(SSL *s, SSL_psk_client_cb_func cb)
4706	{
4707	s->psk_client_callback = cb;
4708	}
4709
4710	void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb)
4711	{
4712	ctx->psk_client_callback = cb;
4713	}
4714
4715	void SSL_set_psk_server_callback(SSL *s, SSL_psk_server_cb_func cb)
4716	{
4717	s->psk_server_callback = cb;
4718	}
4719
4720	void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb)
4721	{
4722	ctx->psk_server_callback = cb;
4723	}
4724	#endif
4725
4726	void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb)
4727	{
4728	s->psk_find_session_cb = cb;
4729	}
4730
4731	void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
4732	SSL_psk_find_session_cb_func cb)
4733	{
4734	ctx->psk_find_session_cb = cb;
4735	}
4736
4737	void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb)
4738	{
4739	s->psk_use_session_cb = cb;
4740	}
4741
4742	void SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx,
4743	SSL_psk_use_session_cb_func cb)
4744	{
4745	ctx->psk_use_session_cb = cb;
4746	}
4747
4748	void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
4749	void (*cb) (int write_p, int version,
4750	int content_type, const void *buf,
4751	size_t len, SSL ssl, void arg))
4752	{
4753	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK15, (void (*)(void))cb);
4754	}
4755
4756	void SSL_set_msg_callback(SSL *ssl,
4757	void (*cb) (int write_p, int version,
4758	int content_type, const void *buf,
4759	size_t len, SSL ssl, void arg))
4760	{
4761	SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK15, (void (*)(void))cb);
4762	}
4763
4764	void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
4765	int (cb) (SSL ssl,
4766	int
4767	is_forward_secure))
4768	{
4769	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB79,
4770	(void (*)(void))cb);
4771	}
4772
4773	void SSL_set_not_resumable_session_callback(SSL *ssl,
4774	int (cb) (SSL ssl,
4775	int is_forward_secure))
4776	{
4777	SSL_callback_ctrl(ssl, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB79,
4778	(void (*)(void))cb);
4779	}
4780
4781	void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx,
4782	size_t (cb) (SSL ssl, int type,
4783	size_t len, void *arg))
4784	{
4785	ctx->record_padding_cb = cb;
4786	}
4787
4788	void SSL_CTX_set_record_padding_callback_arg(SSL_CTX ctx, void arg)
4789	{
4790	ctx->record_padding_arg = arg;
4791	}
4792
4793	void SSL_CTX_get_record_padding_callback_arg(const SSL_CTX ctx)
4794	{
4795	return ctx->record_padding_arg;
4796	}
4797
4798	int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size)
4799	{
4800	/* block size of 0 or 1 is basically no padding */
4801	if (block_size == 1)
4802	ctx->block_padding = 0;
4803	else if (block_size <= SSL3_RT_MAX_PLAIN_LENGTH16384)
4804	ctx->block_padding = block_size;
4805	else
4806	return 0;
4807	return 1;
4808	}
4809
4810	int SSL_set_record_padding_callback(SSL *ssl,
4811	size_t (cb) (SSL ssl, int type,
4812	size_t len, void *arg))
4813	{
4814	BIO *b;
4815
4816	b = SSL_get_wbio(ssl);
4817	if (b == NULL((void*)0) \|\| !BIO_get_ktls_send(b)(0)) {
4818	ssl->record_padding_cb = cb;
4819	return 1;
4820	}
4821	return 0;
4822	}
4823
4824	void SSL_set_record_padding_callback_arg(SSL ssl, void arg)
4825	{
4826	ssl->record_padding_arg = arg;
4827	}
4828
4829	void SSL_get_record_padding_callback_arg(const SSL ssl)
4830	{
4831	return ssl->record_padding_arg;
4832	}
4833
4834	int SSL_set_block_padding(SSL *ssl, size_t block_size)
4835	{
4836	/* block size of 0 or 1 is basically no padding */
4837	if (block_size == 1)
4838	ssl->block_padding = 0;
4839	else if (block_size <= SSL3_RT_MAX_PLAIN_LENGTH16384)
4840	ssl->block_padding = block_size;
4841	else
4842	return 0;
4843	return 1;
4844	}
4845
4846	int SSL_set_num_tickets(SSL *s, size_t num_tickets)
4847	{
4848	s->num_tickets = num_tickets;
4849
4850	return 1;
4851	}
4852
4853	size_t SSL_get_num_tickets(const SSL *s)
4854	{
4855	return s->num_tickets;
4856	}
4857
4858	int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets)
4859	{
4860	ctx->num_tickets = num_tickets;
4861
4862	return 1;
4863	}
4864
4865	size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx)
4866	{
4867	return ctx->num_tickets;
4868	}
4869
4870	/*
4871	* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
4872	* variable, freeing EVP_MD_CTX previously stored in that variable, if any.
4873	* If EVP_MD pointer is passed, initializes ctx with this \|md\|.
4874	* Returns the newly allocated ctx;
4875	*/
4876
4877	EVP_MD_CTX ssl_replace_hash(EVP_MD_CTX hash, const EVP_MD md)
4878	{
4879	ssl_clear_hash_ctx(hash);
4880	*hash = EVP_MD_CTX_new();
4881	if (hash == NULL((void)0) \|\| (md && EVP_DigestInit_ex(hash, md, NULL((void)0)) <= 0)) {
4882	EVP_MD_CTX_free(*hash);
4883	hash = NULL((void)0);
4884	return NULL((void*)0);
4885	}
4886	return *hash;
4887	}
4888
4889	void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
4890	{
4891
4892	EVP_MD_CTX_free(*hash);
4893	hash = NULL((void)0);
4894	}
4895
4896	/* Retrieve handshake hashes */
4897	int ssl_handshake_hash(SSL s, unsigned char out, size_t outlen,
4898	size_t *hashlen)
4899	{
4900	EVP_MD_CTX ctx = NULL((void)0);
4901	EVP_MD_CTX *hdgst = s->s3.handshake_dgst;
4902	int hashleni = EVP_MD_CTX_get_size(hdgst)EVP_MD_get_size(EVP_MD_CTX_get0_md(hdgst));
4903	int ret = 0;
4904
4905	if (hashleni < 0 \|\| (size_t)hashleni > outlen) {
4906	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 4906, __func__), ossl_statem_fatal)((s), (80), ((259\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
4907	goto err;
4908	}
4909
4910	ctx = EVP_MD_CTX_new();
4911	if (ctx == NULL((void*)0)) {
4912	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 4912, __func__), ossl_statem_fatal)((s), (80), ((259\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
4913	goto err;
4914	}
4915
4916	if (!EVP_MD_CTX_copy_ex(ctx, hdgst)
4917	\|\| EVP_DigestFinal_ex(ctx, out, NULL((void*)0)) <= 0) {
4918	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 4918, __func__), ossl_statem_fatal)((s), (80), ((259\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
4919	goto err;
4920	}
4921
4922	*hashlen = hashleni;
4923
4924	ret = 1;
4925	err:
4926	EVP_MD_CTX_free(ctx);
4927	return ret;
4928	}
4929
4930	int SSL_session_reused(const SSL *s)
4931	{
4932	return s->hit;
4933	}
4934
4935	int SSL_is_server(const SSL *s)
4936	{
4937	return s->server;
4938	}
4939
4940	#ifndef OPENSSL_NO_DEPRECATED_1_1_0
4941	void SSL_set_debug(SSL *s, int debug)
4942	{
4943	/* Old function was do-nothing anyway... */
4944	(void)s;
4945	(void)debug;
4946	}
4947	#endif
4948
4949	void SSL_set_security_level(SSL *s, int level)
4950	{
4951	s->cert->sec_level = level;
4952	}
4953
4954	int SSL_get_security_level(const SSL *s)
4955	{
4956	return s->cert->sec_level;
4957	}
4958
4959	void SSL_set_security_callback(SSL *s,
4960	int (cb) (const SSL s, const SSL_CTX *ctx,
4961	int op, int bits, int nid,
4962	void other, void ex))
4963	{
4964	s->cert->sec_cb = cb;
4965	}
4966
4967	int (SSL_get_security_callback(const SSL s)) (const SSL *s,
4968	const SSL_CTX *ctx, int op,
4969	int bits, int nid, void *other,
4970	void *ex) {
4971	return s->cert->sec_cb;
4972	}
4973
4974	void SSL_set0_security_ex_data(SSL s, void ex)
4975	{
4976	s->cert->sec_ex = ex;
4977	}
4978
4979	void SSL_get0_security_ex_data(const SSL s)
4980	{
4981	return s->cert->sec_ex;
4982	}
4983
4984	void SSL_CTX_set_security_level(SSL_CTX *ctx, int level)
4985	{
4986	ctx->cert->sec_level = level;
4987	}
4988
4989	int SSL_CTX_get_security_level(const SSL_CTX *ctx)
4990	{
4991	return ctx->cert->sec_level;
4992	}
4993
4994	void SSL_CTX_set_security_callback(SSL_CTX *ctx,
4995	int (cb) (const SSL s, const SSL_CTX *ctx,
4996	int op, int bits, int nid,
4997	void other, void ex))
4998	{
4999	ctx->cert->sec_cb = cb;
5000	}
5001
5002	int (SSL_CTX_get_security_callback(const SSL_CTX ctx)) (const SSL *s,
5003	const SSL_CTX *ctx,
5004	int op, int bits,
5005	int nid,
5006	void *other,
5007	void *ex) {
5008	return ctx->cert->sec_cb;
5009	}
5010
5011	void SSL_CTX_set0_security_ex_data(SSL_CTX ctx, void ex)
5012	{
5013	ctx->cert->sec_ex = ex;
5014	}
5015
5016	void SSL_CTX_get0_security_ex_data(const SSL_CTX ctx)
5017	{
5018	return ctx->cert->sec_ex;
5019	}
5020
5021	uint64_t SSL_CTX_get_options(const SSL_CTX *ctx)
5022	{
5023	return ctx->options;
5024	}
5025
5026	uint64_t SSL_get_options(const SSL *s)
5027	{
5028	return s->options;
5029	}
5030
5031	uint64_t SSL_CTX_set_options(SSL_CTX *ctx, uint64_t op)
5032	{
5033	return ctx->options \|= op;
5034	}
5035
5036	uint64_t SSL_set_options(SSL *s, uint64_t op)
5037	{
5038	return s->options \|= op;
5039	}
5040
5041	uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t op)
5042	{
5043	return ctx->options &= ~op;
5044	}
5045
5046	uint64_t SSL_clear_options(SSL *s, uint64_t op)
5047	{
5048	return s->options &= ~op;
5049	}
5050
5051	STACK_OF(X509)struct stack_st_X509 SSL_get0_verified_chain(const SSL s)
5052	{
5053	return s->verified_chain;
5054	}
5055
5056	IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id)static int ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void a_, const void b_) { SSL_CIPHER const a = a_; SSL_CIPHER const b = b_ ; return ssl_cipher_id_cmp(a,b); } SSL_CIPHER OBJ_bsearch_ssl_cipher_id (SSL_CIPHER key, SSL_CIPHER const base, int num) { return ( SSL_CIPHER )OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER), ssl_cipher_id_cmp_BSEARCH_CMP_FN); } extern void dummy_prototype (void);
5057
5058	#ifndef OPENSSL_NO_CT
5059
5060	/*
5061	* Moves SCTs from the \|src\| stack to the \|dst\| stack.
5062	* The source of each SCT will be set to \|origin\|.
5063	* If \|dst\| points to a NULL pointer, a new stack will be created and owned by
5064	* the caller.
5065	* Returns the number of SCTs moved, or a negative integer if an error occurs.
5066	*/
5067	static int ct_move_scts(STACK_OF(SCT)struct stack_st_SCT *dst, STACK_OF(SCT)struct stack_st_SCT src,
5068	sct_source_t origin)
5069	{
5070	int scts_moved = 0;
5071	SCT sct = NULL((void)0);
5072
5073	if (dst == NULL((void)0)) {
5074	dst = sk_SCT_new_null()((struct stack_st_SCT )OPENSSL_sk_new_null());
5075	if (dst == NULL((void)0)) {
5076	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5076,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
5077	goto err;
5078	}
5079	}
5080
5081	while ((sct = sk_SCT_pop(src)((SCT )OPENSSL_sk_pop(ossl_check_SCT_sk_type(src)))) != NULL((void)0)) {
5082	if (SCT_set_source(sct, origin) != 1)
5083	goto err;
5084
5085	if (sk_SCT_push(dst, sct)OPENSSL_sk_push(ossl_check_SCT_sk_type(dst), ossl_check_SCT_type (sct)) <= 0)
5086	goto err;
5087	scts_moved += 1;
5088	}
5089
5090	return scts_moved;
5091	err:
5092	if (sct != NULL((void*)0))
5093	sk_SCT_push(src, sct)OPENSSL_sk_push(ossl_check_SCT_sk_type(src), ossl_check_SCT_type (sct)); /* Put the SCT back */
5094	return -1;
5095	}
5096
5097	/*
5098	* Look for data collected during ServerHello and parse if found.
5099	* Returns the number of SCTs extracted.
5100	*/
5101	static int ct_extract_tls_extension_scts(SSL *s)
5102	{
5103	int scts_extracted = 0;
5104
5105	if (s->ext.scts != NULL((void*)0)) {
5106	const unsigned char *p = s->ext.scts;
5107	STACK_OF(SCT)struct stack_st_SCT scts = o2i_SCT_LIST(NULL((void)0), &p, s->ext.scts_len);
5108
5109	scts_extracted = ct_move_scts(&s->scts, scts, SCT_SOURCE_TLS_EXTENSION);
5110
5111	SCT_LIST_free(scts);
5112	}
5113
5114	return scts_extracted;
5115	}
5116
5117	/*
5118	* Checks for an OCSP response and then attempts to extract any SCTs found if it
5119	* contains an SCT X509 extension. They will be stored in \|s->scts\|.
5120	* Returns:
5121	* - The number of SCTs extracted, assuming an OCSP response exists.
5122	* - 0 if no OCSP response exists or it contains no SCTs.
5123	* - A negative integer if an error occurs.
5124	*/
5125	static int ct_extract_ocsp_response_scts(SSL *s)
5126	{
5127	# ifndef OPENSSL_NO_OCSP
5128	int scts_extracted = 0;
5129	const unsigned char *p;
5130	OCSP_BASICRESP br = NULL((void)0);
5131	OCSP_RESPONSE rsp = NULL((void)0);
5132	STACK_OF(SCT)struct stack_st_SCT scts = NULL((void)0);
5133	int i;
5134
5135	if (s->ext.ocsp.resp == NULL((void*)0) \|\| s->ext.ocsp.resp_len == 0)
5136	goto err;
5137
5138	p = s->ext.ocsp.resp;
5139	rsp = d2i_OCSP_RESPONSE(NULL((void*)0), &p, (int)s->ext.ocsp.resp_len);
5140	if (rsp == NULL((void*)0))
5141	goto err;
5142
5143	br = OCSP_response_get1_basic(rsp);
5144	if (br == NULL((void*)0))
5145	goto err;
5146
5147	for (i = 0; i < OCSP_resp_count(br); ++i) {
5148	OCSP_SINGLERESP *single = OCSP_resp_get0(br, i);
5149
5150	if (single == NULL((void*)0))
5151	continue;
5152
5153	scts =
5154	OCSP_SINGLERESP_get1_ext_d2i(single, NID_ct_cert_scts954, NULL((void)0), NULL((void)0));
5155	scts_extracted =
5156	ct_move_scts(&s->scts, scts, SCT_SOURCE_OCSP_STAPLED_RESPONSE);
5157	if (scts_extracted < 0)
5158	goto err;
5159	}
5160	err:
5161	SCT_LIST_free(scts);
5162	OCSP_BASICRESP_free(br);
5163	OCSP_RESPONSE_free(rsp);
5164	return scts_extracted;
5165	# else
5166	/* Behave as if no OCSP response exists */
5167	return 0;
5168	# endif
5169	}
5170
5171	/*
5172	* Attempts to extract SCTs from the peer certificate.
5173	* Return the number of SCTs extracted, or a negative integer if an error
5174	* occurs.
5175	*/
5176	static int ct_extract_x509v3_extension_scts(SSL *s)
5177	{
5178	int scts_extracted = 0;
5179	X509 cert = s->session != NULL((void)0) ? s->session->peer : NULL((void*)0);
5180
5181	if (cert != NULL((void*)0)) {
5182	STACK_OF(SCT)struct stack_st_SCT *scts =
5183	X509_get_ext_d2i(cert, NID_ct_precert_scts951, NULL((void)0), NULL((void)0));
5184
5185	scts_extracted =
5186	ct_move_scts(&s->scts, scts, SCT_SOURCE_X509V3_EXTENSION);
5187
5188	SCT_LIST_free(scts);
5189	}
5190
5191	return scts_extracted;
5192	}
5193
5194	/*
5195	* Attempts to find all received SCTs by checking TLS extensions, the OCSP
5196	* response (if it exists) and X509v3 extensions in the certificate.
5197	* Returns NULL if an error occurs.
5198	*/
5199	const STACK_OF(SCT)struct stack_st_SCT SSL_get0_peer_scts(SSL s)
5200	{
5201	if (!s->scts_parsed) {
5202	if (ct_extract_tls_extension_scts(s) < 0 \|\|
5203	ct_extract_ocsp_response_scts(s) < 0 \|\|
5204	ct_extract_x509v3_extension_scts(s) < 0)
5205	goto err;
5206
5207	s->scts_parsed = 1;
5208	}
5209	return s->scts;
5210	err:
5211	return NULL((void*)0);
5212	}
5213
5214	static int ct_permissive(const CT_POLICY_EVAL_CTX * ctx,
5215	const STACK_OF(SCT)struct stack_st_SCT scts, void unused_arg)
5216	{
5217	return 1;
5218	}
5219
5220	static int ct_strict(const CT_POLICY_EVAL_CTX * ctx,
5221	const STACK_OF(SCT)struct stack_st_SCT scts, void unused_arg)
5222	{
5223	int count = scts != NULL((void*)0) ? sk_SCT_num(scts)OPENSSL_sk_num(ossl_check_const_SCT_sk_type(scts)) : 0;
5224	int i;
5225
5226	for (i = 0; i < count; ++i) {
5227	SCT sct = sk_SCT_value(scts, i)((SCT )OPENSSL_sk_value(ossl_check_const_SCT_sk_type(scts), ( i)));
5228	int status = SCT_get_validation_status(sct);
5229
5230	if (status == SCT_VALIDATION_STATUS_VALID)
5231	return 1;
5232	}
5233	ERR_raise(ERR_LIB_SSL, SSL_R_NO_VALID_SCTS)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5233,__func__), ERR_set_error)((20),(216),((void*)0));
5234	return 0;
5235	}
5236
5237	int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
5238	void *arg)
5239	{
5240	/*
5241	* Since code exists that uses the custom extension handler for CT, look
5242	* for this and throw an error if they have already registered to use CT.
5243	*/
5244	if (callback != NULL((void*)0) && SSL_CTX_has_client_custom_ext(s->ctx,
5245	TLSEXT_TYPE_signed_certificate_timestamp18))
5246	{
5247	ERR_raise(ERR_LIB_SSL, SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5247,__func__), ERR_set_error)((20),(206),((void*)0));
5248	return 0;
5249	}
5250
5251	if (callback != NULL((void*)0)) {
5252	/*
5253	* If we are validating CT, then we MUST accept SCTs served via OCSP
5254	*/
5255	if (!SSL_set_tlsext_status_type(s, TLSEXT_STATUSTYPE_ocsp)SSL_ctrl(s,65,1,((void*)0)))
5256	return 0;
5257	}
5258
5259	s->ct_validation_callback = callback;
5260	s->ct_validation_callback_arg = arg;
5261
5262	return 1;
5263	}
5264
5265	int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
5266	ssl_ct_validation_cb callback, void *arg)
5267	{
5268	/*
5269	* Since code exists that uses the custom extension handler for CT, look for
5270	* this and throw an error if they have already registered to use CT.
5271	*/
5272	if (callback != NULL((void*)0) && SSL_CTX_has_client_custom_ext(ctx,
5273	TLSEXT_TYPE_signed_certificate_timestamp18))
5274	{
5275	ERR_raise(ERR_LIB_SSL, SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5275,__func__), ERR_set_error)((20),(206),((void*)0));
5276	return 0;
5277	}
5278
5279	ctx->ct_validation_callback = callback;
5280	ctx->ct_validation_callback_arg = arg;
5281	return 1;
5282	}
5283
5284	int SSL_ct_is_enabled(const SSL *s)
5285	{
5286	return s->ct_validation_callback != NULL((void*)0);
5287	}
5288
5289	int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx)
5290	{
5291	return ctx->ct_validation_callback != NULL((void*)0);
5292	}
5293
5294	int ssl_validate_ct(SSL *s)
5295	{
5296	int ret = 0;
5297	X509 cert = s->session != NULL((void)0) ? s->session->peer : NULL((void*)0);
5298	X509 *issuer;
5299	SSL_DANE *dane = &s->dane;
5300	CT_POLICY_EVAL_CTX ctx = NULL((void)0);
5301	const STACK_OF(SCT)struct stack_st_SCT *scts;
5302
5303	/*
5304	* If no callback is set, the peer is anonymous, or its chain is invalid,
5305	* skip SCT validation - just return success. Applications that continue
5306	* handshakes without certificates, with unverified chains, or pinned leaf
5307	* certificates are outside the scope of the WebPKI and CT.
5308	*
5309	* The above exclusions notwithstanding the vast majority of peers will
5310	* have rather ordinary certificate chains validated by typical
5311	* applications that perform certificate verification and therefore will
5312	* process SCTs when enabled.
5313	*/
5314	if (s->ct_validation_callback == NULL((void)0) \|\| cert == NULL((void)0) \|\|
5315	s->verify_result != X509_V_OK0 \|\|
5316	s->verified_chain == NULL((void*)0) \|\| sk_X509_num(s->verified_chain)OPENSSL_sk_num(ossl_check_const_X509_sk_type(s->verified_chain )) <= 1)
5317	return 1;
5318
5319	/*
5320	* CT not applicable for chains validated via DANE-TA(2) or DANE-EE(3)
5321	* trust-anchors. See https://tools.ietf.org/html/rfc7671#section-4.2
5322	*/
5323	if (DANETLS_ENABLED(dane)((dane) != ((void)0) && sk_danetls_record_num((dane) ->trecs) > 0) && dane->mtlsa != NULL((void)0)) {
5324	switch (dane->mtlsa->usage) {
5325	case DANETLS_USAGE_DANE_TA2:
5326	case DANETLS_USAGE_DANE_EE3:
5327	return 1;
5328	}
5329	}
5330
5331	ctx = CT_POLICY_EVAL_CTX_new_ex(s->ctx->libctx, s->ctx->propq);
5332	if (ctx == NULL((void*)0)) {
5333	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5333, __func__), ossl_statem_fatal)((s), (80), ((256\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
5334	goto end;
5335	}
5336
5337	issuer = sk_X509_value(s->verified_chain, 1)((X509 *)OPENSSL_sk_value(ossl_check_const_X509_sk_type(s-> verified_chain), (1)));
5338	CT_POLICY_EVAL_CTX_set1_cert(ctx, cert);
5339	CT_POLICY_EVAL_CTX_set1_issuer(ctx, issuer);
5340	CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(ctx, s->ctx->ctlog_store);
5341	CT_POLICY_EVAL_CTX_set_time(
5342	ctx, (uint64_t)SSL_SESSION_get_time(SSL_get0_sessionSSL_get_session(s)) * 1000);
5343
5344	scts = SSL_get0_peer_scts(s);
5345
5346	/*
5347	* This function returns success (> 0) only when all the SCTs are valid, 0
5348	* when some are invalid, and < 0 on various internal errors (out of
5349	* memory, etc.). Having some, or even all, invalid SCTs is not sufficient
5350	* reason to abort the handshake, that decision is up to the callback.
5351	* Therefore, we error out only in the unexpected case that the return
5352	* value is negative.
5353	*
5354	* XXX: One might well argue that the return value of this function is an
5355	* unfortunate design choice. Its job is only to determine the validation
5356	* status of each of the provided SCTs. So long as it correctly separates
5357	* the wheat from the chaff it should return success. Failure in this case
5358	* ought to correspond to an inability to carry out its duties.
5359	*/
5360	if (SCT_LIST_validate(scts, ctx) < 0) {
5361	SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_SCT_VERIFICATION_FAILED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5361, __func__), ossl_statem_fatal)((s), (40), (208), ((void *)0));
5362	goto end;
5363	}
5364
5365	ret = s->ct_validation_callback(ctx, scts, s->ct_validation_callback_arg);
5366	if (ret < 0)
5367	ret = 0; /* This function returns 0 on failure */
5368	if (!ret)
5369	SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_CALLBACK_FAILED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5369, __func__), ossl_statem_fatal)((s), (40), (234), ((void *)0));
5370
5371	end:
5372	CT_POLICY_EVAL_CTX_free(ctx);
5373	/*
5374	* With SSL_VERIFY_NONE the session may be cached and re-used despite a
5375	* failure return code here. Also the application may wish the complete
5376	* the handshake, and then disconnect cleanly at a higher layer, after
5377	* checking the verification status of the completed connection.
5378	*
5379	* We therefore force a certificate verification failure which will be
5380	* visible via SSL_get_verify_result() and cached as part of any resumed
5381	* session.
5382	*
5383	* Note: the permissive callback is for information gathering only, always
5384	* returns success, and does not affect verification status. Only the
5385	* strict callback or a custom application-specified callback can trigger
5386	* connection failure or record a verification error.
5387	*/
5388	if (ret <= 0)
5389	s->verify_result = X509_V_ERR_NO_VALID_SCTS71;
5390	return ret;
5391	}
5392
5393	int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode)
5394	{
5395	switch (validation_mode) {
5396	default:
5397	ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CT_VALIDATION_TYPE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5397,__func__), ERR_set_error)((20),(212),((void*)0));
5398	return 0;
5399	case SSL_CT_VALIDATION_PERMISSIVE:
5400	return SSL_CTX_set_ct_validation_callback(ctx, ct_permissive, NULL((void*)0));
5401	case SSL_CT_VALIDATION_STRICT:
5402	return SSL_CTX_set_ct_validation_callback(ctx, ct_strict, NULL((void*)0));
5403	}
5404	}
5405
5406	int SSL_enable_ct(SSL *s, int validation_mode)
5407	{
5408	switch (validation_mode) {
5409	default:
5410	ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CT_VALIDATION_TYPE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5410,__func__), ERR_set_error)((20),(212),((void*)0));
5411	return 0;
5412	case SSL_CT_VALIDATION_PERMISSIVE:
5413	return SSL_set_ct_validation_callback(s, ct_permissive, NULL((void*)0));
5414	case SSL_CT_VALIDATION_STRICT:
5415	return SSL_set_ct_validation_callback(s, ct_strict, NULL((void*)0));
5416	}
5417	}
5418
5419	int SSL_CTX_set_default_ctlog_list_file(SSL_CTX *ctx)
5420	{
5421	return CTLOG_STORE_load_default_file(ctx->ctlog_store);
5422	}
5423
5424	int SSL_CTX_set_ctlog_list_file(SSL_CTX ctx, const char path)
5425	{
5426	return CTLOG_STORE_load_file(ctx->ctlog_store, path);
5427	}
5428
5429	void SSL_CTX_set0_ctlog_store(SSL_CTX ctx, CTLOG_STORE logs)
5430	{
5431	CTLOG_STORE_free(ctx->ctlog_store);
5432	ctx->ctlog_store = logs;
5433	}
5434
5435	const CTLOG_STORE SSL_CTX_get0_ctlog_store(const SSL_CTX ctx)
5436	{
5437	return ctx->ctlog_store;
5438	}
5439
5440	#endif /* OPENSSL_NO_CT */
5441
5442	void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn cb,
5443	void *arg)
5444	{
5445	c->client_hello_cb = cb;
5446	c->client_hello_cb_arg = arg;
5447	}
5448
5449	int SSL_client_hello_isv2(SSL *s)
5450	{
5451	if (s->clienthello == NULL((void*)0))
5452	return 0;
5453	return s->clienthello->isv2;
5454	}
5455
5456	unsigned int SSL_client_hello_get0_legacy_version(SSL *s)
5457	{
5458	if (s->clienthello == NULL((void*)0))
5459	return 0;
5460	return s->clienthello->legacy_version;
5461	}
5462
5463	size_t SSL_client_hello_get0_random(SSL s, const unsigned char *out)
5464	{
5465	if (s->clienthello == NULL((void*)0))
5466	return 0;
5467	if (out != NULL((void*)0))
5468	*out = s->clienthello->random;
5469	return SSL3_RANDOM_SIZE32;
5470	}
5471
5472	size_t SSL_client_hello_get0_session_id(SSL s, const unsigned char *out)
5473	{
5474	if (s->clienthello == NULL((void*)0))
5475	return 0;
5476	if (out != NULL((void*)0))
5477	*out = s->clienthello->session_id;
5478	return s->clienthello->session_id_len;
5479	}
5480
5481	size_t SSL_client_hello_get0_ciphers(SSL s, const unsigned char *out)
5482	{
5483	if (s->clienthello == NULL((void*)0))
5484	return 0;
5485	if (out != NULL((void*)0))
5486	*out = PACKET_data(&s->clienthello->ciphersuites);
5487	return PACKET_remaining(&s->clienthello->ciphersuites);
5488	}
5489
5490	size_t SSL_client_hello_get0_compression_methods(SSL s, const unsigned char *out)
5491	{
5492	if (s->clienthello == NULL((void*)0))
5493	return 0;
5494	if (out != NULL((void*)0))
5495	*out = s->clienthello->compressions;
5496	return s->clienthello->compressions_len;
5497	}
5498
5499	int SSL_client_hello_get1_extensions_present(SSL s, int out, size_t outlen)
5500	{
5501	RAW_EXTENSION *ext;
5502	int *present;
5503	size_t num = 0, i;
5504
5505	if (s->clienthello == NULL((void)0) \|\| out == NULL((void)0) \|\| outlen == NULL((void*)0))
5506	return 0;
5507	for (i = 0; i < s->clienthello->pre_proc_exts_len; i++) {
5508	ext = s->clienthello->pre_proc_exts + i;
5509	if (ext->present)
5510	num++;
5511	}
5512	if (num == 0) {
5513	out = NULL((void)0);
5514	*outlen = 0;
5515	return 1;
5516	}
5517	if ((present = OPENSSL_malloc(sizeof(present) num)CRYPTO_malloc(sizeof(present) num, "../deps/openssl/openssl/ssl/ssl_lib.c" , 5517)) == NULL((void*)0)) {
5518	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5518,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
5519	return 0;
5520	}
5521	for (i = 0; i < s->clienthello->pre_proc_exts_len; i++) {
5522	ext = s->clienthello->pre_proc_exts + i;
5523	if (ext->present) {
5524	if (ext->received_order >= num)
5525	goto err;
5526	present[ext->received_order] = ext->type;
5527	}
5528	}
5529	*out = present;
5530	*outlen = num;
5531	return 1;
5532	err:
5533	OPENSSL_free(present)CRYPTO_free(present, "../deps/openssl/openssl/ssl/ssl_lib.c", 5533);
5534	return 0;
5535	}
5536
5537	int SSL_client_hello_get0_ext(SSL s, unsigned int type, const unsigned char *out,
5538	size_t *outlen)
5539	{
5540	size_t i;
5541	RAW_EXTENSION *r;
5542
5543	if (s->clienthello == NULL((void*)0))
5544	return 0;
5545	for (i = 0; i < s->clienthello->pre_proc_exts_len; ++i) {
5546	r = s->clienthello->pre_proc_exts + i;
5547	if (r->present && r->type == type) {
5548	if (out != NULL((void*)0))
5549	*out = PACKET_data(&r->data);
5550	if (outlen != NULL((void*)0))
5551	*outlen = PACKET_remaining(&r->data);
5552	return 1;
5553	}
5554	}
5555	return 0;
5556	}
5557
5558	int SSL_free_buffers(SSL *ssl)
5559	{
5560	RECORD_LAYER *rl = &ssl->rlayer;
5561
5562	if (RECORD_LAYER_read_pending(rl) \|\| RECORD_LAYER_write_pending(rl))
5563	return 0;
5564
5565	RECORD_LAYER_release(rl);
5566	return 1;
5567	}
5568
5569	int SSL_alloc_buffers(SSL *ssl)
5570	{
5571	return ssl3_setup_buffers(ssl);
5572	}
5573
5574	void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb)
5575	{
5576	ctx->keylog_callback = cb;
5577	}
5578
5579	SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx)
5580	{
5581	return ctx->keylog_callback;
5582	}
5583
5584	static int nss_keylog_int(const char *prefix,
5585	SSL *ssl,
5586	const uint8_t *parameter_1,
5587	size_t parameter_1_len,
5588	const uint8_t *parameter_2,
5589	size_t parameter_2_len)
5590	{
5591	char out = NULL((void)0);
5592	char cursor = NULL((void)0);
5593	size_t out_len = 0;
5594	size_t i;
5595	size_t prefix_len;
5596
5597	if (ssl->ctx->keylog_callback == NULL((void*)0))
5598	return 1;
5599
5600	/*
5601	* Our output buffer will contain the following strings, rendered with
5602	* space characters in between, terminated by a NULL character: first the
5603	* prefix, then the first parameter, then the second parameter. The
5604	* meaning of each parameter depends on the specific key material being
5605	* logged. Note that the first and second parameters are encoded in
5606	* hexadecimal, so we need a buffer that is twice their lengths.
5607	*/
5608	prefix_len = strlen(prefix);
5609	out_len = prefix_len + (2 * parameter_1_len) + (2 * parameter_2_len) + 3;
5610	if ((out = cursor = OPENSSL_malloc(out_len)CRYPTO_malloc(out_len, "../deps/openssl/openssl/ssl/ssl_lib.c" , 5610)) == NULL((void*)0)) {
5611	SSLfatal(ssl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5611, __func__), ossl_statem_fatal)((ssl), (80), ((256\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
5612	return 0;
5613	}
5614
5615	strcpy(cursor, prefix);
5616	cursor += prefix_len;
5617	*cursor++ = ' ';
5618
5619	for (i = 0; i < parameter_1_len; i++) {
5620	sprintf(cursor, "%02x", parameter_1[i]);
5621	cursor += 2;
5622	}
5623	*cursor++ = ' ';
5624
5625	for (i = 0; i < parameter_2_len; i++) {
5626	sprintf(cursor, "%02x", parameter_2[i]);
5627	cursor += 2;
5628	}
5629	*cursor = '\0';
5630
5631	ssl->ctx->keylog_callback(ssl, (const char *)out);
5632	OPENSSL_clear_free(out, out_len)CRYPTO_clear_free(out, out_len, "../deps/openssl/openssl/ssl/ssl_lib.c" , 5632);
5633	return 1;
5634
5635	}
5636
5637	int ssl_log_rsa_client_key_exchange(SSL *ssl,
5638	const uint8_t *encrypted_premaster,
5639	size_t encrypted_premaster_len,
5640	const uint8_t *premaster,
5641	size_t premaster_len)
5642	{
5643	if (encrypted_premaster_len < 8) {
5644	SSLfatal(ssl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5644, __func__), ossl_statem_fatal)((ssl), (80), ((259\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
5645	return 0;
5646	}
5647
5648	/* We only want the first 8 bytes of the encrypted premaster as a tag. */
5649	return nss_keylog_int("RSA",
5650	ssl,
5651	encrypted_premaster,
5652	8,
5653	premaster,
5654	premaster_len);
5655	}
5656
5657	int ssl_log_secret(SSL *ssl,
5658	const char *label,
5659	const uint8_t *secret,
5660	size_t secret_len)
5661	{
5662	return nss_keylog_int(label,
5663	ssl,
5664	ssl->s3.client_random,
5665	SSL3_RANDOM_SIZE32,
5666	secret,
5667	secret_len);
5668	}
5669
5670	#define SSLV2_CIPHER_LEN3 3
5671
5672	int ssl_cache_cipherlist(SSL s, PACKET cipher_suites, int sslv2format)
5673	{
5674	int n;
5675
5676	n = sslv2format ? SSLV2_CIPHER_LEN3 : TLS_CIPHER_LEN2;
5677
5678	if (PACKET_remaining(cipher_suites) == 0) {
5679	SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_NO_CIPHERS_SPECIFIED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5679, __func__), ossl_statem_fatal)((s), (47), (183), ((void *)0));
5680	return 0;
5681	}
5682
5683	if (PACKET_remaining(cipher_suites) % n != 0) {
5684	SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5684, __func__), ossl_statem_fatal)((s), (50), (151), ((void *)0));
5685	return 0;
5686	}
5687
5688	OPENSSL_free(s->s3.tmp.ciphers_raw)CRYPTO_free(s->s3.tmp.ciphers_raw, "../deps/openssl/openssl/ssl/ssl_lib.c" , 5688);
5689	s->s3.tmp.ciphers_raw = NULL((void*)0);
5690	s->s3.tmp.ciphers_rawlen = 0;
5691
5692	if (sslv2format) {
5693	size_t numciphers = PACKET_remaining(cipher_suites) / n;
5694	PACKET sslv2ciphers = *cipher_suites;
5695	unsigned int leadbyte;
5696	unsigned char *raw;
5697
5698	/*
5699	* We store the raw ciphers list in SSLv3+ format so we need to do some
5700	* preprocessing to convert the list first. If there are any SSLv2 only
5701	* ciphersuites with a non-zero leading byte then we are going to
5702	* slightly over allocate because we won't store those. But that isn't a
5703	* problem.
5704	*/
5705	raw = OPENSSL_malloc(numciphers * TLS_CIPHER_LEN)CRYPTO_malloc(numciphers * 2, "../deps/openssl/openssl/ssl/ssl_lib.c" , 5705);
5706	s->s3.tmp.ciphers_raw = raw;
5707	if (raw == NULL((void*)0)) {
5708	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5708, __func__), ossl_statem_fatal)((s), (80), ((256\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
5709	return 0;
5710	}
5711	for (s->s3.tmp.ciphers_rawlen = 0;
5712	PACKET_remaining(&sslv2ciphers) > 0;
5713	raw += TLS_CIPHER_LEN2) {
5714	if (!PACKET_get_1(&sslv2ciphers, &leadbyte)
5715	\|\| (leadbyte == 0
5716	&& !PACKET_copy_bytes(&sslv2ciphers, raw,
5717	TLS_CIPHER_LEN2))
5718	\|\| (leadbyte != 0
5719	&& !PACKET_forward(&sslv2ciphers, TLS_CIPHER_LEN2))) {
5720	SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_PACKET)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5720, __func__), ossl_statem_fatal)((s), (50), (240), ((void *)0));
5721	OPENSSL_free(s->s3.tmp.ciphers_raw)CRYPTO_free(s->s3.tmp.ciphers_raw, "../deps/openssl/openssl/ssl/ssl_lib.c" , 5721);
5722	s->s3.tmp.ciphers_raw = NULL((void*)0);
5723	s->s3.tmp.ciphers_rawlen = 0;
5724	return 0;
5725	}
5726	if (leadbyte == 0)
5727	s->s3.tmp.ciphers_rawlen += TLS_CIPHER_LEN2;
5728	}
5729	} else if (!PACKET_memdup(cipher_suites, &s->s3.tmp.ciphers_raw,
5730	&s->s3.tmp.ciphers_rawlen)) {
5731	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5731, __func__), ossl_statem_fatal)((s), (80), ((259\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
5732	return 0;
5733	}
5734	return 1;
5735	}
5736
5737	int SSL_bytes_to_cipher_list(SSL s, const unsigned char bytes, size_t len,
5738	int isv2format, STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER **sk,
5739	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER **scsvs)
5740	{
5741	PACKET pkt;
5742
5743	if (!PACKET_buf_init(&pkt, bytes, len))
5744	return 0;
5745	return bytes_to_cipher_list(s, &pkt, sk, scsvs, isv2format, 0);
5746	}
5747
5748	int bytes_to_cipher_list(SSL s, PACKET cipher_suites,
5749	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER **skp,
5750	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER **scsvs_out,
5751	int sslv2format, int fatal)
5752	{
5753	const SSL_CIPHER *c;
5754	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER sk = NULL((void)0);
5755	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER scsvs = NULL((void)0);
5756	int n;
5757	/* 3 = SSLV2_CIPHER_LEN > TLS_CIPHER_LEN = 2. */
5758	unsigned char cipher[SSLV2_CIPHER_LEN3];
5759
5760	n = sslv2format ? SSLV2_CIPHER_LEN3 : TLS_CIPHER_LEN2;
5761
5762	if (PACKET_remaining(cipher_suites) == 0) {
5763	if (fatal)
5764	SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_NO_CIPHERS_SPECIFIED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5764, __func__), ossl_statem_fatal)((s), (47), (183), ((void *)0));
5765	else
5766	ERR_raise(ERR_LIB_SSL, SSL_R_NO_CIPHERS_SPECIFIED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5766,__func__), ERR_set_error)((20),(183),((void*)0));
5767	return 0;
5768	}
5769
5770	if (PACKET_remaining(cipher_suites) % n != 0) {
5771	if (fatal)
5772	SSLfatal(s, SSL_AD_DECODE_ERROR,(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5773, __func__), ossl_statem_fatal)((s), (50), (151), ((void *)0))
5773	SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5773, __func__), ossl_statem_fatal)((s), (50), (151), ((void *)0));
5774	else
5775	ERR_raise(ERR_LIB_SSL, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5775,__func__), ERR_set_error)((20),(151),((void*)0));
5776	return 0;
5777	}
5778
5779	sk = sk_SSL_CIPHER_new_null()((struct stack_st_SSL_CIPHER *)OPENSSL_sk_new_null());
5780	scsvs = sk_SSL_CIPHER_new_null()((struct stack_st_SSL_CIPHER *)OPENSSL_sk_new_null());
5781	if (sk == NULL((void)0) \|\| scsvs == NULL((void)0)) {
5782	if (fatal)
5783	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5783, __func__), ossl_statem_fatal)((s), (80), ((256\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
5784	else
5785	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5785,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
5786	goto err;
5787	}
5788
5789	while (PACKET_copy_bytes(cipher_suites, cipher, n)) {
5790	/*
5791	* SSLv3 ciphers wrapped in an SSLv2-compatible ClientHello have the
5792	* first byte set to zero, while true SSLv2 ciphers have a non-zero
5793	* first byte. We don't support any true SSLv2 ciphers, so skip them.
5794	*/
5795	if (sslv2format && cipher[0] != '\0')
5796	continue;
5797
5798	/* For SSLv2-compat, ignore leading 0-byte. */
5799	c = ssl_get_cipher_by_char(s, sslv2format ? &cipher[1] : cipher, 1);
5800	if (c != NULL((void*)0)) {
5801	if ((c->valid && !sk_SSL_CIPHER_push(sk, c)OPENSSL_sk_push(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_type (c))) \|\|
5802	(!c->valid && !sk_SSL_CIPHER_push(scsvs, c)OPENSSL_sk_push(ossl_check_SSL_CIPHER_sk_type(scsvs), ossl_check_SSL_CIPHER_type (c)))) {
5803	if (fatal)
5804	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5804, __func__), ossl_statem_fatal)((s), (80), ((256\|((0x1 << 18L)\|(0x2 << 18L)))), ((void*)0));
5805	else
5806	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5806,__func__), ERR_set_error)((20),((256\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
5807	goto err;
5808	}
5809	}
5810	}
5811	if (PACKET_remaining(cipher_suites) > 0) {
5812	if (fatal)
5813	SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_LENGTH)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" , 5813, __func__), ossl_statem_fatal)((s), (50), (271), ((void *)0));
5814	else
5815	ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5815,__func__), ERR_set_error)((20),(271),((void*)0));
5816	goto err;
5817	}
5818
5819	if (skp != NULL((void*)0))
5820	*skp = sk;
5821	else
5822	sk_SSL_CIPHER_free(sk)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(sk));
5823	if (scsvs_out != NULL((void*)0))
5824	*scsvs_out = scsvs;
5825	else
5826	sk_SSL_CIPHER_free(scsvs)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(scsvs));
5827	return 1;
5828	err:
5829	sk_SSL_CIPHER_free(sk)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(sk));
5830	sk_SSL_CIPHER_free(scsvs)OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(scsvs));
5831	return 0;
5832	}
5833
5834	int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data)
5835	{
5836	ctx->max_early_data = max_early_data;
5837
5838	return 1;
5839	}
5840
5841	uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx)
5842	{
5843	return ctx->max_early_data;
5844	}
5845
5846	int SSL_set_max_early_data(SSL *s, uint32_t max_early_data)
5847	{
5848	s->max_early_data = max_early_data;
5849
5850	return 1;
5851	}
5852
5853	uint32_t SSL_get_max_early_data(const SSL *s)
5854	{
5855	return s->max_early_data;
5856	}
5857
5858	int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data)
5859	{
5860	ctx->recv_max_early_data = recv_max_early_data;
5861
5862	return 1;
5863	}
5864
5865	uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx)
5866	{
5867	return ctx->recv_max_early_data;
5868	}
5869
5870	int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data)
5871	{
5872	s->recv_max_early_data = recv_max_early_data;
5873
5874	return 1;
5875	}
5876
5877	uint32_t SSL_get_recv_max_early_data(const SSL *s)
5878	{
5879	return s->recv_max_early_data;
5880	}
5881
5882	__owur unsigned int ssl_get_max_send_fragment(const SSL *ssl)
5883	{
5884	/* Return any active Max Fragment Len extension */
5885	if (ssl->session != NULL((void*)0) && USE_MAX_FRAGMENT_LENGTH_EXT(ssl->session)(((ssl->session->ext.max_fragment_len_mode) >= 1) && ((ssl->session->ext.max_fragment_len_mode) <= 4)))
5886	return GET_MAX_FRAGMENT_LENGTH(ssl->session)(512U << (ssl->session->ext.max_fragment_len_mode - 1));
5887
5888	/* return current SSL connection setting */
5889	return ssl->max_send_fragment;
5890	}
5891
5892	__owur unsigned int ssl_get_split_send_fragment(const SSL *ssl)
5893	{
5894	/* Return a value regarding an active Max Fragment Len extension */
5895	if (ssl->session != NULL((void*)0) && USE_MAX_FRAGMENT_LENGTH_EXT(ssl->session)(((ssl->session->ext.max_fragment_len_mode) >= 1) && ((ssl->session->ext.max_fragment_len_mode) <= 4))
5896	&& ssl->split_send_fragment > GET_MAX_FRAGMENT_LENGTH(ssl->session)(512U << (ssl->session->ext.max_fragment_len_mode - 1)))
5897	return GET_MAX_FRAGMENT_LENGTH(ssl->session)(512U << (ssl->session->ext.max_fragment_len_mode - 1));
5898
5899	/* else limit \|split_send_fragment\| to current \|max_send_fragment\| */
5900	if (ssl->split_send_fragment > ssl->max_send_fragment)
5901	return ssl->max_send_fragment;
5902
5903	/* return current SSL connection setting */
5904	return ssl->split_send_fragment;
5905	}
5906
5907	int SSL_stateless(SSL *s)
5908	{
5909	int ret;
5910
5911	/* Ensure there is no state left over from a previous invocation */
5912	if (!SSL_clear(s))
5913	return 0;
5914
5915	ERR_clear_error();
5916
5917	s->s3.flags \|= TLS1_FLAGS_STATELESS0x0800;
5918	ret = SSL_accept(s);
5919	s->s3.flags &= ~TLS1_FLAGS_STATELESS0x0800;
5920
5921	if (ret > 0 && s->ext.cookieok)
5922	return 1;
5923
5924	if (s->hello_retry_request == SSL_HRR_PENDING && !ossl_statem_in_error(s))
5925	return 0;
5926
5927	return -1;
5928	}
5929
5930	void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val)
5931	{
5932	ctx->pha_enabled = val;
5933	}
5934
5935	void SSL_set_post_handshake_auth(SSL *ssl, int val)
5936	{
5937	ssl->pha_enabled = val;
5938	}
5939
5940	int SSL_verify_client_post_handshake(SSL *ssl)
5941	{
5942	if (!SSL_IS_TLS13(ssl)(!(ssl->method->ssl3_enc->enc_flags & 0x8) && (ssl)->method->version >= 0x0304 && (ssl)-> method->version != 0x10000)) {
5943	ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5943,__func__), ERR_set_error)((20),(266),((void*)0));
5944	return 0;
5945	}
5946	if (!ssl->server) {
5947	ERR_raise(ERR_LIB_SSL, SSL_R_NOT_SERVER)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5947,__func__), ERR_set_error)((20),(284),((void*)0));
5948	return 0;
5949	}
5950
5951	if (!SSL_is_init_finished(ssl)) {
5952	ERR_raise(ERR_LIB_SSL, SSL_R_STILL_IN_INIT)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5952,__func__), ERR_set_error)((20),(121),((void*)0));
5953	return 0;
5954	}
5955
5956	switch (ssl->post_handshake_auth) {
5957	case SSL_PHA_NONE:
5958	ERR_raise(ERR_LIB_SSL, SSL_R_EXTENSION_NOT_RECEIVED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5958,__func__), ERR_set_error)((20),(279),((void*)0));
5959	return 0;
5960	default:
5961	case SSL_PHA_EXT_SENT:
5962	ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5962,__func__), ERR_set_error)((20),((259\|((0x1 << 18L )\|(0x2 << 18L)))),((void*)0));
5963	return 0;
5964	case SSL_PHA_EXT_RECEIVED:
5965	break;
5966	case SSL_PHA_REQUEST_PENDING:
5967	ERR_raise(ERR_LIB_SSL, SSL_R_REQUEST_PENDING)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5967,__func__), ERR_set_error)((20),(285),((void*)0));
5968	return 0;
5969	case SSL_PHA_REQUESTED:
5970	ERR_raise(ERR_LIB_SSL, SSL_R_REQUEST_SENT)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5970,__func__), ERR_set_error)((20),(286),((void*)0));
5971	return 0;
5972	}
5973
5974	ssl->post_handshake_auth = SSL_PHA_REQUEST_PENDING;
5975
5976	/* checks verify_mode and algorithm_auth */
5977	if (!send_certificate_request(ssl)) {
5978	ssl->post_handshake_auth = SSL_PHA_EXT_RECEIVED; /* restore on error */
5979	ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_CONFIG)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,5979,__func__), ERR_set_error)((20),(283),((void*)0));
5980	return 0;
5981	}
5982
5983	ossl_statem_set_in_init(ssl, 1);
5984	return 1;
5985	}
5986
5987	int SSL_CTX_set_session_ticket_cb(SSL_CTX *ctx,
5988	SSL_CTX_generate_session_ticket_fn gen_cb,
5989	SSL_CTX_decrypt_session_ticket_fn dec_cb,
5990	void *arg)
5991	{
5992	ctx->generate_ticket_cb = gen_cb;
5993	ctx->decrypt_ticket_cb = dec_cb;
5994	ctx->ticket_cb_data = arg;
5995	return 1;
5996	}
5997
5998	void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
5999	SSL_allow_early_data_cb_fn cb,
6000	void *arg)
6001	{
6002	ctx->allow_early_data_cb = cb;
6003	ctx->allow_early_data_cb_data = arg;
6004	}
6005
6006	void SSL_set_allow_early_data_cb(SSL *s,
6007	SSL_allow_early_data_cb_fn cb,
6008	void *arg)
6009	{
6010	s->allow_early_data_cb = cb;
6011	s->allow_early_data_cb_data = arg;
6012	}
6013
6014	const EVP_CIPHER ssl_evp_cipher_fetch(OSSL_LIB_CTX libctx,
6015	int nid,
6016	const char *properties)
6017	{
6018	const EVP_CIPHER *ciph;
6019
6020	ciph = tls_get_cipher_from_engine(nid);
6021	if (ciph != NULL((void*)0))
6022	return ciph;
6023
6024	/*
6025	* If there is no engine cipher then we do an explicit fetch. This may fail
6026	* and that could be ok
6027	*/
6028	ERR_set_mark();
6029	ciph = EVP_CIPHER_fetch(libctx, OBJ_nid2sn(nid), properties);
6030	ERR_pop_to_mark();
6031	return ciph;
6032	}
6033
6034
6035	int ssl_evp_cipher_up_ref(const EVP_CIPHER *cipher)
6036	{
6037	/* Don't up-ref an implicit EVP_CIPHER */
6038	if (EVP_CIPHER_get0_provider(cipher) == NULL((void*)0))
6039	return 1;
6040
6041	/*
6042	* The cipher was explicitly fetched and therefore it is safe to cast
6043	* away the const
6044	*/
6045	return EVP_CIPHER_up_ref((EVP_CIPHER *)cipher);
6046	}
6047
6048	void ssl_evp_cipher_free(const EVP_CIPHER *cipher)
6049	{
6050	if (cipher == NULL((void*)0))
6051	return;
6052
6053	if (EVP_CIPHER_get0_provider(cipher) != NULL((void*)0)) {
6054	/*
6055	* The cipher was explicitly fetched and therefore it is safe to cast
6056	* away the const
6057	*/
6058	EVP_CIPHER_free((EVP_CIPHER *)cipher);
6059	}
6060	}
6061
6062	const EVP_MD ssl_evp_md_fetch(OSSL_LIB_CTX libctx,
6063	int nid,
6064	const char *properties)
6065	{
6066	const EVP_MD *md;
6067
6068	md = tls_get_digest_from_engine(nid);
6069	if (md != NULL((void*)0))
6070	return md;
6071
6072	/* Otherwise we do an explicit fetch */
6073	ERR_set_mark();
6074	md = EVP_MD_fetch(libctx, OBJ_nid2sn(nid), properties);
6075	ERR_pop_to_mark();
6076	return md;
6077	}
6078
6079	int ssl_evp_md_up_ref(const EVP_MD *md)
6080	{
6081	/* Don't up-ref an implicit EVP_MD */
6082	if (EVP_MD_get0_provider(md) == NULL((void*)0))
6083	return 1;
6084
6085	/*
6086	* The digest was explicitly fetched and therefore it is safe to cast
6087	* away the const
6088	*/
6089	return EVP_MD_up_ref((EVP_MD *)md);
6090	}
6091
6092	void ssl_evp_md_free(const EVP_MD *md)
6093	{
6094	if (md == NULL((void*)0))
6095	return;
6096
6097	if (EVP_MD_get0_provider(md) != NULL((void*)0)) {
6098	/*
6099	* The digest was explicitly fetched and therefore it is safe to cast
6100	* away the const
6101	*/
6102	EVP_MD_free((EVP_MD *)md);
6103	}
6104	}
6105
6106	int SSL_set0_tmp_dh_pkey(SSL s, EVP_PKEY dhpkey)
6107	{
6108	if (!ssl_security(s, SSL_SECOP_TMP_DH(7 \| (4 << 16)),
6109	EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) {
6110	ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,6110,__func__), ERR_set_error)((20),(394),((void*)0));
6111	return 0;
6112	}
6113	EVP_PKEY_free(s->cert->dh_tmp);
6114	s->cert->dh_tmp = dhpkey;
6115	return 1;
6116	}
6117
6118	int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX ctx, EVP_PKEY dhpkey)
6119	{
6120	if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH(7 \| (4 << 16)),
6121	EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) {
6122	ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/ssl/ssl_lib.c" ,6122,__func__), ERR_set_error)((20),(394),((void*)0));
6123	return 0;
6124	}
6125	EVP_PKEY_free(ctx->cert->dh_tmp);
6126	ctx->cert->dh_tmp = dhpkey;
6127	return 1;
6128	}