diff options
| author |   Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com> | 2023-10-10 14:33:42 +0000 |
|---|---|---|
| committer | Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com> | 2023-10-10 14:33:42 +0000 |
| commit | af1a266670d040d2f4083ff309d732d648afba2a (patch) | |
| tree | 2fc46203448ddcc6f81546d379abfaeb323575e9 /roms/edk2/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_mcnf.c | |
| parent | e02cda008591317b1625707ff8e115a4841aa889 (diff) | |
Change-Id: Iaf8d18082d3991dec7c0ebbea540f092188eb4ec
Diffstat (limited to 'roms/edk2/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_mcnf.c')
| -rw-r--r-- | roms/edk2/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_mcnf.c | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_mcnf.c b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_mcnf.c new file mode 100644 index 000000000..583df4166 --- /dev/null +++ b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_mcnf.c @@ -0,0 +1,99 @@ +/* + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <stdio.h> +#include <openssl/conf.h> +#include <openssl/ssl.h> +#include "ssl_local.h" +#include "internal/sslconf.h" + +/* SSL library configuration module. */ + +void SSL_add_ssl_module(void) +{ + /* Do nothing. This will be added automatically by libcrypto */ +} + +static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system) +{ + SSL_CONF_CTX *cctx = NULL; + size_t i, idx, cmd_count; + int rv = 0; + unsigned int flags; + const SSL_METHOD *meth; + const SSL_CONF_CMD *cmds; + + if (s == NULL && ctx == NULL) { + SSLerr(SSL_F_SSL_DO_CONFIG, ERR_R_PASSED_NULL_PARAMETER); + goto err; + } + + if (name == NULL && system) + name = "system_default"; + if (!conf_ssl_name_find(name, &idx)) { + if (!system) { + SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_INVALID_CONFIGURATION_NAME); + ERR_add_error_data(2, "name=", name); + } + goto err; + } + cmds = conf_ssl_get(idx, &name, &cmd_count); + cctx = SSL_CONF_CTX_new(); + if (cctx == NULL) + goto err; + flags = SSL_CONF_FLAG_FILE; + if (!system) + flags |= SSL_CONF_FLAG_CERTIFICATE | SSL_CONF_FLAG_REQUIRE_PRIVATE; + if (s != NULL) { + meth = s->method; + SSL_CONF_CTX_set_ssl(cctx, s); + } else { + meth = ctx->method; + SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); + } + if (meth->ssl_accept != ssl_undefined_function) + flags |= SSL_CONF_FLAG_SERVER; + if (meth->ssl_connect != ssl_undefined_function) + flags |= SSL_CONF_FLAG_CLIENT; + SSL_CONF_CTX_set_flags(cctx, flags); + for (i = 0; i < cmd_count; i++) { + char *cmdstr, *arg; + + conf_ssl_get_cmd(cmds, i, &cmdstr, &arg); + rv = SSL_CONF_cmd(cctx, cmdstr, arg); + if (rv <= 0) { + if (rv == -2) + SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_UNKNOWN_COMMAND); + else + SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_BAD_VALUE); + ERR_add_error_data(6, "section=", name, ", cmd=", cmdstr, + ", arg=", arg); + goto err; + } + } + rv = SSL_CONF_CTX_finish(cctx); + err: + SSL_CONF_CTX_free(cctx); + return rv <= 0 ? 0 : 1; +} + +int SSL_config(SSL *s, const char *name) +{ + return ssl_do_config(s, NULL, name, 0); +} + +int SSL_CTX_config(SSL_CTX *ctx, const char *name) +{ + return ssl_do_config(NULL, ctx, name, 0); +} + +void ssl_ctx_system_config(SSL_CTX *ctx) +{ + ssl_do_config(NULL, ctx, NULL, 1); +} |