*) State machine rewrite. The state machine code has been significantly
refactored in order to remove much duplication of code and solve issues
with the old code (see ssl/statem/README for further details). This change
- does have some associated API changes. Notably SSL_get_state/SSL_state now
- returns an "OSSL_HANDSHAKE_STATE" instead of an int. The previous handshake
- states defined in ssl.h and ssl3.h have been redefined to be the nearest
- equivalent OSS_HANDSHAKE_STATE value. Not all states have an equivalent
- value, (e.g. SSL_ST_CW_FLUSH). New application code should not use the old
- handshake state values, but should instead use OSSL_HANDSHAKE_STATE.
+ does have some associated API changes. Notably the SSL_state() function
+ has been removed and replaced by SSL_get_state which now returns an
+ "OSSL_HANDSHAKE_STATE" instead of an int. SSL_set_state() has been removed
+ altogether. The previous handshake states defined in ssl.h and ssl3.h have
+ been redefined to be the nearest equivalent OSS_HANDSHAKE_STATE value. Not
+ all states have an equivalent value, (e.g. SSL_ST_CW_FLUSH). New
+ application code should not use the old handshake state values, but should
+ instead use OSSL_HANDSHAKE_STATE.
[Matt Caswell]
*) The demo files in crypto/threads were moved to demo/threads.
#ifdef CERT_CB_TEST_RETRY
{
while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP
- && SSL_state(con) == TLS_ST_SR_CLNT_HELLO) {
+ && SSL_get_state(con) == TLS_ST_SR_CLNT_HELLO) {
BIO_printf(bio_err,
"LOOKUP from certificate callback during accept\n");
i = SSL_accept(con);
=item int B<SSL_shutdown>(SSL *ssl);
-=item OSSL_HANDSHAKE_STATE B<SSL_state>(const SSL *ssl);
+=item OSSL_HANDSHAKE_STATE B<SSL_get_state>(const SSL *ssl);
Returns the current handshake state.
# define SSL_CB_HANDSHAKE_DONE 0x20
/* Is the SSL_connection established? */
-# define SSL_get_state(a) SSL_state(a)
# define SSL_in_connect_init(a) (SSL_in_init(a) && !SSL_is_server(a))
# define SSL_in_accept_init(a) (SSL_in_init(a) && SSL_is_server(a))
int SSL_in_init(SSL *s);
void (*cb) (const SSL *ssl, int type, int val));
void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type,
int val);
-__owur OSSL_HANDSHAKE_STATE SSL_state(const SSL *ssl);
-void SSL_set_state(SSL *ssl, OSSL_HANDSHAKE_STATE state);
+__owur OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);
void SSL_set_verify_result(SSL *ssl, long v);
__owur long SSL_get_verify_result(const SSL *ssl);
#ifndef OPENSSL_NO_SCTP
/* Store bio_dgram_sctp_rcvinfo struct */
if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
- (SSL_state(s) == TLS_ST_SR_FINISHED
- || SSL_state(s) == TLS_ST_CR_FINISHED)) {
+ (SSL_get_state(s) == TLS_ST_SR_FINISHED
+ || SSL_get_state(s) == TLS_ST_CR_FINISHED)) {
BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO,
sizeof(rdata->recordinfo), &rdata->recordinfo);
}
return "error";
}
- switch (SSL_state(s)) {
+ switch (SSL_get_state(s)) {
case TLS_ST_BEFORE:
str = "before SSL initialization";
break;
return "SSLERR";
}
- switch (SSL_state(s)) {
+ switch (SSL_get_state(s)) {
case TLS_ST_BEFORE:
str = "PINIT ";
break;
static void init_write_state_machine(SSL *s);
static enum SUB_STATE_RETURN write_state_machine(SSL *s);
-OSSL_HANDSHAKE_STATE SSL_state(const SSL *ssl)
+OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl)
{
return ssl->statem.hand_state;
}
-void SSL_set_state(SSL *ssl, OSSL_HANDSHAKE_STATE state)
-{
- /*
- * This function seems like a really bad idea. Should we remove it
- * completely?
- */
- ssl->statem.hand_state = state;
-}
-
int SSL_in_init(SSL *s)
{
return s->statem.in_init;
projects / openssl / commitdiff