Vendor import of OpenSSL 0.9.8b

1 files changed, 345 insertions, 86 deletions

diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c
index f5705af..28c90fc 100644
--- a/crypto/openssl/ssl/ssl_lib.c
+++ b/crypto/openssl/ssl/ssl_lib.c
@@ -110,7 +110,11 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
-
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 #ifdef REF_CHECK
 #  include <assert.h>
@@ -121,18 +125,27 @@
 #include <openssl/objects.h>
 #include <openssl/lhash.h>
 #include <openssl/x509v3.h>
-#include <openssl/fips.h>
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
 
 const char *SSL_version_str=OPENSSL_VERSION_TEXT;
 
-OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
+SSL3_ENC_METHOD ssl3_undef_enc_method={
 	/* evil casts, but these functions are only called if there's a library bug */
 	(int (*)(SSL *,int))ssl_undefined_function,
 	(int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
 	ssl_undefined_function,
 	(int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
 	(int (*)(SSL*, int))ssl_undefined_function,
-	(int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
+	(int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function,
+	0,	/* finish_mac_length */
+	(int (*)(SSL *, EVP_MD_CTX *, unsigned char *))ssl_undefined_function,
+	NULL,	/* client_finished_label */
+	0,	/* client_finished_label_len */
+	NULL,	/* server_finished_label */
+	0,	/* server_finished_label_len */
+	(int (*)(int))ssl_undefined_function
 	};
 
 int SSL_clear(SSL *s)
@@ -272,14 +285,23 @@ SSL *SSL_new(SSL_CTX *ctx)
 	s->msg_callback=ctx->msg_callback;
 	s->msg_callback_arg=ctx->msg_callback_arg;
 	s->verify_mode=ctx->verify_mode;
+#if 0
 	s->verify_depth=ctx->verify_depth;
+#endif
 	s->sid_ctx_length=ctx->sid_ctx_length;
 	OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
 	memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
 	s->verify_callback=ctx->default_verify_callback;
 	s->generate_session_id=ctx->generate_session_id;
+
+	s->param = X509_VERIFY_PARAM_new();
+	if (!s->param)
+		goto err;
+	X509_VERIFY_PARAM_inherit(s->param, ctx->param);
+#if 0
 	s->purpose = ctx->purpose;
 	s->trust = ctx->trust;
+#endif
 	s->quiet_shutdown=ctx->quiet_shutdown;
 
 	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
@@ -393,22 +415,22 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
 
 int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
 	{
-	return X509_PURPOSE_set(&s->purpose, purpose);
+	return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
 	}
 
 int SSL_set_purpose(SSL *s, int purpose)
 	{
-	return X509_PURPOSE_set(&s->purpose, purpose);
+	return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
 	}
 
 int SSL_CTX_set_trust(SSL_CTX *s, int trust)
 	{
-	return X509_TRUST_set(&s->trust, trust);
+	return X509_VERIFY_PARAM_set_trust(s->param, trust);
 	}
 
 int SSL_set_trust(SSL *s, int trust)
 	{
-	return X509_TRUST_set(&s->trust, trust);
+	return X509_VERIFY_PARAM_set_trust(s->param, trust);
 	}
 
 void SSL_free(SSL *s)
@@ -431,6 +453,9 @@ void SSL_free(SSL *s)
 		}
 #endif
 
+	if (s->param)
+		X509_VERIFY_PARAM_free(s->param);
+
 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
 
 	if (s->bbio != NULL)
@@ -501,18 +526,18 @@ void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
 	s->wbio=wbio;
 	}
 
-BIO *SSL_get_rbio(SSL *s)
+BIO *SSL_get_rbio(const SSL *s)
 	{ return(s->rbio); }
 
-BIO *SSL_get_wbio(SSL *s)
+BIO *SSL_get_wbio(const SSL *s)
 	{ return(s->wbio); }
 
-int SSL_get_fd(SSL *s)
+int SSL_get_fd(const SSL *s)
 	{
 	return(SSL_get_rfd(s));
 	}
 
-int SSL_get_rfd(SSL *s)
+int SSL_get_rfd(const SSL *s)
 	{
 	int ret= -1;
 	BIO *b,*r;
@@ -524,7 +549,7 @@ int SSL_get_rfd(SSL *s)
 	return(ret);
 	}
 
-int SSL_get_wfd(SSL *s)
+int SSL_get_wfd(const SSL *s)
 	{
 	int ret= -1;
 	BIO *b,*r;
@@ -606,7 +631,7 @@ err:
 
 
 /* return length of latest Finished message we sent, copy to 'buf' */
-size_t SSL_get_finished(SSL *s, void *buf, size_t count)
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
 	{
 	size_t ret = 0;
 	
@@ -621,7 +646,7 @@ size_t SSL_get_finished(SSL *s, void *buf, size_t count)
 	}
 
 /* return length of latest Finished message we expected, copy to 'buf' */
-size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
 	{
 	size_t ret = 0;
 	
@@ -636,32 +661,32 @@ size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
 	}
 
 
-int SSL_get_verify_mode(SSL *s)
+int SSL_get_verify_mode(const SSL *s)
 	{
 	return(s->verify_mode);
 	}
 
-int SSL_get_verify_depth(SSL *s)
+int SSL_get_verify_depth(const SSL *s)
 	{
-	return(s->verify_depth);
+	return X509_VERIFY_PARAM_get_depth(s->param);
 	}
 
-int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *)
+int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *)
 	{
 	return(s->verify_callback);
 	}
 
-int SSL_CTX_get_verify_mode(SSL_CTX *ctx)
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
 	{
 	return(ctx->verify_mode);
 	}
 
-int SSL_CTX_get_verify_depth(SSL_CTX *ctx)
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
 	{
-	return(ctx->verify_depth);
+	return X509_VERIFY_PARAM_get_depth(ctx->param);
 	}
 
-int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *)
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int,X509_STORE_CTX *)
 	{
 	return(ctx->default_verify_callback);
 	}
@@ -676,7 +701,7 @@ void SSL_set_verify(SSL *s,int mode,
 
 void SSL_set_verify_depth(SSL *s,int depth)
 	{
-	s->verify_depth=depth;
+	X509_VERIFY_PARAM_set_depth(s->param, depth);
 	}
 
 void SSL_set_read_ahead(SSL *s,int yes)
@@ -684,12 +709,12 @@ void SSL_set_read_ahead(SSL *s,int yes)
 	s->read_ahead=yes;
 	}
 
-int SSL_get_read_ahead(SSL *s)
+int SSL_get_read_ahead(const SSL *s)
 	{
 	return(s->read_ahead);
 	}
 
-int SSL_pending(SSL *s)
+int SSL_pending(const SSL *s)
 	{
 	/* SSL_pending cannot work properly if read-ahead is enabled
 	 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
@@ -701,7 +726,7 @@ int SSL_pending(SSL *s)
 	return(s->method->ssl_pending(s));
 	}
 
-X509 *SSL_get_peer_certificate(SSL *s)
+X509 *SSL_get_peer_certificate(const SSL *s)
 	{
 	X509 *r;
 	
@@ -717,7 +742,7 @@ X509 *SSL_get_peer_certificate(SSL *s)
 	return(r);
 	}
 
-STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
 	{
 	STACK_OF(X509) *r;
 	
@@ -734,7 +759,7 @@ STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
 
 /* Now in theory, since the calling process own 't' it should be safe to
  * modify.  We need to be able to read f without being hassled */
-void SSL_copy_session_id(SSL *t,SSL *f)
+void SSL_copy_session_id(SSL *t,const SSL *f)
 	{
 	CERT *tmp;
 
@@ -763,7 +788,7 @@ void SSL_copy_session_id(SSL *t,SSL *f)
 	}
 
 /* Fix this so it checks all the valid key/cert options */
-int SSL_CTX_check_private_key(SSL_CTX *ctx)
+int SSL_CTX_check_private_key(const SSL_CTX *ctx)
 	{
 	if (	(ctx == NULL) ||
 		(ctx->cert == NULL) ||
@@ -781,7 +806,7 @@ int SSL_CTX_check_private_key(SSL_CTX *ctx)
 	}
 
 /* Fix this function so that it takes an optional type parameter */
-int SSL_check_private_key(SSL *ssl)
+int SSL_check_private_key(const SSL *ssl)
 	{
 	if (ssl == NULL)
 		{
@@ -825,7 +850,7 @@ int SSL_connect(SSL *s)
 	return(s->method->ssl_connect(s));
 	}
 
-long SSL_get_default_timeout(SSL *s)
+long SSL_get_default_timeout(const SSL *s)
 	{
 	return(s->method->get_timeout());
 	}
@@ -850,7 +875,7 @@ int SSL_peek(SSL *s,void *buf,int num)
 	{
 	if (s->handshake_func == 0)
 		{
-		SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+		SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
 		return -1;
 		}
 
@@ -941,12 +966,19 @@ long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
 		l=s->max_cert_list;
 		s->max_cert_list=larg;
 		return(l);
+	case SSL_CTRL_SET_MTU:
+		if (SSL_version(s) == DTLS1_VERSION)
+			{
+			s->d1->mtu = larg;
+			return larg;
+			}
+		return 0;
 	default:
 		return(s->method->ssl_ctrl(s,cmd,larg,parg));
 		}
 	}
 
-long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
+long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
 	{
 	switch(cmd)
 		{
@@ -1034,7 +1066,7 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
 		}
 	}
 
-long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
+long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
 	{
 	switch(cmd)
 		{
@@ -1072,7 +1104,7 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
 
 /** return a STACK of the ciphers available for the SSL and in order of
  * preference */
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s)
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
 	{
 	if (s != NULL)
 		{
@@ -1109,7 +1141,7 @@ STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
 	}
 
 /** The old interface to get the same thing as SSL_get_ciphers() */
-const char *SSL_get_cipher_list(SSL *s,int n)
+const char *SSL_get_cipher_list(const SSL *s,int n)
 	{
 	SSL_CIPHER *c;
 	STACK_OF(SSL_CIPHER) *sk;
@@ -1130,8 +1162,21 @@ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
 	
 	sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
 		&ctx->cipher_list_by_id,str);
-/* XXXX */
-	return((sk == NULL)?0:1);
+	/* ssl_create_cipher_list may return an empty stack if it
+	 * was unable to find a cipher matching the given rule string
+	 * (for example if the rule string specifies a cipher which
+	 * has been disabled). This is not an error as far as 
+	 * ssl_create_cipher_list is concerned, and hence 
+	 * ctx->cipher_list and ctx->cipher_list_by_id has been
+	 * updated. */
+	if (sk == NULL)
+		return 0;
+	else if (sk_SSL_CIPHER_num(sk) == 0)
+		{
+		SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+		return 0;
+		}
+	return 1;
 	}
 
 /** specify the ciphers to be used by the SSL */
@@ -1141,12 +1186,19 @@ int SSL_set_cipher_list(SSL *s,const char *str)
 	
 	sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
 		&s->cipher_list_by_id,str);
-/* XXXX */
-	return((sk == NULL)?0:1);
+	/* see comment in SSL_CTX_set_cipher_list */
+	if (sk == NULL)
+		return 0;
+	else if (sk_SSL_CIPHER_num(sk) == 0)
+		{
+		SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+		return 0;
+		}
+	return 1;
 	}
 
 /* works well for SSLv2, not so good for SSLv3 */
-char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
+char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
 	{
 	char *p;
 	const char *cp;
@@ -1181,7 +1233,8 @@ char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
 	return(buf);
 	}
 
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
+                             int (*put_cb)(const SSL_CIPHER *, unsigned char *))
 	{
 	int i,j=0;
 	SSL_CIPHER *c;
@@ -1200,7 +1253,8 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
                 if ((c->algorithms & SSL_KRB5) && nokrb5)
                     continue;
 #endif /* OPENSSL_NO_KRB5 */                    
-		j=ssl_put_cipher_by_char(s,c,p);
+
+		j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
 		p+=j;
 		}
 	return(p-q);
@@ -1250,7 +1304,7 @@ err:
 	return(NULL);
 	}
 
-unsigned long SSL_SESSION_hash(SSL_SESSION *a)
+unsigned long SSL_SESSION_hash(const SSL_SESSION *a)
 	{
 	unsigned long l;
 
@@ -1267,7 +1321,7 @@ unsigned long SSL_SESSION_hash(SSL_SESSION *a)
  * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
  * able to construct an SSL_SESSION that will collide with any existing session
  * with a matching session ID. */
-int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b)
+int SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
 	{
 	if (a->ssl_version != b->ssl_version)
 		return(1);
@@ -1341,7 +1395,9 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
 	ret->msg_callback=0;
 	ret->msg_callback_arg=NULL;
 	ret->verify_mode=SSL_VERIFY_NONE;
+#if 0
 	ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
+#endif
 	ret->sid_ctx_length=0;
 	ret->default_verify_callback=NULL;
 	if ((ret->cert=ssl_cert_new()) == NULL)
@@ -1350,6 +1406,8 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
 	ret->default_passwd_callback=0;
 	ret->default_passwd_callback_userdata=NULL;
 	ret->client_cert_cb=0;
+	ret->app_gen_cookie_cb=0;
+	ret->app_verify_cookie_cb=0;
 
 	ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash),
 			LHASH_COMP_FN(SSL_SESSION_cmp));
@@ -1367,6 +1425,10 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
 		goto err2;
 		}
 
+	ret->param = X509_VERIFY_PARAM_new();
+	if (!ret->param)
+		goto err;
+
 	if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
 		{
 		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
@@ -1423,6 +1485,9 @@ void SSL_CTX_free(SSL_CTX *a)
 		}
 #endif
 
+	if (a->param)
+		X509_VERIFY_PARAM_free(a->param);
+
 	/*
 	 * Free internal session cache. However: the remove_cb() may reference
 	 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
@@ -1485,7 +1550,7 @@ void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
 
 void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
 	{
-	ctx->verify_depth=depth;
+	X509_VERIFY_PARAM_set_depth(ctx->param, depth);
 	}
 
 void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
@@ -1495,6 +1560,13 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 	int rsa_enc_export,dh_rsa_export,dh_dsa_export;
 	int rsa_tmp_export,dh_tmp_export,kl;
 	unsigned long mask,emask;
+	int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
+#ifndef OPENSSL_NO_ECDH
+	int have_ecdh_tmp;
+#endif
+	X509 *x = NULL;
+	EVP_PKEY *ecc_pkey = NULL;
+	int signature_nid = 0;
 
 	if (c == NULL) return;
 
@@ -1515,6 +1587,9 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 	dh_tmp=dh_tmp_export=0;
 #endif
 
+#ifndef OPENSSL_NO_ECDH
+	have_ecdh_tmp=(c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
+#endif
 	cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
 	rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
 	rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
@@ -1529,7 +1604,8 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 /* FIX THIS EAY EAY EAY */
 	dh_dsa=  (cpk->x509 != NULL && cpk->privatekey != NULL);
 	dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
-
+	cpk= &(c->pkeys[SSL_PKEY_ECC]);
+	have_ecc_cert= (cpk->x509 != NULL && cpk->privatekey != NULL);
 	mask=0;
 	emask=0;
 
@@ -1586,11 +1662,127 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 	emask|=SSL_kKRB5|SSL_aKRB5;
 #endif
 
+	/* An ECC certificate may be usable for ECDH and/or
+	 * ECDSA cipher suites depending on the key usage extension.
+	 */
+	if (have_ecc_cert)
+		{
+                /* This call populates extension flags (ex_flags) */
+		x = (c->pkeys[SSL_PKEY_ECC]).x509;
+		X509_check_purpose(x, -1, 0);
+		ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
+		    (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
+		ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
+		    (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
+		ecc_pkey = X509_get_pubkey(x);
+		ecc_pkey_size = (ecc_pkey != NULL) ? 
+		    EVP_PKEY_bits(ecc_pkey) : 0;
+		EVP_PKEY_free(ecc_pkey);
+		if ((x->sig_alg) && (x->sig_alg->algorithm))
+			signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
+#ifndef OPENSSL_NO_ECDH
+		if (ecdh_ok)
+			{
+			if ((signature_nid == NID_md5WithRSAEncryption) ||
+			    (signature_nid == NID_md4WithRSAEncryption) ||
+			    (signature_nid == NID_md2WithRSAEncryption))
+				{
+				mask|=SSL_kECDH|SSL_aRSA;
+				if (ecc_pkey_size <= 163)
+					emask|=SSL_kECDH|SSL_aRSA;
+				}
+			if (signature_nid == NID_ecdsa_with_SHA1)
+				{
+				mask|=SSL_kECDH|SSL_aECDSA;
+				if (ecc_pkey_size <= 163)
+					emask|=SSL_kECDH|SSL_aECDSA;
+				}
+			}
+#endif
+#ifndef OPENSSL_NO_ECDSA
+		if (ecdsa_ok)
+			{
+			mask|=SSL_aECDSA;
+			emask|=SSL_aECDSA;
+			}
+#endif
+		}
+
+#ifndef OPENSSL_NO_ECDH
+	if (have_ecdh_tmp)
+		{
+		mask|=SSL_kECDHE;
+		emask|=SSL_kECDHE;
+		}
+#endif
 	c->mask=mask;
 	c->export_mask=emask;
 	c->valid=1;
 	}
 
+/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
+#define ku_reject(x, usage) \
+	(((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
+
+int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
+	{
+	unsigned long alg = cs->algorithms;
+	EVP_PKEY *pkey = NULL;
+	int keysize = 0;
+	int signature_nid = 0;
+
+	if (SSL_C_IS_EXPORT(cs))
+		{
+		/* ECDH key length in export ciphers must be <= 163 bits */
+		pkey = X509_get_pubkey(x);
+		if (pkey == NULL) return 0;
+		keysize = EVP_PKEY_bits(pkey);
+		EVP_PKEY_free(pkey);
+		if (keysize > 163) return 0;
+		}
+
+	/* This call populates the ex_flags field correctly */
+	X509_check_purpose(x, -1, 0);
+	if ((x->sig_alg) && (x->sig_alg->algorithm))
+		signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
+	if (alg & SSL_kECDH) 
+		{
+		/* key usage, if present, must allow key agreement */
+		if (ku_reject(x, X509v3_KU_KEY_AGREEMENT))
+			{
+			return 0;
+			}
+		if (alg & SSL_aECDSA) 
+			{
+			/* signature alg must be ECDSA */
+			if (signature_nid != NID_ecdsa_with_SHA1)
+				{
+				return 0;
+				}
+			}
+		if (alg & SSL_aRSA)
+			{
+			/* signature alg must be RSA */
+			if ((signature_nid != NID_md5WithRSAEncryption) &&
+			    (signature_nid != NID_md4WithRSAEncryption) &&
+			    (signature_nid != NID_md2WithRSAEncryption))
+				{
+				return 0;
+				}
+			}
+		} 
+	else if (alg & SSL_aECDSA)
+		{
+		/* key usage, if present, must allow signing */
+		if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))
+			{
+			return 0;
+			}
+		}
+
+	return 1;  /* all checks are ok */
+	}
+
 /* THIS NEEDS CLEANING UP */
 X509 *ssl_get_server_send_cert(SSL *s)
 	{
@@ -1605,7 +1797,26 @@ X509 *ssl_get_server_send_cert(SSL *s)
 	mask=is_export?c->export_mask:c->mask;
 	kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
 
-	if 	(kalg & SSL_kDHr)
+	if (kalg & SSL_kECDH)
+		{
+		/* we don't need to look at SSL_kECDHE 
+		 * since no certificate is needed for
+		 * anon ECDH and for authenticated
+		 * ECDHE, the check for the auth 
+		 * algorithm will set i correctly
+		 * NOTE: For ECDH-RSA, we need an ECC
+		 * not an RSA cert but for ECDHE-RSA
+		 * we need an RSA cert. Placing the
+		 * checks for SSL_kECDH before RSA
+		 * checks ensures the correct cert is chosen.
+		 */
+		i=SSL_PKEY_ECC;
+		}
+	else if (kalg & SSL_aECDSA)
+		{
+		i=SSL_PKEY_ECC;
+		}
+	else if (kalg & SSL_kDHr)
 		i=SSL_PKEY_DH_RSA;
 	else if (kalg & SSL_kDHd)
 		i=SSL_PKEY_DH_DSA;
@@ -1629,6 +1840,7 @@ X509 *ssl_get_server_send_cert(SSL *s)
 		return(NULL);
 		}
 	if (c->pkeys[i].x509 == NULL) return(NULL);
+
 	return(c->pkeys[i].x509);
 	}
 
@@ -1652,6 +1864,9 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
 		else
 			return(NULL);
 		}
+	else if ((alg & SSL_aECDSA) &&
+	         (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
+		return(c->pkeys[SSL_PKEY_ECC].privatekey);
 	else /* if (alg & SSL_aNULL) */
 		{
 		SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
@@ -1686,7 +1901,7 @@ void ssl_update_cache(SSL *s,int mode)
 			?s->ctx->stats.sess_connect_good
 			:s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
 			{
-			SSL_CTX_flush_sessions(s->ctx,time(NULL));
+			SSL_CTX_flush_sessions(s->ctx,(unsigned long)time(NULL));
 			}
 		}
 	}
@@ -1723,7 +1938,7 @@ int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
 	return(ret);
 	}
 
-int SSL_get_error(SSL *s,int i)
+int SSL_get_error(const SSL *s,int i)
 	{
 	int reason;
 	unsigned long l;
@@ -1857,13 +2072,25 @@ int ssl_undefined_function(SSL *s)
 	return(0);
 	}
 
+int ssl_undefined_void_function(void)
+	{
+	SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+	return(0);
+	}
+
+int ssl_undefined_const_function(const SSL *s)
+	{
+	SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+	return(0);
+	}
+
 SSL_METHOD *ssl_bad_method(int ver)
 	{
 	SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 	return(NULL);
 	}
 
-const char *SSL_get_version(SSL *s)
+const char *SSL_get_version(const SSL *s)
 	{
 	if (s->version == TLS1_VERSION)
 		return("TLSv1");
@@ -1966,8 +2193,8 @@ SSL *SSL_dup(SSL *s)
 	ret->rstate=s->rstate;
 	ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
 	ret->hit=s->hit;
-	ret->purpose=s->purpose;
-	ret->trust=s->trust;
+
+	X509_VERIFY_PARAM_inherit(ret->param, s->param);
 
 	/* dup the cipher_list and cipher_list_by_id stacks */
 	if (s->cipher_list != NULL)
@@ -2019,6 +2246,7 @@ void ssl_clear_cipher_ctx(SSL *s)
 		OPENSSL_free(s->enc_write_ctx);
 		s->enc_write_ctx=NULL;
 		}
+#ifndef OPENSSL_NO_COMP
 	if (s->expand != NULL)
 		{
 		COMP_CTX_free(s->expand);
@@ -2029,10 +2257,11 @@ void ssl_clear_cipher_ctx(SSL *s)
 		COMP_CTX_free(s->compress);
 		s->compress=NULL;
 		}
+#endif
 	}
 
 /* Fix this function so that it takes an optional type parameter */
-X509 *SSL_get_certificate(SSL *s)
+X509 *SSL_get_certificate(const SSL *s)
 	{
 	if (s->cert != NULL)
 		return(s->cert->key->x509);
@@ -2049,12 +2278,37 @@ EVP_PKEY *SSL_get_privatekey(SSL *s)
 		return(NULL);
 	}
 
-SSL_CIPHER *SSL_get_current_cipher(SSL *s)
+SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
 	{
 	if ((s->session != NULL) && (s->session->cipher != NULL))
 		return(s->session->cipher);
 	return(NULL);
 	}
+#ifdef OPENSSL_NO_COMP
+const void *SSL_get_current_compression(SSL *s)
+	{
+	return NULL;
+	}
+const void *SSL_get_current_expansion(SSL *s)
+	{
+	return NULL;
+	}
+#else
+
+const COMP_METHOD *SSL_get_current_compression(SSL *s)
+	{
+	if (s->compress != NULL)
+		return(s->compress->meth);
+	return(NULL);
+	}
+
+const COMP_METHOD *SSL_get_current_expansion(SSL *s)
+	{
+	if (s->expand != NULL)
+		return(s->expand->meth);
+	return(NULL);
+	}
+#endif
 
 int ssl_init_wbio_buffer(SSL *s,int push)
 	{
@@ -2113,7 +2367,7 @@ void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
 	ctx->quiet_shutdown=mode;
 	}
 
-int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx)
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
 	{
 	return(ctx->quiet_shutdown);
 	}
@@ -2123,7 +2377,7 @@ void SSL_set_quiet_shutdown(SSL *s,int mode)
 	s->quiet_shutdown=mode;
 	}
 
-int SSL_get_quiet_shutdown(SSL *s)
+int SSL_get_quiet_shutdown(const SSL *s)
 	{
 	return(s->quiet_shutdown);
 	}
@@ -2133,17 +2387,17 @@ void SSL_set_shutdown(SSL *s,int mode)
 	s->shutdown=mode;
 	}
 
-int SSL_get_shutdown(SSL *s)
+int SSL_get_shutdown(const SSL *s)
 	{
 	return(s->shutdown);
 	}
 
-int SSL_version(SSL *s)
+int SSL_version(const SSL *s)
 	{
 	return(s->version);
 	}
 
-SSL_CTX *SSL_get_SSL_CTX(SSL *ssl)
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
 	{
 	return(ssl->ctx);
 	}
@@ -2157,18 +2411,7 @@ int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
 		const char *CApath)
 	{
-	int r;
-
-#ifdef OPENSSL_FIPS
-	if(ctx->method->version == TLS1_VERSION)
-	    FIPS_allow_md5(1);
-#endif
-	r=X509_STORE_load_locations(ctx->cert_store,CAfile,CApath);
-#ifdef OPENSSL_FIPS
-	if(ctx->method->version == TLS1_VERSION)
-	    FIPS_allow_md5(0);
-#endif
-	return r;
+	return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
 	}
 #endif
 
@@ -2178,12 +2421,14 @@ void SSL_set_info_callback(SSL *ssl,
 	ssl->info_callback=cb;
 	}
 
-void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val)
+/* One compiler (Diab DCC) doesn't like argument names in returned
+   function pointer.  */
+void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/)
 	{
 	return ssl->info_callback;
 	}
 
-int SSL_state(SSL *ssl)
+int SSL_state(const SSL *ssl)
 	{
 	return(ssl->state);
 	}
@@ -2193,7 +2438,7 @@ void SSL_set_verify_result(SSL *ssl,long arg)
 	ssl->verify_result=arg;
 	}
 
-long SSL_get_verify_result(SSL *ssl)
+long SSL_get_verify_result(const SSL *ssl)
 	{
 	return(ssl->verify_result);
 	}
@@ -2210,7 +2455,7 @@ int SSL_set_ex_data(SSL *s,int idx,void *arg)
 	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
 	}
 
-void *SSL_get_ex_data(SSL *s,int idx)
+void *SSL_get_ex_data(const SSL *s,int idx)
 	{
 	return(CRYPTO_get_ex_data(&s->ex_data,idx));
 	}
@@ -2227,7 +2472,7 @@ int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
 	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
 	}
 
-void *SSL_CTX_get_ex_data(SSL_CTX *s,int idx)
+void *SSL_CTX_get_ex_data(const SSL_CTX *s,int idx)
 	{
 	return(CRYPTO_get_ex_data(&s->ex_data,idx));
 	}
@@ -2237,7 +2482,7 @@ int ssl_ok(SSL *s)
 	return(1);
 	}
 
-X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx)
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
 	{
 	return(ctx->cert_store);
 	}
@@ -2249,7 +2494,7 @@ void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
 	ctx->cert_store=store;
 	}
 
-int SSL_want(SSL *s)
+int SSL_want(const SSL *s)
 	{
 	return(s->rwstate);
 	}
@@ -2265,14 +2510,14 @@ void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
 							  int is_export,
 							  int keylength))
     {
-    SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+    SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
     }
 
 void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
 						  int is_export,
 						  int keylength))
     {
-    SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+    SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
     }
 #endif
 
@@ -2301,24 +2546,38 @@ RSA *cb(SSL *ssl,int is_export,int keylength)
 void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
 							int keylength))
 	{
-	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
 	}
 
 void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
 						int keylength))
 	{
-	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
+	}
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
+							int keylength))
+	{
+	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
+	}
+
+void SSL_set_tmp_ecdh_callback(SSL *ssl,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
+						int keylength))
+	{
+	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
 	}
 #endif
 
 
 void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
 	{
-	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
+	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
 	}
 void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
 	{
-	SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
+	SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
 	}