OpenCoverage

ssl_lib.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/ssl/ssl_lib.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: ssl_lib.c,v 1.189 2018/09/05 16:58:59 jsing Exp $ */-
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)-
3 * All rights reserved.-
4 *-
5 * This package is an SSL implementation written-
6 * by Eric Young (eay@cryptsoft.com).-
7 * The implementation was written so as to conform with Netscapes SSL.-
8 *-
9 * This library is free for commercial and non-commercial use as long as-
10 * the following conditions are aheared to. The following conditions-
11 * apply to all code found in this distribution, be it the RC4, RSA,-
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation-
13 * included with this distribution is covered by the same copyright terms-
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).-
15 *-
16 * Copyright remains Eric Young's, and as such any Copyright notices in-
17 * the code are not to be removed.-
18 * If this package is used in a product, Eric Young should be given attribution-
19 * as the author of the parts of the library used.-
20 * This can be in the form of a textual message at program startup or-
21 * in documentation (online or textual) provided with the package.-
22 *-
23 * Redistribution and use in source and binary forms, with or without-
24 * modification, are permitted provided that the following conditions-
25 * are met:-
26 * 1. Redistributions of source code must retain the copyright-
27 * notice, this list of conditions and the following disclaimer.-
28 * 2. Redistributions in binary form must reproduce the above copyright-
29 * notice, this list of conditions and the following disclaimer in the-
30 * documentation and/or other materials provided with the distribution.-
31 * 3. All advertising materials mentioning features or use of this software-
32 * must display the following acknowledgement:-
33 * "This product includes cryptographic software written by-
34 * Eric Young (eay@cryptsoft.com)"-
35 * The word 'cryptographic' can be left out if the rouines from the library-
36 * being used are not cryptographic related :-).-
37 * 4. If you include any Windows specific code (or a derivative thereof) from-
38 * the apps directory (application code) you must include an acknowledgement:-
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"-
40 *-
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND-
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE-
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE-
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL-
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS-
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT-
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY-
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF-
51 * SUCH DAMAGE.-
52 *-
53 * The licence and distribution terms for any publically available version or-
54 * derivative of this code cannot be changed. i.e. this code cannot simply be-
55 * copied and put under another distribution licence-
56 * [including the GNU Public Licence.]-
57 */-
58/* ====================================================================-
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.-
60 *-
61 * Redistribution and use in source and binary forms, with or without-
62 * modification, are permitted provided that the following conditions-
63 * are met:-
64 *-
65 * 1. Redistributions of source code must retain the above copyright-
66 * notice, this list of conditions and the following disclaimer.-
67 *-
68 * 2. Redistributions in binary form must reproduce the above copyright-
69 * notice, this list of conditions and the following disclaimer in-
70 * the documentation and/or other materials provided with the-
71 * distribution.-
72 *-
73 * 3. All advertising materials mentioning features or use of this-
74 * software must display the following acknowledgment:-
75 * "This product includes software developed by the OpenSSL Project-
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"-
77 *-
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to-
79 * endorse or promote products derived from this software without-
80 * prior written permission. For written permission, please contact-
81 * openssl-core@openssl.org.-
82 *-
83 * 5. Products derived from this software may not be called "OpenSSL"-
84 * nor may "OpenSSL" appear in their names without prior written-
85 * permission of the OpenSSL Project.-
86 *-
87 * 6. Redistributions of any form whatsoever must retain the following-
88 * acknowledgment:-
89 * "This product includes software developed by the OpenSSL Project-
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"-
91 *-
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY-
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR-
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR-
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,-
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;-
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,-
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)-
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED-
103 * OF THE POSSIBILITY OF SUCH DAMAGE.-
104 * ====================================================================-
105 *-
106 * This product includes cryptographic software written by Eric Young-
107 * (eay@cryptsoft.com). This product includes software written by Tim-
108 * Hudson (tjh@cryptsoft.com).-
109 *-
110 */-
111/* ====================================================================-
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.-
113 * ECC cipher suite support in OpenSSL originally developed by-
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.-
115 */-
116/* ====================================================================-
117 * Copyright 2005 Nokia. All rights reserved.-
118 *-
119 * The portions of the attached software ("Contribution") is developed by-
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source-
121 * license.-
122 *-
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of-
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites-
125 * support (see RFC 4279) to OpenSSL.-
126 *-
127 * No patent licenses or other rights except those expressly stated in-
128 * the OpenSSL open source license shall be deemed granted or received-
129 * expressly, by implication, estoppel, or otherwise.-
130 *-
131 * No assurances are provided by Nokia that the Contribution does not-
132 * infringe the patent or other intellectual property rights of any third-
133 * party or that the license provides you with all the necessary rights-
134 * to make use of the Contribution.-
135 *-
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN-
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA-
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY-
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR-
140 * OTHERWISE.-
141 */-
142-
143#include <stdio.h>-
144-
145#include "ssl_locl.h"-
146-
147#include <openssl/bn.h>-
148#include <openssl/dh.h>-
149#include <openssl/lhash.h>-
150#include <openssl/objects.h>-
151#include <openssl/ocsp.h>-
152#include <openssl/x509v3.h>-
153-
154#ifndef OPENSSL_NO_ENGINE-
155#include <openssl/engine.h>-
156#endif-
157-
158#include "bytestring.h"-
159-
160const char *SSL_version_str = OPENSSL_VERSION_TEXT;-
161-
162int-
163SSL_clear(SSL *s)-
164{-
165 if (s->method == NULL) {
s->method == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 341 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-341
166 SSLerror(s, SSL_R_NO_METHOD_SPECIFIED);-
167 return (0);
never executed: return (0);
0
168 }-
169-
170 if (ssl_clear_bad_session(s)) {
ssl_clear_bad_session(s)Description
TRUEnever evaluated
FALSEevaluated 341 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-341
171 SSL_SESSION_free(s->session);-
172 s->session = NULL;-
173 }
never executed: end of block
0
174-
175 s->error = 0;-
176 s->internal->hit = 0;-
177 s->internal->shutdown = 0;-
178-
179 if (s->internal->renegotiate) {
s->internal->renegotiateDescription
TRUEnever evaluated
FALSEevaluated 341 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-341
180 SSLerror(s, ERR_R_INTERNAL_ERROR);-
181 return (0);
never executed: return (0);
0
182 }-
183-
184 s->internal->type = 0;-
185-
186 s->version = s->method->internal->version;-
187 s->client_version = s->version;-
188 s->internal->rwstate = SSL_NOTHING;-
189 s->internal->rstate = SSL_ST_READ_HEADER;-
190-
191 BUF_MEM_free(s->internal->init_buf);-
192 s->internal->init_buf = NULL;-
193-
194 ssl_clear_cipher_state(s);-
195-
196 s->internal->first_packet = 0;-
197-
198 /*-
199 * Check to see if we were changed into a different method, if-
200 * so, revert back if we are not doing session-id reuse.-
201 */-
202 if (!s->internal->in_handshake && (s->session == NULL) &&
!s->internal->in_handshakeDescription
TRUEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
FALSEevaluated 139 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
(s->session == ((void *)0) )Description
TRUEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
FALSEnever evaluated
0-202
203 (s->method != s->ctx->method)) {
(s->method != s->ctx->method)Description
TRUEnever evaluated
FALSEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-202
204 s->method->internal->ssl_free(s);-
205 s->method = s->ctx->method;-
206 if (!s->method->internal->ssl_new(s))
!s->method->in...al->ssl_new(s)Description
TRUEnever evaluated
FALSEnever evaluated
0
207 return (0);
never executed: return (0);
0
208 } else
never executed: end of block
0
209 s->method->internal->ssl_clear(s);
executed 341 times by 11 tests: s->method->internal->ssl_clear(s);
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
341
210-
211 S3I(s)->hs.state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);-
212-
213 return (1);
executed 341 times by 11 tests: return (1);
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
341
214}-
215-
216/* Used to change an SSL_CTXs default SSL method type */-
217int-
218SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)-
219{-
220 STACK_OF(SSL_CIPHER) *sk;-
221-
222 ctx->method = meth;-
223-
224 sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),-
225 &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);-
226 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
(sk == ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
(sk_num(((_STA...ER*)0))) <= 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
227 SSLerrorx(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);-
228 return (0);
never executed: return (0);
0
229 }-
230 return (1);
never executed: return (1);
0
231}-
232-
233SSL *-
234SSL_new(SSL_CTX *ctx)-
235{-
236 SSL *s;-
237-
238 if (ctx == NULL) {
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-202
239 SSLerrorx(SSL_R_NULL_SSL_CTX);-
240 return (NULL);
never executed: return ( ((void *)0) );
0
241 }-
242 if (ctx->method == NULL) {
ctx->method == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-202
243 SSLerrorx(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);-
244 return (NULL);
never executed: return ( ((void *)0) );
0
245 }-
246-
247 if ((s = calloc(1, sizeof(*s))) == NULL) {
(s = calloc(1,...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-202
248 SSLerrorx(ERR_R_MALLOC_FAILURE);-
249 return (NULL);
never executed: return ( ((void *)0) );
0
250 }-
251 if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
(s->internal =...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-202
252 free(s);-
253 SSLerrorx(ERR_R_MALLOC_FAILURE);-
254 return (NULL);
never executed: return ( ((void *)0) );
0
255 }-
256-
257 s->internal->min_version = ctx->internal->min_version;-
258 s->internal->max_version = ctx->internal->max_version;-
259-
260 s->internal->options = ctx->internal->options;-
261 s->internal->mode = ctx->internal->mode;-
262 s->internal->max_cert_list = ctx->internal->max_cert_list;-
263-
264 if (ctx->internal->cert != NULL) {
ctx->internal-...!= ((void *)0)Description
TRUEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
FALSEnever evaluated
0-202
265 /*-
266 * Earlier library versions used to copy the pointer to-
267 * the CERT, not its contents; only when setting new-
268 * parameters for the per-SSL copy, ssl_cert_new would be-
269 * called (and the direct reference to the per-SSL_CTX-
270 * settings would be lost, but those still were indirectly-
271 * accessed for various purposes, and for that reason they-
272 * used to be known as s->ctx->default_cert).-
273 * Now we don't look at the SSL_CTX's CERT after having-
274 * duplicated it once.-
275 */-
276 s->cert = ssl_cert_dup(ctx->internal->cert);-
277 if (s->cert == NULL)
s->cert == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-202
278 goto err;
never executed: goto err;
0
279 } else
executed 202 times by 11 tests: end of block
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
202
280 s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
never executed: s->cert= ((void *)0) ;
0
281-
282 s->internal->read_ahead = ctx->internal->read_ahead;-
283 s->internal->msg_callback = ctx->internal->msg_callback;-
284 s->internal->msg_callback_arg = ctx->internal->msg_callback_arg;-
285 s->verify_mode = ctx->verify_mode;-
286 s->sid_ctx_length = ctx->sid_ctx_length;-
287 OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);-
288 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));-
289 s->internal->verify_callback = ctx->internal->default_verify_callback;-
290 s->internal->generate_session_id = ctx->internal->generate_session_id;-
291-
292 s->param = X509_VERIFY_PARAM_new();-
293 if (!s->param)
!s->paramDescription
TRUEnever evaluated
FALSEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-202
294 goto err;
never executed: goto err;
0
295 X509_VERIFY_PARAM_inherit(s->param, ctx->param);-
296 s->internal->quiet_shutdown = ctx->internal->quiet_shutdown;-
297 s->max_send_fragment = ctx->internal->max_send_fragment;-
298-
299 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);-
300 s->ctx = ctx;-
301 s->internal->tlsext_debug_cb = 0;-
302 s->internal->tlsext_debug_arg = NULL;-
303 s->internal->tlsext_ticket_expected = 0;-
304 s->tlsext_status_type = -1;-
305 s->internal->tlsext_status_expected = 0;-
306 s->internal->tlsext_ocsp_ids = NULL;-
307 s->internal->tlsext_ocsp_exts = NULL;-
308 s->internal->tlsext_ocsp_resp = NULL;-
309 s->internal->tlsext_ocsp_resplen = -1;-
310 CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);-
311 s->initial_ctx = ctx;-
312-
313 if (ctx->internal->tlsext_ecpointformatlist != NULL) {
ctx->internal-...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-202
314 s->internal->tlsext_ecpointformatlist =-
315 calloc(ctx->internal->tlsext_ecpointformatlist_length,-
316 sizeof(ctx->internal->tlsext_ecpointformatlist[0]));-
317 if (s->internal->tlsext_ecpointformatlist == NULL)
s->internal->t...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
318 goto err;
never executed: goto err;
0
319 memcpy(s->internal->tlsext_ecpointformatlist,-
320 ctx->internal->tlsext_ecpointformatlist,-
321 ctx->internal->tlsext_ecpointformatlist_length *-
322 sizeof(ctx->internal->tlsext_ecpointformatlist[0]));-
323 s->internal->tlsext_ecpointformatlist_length =-
324 ctx->internal->tlsext_ecpointformatlist_length;-
325 }
never executed: end of block
0
326 if (ctx->internal->tlsext_supportedgroups != NULL) {
ctx->internal-...!= ((void *)0)Description
TRUEevaluated 57 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 145 times by 10 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
57-145
327 s->internal->tlsext_supportedgroups =-
328 calloc(ctx->internal->tlsext_supportedgroups_length,-
329 sizeof(ctx->internal->tlsext_supportedgroups));-
330 if (s->internal->tlsext_supportedgroups == NULL)
s->internal->t...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 57 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-57
331 goto err;
never executed: goto err;
0
332 memcpy(s->internal->tlsext_supportedgroups,-
333 ctx->internal->tlsext_supportedgroups,-
334 ctx->internal->tlsext_supportedgroups_length *-
335 sizeof(ctx->internal->tlsext_supportedgroups[0]));-
336 s->internal->tlsext_supportedgroups_length =-
337 ctx->internal->tlsext_supportedgroups_length;-
338 }
executed 57 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
57
339-
340 if (s->ctx->internal->alpn_client_proto_list != NULL) {
s->ctx->intern...!= ((void *)0)Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • ssltest
FALSEevaluated 194 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
8-194
341 s->internal->alpn_client_proto_list =-
342 malloc(s->ctx->internal->alpn_client_proto_list_len);-
343 if (s->internal->alpn_client_proto_list == NULL)
s->internal->a...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • ssltest
0-8
344 goto err;
never executed: goto err;
0
345 memcpy(s->internal->alpn_client_proto_list,-
346 s->ctx->internal->alpn_client_proto_list,-
347 s->ctx->internal->alpn_client_proto_list_len);-
348 s->internal->alpn_client_proto_list_len =-
349 s->ctx->internal->alpn_client_proto_list_len;-
350 }
executed 8 times by 1 test: end of block
Executed by:
  • ssltest
8
351-
352 s->verify_result = X509_V_OK;-
353-
354 s->method = ctx->method;-
355-
356 if (!s->method->internal->ssl_new(s))
!s->method->in...al->ssl_new(s)Description
TRUEnever evaluated
FALSEevaluated 202 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-202
357 goto err;
never executed: goto err;
0
358-
359 s->references = 1;-
360 s->server = (ctx->method->internal->ssl_accept == ssl_undefined_function) ? 0 : 1;
(ctx->method->...ined_function)Description
TRUEevaluated 36 times by 7 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • tls_ext_alpn
  • tlsexttest
  • tlstest
FALSEevaluated 166 times by 7 tests
Evaluated by:
  • cipherstest
  • servertest
  • ssl_versions
  • ssltest
  • tls_prf
  • tlsexttest
  • tlstest
36-166
361-
362 SSL_clear(s);-
363-
364 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data);-
365-
366 return (s);
executed 202 times by 11 tests: return (s);
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
202
367-
368 err:-
369 SSL_free(s);-
370 SSLerrorx(ERR_R_MALLOC_FAILURE);-
371 return (NULL);
never executed: return ( ((void *)0) );
0
372}-
373-
374int-
375SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,-
376 unsigned int sid_ctx_len)-
377{-
378 if (sid_ctx_len > sizeof ctx->sid_ctx) {
sid_ctx_len > ...f ctx->sid_ctxDescription
TRUEnever evaluated
FALSEevaluated 54 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-54
379 SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);-
380 return (0);
never executed: return (0);
0
381 }-
382 ctx->sid_ctx_length = sid_ctx_len;-
383 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);-
384-
385 return (1);
executed 54 times by 2 tests: return (1);
Executed by:
  • ssltest
  • tlstest
54
386}-
387-
388int-
389SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,-
390 unsigned int sid_ctx_len)-
391{-
392 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
sid_ctx_len > 32Description
TRUEnever evaluated
FALSEnever evaluated
0
393 SSLerror(ssl, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);-
394 return (0);
never executed: return (0);
0
395 }-
396 ssl->sid_ctx_length = sid_ctx_len;-
397 memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);-
398-
399 return (1);
never executed: return (1);
0
400}-
401-
402int-
403SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)-
404{-
405 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);-
406 ctx->internal->generate_session_id = cb;-
407 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);-
408 return (1);
never executed: return (1);
0
409}-
410-
411int-
412SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)-
413{-
414 CRYPTO_w_lock(CRYPTO_LOCK_SSL);-
415 ssl->internal->generate_session_id = cb;-
416 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);-
417 return (1);
never executed: return (1);
0
418}-
419-
420int-
421SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,-
422 unsigned int id_len)-
423{-
424 /*-
425 * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp-
426 * shows how we can "construct" a session to give us the desired-
427 * check - ie. to find if there's a session in the hash table-
428 * that would conflict with any new session built out of this-
429 * id/id_len and the ssl_version in use by this SSL.-
430 */-
431 SSL_SESSION r, *p;-
432-
433 if (id_len > sizeof r.session_id)
id_len > sizeof r.session_idDescription
TRUEnever evaluated
FALSEevaluated 12 times by 2 tests
Evaluated by:
  • servertest
  • tlstest
0-12
434 return (0);
never executed: return (0);
0
435-
436 r.ssl_version = ssl->version;-
437 r.session_id_length = id_len;-
438 memcpy(r.session_id, id, id_len);-
439-
440 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);-
441 p = lh_SSL_SESSION_retrieve(ssl->ctx->internal->sessions, &r);-
442 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);-
443 return (p != NULL);
executed 12 times by 2 tests: return (p != ((void *)0) );
Executed by:
  • servertest
  • tlstest
12
444}-
445-
446int-
447SSL_CTX_set_purpose(SSL_CTX *s, int purpose)-
448{-
449 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
never executed: return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
0
450}-
451-
452int-
453SSL_set_purpose(SSL *s, int purpose)-
454{-
455 return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
never executed: return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
0
456}-
457-
458int-
459SSL_CTX_set_trust(SSL_CTX *s, int trust)-
460{-
461 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
never executed: return (X509_VERIFY_PARAM_set_trust(s->param, trust));
0
462}-
463-
464int-
465SSL_set_trust(SSL *s, int trust)-
466{-
467 return (X509_VERIFY_PARAM_set_trust(s->param, trust));
never executed: return (X509_VERIFY_PARAM_set_trust(s->param, trust));
0
468}-
469-
470X509_VERIFY_PARAM *-
471SSL_CTX_get0_param(SSL_CTX *ctx)-
472{-
473 return (ctx->param);
never executed: return (ctx->param);
0
474}-
475-
476int-
477SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)-
478{-
479 return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
never executed: return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
0
480}-
481-
482X509_VERIFY_PARAM *-
483SSL_get0_param(SSL *ssl)-
484{-
485 return (ssl->param);
never executed: return (ssl->param);
0
486}-
487-
488int-
489SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)-
490{-
491 return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
never executed: return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
0
492}-
493-
494void-
495SSL_free(SSL *s)-
496{-
497 int i;-
498-
499 if (s == NULL)
s == ((void *)0)Description
TRUEevaluated 75 times by 3 tests
Evaluated by:
  • ssl_versions
  • tlstest
  • verifytest
FALSEevaluated 195 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
75-195
500 return;
executed 75 times by 3 tests: return;
Executed by:
  • ssl_versions
  • tlstest
  • verifytest
75
501-
502 i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);-
503 if (i > 0)
i > 0Description
TRUEnever evaluated
FALSEevaluated 195 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
0-195
504 return;
never executed: return;
0
505-
506 X509_VERIFY_PARAM_free(s->param);-
507-
508 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data);-
509-
510 if (s->bbio != NULL) {
s->bbio != ((void *)0)Description
TRUEevaluated 13 times by 2 tests
Evaluated by:
  • clienttest
  • servertest
FALSEevaluated 182 times by 9 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • libssl.so.46.0.1
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
13-182
511 /* If the buffering BIO is in place, pop it off */-
512 if (s->bbio == s->wbio) {
s->bbio == s->wbioDescription
TRUEevaluated 13 times by 2 tests
Evaluated by:
  • clienttest
  • servertest
FALSEnever evaluated
0-13
513 s->wbio = BIO_pop(s->wbio);-
514 }
executed 13 times by 2 tests: end of block
Executed by:
  • clienttest
  • servertest
13
515 BIO_free(s->bbio);-
516 s->bbio = NULL;-
517 }
executed 13 times by 2 tests: end of block
Executed by:
  • clienttest
  • servertest
13
518-
519 if (s->rbio != s->wbio)
s->rbio != s->wbioDescription
TRUEevaluated 15 times by 3 tests
Evaluated by:
  • clienttest
  • servertest
  • tlstest
FALSEevaluated 180 times by 9 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • libssl.so.46.0.1
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
15-180
520 BIO_free_all(s->rbio);
executed 15 times by 3 tests: BIO_free_all(s->rbio);
Executed by:
  • clienttest
  • servertest
  • tlstest
15
521 BIO_free_all(s->wbio);-
522-
523 BUF_MEM_free(s->internal->init_buf);-
524-
525 /* add extra stuff */-
526 sk_SSL_CIPHER_free(s->cipher_list);-
527 sk_SSL_CIPHER_free(s->internal->cipher_list_by_id);-
528-
529 /* Make the next call work :-) */-
530 if (s->session != NULL) {
s->session != ((void *)0)Description
TRUEevaluated 129 times by 5 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlsexttest
  • tlstest
FALSEevaluated 66 times by 7 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • libssl.so.46.0.1
  • ssl_versions
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
66-129
531 ssl_clear_bad_session(s);-
532 SSL_SESSION_free(s->session);-
533 }
executed 129 times by 5 tests: end of block
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlsexttest
  • tlstest
129
534-
535 ssl_clear_cipher_state(s);-
536-
537 ssl_cert_free(s->cert);-
538-
539 free(s->tlsext_hostname);-
540 SSL_CTX_free(s->initial_ctx);-
541-
542 free(s->internal->tlsext_ecpointformatlist);-
543 free(s->internal->tlsext_supportedgroups);-
544-
545 sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts,-
546 X509_EXTENSION_free);-
547 sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, OCSP_RESPID_free);-
548 free(s->internal->tlsext_ocsp_resp);-
549-
550 sk_X509_NAME_pop_free(s->internal->client_CA, X509_NAME_free);-
551-
552 if (s->method != NULL)
s->method != ((void *)0)Description
TRUEevaluated 195 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
FALSEnever evaluated
0-195
553 s->method->internal->ssl_free(s);
executed 195 times by 11 tests: s->method->internal->ssl_free(s);
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
195
554-
555 SSL_CTX_free(s->ctx);-
556-
557 free(s->internal->alpn_client_proto_list);-
558-
559#ifndef OPENSSL_NO_SRTP-
560 sk_SRTP_PROTECTION_PROFILE_free(s->internal->srtp_profiles);-
561#endif-
562-
563 free(s->internal);-
564 free(s);-
565}
executed 195 times by 11 tests: end of block
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
195
566-
567int-
568SSL_up_ref(SSL *s)-
569{-
570 int refs = CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL);-
571 return (refs > 1) ? 1 : 0;
never executed: return (refs > 1) ? 1 : 0;
(refs > 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
572}-
573-
574void-
575SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)-
576{-
577 /* If the output buffering BIO is still in place, remove it */-
578 if (s->bbio != NULL) {
s->bbio != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 143 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-143
579 if (s->wbio == s->bbio) {
s->wbio == s->bbioDescription
TRUEnever evaluated
FALSEnever evaluated
0
580 s->wbio = s->wbio->next_bio;-
581 s->bbio->next_bio = NULL;-
582 }
never executed: end of block
0
583 }
never executed: end of block
0
584-
585 if (s->rbio != rbio && s->rbio != s->wbio)
s->rbio != rbioDescription
TRUEevaluated 139 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
s->rbio != s->wbioDescription
TRUEnever evaluated
FALSEevaluated 139 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
0-139
586 BIO_free_all(s->rbio);
never executed: BIO_free_all(s->rbio);
0
587 if (s->wbio != wbio)
s->wbio != wbioDescription
TRUEevaluated 139 times by 4 tests
Evaluated by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
4-139
588 BIO_free_all(s->wbio);
executed 139 times by 4 tests: BIO_free_all(s->wbio);
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
139
589 s->rbio = rbio;-
590 s->wbio = wbio;-
591}
executed 143 times by 4 tests: end of block
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
143
592-
593BIO *-
594SSL_get_rbio(const SSL *s)-
595{-
596 return (s->rbio);
executed 2613 times by 3 tests: return (s->rbio);
Executed by:
  • clienttest
  • ssltest
  • tlstest
2613
597}-
598-
599BIO *-
600SSL_get_wbio(const SSL *s)-
601{-
602 return (s->wbio);
executed 755 times by 3 tests: return (s->wbio);
Executed by:
  • clienttest
  • ssltest
  • tlstest
755
603}-
604-
605int-
606SSL_get_fd(const SSL *s)-
607{-
608 return (SSL_get_rfd(s));
never executed: return (SSL_get_rfd(s));
0
609}-
610-
611int-
612SSL_get_rfd(const SSL *s)-
613{-
614 int ret = -1;-
615 BIO *b, *r;-
616-
617 b = SSL_get_rbio(s);-
618 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);-
619 if (r != NULL)
r != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
620 BIO_get_fd(r, &ret);
never executed: BIO_ctrl(r,105,0,(char *)&ret);
0
621 return (ret);
never executed: return (ret);
0
622}-
623-
624int-
625SSL_get_wfd(const SSL *s)-
626{-
627 int ret = -1;-
628 BIO *b, *r;-
629-
630 b = SSL_get_wbio(s);-
631 r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);-
632 if (r != NULL)
r != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
633 BIO_get_fd(r, &ret);
never executed: BIO_ctrl(r,105,0,(char *)&ret);
0
634 return (ret);
never executed: return (ret);
0
635}-
636-
637int-
638SSL_set_fd(SSL *s, int fd)-
639{-
640 int ret = 0;-
641 BIO *bio = NULL;-
642-
643 bio = BIO_new(BIO_s_socket());-
644-
645 if (bio == NULL) {
bio == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
646 SSLerror(s, ERR_R_BUF_LIB);-
647 goto err;
never executed: goto err;
0
648 }-
649 BIO_set_fd(bio, fd, BIO_NOCLOSE);-
650 SSL_set_bio(s, bio, bio);-
651 ret = 1;-
652err:
code before this statement never executed: err:
0
653 return (ret);
never executed: return (ret);
0
654}-
655-
656int-
657SSL_set_wfd(SSL *s, int fd)-
658{-
659 int ret = 0;-
660 BIO *bio = NULL;-
661-
662 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
(s->rbio == ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
(BIO_method_ty...x0400|0x0100))Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
663 || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
((int)BIO_ctrl... *)0) ) != fd)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
2
664 bio = BIO_new(BIO_s_socket());-
665-
666 if (bio == NULL) {
bio == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tlstest
0-2
667 SSLerror(s, ERR_R_BUF_LIB);-
668 goto err;
never executed: goto err;
0
669 }-
670 BIO_set_fd(bio, fd, BIO_NOCLOSE);-
671 SSL_set_bio(s, SSL_get_rbio(s), bio);-
672 } else
executed 2 times by 1 test: end of block
Executed by:
  • tlstest
2
673 SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
executed 2 times by 1 test: SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
Executed by:
  • tlstest
2
674 ret = 1;-
675err:
code before this statement executed 4 times by 1 test: err:
Executed by:
  • tlstest
4
676 return (ret);
executed 4 times by 1 test: return (ret);
Executed by:
  • tlstest
4
677}-
678-
679int-
680SSL_set_rfd(SSL *s, int fd)-
681{-
682 int ret = 0;-
683 BIO *bio = NULL;-
684-
685 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
(s->wbio == ((void *)0) )Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
FALSEnever evaluated
(BIO_method_ty...x0400|0x0100))Description
TRUEnever evaluated
FALSEnever evaluated
0-4
686 || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
((int)BIO_ctrl... *)0) ) != fd)Description
TRUEnever evaluated
FALSEnever evaluated
0
687 bio = BIO_new(BIO_s_socket());-
688-
689 if (bio == NULL) {
bio == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
690 SSLerror(s, ERR_R_BUF_LIB);-
691 goto err;
never executed: goto err;
0
692 }-
693 BIO_set_fd(bio, fd, BIO_NOCLOSE);-
694 SSL_set_bio(s, bio, SSL_get_wbio(s));-
695 } else
executed 4 times by 1 test: end of block
Executed by:
  • tlstest
4
696 SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
never executed: SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
0
697 ret = 1;-
698err:
code before this statement executed 4 times by 1 test: err:
Executed by:
  • tlstest
4
699 return (ret);
executed 4 times by 1 test: return (ret);
Executed by:
  • tlstest
4
700}-
701-
702-
703/* return length of latest Finished message we sent, copy to 'buf' */-
704size_t-
705SSL_get_finished(const SSL *s, void *buf, size_t count)-
706{-
707 size_t ret = 0;-
708-
709 if (s->s3 != NULL) {
s->s3 != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
710 ret = S3I(s)->tmp.finish_md_len;-
711 if (count > ret)
count > retDescription
TRUEnever evaluated
FALSEnever evaluated
0
712 count = ret;
never executed: count = ret;
0
713 memcpy(buf, S3I(s)->tmp.finish_md, count);-
714 }
never executed: end of block
0
715 return (ret);
never executed: return (ret);
0
716}-
717-
718/* return length of latest Finished message we expected, copy to 'buf' */-
719size_t-
720SSL_get_peer_finished(const SSL *s, void *buf, size_t count)-
721{-
722 size_t ret = 0;-
723-
724 if (s->s3 != NULL) {
s->s3 != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
725 ret = S3I(s)->tmp.peer_finish_md_len;-
726 if (count > ret)
count > retDescription
TRUEnever evaluated
FALSEnever evaluated
0
727 count = ret;
never executed: count = ret;
0
728 memcpy(buf, S3I(s)->tmp.peer_finish_md, count);-
729 }
never executed: end of block
0
730 return (ret);
never executed: return (ret);
0
731}-
732-
733-
734int-
735SSL_get_verify_mode(const SSL *s)-
736{-
737 return (s->verify_mode);
never executed: return (s->verify_mode);
0
738}-
739-
740int-
741SSL_get_verify_depth(const SSL *s)-
742{-
743 return (X509_VERIFY_PARAM_get_depth(s->param));
never executed: return (X509_VERIFY_PARAM_get_depth(s->param));
0
744}-
745-
746int-
747(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)-
748{-
749 return (s->internal->verify_callback);
never executed: return (s->internal->verify_callback);
0
750}-
751-
752int-
753SSL_CTX_get_verify_mode(const SSL_CTX *ctx)-
754{-
755 return (ctx->verify_mode);
never executed: return (ctx->verify_mode);
0
756}-
757-
758int-
759SSL_CTX_get_verify_depth(const SSL_CTX *ctx)-
760{-
761 return (X509_VERIFY_PARAM_get_depth(ctx->param));
never executed: return (X509_VERIFY_PARAM_get_depth(ctx->param));
0
762}-
763-
764int-
765(*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)-
766{-
767 return (ctx->internal->default_verify_callback);
never executed: return (ctx->internal->default_verify_callback);
0
768}-
769-
770void-
771SSL_set_verify(SSL *s, int mode,-
772 int (*callback)(int ok, X509_STORE_CTX *ctx))-
773{-
774 s->verify_mode = mode;-
775 if (callback != NULL)
callback != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
776 s->internal->verify_callback = callback;
never executed: s->internal->verify_callback = callback;
0
777}
never executed: end of block
0
778-
779void-
780SSL_set_verify_depth(SSL *s, int depth)-
781{-
782 X509_VERIFY_PARAM_set_depth(s->param, depth);-
783}
never executed: end of block
0
784-
785void-
786SSL_set_read_ahead(SSL *s, int yes)-
787{-
788 s->internal->read_ahead = yes;-
789}
never executed: end of block
0
790-
791int-
792SSL_get_read_ahead(const SSL *s)-
793{-
794 return (s->internal->read_ahead);
never executed: return (s->internal->read_ahead);
0
795}-
796-
797int-
798SSL_pending(const SSL *s)-
799{-
800 /*-
801 * SSL_pending cannot work properly if read-ahead is enabled-
802 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),-
803 * and it is impossible to fix since SSL_pending cannot report-
804 * errors that may be observed while scanning the new data.-
805 * (Note that SSL_pending() is often used as a boolean value,-
806 * so we'd better not return -1.)-
807 */-
808 return (ssl3_pending(s));
executed 560 times by 1 test: return (ssl3_pending(s));
Executed by:
  • ssltest
560
809}-
810-
811X509 *-
812SSL_get_peer_certificate(const SSL *s)-
813{-
814 X509 *r;-
815-
816 if ((s == NULL) || (s->session == NULL))
(s == ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 75 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
(s->session == ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 75 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-75
817 r = NULL;
never executed: r = ((void *)0) ;
0
818 else-
819 r = s->session->peer;
executed 75 times by 2 tests: r = s->session->peer;
Executed by:
  • ssltest
  • tlstest
75
820-
821 if (r == NULL)
r == ((void *)0)Description
TRUEevaluated 18 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 57 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
18-57
822 return (r);
executed 18 times by 2 tests: return (r);
Executed by:
  • ssltest
  • tlstest
18
823-
824 CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);-
825-
826 return (r);
executed 57 times by 2 tests: return (r);
Executed by:
  • ssltest
  • tlstest
57
827}-
828-
829STACK_OF(X509) *-
830SSL_get_peer_cert_chain(const SSL *s)-
831{-
832 STACK_OF(X509) *r;-
833-
834 if ((s == NULL) || (s->session == NULL) ||
(s == ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 16 times by 1 test
Evaluated by:
  • tlstest
(s->session == ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 16 times by 1 test
Evaluated by:
  • tlstest
0-16
835 (SSI(s)->sess_cert == NULL))
((s->session->... ((void *)0) )Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • tlstest
FALSEevaluated 8 times by 1 test
Evaluated by:
  • tlstest
8
836 r = NULL;
executed 8 times by 1 test: r = ((void *)0) ;
Executed by:
  • tlstest
8
837 else-
838 r = SSI(s)->sess_cert->cert_chain;
executed 8 times by 1 test: r = (s->session->internal)->sess_cert->cert_chain;
Executed by:
  • tlstest
8
839-
840 /*-
841 * If we are a client, cert_chain includes the peer's own-
842 * certificate;-
843 * if we are a server, it does not.-
844 */-
845 return (r);
executed 16 times by 1 test: return (r);
Executed by:
  • tlstest
16
846}-
847-
848/*-
849 * Now in theory, since the calling process own 't' it should be safe to-
850 * modify. We need to be able to read f without being hassled-
851 */-
852int-
853SSL_copy_session_id(SSL *t, const SSL *f)-
854{-
855 CERT *tmp;-
856-
857 /* Do we need to do SSL locking? */-
858 if (!SSL_set_session(t, SSL_get_session(f)))
!SSL_set_sessi...et_session(f))Description
TRUEnever evaluated
FALSEnever evaluated
0
859 return 0;
never executed: return 0;
0
860-
861 /* What if we are set up for one protocol but want to talk another? */-
862 if (t->method != f->method) {
t->method != f->methodDescription
TRUEnever evaluated
FALSEnever evaluated
0
863 t->method->internal->ssl_free(t);-
864 t->method = f->method;-
865 if (!t->method->internal->ssl_new(t))
!t->method->in...al->ssl_new(t)Description
TRUEnever evaluated
FALSEnever evaluated
0
866 return 0;
never executed: return 0;
0
867 }
never executed: end of block
0
868-
869 tmp = t->cert;-
870 if (f->cert != NULL) {
f->cert != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
871 CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);-
872 t->cert = f->cert;-
873 } else
never executed: end of block
0
874 t->cert = NULL;
never executed: t->cert = ((void *)0) ;
0
875 ssl_cert_free(tmp);-
876-
877 if (!SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length))
!SSL_set_sessi...id_ctx_length)Description
TRUEnever evaluated
FALSEnever evaluated
0
878 return 0;
never executed: return 0;
0
879-
880 return 1;
never executed: return 1;
0
881}-
882-
883/* Fix this so it checks all the valid key/cert options */-
884int-
885SSL_CTX_check_private_key(const SSL_CTX *ctx)-
886{-
887 if ((ctx == NULL) || (ctx->internal->cert == NULL) ||
(ctx == ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
(ctx->internal... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
888 (ctx->internal->cert->key->x509 == NULL)) {
(ctx->internal... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
889 SSLerrorx(SSL_R_NO_CERTIFICATE_ASSIGNED);-
890 return (0);
never executed: return (0);
0
891 }-
892 if (ctx->internal->cert->key->privatekey == NULL) {
ctx->internal-...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
893 SSLerrorx(SSL_R_NO_PRIVATE_KEY_ASSIGNED);-
894 return (0);
never executed: return (0);
0
895 }-
896 return (X509_check_private_key(ctx->internal->cert->key->x509,
executed 4 times by 1 test: return (X509_check_private_key(ctx->internal->cert->key->x509, ctx->internal->cert->key->privatekey));
Executed by:
  • tlstest
4
897 ctx->internal->cert->key->privatekey));
executed 4 times by 1 test: return (X509_check_private_key(ctx->internal->cert->key->x509, ctx->internal->cert->key->privatekey));
Executed by:
  • tlstest
4
898}-
899-
900/* Fix this function so that it takes an optional type parameter */-
901int-
902SSL_check_private_key(const SSL *ssl)-
903{-
904 if (ssl == NULL) {
ssl == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
905 SSLerrorx(ERR_R_PASSED_NULL_PARAMETER);-
906 return (0);
never executed: return (0);
0
907 }-
908 if (ssl->cert == NULL) {
ssl->cert == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
909 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);-
910 return (0);
never executed: return (0);
0
911 }-
912 if (ssl->cert->key->x509 == NULL) {
ssl->cert->key...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
913 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);-
914 return (0);
never executed: return (0);
0
915 }-
916 if (ssl->cert->key->privatekey == NULL) {
ssl->cert->key...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
917 SSLerror(ssl, SSL_R_NO_PRIVATE_KEY_ASSIGNED);-
918 return (0);
never executed: return (0);
0
919 }-
920 return (X509_check_private_key(ssl->cert->key->x509,
never executed: return (X509_check_private_key(ssl->cert->key->x509, ssl->cert->key->privatekey));
0
921 ssl->cert->key->privatekey));
never executed: return (X509_check_private_key(ssl->cert->key->x509, ssl->cert->key->privatekey));
0
922}-
923-
924int-
925SSL_accept(SSL *s)-
926{-
927 if (s->internal->handshake_func == NULL)
s->internal->h...== ((void *)0)Description
TRUEevaluated 6 times by 2 tests
Evaluated by:
  • servertest
  • tlstest
FALSEevaluated 8 times by 1 test
Evaluated by:
  • tlstest
6-8
928 SSL_set_accept_state(s); /* Not properly initialized yet */
executed 6 times by 2 tests: SSL_set_accept_state(s);
Executed by:
  • servertest
  • tlstest
6
929-
930 return (s->method->internal->ssl_accept(s));
executed 14 times by 2 tests: return (s->method->internal->ssl_accept(s));
Executed by:
  • servertest
  • tlstest
14
931}-
932-
933int-
934SSL_connect(SSL *s)-
935{-
936 if (s->internal->handshake_func == NULL)
s->internal->h...== ((void *)0)Description
TRUEevaluated 15 times by 2 tests
Evaluated by:
  • clienttest
  • tlstest
FALSEevaluated 12 times by 1 test
Evaluated by:
  • tlstest
12-15
937 SSL_set_connect_state(s); /* Not properly initialized yet */
executed 15 times by 2 tests: SSL_set_connect_state(s);
Executed by:
  • clienttest
  • tlstest
15
938-
939 return (s->method->internal->ssl_connect(s));
executed 27 times by 2 tests: return (s->method->internal->ssl_connect(s));
Executed by:
  • clienttest
  • tlstest
27
940}-
941-
942int-
943SSL_is_server(const SSL *s)-
944{-
945 return s->server;
never executed: return s->server;
0
946}-
947-
948long-
949SSL_get_default_timeout(const SSL *s)-
950{-
951 return (s->method->internal->get_timeout());
never executed: return (s->method->internal->get_timeout());
0
952}-
953-
954int-
955SSL_read(SSL *s, void *buf, int num)-
956{-
957 if (s->internal->handshake_func == NULL) {
s->internal->h...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1598 times by 1 test
Evaluated by:
  • ssltest
0-1598
958 SSLerror(s, SSL_R_UNINITIALIZED);-
959 return (-1);
never executed: return (-1);
0
960 }-
961-
962 if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {
s->internal->shutdown & 2Description
TRUEnever evaluated
FALSEevaluated 1598 times by 1 test
Evaluated by:
  • ssltest
0-1598
963 s->internal->rwstate = SSL_NOTHING;-
964 return (0);
never executed: return (0);
0
965 }-
966 return ssl3_read(s, buf, num);
executed 1598 times by 1 test: return ssl3_read(s, buf, num);
Executed by:
  • ssltest
1598
967}-
968-
969int-
970SSL_peek(SSL *s, void *buf, int num)-
971{-
972 if (s->internal->handshake_func == NULL) {
s->internal->h...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
973 SSLerror(s, SSL_R_UNINITIALIZED);-
974 return (-1);
never executed: return (-1);
0
975 }-
976-
977 if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) {
s->internal->shutdown & 2Description
TRUEnever evaluated
FALSEnever evaluated
0
978 return (0);
never executed: return (0);
0
979 }-
980 return ssl3_peek(s, buf, num);
never executed: return ssl3_peek(s, buf, num);
0
981}-
982-
983int-
984SSL_write(SSL *s, const void *buf, int num)-
985{-
986 if (s->internal->handshake_func == NULL) {
s->internal->h...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1526 times by 1 test
Evaluated by:
  • ssltest
0-1526
987 SSLerror(s, SSL_R_UNINITIALIZED);-
988 return (-1);
never executed: return (-1);
0
989 }-
990-
991 if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {
s->internal->shutdown & 1Description
TRUEnever evaluated
FALSEevaluated 1526 times by 1 test
Evaluated by:
  • ssltest
0-1526
992 s->internal->rwstate = SSL_NOTHING;-
993 SSLerror(s, SSL_R_PROTOCOL_IS_SHUTDOWN);-
994 return (-1);
never executed: return (-1);
0
995 }-
996 return ssl3_write(s, buf, num);
executed 1526 times by 1 test: return ssl3_write(s, buf, num);
Executed by:
  • ssltest
1526
997}-
998-
999int-
1000SSL_shutdown(SSL *s)-
1001{-
1002 /*-
1003 * Note that this function behaves differently from what one might-
1004 * expect. Return values are 0 for no success (yet),-
1005 * 1 for success; but calling it once is usually not enough,-
1006 * even if blocking I/O is used (see ssl3_shutdown).-
1007 */-
1008-
1009 if (s->internal->handshake_func == NULL) {
s->internal->h...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-126
1010 SSLerror(s, SSL_R_UNINITIALIZED);-
1011 return (-1);
never executed: return (-1);
0
1012 }-
1013-
1014 if (s != NULL && !SSL_in_init(s))
s != ((void *)0)Description
TRUEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEnever evaluated
!(SSL_state((s...x1000|0x2000))Description
TRUEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEnever evaluated
0-126
1015 return (ssl3_shutdown(s));
executed 126 times by 2 tests: return (ssl3_shutdown(s));
Executed by:
  • ssltest
  • tlstest
126
1016-
1017 return (1);
never executed: return (1);
0
1018}-
1019-
1020int-
1021SSL_renegotiate(SSL *s)-
1022{-
1023 if (s->internal->renegotiate == 0)
s->internal->renegotiate == 0Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • tlsexttest
FALSEnever evaluated
0-1
1024 s->internal->renegotiate = 1;
executed 1 time by 1 test: s->internal->renegotiate = 1;
Executed by:
  • tlsexttest
1
1025-
1026 s->internal->new_session = 1;-
1027-
1028 return (s->method->internal->ssl_renegotiate(s));
executed 1 time by 1 test: return (s->method->internal->ssl_renegotiate(s));
Executed by:
  • tlsexttest
1
1029}-
1030-
1031int-
1032SSL_renegotiate_abbreviated(SSL *s)-
1033{-
1034 if (s->internal->renegotiate == 0)
s->internal->renegotiate == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1035 s->internal->renegotiate = 1;
never executed: s->internal->renegotiate = 1;
0
1036-
1037 s->internal->new_session = 0;-
1038-
1039 return (s->method->internal->ssl_renegotiate(s));
never executed: return (s->method->internal->ssl_renegotiate(s));
0
1040}-
1041-
1042int-
1043SSL_renegotiate_pending(SSL *s)-
1044{-
1045 /*-
1046 * Becomes true when negotiation is requested;-
1047 * false again once a handshake has finished.-
1048 */-
1049 return (s->internal->renegotiate != 0);
never executed: return (s->internal->renegotiate != 0);
0
1050}-
1051-
1052long-
1053SSL_ctrl(SSL *s, int cmd, long larg, void *parg)-
1054{-
1055 long l;-
1056-
1057 switch (cmd) {-
1058 case SSL_CTRL_GET_READ_AHEAD:
never executed: case 40:
0
1059 return (s->internal->read_ahead);
never executed: return (s->internal->read_ahead);
0
1060 case SSL_CTRL_SET_READ_AHEAD:
never executed: case 41:
0
1061 l = s->internal->read_ahead;-
1062 s->internal->read_ahead = larg;-
1063 return (l);
never executed: return (l);
0
1064-
1065 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
never executed: case 16:
0
1066 s->internal->msg_callback_arg = parg;-
1067 return (1);
never executed: return (1);
0
1068-
1069 case SSL_CTRL_OPTIONS:
executed 450 times by 7 tests: case 32:
Executed by:
  • cipherstest
  • clienttest
  • servertest
  • ssl_versions
  • ssltest
  • tlsexttest
  • tlstest
450
1070 return (s->internal->options|=larg);
executed 450 times by 7 tests: return (s->internal->options|=larg);
Executed by:
  • cipherstest
  • clienttest
  • servertest
  • ssl_versions
  • ssltest
  • tlsexttest
  • tlstest
450
1071 case SSL_CTRL_CLEAR_OPTIONS:
executed 35 times by 2 tests: case 77:
Executed by:
  • ssl_versions
  • tlsexttest
35
1072 return (s->internal->options&=~larg);
executed 35 times by 2 tests: return (s->internal->options&=~larg);
Executed by:
  • ssl_versions
  • tlsexttest
35
1073 case SSL_CTRL_MODE:
never executed: case 33:
0
1074 return (s->internal->mode|=larg);
never executed: return (s->internal->mode|=larg);
0
1075 case SSL_CTRL_CLEAR_MODE:
never executed: case 78:
0
1076 return (s->internal->mode &=~larg);
never executed: return (s->internal->mode &=~larg);
0
1077 case SSL_CTRL_GET_MAX_CERT_LIST:
never executed: case 50:
0
1078 return (s->internal->max_cert_list);
never executed: return (s->internal->max_cert_list);
0
1079 case SSL_CTRL_SET_MAX_CERT_LIST:
never executed: case 51:
0
1080 l = s->internal->max_cert_list;-
1081 s->internal->max_cert_list = larg;-
1082 return (l);
never executed: return (l);
0
1083 case SSL_CTRL_SET_MTU:
never executed: case 17:
0
1084#ifndef OPENSSL_NO_DTLS1-
1085 if (larg < (long)dtls1_min_mtu())
larg < (long)dtls1_min_mtu()Description
TRUEnever evaluated
FALSEnever evaluated
0
1086 return (0);
never executed: return (0);
0
1087#endif-
1088 if (SSL_IS_DTLS(s)) {
(s->method->in...ion == 0xFEFF)Description
TRUEnever evaluated
FALSEnever evaluated
0
1089 D1I(s)->mtu = larg;-
1090 return (larg);
never executed: return (larg);
0
1091 }-
1092 return (0);
never executed: return (0);
0
1093 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
never executed: case 52:
0
1094 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
larg < 512Description
TRUEnever evaluated
FALSEnever evaluated
larg > 16384Description
TRUEnever evaluated
FALSEnever evaluated
0
1095 return (0);
never executed: return (0);
0
1096 s->max_send_fragment = larg;-
1097 return (1);
never executed: return (1);
0
1098 case SSL_CTRL_GET_RI_SUPPORT:
never executed: case 76:
0
1099 if (s->s3)
s->s3Description
TRUEnever evaluated
FALSEnever evaluated
0
1100 return (S3I(s)->send_connection_binding);
never executed: return ((s->s3->internal)->send_connection_binding);
0
1101 else return (0);
never executed: return (0);
0
1102 default:
executed 23 times by 2 tests: default:
Executed by:
  • tlsexttest
  • tlstest
23
1103 if (SSL_IS_DTLS(s))
(s->method->in...ion == 0xFEFF)Description
TRUEnever evaluated
FALSEevaluated 23 times by 2 tests
Evaluated by:
  • tlsexttest
  • tlstest
0-23
1104 return dtls1_ctrl(s, cmd, larg, parg);
never executed: return dtls1_ctrl(s, cmd, larg, parg);
0
1105 return ssl3_ctrl(s, cmd, larg, parg);
executed 23 times by 2 tests: return ssl3_ctrl(s, cmd, larg, parg);
Executed by:
  • tlsexttest
  • tlstest
23
1106 }-
1107}-
1108-
1109long-
1110SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))-
1111{-
1112 switch (cmd) {-
1113 case SSL_CTRL_SET_MSG_CALLBACK:
never executed: case 15:
0
1114 s->internal->msg_callback = (void (*)(int write_p, int version,-
1115 int content_type, const void *buf, size_t len,-
1116 SSL *ssl, void *arg))(fp);-
1117 return (1);
never executed: return (1);
0
1118-
1119 default:
never executed: default:
0
1120 return (ssl3_callback_ctrl(s, cmd, fp));
never executed: return (ssl3_callback_ctrl(s, cmd, fp));
0
1121 }-
1122}-
1123-
1124struct lhash_st_SSL_SESSION *-
1125SSL_CTX_sessions(SSL_CTX *ctx)-
1126{-
1127 return (ctx->internal->sessions);
never executed: return (ctx->internal->sessions);
0
1128}-
1129-
1130long-
1131SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)-
1132{-
1133 long l;-
1134-
1135 switch (cmd) {-
1136 case SSL_CTRL_GET_READ_AHEAD:
never executed: case 40:
0
1137 return (ctx->internal->read_ahead);
never executed: return (ctx->internal->read_ahead);
0
1138 case SSL_CTRL_SET_READ_AHEAD:
never executed: case 41:
0
1139 l = ctx->internal->read_ahead;-
1140 ctx->internal->read_ahead = larg;-
1141 return (l);
never executed: return (l);
0
1142-
1143 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
never executed: case 16:
0
1144 ctx->internal->msg_callback_arg = parg;-
1145 return (1);
never executed: return (1);
0
1146-
1147 case SSL_CTRL_GET_MAX_CERT_LIST:
never executed: case 50:
0
1148 return (ctx->internal->max_cert_list);
never executed: return (ctx->internal->max_cert_list);
0
1149 case SSL_CTRL_SET_MAX_CERT_LIST:
never executed: case 51:
0
1150 l = ctx->internal->max_cert_list;-
1151 ctx->internal->max_cert_list = larg;-
1152 return (l);
never executed: return (l);
0
1153-
1154 case SSL_CTRL_SET_SESS_CACHE_SIZE:
never executed: case 42:
0
1155 l = ctx->internal->session_cache_size;-
1156 ctx->internal->session_cache_size = larg;-
1157 return (l);
never executed: return (l);
0
1158 case SSL_CTRL_GET_SESS_CACHE_SIZE:
never executed: case 43:
0
1159 return (ctx->internal->session_cache_size);
never executed: return (ctx->internal->session_cache_size);
0
1160 case SSL_CTRL_SET_SESS_CACHE_MODE:
executed 8 times by 1 test: case 44:
Executed by:
  • tlstest
8
1161 l = ctx->internal->session_cache_mode;-
1162 ctx->internal->session_cache_mode = larg;-
1163 return (l);
executed 8 times by 1 test: return (l);
Executed by:
  • tlstest
8
1164 case SSL_CTRL_GET_SESS_CACHE_MODE:
never executed: case 45:
0
1165 return (ctx->internal->session_cache_mode);
never executed: return (ctx->internal->session_cache_mode);
0
1166-
1167 case SSL_CTRL_SESS_NUMBER:
never executed: case 20:
0
1168 return (lh_SSL_SESSION_num_items(ctx->internal->sessions));
never executed: return (lh_num_items(((_LHASH *)((void*) (1 ? ctx->internal->sessions : (struct lhash_st_SSL_SESSION*)0)))));
0
1169 case SSL_CTRL_SESS_CONNECT:
never executed: case 21:
0
1170 return (ctx->internal->stats.sess_connect);
never executed: return (ctx->internal->stats.sess_connect);
0
1171 case SSL_CTRL_SESS_CONNECT_GOOD:
never executed: case 22:
0
1172 return (ctx->internal->stats.sess_connect_good);
never executed: return (ctx->internal->stats.sess_connect_good);
0
1173 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
never executed: case 23:
0
1174 return (ctx->internal->stats.sess_connect_renegotiate);
never executed: return (ctx->internal->stats.sess_connect_renegotiate);
0
1175 case SSL_CTRL_SESS_ACCEPT:
never executed: case 24:
0
1176 return (ctx->internal->stats.sess_accept);
never executed: return (ctx->internal->stats.sess_accept);
0
1177 case SSL_CTRL_SESS_ACCEPT_GOOD:
never executed: case 25:
0
1178 return (ctx->internal->stats.sess_accept_good);
never executed: return (ctx->internal->stats.sess_accept_good);
0
1179 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
never executed: case 26:
0
1180 return (ctx->internal->stats.sess_accept_renegotiate);
never executed: return (ctx->internal->stats.sess_accept_renegotiate);
0
1181 case SSL_CTRL_SESS_HIT:
never executed: case 27:
0
1182 return (ctx->internal->stats.sess_hit);
never executed: return (ctx->internal->stats.sess_hit);
0
1183 case SSL_CTRL_SESS_CB_HIT:
never executed: case 28:
0
1184 return (ctx->internal->stats.sess_cb_hit);
never executed: return (ctx->internal->stats.sess_cb_hit);
0
1185 case SSL_CTRL_SESS_MISSES:
never executed: case 29:
0
1186 return (ctx->internal->stats.sess_miss);
never executed: return (ctx->internal->stats.sess_miss);
0
1187 case SSL_CTRL_SESS_TIMEOUTS:
never executed: case 30:
0
1188 return (ctx->internal->stats.sess_timeout);
never executed: return (ctx->internal->stats.sess_timeout);
0
1189 case SSL_CTRL_SESS_CACHE_FULL:
never executed: case 31:
0
1190 return (ctx->internal->stats.sess_cache_full);
never executed: return (ctx->internal->stats.sess_cache_full);
0
1191 case SSL_CTRL_OPTIONS:
executed 112 times by 4 tests: case 32:
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
112
1192 return (ctx->internal->options|=larg);
executed 112 times by 4 tests: return (ctx->internal->options|=larg);
Executed by:
  • clienttest
  • servertest
  • ssltest
  • tlstest
112
1193 case SSL_CTRL_CLEAR_OPTIONS:
executed 24 times by 1 test: case 77:
Executed by:
  • tlstest
24
1194 return (ctx->internal->options&=~larg);
executed 24 times by 1 test: return (ctx->internal->options&=~larg);
Executed by:
  • tlstest
24
1195 case SSL_CTRL_MODE:
executed 16 times by 1 test: case 33:
Executed by:
  • tlstest
16
1196 return (ctx->internal->mode|=larg);
executed 16 times by 1 test: return (ctx->internal->mode|=larg);
Executed by:
  • tlstest
16
1197 case SSL_CTRL_CLEAR_MODE:
never executed: case 78:
0
1198 return (ctx->internal->mode&=~larg);
never executed: return (ctx->internal->mode&=~larg);
0
1199 case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
never executed: case 52:
0
1200 if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
larg < 512Description
TRUEnever evaluated
FALSEnever evaluated
larg > 16384Description
TRUEnever evaluated
FALSEnever evaluated
0
1201 return (0);
never executed: return (0);
0
1202 ctx->internal->max_send_fragment = larg;-
1203 return (1);
never executed: return (1);
0
1204 default:
executed 110 times by 3 tests: default:
Executed by:
  • servertest
  • ssltest
  • tlstest
110
1205 return (ssl3_ctx_ctrl(ctx, cmd, larg, parg));
executed 110 times by 3 tests: return (ssl3_ctx_ctrl(ctx, cmd, larg, parg));
Executed by:
  • servertest
  • ssltest
  • tlstest
110
1206 }-
1207}-
1208-
1209long-
1210SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))-
1211{-
1212 switch (cmd) {-
1213 case SSL_CTRL_SET_MSG_CALLBACK:
never executed: case 15:
0
1214 ctx->internal->msg_callback = (void (*)(int write_p, int version,-
1215 int content_type, const void *buf, size_t len, SSL *ssl,-
1216 void *arg))(fp);-
1217 return (1);
never executed: return (1);
0
1218-
1219 default:
executed 62 times by 2 tests: default:
Executed by:
  • ssltest
  • tlstest
62
1220 return (ssl3_ctx_callback_ctrl(ctx, cmd, fp));
executed 62 times by 2 tests: return (ssl3_ctx_callback_ctrl(ctx, cmd, fp));
Executed by:
  • ssltest
  • tlstest
62
1221 }-
1222}-
1223-
1224int-
1225ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)-
1226{-
1227 long l;-
1228-
1229 l = a->id - b->id;-
1230 if (l == 0L)
l == 0LDescription
TRUEevaluated 1726 times by 7 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • servertest
  • ssltest
  • tls_prf
  • tlsexttest
  • tlstest
FALSEevaluated 7609 times by 7 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • servertest
  • ssltest
  • tls_prf
  • tlsexttest
  • tlstest
1726-7609
1231 return (0);
executed 1726 times by 7 tests: return (0);
Executed by:
  • cipher_list
  • cipherstest
  • servertest
  • ssltest
  • tls_prf
  • tlsexttest
  • tlstest
1726
1232 else-
1233 return ((l > 0) ? 1:-1);
executed 7609 times by 7 tests: return ((l > 0) ? 1:-1);
Executed by:
  • cipher_list
  • cipherstest
  • servertest
  • ssltest
  • tls_prf
  • tlsexttest
  • tlstest
(l > 0)Description
TRUEevaluated 3565 times by 7 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • servertest
  • ssltest
  • tls_prf
  • tlsexttest
  • tlstest
FALSEevaluated 4044 times by 7 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • servertest
  • ssltest
  • tls_prf
  • tlsexttest
  • tlstest
3565-7609
1234}-
1235-
1236int-
1237ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,-
1238 const SSL_CIPHER * const *bp)-
1239{-
1240 long l;-
1241-
1242 l = (*ap)->id - (*bp)->id;-
1243 if (l == 0L)
l == 0LDescription
TRUEevaluated 63 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEevaluated 39543 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
63-39543
1244 return (0);
executed 63 times by 2 tests: return (0);
Executed by:
  • ssltest
  • tlstest
63
1245 else-
1246 return ((l > 0) ? 1:-1);
executed 39543 times by 13 tests: return ((l > 0) ? 1:-1);
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
(l > 0)Description
TRUEevaluated 25472 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
FALSEevaluated 14071 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
14071-39543
1247}-
1248-
1249/*-
1250 * Return a STACK of the ciphers available for the SSL and in order of-
1251 * preference.-
1252 */-
1253STACK_OF(SSL_CIPHER) *-
1254SSL_get_ciphers(const SSL *s)-
1255{-
1256 if (s != NULL) {
s != ((void *)0)Description
TRUEevaluated 294 times by 7 tests
Evaluated by:
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssltest
  • tlsexttest
  • tlstest
FALSEnever evaluated
0-294
1257 if (s->cipher_list != NULL) {
s->cipher_list != ((void *)0)Description
TRUEevaluated 9 times by 1 test
Evaluated by:
  • tlsexttest
FALSEevaluated 285 times by 7 tests
Evaluated by:
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssltest
  • tlsexttest
  • tlstest
9-285
1258 return (s->cipher_list);
executed 9 times by 1 test: return (s->cipher_list);
Executed by:
  • tlsexttest
9
1259 } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
(s->ctx != ((void *)0) )Description
TRUEevaluated 285 times by 7 tests
Evaluated by:
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssltest
  • tlsexttest
  • tlstest
FALSEnever evaluated
(s->ctx->ciphe... ((void *)0) )Description
TRUEevaluated 285 times by 7 tests
Evaluated by:
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssltest
  • tlsexttest
  • tlstest
FALSEnever evaluated
0-285
1260 return (s->ctx->cipher_list);
executed 285 times by 7 tests: return (s->ctx->cipher_list);
Executed by:
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssltest
  • tlsexttest
  • tlstest
285
1261 }-
1262 }
never executed: end of block
0
1263 return (NULL);
never executed: return ( ((void *)0) );
0
1264}-
1265-
1266/*-
1267 * Return a STACK of the ciphers available for the SSL and in order of-
1268 * algorithm id.-
1269 */-
1270STACK_OF(SSL_CIPHER) *-
1271ssl_get_ciphers_by_id(SSL *s)-
1272{-
1273 if (s != NULL) {
s != ((void *)0)Description
TRUEevaluated 63 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEnever evaluated
0-63
1274 if (s->internal->cipher_list_by_id != NULL) {
s->internal->c...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 63 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-63
1275 return (s->internal->cipher_list_by_id);
never executed: return (s->internal->cipher_list_by_id);
0
1276 } else if ((s->ctx != NULL) &&
(s->ctx != ((void *)0) )Description
TRUEevaluated 63 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEnever evaluated
0-63
1277 (s->ctx->internal->cipher_list_by_id != NULL)) {
(s->ctx->inter... ((void *)0) )Description
TRUEevaluated 63 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEnever evaluated
0-63
1278 return (s->ctx->internal->cipher_list_by_id);
executed 63 times by 2 tests: return (s->ctx->internal->cipher_list_by_id);
Executed by:
  • ssltest
  • tlstest
63
1279 }-
1280 }
never executed: end of block
0
1281 return (NULL);
never executed: return ( ((void *)0) );
0
1282}-
1283-
1284/* See if we have any ECC cipher suites. */-
1285int-
1286ssl_has_ecc_ciphers(SSL *s)-
1287{-
1288 STACK_OF(SSL_CIPHER) *ciphers;-
1289 unsigned long alg_k, alg_a;-
1290 SSL_CIPHER *cipher;-
1291 int i;-
1292-
1293 if (s->version == DTLS1_VERSION)
s->version == 0xFEFFDescription
TRUEevaluated 24 times by 2 tests
Evaluated by:
  • clienttest
  • ssltest
FALSEevaluated 137 times by 4 tests
Evaluated by:
  • clienttest
  • ssltest
  • tlsexttest
  • tlstest
24-137
1294 return 0;
executed 24 times by 2 tests: return 0;
Executed by:
  • clienttest
  • ssltest
24
1295 if ((ciphers = SSL_get_ciphers(s)) == NULL)
(ciphers = SSL...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 137 times by 4 tests
Evaluated by:
  • clienttest
  • ssltest
  • tlsexttest
  • tlstest
0-137
1296 return 0;
never executed: return 0;
0
1297-
1298 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
i < sk_num(((_...L_CIPHER*)0)))Description
TRUEevaluated 452 times by 4 tests
Evaluated by:
  • clienttest
  • ssltest
  • tlsexttest
  • tlstest
FALSEevaluated 52 times by 2 tests
Evaluated by:
  • ssltest
  • tlsexttest
52-452
1299 cipher = sk_SSL_CIPHER_value(ciphers, i);-
1300-
1301 alg_k = cipher->algorithm_mkey;-
1302 alg_a = cipher->algorithm_auth;-
1303-
1304 if ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))
(alg_k & 0x00000080L)Description
TRUEevaluated 85 times by 4 tests
Evaluated by:
  • clienttest
  • ssltest
  • tlsexttest
  • tlstest
FALSEevaluated 367 times by 2 tests
Evaluated by:
  • ssltest
  • tlsexttest
(alg_a & 0x00000040L)Description
TRUEnever evaluated
FALSEevaluated 367 times by 2 tests
Evaluated by:
  • ssltest
  • tlsexttest
0-367
1305 return 1;
executed 85 times by 4 tests: return 1;
Executed by:
  • clienttest
  • ssltest
  • tlsexttest
  • tlstest
85
1306 }
executed 367 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlsexttest
367
1307-
1308 return 0;
executed 52 times by 2 tests: return 0;
Executed by:
  • ssltest
  • tlsexttest
52
1309}-
1310-
1311/* The old interface to get the same thing as SSL_get_ciphers(). */-
1312const char *-
1313SSL_get_cipher_list(const SSL *s, int n)-
1314{-
1315 SSL_CIPHER *c;-
1316 STACK_OF(SSL_CIPHER) *sk;-
1317-
1318 if (s == NULL)
s == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1319 return (NULL);
never executed: return ( ((void *)0) );
0
1320 sk = SSL_get_ciphers(s);-
1321 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
(sk == ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
(sk_num(((_STA...ER*)0))) <= n)Description
TRUEnever evaluated
FALSEnever evaluated
0
1322 return (NULL);
never executed: return ( ((void *)0) );
0
1323 c = sk_SSL_CIPHER_value(sk, n);-
1324 if (c == NULL)
c == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1325 return (NULL);
never executed: return ( ((void *)0) );
0
1326 return (c->name);
never executed: return (c->name);
0
1327}-
1328-
1329STACK_OF(SSL_CIPHER) *-
1330SSL_CTX_get_ciphers(const SSL_CTX *ctx)-
1331{-
1332 return ctx->cipher_list;
never executed: return ctx->cipher_list;
0
1333}-
1334-
1335/* Specify the ciphers to be used by default by the SSL_CTX. */-
1336int-
1337SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)-
1338{-
1339 STACK_OF(SSL_CIPHER) *sk;-
1340-
1341 sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,-
1342 &ctx->internal->cipher_list_by_id, str);-
1343 /*-
1344 * ssl_create_cipher_list may return an empty stack if it-
1345 * was unable to find a cipher matching the given rule string-
1346 * (for example if the rule string specifies a cipher which-
1347 * has been disabled). This is not an error as far as-
1348 * ssl_create_cipher_list is concerned, and hence-
1349 * ctx->cipher_list and ctx->internal->cipher_list_by_id has been-
1350 * updated.-
1351 */-
1352 if (sk == NULL)
sk == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 71 times by 5 tests
Evaluated by:
  • configtest
  • libssl.so.46.0.1
  • ssltest
  • tlstest
  • verifytest
0-71
1353 return (0);
never executed: return (0);
0
1354 else if (sk_SSL_CIPHER_num(sk) == 0) {
sk_num(((_STAC...HER*)0))) == 0Description
TRUEnever evaluated
FALSEevaluated 71 times by 5 tests
Evaluated by:
  • configtest
  • libssl.so.46.0.1
  • ssltest
  • tlstest
  • verifytest
0-71
1355 SSLerrorx(SSL_R_NO_CIPHER_MATCH);-
1356 return (0);
never executed: return (0);
0
1357 }-
1358 return (1);
executed 71 times by 5 tests: return (1);
Executed by:
  • configtest
  • libssl.so.46.0.1
  • ssltest
  • tlstest
  • verifytest
71
1359}-
1360-
1361/* Specify the ciphers to be used by the SSL. */-
1362int-
1363SSL_set_cipher_list(SSL *s, const char *str)-
1364{-
1365 STACK_OF(SSL_CIPHER) *sk;-
1366-
1367 sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,-
1368 &s->internal->cipher_list_by_id, str);-
1369 /* see comment in SSL_CTX_set_cipher_list */-
1370 if (sk == NULL)
sk == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 5 times by 1 test
Evaluated by:
  • tlsexttest
0-5
1371 return (0);
never executed: return (0);
0
1372 else if (sk_SSL_CIPHER_num(sk) == 0) {
sk_num(((_STAC...HER*)0))) == 0Description
TRUEnever evaluated
FALSEevaluated 5 times by 1 test
Evaluated by:
  • tlsexttest
0-5
1373 SSLerror(s, SSL_R_NO_CIPHER_MATCH);-
1374 return (0);
never executed: return (0);
0
1375 }-
1376 return (1);
executed 5 times by 1 test: return (1);
Executed by:
  • tlsexttest
5
1377}-
1378-
1379/* works well for SSLv2, not so good for SSLv3 */-
1380char *-
1381SSL_get_shared_ciphers(const SSL *s, char *buf, int len)-
1382{-
1383 char *end;-
1384 STACK_OF(SSL_CIPHER) *sk;-
1385 SSL_CIPHER *c;-
1386 size_t curlen = 0;-
1387 int i;-
1388-
1389 if (s->session == NULL || s->session->ciphers == NULL || len < 2)
s->session == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
s->session->ci...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
len < 2Description
TRUEnever evaluated
FALSEnever evaluated
0
1390 return (NULL);
never executed: return ( ((void *)0) );
0
1391-
1392 sk = s->session->ciphers;-
1393 if (sk_SSL_CIPHER_num(sk) == 0)
sk_num(((_STAC...HER*)0))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1394 return (NULL);
never executed: return ( ((void *)0) );
0
1395-
1396 buf[0] = '\0';-
1397 for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
i < sk_num(((_...L_CIPHER*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
1398 c = sk_SSL_CIPHER_value(sk, i);-
1399 end = buf + curlen;-
1400 if (strlcat(buf, c->name, len) >= len ||
strlcat(buf, c...e, len) >= lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
1401 (curlen = strlcat(buf, ":", len)) >= len) {
(curlen = strl..., len)) >= lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
1402 /* remove truncated cipher from list */-
1403 *end = '\0';-
1404 break;
never executed: break;
0
1405 }-
1406 }
never executed: end of block
0
1407 /* remove trailing colon */-
1408 if ((end = strrchr(buf, ':')) != NULL)
(end = strrchr...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1409 *end = '\0';
never executed: *end = '\0';
0
1410 return (buf);
never executed: return (buf);
0
1411}-
1412-
1413int-
1414ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb)-
1415{-
1416 SSL_CIPHER *cipher;-
1417 int num_ciphers = 0;-
1418 int i;-
1419-
1420 if (ciphers == NULL)
ciphers == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 76 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
0-76
1421 return 0;
never executed: return 0;
0
1422-
1423 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
i < sk_num(((_...L_CIPHER*)0)))Description
TRUEevaluated 1702 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
FALSEevaluated 76 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
76-1702
1424 if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
(cipher = ((SS...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1702 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
0-1702
1425 return 0;
never executed: return 0;
0
1426-
1427 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */-
1428 if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
(cipher->algor...& 0x00000004L)Description
TRUEevaluated 907 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
FALSEevaluated 795 times by 2 tests
Evaluated by:
  • clienttest
  • ssltest
795-907
1429 (TLS1_get_client_version(s) < TLS1_2_VERSION))
(s->client_ver... >> 8) == 0x03Description
TRUEevaluated 792 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
FALSEevaluated 115 times by 2 tests
Evaluated by:
  • clienttest
  • ssltest
(((s->client_v...: 0) < 0x0303)Description
TRUEevaluated 497 times by 2 tests
Evaluated by:
  • clienttest
  • ssltest
FALSEevaluated 410 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
115-792
1430 continue;
executed 497 times by 2 tests: continue;
Executed by:
  • clienttest
  • ssltest
497
1431-
1432 if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher)))
!CBB_add_u16(c...value(cipher))Description
TRUEnever evaluated
FALSEevaluated 1205 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
0-1205
1433 return 0;
never executed: return 0;
0
1434-
1435 num_ciphers++;-
1436 }
executed 1205 times by 4 tests: end of block
Executed by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
1205
1437-
1438 /* Add SCSV if there are other ciphers and we're not renegotiating. */-
1439 if (num_ciphers > 0 && !s->internal->renegotiate) {
num_ciphers > 0Description
TRUEevaluated 76 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
FALSEnever evaluated
!s->internal->renegotiateDescription
TRUEevaluated 75 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
FALSEevaluated 1 time by 1 test
Evaluated by:
  • cipher_list
0-76
1440 if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
!CBB_add_u16(c... & 0x0000ffff)Description
TRUEnever evaluated
FALSEevaluated 75 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
0-75
1441 return 0;
never executed: return 0;
0
1442 }
executed 75 times by 4 tests: end of block
Executed by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
75
1443-
1444 if (!CBB_flush(cbb))
!CBB_flush(cbb)Description
TRUEnever evaluated
FALSEevaluated 76 times by 4 tests
Evaluated by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
0-76
1445 return 0;
never executed: return 0;
0
1446-
1447 return 1;
executed 76 times by 4 tests: return 1;
Executed by:
  • cipher_list
  • clienttest
  • ssltest
  • tlstest
76
1448}-
1449-
1450STACK_OF(SSL_CIPHER) *-
1451ssl_bytes_to_cipher_list(SSL *s, CBS *cbs)-
1452{-
1453 STACK_OF(SSL_CIPHER) *ciphers = NULL;-
1454 const SSL_CIPHER *cipher;-
1455 uint16_t cipher_value, max_version;-
1456 unsigned long cipher_id;-
1457-
1458 if (s->s3 != NULL)
s->s3 != ((void *)0)Description
TRUEevaluated 68 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
0-68
1459 S3I(s)->send_connection_binding = 0;
executed 68 times by 4 tests: (s->s3->internal)->send_connection_binding = 0;
Executed by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
68
1460-
1461 if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) {
(ciphers = ((s...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 68 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
0-68
1462 SSLerror(s, ERR_R_MALLOC_FAILURE);-
1463 goto err;
never executed: goto err;
0
1464 }-
1465-
1466 while (CBS_len(cbs) > 0) {
CBS_len(cbs) > 0Description
TRUEevaluated 1020 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 66 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
66-1020
1467 if (!CBS_get_u16(cbs, &cipher_value)) {
!CBS_get_u16(c...&cipher_value)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • cipher_list
FALSEevaluated 1018 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
2-1018
1468 SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);-
1469 goto err;
executed 2 times by 1 test: goto err;
Executed by:
  • cipher_list
2
1470 }-
1471-
1472 cipher_id = SSL3_CK_ID | cipher_value;-
1473-
1474 if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) {
s->s3 != ((void *)0)Description
TRUEevaluated 1018 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
cipher_id == 0x030000FFDescription
TRUEevaluated 64 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 954 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
0-1018
1475 /*-
1476 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if-
1477 * renegotiating.-
1478 */-
1479 if (s->internal->renegotiate) {
s->internal->renegotiateDescription
TRUEnever evaluated
FALSEevaluated 64 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-64
1480 SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);-
1481 ssl3_send_alert(s, SSL3_AL_FATAL,-
1482 SSL_AD_HANDSHAKE_FAILURE);-
1483-
1484 goto err;
never executed: goto err;
0
1485 }-
1486 S3I(s)->send_connection_binding = 1;-
1487 continue;
executed 64 times by 3 tests: continue;
Executed by:
  • servertest
  • ssltest
  • tlstest
64
1488 }-
1489-
1490 if (cipher_id == SSL3_CK_FALLBACK_SCSV) {
cipher_id == 0x03005600Description
TRUEnever evaluated
FALSEevaluated 954 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
0-954
1491 /*-
1492 * TLS_FALLBACK_SCSV indicates that the client-
1493 * previously tried a higher protocol version.-
1494 * Fail if the current version is an unexpected-
1495 * downgrade.-
1496 */-
1497 max_version = ssl_max_server_version(s);-
1498 if (max_version == 0 || s->version < max_version) {
max_version == 0Description
TRUEnever evaluated
FALSEnever evaluated
s->version < max_versionDescription
TRUEnever evaluated
FALSEnever evaluated
0
1499 SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);-
1500 if (s->s3 != NULL)
s->s3 != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1501 ssl3_send_alert(s, SSL3_AL_FATAL,
never executed: ssl3_send_alert(s, 2, 86);
0
1502 SSL_AD_INAPPROPRIATE_FALLBACK);
never executed: ssl3_send_alert(s, 2, 86);
0
1503 goto err;
never executed: goto err;
0
1504 }-
1505 continue;
never executed: continue;
0
1506 }-
1507-
1508 if ((cipher = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
(cipher = ssl3...!= ((void *)0)Description
TRUEevaluated 902 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
FALSEevaluated 52 times by 1 test
Evaluated by:
  • servertest
52-902
1509 if (!sk_SSL_CIPHER_push(ciphers, cipher)) {
!sk_push(((_ST...L_CIPHER*)0)))Description
TRUEnever evaluated
FALSEevaluated 902 times by 4 tests
Evaluated by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
0-902
1510 SSLerror(s, ERR_R_MALLOC_FAILURE);-
1511 goto err;
never executed: goto err;
0
1512 }-
1513 }
executed 902 times by 4 tests: end of block
Executed by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
902
1514 }
executed 954 times by 4 tests: end of block
Executed by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
954
1515-
1516 return (ciphers);
executed 66 times by 4 tests: return (ciphers);
Executed by:
  • cipher_list
  • servertest
  • ssltest
  • tlstest
66
1517-
1518err:-
1519 sk_SSL_CIPHER_free(ciphers);-
1520-
1521 return (NULL);
executed 2 times by 1 test: return ( ((void *)0) );
Executed by:
  • cipher_list
2
1522}-
1523-
1524-
1525/*-
1526 * Return a servername extension value if provided in Client Hello, or NULL.-
1527 * So far, only host_name types are defined (RFC 3546).-
1528 */-
1529const char *-
1530SSL_get_servername(const SSL *s, const int type)-
1531{-
1532 if (type != TLSEXT_NAMETYPE_host_name)
type != 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
0-4
1533 return (NULL);
never executed: return ( ((void *)0) );
0
1534-
1535 return (s->session && !s->tlsext_hostname ?
executed 4 times by 1 test: return (s->session && !s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname);
Executed by:
  • tlstest
s->sessionDescription
TRUEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
FALSEnever evaluated
!s->tlsext_hostnameDescription
TRUEevaluated 4 times by 1 test
Evaluated by:
  • tlstest
FALSEnever evaluated
0-4
1536 s->session->tlsext_hostname :
executed 4 times by 1 test: return (s->session && !s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname);
Executed by:
  • tlstest
4
1537 s->tlsext_hostname);
executed 4 times by 1 test: return (s->session && !s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname);
Executed by:
  • tlstest
4
1538}-
1539-
1540int-
1541SSL_get_servername_type(const SSL *s)-
1542{-
1543 if (s->session &&
s->sessionDescription
TRUEnever evaluated
FALSEnever evaluated
0
1544 (!s->tlsext_hostname ?
!s->tlsext_hostnameDescription
TRUEnever evaluated
FALSEnever evaluated
(!s->tlsext_ho...sext_hostname)Description
TRUEnever evaluated
FALSEnever evaluated
0
1545 s->session->tlsext_hostname : s->tlsext_hostname))
(!s->tlsext_ho...sext_hostname)Description
TRUEnever evaluated
FALSEnever evaluated
0
1546 return (TLSEXT_NAMETYPE_host_name);
never executed: return (0);
0
1547 return (-1);
never executed: return (-1);
0
1548}-
1549-
1550/*-
1551 * SSL_select_next_proto implements standard protocol selection. It is-
1552 * expected that this function is called from the callback set by-
1553 * SSL_CTX_set_alpn_select_cb.-
1554 *-
1555 * The protocol data is assumed to be a vector of 8-bit, length prefixed byte-
1556 * strings. The length byte itself is not included in the length. A byte-
1557 * string of length 0 is invalid. No byte string may be truncated.-
1558 *-
1559 * It returns either:-
1560 * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or-
1561 * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.-
1562 */-
1563int-
1564SSL_select_next_proto(unsigned char **out, unsigned char *outlen,-
1565 const unsigned char *server, unsigned int server_len,-
1566 const unsigned char *client, unsigned int client_len)-
1567{-
1568 unsigned int i, j;-
1569 const unsigned char *result;-
1570 int status = OPENSSL_NPN_UNSUPPORTED;-
1571-
1572 /*-
1573 * For each protocol in server preference order,-
1574 * see if we support it.-
1575 */-
1576 for (i = 0; i < server_len; ) {
i < server_lenDescription
TRUEevaluated 9 times by 1 test
Evaluated by:
  • ssltest
FALSEevaluated 2 times by 1 test
Evaluated by:
  • ssltest
2-9
1577 for (j = 0; j < client_len; ) {
j < client_lenDescription
TRUEevaluated 12 times by 1 test
Evaluated by:
  • ssltest
FALSEevaluated 3 times by 1 test
Evaluated by:
  • ssltest
3-12
1578 if (server[i] == client[j] &&
server[i] == client[j]Description
TRUEevaluated 12 times by 1 test
Evaluated by:
  • ssltest
FALSEnever evaluated
0-12
1579 memcmp(&server[i + 1],
memcmp(&server...erver[i]) == 0Description
TRUEevaluated 6 times by 1 test
Evaluated by:
  • ssltest
FALSEevaluated 6 times by 1 test
Evaluated by:
  • ssltest
6
1580 &client[j + 1], server[i]) == 0) {
memcmp(&server...erver[i]) == 0Description
TRUEevaluated 6 times by 1 test
Evaluated by:
  • ssltest
FALSEevaluated 6 times by 1 test
Evaluated by:
  • ssltest
6
1581 /* We found a match */-
1582 result = &server[i];-
1583 status = OPENSSL_NPN_NEGOTIATED;-
1584 goto found;
executed 6 times by 1 test: goto found;
Executed by:
  • ssltest
6
1585 }-
1586 j += client[j];-
1587 j++;-
1588 }
executed 6 times by 1 test: end of block
Executed by:
  • ssltest
6
1589 i += server[i];-
1590 i++;-
1591 }
executed 3 times by 1 test: end of block
Executed by:
  • ssltest
3
1592-
1593 /* There's no overlap between our protocols and the server's list. */-
1594 result = client;-
1595 status = OPENSSL_NPN_NO_OVERLAP;-
1596-
1597found:
code before this statement executed 2 times by 1 test: found:
Executed by:
  • ssltest
2
1598 *out = (unsigned char *) result + 1;-
1599 *outlen = result[0];-
1600 return (status);
executed 8 times by 1 test: return (status);
Executed by:
  • ssltest
8
1601}-
1602-
1603/* SSL_get0_next_proto_negotiated is deprecated. */-
1604void-
1605SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,-
1606 unsigned *len)-
1607{-
1608 *data = NULL;-
1609 *len = 0;-
1610}
never executed: end of block
0
1611-
1612/* SSL_CTX_set_next_protos_advertised_cb is deprecated. */-
1613void-
1614SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,-
1615 const unsigned char **out, unsigned int *outlen, void *arg), void *arg)-
1616{-
1617}-
1618-
1619/* SSL_CTX_set_next_proto_select_cb is deprecated. */-
1620void-
1621SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,-
1622 unsigned char **out, unsigned char *outlen, const unsigned char *in,-
1623 unsigned int inlen, void *arg), void *arg)-
1624{-
1625}-
1626-
1627/*-
1628 * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified-
1629 * protocols, which must be in wire-format (i.e. a series of non-empty,-
1630 * 8-bit length-prefixed strings). Returns 0 on success.-
1631 */-
1632int-
1633SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,-
1634 unsigned int protos_len)-
1635{-
1636 int failed = 1;-
1637-
1638 if (protos == NULL || protos_len == 0)
protos == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • ssltest
protos_len == 0Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • ssltest
0-8
1639 goto err;
never executed: goto err;
0
1640-
1641 free(ctx->internal->alpn_client_proto_list);-
1642 ctx->internal->alpn_client_proto_list = NULL;-
1643 ctx->internal->alpn_client_proto_list_len = 0;-
1644-
1645 if ((ctx->internal->alpn_client_proto_list = malloc(protos_len))
(ctx->internal...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • ssltest
0-8
1646 == NULL)
(ctx->internal...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • ssltest
0-8
1647 goto err;
never executed: goto err;
0
1648 ctx->internal->alpn_client_proto_list_len = protos_len;-
1649-
1650 memcpy(ctx->internal->alpn_client_proto_list, protos, protos_len);-
1651-
1652 failed = 0;-
1653-
1654 err:
code before this statement executed 8 times by 1 test: err:
Executed by:
  • ssltest
8
1655 /* NOTE: Return values are the reverse of what you expect. */-
1656 return (failed);
executed 8 times by 1 test: return (failed);
Executed by:
  • ssltest
8
1657}-
1658-
1659/*-
1660 * SSL_set_alpn_protos sets the ALPN protocol list to the specified-
1661 * protocols, which must be in wire-format (i.e. a series of non-empty,-
1662 * 8-bit length-prefixed strings). Returns 0 on success.-
1663 */-
1664int-
1665SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,-
1666 unsigned int protos_len)-
1667{-
1668 int failed = 1;-
1669-
1670 if (protos == NULL || protos_len == 0)
protos == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 5 times by 2 tests
Evaluated by:
  • tls_ext_alpn
  • tlsexttest
protos_len == 0Description
TRUEnever evaluated
FALSEevaluated 5 times by 2 tests
Evaluated by:
  • tls_ext_alpn
  • tlsexttest
0-5
1671 goto err;
never executed: goto err;
0
1672-
1673 free(ssl->internal->alpn_client_proto_list);-
1674 ssl->internal->alpn_client_proto_list = NULL;-
1675 ssl->internal->alpn_client_proto_list_len = 0;-
1676-
1677 if ((ssl->internal->alpn_client_proto_list = malloc(protos_len))
(ssl->internal...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 5 times by 2 tests
Evaluated by:
  • tls_ext_alpn
  • tlsexttest
0-5
1678 == NULL)
(ssl->internal...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 5 times by 2 tests
Evaluated by:
  • tls_ext_alpn
  • tlsexttest
0-5
1679 goto err;
never executed: goto err;
0
1680 ssl->internal->alpn_client_proto_list_len = protos_len;-
1681-
1682 memcpy(ssl->internal->alpn_client_proto_list, protos, protos_len);-
1683-
1684 failed = 0;-
1685-
1686 err:
code before this statement executed 5 times by 2 tests: err:
Executed by:
  • tls_ext_alpn
  • tlsexttest
5
1687 /* NOTE: Return values are the reverse of what you expect. */-
1688 return (failed);
executed 5 times by 2 tests: return (failed);
Executed by:
  • tls_ext_alpn
  • tlsexttest
5
1689}-
1690-
1691/*-
1692 * SSL_CTX_set_alpn_select_cb sets a callback function that is called during-
1693 * ClientHello processing in order to select an ALPN protocol from the-
1694 * client's list of offered protocols.-
1695 */-
1696void-
1697SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,-
1698 int (*cb) (SSL *ssl, const unsigned char **out, unsigned char *outlen,-
1699 const unsigned char *in, unsigned int inlen, void *arg), void *arg)-
1700{-
1701 ctx->internal->alpn_select_cb = cb;-
1702 ctx->internal->alpn_select_cb_arg = arg;-
1703}
executed 10 times by 2 tests: end of block
Executed by:
  • ssltest
  • tls_ext_alpn
10
1704-
1705/*-
1706 * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return-
1707 * it sets data to point to len bytes of protocol name (not including the-
1708 * leading length-prefix byte). If the server didn't respond with* a negotiated-
1709 * protocol then len will be zero.-
1710 */-
1711void-
1712SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,-
1713 unsigned *len)-
1714{-
1715 *data = NULL;-
1716 *len = 0;-
1717-
1718 if (ssl->s3 != NULL) {
ssl->s3 != ((void *)0)Description
TRUEevaluated 126 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEnever evaluated
0-126
1719 *data = ssl->s3->internal->alpn_selected;-
1720 *len = ssl->s3->internal->alpn_selected_len;-
1721 }
executed 126 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
126
1722}
executed 126 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
126
1723-
1724int-
1725SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,-
1726 const char *label, size_t llen, const unsigned char *p, size_t plen,-
1727 int use_context)-
1728{-
1729 return (tls1_export_keying_material(s, out, olen,
never executed: return (tls1_export_keying_material(s, out, olen, label, llen, p, plen, use_context));
0
1730 label, llen, p, plen, use_context));
never executed: return (tls1_export_keying_material(s, out, olen, label, llen, p, plen, use_context));
0
1731}-
1732-
1733static unsigned long-
1734ssl_session_hash(const SSL_SESSION *a)-
1735{-
1736 unsigned long l;-
1737-
1738 l = (unsigned long)-
1739 ((unsigned int) a->session_id[0] )|-
1740 ((unsigned int) a->session_id[1]<< 8L)|-
1741 ((unsigned long)a->session_id[2]<<16L)|-
1742 ((unsigned long)a->session_id[3]<<24L);-
1743 return (l);
executed 12 times by 2 tests: return (l);
Executed by:
  • servertest
  • tlstest
12
1744}-
1745-
1746/*-
1747 * NB: If this function (or indeed the hash function which uses a sort of-
1748 * coarser function than this one) is changed, ensure-
1749 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being-
1750 * able to construct an SSL_SESSION that will collide with any existing session-
1751 * with a matching session ID.-
1752 */-
1753static int-
1754ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)-
1755{-
1756 if (a->ssl_version != b->ssl_version)
a->ssl_version...b->ssl_versionDescription
TRUEnever evaluated
FALSEnever evaluated
0
1757 return (1);
never executed: return (1);
0
1758 if (a->session_id_length != b->session_id_length)
a->session_id_...sion_id_lengthDescription
TRUEnever evaluated
FALSEnever evaluated
0
1759 return (1);
never executed: return (1);
0
1760 if (timingsafe_memcmp(a->session_id, b->session_id, a->session_id_length) != 0)
timingsafe_mem...d_length) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1761 return (1);
never executed: return (1);
0
1762 return (0);
never executed: return (0);
0
1763}-
1764-
1765/*-
1766 * These wrapper functions should remain rather than redeclaring-
1767 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each-
1768 * variable. The reason is that the functions aren't static, they're exposed via-
1769 * ssl.h.-
1770 */-
1771static unsigned long-
1772ssl_session_LHASH_HASH(const void *arg)-
1773{-
1774 const SSL_SESSION *a = arg;-
1775-
1776 return ssl_session_hash(a);
executed 12 times by 2 tests: return ssl_session_hash(a);
Executed by:
  • servertest
  • tlstest
12
1777}-
1778-
1779static int-
1780ssl_session_LHASH_COMP(const void *arg1, const void *arg2)-
1781{-
1782 const SSL_SESSION *a = arg1;-
1783 const SSL_SESSION *b = arg2;-
1784-
1785 return ssl_session_cmp(a, b);
never executed: return ssl_session_cmp(a, b);
0
1786}-
1787-
1788SSL_CTX *-
1789SSL_CTX_new(const SSL_METHOD *meth)-
1790{-
1791 SSL_CTX *ret;-
1792-
1793 if (!OPENSSL_init_ssl(0, NULL)) {
!OPENSSL_init_... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1794 SSLerrorx(SSL_R_LIBRARY_BUG);-
1795 return (NULL);
never executed: return ( ((void *)0) );
0
1796 }-
1797-
1798 if (meth == NULL) {
meth == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1799 SSLerrorx(SSL_R_NULL_SSL_METHOD_PASSED);-
1800 return (NULL);
never executed: return ( ((void *)0) );
0
1801 }-
1802-
1803 if ((ret = calloc(1, sizeof(*ret))) == NULL) {
(ret = calloc(...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1804 SSLerrorx(ERR_R_MALLOC_FAILURE);-
1805 return (NULL);
never executed: return ( ((void *)0) );
0
1806 }-
1807 if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
(ret->internal...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1808 free(ret);-
1809 SSLerrorx(ERR_R_MALLOC_FAILURE);-
1810 return (NULL);
never executed: return ( ((void *)0) );
0
1811 }-
1812-
1813 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
SSL_get_ex_dat..._CTX_idx() < 0Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1814 SSLerrorx(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);-
1815 goto err;
never executed: goto err;
0
1816 }-
1817-
1818 ret->method = meth;-
1819 ret->internal->min_version = meth->internal->min_version;-
1820 ret->internal->max_version = meth->internal->max_version;-
1821-
1822 ret->cert_store = NULL;-
1823 ret->internal->session_cache_mode = SSL_SESS_CACHE_SERVER;-
1824 ret->internal->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;-
1825 ret->internal->session_cache_head = NULL;-
1826 ret->internal->session_cache_tail = NULL;-
1827-
1828 /* We take the system default */-
1829 ret->session_timeout = meth->internal->get_timeout();-
1830-
1831 ret->internal->new_session_cb = 0;-
1832 ret->internal->remove_session_cb = 0;-
1833 ret->internal->get_session_cb = 0;-
1834 ret->internal->generate_session_id = 0;-
1835-
1836 memset((char *)&ret->internal->stats, 0, sizeof(ret->internal->stats));-
1837-
1838 ret->references = 1;-
1839 ret->internal->quiet_shutdown = 0;-
1840-
1841 ret->internal->info_callback = NULL;-
1842-
1843 ret->internal->app_verify_callback = 0;-
1844 ret->internal->app_verify_arg = NULL;-
1845-
1846 ret->internal->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;-
1847 ret->internal->read_ahead = 0;-
1848 ret->internal->msg_callback = 0;-
1849 ret->internal->msg_callback_arg = NULL;-
1850 ret->verify_mode = SSL_VERIFY_NONE;-
1851 ret->sid_ctx_length = 0;-
1852 ret->internal->default_verify_callback = NULL;-
1853 if ((ret->internal->cert = ssl_cert_new()) == NULL)
(ret->internal...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1854 goto err;
never executed: goto err;
0
1855-
1856 ret->default_passwd_callback = 0;-
1857 ret->default_passwd_callback_userdata = NULL;-
1858 ret->internal->client_cert_cb = 0;-
1859 ret->internal->app_gen_cookie_cb = 0;-
1860 ret->internal->app_verify_cookie_cb = 0;-
1861-
1862 ret->internal->sessions = lh_SSL_SESSION_new();-
1863 if (ret->internal->sessions == NULL)
ret->internal-...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1864 goto err;
never executed: goto err;
0
1865 ret->cert_store = X509_STORE_new();-
1866 if (ret->cert_store == NULL)
ret->cert_store == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1867 goto err;
never executed: goto err;
0
1868-
1869 ssl_create_cipher_list(ret->method, &ret->cipher_list,-
1870 &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);-
1871 if (ret->cipher_list == NULL ||
ret->cipher_li...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1872 sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
sk_num(((_STAC...HER*)0))) <= 0Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1873 SSLerrorx(SSL_R_LIBRARY_HAS_NO_CIPHERS);-
1874 goto err2;
never executed: goto err2;
0
1875 }-
1876-
1877 ret->param = X509_VERIFY_PARAM_new();-
1878 if (!ret->param)
!ret->paramDescription
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1879 goto err;
never executed: goto err;
0
1880-
1881 if ((ret->internal->client_CA = sk_X509_NAME_new_null()) == NULL)
(ret->internal...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 214 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-214
1882 goto err;
never executed: goto err;
0
1883-
1884 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->internal->ex_data);-
1885-
1886 ret->extra_certs = NULL;-
1887-
1888 ret->internal->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;-
1889-
1890 ret->internal->tlsext_servername_callback = 0;-
1891 ret->internal->tlsext_servername_arg = NULL;-
1892-
1893 /* Setup RFC4507 ticket keys */-
1894 arc4random_buf(ret->internal->tlsext_tick_key_name, 16);-
1895 arc4random_buf(ret->internal->tlsext_tick_hmac_key, 16);-
1896 arc4random_buf(ret->internal->tlsext_tick_aes_key, 16);-
1897-
1898 ret->internal->tlsext_status_cb = 0;-
1899 ret->internal->tlsext_status_arg = NULL;-
1900-
1901#ifndef OPENSSL_NO_ENGINE-
1902 ret->internal->client_cert_engine = NULL;-
1903#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO-
1904#define eng_strx(x) #x-
1905#define eng_str(x) eng_strx(x)-
1906 /* Use specific client engine automatically... ignore errors */-
1907 {-
1908 ENGINE *eng;-
1909 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));-
1910 if (!eng) {-
1911 ERR_clear_error();-
1912 ENGINE_load_builtin_engines();-
1913 eng = ENGINE_by_id(eng_str(-
1914 OPENSSL_SSL_CLIENT_ENGINE_AUTO));-
1915 }-
1916 if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))-
1917 ERR_clear_error();-
1918 }-
1919#endif-
1920#endif-
1921 /*-
1922 * Default is to connect to non-RI servers. When RI is more widely-
1923 * deployed might change this.-
1924 */-
1925 ret->internal->options |= SSL_OP_LEGACY_SERVER_CONNECT;-
1926-
1927 return (ret);
executed 214 times by 13 tests: return (ret);
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
214
1928err:-
1929 SSLerrorx(ERR_R_MALLOC_FAILURE);-
1930err2:
code before this statement never executed: err2:
0
1931 SSL_CTX_free(ret);-
1932 return (NULL);
never executed: return ( ((void *)0) );
0
1933}-
1934-
1935void-
1936SSL_CTX_free(SSL_CTX *ctx)-
1937{-
1938 int i;-
1939-
1940 if (ctx == NULL)
ctx == ((void *)0)Description
TRUEevaluated 74 times by 2 tests
Evaluated by:
  • tlstest
  • verifytest
FALSEevaluated 597 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
74-597
1941 return;
executed 74 times by 2 tests: return;
Executed by:
  • tlstest
  • verifytest
74
1942-
1943 i = CRYPTO_add(&ctx->references, -1, CRYPTO_LOCK_SSL_CTX);-
1944 if (i > 0)
i > 0Description
TRUEevaluated 390 times by 11 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
FALSEevaluated 207 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
207-390
1945 return;
executed 390 times by 11 tests: return;
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
390
1946-
1947 X509_VERIFY_PARAM_free(ctx->param);-
1948-
1949 /*-
1950 * Free internal session cache. However: the remove_cb() may reference-
1951 * the ex_data of SSL_CTX, thus the ex_data store can only be removed-
1952 * after the sessions were flushed.-
1953 * As the ex_data handling routines might also touch the session cache,-
1954 * the most secure solution seems to be: empty (flush) the cache, then-
1955 * free ex_data, then finally free the cache.-
1956 * (See ticket [openssl.org #212].)-
1957 */-
1958 if (ctx->internal->sessions != NULL)
ctx->internal-...!= ((void *)0)Description
TRUEevaluated 207 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
FALSEnever evaluated
0-207
1959 SSL_CTX_flush_sessions(ctx, 0);
executed 207 times by 13 tests: SSL_CTX_flush_sessions(ctx, 0);
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
207
1960-
1961 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ctx, &ctx->internal->ex_data);-
1962-
1963 lh_SSL_SESSION_free(ctx->internal->sessions);-
1964-
1965 X509_STORE_free(ctx->cert_store);-
1966 sk_SSL_CIPHER_free(ctx->cipher_list);-
1967 sk_SSL_CIPHER_free(ctx->internal->cipher_list_by_id);-
1968 ssl_cert_free(ctx->internal->cert);-
1969 sk_X509_NAME_pop_free(ctx->internal->client_CA, X509_NAME_free);-
1970 sk_X509_pop_free(ctx->extra_certs, X509_free);-
1971-
1972#ifndef OPENSSL_NO_SRTP-
1973 if (ctx->internal->srtp_profiles)
ctx->internal->srtp_profilesDescription
TRUEnever evaluated
FALSEevaluated 207 times by 13 tests
Evaluated by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
0-207
1974 sk_SRTP_PROTECTION_PROFILE_free(ctx->internal->srtp_profiles);
never executed: sk_free(((_STACK*) (1 ? (ctx->internal->srtp_profiles) : (struct stack_st_SRTP_PROTECTION_PROFILE*)0)));
0
1975#endif-
1976-
1977#ifndef OPENSSL_NO_ENGINE-
1978 ENGINE_finish(ctx->internal->client_cert_engine);-
1979#endif-
1980-
1981 free(ctx->internal->tlsext_ecpointformatlist);-
1982 free(ctx->internal->tlsext_supportedgroups);-
1983-
1984 free(ctx->internal->alpn_client_proto_list);-
1985-
1986 free(ctx->internal);-
1987 free(ctx);-
1988}
executed 207 times by 13 tests: end of block
Executed by:
  • cipher_list
  • cipherstest
  • clienttest
  • configtest
  • libssl.so.46.0.1
  • servertest
  • ssl_versions
  • ssltest
  • tls_ext_alpn
  • tls_prf
  • tlsexttest
  • tlstest
  • verifytest
207
1989-
1990int-
1991SSL_CTX_up_ref(SSL_CTX *ctx)-
1992{-
1993 int refs = CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);-
1994 return ((refs > 1) ? 1 : 0);
never executed: return ((refs > 1) ? 1 : 0);
(refs > 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
1995}-
1996-
1997pem_password_cb *-
1998SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)-
1999{-
2000 return (ctx->default_passwd_callback);
never executed: return (ctx->default_passwd_callback);
0
2001}-
2002-
2003void-
2004SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)-
2005{-
2006 ctx->default_passwd_callback = cb;-
2007}
never executed: end of block
0
2008-
2009void *-
2010SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)-
2011{-
2012 return ctx->default_passwd_callback_userdata;
never executed: return ctx->default_passwd_callback_userdata;
0
2013}-
2014-
2015void-
2016SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)-
2017{-
2018 ctx->default_passwd_callback_userdata = u;-
2019}
never executed: end of block
0
2020-
2021void-
2022SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,-
2023 void *), void *arg)-
2024{-
2025 ctx->internal->app_verify_callback = cb;-
2026 ctx->internal->app_verify_arg = arg;-
2027}
executed 18 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
18
2028-
2029void-
2030SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))-
2031{-
2032 ctx->verify_mode = mode;-
2033 ctx->internal->default_verify_callback = cb;-
2034}
executed 18 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
18
2035-
2036void-
2037SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)-
2038{-
2039 X509_VERIFY_PARAM_set_depth(ctx->param, depth);-
2040}
executed 4 times by 1 test: end of block
Executed by:
  • tlstest
4
2041-
2042void-
2043ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)-
2044{-
2045 int rsa_enc, rsa_sign, dh_tmp;-
2046 int have_ecc_cert;-
2047 unsigned long mask_k, mask_a;-
2048 X509 *x = NULL;-
2049 CERT_PKEY *cpk;-
2050-
2051 if (c == NULL)
c == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 149 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-149
2052 return;
never executed: return;
0
2053-
2054 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL ||
c->dh_tmp != ((void *)0)Description
TRUEevaluated 124 times by 1 test
Evaluated by:
  • ssltest
FALSEevaluated 25 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
c->dh_tmp_cb != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 25 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
0-124
2055 c->dh_tmp_auto != 0);
c->dh_tmp_auto != 0Description
TRUEevaluated 6 times by 1 test
Evaluated by:
  • servertest
FALSEevaluated 19 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
6-19
2056-
2057 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);-
2058 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
cpk->x509 != ((void *)0)Description
TRUEevaluated 149 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
cpk->privatekey != ((void *)0)Description
TRUEevaluated 149 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
0-149
2059 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);-
2060 rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
cpk->x509 != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 149 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
cpk->privatekey != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0-149
2061 cpk = &(c->pkeys[SSL_PKEY_ECC]);-
2062 have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
cpk->x509 != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 149 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
cpk->privatekey != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0-149
2063-
2064 mask_k = 0;-
2065 mask_a = 0;-
2066-
2067 cpk = &(c->pkeys[SSL_PKEY_GOST01]);-
2068 if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
cpk->x509 != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 149 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
cpk->privatekey != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0-149
2069 mask_k |= SSL_kGOST;-
2070 mask_a |= SSL_aGOST01;-
2071 }
never executed: end of block
0
2072-
2073 if (rsa_enc)
rsa_encDescription
TRUEevaluated 149 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
0-149
2074 mask_k |= SSL_kRSA;
executed 149 times by 3 tests: mask_k |= 0x00000001L;
Executed by:
  • servertest
  • ssltest
  • tlstest
149
2075-
2076 if (dh_tmp)
dh_tmpDescription
TRUEevaluated 130 times by 2 tests
Evaluated by:
  • servertest
  • ssltest
FALSEevaluated 19 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
19-130
2077 mask_k |= SSL_kDHE;
executed 130 times by 2 tests: mask_k |= 0x00000008L;
Executed by:
  • servertest
  • ssltest
130
2078-
2079 if (rsa_enc || rsa_sign)
rsa_encDescription
TRUEevaluated 149 times by 3 tests
Evaluated by:
  • servertest
  • ssltest
  • tlstest
FALSEnever evaluated
rsa_signDescription
TRUEnever evaluated
FALSEnever evaluated
0-149
2080 mask_a |= SSL_aRSA;
executed 149 times by 3 tests: mask_a |= 0x00000001L;
Executed by:
  • servertest
  • ssltest
  • tlstest
149
2081-
2082 mask_a |= SSL_aNULL;-
2083-
2084 /*-