diff options
author | beck <> | 2000-03-19 11:13:58 +0000 |
---|---|---|
committer | beck <> | 2000-03-19 11:13:58 +0000 |
commit | 796d609550df3a33fc11468741c5d2f6d3df4c11 (patch) | |
tree | 6c6d539061caa20372dad0ac4ddb1dfae2fbe7fe /src/lib/libssl/s23_clnt.c | |
parent | 5be3114c1fd7e0dfea1e38d3abb4cbba75244419 (diff) | |
download | openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.gz openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.bz2 openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.zip |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'src/lib/libssl/s23_clnt.c')
-rw-r--r-- | src/lib/libssl/s23_clnt.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index 299d2ae5d2..aaedf6a9bb 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c | |||
@@ -68,8 +68,10 @@ static int ssl23_client_hello(SSL *s); | |||
68 | static int ssl23_get_server_hello(SSL *s); | 68 | static int ssl23_get_server_hello(SSL *s); |
69 | static SSL_METHOD *ssl23_get_client_method(int ver) | 69 | static SSL_METHOD *ssl23_get_client_method(int ver) |
70 | { | 70 | { |
71 | #ifndef NO_SSL2 | ||
71 | if (ver == SSL2_VERSION) | 72 | if (ver == SSL2_VERSION) |
72 | return(SSLv2_client_method()); | 73 | return(SSLv2_client_method()); |
74 | #endif | ||
73 | if (ver == SSL3_VERSION) | 75 | if (ver == SSL3_VERSION) |
74 | return(SSLv3_client_method()); | 76 | return(SSLv3_client_method()); |
75 | else if (ver == TLS1_VERSION) | 77 | else if (ver == TLS1_VERSION) |
@@ -102,7 +104,7 @@ int ssl23_connect(SSL *s) | |||
102 | int ret= -1; | 104 | int ret= -1; |
103 | int new_state,state; | 105 | int new_state,state; |
104 | 106 | ||
105 | RAND_seed(&Time,sizeof(Time)); | 107 | RAND_add(&Time,sizeof(Time),0); |
106 | ERR_clear_error(); | 108 | ERR_clear_error(); |
107 | clear_sys_error(); | 109 | clear_sys_error(); |
108 | 110 | ||
@@ -222,7 +224,7 @@ static int ssl23_client_hello(SSL *s) | |||
222 | #endif | 224 | #endif |
223 | 225 | ||
224 | p=s->s3->client_random; | 226 | p=s->s3->client_random; |
225 | RAND_bytes(p,SSL3_RANDOM_SIZE); | 227 | RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE); |
226 | 228 | ||
227 | /* Do the message type and length last */ | 229 | /* Do the message type and length last */ |
228 | d= &(buf[2]); | 230 | d= &(buf[2]); |
@@ -283,7 +285,7 @@ static int ssl23_client_hello(SSL *s) | |||
283 | i=ch_len; | 285 | i=ch_len; |
284 | s2n(i,d); | 286 | s2n(i,d); |
285 | memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); | 287 | memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); |
286 | RAND_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); | 288 | RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); |
287 | memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); | 289 | memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); |
288 | p+=i; | 290 | p+=i; |
289 | 291 | ||
@@ -307,7 +309,7 @@ static int ssl23_get_server_hello(SSL *s) | |||
307 | { | 309 | { |
308 | char buf[8]; | 310 | char buf[8]; |
309 | unsigned char *p; | 311 | unsigned char *p; |
310 | int i,ch_len; | 312 | int i; |
311 | int n; | 313 | int n; |
312 | 314 | ||
313 | n=ssl23_read_bytes(s,7); | 315 | n=ssl23_read_bytes(s,7); |
@@ -320,9 +322,14 @@ static int ssl23_get_server_hello(SSL *s) | |||
320 | if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && | 322 | if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && |
321 | (p[5] == 0x00) && (p[6] == 0x02)) | 323 | (p[5] == 0x00) && (p[6] == 0x02)) |
322 | { | 324 | { |
325 | #ifdef NO_SSL2 | ||
326 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); | ||
327 | goto err; | ||
328 | #else | ||
323 | /* we are talking sslv2 */ | 329 | /* we are talking sslv2 */ |
324 | /* we need to clean up the SSLv3 setup and put in the | 330 | /* we need to clean up the SSLv3 setup and put in the |
325 | * sslv2 stuff. */ | 331 | * sslv2 stuff. */ |
332 | int ch_len; | ||
326 | 333 | ||
327 | if (s->options & SSL_OP_NO_SSLv2) | 334 | if (s->options & SSL_OP_NO_SSLv2) |
328 | { | 335 | { |
@@ -375,6 +382,7 @@ static int ssl23_get_server_hello(SSL *s) | |||
375 | 382 | ||
376 | s->method=SSLv2_client_method(); | 383 | s->method=SSLv2_client_method(); |
377 | s->handshake_func=s->method->ssl_connect; | 384 | s->handshake_func=s->method->ssl_connect; |
385 | #endif | ||
378 | } | 386 | } |
379 | else if ((p[0] == SSL3_RT_HANDSHAKE) && | 387 | else if ((p[0] == SSL3_RT_HANDSHAKE) && |
380 | (p[1] == SSL3_VERSION_MAJOR) && | 388 | (p[1] == SSL3_VERSION_MAJOR) && |