summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s23_clnt.c
diff options
context:
space:
mode:
authorbeck <>2000-03-19 11:13:58 +0000
committerbeck <>2000-03-19 11:13:58 +0000
commit796d609550df3a33fc11468741c5d2f6d3df4c11 (patch)
tree6c6d539061caa20372dad0ac4ddb1dfae2fbe7fe /src/lib/libssl/s23_clnt.c
parent5be3114c1fd7e0dfea1e38d3abb4cbba75244419 (diff)
downloadopenbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.gz
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.bz2
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.zip
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'src/lib/libssl/s23_clnt.c')
-rw-r--r--src/lib/libssl/s23_clnt.c16
1 files changed, 12 insertions, 4 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 299d2ae5d2..aaedf6a9bb 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -68,8 +68,10 @@ static int ssl23_client_hello(SSL *s);
68static int ssl23_get_server_hello(SSL *s); 68static int ssl23_get_server_hello(SSL *s);
69static SSL_METHOD *ssl23_get_client_method(int ver) 69static SSL_METHOD *ssl23_get_client_method(int ver)
70 { 70 {
71#ifndef NO_SSL2
71 if (ver == SSL2_VERSION) 72 if (ver == SSL2_VERSION)
72 return(SSLv2_client_method()); 73 return(SSLv2_client_method());
74#endif
73 if (ver == SSL3_VERSION) 75 if (ver == SSL3_VERSION)
74 return(SSLv3_client_method()); 76 return(SSLv3_client_method());
75 else if (ver == TLS1_VERSION) 77 else if (ver == TLS1_VERSION)
@@ -102,7 +104,7 @@ int ssl23_connect(SSL *s)
102 int ret= -1; 104 int ret= -1;
103 int new_state,state; 105 int new_state,state;
104 106
105 RAND_seed(&Time,sizeof(Time)); 107 RAND_add(&Time,sizeof(Time),0);
106 ERR_clear_error(); 108 ERR_clear_error();
107 clear_sys_error(); 109 clear_sys_error();
108 110
@@ -222,7 +224,7 @@ static int ssl23_client_hello(SSL *s)
222#endif 224#endif
223 225
224 p=s->s3->client_random; 226 p=s->s3->client_random;
225 RAND_bytes(p,SSL3_RANDOM_SIZE); 227 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
226 228
227 /* Do the message type and length last */ 229 /* Do the message type and length last */
228 d= &(buf[2]); 230 d= &(buf[2]);
@@ -283,7 +285,7 @@ static int ssl23_client_hello(SSL *s)
283 i=ch_len; 285 i=ch_len;
284 s2n(i,d); 286 s2n(i,d);
285 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); 287 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
286 RAND_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); 288 RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
287 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); 289 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
288 p+=i; 290 p+=i;
289 291
@@ -307,7 +309,7 @@ static int ssl23_get_server_hello(SSL *s)
307 { 309 {
308 char buf[8]; 310 char buf[8];
309 unsigned char *p; 311 unsigned char *p;
310 int i,ch_len; 312 int i;
311 int n; 313 int n;
312 314
313 n=ssl23_read_bytes(s,7); 315 n=ssl23_read_bytes(s,7);
@@ -320,9 +322,14 @@ static int ssl23_get_server_hello(SSL *s)
320 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && 322 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
321 (p[5] == 0x00) && (p[6] == 0x02)) 323 (p[5] == 0x00) && (p[6] == 0x02))
322 { 324 {
325#ifdef NO_SSL2
326 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
327 goto err;
328#else
323 /* we are talking sslv2 */ 329 /* we are talking sslv2 */
324 /* we need to clean up the SSLv3 setup and put in the 330 /* we need to clean up the SSLv3 setup and put in the
325 * sslv2 stuff. */ 331 * sslv2 stuff. */
332 int ch_len;
326 333
327 if (s->options & SSL_OP_NO_SSLv2) 334 if (s->options & SSL_OP_NO_SSLv2)
328 { 335 {
@@ -375,6 +382,7 @@ static int ssl23_get_server_hello(SSL *s)
375 382
376 s->method=SSLv2_client_method(); 383 s->method=SSLv2_client_method();
377 s->handshake_func=s->method->ssl_connect; 384 s->handshake_func=s->method->ssl_connect;
385#endif
378 } 386 }
379 else if ((p[0] == SSL3_RT_HANDSHAKE) && 387 else if ((p[0] == SSL3_RT_HANDSHAKE) &&
380 (p[1] == SSL3_VERSION_MAJOR) && 388 (p[1] == SSL3_VERSION_MAJOR) &&