summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2014-04-14 15:37:02 +0000
committerjsing <>2014-04-14 15:37:02 +0000
commit0d0163b85ca991957ea599bb646ef136beaef4d0 (patch)
treee638f1c1e8a0ac8b5660df6c413a6def21c4144b /src
parent30f92658fa4e1357cfcee9c077a21e928970d290 (diff)
downloadopenbsd-0d0163b85ca991957ea599bb646ef136beaef4d0.tar.gz
openbsd-0d0163b85ca991957ea599bb646ef136beaef4d0.tar.bz2
openbsd-0d0163b85ca991957ea599bb646ef136beaef4d0.zip
First pass at applying KNF to the OpenSSL code, which almost makes it
readable. This pass is whitespace only and can readily be verified using tr and md5.
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/src/ssl/s2_clnt.c1213
-rw-r--r--src/lib/libssl/src/ssl/s2_enc.c149
-rw-r--r--src/lib/libssl/src/ssl/s2_lib.c569
-rw-r--r--src/lib/libssl/src/ssl/s2_meth.c17
-rw-r--r--src/lib/libssl/src/ssl/s2_pkt.c742
-rw-r--r--src/lib/libssl/src/ssl/s2_srvr.c1264
6 files changed, 1909 insertions, 2045 deletions
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c
index 15fbef9c77..a1cfab6f2d 100644
--- a/src/lib/libssl/src/ssl/s2_clnt.c
+++ b/src/lib/libssl/src/ssl/s2_clnt.c
@@ -121,152 +121,156 @@ static const SSL_METHOD *ssl2_get_client_method(int ver);
121static int get_server_finished(SSL *s); 121static int get_server_finished(SSL *s);
122static int get_server_verify(SSL *s); 122static int get_server_verify(SSL *s);
123static int get_server_hello(SSL *s); 123static int get_server_hello(SSL *s);
124static int client_hello(SSL *s); 124static int client_hello(SSL *s);
125
125static int client_master_key(SSL *s); 126static int client_master_key(SSL *s);
126static int client_finished(SSL *s); 127static int client_finished(SSL *s);
127static int client_certificate(SSL *s); 128static int client_certificate(SSL *s);
128static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, 129static int
129 unsigned char *to,int padding); 130ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
131unsigned char *to, int padding);
130#define BREAK break 132#define BREAK break
131 133
132static const SSL_METHOD *ssl2_get_client_method(int ver) 134static const SSL_METHOD
133 { 135*ssl2_get_client_method(int ver)
136{
134 if (ver == SSL2_VERSION) 137 if (ver == SSL2_VERSION)
135 return(SSLv2_client_method()); 138 return (SSLv2_client_method());
136 else 139 else
137 return(NULL); 140 return (NULL);
138 } 141}
139 142
140IMPLEMENT_ssl2_meth_func(SSLv2_client_method, 143IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
141 ssl_undefined_function, 144 ssl_undefined_function, ssl2_connect, ssl2_get_client_method)
142 ssl2_connect, 145
143 ssl2_get_client_method) 146int
144 147ssl2_connect(SSL *s)
145int ssl2_connect(SSL *s) 148{
146 { 149 unsigned long l = (unsigned long)time(NULL);
147 unsigned long l=(unsigned long)time(NULL); 150 BUF_MEM *buf = NULL;
148 BUF_MEM *buf=NULL; 151 int ret = -1;
149 int ret= -1; 152 void (*cb)(const SSL *ssl, int type, int val) = NULL;
150 void (*cb)(const SSL *ssl,int type,int val)=NULL; 153 int new_state, state;
151 int new_state,state; 154
152 155 RAND_add(&l, sizeof(l), 0);
153 RAND_add(&l,sizeof(l),0);
154 ERR_clear_error(); 156 ERR_clear_error();
155 errno = 0; 157 errno = 0;
156 158
157 if (s->info_callback != NULL) 159 if (s->info_callback != NULL)
158 cb=s->info_callback; 160 cb = s->info_callback;
159 else if (s->ctx->info_callback != NULL) 161 else if (s->ctx->info_callback != NULL)
160 cb=s->ctx->info_callback; 162 cb = s->ctx->info_callback;
161 163
162 /* init things to blank */ 164 /* init things to blank */
163 s->in_handshake++; 165 s->in_handshake++;
164 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 166 if (!SSL_in_init(s) || SSL_in_before(s))
167 SSL_clear(s);
165 168
166 for (;;) 169 for (;;) {
167 { 170 state = s->state;
168 state=s->state;
169 171
170 switch (s->state) 172 switch (s->state) {
171 {
172 case SSL_ST_BEFORE: 173 case SSL_ST_BEFORE:
173 case SSL_ST_CONNECT: 174 case SSL_ST_CONNECT:
174 case SSL_ST_BEFORE|SSL_ST_CONNECT: 175 case SSL_ST_BEFORE|SSL_ST_CONNECT:
175 case SSL_ST_OK|SSL_ST_CONNECT: 176 case SSL_ST_OK|SSL_ST_CONNECT:
176 177
177 s->server=0; 178 s->server = 0;
178 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 179 if (cb != NULL)
180 cb(s, SSL_CB_HANDSHAKE_START, 1);
179 181
180 s->version=SSL2_VERSION; 182 s->version = SSL2_VERSION;
181 s->type=SSL_ST_CONNECT; 183 s->type = SSL_ST_CONNECT;
182 184
183 buf=s->init_buf; 185 buf = s->init_buf;
184 if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) 186 if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
185 { 187 ret = -1;
186 ret= -1;
187 goto end; 188 goto end;
188 } 189 }
189 if (!BUF_MEM_grow(buf, 190 if (!BUF_MEM_grow(buf,
190 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) 191 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
191 {
192 if (buf == s->init_buf) 192 if (buf == s->init_buf)
193 buf=NULL; 193 buf = NULL;
194 ret= -1; 194 ret = -1;
195 goto end; 195 goto end;
196 } 196 }
197 s->init_buf=buf; 197 s->init_buf = buf;
198 buf=NULL; 198 buf = NULL;
199 s->init_num=0; 199 s->init_num = 0;
200 s->state=SSL2_ST_SEND_CLIENT_HELLO_A; 200 s->state = SSL2_ST_SEND_CLIENT_HELLO_A;
201 s->ctx->stats.sess_connect++; 201 s->ctx->stats.sess_connect++;
202 s->handshake_func=ssl2_connect; 202 s->handshake_func = ssl2_connect;
203 BREAK; 203 BREAK;
204 204
205 case SSL2_ST_SEND_CLIENT_HELLO_A: 205 case SSL2_ST_SEND_CLIENT_HELLO_A:
206 case SSL2_ST_SEND_CLIENT_HELLO_B: 206 case SSL2_ST_SEND_CLIENT_HELLO_B:
207 s->shutdown=0; 207 s->shutdown = 0;
208 ret=client_hello(s); 208 ret = client_hello(s);
209 if (ret <= 0) goto end; 209 if (ret <= 0)
210 s->init_num=0; 210 goto end;
211 s->state=SSL2_ST_GET_SERVER_HELLO_A; 211 s->init_num = 0;
212 s->state = SSL2_ST_GET_SERVER_HELLO_A;
212 BREAK; 213 BREAK;
213 214
214 case SSL2_ST_GET_SERVER_HELLO_A: 215 case SSL2_ST_GET_SERVER_HELLO_A:
215 case SSL2_ST_GET_SERVER_HELLO_B: 216 case SSL2_ST_GET_SERVER_HELLO_B:
216 ret=get_server_hello(s); 217 ret = get_server_hello(s);
217 if (ret <= 0) goto end; 218 if (ret <= 0)
218 s->init_num=0; 219 goto end;
220 s->init_num = 0;
219 if (!s->hit) /* new session */ 221 if (!s->hit) /* new session */
220 { 222 {
221 s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_A; 223 s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
222 BREAK; 224 BREAK;
223 } 225
224 else 226 } else {
225 { 227 s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
226 s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
227 break; 228 break;
228 } 229 }
229 230
230 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: 231 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
231 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: 232 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
232 ret=client_master_key(s); 233 ret = client_master_key(s);
233 if (ret <= 0) goto end; 234 if (ret <= 0)
234 s->init_num=0; 235 goto end;
235 s->state=SSL2_ST_CLIENT_START_ENCRYPTION; 236 s->init_num = 0;
237 s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
236 break; 238 break;
237 239
238 case SSL2_ST_CLIENT_START_ENCRYPTION: 240 case SSL2_ST_CLIENT_START_ENCRYPTION:
239 /* Ok, we now have all the stuff needed to 241 /* Ok, we now have all the stuff needed to
240 * start encrypting, so lets fire it up :-) */ 242 * start encrypting, so lets fire it up :-) */
241 if (!ssl2_enc_init(s,1)) 243 if (!ssl2_enc_init(s, 1)) {
242 { 244 ret = -1;
243 ret= -1;
244 goto end; 245 goto end;
245 } 246 }
246 s->s2->clear_text=0; 247 s->s2->clear_text = 0;
247 s->state=SSL2_ST_SEND_CLIENT_FINISHED_A; 248 s->state = SSL2_ST_SEND_CLIENT_FINISHED_A;
248 break; 249 break;
249 250
250 case SSL2_ST_SEND_CLIENT_FINISHED_A: 251 case SSL2_ST_SEND_CLIENT_FINISHED_A:
251 case SSL2_ST_SEND_CLIENT_FINISHED_B: 252 case SSL2_ST_SEND_CLIENT_FINISHED_B:
252 ret=client_finished(s); 253 ret = client_finished(s);
253 if (ret <= 0) goto end; 254 if (ret <= 0)
254 s->init_num=0; 255 goto end;
255 s->state=SSL2_ST_GET_SERVER_VERIFY_A; 256 s->init_num = 0;
257 s->state = SSL2_ST_GET_SERVER_VERIFY_A;
256 break; 258 break;
257 259
258 case SSL2_ST_GET_SERVER_VERIFY_A: 260 case SSL2_ST_GET_SERVER_VERIFY_A:
259 case SSL2_ST_GET_SERVER_VERIFY_B: 261 case SSL2_ST_GET_SERVER_VERIFY_B:
260 ret=get_server_verify(s); 262 ret = get_server_verify(s);
261 if (ret <= 0) goto end; 263 if (ret <= 0)
262 s->init_num=0; 264 goto end;
263 s->state=SSL2_ST_GET_SERVER_FINISHED_A; 265 s->init_num = 0;
266 s->state = SSL2_ST_GET_SERVER_FINISHED_A;
264 break; 267 break;
265 268
266 case SSL2_ST_GET_SERVER_FINISHED_A: 269 case SSL2_ST_GET_SERVER_FINISHED_A:
267 case SSL2_ST_GET_SERVER_FINISHED_B: 270 case SSL2_ST_GET_SERVER_FINISHED_B:
268 ret=get_server_finished(s); 271 ret = get_server_finished(s);
269 if (ret <= 0) goto end; 272 if (ret <= 0)
273 goto end;
270 break; 274 break;
271 275
272 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: 276 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
@@ -274,20 +278,20 @@ int ssl2_connect(SSL *s)
274 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: 278 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
275 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: 279 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
276 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: 280 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
277 ret=client_certificate(s); 281 ret = client_certificate(s);
278 if (ret <= 0) goto end; 282 if (ret <= 0)
279 s->init_num=0; 283 goto end;
280 s->state=SSL2_ST_GET_SERVER_FINISHED_A; 284 s->init_num = 0;
285 s->state = SSL2_ST_GET_SERVER_FINISHED_A;
281 break; 286 break;
282 287
283 case SSL_ST_OK: 288 case SSL_ST_OK:
284 if (s->init_buf != NULL) 289 if (s->init_buf != NULL) {
285 {
286 BUF_MEM_free(s->init_buf); 290 BUF_MEM_free(s->init_buf);
287 s->init_buf=NULL; 291 s->init_buf = NULL;
288 } 292 }
289 s->init_num=0; 293 s->init_num = 0;
290 /* ERR_clear_error();*/ 294 /* ERR_clear_error();*/
291 295
292 /* If we want to cache session-ids in the client 296 /* If we want to cache session-ids in the client
293 * and we successfully add the session-id to the 297 * and we successfully add the session-id to the
@@ -295,133 +299,129 @@ int ssl2_connect(SSL *s)
295 * 26/11/96 - eay - only add if not a re-used session. 299 * 26/11/96 - eay - only add if not a re-used session.
296 */ 300 */
297 301
298 ssl_update_cache(s,SSL_SESS_CACHE_CLIENT); 302 ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
299 if (s->hit) s->ctx->stats.sess_hit++; 303 if (s->hit)
304 s->ctx->stats.sess_hit++;
300 305
301 ret=1; 306 ret = 1;
302 /* s->server=0; */ 307 /* s->server=0; */
303 s->ctx->stats.sess_connect_good++; 308 s->ctx->stats.sess_connect_good++;
304 309
305 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); 310 if (cb != NULL)
311 cb(s, SSL_CB_HANDSHAKE_DONE, 1);
306 312
307 goto end; 313 goto end;
308 /* break; */ 314 /* break; */
309 default: 315 default:
310 SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE); 316 SSLerr(SSL_F_SSL2_CONNECT, SSL_R_UNKNOWN_STATE);
311 return(-1); 317 return (-1);
312 /* break; */ 318 /* break; */
313 } 319 }
314 320
315 if ((cb != NULL) && (s->state != state)) 321 if ((cb != NULL) && (s->state != state)) {
316 { 322 new_state = s->state;
317 new_state=s->state; 323 s->state = state;
318 s->state=state; 324 cb(s, SSL_CB_CONNECT_LOOP, 1);
319 cb(s,SSL_CB_CONNECT_LOOP,1); 325 s->state = new_state;
320 s->state=new_state;
321 }
322 } 326 }
327 }
323end: 328end:
324 s->in_handshake--; 329 s->in_handshake--;
325 if (buf != NULL) 330 if (buf != NULL)
326 BUF_MEM_free(buf); 331 BUF_MEM_free(buf);
327 if (cb != NULL) 332 if (cb != NULL)
328 cb(s,SSL_CB_CONNECT_EXIT,ret); 333 cb(s, SSL_CB_CONNECT_EXIT, ret);
329 return(ret); 334 return (ret);
330 } 335}
331 336
332static int get_server_hello(SSL *s) 337static int
333 { 338get_server_hello(SSL *s)
339{
334 unsigned char *buf; 340 unsigned char *buf;
335 unsigned char *p; 341 unsigned char *p;
336 int i,j; 342 int i, j;
337 unsigned long len; 343 unsigned long len;
338 STACK_OF(SSL_CIPHER) *sk=NULL,*cl, *prio, *allow; 344 STACK_OF(SSL_CIPHER) *sk = NULL, *cl, *prio, *allow;
339 345
340 buf=(unsigned char *)s->init_buf->data; 346 buf = (unsigned char *)s->init_buf->data;
341 p=buf; 347 p = buf;
342 if (s->state == SSL2_ST_GET_SERVER_HELLO_A) 348 if (s->state == SSL2_ST_GET_SERVER_HELLO_A) {
343 { 349 i = ssl2_read(s,(char *)&(buf[s->init_num]), 11 - s->init_num);
344 i=ssl2_read(s,(char *)&(buf[s->init_num]),11-s->init_num); 350 if (i < (11 - s->init_num))
345 if (i < (11-s->init_num)) 351 return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
346 return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
347 s->init_num = 11; 352 s->init_num = 11;
348 353
349 if (*(p++) != SSL2_MT_SERVER_HELLO) 354 if (*(p++) != SSL2_MT_SERVER_HELLO) {
350 { 355 if (p[-1] != SSL2_MT_ERROR) {
351 if (p[-1] != SSL2_MT_ERROR) 356 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
352 {
353 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
354 SSLerr(SSL_F_GET_SERVER_HELLO, 357 SSLerr(SSL_F_GET_SERVER_HELLO,
355 SSL_R_READ_WRONG_PACKET_TYPE); 358 SSL_R_READ_WRONG_PACKET_TYPE);
356 } 359 } else
357 else
358 SSLerr(SSL_F_GET_SERVER_HELLO, 360 SSLerr(SSL_F_GET_SERVER_HELLO,
359 SSL_R_PEER_ERROR); 361 SSL_R_PEER_ERROR);
360 return(-1); 362 return (-1);
361 } 363 }
362#if 0 364#if 0
363 s->hit=(*(p++))?1:0; 365 s->hit = (*(p++)) ? 1 : 0;
364 /* Some [PPC?] compilers fail to increment p in above 366 /* Some [PPC?] compilers fail to increment p in above
365 statement, e.g. one provided with Rhapsody 5.5, but 367 statement, e.g. one provided with Rhapsody 5.5, but
366 most recent example XL C 11.1 for AIX, even without 368 most recent example XL C 11.1 for AIX, even without
367 optimization flag... */ 369 optimization flag... */
368#else 370#else
369 s->hit=(*p)?1:0; p++; 371 s->hit = (*p) ? 1 : 0;
372 p++;
370#endif 373#endif
371 s->s2->tmp.cert_type= *(p++); 374 s->s2->tmp.cert_type= *(p++);
372 n2s(p,i); 375 n2s(p, i);
373 if (i < s->version) s->version=i; 376 if (i < s->version)
374 n2s(p,i); s->s2->tmp.cert_length=i; 377 s->version = i;
375 n2s(p,i); s->s2->tmp.csl=i; 378 n2s(p, i);
376 n2s(p,i); s->s2->tmp.conn_id_length=i; 379 s->s2->tmp.cert_length = i;
377 s->state=SSL2_ST_GET_SERVER_HELLO_B; 380 n2s(p, i);
378 } 381 s->s2->tmp.csl = i;
382 n2s(p, i);
383 s->s2->tmp.conn_id_length = i;
384 s->state = SSL2_ST_GET_SERVER_HELLO_B;
385 }
379 386
380 /* SSL2_ST_GET_SERVER_HELLO_B */ 387 /* SSL2_ST_GET_SERVER_HELLO_B */
381 len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length; 388 len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length;
382 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 389 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
383 { 390 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_MESSAGE_TOO_LONG);
384 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_MESSAGE_TOO_LONG);
385 return -1; 391 return -1;
386 } 392 }
387 j = (int)len - s->init_num; 393 j = (int)len - s->init_num;
388 i = ssl2_read(s,(char *)&(buf[s->init_num]),j); 394 i = ssl2_read(s,(char *)&(buf[s->init_num]), j);
389 if (i != j) return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i)); 395 if (i != j)
396 return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
390 if (s->msg_callback) 397 if (s->msg_callback)
391 s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */ 398 s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */
392 399
393 /* things are looking good */ 400 /* things are looking good */
394 401
395 p = buf + 11; 402 p = buf + 11;
396 if (s->hit) 403 if (s->hit) {
397 { 404 if (s->s2->tmp.cert_length != 0) {
398 if (s->s2->tmp.cert_length != 0) 405 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
399 { 406 return (-1);
400 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_LENGTH_NOT_ZERO); 407 }
401 return(-1); 408 if (s->s2->tmp.cert_type != 0) {
402 }
403 if (s->s2->tmp.cert_type != 0)
404 {
405 if (!(s->options & 409 if (!(s->options &
406 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) 410 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) {
407 { 411 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
408 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO); 412 return (-1);
409 return(-1);
410 }
411 }
412 if (s->s2->tmp.csl != 0)
413 {
414 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
415 return(-1);
416 } 413 }
417 } 414 }
418 else 415 if (s->s2->tmp.csl != 0) {
419 { 416 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
417 return (-1);
418 }
419 } else {
420#ifdef undef 420#ifdef undef
421 /* very bad */ 421 /* very bad */
422 memset(s->session->session_id,0, 422 memset(s->session->session_id, 0,
423 SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES); 423 SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
424 s->session->session_id_length=0; 424 s->session->session_id_length = 0;
425 */ 425 */
426#endif 426#endif
427 427
@@ -429,372 +429,351 @@ static int get_server_hello(SSL *s)
429 * client session but others are already reusing it. 429 * client session but others are already reusing it.
430 * If this was a new 'blank' session ID, the session-id 430 * If this was a new 'blank' session ID, the session-id
431 * length will still be 0 */ 431 * length will still be 0 */
432 if (s->session->session_id_length > 0) 432 if (s->session->session_id_length > 0) {
433 { 433 if (!ssl_get_new_session(s, 0)) {
434 if (!ssl_get_new_session(s,0)) 434 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
435 { 435 return (-1);
436 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
437 return(-1);
438 }
439 } 436 }
437 }
440 438
441 if (ssl2_set_certificate(s,s->s2->tmp.cert_type, 439 if (ssl2_set_certificate(s, s->s2->tmp.cert_type,
442 s->s2->tmp.cert_length,p) <= 0) 440 s->s2->tmp.cert_length, p) <= 0) {
443 { 441 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
444 ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); 442 return (-1);
445 return(-1); 443 }
446 } 444 p += s->s2->tmp.cert_length;
447 p+=s->s2->tmp.cert_length;
448 445
449 if (s->s2->tmp.csl == 0) 446 if (s->s2->tmp.csl == 0) {
450 { 447 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
451 ssl2_return_error(s,SSL2_PE_NO_CIPHER); 448 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_LIST);
452 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_LIST); 449 return (-1);
453 return(-1); 450 }
454 }
455 451
456 /* We have just received a list of ciphers back from the 452 /* We have just received a list of ciphers back from the
457 * server. We need to get the ones that match, then select 453 * server. We need to get the ones that match, then select
458 * the one we want the most :-). */ 454 * the one we want the most :-). */
459 455
460 /* load the ciphers */ 456 /* load the ciphers */
461 sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl, 457 sk = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.csl,
462 &s->session->ciphers); 458 &s->session->ciphers);
463 p+=s->s2->tmp.csl; 459 p += s->s2->tmp.csl;
464 if (sk == NULL) 460 if (sk == NULL) {
465 { 461 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
466 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 462 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
467 SSLerr(SSL_F_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE); 463 return (-1);
468 return(-1); 464 }
469 }
470 465
471 (void)sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp); 466 (void)sk_SSL_CIPHER_set_cmp_func(sk, ssl_cipher_ptr_id_cmp);
472 467
473 /* get the array of ciphers we will accept */ 468 /* get the array of ciphers we will accept */
474 cl=SSL_get_ciphers(s); 469 cl = SSL_get_ciphers(s);
475 (void)sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp); 470 (void)sk_SSL_CIPHER_set_cmp_func(cl, ssl_cipher_ptr_id_cmp);
476 471
477 /* 472 /*
478 * If server preference flag set, choose the first 473 * If server preference flag set, choose the first
479 * (highest priority) cipher the server sends, otherwise 474 * (highest priority) cipher the server sends, otherwise
480 * client preference has priority. 475 * client preference has priority.
481 */ 476 */
482 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) 477 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
483 { 478 prio = sk;
484 prio = sk; 479 allow = cl;
485 allow = cl; 480 } else {
486 } 481 prio = cl;
487 else 482 allow = sk;
488 { 483 }
489 prio = cl;
490 allow = sk;
491 }
492 /* In theory we could have ciphers sent back that we 484 /* In theory we could have ciphers sent back that we
493 * don't want to use but that does not matter since we 485 * don't want to use but that does not matter since we
494 * will check against the list we originally sent and 486 * will check against the list we originally sent and
495 * for performance reasons we should not bother to match 487 * for performance reasons we should not bother to match
496 * the two lists up just to check. */ 488 * the two lists up just to check. */
497 for (i=0; i<sk_SSL_CIPHER_num(prio); i++) 489 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
498 {
499 if (sk_SSL_CIPHER_find(allow, 490 if (sk_SSL_CIPHER_find(allow,
500 sk_SSL_CIPHER_value(prio,i)) >= 0) 491 sk_SSL_CIPHER_value(prio, i)) >= 0)
501 break; 492 break;
502 } 493 }
503 494
504 if (i >= sk_SSL_CIPHER_num(prio)) 495 if (i >= sk_SSL_CIPHER_num(prio)) {
505 { 496 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
506 ssl2_return_error(s,SSL2_PE_NO_CIPHER); 497 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_MATCH);
507 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH); 498 return (-1);
508 return(-1); 499 }
509 } 500 s->session->cipher = sk_SSL_CIPHER_value(prio, i);
510 s->session->cipher=sk_SSL_CIPHER_value(prio,i);
511 501
512 502
513 if (s->session->peer != NULL) /* can't happen*/ 503 if (s->session->peer != NULL) /* can't happen*/
514 { 504 {
515 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 505 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
516 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR); 506 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
517 return(-1); 507 return (-1);
518 } 508 }
519 509
520 s->session->peer = s->session->sess_cert->peer_key->x509; 510 s->session->peer = s->session->sess_cert->peer_key->x509;
521 /* peer_key->x509 has been set by ssl2_set_certificate. */ 511 /* peer_key->x509 has been set by ssl2_set_certificate. */
522 CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509); 512 CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
523 } 513 }
524 514
525 if (s->session->sess_cert == NULL 515 if (s->session->sess_cert == NULL
526 || s->session->peer != s->session->sess_cert->peer_key->x509) 516 || s->session->peer != s->session->sess_cert->peer_key->x509)
527 /* can't happen */ 517 /* can't happen */
528 { 518 {
529 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 519 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
530 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR); 520 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
531 return(-1); 521 return (-1);
532 } 522 }
533 523
534 s->s2->conn_id_length=s->s2->tmp.conn_id_length; 524 s->s2->conn_id_length = s->s2->tmp.conn_id_length;
535 if (s->s2->conn_id_length > sizeof s->s2->conn_id) 525 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
536 {
537 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 526 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
538 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG); 527 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
539 return -1; 528 return -1;
540 }
541 memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
542 return(1);
543 } 529 }
530 memcpy(s->s2->conn_id, p, s->s2->tmp.conn_id_length);
531 return (1);
532}
544 533
545static int client_hello(SSL *s) 534static int
546 { 535client_hello(SSL *s)
536{
547 unsigned char *buf; 537 unsigned char *buf;
548 unsigned char *p,*d; 538 unsigned char *p, *d;
549/* CIPHER **cipher;*/ 539/* CIPHER **cipher;*/
550 int i,n,j; 540 int i, n, j;
551 541
552 buf=(unsigned char *)s->init_buf->data; 542 buf = (unsigned char *)s->init_buf->data;
553 if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) 543 if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) {
554 {
555 if ((s->session == NULL) || 544 if ((s->session == NULL) ||
556 (s->session->ssl_version != s->version)) 545 (s->session->ssl_version != s->version)) {
557 { 546 if (!ssl_get_new_session(s, 0)) {
558 if (!ssl_get_new_session(s,0)) 547 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
559 { 548 return (-1);
560 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
561 return(-1);
562 }
563 } 549 }
550 }
564 /* else use the pre-loaded session */ 551 /* else use the pre-loaded session */
565 552
566 p=buf; /* header */ 553 p = buf;
567 d=p+9; /* data section */ 554 /* header */
568 *(p++)=SSL2_MT_CLIENT_HELLO; /* type */ 555 d = p + 9;
569 s2n(SSL2_VERSION,p); /* version */ 556 /* data section */
570 n=j=0; 557 *(p++) = SSL2_MT_CLIENT_HELLO;
571 558 /* type */
572 n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d,0); 559 s2n(SSL2_VERSION, p);
573 d+=n; 560 /* version */
574 561 n = j=0;
575 if (n == 0) 562
576 { 563 n = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), d, 0);
577 SSLerr(SSL_F_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); 564 d += n;
578 return(-1); 565
579 } 566 if (n == 0) {
567 SSLerr(SSL_F_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
568 return (-1);
569 }
580 570
581 s2n(n,p); /* cipher spec num bytes */ 571 s2n(n, p);
572 /* cipher spec num bytes */
582 573
583 if ((s->session->session_id_length > 0) && 574 if ((s->session->session_id_length > 0) &&
584 (s->session->session_id_length <= 575 (s->session->session_id_length <=
585 SSL2_MAX_SSL_SESSION_ID_LENGTH)) 576 SSL2_MAX_SSL_SESSION_ID_LENGTH)) {
586 { 577 i = s->session->session_id_length;
587 i=s->session->session_id_length; 578 s2n(i, p);
588 s2n(i,p); /* session id length */ 579 /* session id length */
589 memcpy(d,s->session->session_id,(unsigned int)i); 580 memcpy(d, s->session->session_id,(unsigned int)i);
590 d+=i; 581 d += i;
591 } 582 } else {
592 else 583 s2n(0, p);
593 { 584 }
594 s2n(0,p);
595 }
596 585
597 s->s2->challenge_length=SSL2_CHALLENGE_LENGTH; 586 s->s2->challenge_length = SSL2_CHALLENGE_LENGTH;
598 s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */ 587 s2n(SSL2_CHALLENGE_LENGTH, p);
588 /* challenge length */
599 /*challenge id data*/ 589 /*challenge id data*/
600 if (RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0) 590 if (RAND_pseudo_bytes(s->s2->challenge, SSL2_CHALLENGE_LENGTH) <= 0)
601 return -1; 591 return -1;
602 memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH); 592 memcpy(d, s->s2->challenge, SSL2_CHALLENGE_LENGTH);
603 d+=SSL2_CHALLENGE_LENGTH; 593 d += SSL2_CHALLENGE_LENGTH;
604 594
605 s->state=SSL2_ST_SEND_CLIENT_HELLO_B; 595 s->state = SSL2_ST_SEND_CLIENT_HELLO_B;
606 s->init_num=d-buf; 596 s->init_num = d - buf;
607 s->init_off=0; 597 s->init_off = 0;
608 }
609 /* SSL2_ST_SEND_CLIENT_HELLO_B */
610 return(ssl2_do_write(s));
611 } 598 }
599 /* SSL2_ST_SEND_CLIENT_HELLO_B */
600 return (ssl2_do_write(s));
601}
612 602
613static int client_master_key(SSL *s) 603static int
614 { 604client_master_key(SSL *s)
605{
615 unsigned char *buf; 606 unsigned char *buf;
616 unsigned char *p,*d; 607 unsigned char *p, *d;
617 int clear,enc,karg,i; 608 int clear, enc, karg, i;
618 SSL_SESSION *sess; 609 SSL_SESSION *sess;
619 const EVP_CIPHER *c; 610 const EVP_CIPHER *c;
620 const EVP_MD *md; 611 const EVP_MD *md;
621 612
622 buf=(unsigned char *)s->init_buf->data; 613 buf = (unsigned char *)s->init_buf->data;
623 if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) 614 if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) {
624 {
625 615
626 if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL)) 616 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
627 { 617 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
628 ssl2_return_error(s,SSL2_PE_NO_CIPHER); 618 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
629 SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); 619 return (-1);
630 return(-1); 620 }
631 } 621 sess = s->session;
632 sess=s->session; 622 p = buf;
633 p=buf; 623 d = p + 10;
634 d=p+10;
635 *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */ 624 *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
636 625
637 i=ssl_put_cipher_by_char(s,sess->cipher,p); 626 i = ssl_put_cipher_by_char(s, sess->cipher, p);
638 p+=i; 627 p += i;
639 628
640 /* make key_arg data */ 629 /* make key_arg data */
641 i=EVP_CIPHER_iv_length(c); 630 i = EVP_CIPHER_iv_length(c);
642 sess->key_arg_length=i; 631 sess->key_arg_length = i;
643 if (i > SSL_MAX_KEY_ARG_LENGTH) 632 if (i > SSL_MAX_KEY_ARG_LENGTH) {
644 {
645 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 633 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
646 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 634 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
647 return -1; 635 return -1;
648 } 636 }
649 if (i > 0) 637 if (i > 0)
650 if (RAND_pseudo_bytes(sess->key_arg,i) <= 0) 638 if (RAND_pseudo_bytes(sess->key_arg, i) <= 0)
651 return -1; 639 return -1;
652 640
653 /* make a master key */ 641 /* make a master key */
654 i=EVP_CIPHER_key_length(c); 642 i = EVP_CIPHER_key_length(c);
655 sess->master_key_length=i; 643 sess->master_key_length = i;
656 if (i > 0) 644 if (i > 0) {
657 { 645 if (i > (int)sizeof(sess->master_key)) {
658 if (i > (int)sizeof(sess->master_key))
659 {
660 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 646 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
661 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 647 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
662 return -1; 648 return -1;
663 }
664 if (RAND_bytes(sess->master_key,i) <= 0)
665 {
666 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
667 return(-1);
668 }
669 } 649 }
650 if (RAND_bytes(sess->master_key, i) <= 0) {
651 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
652 return (-1);
653 }
654 }
670 655
671 if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) 656 if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
672 enc=8; 657 enc = 8;
673 else if (SSL_C_IS_EXPORT(sess->cipher)) 658 else if (SSL_C_IS_EXPORT(sess->cipher))
674 enc=5; 659 enc = 5;
675 else 660 else
676 enc=i; 661 enc = i;
677 662
678 if ((int)i < enc) 663 if ((int)i < enc) {
679 { 664 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
680 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 665 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_CIPHER_TABLE_SRC_ERROR);
681 SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR); 666 return (-1);
682 return(-1); 667 }
683 } 668 clear = i - enc;
684 clear=i-enc; 669 s2n(clear, p);
685 s2n(clear,p); 670 memcpy(d, sess->master_key,(unsigned int)clear);
686 memcpy(d,sess->master_key,(unsigned int)clear); 671 d += clear;
687 d+=clear; 672
688 673 enc = ssl_rsa_public_encrypt(sess->sess_cert, enc,
689 enc=ssl_rsa_public_encrypt(sess->sess_cert,enc, 674 &(sess->master_key[clear]), d,
690 &(sess->master_key[clear]),d, 675 (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
691 (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); 676 RSA_PKCS1_PADDING);
692 if (enc <= 0) 677 if (enc <= 0) {
693 { 678 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
694 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 679 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
695 SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR); 680 return (-1);
696 return(-1); 681 }
697 }
698#ifdef PKCS1_CHECK 682#ifdef PKCS1_CHECK
699 if (s->options & SSL_OP_PKCS1_CHECK_1) d[1]++; 683 if (s->options & SSL_OP_PKCS1_CHECK_1)
684 d[1]++;
700 if (s->options & SSL_OP_PKCS1_CHECK_2) 685 if (s->options & SSL_OP_PKCS1_CHECK_2)
701 sess->master_key[clear]++; 686 sess->master_key[clear]++;
702#endif 687#endif
703 s2n(enc,p); 688 s2n(enc, p);
704 d+=enc; 689 d += enc;
705 karg=sess->key_arg_length; 690 karg = sess->key_arg_length;
691
706 s2n(karg,p); /* key arg size */ 692 s2n(karg,p); /* key arg size */
707 if (karg > (int)sizeof(sess->key_arg)) 693 if (karg > (int)sizeof(sess->key_arg)) {
708 { 694 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
709 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
710 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 695 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
711 return -1; 696 return -1;
712 }
713 memcpy(d,sess->key_arg,(unsigned int)karg);
714 d+=karg;
715
716 s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
717 s->init_num=d-buf;
718 s->init_off=0;
719 } 697 }
698 memcpy(d, sess->key_arg,(unsigned int)karg);
699 d += karg;
720 700
721 /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */ 701 s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
722 return(ssl2_do_write(s)); 702 s->init_num = d - buf;
703 s->init_off = 0;
723 } 704 }
724 705
725static int client_finished(SSL *s) 706 /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
726 { 707 return (ssl2_do_write(s));
708}
709
710static int
711client_finished(SSL *s)
712{
727 unsigned char *p; 713 unsigned char *p;
728 714
729 if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) 715 if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
730 { 716 p = (unsigned char *)s->init_buf->data;
731 p=(unsigned char *)s->init_buf->data; 717 *(p++) = SSL2_MT_CLIENT_FINISHED;
732 *(p++)=SSL2_MT_CLIENT_FINISHED; 718 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
733 if (s->s2->conn_id_length > sizeof s->s2->conn_id)
734 {
735 SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); 719 SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
736 return -1; 720 return -1;
737 }
738 memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
739
740 s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
741 s->init_num=s->s2->conn_id_length+1;
742 s->init_off=0;
743 } 721 }
744 return(ssl2_do_write(s)); 722 memcpy(p, s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
723
724 s->state = SSL2_ST_SEND_CLIENT_FINISHED_B;
725 s->init_num = s->s2->conn_id_length + 1;
726 s->init_off = 0;
745 } 727 }
728 return (ssl2_do_write(s));
729}
746 730
747/* read the data and then respond */ 731/* read the data and then respond */
748static int client_certificate(SSL *s) 732static int
749 { 733client_certificate(SSL *s)
734{
750 unsigned char *buf; 735 unsigned char *buf;
751 unsigned char *p,*d; 736 unsigned char *p, *d;
752 int i; 737 int i;
753 unsigned int n; 738 unsigned int n;
754 int cert_ch_len; 739 int cert_ch_len;
755 unsigned char *cert_ch; 740 unsigned char *cert_ch;
756 741
757 buf=(unsigned char *)s->init_buf->data; 742 buf = (unsigned char *)s->init_buf->data;
758 743
759 /* We have a cert associated with the SSL, so attach it to 744 /* We have a cert associated with the SSL, so attach it to
760 * the session if it does not have one */ 745 * the session if it does not have one */
761 746
762 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) 747 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) {
763 { 748 i = ssl2_read(s,(char *)&(buf[s->init_num]),
764 i=ssl2_read(s,(char *)&(buf[s->init_num]), 749 SSL2_MAX_CERT_CHALLENGE_LENGTH + 2 - s->init_num);
765 SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num); 750 if (i < (SSL2_MIN_CERT_CHALLENGE_LENGTH + 2 - s->init_num))
766 if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num)) 751 return (ssl2_part_read(s, SSL_F_CLIENT_CERTIFICATE, i));
767 return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
768 s->init_num += i; 752 s->init_num += i;
769 if (s->msg_callback) 753 if (s->msg_callback)
770 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */ 754 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */
771 755
772 /* type=buf[0]; */ 756 /* type=buf[0]; */
773 /* type eq x509 */ 757 /* type eq x509 */
774 if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) 758 if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
775 { 759 ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
776 ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); 760 SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_AUTHENTICATION_TYPE);
777 SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_AUTHENTICATION_TYPE); 761 return (-1);
778 return(-1);
779 }
780
781 if ((s->cert == NULL) ||
782 (s->cert->key->x509 == NULL) ||
783 (s->cert->key->privatekey == NULL))
784 {
785 s->state=SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
786 }
787 else
788 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
789 } 762 }
790 763
764 if ((s->cert == NULL) || (s->cert->key->x509 == NULL) ||
765 (s->cert->key->privatekey == NULL)) {
766 s->state = SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
767 } else
768 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
769 }
770
791 cert_ch = buf + 2; 771 cert_ch = buf + 2;
792 cert_ch_len = s->init_num - 2; 772 cert_ch_len = s->init_num - 2;
793 773
794 if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) 774 if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) {
795 { 775 X509 *x509 = NULL;
796 X509 *x509=NULL; 776 EVP_PKEY *pkey = NULL;
797 EVP_PKEY *pkey=NULL;
798 777
799 /* If we get an error we need to 778 /* If we get an error we need to
800 * ssl->rwstate=SSL_X509_LOOKUP; 779 * ssl->rwstate=SSL_X509_LOOKUP;
@@ -802,326 +781,298 @@ static int client_certificate(SSL *s)
802 * We should then be retried when things are ok and we 781 * We should then be retried when things are ok and we
803 * can get a cert or not */ 782 * can get a cert or not */
804 783
805 i=0; 784 i = 0;
806 if (s->ctx->client_cert_cb != NULL) 785 if (s->ctx->client_cert_cb != NULL) {
807 { 786 i = s->ctx->client_cert_cb(s, &(x509), &(pkey));
808 i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); 787 }
809 }
810 788
811 if (i < 0) 789 if (i < 0) {
812 { 790 s->rwstate = SSL_X509_LOOKUP;
813 s->rwstate=SSL_X509_LOOKUP; 791 return (-1);
814 return(-1); 792 }
815 } 793 s->rwstate = SSL_NOTHING;
816 s->rwstate=SSL_NOTHING;
817 794
818 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) 795 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
819 { 796 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
820 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C; 797 if (!SSL_use_certificate(s, x509) ||
821 if ( !SSL_use_certificate(s,x509) || 798 !SSL_use_PrivateKey(s, pkey)) {
822 !SSL_use_PrivateKey(s,pkey)) 799 i = 0;
823 { 800 }
824 i=0;
825 }
826 X509_free(x509); 801 X509_free(x509);
827 EVP_PKEY_free(pkey); 802 EVP_PKEY_free(pkey);
828 } 803 } else if (i == 1) {
829 else if (i == 1) 804 if (x509 != NULL)
830 { 805 X509_free(x509);
831 if (x509 != NULL) X509_free(x509); 806 if (pkey != NULL)
832 if (pkey != NULL) EVP_PKEY_free(pkey); 807 EVP_PKEY_free(pkey);
833 SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); 808 SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
834 i=0; 809 i = 0;
835 } 810 }
836 811
837 if (i == 0) 812 if (i == 0) {
838 {
839 /* We have no client certificate to respond with 813 /* We have no client certificate to respond with
840 * so send the correct error message back */ 814 * so send the correct error message back */
841 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_B; 815 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
842 p=buf; 816 p = buf;
843 *(p++)=SSL2_MT_ERROR; 817 *(p++) = SSL2_MT_ERROR;
844 s2n(SSL2_PE_NO_CERTIFICATE,p); 818 s2n(SSL2_PE_NO_CERTIFICATE, p);
845 s->init_off=0; 819 s->init_off = 0;
846 s->init_num=3; 820 s->init_num = 3;
847 /* Write is done at the end */ 821 /* Write is done at the end */
848 }
849 } 822 }
823 }
850 824
851 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) 825 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) {
852 { 826 return (ssl2_do_write(s));
853 return(ssl2_do_write(s)); 827 }
854 }
855 828
856 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) 829 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) {
857 {
858 EVP_MD_CTX ctx; 830 EVP_MD_CTX ctx;
859 831
860 /* ok, now we calculate the checksum 832 /* ok, now we calculate the checksum
861 * do it first so we can reuse buf :-) */ 833 * do it first so we can reuse buf :-) */
862 p=buf; 834 p = buf;
863 EVP_MD_CTX_init(&ctx); 835 EVP_MD_CTX_init(&ctx);
864 EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL); 836 EVP_SignInit_ex(&ctx, s->ctx->rsa_md5, NULL);
865 EVP_SignUpdate(&ctx,s->s2->key_material, 837 EVP_SignUpdate(&ctx, s->s2->key_material,
866 s->s2->key_material_length); 838 s->s2->key_material_length);
867 EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); 839 EVP_SignUpdate(&ctx, cert_ch,(unsigned int)cert_ch_len);
868 i=i2d_X509(s->session->sess_cert->peer_key->x509,&p); 840 i = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
869 /* Don't update the signature if it fails - FIXME: probably should handle this better */ 841 /* Don't update the signature if it fails - FIXME: probably should handle this better */
870 if(i > 0) 842 if (i > 0)
871 EVP_SignUpdate(&ctx,buf,(unsigned int)i); 843 EVP_SignUpdate(&ctx, buf,(unsigned int)i);
872 844
873 p=buf; 845 p = buf;
874 d=p+6; 846 d = p + 6;
875 *(p++)=SSL2_MT_CLIENT_CERTIFICATE; 847 *(p++) = SSL2_MT_CLIENT_CERTIFICATE;
876 *(p++)=SSL2_CT_X509_CERTIFICATE; 848 *(p++) = SSL2_CT_X509_CERTIFICATE;
877 n=i2d_X509(s->cert->key->x509,&d); 849 n = i2d_X509(s->cert->key->x509, &d);
878 s2n(n,p); 850 s2n(n, p);
879 851
880 if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey)) 852 if (!EVP_SignFinal(&ctx, d, &n, s->cert->key->privatekey)) {
881 {
882 /* this is not good. If things have failed it 853 /* this is not good. If things have failed it
883 * means there so something wrong with the key. 854 * means there so something wrong with the key.
884 * We will continue with a 0 length signature 855 * We will continue with a 0 length signature
885 */ 856 */
886 } 857 }
887 EVP_MD_CTX_cleanup(&ctx); 858 EVP_MD_CTX_cleanup(&ctx);
888 s2n(n,p); 859 s2n(n, p);
889 d+=n; 860 d += n;
890 861
891 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_D; 862 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
892 s->init_num=d-buf; 863 s->init_num = d - buf;
893 s->init_off=0; 864 s->init_off = 0;
894 }
895 /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
896 return(ssl2_do_write(s));
897 } 865 }
866 /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
867 return (ssl2_do_write(s));
868}
898 869
899static int get_server_verify(SSL *s) 870static int
900 { 871get_server_verify(SSL *s)
872{
901 unsigned char *p; 873 unsigned char *p;
902 int i, n, len; 874 int i, n, len;
903 875
904 p=(unsigned char *)s->init_buf->data; 876 p = (unsigned char *)s->init_buf->data;
905 if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) 877 if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) {
906 { 878 i = ssl2_read(s,(char *)&(p[s->init_num]), 1 - s->init_num);
907 i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); 879 if (i < (1 - s->init_num))
908 if (i < (1-s->init_num)) 880 return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
909 return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
910 s->init_num += i; 881 s->init_num += i;
911 882
912 s->state= SSL2_ST_GET_SERVER_VERIFY_B; 883 s->state = SSL2_ST_GET_SERVER_VERIFY_B;
913 if (*p != SSL2_MT_SERVER_VERIFY) 884 if (*p != SSL2_MT_SERVER_VERIFY) {
914 { 885 if (p[0] != SSL2_MT_ERROR) {
915 if (p[0] != SSL2_MT_ERROR) 886 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
916 {
917 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
918 SSLerr(SSL_F_GET_SERVER_VERIFY, 887 SSLerr(SSL_F_GET_SERVER_VERIFY,
919 SSL_R_READ_WRONG_PACKET_TYPE); 888 SSL_R_READ_WRONG_PACKET_TYPE);
920 } 889 } else {
921 else 890 SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_PEER_ERROR);
922 {
923 SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_PEER_ERROR);
924 /* try to read the error message */ 891 /* try to read the error message */
925 i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); 892 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
926 return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); 893 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
927 }
928 return(-1);
929 } 894 }
895 return (-1);
930 } 896 }
931 897 }
932 p=(unsigned char *)s->init_buf->data; 898
899 p = (unsigned char *)s->init_buf->data;
933 len = 1 + s->s2->challenge_length; 900 len = 1 + s->s2->challenge_length;
934 n = len - s->init_num; 901 n = len - s->init_num;
935 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 902 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
936 if (i < n) 903 if (i < n)
937 return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i)); 904 return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
938 if (s->msg_callback) 905 if (s->msg_callback)
939 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */ 906 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
940 p += 1; 907 p += 1;
941 908
942 if (CRYPTO_memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0) 909 if (CRYPTO_memcmp(p, s->s2->challenge, s->s2->challenge_length) != 0) {
943 { 910 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
944 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 911 SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_CHALLENGE_IS_DIFFERENT);
945 SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT); 912 return (-1);
946 return(-1);
947 }
948 return(1);
949 } 913 }
914 return (1);
915}
950 916
951static int get_server_finished(SSL *s) 917static int
952 { 918get_server_finished(SSL *s)
919{
953 unsigned char *buf; 920 unsigned char *buf;
954 unsigned char *p; 921 unsigned char *p;
955 int i, n, len; 922 int i, n, len;
956 923
957 buf=(unsigned char *)s->init_buf->data; 924 buf = (unsigned char *)s->init_buf->data;
958 p=buf; 925 p = buf;
959 if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) 926 if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) {
960 { 927 i = ssl2_read(s,(char *)&(buf[s->init_num]), 1 - s->init_num);
961 i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num); 928 if (i < (1 - s->init_num))
962 if (i < (1-s->init_num)) 929 return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
963 return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
964 s->init_num += i; 930 s->init_num += i;
965 931
966 if (*p == SSL2_MT_REQUEST_CERTIFICATE) 932 if (*p == SSL2_MT_REQUEST_CERTIFICATE) {
967 { 933 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
968 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_A; 934 return (1);
969 return(1); 935 } else if (*p != SSL2_MT_SERVER_FINISHED) {
970 } 936 if (p[0] != SSL2_MT_ERROR) {
971 else if (*p != SSL2_MT_SERVER_FINISHED) 937 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
972 { 938 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_READ_WRONG_PACKET_TYPE);
973 if (p[0] != SSL2_MT_ERROR) 939 } else {
974 { 940 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_PEER_ERROR);
975 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
976 SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
977 }
978 else
979 {
980 SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR);
981 /* try to read the error message */ 941 /* try to read the error message */
982 i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); 942 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
983 return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); 943 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
984 }
985 return(-1);
986 } 944 }
987 s->state=SSL2_ST_GET_SERVER_FINISHED_B; 945 return (-1);
988 } 946 }
947 s->state = SSL2_ST_GET_SERVER_FINISHED_B;
948 }
989 949
990 len = 1 + SSL2_SSL_SESSION_ID_LENGTH; 950 len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
991 n = len - s->init_num; 951 n = len - s->init_num;
992 i = ssl2_read(s,(char *)&(buf[s->init_num]), n); 952 i = ssl2_read(s,(char *)&(buf[s->init_num]), n);
993 if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */ 953 if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */
994 return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i)); 954 return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
995 s->init_num += i; 955 s->init_num += i;
996 if (s->msg_callback) 956 if (s->msg_callback)
997 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */ 957 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */
998 958
999 if (!s->hit) /* new session */ 959 if (!s->hit) /* new session */
1000 { 960 {
1001 /* new session-id */ 961 /* new session-id */
1002 /* Make sure we were not trying to re-use an old SSL_SESSION 962 /* Make sure we were not trying to re-use an old SSL_SESSION
1003 * or bad things can happen */ 963 * or bad things can happen */
1004 /* ZZZZZZZZZZZZZ */ 964 /* ZZZZZZZZZZZZZ */
1005 s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; 965 s->session->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
1006 memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH); 966 memcpy(s->session->session_id, p + 1, SSL2_SSL_SESSION_ID_LENGTH);
1007 } 967 } else {
1008 else 968 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
1009 {
1010 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
1011 {
1012 if ((s->session->session_id_length > sizeof s->session->session_id) 969 if ((s->session->session_id_length > sizeof s->session->session_id)
1013 || (0 != memcmp(buf + 1, s->session->session_id, 970 || (0 != memcmp(buf + 1, s->session->session_id,
1014 (unsigned int)s->session->session_id_length))) 971 (unsigned int)s->session->session_id_length))) {
1015 { 972 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
1016 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 973 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
1017 SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT); 974 return (-1);
1018 return(-1);
1019 }
1020 } 975 }
1021 } 976 }
1022 s->state = SSL_ST_OK;
1023 return(1);
1024 } 977 }
978 s->state = SSL_ST_OK;
979 return (1);
980}
1025 981
1026/* loads in the certificate from the server */ 982/* loads in the certificate from the server */
1027int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data) 983int
1028 { 984ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
1029 STACK_OF(X509) *sk=NULL; 985{
1030 EVP_PKEY *pkey=NULL; 986 STACK_OF(X509) *sk = NULL;
1031 SESS_CERT *sc=NULL; 987 EVP_PKEY *pkey = NULL;
988 SESS_CERT *sc = NULL;
1032 int i; 989 int i;
1033 X509 *x509=NULL; 990 X509 *x509 = NULL;
1034 int ret=0; 991 int ret = 0;
1035 992
1036 x509=d2i_X509(NULL,&data,(long)len); 993 x509 = d2i_X509(NULL, &data,(long)len);
1037 if (x509 == NULL) 994 if (x509 == NULL) {
1038 { 995 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_X509_LIB);
1039 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_X509_LIB);
1040 goto err; 996 goto err;
1041 } 997 }
1042 998
1043 if ((sk=sk_X509_new_null()) == NULL || !sk_X509_push(sk,x509)) 999 if ((sk = sk_X509_new_null()) == NULL || !sk_X509_push(sk, x509)) {
1044 { 1000 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1045 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1046 goto err; 1001 goto err;
1047 } 1002 }
1048 1003
1049 i=ssl_verify_cert_chain(s,sk); 1004 i = ssl_verify_cert_chain(s, sk);
1050 1005
1051 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) 1006 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
1052 { 1007 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED);
1053 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
1054 goto err; 1008 goto err;
1055 } 1009 }
1056 ERR_clear_error(); /* but we keep s->verify_result */ 1010 ERR_clear_error(); /* but we keep s->verify_result */
1057 s->session->verify_result = s->verify_result; 1011 s->session->verify_result = s->verify_result;
1058 1012
1059 /* server's cert for this session */ 1013 /* server's cert for this session */
1060 sc=ssl_sess_cert_new(); 1014 sc = ssl_sess_cert_new();
1061 if (sc == NULL) 1015 if (sc == NULL) {
1062 { 1016 ret = -1;
1063 ret= -1;
1064 goto err; 1017 goto err;
1065 } 1018 }
1066 if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert); 1019 if (s->session->sess_cert)
1067 s->session->sess_cert=sc; 1020 ssl_sess_cert_free(s->session->sess_cert);
1021 s->session->sess_cert = sc;
1068 1022
1069 sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509=x509; 1023 sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509 = x509;
1070 sc->peer_key= &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]); 1024 sc->peer_key = &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
1071 1025
1072 pkey=X509_get_pubkey(x509); 1026 pkey = X509_get_pubkey(x509);
1073 x509=NULL; 1027 x509 = NULL;
1074 if (pkey == NULL) 1028 if (pkey == NULL) {
1075 { 1029 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
1076 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
1077 goto err; 1030 goto err;
1078 } 1031 }
1079 if (pkey->type != EVP_PKEY_RSA) 1032 if (pkey->type != EVP_PKEY_RSA) {
1080 { 1033 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_PUBLIC_KEY_NOT_RSA);
1081 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_PUBLIC_KEY_NOT_RSA);
1082 goto err; 1034 goto err;
1083 } 1035 }
1084 1036
1085 if (!ssl_set_peer_cert_type(sc,SSL2_CT_X509_CERTIFICATE)) 1037 if (!ssl_set_peer_cert_type(sc, SSL2_CT_X509_CERTIFICATE))
1086 goto err; 1038 goto err;
1087 ret=1; 1039 ret = 1;
1088err: 1040err:
1089 sk_X509_free(sk); 1041 sk_X509_free(sk);
1090 X509_free(x509); 1042 X509_free(x509);
1091 EVP_PKEY_free(pkey); 1043 EVP_PKEY_free(pkey);
1092 return(ret); 1044 return (ret);
1093 } 1045}
1094 1046
1095static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, 1047static int
1096 unsigned char *to, int padding) 1048ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
1097 { 1049 unsigned char *to, int padding)
1098 EVP_PKEY *pkey=NULL; 1050{
1099 int i= -1; 1051 EVP_PKEY *pkey = NULL;
1052 int i = -1;
1100 1053
1101 if ((sc == NULL) || (sc->peer_key->x509 == NULL) || 1054 if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
1102 ((pkey=X509_get_pubkey(sc->peer_key->x509)) == NULL)) 1055 ((pkey = X509_get_pubkey(sc->peer_key->x509)) == NULL)) {
1103 { 1056 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_NO_PUBLICKEY);
1104 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY); 1057 return (-1);
1105 return(-1); 1058 }
1106 } 1059 if (pkey->type != EVP_PKEY_RSA) {
1107 if (pkey->type != EVP_PKEY_RSA) 1060 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1108 {
1109 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1110 goto end; 1061 goto end;
1111 } 1062 }
1112 1063
1113 /* we have the public key */ 1064 /* we have the public key */
1114 i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding); 1065 i = RSA_public_encrypt(len, from, to, pkey->pkey.rsa, padding);
1115 if (i < 0) 1066 if (i < 0)
1116 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB); 1067 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, ERR_R_RSA_LIB);
1117end: 1068end:
1118 EVP_PKEY_free(pkey); 1069 EVP_PKEY_free(pkey);
1119 return(i); 1070 return (i);
1120 } 1071}
1121#else /* !OPENSSL_NO_SSL2 */ 1072#else /* !OPENSSL_NO_SSL2 */
1122 1073
1123# if PEDANTIC 1074# if PEDANTIC
1124static void *dummy=&dummy; 1075static void *dummy = &dummy;
1125# endif 1076# endif
1126 1077
1127#endif 1078#endif
diff --git a/src/lib/libssl/src/ssl/s2_enc.c b/src/lib/libssl/src/ssl/s2_enc.c
index ff3395f459..8d2273f9ef 100644
--- a/src/lib/libssl/src/ssl/s2_enc.c
+++ b/src/lib/libssl/src/ssl/s2_enc.c
@@ -60,134 +60,131 @@
60#ifndef OPENSSL_NO_SSL2 60#ifndef OPENSSL_NO_SSL2
61#include <stdio.h> 61#include <stdio.h>
62 62
63int ssl2_enc_init(SSL *s, int client) 63int
64 { 64ssl2_enc_init(SSL *s, int client)
65{
65 /* Max number of bytes needed */ 66 /* Max number of bytes needed */
66 EVP_CIPHER_CTX *rs,*ws; 67 EVP_CIPHER_CTX *rs, *ws;
67 const EVP_CIPHER *c; 68 const EVP_CIPHER *c;
68 const EVP_MD *md; 69 const EVP_MD *md;
69 int num; 70 int num;
70 71
71 if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL)) 72 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
72 { 73 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
73 ssl2_return_error(s,SSL2_PE_NO_CIPHER); 74 SSLerr(SSL_F_SSL2_ENC_INIT, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
74 SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); 75 return (0);
75 return(0); 76 }
76 } 77 ssl_replace_hash(&s->read_hash, md);
77 ssl_replace_hash(&s->read_hash,md); 78 ssl_replace_hash(&s->write_hash, md);
78 ssl_replace_hash(&s->write_hash,md); 79
79 80 if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx =
80 if ((s->enc_read_ctx == NULL) && 81 (EVP_CIPHER_CTX *)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
81 ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
82 OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
83 goto err; 82 goto err;
84 83
85 /* make sure it's intialized in case the malloc for enc_write_ctx fails 84 /* make sure it's intialized in case the malloc for enc_write_ctx fails
86 * and we exit with an error */ 85 * and we exit with an error */
87 rs= s->enc_read_ctx; 86 rs = s->enc_read_ctx;
88 EVP_CIPHER_CTX_init(rs); 87 EVP_CIPHER_CTX_init(rs);
89 88
90 if ((s->enc_write_ctx == NULL) && 89 if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx =
91 ((s->enc_write_ctx=(EVP_CIPHER_CTX *) 90 (EVP_CIPHER_CTX *)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
92 OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
93 goto err; 91 goto err;
94 92
95 ws= s->enc_write_ctx; 93 ws = s->enc_write_ctx;
96 EVP_CIPHER_CTX_init(ws); 94 EVP_CIPHER_CTX_init(ws);
97 95
98 num=c->key_len; 96 num = c->key_len;
99 s->s2->key_material_length=num*2; 97 s->s2->key_material_length = num*2;
100 OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material); 98 OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
101 99
102 if (ssl2_generate_key_material(s) <= 0) 100 if (ssl2_generate_key_material(s) <= 0)
103 return 0; 101 return 0;
104 102
105 OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg)); 103 OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
106 EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]), 104 EVP_EncryptInit_ex(ws, c, NULL, &(s->s2->key_material[(client) ? num : 0]),
107 s->session->key_arg); 105 s->session->key_arg);
108 EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]), 106 EVP_DecryptInit_ex(rs, c, NULL, &(s->s2->key_material[(client) ? 0 : num]),
109 s->session->key_arg); 107 s->session->key_arg);
110 s->s2->read_key= &(s->s2->key_material[(client)?0:num]); 108 s->s2->read_key = &(s->s2->key_material[(client) ? 0 : num]);
111 s->s2->write_key= &(s->s2->key_material[(client)?num:0]); 109 s->s2->write_key = &(s->s2->key_material[(client) ? num : 0]);
112 return(1); 110 return (1);
113err: 111err:
114 SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE); 112 SSLerr(SSL_F_SSL2_ENC_INIT, ERR_R_MALLOC_FAILURE);
115 return(0); 113 return (0);
116 } 114}
117 115
118/* read/writes from s->s2->mac_data using length for encrypt and 116/* read/writes from s->s2->mac_data using length for encrypt and
119 * decrypt. It sets s->s2->padding and s->[rw]length 117 * decrypt. It sets s->s2->padding and s->[rw]length
120 * if we are encrypting */ 118 * if we are encrypting */
121void ssl2_enc(SSL *s, int send) 119void
122 { 120ssl2_enc(SSL *s, int send)
121{
123 EVP_CIPHER_CTX *ds; 122 EVP_CIPHER_CTX *ds;
124 unsigned long l; 123 unsigned long l;
125 int bs; 124 int bs;
126 125
127 if (send) 126 if (send) {
128 { 127 ds = s->enc_write_ctx;
129 ds=s->enc_write_ctx; 128 l = s->s2->wlength;
130 l=s->s2->wlength; 129 } else {
131 } 130 ds = s->enc_read_ctx;
132 else 131 l = s->s2->rlength;
133 { 132 }
134 ds=s->enc_read_ctx;
135 l=s->s2->rlength;
136 }
137 133
138 /* check for NULL cipher */ 134 /* check for NULL cipher */
139 if (ds == NULL) return; 135 if (ds == NULL)
136 return;
140 137
141 138
142 bs=ds->cipher->block_size; 139 bs = ds->cipher->block_size;
143 /* This should be using (bs-1) and bs instead of 7 and 8, but 140 /* This should be using (bs-1) and bs instead of 7 and 8, but
144 * what the hell. */ 141 * what the hell. */
145 if (bs == 8) 142 if (bs == 8)
146 l=(l+7)/8*8; 143 l = (l + 7) / 8 * 8;
147 144
148 EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l); 145 EVP_Cipher(ds, s->s2->mac_data, s->s2->mac_data, l);
149 } 146}
150 147
151void ssl2_mac(SSL *s, unsigned char *md, int send) 148void
152 { 149ssl2_mac(SSL *s, unsigned char *md, int send)
150{
153 EVP_MD_CTX c; 151 EVP_MD_CTX c;
154 unsigned char sequence[4],*p,*sec,*act; 152 unsigned char sequence[4], *p, *sec, *act;
155 unsigned long seq; 153 unsigned long seq;
156 unsigned int len; 154 unsigned int len;
157 155
158 if (send) 156 if (send) {
159 { 157 seq = s->s2->write_sequence;
160 seq=s->s2->write_sequence; 158 sec = s->s2->write_key;
161 sec=s->s2->write_key; 159 len = s->s2->wact_data_length;
162 len=s->s2->wact_data_length; 160 act = s->s2->wact_data;
163 act=s->s2->wact_data; 161 } else {
164 } 162 seq = s->s2->read_sequence;
165 else 163 sec = s->s2->read_key;
166 { 164 len = s->s2->ract_data_length;
167 seq=s->s2->read_sequence; 165 act = s->s2->ract_data;
168 sec=s->s2->read_key; 166 }
169 len=s->s2->ract_data_length; 167
170 act=s->s2->ract_data; 168 p = &(sequence[0]);
171 } 169 l2n(seq, p);
172
173 p= &(sequence[0]);
174 l2n(seq,p);
175 170
176 /* There has to be a MAC algorithm. */ 171 /* There has to be a MAC algorithm. */
177 EVP_MD_CTX_init(&c); 172 EVP_MD_CTX_init(&c);
178 EVP_MD_CTX_copy(&c, s->read_hash); 173 EVP_MD_CTX_copy(&c, s->read_hash);
179 EVP_DigestUpdate(&c,sec, 174 EVP_DigestUpdate(&c, sec,
180 EVP_CIPHER_CTX_key_length(s->enc_read_ctx)); 175 EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
181 EVP_DigestUpdate(&c,act,len); 176 EVP_DigestUpdate(&c, act, len);
177
182 /* the above line also does the pad data */ 178 /* the above line also does the pad data */
183 EVP_DigestUpdate(&c,sequence,4); 179 EVP_DigestUpdate(&c, sequence, 4);
184 EVP_DigestFinal_ex(&c,md,NULL); 180
181 EVP_DigestFinal_ex(&c, md, NULL);
185 EVP_MD_CTX_cleanup(&c); 182 EVP_MD_CTX_cleanup(&c);
186 } 183}
187#else /* !OPENSSL_NO_SSL2 */ 184#else /* !OPENSSL_NO_SSL2 */
188 185
189# if PEDANTIC 186# if PEDANTIC
190static void *dummy=&dummy; 187static void *dummy = &dummy;
191# endif 188# endif
192 189
193#endif 190#endif
diff --git a/src/lib/libssl/src/ssl/s2_lib.c b/src/lib/libssl/src/ssl/s2_lib.c
index 9914604109..d3764ebbe9 100644
--- a/src/lib/libssl/src/ssl/s2_lib.c
+++ b/src/lib/libssl/src/ssl/s2_lib.c
@@ -121,336 +121,355 @@ const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT;
121#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) 121#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
122 122
123/* list of available SSLv2 ciphers (sorted by id) */ 123/* list of available SSLv2 ciphers (sorted by id) */
124OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={ 124OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
125#if 0 125#if 0
126/* NULL_WITH_MD5 v3 */ 126/* NULL_WITH_MD5 v3 */
127 { 127 {
128 1, 128 1,
129 SSL2_TXT_NULL_WITH_MD5, 129 SSL2_TXT_NULL_WITH_MD5,
130 SSL2_CK_NULL_WITH_MD5, 130 SSL2_CK_NULL_WITH_MD5,
131 SSL_kRSA, 131 SSL_kRSA,
132 SSL_aRSA, 132 SSL_aRSA,
133 SSL_eNULL, 133 SSL_eNULL,
134 SSL_MD5, 134 SSL_MD5,
135 SSL_SSLV2, 135 SSL_SSLV2,
136 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE, 136 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
137 0, 137 0,
138 0, 138 0,
139 0, 139 0,
140 }, 140 },
141#endif 141#endif
142 142
143/* RC4_128_WITH_MD5 */ 143/* RC4_128_WITH_MD5 */
144 { 144 {
145 1, 145 1,
146 SSL2_TXT_RC4_128_WITH_MD5, 146 SSL2_TXT_RC4_128_WITH_MD5,
147 SSL2_CK_RC4_128_WITH_MD5, 147 SSL2_CK_RC4_128_WITH_MD5,
148 SSL_kRSA, 148 SSL_kRSA,
149 SSL_aRSA, 149 SSL_aRSA,
150 SSL_RC4, 150 SSL_RC4,
151 SSL_MD5, 151 SSL_MD5,
152 SSL_SSLV2, 152 SSL_SSLV2,
153 SSL_NOT_EXP|SSL_MEDIUM, 153 SSL_NOT_EXP|SSL_MEDIUM,
154 0, 154 0,
155 128, 155 128,
156 128, 156 128,
157 }, 157 },
158 158
159/* RC4_128_EXPORT40_WITH_MD5 */ 159/* RC4_128_EXPORT40_WITH_MD5 */
160 { 160 {
161 1, 161 1,
162 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, 162 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
163 SSL2_CK_RC4_128_EXPORT40_WITH_MD5, 163 SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
164 SSL_kRSA, 164 SSL_kRSA,
165 SSL_aRSA, 165 SSL_aRSA,
166 SSL_RC4, 166 SSL_RC4,
167 SSL_MD5, 167 SSL_MD5,
168 SSL_SSLV2, 168 SSL_SSLV2,
169 SSL_EXPORT|SSL_EXP40, 169 SSL_EXPORT|SSL_EXP40,
170 SSL2_CF_5_BYTE_ENC, 170 SSL2_CF_5_BYTE_ENC,
171 40, 171 40,
172 128, 172 128,
173 }, 173 },
174 174
175/* RC2_128_CBC_WITH_MD5 */ 175/* RC2_128_CBC_WITH_MD5 */
176 { 176 {
177 1, 177 1,
178 SSL2_TXT_RC2_128_CBC_WITH_MD5, 178 SSL2_TXT_RC2_128_CBC_WITH_MD5,
179 SSL2_CK_RC2_128_CBC_WITH_MD5, 179 SSL2_CK_RC2_128_CBC_WITH_MD5,
180 SSL_kRSA, 180 SSL_kRSA,
181 SSL_aRSA, 181 SSL_aRSA,
182 SSL_RC2, 182 SSL_RC2,
183 SSL_MD5, 183 SSL_MD5,
184 SSL_SSLV2, 184 SSL_SSLV2,
185 SSL_NOT_EXP|SSL_MEDIUM, 185 SSL_NOT_EXP|SSL_MEDIUM,
186 0, 186 0,
187 128, 187 128,
188 128, 188 128,
189 }, 189 },
190 190
191/* RC2_128_CBC_EXPORT40_WITH_MD5 */ 191/* RC2_128_CBC_EXPORT40_WITH_MD5 */
192 { 192 {
193 1, 193 1,
194 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, 194 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
195 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, 195 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
196 SSL_kRSA, 196 SSL_kRSA,
197 SSL_aRSA, 197 SSL_aRSA,
198 SSL_RC2, 198 SSL_RC2,
199 SSL_MD5, 199 SSL_MD5,
200 SSL_SSLV2, 200 SSL_SSLV2,
201 SSL_EXPORT|SSL_EXP40, 201 SSL_EXPORT|SSL_EXP40,
202 SSL2_CF_5_BYTE_ENC, 202 SSL2_CF_5_BYTE_ENC,
203 40, 203 40,
204 128, 204 128,
205 }, 205 },
206 206
207#ifndef OPENSSL_NO_IDEA 207#ifndef OPENSSL_NO_IDEA
208/* IDEA_128_CBC_WITH_MD5 */ 208/* IDEA_128_CBC_WITH_MD5 */
209 { 209 {
210 1, 210 1,
211 SSL2_TXT_IDEA_128_CBC_WITH_MD5, 211 SSL2_TXT_IDEA_128_CBC_WITH_MD5,
212 SSL2_CK_IDEA_128_CBC_WITH_MD5, 212 SSL2_CK_IDEA_128_CBC_WITH_MD5,
213 SSL_kRSA, 213 SSL_kRSA,
214 SSL_aRSA, 214 SSL_aRSA,
215 SSL_IDEA, 215 SSL_IDEA,
216 SSL_MD5, 216 SSL_MD5,
217 SSL_SSLV2, 217 SSL_SSLV2,
218 SSL_NOT_EXP|SSL_MEDIUM, 218 SSL_NOT_EXP|SSL_MEDIUM,
219 0, 219 0,
220 128, 220 128,
221 128, 221 128,
222 }, 222 },
223#endif 223#endif
224 224
225/* DES_64_CBC_WITH_MD5 */ 225/* DES_64_CBC_WITH_MD5 */
226 { 226 {
227 1, 227 1,
228 SSL2_TXT_DES_64_CBC_WITH_MD5, 228 SSL2_TXT_DES_64_CBC_WITH_MD5,
229 SSL2_CK_DES_64_CBC_WITH_MD5, 229 SSL2_CK_DES_64_CBC_WITH_MD5,
230 SSL_kRSA, 230 SSL_kRSA,
231 SSL_aRSA, 231 SSL_aRSA,
232 SSL_DES, 232 SSL_DES,
233 SSL_MD5, 233 SSL_MD5,
234 SSL_SSLV2, 234 SSL_SSLV2,
235 SSL_NOT_EXP|SSL_LOW, 235 SSL_NOT_EXP|SSL_LOW,
236 0, 236 0,
237 56, 237 56,
238 56, 238 56,
239 }, 239 },
240 240
241/* DES_192_EDE3_CBC_WITH_MD5 */ 241/* DES_192_EDE3_CBC_WITH_MD5 */
242 { 242 {
243 1, 243 1,
244 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, 244 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
245 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, 245 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
246 SSL_kRSA, 246 SSL_kRSA,
247 SSL_aRSA, 247 SSL_aRSA,
248 SSL_3DES, 248 SSL_3DES,
249 SSL_MD5, 249 SSL_MD5,
250 SSL_SSLV2, 250 SSL_SSLV2,
251 SSL_NOT_EXP|SSL_HIGH, 251 SSL_NOT_EXP|SSL_HIGH,
252 0, 252 0,
253 168, 253 168,
254 168, 254 168,
255 }, 255 },
256 256
257#if 0 257#if 0
258/* RC4_64_WITH_MD5 */ 258/* RC4_64_WITH_MD5 */
259 { 259 {
260 1, 260 1,
261 SSL2_TXT_RC4_64_WITH_MD5, 261 SSL2_TXT_RC4_64_WITH_MD5,
262 SSL2_CK_RC4_64_WITH_MD5, 262 SSL2_CK_RC4_64_WITH_MD5,
263 SSL_kRSA, 263 SSL_kRSA,
264 SSL_aRSA, 264 SSL_aRSA,
265 SSL_RC4, 265 SSL_RC4,
266 SSL_MD5, 266 SSL_MD5,
267 SSL_SSLV2, 267 SSL_SSLV2,
268 SSL_NOT_EXP|SSL_LOW, 268 SSL_NOT_EXP|SSL_LOW,
269 SSL2_CF_8_BYTE_ENC, 269 SSL2_CF_8_BYTE_ENC,
270 64, 270 64,
271 64, 271 64,
272 }, 272 },
273#endif 273#endif
274 274
275#if 0 275#if 0
276/* NULL SSLeay (testing) */ 276/* NULL SSLeay (testing) */
277 { 277 {
278 0, 278 0,
279 SSL2_TXT_NULL, 279 SSL2_TXT_NULL,
280 SSL2_CK_NULL, 280 SSL2_CK_NULL,
281 0, 281 0,
282 0, 282 0,
283 0, 283 0,
284 0, 284 0,
285 SSL_SSLV2, 285 SSL_SSLV2,
286 SSL_STRONG_NONE, 286 SSL_STRONG_NONE,
287 0, 287 0,
288 0, 288 0,
289 0, 289 0,
290 }, 290 },
291#endif 291#endif
292 292
293/* end of list :-) */ 293/* end of list :-) */
294 }; 294};
295 295
296long ssl2_default_timeout(void) 296long
297 { 297ssl2_default_timeout(void)
298 return(300); 298{
299 } 299 return (300);
300 300}
301int ssl2_num_ciphers(void) 301
302 { 302int
303 return(SSL2_NUM_CIPHERS); 303ssl2_num_ciphers(void)
304 } 304{
305 305 return (SSL2_NUM_CIPHERS);
306const SSL_CIPHER *ssl2_get_cipher(unsigned int u) 306}
307 { 307
308const SSL_CIPHER
309*ssl2_get_cipher(unsigned int u)
310{
308 if (u < SSL2_NUM_CIPHERS) 311 if (u < SSL2_NUM_CIPHERS)
309 return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u])); 312 return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
310 else 313 else
311 return(NULL); 314 return (NULL);
312 } 315}
313 316
314int ssl2_pending(const SSL *s) 317int
315 { 318ssl2_pending(const SSL *s)
319{
316 return SSL_in_init(s) ? 0 : s->s2->ract_data_length; 320 return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
317 } 321}
318 322
319int ssl2_new(SSL *s) 323int
320 { 324ssl2_new(SSL *s)
325{
321 SSL2_STATE *s2; 326 SSL2_STATE *s2;
322 327
323 if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err; 328 if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
324 memset(s2,0,sizeof *s2); 329 goto err;
330 memset(s2, 0, sizeof *s2);
325 331
326#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2 332#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
327# error "assertion failed" 333# error "assertion failed"
328#endif 334#endif
329 335
330 if ((s2->rbuf=OPENSSL_malloc( 336 if ((s2->rbuf = OPENSSL_malloc(
331 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; 337 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL)
338 goto err;
332 /* wbuf needs one byte more because when using two-byte headers, 339 /* wbuf needs one byte more because when using two-byte headers,
333 * we leave the first byte unused in do_ssl_write (s2_pkt.c) */ 340 * we leave the first byte unused in do_ssl_write (s2_pkt.c) */
334 if ((s2->wbuf=OPENSSL_malloc( 341 if ((s2->wbuf = OPENSSL_malloc(
335 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err; 342 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL)
336 s->s2=s2; 343 goto err;
344 s->s2 = s2;
337 345
338 ssl2_clear(s); 346 ssl2_clear(s);
339 return(1); 347 return (1);
340err: 348err:
341 if (s2 != NULL) 349 if (s2 != NULL) {
342 { 350 if (s2->wbuf != NULL)
343 if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); 351 OPENSSL_free(s2->wbuf);
344 if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); 352 if (s2->rbuf != NULL)
353 OPENSSL_free(s2->rbuf);
345 OPENSSL_free(s2); 354 OPENSSL_free(s2);
346 }
347 return(0);
348 } 355 }
356 return (0);
357}
349 358
350void ssl2_free(SSL *s) 359void
351 { 360ssl2_free(SSL *s)
361{
352 SSL2_STATE *s2; 362 SSL2_STATE *s2;
353 363
354 if(s == NULL) 364 if (s == NULL)
355 return; 365 return;
356 366
357 s2=s->s2; 367 s2 = s->s2;
358 if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); 368 if (s2->rbuf != NULL)
359 if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); 369 OPENSSL_free(s2->rbuf);
360 OPENSSL_cleanse(s2,sizeof *s2); 370 if (s2->wbuf != NULL)
371 OPENSSL_free(s2->wbuf);
372 OPENSSL_cleanse(s2, sizeof *s2);
361 OPENSSL_free(s2); 373 OPENSSL_free(s2);
362 s->s2=NULL; 374 s->s2 = NULL;
363 } 375}
364 376
365void ssl2_clear(SSL *s) 377void
366 { 378ssl2_clear(SSL *s)
379{
367 SSL2_STATE *s2; 380 SSL2_STATE *s2;
368 unsigned char *rbuf,*wbuf; 381 unsigned char *rbuf, *wbuf;
369 382
370 s2=s->s2; 383 s2 = s->s2;
371 384
372 rbuf=s2->rbuf; 385 rbuf = s2->rbuf;
373 wbuf=s2->wbuf; 386 wbuf = s2->wbuf;
374 387
375 memset(s2,0,sizeof *s2); 388 memset(s2, 0, sizeof *s2);
376 389
377 s2->rbuf=rbuf; 390 s2->rbuf = rbuf;
378 s2->wbuf=wbuf; 391 s2->wbuf = wbuf;
379 s2->clear_text=1; 392 s2->clear_text = 1;
380 s->packet=s2->rbuf; 393 s->packet = s2->rbuf;
381 s->version=SSL2_VERSION; 394 s->version = SSL2_VERSION;
382 s->packet_length=0; 395 s->packet_length = 0;
383 } 396}
384 397
385long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg) 398long
386 { 399ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
387 int ret=0; 400{
401 int ret = 0;
388 402
389 switch(cmd) 403 switch (cmd) {
390 {
391 case SSL_CTRL_GET_SESSION_REUSED: 404 case SSL_CTRL_GET_SESSION_REUSED:
392 ret=s->hit; 405 ret = s->hit;
393 break; 406 break;
394 default: 407 default:
395 break; 408 break;
396 }
397 return(ret);
398 }
399
400long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
401 {
402 return(0);
403 }
404
405long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
406 {
407 return(0);
408 }
409
410long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
411 {
412 return(0);
413 } 409 }
410 return (ret);
411}
412
413long
414ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
415{
416 return (0);
417}
418
419long
420ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
421{
422 return (0);
423}
424
425long
426ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
427{
428 return (0);
429}
414 430
415/* This function needs to check if the ciphers required are actually 431/* This function needs to check if the ciphers required are actually
416 * available */ 432 * available */
417const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) 433const SSL_CIPHER
418 { 434*ssl2_get_cipher_by_char(const unsigned char *p)
435{
419 SSL_CIPHER c; 436 SSL_CIPHER c;
420 const SSL_CIPHER *cp; 437 const SSL_CIPHER *cp;
421 unsigned long id; 438 unsigned long id;
422 439
423 id=0x02000000L|((unsigned long)p[0]<<16L)| 440 id = 0x02000000L|((unsigned long)p[0]<<16L)|
424 ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; 441 ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
425 c.id=id; 442 c.id = id;
426 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS); 443 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
427 if ((cp == NULL) || (cp->valid == 0)) 444 if ((cp == NULL) || (cp->valid == 0))
428 return NULL; 445 return NULL;
429 else 446 else
430 return cp; 447 return cp;
431 } 448}
432 449
433int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 450int
434 { 451ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
452{
435 long l; 453 long l;
436 454
437 if (p != NULL) 455 if (p != NULL) {
438 { 456 l = c->id;
439 l=c->id; 457 if ((l & 0xff000000) != 0x02000000)
440 if ((l & 0xff000000) != 0x02000000) return(0); 458 return (0);
441 p[0]=((unsigned char)(l>>16L))&0xFF; 459 p[0] = ((unsigned char)(l >> 16L))&0xFF;
442 p[1]=((unsigned char)(l>> 8L))&0xFF; 460 p[1] = ((unsigned char)(l >> 8L))&0xFF;
443 p[2]=((unsigned char)(l ))&0xFF; 461 p[2] = ((unsigned char)(l ))&0xFF;
444 }
445 return(3);
446 } 462 }
463 return (3);
464}
447 465
448int ssl2_generate_key_material(SSL *s) 466int
449 { 467ssl2_generate_key_material(SSL *s)
468{
450 unsigned int i; 469 unsigned int i;
451 EVP_MD_CTX ctx; 470 EVP_MD_CTX ctx;
452 unsigned char *km; 471 unsigned char *km;
453 unsigned char c='0'; 472 unsigned char c = '0';
454 const EVP_MD *md5; 473 const EVP_MD *md5;
455 int md_size; 474 int md_size;
456 475
@@ -461,96 +480,94 @@ int ssl2_generate_key_material(SSL *s)
461 see SSLv2 docu */ 480 see SSLv2 docu */
462#endif 481#endif
463 EVP_MD_CTX_init(&ctx); 482 EVP_MD_CTX_init(&ctx);
464 km=s->s2->key_material; 483 km = s->s2->key_material;
465 484
466 if (s->session->master_key_length < 0 || 485 if (s->session->master_key_length < 0 ||
467 s->session->master_key_length > (int)sizeof(s->session->master_key)) 486 s->session->master_key_length > (int)sizeof(s->session->master_key)) {
468 { 487 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
469 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); 488 return 0;
470 return 0; 489 }
471 }
472 md_size = EVP_MD_size(md5); 490 md_size = EVP_MD_size(md5);
473 if (md_size < 0) 491 if (md_size < 0)
474 return 0; 492 return 0;
475 for (i=0; i<s->s2->key_material_length; i += md_size) 493 for (i = 0; i < s->s2->key_material_length; i += md_size) {
476 {
477 if (((km - s->s2->key_material) + md_size) > 494 if (((km - s->s2->key_material) + md_size) >
478 (int)sizeof(s->s2->key_material)) 495 (int)sizeof(s->s2->key_material)) {
479 {
480 /* EVP_DigestFinal_ex() below would write beyond buffer */ 496 /* EVP_DigestFinal_ex() below would write beyond buffer */
481 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); 497 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
482 return 0; 498 return 0;
483 } 499 }
484 500
485 EVP_DigestInit_ex(&ctx, md5, NULL); 501 EVP_DigestInit_ex(&ctx, md5, NULL);
486 502
487 OPENSSL_assert(s->session->master_key_length >= 0 503 OPENSSL_assert(s->session->master_key_length >= 0 &&
488 && s->session->master_key_length 504 s->session->master_key_length <
489 < (int)sizeof(s->session->master_key)); 505 (int)sizeof(s->session->master_key));
490 EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); 506 EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length);
491 EVP_DigestUpdate(&ctx,&c,1); 507 EVP_DigestUpdate(&ctx, &c, 1);
492 c++; 508 c++;
493 EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length); 509 EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
494 EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length); 510 EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
495 EVP_DigestFinal_ex(&ctx,km,NULL); 511 EVP_DigestFinal_ex(&ctx, km, NULL);
496 km += md_size; 512 km += md_size;
497 } 513 }
498 514
499 EVP_MD_CTX_cleanup(&ctx); 515 EVP_MD_CTX_cleanup(&ctx);
500 return 1; 516 return 1;
501 } 517}
502 518
503void ssl2_return_error(SSL *s, int err) 519void
504 { 520ssl2_return_error(SSL *s, int err)
505 if (!s->error) 521{
506 { 522 if (!s->error) {
507 s->error=3; 523 s->error = 3;
508 s->error_code=err; 524 s->error_code = err;
509 525
510 ssl2_write_error(s); 526 ssl2_write_error(s);
511 }
512 } 527 }
528}
513 529
514 530
515void ssl2_write_error(SSL *s) 531void
516 { 532ssl2_write_error(SSL *s)
533{
517 unsigned char buf[3]; 534 unsigned char buf[3];
518 int i,error; 535 int i, error;
519 536
520 buf[0]=SSL2_MT_ERROR; 537 buf[0] = SSL2_MT_ERROR;
521 buf[1]=(s->error_code>>8)&0xff; 538 buf[1] = (s->error_code >> 8)&0xff;
522 buf[2]=(s->error_code)&0xff; 539 buf[2] = (s->error_code)&0xff;
523 540
524/* state=s->rwstate;*/ 541/* state=s->rwstate;*/
525 542
526 error=s->error; /* number of bytes left to write */ 543 error=s->error; /* number of bytes left to write */
527 s->error=0; 544 s->error = 0;
528 OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf)); 545 OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
529 i=ssl2_write(s,&(buf[3-error]),error); 546 i = ssl2_write(s, &(buf[3 - error]), error);
530 547
531/* if (i == error) s->rwstate=state; */ 548/* if (i == error) s->rwstate=state; */
532 549
533 if (i < 0) 550 if (i < 0)
534 s->error=error; 551 s->error = error;
535 else 552 else {
536 { 553 s->error = error - i;
537 s->error=error-i;
538 554
539 if (s->error == 0) 555 if (s->error == 0)
540 if (s->msg_callback) 556 if (s->msg_callback)
541 s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */ 557 s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */
542 }
543 }
544
545int ssl2_shutdown(SSL *s)
546 {
547 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
548 return(1);
549 } 558 }
559}
560
561int
562ssl2_shutdown(SSL *s)
563{
564 s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
565 return (1);
566}
550#else /* !OPENSSL_NO_SSL2 */ 567#else /* !OPENSSL_NO_SSL2 */
551 568
552# if PEDANTIC 569# if PEDANTIC
553static void *dummy=&dummy; 570static void *dummy = &dummy;
554# endif 571# endif
555 572
556#endif 573#endif
diff --git a/src/lib/libssl/src/ssl/s2_meth.c b/src/lib/libssl/src/ssl/s2_meth.c
index f0e8ca593d..ca08fc6e22 100644
--- a/src/lib/libssl/src/ssl/s2_meth.c
+++ b/src/lib/libssl/src/ssl/s2_meth.c
@@ -62,23 +62,22 @@
62#include <openssl/objects.h> 62#include <openssl/objects.h>
63 63
64static const SSL_METHOD *ssl2_get_method(int ver); 64static const SSL_METHOD *ssl2_get_method(int ver);
65static const SSL_METHOD *ssl2_get_method(int ver) 65static const SSL_METHOD
66 { 66*ssl2_get_method(int ver)
67{
67 if (ver == SSL2_VERSION) 68 if (ver == SSL2_VERSION)
68 return(SSLv2_method()); 69 return (SSLv2_method());
69 else 70 else
70 return(NULL); 71 return (NULL);
71 } 72}
72 73
73IMPLEMENT_ssl2_meth_func(SSLv2_method, 74IMPLEMENT_ssl2_meth_func(SSLv2_method,
74 ssl2_accept, 75 ssl2_accept, ssl2_connect, ssl2_get_method)
75 ssl2_connect,
76 ssl2_get_method)
77 76
78#else /* !OPENSSL_NO_SSL2 */ 77#else /* !OPENSSL_NO_SSL2 */
79 78
80# if PEDANTIC 79# if PEDANTIC
81static void *dummy=&dummy; 80static void *dummy = &dummy;
82# endif 81# endif
83 82
84#endif 83#endif
diff --git a/src/lib/libssl/src/ssl/s2_pkt.c b/src/lib/libssl/src/ssl/s2_pkt.c
index 7efad40153..3a92c81d65 100644
--- a/src/lib/libssl/src/ssl/s2_pkt.c
+++ b/src/lib/libssl/src/ssl/s2_pkt.c
@@ -114,7 +114,7 @@
114#include <stdio.h> 114#include <stdio.h>
115#include <errno.h> 115#include <errno.h>
116 116
117static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); 117static int read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend);
118static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); 118static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
119static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); 119static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
120static int ssl_mt_error(int n); 120static int ssl_mt_error(int n);
@@ -123,158 +123,145 @@ static int ssl_mt_error(int n);
123/* SSL 2.0 imlementation for SSL_read/SSL_peek - 123/* SSL 2.0 imlementation for SSL_read/SSL_peek -
124 * This routine will return 0 to len bytes, decrypted etc if required. 124 * This routine will return 0 to len bytes, decrypted etc if required.
125 */ 125 */
126static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) 126static int
127 { 127ssl2_read_internal(SSL *s, void *buf, int len, int peek)
128{
128 int n; 129 int n;
129 unsigned char mac[MAX_MAC_SIZE]; 130 unsigned char mac[MAX_MAC_SIZE];
130 unsigned char *p; 131 unsigned char *p;
131 int i; 132 int i;
132 int mac_size; 133 int mac_size;
133 134
134 ssl2_read_again: 135 ssl2_read_again:
135 if (SSL_in_init(s) && !s->in_handshake) 136 if (SSL_in_init(s) && !s->in_handshake) {
136 { 137 n = s->handshake_func(s);
137 n=s->handshake_func(s); 138 if (n < 0)
138 if (n < 0) return(n); 139 return (n);
139 if (n == 0) 140 if (n == 0) {
140 { 141 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_SSL_HANDSHAKE_FAILURE);
141 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAILURE); 142 return (-1);
142 return(-1);
143 }
144 } 143 }
144 }
145 145
146 errno = 0; 146 errno = 0;
147 s->rwstate=SSL_NOTHING; 147 s->rwstate = SSL_NOTHING;
148 if (len <= 0) return(len); 148 if (len <= 0)
149 return (len);
149 150
150 if (s->s2->ract_data_length != 0) /* read from buffer */ 151 if (s->s2->ract_data_length != 0) /* read from buffer */
151 { 152 {
152 if (len > s->s2->ract_data_length) 153 if (len > s->s2->ract_data_length)
153 n=s->s2->ract_data_length; 154 n = s->s2->ract_data_length;
154 else 155 else
155 n=len; 156 n = len;
156 157
157 memcpy(buf,s->s2->ract_data,(unsigned int)n); 158 memcpy(buf, s->s2->ract_data,(unsigned int)n);
158 if (!peek) 159 if (!peek) {
159 { 160 s->s2->ract_data_length -= n;
160 s->s2->ract_data_length-=n; 161 s->s2->ract_data += n;
161 s->s2->ract_data+=n;
162 if (s->s2->ract_data_length == 0) 162 if (s->s2->ract_data_length == 0)
163 s->rstate=SSL_ST_READ_HEADER; 163 s->rstate = SSL_ST_READ_HEADER;
164 }
165
166 return(n);
167 } 164 }
168 165
166 return (n);
167 }
168
169 /* s->s2->ract_data_length == 0 169 /* s->s2->ract_data_length == 0
170 * 170 *
171 * Fill the buffer, then goto ssl2_read_again. 171 * Fill the buffer, then goto ssl2_read_again.
172 */ 172 */
173 173
174 if (s->rstate == SSL_ST_READ_HEADER) 174 if (s->rstate == SSL_ST_READ_HEADER) {
175 { 175 if (s->first_packet) {
176 if (s->first_packet) 176 n = read_n(s, 5, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
177 {
178 n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
179 if (n <= 0) return(n); /* error or non-blocking */ 177 if (n <= 0) return(n); /* error or non-blocking */
180 s->first_packet=0; 178 s->first_packet = 0;
181 p=s->packet; 179 p = s->packet;
182 if (!((p[0] & 0x80) && ( 180 if (!((p[0] & 0x80) && (
183 (p[2] == SSL2_MT_CLIENT_HELLO) || 181 (p[2] == SSL2_MT_CLIENT_HELLO) ||
184 (p[2] == SSL2_MT_SERVER_HELLO)))) 182 (p[2] == SSL2_MT_SERVER_HELLO)))) {
185 { 183 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_NON_SSLV2_INITIAL_PACKET);
186 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_NON_SSLV2_INITIAL_PACKET); 184 return (-1);
187 return(-1);
188 }
189 }
190 else
191 {
192 n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
193 if (n <= 0) return(n); /* error or non-blocking */
194 } 185 }
186 } else {
187 n = read_n(s, 2, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
188 if (n <= 0)
189 return(n); /* error or non-blocking */
190 }
195 /* part read stuff */ 191 /* part read stuff */
196 192
197 s->rstate=SSL_ST_READ_BODY; 193 s->rstate = SSL_ST_READ_BODY;
198 p=s->packet; 194 p = s->packet;
199 /* Do header */ 195 /* Do header */
200 /*s->s2->padding=0;*/ 196 /*s->s2->padding=0;*/
201 s->s2->escape=0; 197 s->s2->escape = 0;
202 s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]); 198 s->s2->rlength = (((unsigned int)p[0]) << 8)|((unsigned int)p[1]);
203 if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */ 199 if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */
204 { 200 {
205 s->s2->three_byte_header=0; 201 s->s2->three_byte_header = 0;
206 s->s2->rlength&=TWO_BYTE_MASK; 202 s->s2->rlength&=TWO_BYTE_MASK;
207 } 203
208 else 204 } else {
209 { 205 s->s2->three_byte_header = 1;
210 s->s2->three_byte_header=1;
211 s->s2->rlength&=THREE_BYTE_MASK; 206 s->s2->rlength&=THREE_BYTE_MASK;
212 207
213 /* security >s2->escape */ 208 /* security >s2->escape */
214 s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0; 209 s->s2->escape = ((p[0] & SEC_ESC_BIT)) ? 1 : 0;
215 }
216 } 210 }
211 }
217 212
218 if (s->rstate == SSL_ST_READ_BODY) 213 if (s->rstate == SSL_ST_READ_BODY) {
219 { 214 n = s->s2->rlength + 2 + s->s2->three_byte_header;
220 n=s->s2->rlength+2+s->s2->three_byte_header; 215 if (n > (int)s->packet_length) {
221 if (n > (int)s->packet_length) 216 n -= s->packet_length;
222 { 217 i = read_n(s, (unsigned int)n, (unsigned int)n, 1);
223 n-=s->packet_length; 218 if (i <= 0)
224 i=read_n(s,(unsigned int)n,(unsigned int)n,1); 219 return(i); /* ERROR */
225 if (i <= 0) return(i); /* ERROR */ 220 }
226 }
227 221
228 p= &(s->packet[2]); 222 p = &(s->packet[2]);
229 s->rstate=SSL_ST_READ_HEADER; 223 s->rstate = SSL_ST_READ_HEADER;
230 if (s->s2->three_byte_header) 224 if (s->s2->three_byte_header)
231 s->s2->padding= *(p++); 225 s->s2->padding= *(p++);
232 else s->s2->padding=0; 226 else s->s2->padding = 0;
233 227
234 /* Data portion */ 228 /* Data portion */
235 if (s->s2->clear_text) 229 if (s->s2->clear_text) {
236 {
237 mac_size = 0; 230 mac_size = 0;
238 s->s2->mac_data=p; 231 s->s2->mac_data = p;
239 s->s2->ract_data=p; 232 s->s2->ract_data = p;
240 if (s->s2->padding) 233 if (s->s2->padding) {
241 { 234 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
242 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); 235 return (-1);
243 return(-1);
244 }
245 } 236 }
246 else 237 } else {
247 { 238 mac_size = EVP_MD_CTX_size(s->read_hash);
248 mac_size=EVP_MD_CTX_size(s->read_hash);
249 if (mac_size < 0) 239 if (mac_size < 0)
250 return -1; 240 return -1;
251 OPENSSL_assert(mac_size <= MAX_MAC_SIZE); 241 OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
252 s->s2->mac_data=p; 242 s->s2->mac_data = p;
253 s->s2->ract_data= &p[mac_size]; 243 s->s2->ract_data = &p[mac_size];
254 if (s->s2->padding + mac_size > s->s2->rlength) 244 if (s->s2->padding + mac_size > s->s2->rlength) {
255 { 245 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
256 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); 246 return (-1);
257 return(-1);
258 }
259 } 247 }
248 }
260 249
261 s->s2->ract_data_length=s->s2->rlength; 250 s->s2->ract_data_length = s->s2->rlength;
262 /* added a check for length > max_size in case 251 /* added a check for length > max_size in case
263 * encryption was not turned on yet due to an error */ 252 * encryption was not turned on yet due to an error */
264 if ((!s->s2->clear_text) && 253 if ((!s->s2->clear_text) &&
265 (s->s2->rlength >= (unsigned int)mac_size)) 254 (s->s2->rlength >= (unsigned int)mac_size)) {
266 { 255 ssl2_enc(s, 0);
267 ssl2_enc(s,0); 256 s->s2->ract_data_length -= mac_size;
268 s->s2->ract_data_length-=mac_size; 257 ssl2_mac(s, mac, 0);
269 ssl2_mac(s,mac,0); 258 s->s2->ract_data_length -= s->s2->padding;
270 s->s2->ract_data_length-=s->s2->padding; 259 if ((CRYPTO_memcmp(mac, s->s2->mac_data, mac_size) != 0) ||
271 if ( (CRYPTO_memcmp(mac,s->s2->mac_data,mac_size) != 0) || 260 (s->s2->rlength % EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) {
272 (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) 261 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_MAC_DECODE);
273 { 262 return (-1);
274 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE);
275 return(-1);
276 }
277 } 263 }
264 }
278 INC32(s->s2->read_sequence); /* expect next number */ 265 INC32(s->s2->read_sequence); /* expect next number */
279 /* s->s2->ract_data is now available for processing */ 266 /* s->s2->ract_data is now available for processing */
280 267
@@ -291,181 +278,166 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
291 * renegotiation can confuse things even more.] */ 278 * renegotiation can confuse things even more.] */
292 279
293 goto ssl2_read_again; /* This should really be 280 goto ssl2_read_again; /* This should really be
294 * "return ssl2_read(s,buf,len)", 281 * "return ssl2_read(s, buf, len)",
295 * but that would allow for 282 * but that would allow for
296 * denial-of-service attacks if a 283 * denial - of - service attacks if a
297 * C compiler is used that does not 284 * C compiler is used that does not
298 * recognize end-recursion. */ 285 * recognize end-recursion. */
299 } 286 } else {
300 else 287 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_STATE);
301 { 288 return (-1);
302 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_STATE);
303 return(-1);
304 }
305 } 289 }
290}
306 291
307int ssl2_read(SSL *s, void *buf, int len) 292int
308 { 293ssl2_read(SSL *s, void *buf, int len)
294{
309 return ssl2_read_internal(s, buf, len, 0); 295 return ssl2_read_internal(s, buf, len, 0);
310 } 296}
311 297
312int ssl2_peek(SSL *s, void *buf, int len) 298int
313 { 299ssl2_peek(SSL *s, void *buf, int len)
300{
314 return ssl2_read_internal(s, buf, len, 1); 301 return ssl2_read_internal(s, buf, len, 1);
315 } 302}
316 303
317static int read_n(SSL *s, unsigned int n, unsigned int max, 304static int
318 unsigned int extend) 305read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend)
319 { 306{
320 int i,off,newb; 307 int i, off, newb;
321 308
322 /* if there is stuff still in the buffer from a previous read, 309 /* if there is stuff still in the buffer from a previous read,
323 * and there is more than we want, take some. */ 310 * and there is more than we want, take some. */
324 if (s->s2->rbuf_left >= (int)n) 311 if (s->s2->rbuf_left >= (int)n) {
325 {
326 if (extend) 312 if (extend)
327 s->packet_length+=n; 313 s->packet_length += n;
328 else 314 else {
329 { 315 s->packet = &(s->s2->rbuf[s->s2->rbuf_offs]);
330 s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]); 316 s->packet_length = n;
331 s->packet_length=n;
332 }
333 s->s2->rbuf_left-=n;
334 s->s2->rbuf_offs+=n;
335 return(n);
336 } 317 }
318 s->s2->rbuf_left -= n;
319 s->s2->rbuf_offs += n;
320 return (n);
321 }
322
323 if (!s->read_ahead)
324 max = n;
325 if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2))
326 max = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2;
337 327
338 if (!s->read_ahead) max=n;
339 if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2))
340 max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2;
341
342 328
343 /* Else we want more than we have. 329 /* Else we want more than we have.
344 * First, if there is some left or we want to extend */ 330 * First, if there is some left or we want to extend */
345 off=0; 331 off = 0;
346 if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) 332 if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) {
347 { 333 newb = s->s2->rbuf_left;
348 newb=s->s2->rbuf_left; 334 if (extend) {
349 if (extend) 335 off = s->packet_length;
350 {
351 off=s->packet_length;
352 if (s->packet != s->s2->rbuf) 336 if (s->packet != s->s2->rbuf)
353 memcpy(s->s2->rbuf,s->packet, 337 memcpy(s->s2->rbuf, s->packet,
354 (unsigned int)newb+off); 338 (unsigned int)newb + off);
355 } 339 } else if (s->s2->rbuf_offs != 0) {
356 else if (s->s2->rbuf_offs != 0) 340 memcpy(s->s2->rbuf, &(s->s2->rbuf[s->s2->rbuf_offs]),
357 { 341 (unsigned int)newb);
358 memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]), 342 s->s2->rbuf_offs = 0;
359 (unsigned int)newb);
360 s->s2->rbuf_offs=0;
361 }
362 s->s2->rbuf_left=0;
363 } 343 }
364 else 344 s->s2->rbuf_left = 0;
365 newb=0; 345 } else
346 newb = 0;
366 347
367 /* off is the offset to start writing too. 348 /* off is the offset to start writing too.
368 * r->s2->rbuf_offs is the 'unread data', now 0. 349 * r->s2->rbuf_offs is the 'unread data', now 0.
369 * newb is the number of new bytes so far 350 * newb is the number of new bytes so far
370 */ 351 */
371 s->packet=s->s2->rbuf; 352 s->packet = s->s2->rbuf;
372 while (newb < (int)n) 353 while (newb < (int)n) {
373 {
374 errno = 0; 354 errno = 0;
375 if (s->rbio != NULL) 355 if (s->rbio != NULL) {
376 { 356 s->rwstate = SSL_READING;
377 s->rwstate=SSL_READING; 357 i = BIO_read(s->rbio,(char *)&(s->s2->rbuf[off + newb]),
378 i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]), 358 max - newb);
379 max-newb); 359 } else {
380 } 360 SSLerr(SSL_F_READ_N, SSL_R_READ_BIO_NOT_SET);
381 else 361 i = -1;
382 { 362 }
383 SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET);
384 i= -1;
385 }
386#ifdef PKT_DEBUG 363#ifdef PKT_DEBUG
387 if (s->debug & 0x01) sleep(1); 364 if (s->debug & 0x01)
365 sleep(1);
388#endif 366#endif
389 if (i <= 0) 367 if (i <= 0) {
390 { 368 s->s2->rbuf_left += newb;
391 s->s2->rbuf_left+=newb; 369 return (i);
392 return(i);
393 }
394 newb+=i;
395 } 370 }
371 newb += i;
372 }
396 373
397 /* record unread data */ 374 /* record unread data */
398 if (newb > (int)n) 375 if (newb > (int)n) {
399 { 376 s->s2->rbuf_offs = n + off;
400 s->s2->rbuf_offs=n+off; 377 s->s2->rbuf_left = newb - n;
401 s->s2->rbuf_left=newb-n; 378 } else {
402 } 379 s->s2->rbuf_offs = 0;
403 else 380 s->s2->rbuf_left = 0;
404 { 381 }
405 s->s2->rbuf_offs=0;
406 s->s2->rbuf_left=0;
407 }
408 if (extend) 382 if (extend)
409 s->packet_length+=n; 383 s->packet_length += n;
410 else 384 else
411 s->packet_length=n; 385 s->packet_length = n;
412 s->rwstate=SSL_NOTHING; 386 s->rwstate = SSL_NOTHING;
413 return(n); 387 return (n);
414 } 388}
415 389
416int ssl2_write(SSL *s, const void *_buf, int len) 390int
417 { 391ssl2_write(SSL *s, const void *_buf, int len)
418 const unsigned char *buf=_buf; 392{
419 unsigned int n,tot; 393 const unsigned char *buf = _buf;
394 unsigned int n, tot;
420 int i; 395 int i;
421 396
422 if (SSL_in_init(s) && !s->in_handshake) 397 if (SSL_in_init(s) && !s->in_handshake) {
423 { 398 i = s->handshake_func(s);
424 i=s->handshake_func(s); 399 if (i < 0)
425 if (i < 0) return(i); 400 return (i);
426 if (i == 0) 401 if (i == 0) {
427 { 402 SSLerr(SSL_F_SSL2_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
428 SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); 403 return (-1);
429 return(-1);
430 }
431 } 404 }
405 }
432 406
433 if (s->error) 407 if (s->error) {
434 {
435 ssl2_write_error(s); 408 ssl2_write_error(s);
436 if (s->error) 409 if (s->error)
437 return(-1); 410 return (-1);
438 } 411 }
439 412
440 errno = 0; 413 errno = 0;
441 s->rwstate=SSL_NOTHING; 414 s->rwstate = SSL_NOTHING;
442 if (len <= 0) return(len); 415 if (len <= 0)
443 416 return (len);
444 tot=s->s2->wnum; 417
445 s->s2->wnum=0; 418 tot = s->s2->wnum;
446 419 s->s2->wnum = 0;
447 n=(len-tot); 420
448 for (;;) 421 n = (len - tot);
449 { 422 for (;;) {
450 i=n_do_ssl_write(s,&(buf[tot]),n); 423 i = n_do_ssl_write(s, &(buf[tot]), n);
451 if (i <= 0) 424 if (i <= 0) {
452 { 425 s->s2->wnum = tot;
453 s->s2->wnum=tot; 426 return (i);
454 return(i); 427 }
455 }
456 if ((i == (int)n) || 428 if ((i == (int)n) ||
457 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) 429 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) {
458 { 430 return (tot + i);
459 return(tot+i);
460 }
461
462 n-=i;
463 tot+=i;
464 } 431 }
432
433 n -= i;
434 tot += i;
465 } 435 }
436}
466 437
467static int write_pending(SSL *s, const unsigned char *buf, unsigned int len) 438static int
468 { 439write_pending(SSL *s, const unsigned char *buf, unsigned int len)
440{
469 int i; 441 int i;
470 442
471 /* s->s2->wpend_len != 0 MUST be true. */ 443 /* s->s2->wpend_len != 0 MUST be true. */
@@ -473,122 +445,110 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
473 /* check that they have given us the same buffer to 445 /* check that they have given us the same buffer to
474 * write */ 446 * write */
475 if ((s->s2->wpend_tot > (int)len) || 447 if ((s->s2->wpend_tot > (int)len) ||
476 ((s->s2->wpend_buf != buf) && 448 ((s->s2->wpend_buf != buf) &&
477 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) 449 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) {
478 { 450 SSLerr(SSL_F_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
479 SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); 451 return (-1);
480 return(-1); 452 }
481 }
482 453
483 for (;;) 454 for (;;) {
484 {
485 errno = 0; 455 errno = 0;
486 if (s->wbio != NULL) 456 if (s->wbio != NULL) {
487 { 457 s->rwstate = SSL_WRITING;
488 s->rwstate=SSL_WRITING; 458 i = BIO_write(s->wbio,
489 i=BIO_write(s->wbio, 459 (char *)&(s->s2->write_ptr[s->s2->wpend_off]),
490 (char *)&(s->s2->write_ptr[s->s2->wpend_off]), 460 (unsigned int)s->s2->wpend_len);
491 (unsigned int)s->s2->wpend_len); 461 } else {
492 } 462 SSLerr(SSL_F_WRITE_PENDING, SSL_R_WRITE_BIO_NOT_SET);
493 else 463 i = -1;
494 { 464 }
495 SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET);
496 i= -1;
497 }
498#ifdef PKT_DEBUG 465#ifdef PKT_DEBUG
499 if (s->debug & 0x01) sleep(1); 466 if (s->debug & 0x01)
467 sleep(1);
500#endif 468#endif
501 if (i == s->s2->wpend_len) 469 if (i == s->s2->wpend_len) {
502 { 470 s->s2->wpend_len = 0;
503 s->s2->wpend_len=0; 471 s->rwstate = SSL_NOTHING;
504 s->rwstate=SSL_NOTHING; 472 return (s->s2->wpend_ret);
505 return(s->s2->wpend_ret); 473 } else if (i <= 0)
506 } 474 return (i);
507 else if (i <= 0) 475 s->s2->wpend_off += i;
508 return(i); 476 s->s2->wpend_len -= i;
509 s->s2->wpend_off+=i;
510 s->s2->wpend_len-=i;
511 }
512 } 477 }
478}
513 479
514static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) 480static int
515 { 481n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
516 unsigned int j,k,olen,p,bs; 482{
483 unsigned int j, k, olen, p, bs;
517 int mac_size; 484 int mac_size;
518 register unsigned char *pp; 485 register unsigned char *pp;
519 486
520 olen=len; 487 olen = len;
521 488
522 /* first check if there is data from an encryption waiting to 489 /* first check if there is data from an encryption waiting to
523 * be sent - it must be sent because the other end is waiting. 490 * be sent - it must be sent because the other end is waiting.
524 * This will happen with non-blocking IO. We print it and then 491 * This will happen with non-blocking IO. We print it and then
525 * return. 492 * return.
526 */ 493 */
527 if (s->s2->wpend_len != 0) return(write_pending(s,buf,len)); 494 if (s->s2->wpend_len != 0)
495 return (write_pending(s, buf, len));
528 496
529 /* set mac_size to mac size */ 497 /* set mac_size to mac size */
530 if (s->s2->clear_text) 498 if (s->s2->clear_text)
531 mac_size=0; 499 mac_size = 0;
532 else 500 else {
533 { 501 mac_size = EVP_MD_CTX_size(s->write_hash);
534 mac_size=EVP_MD_CTX_size(s->write_hash);
535 if (mac_size < 0) 502 if (mac_size < 0)
536 return -1; 503 return -1;
537 } 504 }
538 505
539 /* lets set the pad p */ 506 /* lets set the pad p */
540 if (s->s2->clear_text) 507 if (s->s2->clear_text) {
541 {
542 if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) 508 if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
543 len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; 509 len = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
544 p=0; 510 p = 0;
545 s->s2->three_byte_header=0; 511 s->s2->three_byte_header = 0;
546 /* len=len; */ 512 /* len=len; */
547 } 513 } else {
548 else 514 bs = EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
549 { 515 j = len + mac_size;
550 bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
551 j=len+mac_size;
552 /* Two-byte headers allow for a larger record length than 516 /* Two-byte headers allow for a larger record length than
553 * three-byte headers, but we can't use them if we need 517 * three-byte headers, but we can't use them if we need
554 * padding or if we have to set the escape bit. */ 518 * padding or if we have to set the escape bit. */
555 if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) && 519 if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
556 (!s->s2->escape)) 520 (!s->s2->escape)) {
557 {
558 if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) 521 if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
559 j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; 522 j = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
560 /* set k to the max number of bytes with 2 523 /* set k to the max number of bytes with 2
561 * byte header */ 524 * byte header */
562 k=j-(j%bs); 525 k = j - (j % bs);
563 /* how many data bytes? */ 526 /* how many data bytes? */
564 len=k-mac_size; 527 len = k - mac_size;
565 s->s2->three_byte_header=0; 528
566 p=0; 529 s->s2->three_byte_header = 0;
567 } 530 p = 0;
568 else if ((bs <= 1) && (!s->s2->escape)) 531 } else if ((bs <= 1) && (!s->s2->escape)) {
569 {
570 /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus 532 /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
571 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */ 533 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */
572 s->s2->three_byte_header=0; 534 s->s2->three_byte_header = 0;
573 p=0; 535 p = 0;
574 } 536 }
575 else /* we may have to use a 3 byte header */ 537 else /* we may have to use a 3 byte header */
576 { 538 {
577 /* If s->s2->escape is not set, then 539 /* If s->s2->escape is not set, then
578 * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus 540 * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
579 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */ 541 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */
580 p=(j%bs); 542 p = (j % bs);
581 p=(p == 0)?0:(bs-p); 543 p = (p == 0) ? 0 : (bs - p);
582 if (s->s2->escape) 544 if (s->s2->escape) {
583 { 545 s->s2->three_byte_header = 1;
584 s->s2->three_byte_header=1;
585 if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 546 if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
586 j=SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER; 547 j = SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
587 } 548 } else
588 else 549 s->s2->three_byte_header = (p == 0) ? 0 : 1;
589 s->s2->three_byte_header=(p == 0)?0:1;
590 }
591 } 550 }
551 }
592 552
593 /* Now 553 /* Now
594 * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 554 * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
@@ -601,142 +561,136 @@ static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
601 * p is the number of padding bytes 561 * p is the number of padding bytes
602 * (if it is a two-byte header, then p == 0) */ 562 * (if it is a two-byte header, then p == 0) */
603 563
604 s->s2->wlength=len; 564 s->s2->wlength = len;
605 s->s2->padding=p; 565 s->s2->padding = p;
606 s->s2->mac_data= &(s->s2->wbuf[3]); 566 s->s2->mac_data = &(s->s2->wbuf[3]);
607 s->s2->wact_data= &(s->s2->wbuf[3+mac_size]); 567 s->s2->wact_data = &(s->s2->wbuf[3 + mac_size]);
608 /* we copy the data into s->s2->wbuf */ 568 /* we copy the data into s->s2->wbuf */
609 memcpy(s->s2->wact_data,buf,len); 569 memcpy(s->s2->wact_data, buf, len);
610 if (p) 570 if (p)
611 memset(&(s->s2->wact_data[len]),0,p); /* arbitrary padding */ 571 memset(&(s->s2->wact_data[len]), 0, p); /* arbitrary padding */
612 572
613 if (!s->s2->clear_text) 573 if (!s->s2->clear_text) {
614 { 574 s->s2->wact_data_length = len + p;
615 s->s2->wact_data_length=len+p; 575 ssl2_mac(s, s->s2->mac_data, 1);
616 ssl2_mac(s,s->s2->mac_data,1); 576 s->s2->wlength += p + mac_size;
617 s->s2->wlength+=p+mac_size; 577 ssl2_enc(s, 1);
618 ssl2_enc(s,1); 578 }
619 }
620 579
621 /* package up the header */ 580 /* package up the header */
622 s->s2->wpend_len=s->s2->wlength; 581 s->s2->wpend_len = s->s2->wlength;
623 if (s->s2->three_byte_header) /* 3 byte header */ 582 if (s->s2->three_byte_header) /* 3 byte header */
624 { 583 {
625 pp=s->s2->mac_data; 584 pp = s->s2->mac_data;
626 pp-=3; 585 pp -= 3;
627 pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8); 586 pp[0] = (s->s2->wlength >> 8) & (THREE_BYTE_MASK >> 8);
628 if (s->s2->escape) pp[0]|=SEC_ESC_BIT; 587 if (s->s2->escape)
629 pp[1]=s->s2->wlength&0xff; 588 pp[0]|=SEC_ESC_BIT;
630 pp[2]=s->s2->padding; 589 pp[1] = s->s2->wlength&0xff;
631 s->s2->wpend_len+=3; 590 pp[2] = s->s2->padding;
632 } 591 s->s2->wpend_len += 3;
633 else 592 } else {
634 { 593 pp = s->s2->mac_data;
635 pp=s->s2->mac_data; 594 pp -= 2;
636 pp-=2; 595 pp[0] = ((s->s2->wlength >> 8) & (TWO_BYTE_MASK >> 8)) | TWO_BYTE_BIT;
637 pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT; 596 pp[1] = s->s2->wlength&0xff;
638 pp[1]=s->s2->wlength&0xff; 597 s->s2->wpend_len += 2;
639 s->s2->wpend_len+=2; 598 }
640 } 599 s->s2->write_ptr = pp;
641 s->s2->write_ptr=pp; 600
642
643 INC32(s->s2->write_sequence); /* expect next number */ 601 INC32(s->s2->write_sequence); /* expect next number */
644 602
645 /* lets try to actually write the data */ 603 /* lets try to actually write the data */
646 s->s2->wpend_tot=olen; 604 s->s2->wpend_tot = olen;
647 s->s2->wpend_buf=buf; 605 s->s2->wpend_buf = buf;
648 606
649 s->s2->wpend_ret=len; 607 s->s2->wpend_ret = len;
650 608
651 s->s2->wpend_off=0; 609 s->s2->wpend_off = 0;
652 return(write_pending(s,buf,olen)); 610 return (write_pending(s, buf, olen));
653 } 611}
654 612
655int ssl2_part_read(SSL *s, unsigned long f, int i) 613int
656 { 614ssl2_part_read(SSL *s, unsigned long f, int i)
615{
657 unsigned char *p; 616 unsigned char *p;
658 int j; 617 int j;
659 618
660 if (i < 0) 619 if (i < 0) {
661 {
662 /* ssl2_return_error(s); */ 620 /* ssl2_return_error(s); */
663 /* for non-blocking io, 621 /* for non-blocking io,
664 * this is not necessarily fatal */ 622 * this is not necessarily fatal */
665 return(i); 623 return (i);
666 } 624 } else {
667 else 625 s->init_num += i;
668 {
669 s->init_num+=i;
670 626
671 /* Check for error. While there are recoverable errors, 627 /* Check for error. While there are recoverable errors,
672 * this function is not called when those must be expected; 628 * this function is not called when those must be expected;
673 * any error detected here is fatal. */ 629 * any error detected here is fatal. */
674 if (s->init_num >= 3) 630 if (s->init_num >= 3) {
675 { 631 p = (unsigned char *)s->init_buf->data;
676 p=(unsigned char *)s->init_buf->data; 632 if (p[0] == SSL2_MT_ERROR) {
677 if (p[0] == SSL2_MT_ERROR) 633 j = (p[1]<<8)|p[2];
678 { 634 SSLerr((int)f, ssl_mt_error(j));
679 j=(p[1]<<8)|p[2];
680 SSLerr((int)f,ssl_mt_error(j));
681 s->init_num -= 3; 635 s->init_num -= 3;
682 if (s->init_num > 0) 636 if (s->init_num > 0)
683 memmove(p, p+3, s->init_num); 637 memmove(p, p + 3, s->init_num);
684 }
685 } 638 }
639 }
686 640
687 /* If it's not an error message, we have some error anyway -- 641 /* If it's not an error message, we have some error anyway --
688 * the message was shorter than expected. This too is treated 642 * the message was shorter than expected. This too is treated
689 * as fatal (at least if SSL_get_error is asked for its opinion). */ 643 * as fatal (at least if SSL_get_error is asked for its opinion). */
690 return(0); 644 return (0);
691 }
692 } 645 }
646}
693 647
694int ssl2_do_write(SSL *s) 648int
695 { 649ssl2_do_write(SSL *s)
650{
696 int ret; 651 int ret;
697 652
698 ret=ssl2_write(s,&s->init_buf->data[s->init_off],s->init_num); 653 ret = ssl2_write(s, &s->init_buf->data[s->init_off], s->init_num);
699 if (ret == s->init_num) 654 if (ret == s->init_num) {
700 {
701 if (s->msg_callback) 655 if (s->msg_callback)
702 s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg); 656 s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
703 return(1); 657 return (1);
704 }
705 if (ret < 0)
706 return(-1);
707 s->init_off+=ret;
708 s->init_num-=ret;
709 return(0);
710 } 658 }
711 659 if (ret < 0)
712static int ssl_mt_error(int n) 660 return (-1);
713 { 661 s->init_off += ret;
662 s->init_num -= ret;
663 return (0);
664}
665
666static int
667ssl_mt_error(int n)
668{
714 int ret; 669 int ret;
715 670
716 switch (n) 671 switch (n) {
717 {
718 case SSL2_PE_NO_CIPHER: 672 case SSL2_PE_NO_CIPHER:
719 ret=SSL_R_PEER_ERROR_NO_CIPHER; 673 ret = SSL_R_PEER_ERROR_NO_CIPHER;
720 break; 674 break;
721 case SSL2_PE_NO_CERTIFICATE: 675 case SSL2_PE_NO_CERTIFICATE:
722 ret=SSL_R_PEER_ERROR_NO_CERTIFICATE; 676 ret = SSL_R_PEER_ERROR_NO_CERTIFICATE;
723 break; 677 break;
724 case SSL2_PE_BAD_CERTIFICATE: 678 case SSL2_PE_BAD_CERTIFICATE:
725 ret=SSL_R_PEER_ERROR_CERTIFICATE; 679 ret = SSL_R_PEER_ERROR_CERTIFICATE;
726 break; 680 break;
727 case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE: 681 case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
728 ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE; 682 ret = SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
729 break; 683 break;
730 default: 684 default:
731 ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE; 685 ret = SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
732 break; 686 break;
733 }
734 return(ret);
735 } 687 }
688 return (ret);
689}
736#else /* !OPENSSL_NO_SSL2 */ 690#else /* !OPENSSL_NO_SSL2 */
737 691
738# if PEDANTIC 692# if PEDANTIC
739static void *dummy=&dummy; 693static void *dummy = &dummy;
740# endif 694# endif
741 695
742#endif 696#endif
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c
index cac405db7c..aa63fe85ba 100644
--- a/src/lib/libssl/src/ssl/s2_srvr.c
+++ b/src/lib/libssl/src/ssl/s2_srvr.c
@@ -120,174 +120,181 @@
120static const SSL_METHOD *ssl2_get_server_method(int ver); 120static const SSL_METHOD *ssl2_get_server_method(int ver);
121static int get_client_master_key(SSL *s); 121static int get_client_master_key(SSL *s);
122static int get_client_hello(SSL *s); 122static int get_client_hello(SSL *s);
123static int server_hello(SSL *s); 123static int server_hello(SSL *s);
124
124static int get_client_finished(SSL *s); 125static int get_client_finished(SSL *s);
125static int server_verify(SSL *s); 126static int server_verify(SSL *s);
126static int server_finish(SSL *s); 127static int server_finish(SSL *s);
127static int request_certificate(SSL *s); 128static int request_certificate(SSL *s);
128static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, 129static int
129 unsigned char *to,int padding); 130ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
131unsigned char *to, int padding);
130#define BREAK break 132#define BREAK break
131 133
132static const SSL_METHOD *ssl2_get_server_method(int ver) 134static const SSL_METHOD
133 { 135*ssl2_get_server_method(int ver)
136{
134 if (ver == SSL2_VERSION) 137 if (ver == SSL2_VERSION)
135 return(SSLv2_server_method()); 138 return (SSLv2_server_method());
136 else 139 else
137 return(NULL); 140 return (NULL);
138 } 141}
139 142
140IMPLEMENT_ssl2_meth_func(SSLv2_server_method, 143IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
141 ssl2_accept, 144 ssl2_accept, ssl_undefined_function, ssl2_get_server_method)
142 ssl_undefined_function, 145
143 ssl2_get_server_method) 146int
144 147ssl2_accept(SSL *s)
145int ssl2_accept(SSL *s) 148{
146 { 149 unsigned long l = (unsigned long)time(NULL);
147 unsigned long l=(unsigned long)time(NULL); 150 BUF_MEM *buf = NULL;
148 BUF_MEM *buf=NULL; 151 int ret = -1;
149 int ret= -1;
150 long num1; 152 long num1;
151 void (*cb)(const SSL *ssl,int type,int val)=NULL; 153 void (*cb)(const SSL *ssl, int type, int val) = NULL;
152 int new_state,state; 154 int new_state, state;
153 155
154 RAND_add(&l,sizeof(l),0); 156 RAND_add(&l, sizeof(l), 0);
155 ERR_clear_error(); 157 ERR_clear_error();
156 errno = 0; 158 errno = 0;
157 159
158 if (s->info_callback != NULL) 160 if (s->info_callback != NULL)
159 cb=s->info_callback; 161 cb = s->info_callback;
160 else if (s->ctx->info_callback != NULL) 162 else if (s->ctx->info_callback != NULL)
161 cb=s->ctx->info_callback; 163 cb = s->ctx->info_callback;
162 164
163 /* init things to blank */ 165 /* init things to blank */
164 s->in_handshake++; 166 s->in_handshake++;
165 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 167 if (!SSL_in_init(s) || SSL_in_before(s))
168 SSL_clear(s);
166 169
167 if (s->cert == NULL) 170 if (s->cert == NULL) {
168 { 171 SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
169 SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET); 172 return (-1);
170 return(-1); 173 }
171 }
172 174
173 errno = 0; 175 errno = 0;
174 for (;;) 176 for (;;) {
175 { 177 state = s->state;
176 state=s->state;
177 178
178 switch (s->state) 179 switch (s->state) {
179 {
180 case SSL_ST_BEFORE: 180 case SSL_ST_BEFORE:
181 case SSL_ST_ACCEPT: 181 case SSL_ST_ACCEPT:
182 case SSL_ST_BEFORE|SSL_ST_ACCEPT: 182 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
183 case SSL_ST_OK|SSL_ST_ACCEPT: 183 case SSL_ST_OK|SSL_ST_ACCEPT:
184 184
185 s->server=1; 185 s->server = 1;
186 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 186 if (cb != NULL)
187 cb(s, SSL_CB_HANDSHAKE_START, 1);
187 188
188 s->version=SSL2_VERSION; 189 s->version = SSL2_VERSION;
189 s->type=SSL_ST_ACCEPT; 190 s->type = SSL_ST_ACCEPT;
190 191
191 buf=s->init_buf; 192 buf = s->init_buf;
192 if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) 193 if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
193 { ret= -1; goto end; } 194 ret = -1;
194 if (!BUF_MEM_grow(buf,(int) 195 goto end;
195 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) 196 }
196 { ret= -1; goto end; } 197 if (!BUF_MEM_grow(buf,
197 s->init_buf=buf; 198 (int)SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
198 s->init_num=0; 199 ret = -1;
200 goto end;
201 }
202 s->init_buf = buf;
203 s->init_num = 0;
199 s->ctx->stats.sess_accept++; 204 s->ctx->stats.sess_accept++;
200 s->handshake_func=ssl2_accept; 205 s->handshake_func = ssl2_accept;
201 s->state=SSL2_ST_GET_CLIENT_HELLO_A; 206 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
202 BREAK; 207 BREAK;
203 208
204 case SSL2_ST_GET_CLIENT_HELLO_A: 209 case SSL2_ST_GET_CLIENT_HELLO_A:
205 case SSL2_ST_GET_CLIENT_HELLO_B: 210 case SSL2_ST_GET_CLIENT_HELLO_B:
206 case SSL2_ST_GET_CLIENT_HELLO_C: 211 case SSL2_ST_GET_CLIENT_HELLO_C:
207 s->shutdown=0; 212 s->shutdown = 0;
208 ret=get_client_hello(s); 213 ret = get_client_hello(s);
209 if (ret <= 0) goto end; 214 if (ret <= 0)
210 s->init_num=0; 215 goto end;
211 s->state=SSL2_ST_SEND_SERVER_HELLO_A; 216 s->init_num = 0;
217 s->state = SSL2_ST_SEND_SERVER_HELLO_A;
212 BREAK; 218 BREAK;
213 219
214 case SSL2_ST_SEND_SERVER_HELLO_A: 220 case SSL2_ST_SEND_SERVER_HELLO_A:
215 case SSL2_ST_SEND_SERVER_HELLO_B: 221 case SSL2_ST_SEND_SERVER_HELLO_B:
216 ret=server_hello(s); 222 ret = server_hello(s);
217 if (ret <= 0) goto end; 223 if (ret <= 0)
218 s->init_num=0; 224 goto end;
219 if (!s->hit) 225 s->init_num = 0;
220 { 226 if (!s->hit) {
221 s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A; 227 s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_A;
222 BREAK; 228 BREAK;
223 } 229 } else {
224 else 230 s->state = SSL2_ST_SERVER_START_ENCRYPTION;
225 {
226 s->state=SSL2_ST_SERVER_START_ENCRYPTION;
227 BREAK; 231 BREAK;
228 } 232 }
229 case SSL2_ST_GET_CLIENT_MASTER_KEY_A: 233 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
230 case SSL2_ST_GET_CLIENT_MASTER_KEY_B: 234 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
231 ret=get_client_master_key(s); 235 ret = get_client_master_key(s);
232 if (ret <= 0) goto end; 236 if (ret <= 0)
233 s->init_num=0; 237 goto end;
234 s->state=SSL2_ST_SERVER_START_ENCRYPTION; 238 s->init_num = 0;
239 s->state = SSL2_ST_SERVER_START_ENCRYPTION;
235 BREAK; 240 BREAK;
236 241
237 case SSL2_ST_SERVER_START_ENCRYPTION: 242 case SSL2_ST_SERVER_START_ENCRYPTION:
238 /* Ok we how have sent all the stuff needed to 243 /* Ok we how have sent all the stuff needed to
239 * start encrypting, the next packet back will 244 * start encrypting, the next packet back will
240 * be encrypted. */ 245 * be encrypted. */
241 if (!ssl2_enc_init(s,0)) 246 if (!ssl2_enc_init(s, 0)) {
242 { ret= -1; goto end; } 247 ret = -1;
243 s->s2->clear_text=0; 248 goto end;
244 s->state=SSL2_ST_SEND_SERVER_VERIFY_A; 249 }
250 s->s2->clear_text = 0;
251 s->state = SSL2_ST_SEND_SERVER_VERIFY_A;
245 BREAK; 252 BREAK;
246 253
247 case SSL2_ST_SEND_SERVER_VERIFY_A: 254 case SSL2_ST_SEND_SERVER_VERIFY_A:
248 case SSL2_ST_SEND_SERVER_VERIFY_B: 255 case SSL2_ST_SEND_SERVER_VERIFY_B:
249 ret=server_verify(s); 256 ret = server_verify(s);
250 if (ret <= 0) goto end; 257 if (ret <= 0)
251 s->init_num=0; 258 goto end;
252 if (s->hit) 259 s->init_num = 0;
253 { 260 if (s->hit) {
254 /* If we are in here, we have been 261 /* If we are in here, we have been
255 * buffering the output, so we need to 262 * buffering the output, so we need to
256 * flush it and remove buffering from 263 * flush it and remove buffering from
257 * future traffic */ 264 * future traffic */
258 s->state=SSL2_ST_SEND_SERVER_VERIFY_C; 265 s->state = SSL2_ST_SEND_SERVER_VERIFY_C;
259 BREAK; 266 BREAK;
260 } 267 } else {
261 else 268 s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
262 {
263 s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
264 break; 269 break;
265 } 270 }
266 271
267 case SSL2_ST_SEND_SERVER_VERIFY_C: 272 case SSL2_ST_SEND_SERVER_VERIFY_C:
268 /* get the number of bytes to write */ 273 /* get the number of bytes to write */
269 num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); 274 num1 = BIO_ctrl(s->wbio, BIO_CTRL_INFO, 0, NULL);
270 if (num1 > 0) 275 if (num1 > 0) {
271 { 276 s->rwstate = SSL_WRITING;
272 s->rwstate=SSL_WRITING; 277 num1 = BIO_flush(s->wbio);
273 num1=BIO_flush(s->wbio); 278 if (num1 <= 0) {
274 if (num1 <= 0) { ret= -1; goto end; } 279 ret = -1;
275 s->rwstate=SSL_NOTHING; 280 goto end;
276 } 281 }
282 s->rwstate = SSL_NOTHING;
283 }
277 284
278 /* flushed and now remove buffering */ 285 /* flushed and now remove buffering */
279 s->wbio=BIO_pop(s->wbio); 286 s->wbio = BIO_pop(s->wbio);
280 287
281 s->state=SSL2_ST_GET_CLIENT_FINISHED_A; 288 s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
282 BREAK; 289 BREAK;
283 290
284 case SSL2_ST_GET_CLIENT_FINISHED_A: 291 case SSL2_ST_GET_CLIENT_FINISHED_A:
285 case SSL2_ST_GET_CLIENT_FINISHED_B: 292 case SSL2_ST_GET_CLIENT_FINISHED_B:
286 ret=get_client_finished(s); 293 ret = get_client_finished(s);
287 if (ret <= 0) 294 if (ret <= 0)
288 goto end; 295 goto end;
289 s->init_num=0; 296 s->init_num = 0;
290 s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A; 297 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
291 BREAK; 298 BREAK;
292 299
293 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: 300 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
@@ -298,229 +305,216 @@ int ssl2_accept(SSL *s)
298 * don't want to, or we already have one, and 305 * don't want to, or we already have one, and
299 * we only want to do it once. */ 306 * we only want to do it once. */
300 if (!(s->verify_mode & SSL_VERIFY_PEER) || 307 if (!(s->verify_mode & SSL_VERIFY_PEER) ||
301 ((s->session->peer != NULL) && 308 ((s->session->peer != NULL) &&
302 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) 309 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) {
303 { 310 s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
304 s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
305 break; 311 break;
306 } 312 } else {
307 else 313 ret = request_certificate(s);
308 { 314 if (ret <= 0)
309 ret=request_certificate(s); 315 goto end;
310 if (ret <= 0) goto end; 316 s->init_num = 0;
311 s->init_num=0; 317 s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
312 s->state=SSL2_ST_SEND_SERVER_FINISHED_A; 318 }
313 }
314 BREAK; 319 BREAK;
315 320
316 case SSL2_ST_SEND_SERVER_FINISHED_A: 321 case SSL2_ST_SEND_SERVER_FINISHED_A:
317 case SSL2_ST_SEND_SERVER_FINISHED_B: 322 case SSL2_ST_SEND_SERVER_FINISHED_B:
318 ret=server_finish(s); 323 ret = server_finish(s);
319 if (ret <= 0) goto end; 324 if (ret <= 0)
320 s->init_num=0; 325 goto end;
321 s->state=SSL_ST_OK; 326 s->init_num = 0;
327 s->state = SSL_ST_OK;
322 break; 328 break;
323 329
324 case SSL_ST_OK: 330 case SSL_ST_OK:
325 BUF_MEM_free(s->init_buf); 331 BUF_MEM_free(s->init_buf);
326 ssl_free_wbio_buffer(s); 332 ssl_free_wbio_buffer(s);
327 s->init_buf=NULL; 333 s->init_buf = NULL;
328 s->init_num=0; 334 s->init_num = 0;
329 /* ERR_clear_error();*/ 335 /* ERR_clear_error();*/
330 336
331 ssl_update_cache(s,SSL_SESS_CACHE_SERVER); 337 ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
332 338
333 s->ctx->stats.sess_accept_good++; 339 s->ctx->stats.sess_accept_good++;
334 /* s->server=1; */ 340 /* s->server=1; */
335 ret=1; 341 ret = 1;
336 342
337 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); 343 if (cb != NULL)
344 cb(s, SSL_CB_HANDSHAKE_DONE, 1);
338 345
339 goto end; 346 goto end;
340 /* BREAK; */ 347 /* BREAK; */
341 348
342 default: 349 default:
343 SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE); 350 SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_UNKNOWN_STATE);
344 ret= -1; 351 ret = -1;
345 goto end; 352 goto end;
346 /* BREAK; */ 353 /* BREAK; */
347 }
348
349 if ((cb != NULL) && (s->state != state))
350 {
351 new_state=s->state;
352 s->state=state;
353 cb(s,SSL_CB_ACCEPT_LOOP,1);
354 s->state=new_state;
355 }
356 } 354 }
355
356 if ((cb != NULL) && (s->state != state)) {
357 new_state = s->state;
358 s->state = state;
359 cb(s, SSL_CB_ACCEPT_LOOP, 1);
360 s->state = new_state;
361 }
362 }
357end: 363end:
358 s->in_handshake--; 364 s->in_handshake--;
359 if (cb != NULL) 365 if (cb != NULL)
360 cb(s,SSL_CB_ACCEPT_EXIT,ret); 366 cb(s, SSL_CB_ACCEPT_EXIT, ret);
361 return(ret); 367 return (ret);
362 } 368}
363 369
364static int get_client_master_key(SSL *s) 370static int
365 { 371get_client_master_key(SSL *s)
366 int is_export,i,n,keya,ek; 372{
373 int is_export, i, n, keya, ek;
367 unsigned long len; 374 unsigned long len;
368 unsigned char *p; 375 unsigned char *p;
369 const SSL_CIPHER *cp; 376 const SSL_CIPHER *cp;
370 const EVP_CIPHER *c; 377 const EVP_CIPHER *c;
371 const EVP_MD *md; 378 const EVP_MD *md;
372 379
373 p=(unsigned char *)s->init_buf->data; 380 p = (unsigned char *)s->init_buf->data;
374 if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) 381 if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
375 { 382 i = ssl2_read(s,(char *)&(p[s->init_num]), 10 - s->init_num);
376 i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num);
377 383
378 if (i < (10-s->init_num)) 384 if (i < (10 - s->init_num))
379 return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); 385 return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
380 s->init_num = 10; 386 s->init_num = 10;
381 387
382 if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) 388 if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) {
383 { 389 if (p[-1] != SSL2_MT_ERROR) {
384 if (p[-1] != SSL2_MT_ERROR) 390 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
385 { 391 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_READ_WRONG_PACKET_TYPE);
386 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 392 } else
387 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE);
388 }
389 else
390 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR); 393 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
391 return(-1); 394 return (-1);
392 } 395 }
393 396
394 cp=ssl2_get_cipher_by_char(p); 397 cp = ssl2_get_cipher_by_char(p);
395 if (cp == NULL) 398 if (cp == NULL) {
396 { 399 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
397 ssl2_return_error(s,SSL2_PE_NO_CIPHER);
398 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); 400 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
399 return(-1); 401 return (-1);
400 } 402 }
401 s->session->cipher= cp; 403 s->session->cipher = cp;
402 404
403 p+=3; 405 p += 3;
404 n2s(p,i); s->s2->tmp.clear=i; 406 n2s(p, i);
405 n2s(p,i); s->s2->tmp.enc=i; 407 s->s2->tmp.clear = i;
406 n2s(p,i); 408 n2s(p, i);
407 if(i > SSL_MAX_KEY_ARG_LENGTH) 409 s->s2->tmp.enc = i;
408 { 410 n2s(p, i);
409 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 411 if (i > SSL_MAX_KEY_ARG_LENGTH) {
412 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
410 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG); 413 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
411 return -1; 414 return -1;
412 }
413 s->session->key_arg_length=i;
414 s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
415 } 415 }
416 s->session->key_arg_length = i;
417 s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_B;
418 }
416 419
417 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ 420 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
418 p=(unsigned char *)s->init_buf->data; 421 p = (unsigned char *)s->init_buf->data;
419 if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 422 if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
420 { 423 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
421 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
422 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 424 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
423 return -1; 425 return -1;
424 } 426 }
425 keya=s->session->key_arg_length; 427 keya = s->session->key_arg_length;
426 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya; 428 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
427 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 429 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
428 { 430 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
429 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 431 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_MESSAGE_TOO_LONG);
430 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_MESSAGE_TOO_LONG);
431 return -1; 432 return -1;
432 } 433 }
433 n = (int)len - s->init_num; 434 n = (int)len - s->init_num;
434 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 435 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
435 if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); 436 if (i != n)
437 return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
436 if (s->msg_callback) 438 if (s->msg_callback)
437 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */ 439 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */
438 p += 10; 440 p += 10;
439 441
440 memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]), 442 memcpy(s->session->key_arg, &(p[s->s2->tmp.clear + s->s2->tmp.enc]),
441 (unsigned int)keya); 443 (unsigned int)keya);
442 444
443 if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) 445 if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) {
444 { 446 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
445 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 447 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY);
446 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); 448 return (-1);
447 return(-1); 449 }
448 } 450 i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
449 i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, 451 &(p[s->s2->tmp.clear]), &(p[s->s2->tmp.clear]),
450 &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), 452 (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : RSA_PKCS1_PADDING);
451 (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
452 453
453 is_export=SSL_C_IS_EXPORT(s->session->cipher); 454 is_export = SSL_C_IS_EXPORT(s->session->cipher);
454
455 if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))
456 {
457 ssl2_return_error(s,SSL2_PE_NO_CIPHER);
458 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
459 return(0);
460 }
461 455
462 if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) 456 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
463 { 457 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
464 is_export=1; 458 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
465 ek=8; 459 return (0);
466 } 460 }
467 else 461
468 ek=5; 462 if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
463 is_export = 1;
464 ek = 8;
465 } else
466 ek = 5;
469 467
470 /* bad decrypt */ 468 /* bad decrypt */
471#if 1 469#if 1
472 /* If a bad decrypt, continue with protocol but with a 470 /* If a bad decrypt, continue with protocol but with a
473 * random master secret (Bleichenbacher attack) */ 471 * random master secret (Bleichenbacher attack) */
474 if ((i < 0) || 472 if ((i < 0) || ((!is_export && (i != EVP_CIPHER_key_length(c))) ||
475 ((!is_export && (i != EVP_CIPHER_key_length(c))) 473 (is_export && ((i != ek) || (s->s2->tmp.clear + (unsigned int)i !=
476 || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i != 474 (unsigned int)EVP_CIPHER_key_length(c)))))) {
477 (unsigned int)EVP_CIPHER_key_length(c))))))
478 {
479 ERR_clear_error(); 475 ERR_clear_error();
480 if (is_export) 476 if (is_export)
481 i=ek; 477 i = ek;
482 else 478 else
483 i=EVP_CIPHER_key_length(c); 479 i = EVP_CIPHER_key_length(c);
484 if (RAND_pseudo_bytes(p,i) <= 0) 480 if (RAND_pseudo_bytes(p, i) <= 0)
485 return 0; 481 return 0;
486 } 482 }
487#else 483#else
488 if (i < 0) 484 if (i < 0) {
489 { 485 error = 1;
490 error=1; 486 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_BAD_RSA_DECRYPT);
491 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT); 487 }
492 }
493 /* incorrect number of key bytes for non export cipher */ 488 /* incorrect number of key bytes for non export cipher */
494 else if ((!is_export && (i != EVP_CIPHER_key_length(c))) 489 else if ((!is_export && (i != EVP_CIPHER_key_length(c))) ||
495 || (is_export && ((i != ek) || (s->s2->tmp.clear+i != 490 (is_export && ((i != ek) || (s->s2->tmp.clear + i !=
496 EVP_CIPHER_key_length(c))))) 491 EVP_CIPHER_key_length(c))))) {
497 { 492 error = 1;
498 error=1; 493 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_WRONG_NUMBER_OF_KEY_BITS);
499 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS); 494 }
500 } 495 if (error) {
501 if (error) 496 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
502 { 497 return (-1);
503 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 498 }
504 return(-1);
505 }
506#endif 499#endif
507 500
508 if (is_export) i+=s->s2->tmp.clear; 501 if (is_export)
502 i += s->s2->tmp.clear;
509 503
510 if (i > SSL_MAX_MASTER_KEY_LENGTH) 504 if (i > SSL_MAX_MASTER_KEY_LENGTH) {
511 { 505 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
512 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
513 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 506 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
514 return -1; 507 return -1;
515 }
516 s->session->master_key_length=i;
517 memcpy(s->session->master_key,p,(unsigned int)i);
518 return(1);
519 } 508 }
520 509 s->session->master_key_length = i;
521static int get_client_hello(SSL *s) 510 memcpy(s->session->master_key, p,(unsigned int)i);
522 { 511 return (1);
523 int i,n; 512}
513
514static int
515get_client_hello(SSL *s)
516{
517 int i, n;
524 unsigned long len; 518 unsigned long len;
525 unsigned char *p; 519 unsigned char *p;
526 STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */ 520 STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
@@ -530,58 +524,56 @@ static int get_client_hello(SSL *s)
530 524
531 /* This is a bit of a hack to check for the correct packet 525 /* This is a bit of a hack to check for the correct packet
532 * type the first time round. */ 526 * type the first time round. */
533 if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) 527 if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) {
534 { 528 s->first_packet = 1;
535 s->first_packet=1; 529 s->state = SSL2_ST_GET_CLIENT_HELLO_B;
536 s->state=SSL2_ST_GET_CLIENT_HELLO_B; 530 }
537 }
538 531
539 p=(unsigned char *)s->init_buf->data; 532 p = (unsigned char *)s->init_buf->data;
540 if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) 533 if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) {
541 { 534 i = ssl2_read(s,(char *)&(p[s->init_num]), 9 - s->init_num);
542 i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num); 535 if (i < (9 - s->init_num))
543 if (i < (9-s->init_num)) 536 return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
544 return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
545 s->init_num = 9; 537 s->init_num = 9;
546 538
547 if (*(p++) != SSL2_MT_CLIENT_HELLO) 539 if (*(p++) != SSL2_MT_CLIENT_HELLO) {
548 { 540 if (p[-1] != SSL2_MT_ERROR) {
549 if (p[-1] != SSL2_MT_ERROR) 541 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
550 { 542 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
551 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 543 } else
552 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE); 544 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_PEER_ERROR);
553 } 545 return (-1);
554 else 546 }
555 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); 547 n2s(p, i);
556 return(-1); 548 if (i < s->version)
557 } 549 s->version = i;
558 n2s(p,i); 550 n2s(p, i);
559 if (i < s->version) s->version=i; 551 s->s2->tmp.cipher_spec_length = i;
560 n2s(p,i); s->s2->tmp.cipher_spec_length=i; 552 n2s(p, i);
561 n2s(p,i); s->s2->tmp.session_id_length=i; 553 s->s2->tmp.session_id_length = i;
562 n2s(p,i); s->s2->challenge_length=i; 554 n2s(p, i);
563 if ( (i < SSL2_MIN_CHALLENGE_LENGTH) || 555 s->s2->challenge_length = i;
564 (i > SSL2_MAX_CHALLENGE_LENGTH)) 556 if ((i < SSL2_MIN_CHALLENGE_LENGTH) ||
565 { 557 (i > SSL2_MAX_CHALLENGE_LENGTH)) {
566 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 558 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
567 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH); 559 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_INVALID_CHALLENGE_LENGTH);
568 return(-1); 560 return (-1);
569 }
570 s->state=SSL2_ST_GET_CLIENT_HELLO_C;
571 } 561 }
562 s->state = SSL2_ST_GET_CLIENT_HELLO_C;
563 }
572 564
573 /* SSL2_ST_GET_CLIENT_HELLO_C */ 565 /* SSL2_ST_GET_CLIENT_HELLO_C */
574 p=(unsigned char *)s->init_buf->data; 566 p = (unsigned char *)s->init_buf->data;
575 len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length; 567 len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length;
576 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 568 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
577 { 569 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
578 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 570 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_MESSAGE_TOO_LONG);
579 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_MESSAGE_TOO_LONG);
580 return -1; 571 return -1;
581 } 572 }
582 n = (int)len - s->init_num; 573 n = (int)len - s->init_num;
583 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 574 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
584 if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i)); 575 if (i != n)
576 return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
585 if (s->msg_callback) 577 if (s->msg_callback)
586 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */ 578 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */
587 p += 9; 579 p += 9;
@@ -589,138 +581,120 @@ static int get_client_hello(SSL *s)
589 /* get session-id before cipher stuff so we can get out session 581 /* get session-id before cipher stuff so we can get out session
590 * structure if it is cached */ 582 * structure if it is cached */
591 /* session-id */ 583 /* session-id */
592 if ((s->s2->tmp.session_id_length != 0) && 584 if ((s->s2->tmp.session_id_length != 0) &&
593 (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) 585 (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) {
594 { 586 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
595 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 587 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_BAD_SSL_SESSION_ID_LENGTH);
596 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH); 588 return (-1);
597 return(-1); 589 }
598 }
599 590
600 if (s->s2->tmp.session_id_length == 0) 591 if (s->s2->tmp.session_id_length == 0) {
601 { 592 if (!ssl_get_new_session(s, 1)) {
602 if (!ssl_get_new_session(s,1)) 593 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
603 { 594 return (-1);
604 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
605 return(-1);
606 }
607 } 595 }
608 else 596 } else {
609 { 597 i = ssl_get_prev_session(s, &(p[s->s2->tmp.cipher_spec_length]),
610 i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]), 598 s->s2->tmp.session_id_length, NULL);
611 s->s2->tmp.session_id_length, NULL);
612 if (i == 1) 599 if (i == 1)
613 { /* previous session */ 600 { /* previous session */
614 s->hit=1; 601 s->hit = 1;
602 } else if (i == -1) {
603 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
604 return (-1);
605 } else {
606 if (s->cert == NULL) {
607 ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
608 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CERTIFICATE_SET);
609 return (-1);
615 } 610 }
616 else if (i == -1)
617 {
618 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
619 return(-1);
620 }
621 else
622 {
623 if (s->cert == NULL)
624 {
625 ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
626 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET);
627 return(-1);
628 }
629 611
630 if (!ssl_get_new_session(s,1)) 612 if (!ssl_get_new_session(s, 1)) {
631 { 613 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
632 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 614 return (-1);
633 return(-1);
634 }
635 } 615 }
636 } 616 }
617 }
637 618
638 if (!s->hit) 619 if (!s->hit) {
639 { 620 cs = ssl_bytes_to_cipher_list(s, p,
640 cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length, 621 s->s2->tmp.cipher_spec_length, &s->session->ciphers);
641 &s->session->ciphers); 622 if (cs == NULL)
642 if (cs == NULL) goto mem_err; 623 goto mem_err;
643 624
644 cl=SSL_get_ciphers(s); 625 cl = SSL_get_ciphers(s);
645 626
646 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) 627 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
647 { 628 prio = sk_SSL_CIPHER_dup(cl);
648 prio=sk_SSL_CIPHER_dup(cl); 629 if (prio == NULL)
649 if (prio == NULL) goto mem_err; 630 goto mem_err;
650 allow = cs; 631 allow = cs;
651 } 632 } else {
652 else 633 prio = cs;
653 { 634 allow = cl;
654 prio = cs; 635 }
655 allow = cl; 636 for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
656 } 637 if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) {
657 for (z=0; z<sk_SSL_CIPHER_num(prio); z++) 638 (void)sk_SSL_CIPHER_delete(prio, z);
658 {
659 if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0)
660 {
661 (void)sk_SSL_CIPHER_delete(prio,z);
662 z--; 639 z--;
663 }
664 } 640 }
665 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) 641 }
666 { 642 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
667 sk_SSL_CIPHER_free(s->session->ciphers); 643 sk_SSL_CIPHER_free(s->session->ciphers);
668 s->session->ciphers = prio; 644 s->session->ciphers = prio;
669 } 645 }
670 /* s->session->ciphers should now have a list of 646 /* s->session->ciphers should now have a list of
671 * ciphers that are on both the client and server. 647 * ciphers that are on both the client and server.
672 * This list is ordered by the order the client sent 648 * This list is ordered by the order the client sent
673 * the ciphers or in the order of the server's preference 649 * the ciphers or in the order of the server's preference
674 * if SSL_OP_CIPHER_SERVER_PREFERENCE was set. 650 * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
675 */ 651 */
676 } 652 }
677 p+=s->s2->tmp.cipher_spec_length; 653 p += s->s2->tmp.cipher_spec_length;
678 /* done cipher selection */ 654 /* done cipher selection */
679 655
680 /* session id extracted already */ 656 /* session id extracted already */
681 p+=s->s2->tmp.session_id_length; 657 p += s->s2->tmp.session_id_length;
682 658
683 /* challenge */ 659 /* challenge */
684 if (s->s2->challenge_length > sizeof s->s2->challenge) 660 if (s->s2->challenge_length > sizeof s->s2->challenge) {
685 { 661 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
686 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
687 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); 662 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
688 return -1; 663 return -1;
689 }
690 memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
691 return(1);
692mem_err:
693 SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
694 return(0);
695 } 664 }
696 665 memcpy(s->s2->challenge, p, (unsigned int)s->s2->challenge_length);
697static int server_hello(SSL *s) 666 return (1);
698 { 667mem_err:
699 unsigned char *p,*d; 668 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_MALLOC_FAILURE);
700 int n,hit; 669 return (0);
701 670}
702 p=(unsigned char *)s->init_buf->data; 671
703 if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) 672static int
704 { 673server_hello(SSL *s)
705 d=p+11; 674{
706 *(p++)=SSL2_MT_SERVER_HELLO; /* type */ 675 unsigned char *p, *d;
707 hit=s->hit; 676 int n, hit;
708 *(p++)=(unsigned char)hit; 677
678 p = (unsigned char *)s->init_buf->data;
679 if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) {
680 d = p + 11;
681 *(p++) = SSL2_MT_SERVER_HELLO;
682 /* type */
683 hit = s->hit;
684 *(p++) = (unsigned char)hit;
709#if 1 685#if 1
710 if (!hit) 686 if (!hit) {
711 {
712 if (s->session->sess_cert != NULL) 687 if (s->session->sess_cert != NULL)
713 /* This can't really happen because get_client_hello 688 /* This can't really happen because get_client_hello
714 * has called ssl_get_new_session, which does not set 689 * has called ssl_get_new_session, which does not set
715 * sess_cert. */ 690 * sess_cert. */
716 ssl_sess_cert_free(s->session->sess_cert); 691 ssl_sess_cert_free(s->session->sess_cert);
717 s->session->sess_cert = ssl_sess_cert_new(); 692 s->session->sess_cert = ssl_sess_cert_new();
718 if (s->session->sess_cert == NULL) 693 if (s->session->sess_cert == NULL) {
719 {
720 SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE); 694 SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
721 return(-1); 695 return (-1);
722 }
723 } 696 }
697 }
724 /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL, 698 /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
725 * depending on whether it survived in the internal cache 699 * depending on whether it survived in the internal cache
726 * or was retrieved from an external cache. 700 * or was retrieved from an external cache.
@@ -730,419 +704,391 @@ static int server_hello(SSL *s)
730 704
731#else /* That's what used to be done when cert_st and sess_cert_st were 705#else /* That's what used to be done when cert_st and sess_cert_st were
732 * the same. */ 706 * the same. */
733 if (!hit) 707 if (!hit) { /* else add cert to session */
734 { /* else add cert to session */ 708 CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
735 CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);
736 if (s->session->sess_cert != NULL) 709 if (s->session->sess_cert != NULL)
737 ssl_cert_free(s->session->sess_cert); 710 ssl_cert_free(s->session->sess_cert);
738 s->session->sess_cert=s->cert; 711 s->session->sess_cert = s->cert;
739 } 712
740 else /* We have a session id-cache hit, if the 713 } else /* We have a session id - cache hit, if the
741 * session-id has no certificate listed against 714 * session - id has no certificate listed against
742 * the 'cert' structure, grab the 'old' one 715 * the 'cert' structure, grab the 'old' one
743 * listed against the SSL connection */ 716 * listed against the SSL connection */
744 { 717 {
745 if (s->session->sess_cert == NULL) 718 if (s->session->sess_cert == NULL) {
746 { 719 CRYPTO_add(&s->cert->references, 1,
747 CRYPTO_add(&s->cert->references,1, 720 CRYPTO_LOCK_SSL_CERT);
748 CRYPTO_LOCK_SSL_CERT); 721 s->session->sess_cert = s->cert;
749 s->session->sess_cert=s->cert;
750 }
751 } 722 }
723 }
752#endif 724#endif
753 725
754 if (s->cert == NULL) 726 if (s->cert == NULL) {
755 { 727 ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
756 ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE); 728 SSLerr(SSL_F_SERVER_HELLO, SSL_R_NO_CERTIFICATE_SPECIFIED);
757 SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED); 729 return (-1);
758 return(-1); 730 }
759 }
760 731
761 if (hit) 732 if (hit) {
762 { 733 *(p++) = 0;
763 *(p++)=0; /* no certificate type */ 734 /* no certificate type */
764 s2n(s->version,p); /* version */ 735 s2n(s->version,p); /* version */
765 s2n(0,p); /* cert len */ 736 s2n(0, p);
766 s2n(0,p); /* ciphers len */ 737 /* cert len */
767 } 738 s2n(0, p);
768 else 739 /* ciphers len */
769 { 740 } else {
770 /* EAY EAY */ 741 /* EAY EAY */
771 /* put certificate type */ 742 /* put certificate type */
772 *(p++)=SSL2_CT_X509_CERTIFICATE; 743 *(p++) = SSL2_CT_X509_CERTIFICATE;
773 s2n(s->version,p); /* version */ 744 s2n(s->version,p); /* version */
774 n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); 745 n = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
775 s2n(n,p); /* certificate length */ 746 s2n(n, p);
776 i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d); 747 /* certificate length */
777 n=0; 748 i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &d);
778 749 n = 0;
750
779 /* lets send out the ciphers we like in the 751 /* lets send out the ciphers we like in the
780 * prefered order */ 752 * prefered order */
781 n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0); 753 n = ssl_cipher_list_to_bytes(s, s->session->ciphers, d, 0);
782 d+=n; 754 d += n;
783 s2n(n,p); /* add cipher length */ 755 s2n(n, p);
784 } 756 /* add cipher length */
757 }
785 758
786 /* make and send conn_id */ 759 /* make and send conn_id */
787 s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */ 760 s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */
788 s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH; 761 s->s2->conn_id_length = SSL2_CONNECTION_ID_LENGTH;
789 if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0) 762 if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0)
790 return -1; 763 return -1;
791 memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH); 764 memcpy(d, s->s2->conn_id, SSL2_CONNECTION_ID_LENGTH);
792 d+=SSL2_CONNECTION_ID_LENGTH; 765 d += SSL2_CONNECTION_ID_LENGTH;
793 766
794 s->state=SSL2_ST_SEND_SERVER_HELLO_B; 767 s->state = SSL2_ST_SEND_SERVER_HELLO_B;
795 s->init_num=d-(unsigned char *)s->init_buf->data; 768 s->init_num = d - (unsigned char *)s->init_buf->data;
796 s->init_off=0; 769 s->init_off = 0;
797 } 770 }
798 /* SSL2_ST_SEND_SERVER_HELLO_B */ 771 /* SSL2_ST_SEND_SERVER_HELLO_B */
799 /* If we are using TCP/IP, the performance is bad if we do 2 772 /* If we are using TCP/IP, the performance is bad if we do 2
800 * writes without a read between them. This occurs when 773 * writes without a read between them. This occurs when
801 * Session-id reuse is used, so I will put in a buffering module 774 * Session-id reuse is used, so I will put in a buffering module
802 */ 775 */
803 if (s->hit) 776 if (s->hit) {
804 { 777 if (!ssl_init_wbio_buffer(s, 1))
805 if (!ssl_init_wbio_buffer(s,1)) return(-1); 778 return (-1);
806 }
807
808 return(ssl2_do_write(s));
809 } 779 }
810 780
811static int get_client_finished(SSL *s) 781 return (ssl2_do_write(s));
812 { 782}
783
784static int
785get_client_finished(SSL *s)
786{
813 unsigned char *p; 787 unsigned char *p;
814 int i, n; 788 int i, n;
815 unsigned long len; 789 unsigned long len;
816 790
817 p=(unsigned char *)s->init_buf->data; 791 p = (unsigned char *)s->init_buf->data;
818 if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) 792 if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) {
819 { 793 i = ssl2_read(s,(char *)&(p[s->init_num]), 1 - s->init_num);
820 i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); 794 if (i < 1 - s->init_num)
821 if (i < 1-s->init_num) 795 return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
822 return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
823 s->init_num += i; 796 s->init_num += i;
824 797
825 if (*p != SSL2_MT_CLIENT_FINISHED) 798 if (*p != SSL2_MT_CLIENT_FINISHED) {
826 { 799 if (*p != SSL2_MT_ERROR) {
827 if (*p != SSL2_MT_ERROR) 800 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
828 { 801 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_READ_WRONG_PACKET_TYPE);
829 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 802 } else {
830 SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE); 803 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_PEER_ERROR);
831 }
832 else
833 {
834 SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
835 /* try to read the error message */ 804 /* try to read the error message */
836 i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); 805 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
837 return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); 806 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
838 }
839 return(-1);
840 } 807 }
841 s->state=SSL2_ST_GET_CLIENT_FINISHED_B; 808 return (-1);
842 } 809 }
810 s->state = SSL2_ST_GET_CLIENT_FINISHED_B;
811 }
843 812
844 /* SSL2_ST_GET_CLIENT_FINISHED_B */ 813 /* SSL2_ST_GET_CLIENT_FINISHED_B */
845 if (s->s2->conn_id_length > sizeof s->s2->conn_id) 814 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
846 { 815 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
847 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
848 SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); 816 SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
849 return -1; 817 return -1;
850 } 818 }
851 len = 1 + (unsigned long)s->s2->conn_id_length; 819 len = 1 + (unsigned long)s->s2->conn_id_length;
852 n = (int)len - s->init_num; 820 n = (int)len - s->init_num;
853 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 821 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
854 if (i < n) 822 if (i < n) {
855 { 823 return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
856 return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i)); 824 }
857 }
858 if (s->msg_callback) 825 if (s->msg_callback)
859 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */ 826 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */
860 p += 1; 827 p += 1;
861 if (memcmp(p,s->s2->conn_id,s->s2->conn_id_length) != 0) 828 if (memcmp(p, s->s2->conn_id, s->s2->conn_id_length) != 0) {
862 { 829 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
863 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 830 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_CONNECTION_ID_IS_DIFFERENT);
864 SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT); 831 return (-1);
865 return(-1);
866 }
867 return(1);
868 } 832 }
833 return (1);
834}
869 835
870static int server_verify(SSL *s) 836static int
871 { 837server_verify(SSL *s)
838{
872 unsigned char *p; 839 unsigned char *p;
873 840
874 if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) 841 if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
875 { 842 p = (unsigned char *)s->init_buf->data;
876 p=(unsigned char *)s->init_buf->data; 843 *(p++) = SSL2_MT_SERVER_VERIFY;
877 *(p++)=SSL2_MT_SERVER_VERIFY; 844 if (s->s2->challenge_length > sizeof s->s2->challenge) {
878 if (s->s2->challenge_length > sizeof s->s2->challenge)
879 {
880 SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR); 845 SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
881 return -1; 846 return -1;
882 } 847 }
883 memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); 848 memcpy(p, s->s2->challenge,(unsigned int)s->s2->challenge_length);
884 /* p+=s->s2->challenge_length; */ 849 /* p+=s->s2->challenge_length; */
885 850
886 s->state=SSL2_ST_SEND_SERVER_VERIFY_B; 851 s->state = SSL2_ST_SEND_SERVER_VERIFY_B;
887 s->init_num=s->s2->challenge_length+1; 852 s->init_num = s->s2->challenge_length + 1;
888 s->init_off=0; 853 s->init_off = 0;
889 }
890 return(ssl2_do_write(s));
891 } 854 }
855 return (ssl2_do_write(s));
856}
892 857
893static int server_finish(SSL *s) 858static int
894 { 859server_finish(SSL *s)
860{
895 unsigned char *p; 861 unsigned char *p;
896 862
897 if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) 863 if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) {
898 { 864 p = (unsigned char *)s->init_buf->data;
899 p=(unsigned char *)s->init_buf->data; 865 *(p++) = SSL2_MT_SERVER_FINISHED;
900 *(p++)=SSL2_MT_SERVER_FINISHED;
901 866
902 if (s->session->session_id_length > sizeof s->session->session_id) 867 if (s->session->session_id_length > sizeof s->session->session_id) {
903 {
904 SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR); 868 SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
905 return -1; 869 return -1;
906 } 870 }
907 memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length); 871 memcpy(p, s->session->session_id, (unsigned int)s->session->session_id_length);
908 /* p+=s->session->session_id_length; */ 872 /* p+=s->session->session_id_length; */
909 873
910 s->state=SSL2_ST_SEND_SERVER_FINISHED_B; 874 s->state = SSL2_ST_SEND_SERVER_FINISHED_B;
911 s->init_num=s->session->session_id_length+1; 875 s->init_num = s->session->session_id_length + 1;
912 s->init_off=0; 876 s->init_off = 0;
913 } 877 }
914 878
915 /* SSL2_ST_SEND_SERVER_FINISHED_B */ 879 /* SSL2_ST_SEND_SERVER_FINISHED_B */
916 return(ssl2_do_write(s)); 880 return (ssl2_do_write(s));
917 } 881}
918 882
919/* send the request and check the response */ 883/* send the request and check the response */
920static int request_certificate(SSL *s) 884static int
921 { 885request_certificate(SSL *s)
886{
922 const unsigned char *cp; 887 const unsigned char *cp;
923 unsigned char *p,*p2,*buf2; 888 unsigned char *p, *p2, *buf2;
924 unsigned char *ccd; 889 unsigned char *ccd;
925 int i,j,ctype,ret= -1; 890 int i, j, ctype, ret = -1;
926 unsigned long len; 891 unsigned long len;
927 X509 *x509=NULL; 892 X509 *x509 = NULL;
928 STACK_OF(X509) *sk=NULL; 893 STACK_OF(X509) *sk = NULL;
929 894
930 ccd=s->s2->tmp.ccl; 895 ccd = s->s2->tmp.ccl;
931 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) 896 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) {
932 { 897 p = (unsigned char *)s->init_buf->data;
933 p=(unsigned char *)s->init_buf->data; 898 *(p++) = SSL2_MT_REQUEST_CERTIFICATE;
934 *(p++)=SSL2_MT_REQUEST_CERTIFICATE; 899 *(p++) = SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
935 *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION; 900 if (RAND_pseudo_bytes(ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
936 if (RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
937 return -1; 901 return -1;
938 memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); 902 memcpy(p, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH);
939 903
940 s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B; 904 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
941 s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2; 905 s->init_num = SSL2_MIN_CERT_CHALLENGE_LENGTH + 2;
942 s->init_off=0; 906 s->init_off = 0;
943 } 907 }
944 908
945 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) 909 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) {
946 { 910 i = ssl2_do_write(s);
947 i=ssl2_do_write(s); 911 if (i <= 0) {
948 if (i <= 0) 912 ret = i;
949 {
950 ret=i;
951 goto end; 913 goto end;
952 }
953
954 s->init_num=0;
955 s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
956 } 914 }
957 915
958 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) 916 s->init_num = 0;
959 { 917 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
960 p=(unsigned char *)s->init_buf->data; 918 }
961 i=ssl2_read(s,(char *)&(p[s->init_num]),6-s->init_num); /* try to read 6 octets ... */ 919
962 if (i < 3-s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3 920 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) {
921 p = (unsigned char *)s->init_buf->data;
922 i = ssl2_read(s, (char *)&(p[s->init_num]), 6 - s->init_num); /* try to read 6 octets ... */
923 if (i < 3 - s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3
963 * (probably NO-CERTIFICATE-ERROR) */ 924 * (probably NO-CERTIFICATE-ERROR) */
964 { 925 {
965 ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i); 926 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
966 goto end; 927 goto end;
967 } 928 }
968 s->init_num += i; 929 s->init_num += i;
969 930
970 if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) 931 if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) {
971 { 932 n2s(p, i);
972 n2s(p,i); 933 if (i != SSL2_PE_NO_CERTIFICATE) {
973 if (i != SSL2_PE_NO_CERTIFICATE)
974 {
975 /* not the error message we expected -- let ssl2_part_read handle it */ 934 /* not the error message we expected -- let ssl2_part_read handle it */
976 s->init_num -= 3; 935 s->init_num -= 3;
977 ret = ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE, 3); 936 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, 3);
978 goto end; 937 goto end;
979 } 938 }
980 939
981 if (s->msg_callback) 940 if (s->msg_callback)
982 s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */ 941 s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */
983 942
984 /* this is the one place where we can recover from an SSL 2.0 error */ 943 /* this is the one place where we can recover from an SSL 2.0 error */
985 944
986 if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) 945 if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
987 { 946 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
988 ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); 947 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
989 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
990 goto end; 948 goto end;
991 }
992 ret=1;
993 goto end;
994 } 949 }
995 if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) 950 ret = 1;
996 {
997 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
998 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ);
999 goto end; 951 goto end;
1000 } 952 }
1001 if (s->init_num != 6) 953 if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) {
1002 { 954 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
955 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_SHORT_READ);
956 goto end;
957 }
958 if (s->init_num != 6) {
1003 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR); 959 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
1004 goto end; 960 goto end;
1005 } 961 }
1006 962
1007 /* ok we have a response */ 963 /* ok we have a response */
1008 /* certificate type, there is only one right now. */ 964 /* certificate type, there is only one right now. */
1009 ctype= *(p++); 965 ctype= *(p++);
1010 if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) 966 if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
1011 { 967 ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
1012 ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); 968 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_RESPONSE_ARGUMENT);
1013 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT);
1014 goto end; 969 goto end;
1015 }
1016 n2s(p,i); s->s2->tmp.clen=i;
1017 n2s(p,i); s->s2->tmp.rlen=i;
1018 s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
1019 } 970 }
971 n2s(p, i);
972 s->s2->tmp.clen = i;
973 n2s(p, i);
974 s->s2->tmp.rlen = i;
975 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
976 }
1020 977
1021 /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */ 978 /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
1022 p=(unsigned char *)s->init_buf->data; 979 p = (unsigned char *)s->init_buf->data;
1023 len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen; 980 len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
1024 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 981 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
1025 { 982 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_MESSAGE_TOO_LONG);
1026 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_MESSAGE_TOO_LONG);
1027 goto end; 983 goto end;
1028 } 984 }
1029 j = (int)len - s->init_num; 985 j = (int)len - s->init_num;
1030 i = ssl2_read(s,(char *)&(p[s->init_num]),j); 986 i = ssl2_read(s,(char *)&(p[s->init_num]), j);
1031 if (i < j) 987 if (i < j) {
1032 { 988 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
1033 ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
1034 goto end; 989 goto end;
1035 } 990 }
1036 if (s->msg_callback) 991 if (s->msg_callback)
1037 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */ 992 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */
1038 p += 6; 993 p += 6;
1039 994
1040 cp = p; 995 cp = p;
1041 x509=(X509 *)d2i_X509(NULL,&cp,(long)s->s2->tmp.clen); 996 x509 = (X509 *)d2i_X509(NULL, &cp,(long)s->s2->tmp.clen);
1042 if (x509 == NULL) 997 if (x509 == NULL) {
1043 { 998 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_X509_LIB);
1044 SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB);
1045 goto msg_end; 999 goto msg_end;
1046 } 1000 }
1047 1001
1048 if (((sk=sk_X509_new_null()) == NULL) || (!sk_X509_push(sk,x509))) 1002 if (((sk = sk_X509_new_null()) == NULL) || (!sk_X509_push(sk, x509))) {
1049 { 1003 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1050 SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1051 goto msg_end; 1004 goto msg_end;
1052 } 1005 }
1053 1006
1054 i=ssl_verify_cert_chain(s,sk); 1007 i = ssl_verify_cert_chain(s, sk);
1055 1008
1056 if (i > 0) /* we like the packet, now check the chksum */ 1009 if (i > 0) /* we like the packet, now check the chksum */
1057 { 1010 {
1058 EVP_MD_CTX ctx; 1011 EVP_MD_CTX ctx;
1059 EVP_PKEY *pkey=NULL; 1012 EVP_PKEY *pkey = NULL;
1060 1013
1061 EVP_MD_CTX_init(&ctx); 1014 EVP_MD_CTX_init(&ctx);
1062 if (!EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL) 1015 if (!EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL) ||
1063 || !EVP_VerifyUpdate(&ctx,s->s2->key_material, 1016 !EVP_VerifyUpdate(&ctx, s->s2->key_material,
1064 s->s2->key_material_length) 1017 s->s2->key_material_length) ||
1065 || !EVP_VerifyUpdate(&ctx,ccd, 1018 !EVP_VerifyUpdate(&ctx, ccd,
1066 SSL2_MIN_CERT_CHALLENGE_LENGTH)) 1019 SSL2_MIN_CERT_CHALLENGE_LENGTH))
1067 goto msg_end; 1020 goto msg_end;
1068 1021
1069 i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); 1022 i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
1070 buf2=OPENSSL_malloc((unsigned int)i); 1023 buf2 = OPENSSL_malloc((unsigned int)i);
1071 if (buf2 == NULL) 1024 if (buf2 == NULL) {
1072 { 1025 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1073 SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1074 goto msg_end; 1026 goto msg_end;
1075 } 1027 }
1076 p2=buf2; 1028 p2 = buf2;
1077 i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2); 1029 i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &p2);
1078 if (!EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i)) 1030 if (!EVP_VerifyUpdate(&ctx, buf2,(unsigned int)i)) {
1079 {
1080 OPENSSL_free(buf2); 1031 OPENSSL_free(buf2);
1081 goto msg_end; 1032 goto msg_end;
1082 } 1033 }
1083 OPENSSL_free(buf2); 1034 OPENSSL_free(buf2);
1084 1035
1085 pkey=X509_get_pubkey(x509); 1036 pkey = X509_get_pubkey(x509);
1086 if (pkey == NULL) goto end; 1037 if (pkey == NULL)
1087 i=EVP_VerifyFinal(&ctx,cp,s->s2->tmp.rlen,pkey); 1038 goto end;
1039 i = EVP_VerifyFinal(&ctx, cp, s->s2->tmp.rlen, pkey);
1088 EVP_PKEY_free(pkey); 1040 EVP_PKEY_free(pkey);
1089 EVP_MD_CTX_cleanup(&ctx); 1041 EVP_MD_CTX_cleanup(&ctx);
1090 1042
1091 if (i > 0) 1043 if (i > 0) {
1092 {
1093 if (s->session->peer != NULL) 1044 if (s->session->peer != NULL)
1094 X509_free(s->session->peer); 1045 X509_free(s->session->peer);
1095 s->session->peer=x509; 1046 s->session->peer = x509;
1096 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); 1047 CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
1097 s->session->verify_result = s->verify_result; 1048 s->session->verify_result = s->verify_result;
1098 ret=1; 1049 ret = 1;
1099 goto end; 1050 goto end;
1100 } 1051 } else {
1101 else 1052 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_CHECKSUM);
1102 {
1103 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM);
1104 goto msg_end; 1053 goto msg_end;
1105 }
1106 } 1054 }
1107 else 1055 } else {
1108 {
1109msg_end: 1056msg_end:
1110 ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); 1057 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
1111 } 1058 }
1112end: 1059end:
1113 sk_X509_free(sk); 1060 sk_X509_free(sk);
1114 X509_free(x509); 1061 X509_free(x509);
1115 return(ret); 1062 return (ret);
1116 } 1063}
1117 1064
1118static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, 1065static int
1119 unsigned char *to, int padding) 1066ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
1120 { 1067 unsigned char *to, int padding)
1068{
1121 RSA *rsa; 1069 RSA *rsa;
1122 int i; 1070 int i;
1123 1071
1124 if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) 1072 if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) {
1125 { 1073 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_NO_PRIVATEKEY);
1126 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY); 1074 return (-1);
1127 return(-1); 1075 }
1128 } 1076 if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) {
1129 if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) 1077 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1130 { 1078 return (-1);
1131 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA); 1079 }
1132 return(-1); 1080 rsa = c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
1133 }
1134 rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
1135 1081
1136 /* we have the public key */ 1082 /* we have the public key */
1137 i=RSA_private_decrypt(len,from,to,rsa,padding); 1083 i = RSA_private_decrypt(len, from, to, rsa, padding);
1138 if (i < 0) 1084 if (i < 0)
1139 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB); 1085 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, ERR_R_RSA_LIB);
1140 return(i); 1086 return (i);
1141 } 1087}
1142#else /* !OPENSSL_NO_SSL2 */ 1088#else /* !OPENSSL_NO_SSL2 */
1143 1089
1144# if PEDANTIC 1090# if PEDANTIC
1145static void *dummy=&dummy; 1091static void *dummy = &dummy;
1146# endif 1092# endif
1147 1093
1148#endif 1094#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 00:32:47 +0000