summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2014-04-14 15:15:33 +0000
committerjsing <>2014-04-14 15:15:33 +0000
commit30f92658fa4e1357cfcee9c077a21e928970d290 (patch)
tree225d880512d3748d996f5d84d5d01521efe52b02 /src
parent6c233db50b8fc1d31e373868a83572c35271ca51 (diff)
downloadopenbsd-30f92658fa4e1357cfcee9c077a21e928970d290.tar.gz
openbsd-30f92658fa4e1357cfcee9c077a21e928970d290.tar.bz2
openbsd-30f92658fa4e1357cfcee9c077a21e928970d290.zip
First pass at applying KNF to the OpenSSL code, which almost makes it
readable. This pass is whitespace only and can readily be verified using tr and md5.
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/s23_clnt.c620
-rw-r--r--src/lib/libssl/s23_lib.c158
-rw-r--r--src/lib/libssl/s23_pkt.c74
-rw-r--r--src/lib/libssl/s23_srvr.c564
-rw-r--r--src/lib/libssl/src/ssl/s23_clnt.c620
-rw-r--r--src/lib/libssl/src/ssl/s23_lib.c158
-rw-r--r--src/lib/libssl/src/ssl/s23_meth.c23
-rw-r--r--src/lib/libssl/src/ssl/s23_pkt.c74
-rw-r--r--src/lib/libssl/src/ssl/s23_srvr.c564
9 files changed, 1339 insertions, 1516 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 6315e9d876..0fd388a05a 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -119,160 +119,163 @@
119static const SSL_METHOD *ssl23_get_client_method(int ver); 119static const SSL_METHOD *ssl23_get_client_method(int ver);
120static int ssl23_client_hello(SSL *s); 120static int ssl23_client_hello(SSL *s);
121static int ssl23_get_server_hello(SSL *s); 121static int ssl23_get_server_hello(SSL *s);
122static const SSL_METHOD *ssl23_get_client_method(int ver) 122static const SSL_METHOD
123 { 123*ssl23_get_client_method(int ver)
124{
124#ifndef OPENSSL_NO_SSL2 125#ifndef OPENSSL_NO_SSL2
125 if (ver == SSL2_VERSION) 126 if (ver == SSL2_VERSION)
126 return(SSLv2_client_method()); 127 return (SSLv2_client_method());
127#endif 128#endif
128 if (ver == SSL3_VERSION) 129 if (ver == SSL3_VERSION)
129 return(SSLv3_client_method()); 130 return (SSLv3_client_method());
130 else if (ver == TLS1_VERSION) 131 else if (ver == TLS1_VERSION)
131 return(TLSv1_client_method()); 132 return (TLSv1_client_method());
132 else if (ver == TLS1_1_VERSION) 133 else if (ver == TLS1_1_VERSION)
133 return(TLSv1_1_client_method()); 134 return (TLSv1_1_client_method());
134 else if (ver == TLS1_2_VERSION) 135 else if (ver == TLS1_2_VERSION)
135 return(TLSv1_2_client_method()); 136 return (TLSv1_2_client_method());
136 else 137 else
137 return(NULL); 138 return (NULL);
138 } 139}
139 140
140IMPLEMENT_ssl23_meth_func(SSLv23_client_method, 141IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
141 ssl_undefined_function, 142 ssl_undefined_function, ssl23_connect, ssl23_get_client_method)
142 ssl23_connect, 143
143 ssl23_get_client_method) 144int
144 145ssl23_connect(SSL *s)
145int ssl23_connect(SSL *s) 146{
146 { 147 BUF_MEM *buf = NULL;
147 BUF_MEM *buf=NULL; 148 unsigned long Time = (unsigned long)time(NULL);
148 unsigned long Time=(unsigned long)time(NULL); 149 void (*cb)(const SSL *ssl, int type, int val) = NULL;
149 void (*cb)(const SSL *ssl,int type,int val)=NULL; 150 int ret = -1;
150 int ret= -1; 151 int new_state, state;
151 int new_state,state; 152
152 153 RAND_add(&Time, sizeof(Time), 0);
153 RAND_add(&Time,sizeof(Time),0);
154 ERR_clear_error(); 154 ERR_clear_error();
155 errno = 0; 155 errno = 0;
156 156
157 if (s->info_callback != NULL) 157 if (s->info_callback != NULL)
158 cb=s->info_callback; 158 cb = s->info_callback;
159 else if (s->ctx->info_callback != NULL) 159 else if (s->ctx->info_callback != NULL)
160 cb=s->ctx->info_callback; 160 cb = s->ctx->info_callback;
161 161
162 s->in_handshake++; 162 s->in_handshake++;
163 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 163 if (!SSL_in_init(s) || SSL_in_before(s))
164 SSL_clear(s);
164 165
165 for (;;) 166 for (;;) {
166 { 167 state = s->state;
167 state=s->state;
168 168
169 switch(s->state) 169 switch (s->state) {
170 {
171 case SSL_ST_BEFORE: 170 case SSL_ST_BEFORE:
172 case SSL_ST_CONNECT: 171 case SSL_ST_CONNECT:
173 case SSL_ST_BEFORE|SSL_ST_CONNECT: 172 case SSL_ST_BEFORE|SSL_ST_CONNECT:
174 case SSL_ST_OK|SSL_ST_CONNECT: 173 case SSL_ST_OK|SSL_ST_CONNECT:
175 174
176 if (s->session != NULL) 175 if (s->session != NULL) {
177 { 176 SSLerr(SSL_F_SSL23_CONNECT, SSL_R_SSL23_DOING_SESSION_ID_REUSE);
178 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE); 177 ret = -1;
179 ret= -1;
180 goto end; 178 goto end;
181 } 179 }
182 s->server=0; 180 s->server = 0;
183 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 181 if (cb != NULL)
182 cb(s, SSL_CB_HANDSHAKE_START, 1);
184 183
185 /* s->version=TLS1_VERSION; */ 184 /* s->version=TLS1_VERSION; */
186 s->type=SSL_ST_CONNECT; 185 s->type = SSL_ST_CONNECT;
187 186
188 if (s->init_buf == NULL) 187 if (s->init_buf == NULL) {
189 { 188 if ((buf = BUF_MEM_new()) == NULL) {
190 if ((buf=BUF_MEM_new()) == NULL) 189 ret = -1;
191 {
192 ret= -1;
193 goto end; 190 goto end;
194 } 191 }
195 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) 192 if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
196 { 193 ret = -1;
197 ret= -1;
198 goto end; 194 goto end;
199 }
200 s->init_buf=buf;
201 buf=NULL;
202 } 195 }
196 s->init_buf = buf;
197 buf = NULL;
198 }
203 199
204 if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } 200 if (!ssl3_setup_buffers(s)) {
201 ret = -1;
202 goto end;
203 }
205 204
206 ssl3_init_finished_mac(s); 205 ssl3_init_finished_mac(s);
207 206
208 s->state=SSL23_ST_CW_CLNT_HELLO_A; 207 s->state = SSL23_ST_CW_CLNT_HELLO_A;
209 s->ctx->stats.sess_connect++; 208 s->ctx->stats.sess_connect++;
210 s->init_num=0; 209 s->init_num = 0;
211 break; 210 break;
212 211
213 case SSL23_ST_CW_CLNT_HELLO_A: 212 case SSL23_ST_CW_CLNT_HELLO_A:
214 case SSL23_ST_CW_CLNT_HELLO_B: 213 case SSL23_ST_CW_CLNT_HELLO_B:
215 214
216 s->shutdown=0; 215 s->shutdown = 0;
217 ret=ssl23_client_hello(s); 216 ret = ssl23_client_hello(s);
218 if (ret <= 0) goto end; 217 if (ret <= 0)
219 s->state=SSL23_ST_CR_SRVR_HELLO_A; 218 goto end;
220 s->init_num=0; 219 s->state = SSL23_ST_CR_SRVR_HELLO_A;
220 s->init_num = 0;
221 221
222 break; 222 break;
223 223
224 case SSL23_ST_CR_SRVR_HELLO_A: 224 case SSL23_ST_CR_SRVR_HELLO_A:
225 case SSL23_ST_CR_SRVR_HELLO_B: 225 case SSL23_ST_CR_SRVR_HELLO_B:
226 ret=ssl23_get_server_hello(s); 226 ret = ssl23_get_server_hello(s);
227 if (ret >= 0) cb=NULL; 227 if (ret >= 0)
228 cb = NULL;
228 goto end; 229 goto end;
229 /* break; */ 230 /* break; */
230 231
231 default: 232 default:
232 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE); 233 SSLerr(SSL_F_SSL23_CONNECT, SSL_R_UNKNOWN_STATE);
233 ret= -1; 234 ret = -1;
234 goto end; 235 goto end;
235 /* break; */ 236 /* break; */
236 } 237 }
237 238
238 if (s->debug) { (void)BIO_flush(s->wbio); } 239 if (s->debug) {
240 (void)BIO_flush(s->wbio);
241 }
239 242
240 if ((cb != NULL) && (s->state != state)) 243 if ((cb != NULL) && (s->state != state)) {
241 { 244 new_state = s->state;
242 new_state=s->state; 245 s->state = state;
243 s->state=state; 246 cb(s, SSL_CB_CONNECT_LOOP, 1);
244 cb(s,SSL_CB_CONNECT_LOOP,1); 247 s->state = new_state;
245 s->state=new_state;
246 }
247 } 248 }
249 }
248end: 250end:
249 s->in_handshake--; 251 s->in_handshake--;
250 if (buf != NULL) 252 if (buf != NULL)
251 BUF_MEM_free(buf); 253 BUF_MEM_free(buf);
252 if (cb != NULL) 254 if (cb != NULL)
253 cb(s,SSL_CB_CONNECT_EXIT,ret); 255 cb(s, SSL_CB_CONNECT_EXIT, ret);
254 return(ret); 256 return (ret);
255 } 257}
256 258
257static int ssl23_no_ssl2_ciphers(SSL *s) 259static int
258 { 260ssl23_no_ssl2_ciphers(SSL *s)
261{
259 SSL_CIPHER *cipher; 262 SSL_CIPHER *cipher;
260 STACK_OF(SSL_CIPHER) *ciphers; 263 STACK_OF(SSL_CIPHER) *ciphers;
261 int i; 264 int i;
262 ciphers = SSL_get_ciphers(s); 265 ciphers = SSL_get_ciphers(s);
263 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) 266 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
264 {
265 cipher = sk_SSL_CIPHER_value(ciphers, i); 267 cipher = sk_SSL_CIPHER_value(ciphers, i);
266 if (cipher->algorithm_ssl == SSL_SSLV2) 268 if (cipher->algorithm_ssl == SSL_SSLV2)
267 return 0; 269 return 0;
268 }
269 return 1;
270 } 270 }
271 return 1;
272}
271 273
272/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 274/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
273 * on failure, 1 on success. */ 275 * on failure, 1 on success. */
274int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len) 276int
275 { 277ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
278{
276 int send_time = 0; 279 int send_time = 0;
277 280
278 if (len < 4) 281 if (len < 4)
@@ -281,22 +284,21 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
281 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0; 284 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
282 else 285 else
283 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0; 286 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
284 if (send_time) 287 if (send_time) {
285 {
286 unsigned long Time = (unsigned long)time(NULL); 288 unsigned long Time = (unsigned long)time(NULL);
287 unsigned char *p = result; 289 unsigned char *p = result;
288 l2n(Time, p); 290 l2n(Time, p);
289 return RAND_pseudo_bytes(p, len-4); 291 return RAND_pseudo_bytes(p, len - 4);
290 } 292 } else
291 else
292 return RAND_pseudo_bytes(result, len); 293 return RAND_pseudo_bytes(result, len);
293 } 294}
294 295
295static int ssl23_client_hello(SSL *s) 296static int
296 { 297ssl23_client_hello(SSL *s)
298{
297 unsigned char *buf; 299 unsigned char *buf;
298 unsigned char *p,*d; 300 unsigned char *p, *d;
299 int i,ch_len; 301 int i, ch_len;
300 unsigned long l; 302 unsigned long l;
301 int ssl2_compat; 303 int ssl2_compat;
302 int version = 0, version_major, version_minor; 304 int version = 0, version_major, version_minor;
@@ -320,14 +322,14 @@ static int ssl23_client_hello(SSL *s)
320 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the 322 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
321 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. 323 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
322 */ 324 */
323 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1 325 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1
324#if !defined(OPENSSL_NO_SSL3) 326#if !defined(OPENSSL_NO_SSL3)
325 |SSL_OP_NO_SSLv3 327 |SSL_OP_NO_SSLv3
326#endif 328#endif
327#if !defined(OPENSSL_NO_SSL2) 329#if !defined(OPENSSL_NO_SSL2)
328 |(ssl2_compat?SSL_OP_NO_SSLv2:0) 330 |(ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
329#endif 331#endif
330 ; 332 ;
331#if !defined(OPENSSL_NO_TLS1_2_CLIENT) 333#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
332 version = TLS1_2_VERSION; 334 version = TLS1_2_VERSION;
333 335
@@ -351,8 +353,7 @@ static int ssl23_client_hello(SSL *s)
351#endif 353#endif
352 354
353#ifndef OPENSSL_NO_TLSEXT 355#ifndef OPENSSL_NO_TLSEXT
354 if (version != SSL2_VERSION) 356 if (version != SSL2_VERSION) {
355 {
356 /* have to disable SSL 2.0 compatibility if we need TLS extensions */ 357 /* have to disable SSL 2.0 compatibility if we need TLS extensions */
357 358
358 if (s->tlsext_hostname != NULL) 359 if (s->tlsext_hostname != NULL)
@@ -363,67 +364,53 @@ static int ssl23_client_hello(SSL *s)
363 if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL) 364 if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
364 ssl2_compat = 0; 365 ssl2_compat = 0;
365#endif 366#endif
366 } 367 }
367#endif 368#endif
368 369
369 buf=(unsigned char *)s->init_buf->data; 370 buf = (unsigned char *)s->init_buf->data;
370 if (s->state == SSL23_ST_CW_CLNT_HELLO_A) 371 if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
371 {
372#if 0 372#if 0
373 /* don't reuse session-id's */ 373 /* don't reuse session-id's */
374 if (!ssl_get_new_session(s,0)) 374 if (!ssl_get_new_session(s, 0)) {
375 { 375 return (-1);
376 return(-1); 376 }
377 }
378#endif 377#endif
379 378
380 p=s->s3->client_random; 379 p = s->s3->client_random;
381 if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0) 380 if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
382 return -1; 381 return -1;
383 382
384 if (version == TLS1_2_VERSION) 383 if (version == TLS1_2_VERSION) {
385 {
386 version_major = TLS1_2_VERSION_MAJOR; 384 version_major = TLS1_2_VERSION_MAJOR;
387 version_minor = TLS1_2_VERSION_MINOR; 385 version_minor = TLS1_2_VERSION_MINOR;
388 } 386 } else if (version == TLS1_1_VERSION) {
389 else if (version == TLS1_1_VERSION)
390 {
391 version_major = TLS1_1_VERSION_MAJOR; 387 version_major = TLS1_1_VERSION_MAJOR;
392 version_minor = TLS1_1_VERSION_MINOR; 388 version_minor = TLS1_1_VERSION_MINOR;
393 } 389 } else if (version == TLS1_VERSION) {
394 else if (version == TLS1_VERSION)
395 {
396 version_major = TLS1_VERSION_MAJOR; 390 version_major = TLS1_VERSION_MAJOR;
397 version_minor = TLS1_VERSION_MINOR; 391 version_minor = TLS1_VERSION_MINOR;
398 } 392 }
399#ifdef OPENSSL_FIPS 393#ifdef OPENSSL_FIPS
400 else if(FIPS_mode()) 394 else if (FIPS_mode()) {
401 {
402 SSLerr(SSL_F_SSL23_CLIENT_HELLO, 395 SSLerr(SSL_F_SSL23_CLIENT_HELLO,
403 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); 396 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
404 return -1; 397 return -1;
405 } 398 }
406#endif 399#endif
407 else if (version == SSL3_VERSION) 400 else if (version == SSL3_VERSION) {
408 {
409 version_major = SSL3_VERSION_MAJOR; 401 version_major = SSL3_VERSION_MAJOR;
410 version_minor = SSL3_VERSION_MINOR; 402 version_minor = SSL3_VERSION_MINOR;
411 } 403 } else if (version == SSL2_VERSION) {
412 else if (version == SSL2_VERSION)
413 {
414 version_major = SSL2_VERSION_MAJOR; 404 version_major = SSL2_VERSION_MAJOR;
415 version_minor = SSL2_VERSION_MINOR; 405 version_minor = SSL2_VERSION_MINOR;
416 } 406 } else {
417 else 407 SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_PROTOCOLS_AVAILABLE);
418 { 408 return (-1);
419 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE); 409 }
420 return(-1);
421 }
422 410
423 s->client_version = version; 411 s->client_version = version;
424 412
425 if (ssl2_compat) 413 if (ssl2_compat) {
426 {
427 /* create SSL 2.0 compatible Client Hello */ 414 /* create SSL 2.0 compatible Client Hello */
428 415
429 /* two byte record header will be written last */ 416 /* two byte record header will be written last */
@@ -433,28 +420,27 @@ static int ssl23_client_hello(SSL *s)
433 *(d++) = SSL2_MT_CLIENT_HELLO; 420 *(d++) = SSL2_MT_CLIENT_HELLO;
434 *(d++) = version_major; 421 *(d++) = version_major;
435 *(d++) = version_minor; 422 *(d++) = version_minor;
436 423
437 /* Ciphers supported */ 424 /* Ciphers supported */
438 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p,0); 425 i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), p, 0);
439 if (i == 0) 426 if (i == 0) {
440 {
441 /* no ciphers */ 427 /* no ciphers */
442 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); 428 SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
443 return -1; 429 return -1;
444 } 430 }
445 s2n(i,d); 431 s2n(i, d);
446 p+=i; 432 p += i;
447 433
448 /* put in the session-id length (zero since there is no reuse) */ 434 /* put in the session-id length (zero since there is no reuse) */
449#if 0 435#if 0
450 s->session->session_id_length=0; 436 s->session->session_id_length = 0;
451#endif 437#endif
452 s2n(0,d); 438 s2n(0, d);
453 439
454 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) 440 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
455 ch_len=SSL2_CHALLENGE_LENGTH; 441 ch_len = SSL2_CHALLENGE_LENGTH;
456 else 442 else
457 ch_len=SSL2_MAX_CHALLENGE_LENGTH; 443 ch_len = SSL2_MAX_CHALLENGE_LENGTH;
458 444
459 /* write out sslv2 challenge */ 445 /* write out sslv2 challenge */
460 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), 446 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32),
@@ -462,34 +448,32 @@ static int ssl23_client_hello(SSL *s)
462 or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the 448 or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the
463 check in for futurproofing */ 449 check in for futurproofing */
464 if (SSL3_RANDOM_SIZE < ch_len) 450 if (SSL3_RANDOM_SIZE < ch_len)
465 i=SSL3_RANDOM_SIZE; 451 i = SSL3_RANDOM_SIZE;
466 else 452 else
467 i=ch_len; 453 i = ch_len;
468 s2n(i,d); 454 s2n(i, d);
469 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); 455 memset(&(s->s3->client_random[0]), 0, SSL3_RANDOM_SIZE);
470 if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0) 456 if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i) <= 0)
471 return -1; 457 return -1;
472 458
473 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); 459 memcpy(p, &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
474 p+=i; 460 p += i;
475 461
476 i= p- &(buf[2]); 462 i = p- &(buf[2]);
477 buf[0]=((i>>8)&0xff)|0x80; 463 buf[0] = ((i >> 8)&0xff)|0x80;
478 buf[1]=(i&0xff); 464 buf[1] = (i&0xff);
479 465
480 /* number of bytes to write */ 466 /* number of bytes to write */
481 s->init_num=i+2; 467 s->init_num = i + 2;
482 s->init_off=0; 468 s->init_off = 0;
483 469
484 ssl3_finish_mac(s,&(buf[2]),i); 470 ssl3_finish_mac(s, &(buf[2]), i);
485 } 471 } else {
486 else
487 {
488 /* create Client Hello in SSL 3.0/TLS 1.0 format */ 472 /* create Client Hello in SSL 3.0/TLS 1.0 format */
489 473
490 /* do the record header (5 bytes) and handshake message header (4 bytes) last */ 474 /* do the record header (5 bytes) and handshake message header (4 bytes) last */
491 d = p = &(buf[9]); 475 d = p = &(buf[9]);
492 476
493 *(p++) = version_major; 477 *(p++) = version_major;
494 *(p++) = version_minor; 478 *(p++) = version_minor;
495 479
@@ -501,73 +485,68 @@ static int ssl23_client_hello(SSL *s)
501 *(p++) = 0; 485 *(p++) = 0;
502 486
503 /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */ 487 /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
504 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char); 488 i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), ssl3_put_cipher_by_char);
505 if (i == 0) 489 if (i == 0) {
506 { 490 SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
507 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
508 return -1; 491 return -1;
509 } 492 }
510#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH 493#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
511 /* Some servers hang if client hello > 256 bytes 494 /* Some servers hang if client hello > 256 bytes
512 * as hack workaround chop number of supported ciphers 495 * as hack workaround chop number of supported ciphers
513 * to keep it well below this if we use TLS v1.2 496 * to keep it well below this if we use TLS v1.2
514 */ 497 */
515 if (TLS1_get_version(s) >= TLS1_2_VERSION 498 if (TLS1_get_version(s) >= TLS1_2_VERSION &&
516 && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH) 499 i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
517 i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1; 500 i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
518#endif 501#endif
519 s2n(i,p); 502 s2n(i, p);
520 p+=i; 503 p += i;
521 504
522 /* COMPRESSION */ 505 /* COMPRESSION */
523#ifdef OPENSSL_NO_COMP 506#ifdef OPENSSL_NO_COMP
524 *(p++)=1; 507 *(p++) = 1;
525#else 508#else
526 if ((s->options & SSL_OP_NO_COMPRESSION) 509 if ((s->options & SSL_OP_NO_COMPRESSION) ||
527 || !s->ctx->comp_methods) 510 !s->ctx->comp_methods)
528 j=0; 511 j = 0;
529 else 512 else
530 j=sk_SSL_COMP_num(s->ctx->comp_methods); 513 j = sk_SSL_COMP_num(s->ctx->comp_methods);
531 *(p++)=1+j; 514 *(p++) = 1 + j;
532 for (i=0; i<j; i++) 515 for (i = 0; i < j; i++) {
533 { 516 comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
534 comp=sk_SSL_COMP_value(s->ctx->comp_methods,i); 517 *(p++) = comp->id;
535 *(p++)=comp->id; 518 }
536 }
537#endif 519#endif
538 *(p++)=0; /* Add the NULL method */ 520 *(p++)=0; /* Add the NULL method */
539 521
540#ifndef OPENSSL_NO_TLSEXT 522#ifndef OPENSSL_NO_TLSEXT
541 /* TLS extensions*/ 523 /* TLS extensions*/
542 if (ssl_prepare_clienthello_tlsext(s) <= 0) 524 if (ssl_prepare_clienthello_tlsext(s) <= 0) {
543 { 525 SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
544 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
545 return -1; 526 return -1;
546 } 527 }
547 if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) 528 if ((p = ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
548 { 529 SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
549 SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
550 return -1; 530 return -1;
551 } 531 }
552#endif 532#endif
553 533
554 l = p-d; 534 l = p - d;
555 535
556 /* fill in 4-byte handshake header */ 536 /* fill in 4-byte handshake header */
557 d=&(buf[5]); 537 d = &(buf[5]);
558 *(d++)=SSL3_MT_CLIENT_HELLO; 538 *(d++) = SSL3_MT_CLIENT_HELLO;
559 l2n3(l,d); 539 l2n3(l, d);
560 540
561 l += 4; 541 l += 4;
562 542
563 if (l > SSL3_RT_MAX_PLAIN_LENGTH) 543 if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
564 { 544 SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
565 SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
566 return -1; 545 return -1;
567 } 546 }
568 547
569 /* fill in 5-byte record header */ 548 /* fill in 5-byte record header */
570 d=buf; 549 d = buf;
571 *(d++) = SSL3_RT_HANDSHAKE; 550 *(d++) = SSL3_RT_HANDSHAKE;
572 *(d++) = version_major; 551 *(d++) = version_major;
573 /* Some servers hang if we use long client hellos 552 /* Some servers hang if we use long client hellos
@@ -577,54 +556,54 @@ static int ssl23_client_hello(SSL *s)
577 *(d++) = 1; 556 *(d++) = 1;
578 else 557 else
579 *(d++) = version_minor; 558 *(d++) = version_minor;
580 s2n((int)l,d); 559 s2n((int)l, d);
581 560
582 /* number of bytes to write */ 561 /* number of bytes to write */
583 s->init_num=p-buf; 562 s->init_num = p - buf;
584 s->init_off=0; 563 s->init_off = 0;
585
586 ssl3_finish_mac(s,&(buf[5]), s->init_num - 5);
587 }
588 564
589 s->state=SSL23_ST_CW_CLNT_HELLO_B; 565 ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
590 s->init_off=0;
591 } 566 }
592 567
568 s->state = SSL23_ST_CW_CLNT_HELLO_B;
569 s->init_off = 0;
570 }
571
593 /* SSL3_ST_CW_CLNT_HELLO_B */ 572 /* SSL3_ST_CW_CLNT_HELLO_B */
594 ret = ssl23_write_bytes(s); 573 ret = ssl23_write_bytes(s);
595 574
596 if ((ret >= 2) && s->msg_callback) 575 if ((ret >= 2) && s->msg_callback) {
597 {
598 /* Client Hello has been sent; tell msg_callback */ 576 /* Client Hello has been sent; tell msg_callback */
599 577
600 if (ssl2_compat) 578 if (ssl2_compat)
601 s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); 579 s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data + 2, ret - 2, s, s->msg_callback_arg);
602 else 580 else
603 s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg); 581 s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data + 5, ret - 5, s, s->msg_callback_arg);
604 } 582 }
605 583
606 return ret; 584 return ret;
607 } 585}
608 586
609static int ssl23_get_server_hello(SSL *s) 587static int
610 { 588ssl23_get_server_hello(SSL *s)
589{
611 char buf[8]; 590 char buf[8];
612 unsigned char *p; 591 unsigned char *p;
613 int i; 592 int i;
614 int n; 593 int n;
615 594
616 n=ssl23_read_bytes(s,7); 595 n = ssl23_read_bytes(s, 7);
617 596
618 if (n != 7) return(n); 597 if (n != 7)
619 p=s->packet; 598 return (n);
599 p = s->packet;
620 600
621 memcpy(buf,p,n); 601 memcpy(buf, p, n);
622 602
623 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && 603 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
624 (p[5] == 0x00) && (p[6] == 0x02)) 604 (p[5] == 0x00) && (p[6] == 0x02)) {
625 {
626#ifdef OPENSSL_NO_SSL2 605#ifdef OPENSSL_NO_SSL2
627 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); 606 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
628 goto err; 607 goto err;
629#else 608#else
630 /* we are talking sslv2 */ 609 /* we are talking sslv2 */
@@ -632,169 +611,150 @@ static int ssl23_get_server_hello(SSL *s)
632 * sslv2 stuff. */ 611 * sslv2 stuff. */
633 int ch_len; 612 int ch_len;
634 613
635 if (s->options & SSL_OP_NO_SSLv2) 614 if (s->options & SSL_OP_NO_SSLv2) {
636 { 615 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
637 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
638 goto err; 616 goto err;
639 } 617 }
640 if (s->s2 == NULL) 618 if (s->s2 == NULL) {
641 {
642 if (!ssl2_new(s)) 619 if (!ssl2_new(s))
643 goto err; 620 goto err;
644 } 621 } else
645 else
646 ssl2_clear(s); 622 ssl2_clear(s);
647 623
648 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) 624 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
649 ch_len=SSL2_CHALLENGE_LENGTH; 625 ch_len = SSL2_CHALLENGE_LENGTH;
650 else 626 else
651 ch_len=SSL2_MAX_CHALLENGE_LENGTH; 627 ch_len = SSL2_MAX_CHALLENGE_LENGTH;
652 628
653 /* write out sslv2 challenge */ 629 /* write out sslv2 challenge */
654 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because 630 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because
655 it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or 631 it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
656 SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for 632 SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
657 futurproofing */ 633 futurproofing */
658 i=(SSL3_RANDOM_SIZE < ch_len) 634 i = (SSL3_RANDOM_SIZE < ch_len) ? SSL3_RANDOM_SIZE : ch_len;
659 ?SSL3_RANDOM_SIZE:ch_len; 635 s->s2->challenge_length = i;
660 s->s2->challenge_length=i;
661 memcpy(s->s2->challenge, 636 memcpy(s->s2->challenge,
662 &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); 637 &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
663 638
664 if (s->s3 != NULL) ssl3_free(s); 639 if (s->s3 != NULL)
640 ssl3_free(s);
665 641
666 if (!BUF_MEM_grow_clean(s->init_buf, 642 if (!BUF_MEM_grow_clean(s->init_buf,
667 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) 643 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
668 { 644 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
669 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
670 goto err; 645 goto err;
671 } 646 }
672 647
673 s->state=SSL2_ST_GET_SERVER_HELLO_A; 648 s->state = SSL2_ST_GET_SERVER_HELLO_A;
674 if (!(s->client_version == SSL2_VERSION)) 649 if (!(s->client_version == SSL2_VERSION))
675 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */ 650 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
676 s->s2->ssl2_rollback=1; 651 s->s2->ssl2_rollback = 1;
677 652
678 /* setup the 7 bytes we have read so we get them from 653 /* setup the 7 bytes we have read so we get them from
679 * the sslv2 buffer */ 654 * the sslv2 buffer */
680 s->rstate=SSL_ST_READ_HEADER; 655 s->rstate = SSL_ST_READ_HEADER;
681 s->packet_length=n; 656 s->packet_length = n;
682 s->packet= &(s->s2->rbuf[0]); 657 s->packet = &(s->s2->rbuf[0]);
683 memcpy(s->packet,buf,n); 658 memcpy(s->packet, buf, n);
684 s->s2->rbuf_left=n; 659 s->s2->rbuf_left = n;
685 s->s2->rbuf_offs=0; 660 s->s2->rbuf_offs = 0;
686 661
687 /* we have already written one */ 662 /* we have already written one */
688 s->s2->write_sequence=1; 663 s->s2->write_sequence = 1;
689 664
690 s->method=SSLv2_client_method(); 665 s->method = SSLv2_client_method();
691 s->handshake_func=s->method->ssl_connect; 666 s->handshake_func = s->method->ssl_connect;
692#endif 667#endif
693 } 668 } else if (p[1] == SSL3_VERSION_MAJOR &&
694 else if (p[1] == SSL3_VERSION_MAJOR && 669 p[2] <= TLS1_2_VERSION_MINOR &&
695 p[2] <= TLS1_2_VERSION_MINOR && 670 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
696 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) || 671 (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
697 (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2)))
698 {
699 /* we have sslv3 or tls1 (server hello or alert) */ 672 /* we have sslv3 or tls1 (server hello or alert) */
700 673
701 if ((p[2] == SSL3_VERSION_MINOR) && 674 if ((p[2] == SSL3_VERSION_MINOR) &&
702 !(s->options & SSL_OP_NO_SSLv3)) 675 !(s->options & SSL_OP_NO_SSLv3)) {
703 {
704#ifdef OPENSSL_FIPS 676#ifdef OPENSSL_FIPS
705 if(FIPS_mode()) 677 if (FIPS_mode()) {
706 {
707 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, 678 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
708 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); 679 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
709 goto err; 680 goto err;
710 }
711#endif
712 s->version=SSL3_VERSION;
713 s->method=SSLv3_client_method();
714 }
715 else if ((p[2] == TLS1_VERSION_MINOR) &&
716 !(s->options & SSL_OP_NO_TLSv1))
717 {
718 s->version=TLS1_VERSION;
719 s->method=TLSv1_client_method();
720 } 681 }
721 else if ((p[2] == TLS1_1_VERSION_MINOR) && 682#endif
722 !(s->options & SSL_OP_NO_TLSv1_1)) 683 s->version = SSL3_VERSION;
723 { 684 s->method = SSLv3_client_method();
724 s->version=TLS1_1_VERSION; 685 } else if ((p[2] == TLS1_VERSION_MINOR) &&
725 s->method=TLSv1_1_client_method(); 686 !(s->options & SSL_OP_NO_TLSv1)) {
726 } 687 s->version = TLS1_VERSION;
727 else if ((p[2] == TLS1_2_VERSION_MINOR) && 688 s->method = TLSv1_client_method();
728 !(s->options & SSL_OP_NO_TLSv1_2)) 689 } else if ((p[2] == TLS1_1_VERSION_MINOR) &&
729 { 690 !(s->options & SSL_OP_NO_TLSv1_1)) {
730 s->version=TLS1_2_VERSION; 691 s->version = TLS1_1_VERSION;
731 s->method=TLSv1_2_client_method(); 692 s->method = TLSv1_1_client_method();
732 } 693 } else if ((p[2] == TLS1_2_VERSION_MINOR) &&
733 else 694 !(s->options & SSL_OP_NO_TLSv1_2)) {
734 { 695 s->version = TLS1_2_VERSION;
735 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); 696 s->method = TLSv1_2_client_method();
697 } else {
698 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
736 goto err; 699 goto err;
737 } 700 }
738 701
739 if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) 702 if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) {
740 {
741 /* fatal alert */ 703 /* fatal alert */
742 704
743 void (*cb)(const SSL *ssl,int type,int val)=NULL; 705 void (*cb)(const SSL *ssl, int type, int val) = NULL;
744 int j; 706 int j;
745 707
746 if (s->info_callback != NULL) 708 if (s->info_callback != NULL)
747 cb=s->info_callback; 709 cb = s->info_callback;
748 else if (s->ctx->info_callback != NULL) 710 else if (s->ctx->info_callback != NULL)
749 cb=s->ctx->info_callback; 711 cb = s->ctx->info_callback;
750 712
751 i=p[5]; 713 i = p[5];
752 if (cb != NULL) 714 if (cb != NULL) {
753 { 715 j = (i << 8) | p[6];
754 j=(i<<8)|p[6]; 716 cb(s, SSL_CB_READ_ALERT, j);
755 cb(s,SSL_CB_READ_ALERT,j); 717 }
756 } 718
757
758 if (s->msg_callback) 719 if (s->msg_callback)
759 s->msg_callback(0, s->version, SSL3_RT_ALERT, p+5, 2, s, s->msg_callback_arg); 720 s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s, s->msg_callback_arg);
760 721
761 s->rwstate=SSL_NOTHING; 722 s->rwstate = SSL_NOTHING;
762 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]); 723 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_AD_REASON_OFFSET + p[6]);
763 goto err; 724 goto err;
764 } 725 }
765 726
766 if (!ssl_init_wbio_buffer(s,1)) goto err; 727 if (!ssl_init_wbio_buffer(s, 1))
728 goto err;
767 729
768 /* we are in this state */ 730 /* we are in this state */
769 s->state=SSL3_ST_CR_SRVR_HELLO_A; 731 s->state = SSL3_ST_CR_SRVR_HELLO_A;
770 732
771 /* put the 7 bytes we have read into the input buffer 733 /* put the 7 bytes we have read into the input buffer
772 * for SSLv3 */ 734 * for SSLv3 */
773 s->rstate=SSL_ST_READ_HEADER; 735 s->rstate = SSL_ST_READ_HEADER;
774 s->packet_length=n; 736 s->packet_length = n;
775 if (s->s3->rbuf.buf == NULL) 737 if (s->s3->rbuf.buf == NULL)
776 if (!ssl3_setup_read_buffer(s)) 738 if (!ssl3_setup_read_buffer(s))
777 goto err; 739 goto err;
778 s->packet= &(s->s3->rbuf.buf[0]); 740 s->packet = &(s->s3->rbuf.buf[0]);
779 memcpy(s->packet,buf,n); 741 memcpy(s->packet, buf, n);
780 s->s3->rbuf.left=n; 742 s->s3->rbuf.left = n;
781 s->s3->rbuf.offset=0; 743 s->s3->rbuf.offset = 0;
782 744
783 s->handshake_func=s->method->ssl_connect; 745 s->handshake_func = s->method->ssl_connect;
784 } 746 } else {
785 else 747 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL);
786 {
787 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
788 goto err; 748 goto err;
789 } 749 }
790 s->init_num=0; 750 s->init_num = 0;
791 751
792 /* Since, if we are sending a ssl23 client hello, we are not 752 /* Since, if we are sending a ssl23 client hello, we are not
793 * reusing a session-id */ 753 * reusing a session-id */
794 if (!ssl_get_new_session(s,0)) 754 if (!ssl_get_new_session(s, 0))
795 goto err; 755 goto err;
796 756
797 return(SSL_connect(s)); 757 return (SSL_connect(s));
798err: 758err:
799 return(-1); 759 return (-1);
800 } 760}
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
index a6285b767f..3a4d5a6ecb 100644
--- a/src/lib/libssl/s23_lib.c
+++ b/src/lib/libssl/s23_lib.c
@@ -60,128 +60,126 @@
60#include <openssl/objects.h> 60#include <openssl/objects.h>
61#include "ssl_locl.h" 61#include "ssl_locl.h"
62 62
63long ssl23_default_timeout(void) 63long
64 { 64ssl23_default_timeout(void)
65 return(300); 65{
66 } 66 return (300);
67}
67 68
68int ssl23_num_ciphers(void) 69int
69 { 70ssl23_num_ciphers(void)
71{
70 return(ssl3_num_ciphers() 72 return(ssl3_num_ciphers()
71#ifndef OPENSSL_NO_SSL2 73#ifndef OPENSSL_NO_SSL2
72 + ssl2_num_ciphers() 74 + ssl2_num_ciphers()
73#endif 75#endif
74 ); 76 );
75 } 77}
76 78
77const SSL_CIPHER *ssl23_get_cipher(unsigned int u) 79const SSL_CIPHER
78 { 80*ssl23_get_cipher(unsigned int u)
79 unsigned int uu=ssl3_num_ciphers(); 81{
82 unsigned int uu = ssl3_num_ciphers();
80 83
81 if (u < uu) 84 if (u < uu)
82 return(ssl3_get_cipher(u)); 85 return (ssl3_get_cipher(u));
83 else 86 else
84#ifndef OPENSSL_NO_SSL2 87#ifndef OPENSSL_NO_SSL2
85 return(ssl2_get_cipher(u-uu)); 88 return (ssl2_get_cipher(u - uu));
86#else 89#else
87 return(NULL); 90 return (NULL);
88#endif 91#endif
89 } 92}
90 93
91/* This function needs to check if the ciphers required are actually 94/* This function needs to check if the ciphers required are actually
92 * available */ 95 * available */
93const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) 96const SSL_CIPHER
94 { 97*ssl23_get_cipher_by_char(const unsigned char *p)
98{
95 const SSL_CIPHER *cp; 99 const SSL_CIPHER *cp;
96 100
97 cp=ssl3_get_cipher_by_char(p); 101 cp = ssl3_get_cipher_by_char(p);
98#ifndef OPENSSL_NO_SSL2 102#ifndef OPENSSL_NO_SSL2
99 if (cp == NULL) 103 if (cp == NULL)
100 cp=ssl2_get_cipher_by_char(p); 104 cp = ssl2_get_cipher_by_char(p);
101#endif 105#endif
102 return(cp); 106 return (cp);
103 } 107}
104 108
105int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 109int
106 { 110ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
111{
107 long l; 112 long l;
108 113
109 /* We can write SSLv2 and SSLv3 ciphers */ 114 /* We can write SSLv2 and SSLv3 ciphers */
110 if (p != NULL) 115 if (p != NULL) {
111 { 116 l = c->id;
112 l=c->id; 117 p[0] = ((unsigned char)(l >> 16L))&0xFF;
113 p[0]=((unsigned char)(l>>16L))&0xFF; 118 p[1] = ((unsigned char)(l >> 8L))&0xFF;
114 p[1]=((unsigned char)(l>> 8L))&0xFF; 119 p[2] = ((unsigned char)(l ))&0xFF;
115 p[2]=((unsigned char)(l ))&0xFF;
116 }
117 return(3);
118 } 120 }
121 return (3);
122}
119 123
120int ssl23_read(SSL *s, void *buf, int len) 124int
121 { 125ssl23_read(SSL *s, void *buf, int len)
126{
122 int n; 127 int n;
123 128
124 errno = 0; 129 errno = 0;
125 if (SSL_in_init(s) && (!s->in_handshake)) 130 if (SSL_in_init(s) && (!s->in_handshake)) {
126 { 131 n = s->handshake_func(s);
127 n=s->handshake_func(s); 132 if (n < 0)
128 if (n < 0) return(n); 133 return (n);
129 if (n == 0) 134 if (n == 0) {
130 { 135 SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
131 SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE); 136 return (-1);
132 return(-1);
133 }
134 return(SSL_read(s,buf,len));
135 } 137 }
136 else 138 return (SSL_read(s, buf, len));
137 { 139 } else {
138 ssl_undefined_function(s); 140 ssl_undefined_function(s);
139 return(-1); 141 return (-1);
140 }
141 } 142 }
143}
142 144
143int ssl23_peek(SSL *s, void *buf, int len) 145int
144 { 146ssl23_peek(SSL *s, void *buf, int len)
147{
145 int n; 148 int n;
146 149
147 errno = 0; 150 errno = 0;
148 if (SSL_in_init(s) && (!s->in_handshake)) 151 if (SSL_in_init(s) && (!s->in_handshake)) {
149 { 152 n = s->handshake_func(s);
150 n=s->handshake_func(s); 153 if (n < 0)
151 if (n < 0) return(n); 154 return (n);
152 if (n == 0) 155 if (n == 0) {
153 { 156 SSLerr(SSL_F_SSL23_PEEK, SSL_R_SSL_HANDSHAKE_FAILURE);
154 SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE); 157 return (-1);
155 return(-1);
156 }
157 return(SSL_peek(s,buf,len));
158 } 158 }
159 else 159 return (SSL_peek(s, buf, len));
160 { 160 } else {
161 ssl_undefined_function(s); 161 ssl_undefined_function(s);
162 return(-1); 162 return (-1);
163 }
164 } 163 }
164}
165 165
166int ssl23_write(SSL *s, const void *buf, int len) 166int
167 { 167ssl23_write(SSL *s, const void *buf, int len)
168{
168 int n; 169 int n;
169 170
170 errno = 0; 171 errno = 0;
171 if (SSL_in_init(s) && (!s->in_handshake)) 172 if (SSL_in_init(s) && (!s->in_handshake)) {
172 { 173 n = s->handshake_func(s);
173 n=s->handshake_func(s); 174 if (n < 0)
174 if (n < 0) return(n); 175 return (n);
175 if (n == 0) 176 if (n == 0) {
176 { 177 SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
177 SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); 178 return (-1);
178 return(-1);
179 }
180 return(SSL_write(s,buf,len));
181 } 179 }
182 else 180 return (SSL_write(s, buf, len));
183 { 181 } else {
184 ssl_undefined_function(s); 182 ssl_undefined_function(s);
185 return(-1); 183 return (-1);
186 }
187 } 184 }
185}
diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c
index eba8d9d8fc..28d07a2212 100644
--- a/src/lib/libssl/s23_pkt.c
+++ b/src/lib/libssl/s23_pkt.c
@@ -62,55 +62,53 @@
62#include <openssl/evp.h> 62#include <openssl/evp.h>
63#include <openssl/buffer.h> 63#include <openssl/buffer.h>
64 64
65int ssl23_write_bytes(SSL *s) 65int
66 { 66ssl23_write_bytes(SSL *s)
67 int i,num,tot; 67{
68 int i, num, tot;
68 char *buf; 69 char *buf;
69 70
70 buf=s->init_buf->data; 71 buf = s->init_buf->data;
71 tot=s->init_off; 72 tot = s->init_off;
72 num=s->init_num; 73 num = s->init_num;
73 for (;;) 74 for (;;) {
74 { 75 s->rwstate = SSL_WRITING;
75 s->rwstate=SSL_WRITING; 76 i = BIO_write(s->wbio, &(buf[tot]), num);
76 i=BIO_write(s->wbio,&(buf[tot]),num); 77 if (i <= 0) {
77 if (i <= 0) 78 s->init_off = tot;
78 { 79 s->init_num = num;
79 s->init_off=tot; 80 return (i);
80 s->init_num=num;
81 return(i);
82 }
83 s->rwstate=SSL_NOTHING;
84 if (i == num) return(tot+i);
85
86 num-=i;
87 tot+=i;
88 } 81 }
82 s->rwstate = SSL_NOTHING;
83 if (i == num)
84 return (tot + i);
85
86 num -= i;
87 tot += i;
89 } 88 }
89}
90 90
91/* return regularly only when we have read (at least) 'n' bytes */ 91/* return regularly only when we have read (at least) 'n' bytes */
92int ssl23_read_bytes(SSL *s, int n) 92int
93 { 93ssl23_read_bytes(SSL *s, int n)
94{
94 unsigned char *p; 95 unsigned char *p;
95 int j; 96 int j;
96 97
97 if (s->packet_length < (unsigned int)n) 98 if (s->packet_length < (unsigned int)n) {
98 { 99 p = s->packet;
99 p=s->packet;
100 100
101 for (;;) 101 for (;;) {
102 { 102 s->rwstate = SSL_READING;
103 s->rwstate=SSL_READING; 103 j = BIO_read(s->rbio,(char *)&(p[s->packet_length]),
104 j=BIO_read(s->rbio,(char *)&(p[s->packet_length]), 104 n - s->packet_length);
105 n-s->packet_length);
106 if (j <= 0) 105 if (j <= 0)
107 return(j); 106 return (j);
108 s->rwstate=SSL_NOTHING; 107 s->rwstate = SSL_NOTHING;
109 s->packet_length+=j; 108 s->packet_length += j;
110 if (s->packet_length >= (unsigned int)n) 109 if (s->packet_length >= (unsigned int)n)
111 return(s->packet_length); 110 return (s->packet_length);
112 }
113 } 111 }
114 return(n);
115 } 112 }
116 113 return (n);
114}
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index 2ac8786c62..35db7b4992 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -121,227 +121,209 @@
121 121
122static const SSL_METHOD *ssl23_get_server_method(int ver); 122static const SSL_METHOD *ssl23_get_server_method(int ver);
123int ssl23_get_client_hello(SSL *s); 123int ssl23_get_client_hello(SSL *s);
124static const SSL_METHOD *ssl23_get_server_method(int ver) 124static const SSL_METHOD
125 { 125*ssl23_get_server_method(int ver)
126{
126#ifndef OPENSSL_NO_SSL2 127#ifndef OPENSSL_NO_SSL2
127 if (ver == SSL2_VERSION) 128 if (ver == SSL2_VERSION)
128 return(SSLv2_server_method()); 129 return (SSLv2_server_method());
129#endif 130#endif
130 if (ver == SSL3_VERSION) 131 if (ver == SSL3_VERSION)
131 return(SSLv3_server_method()); 132 return (SSLv3_server_method());
132 else if (ver == TLS1_VERSION) 133 else if (ver == TLS1_VERSION)
133 return(TLSv1_server_method()); 134 return (TLSv1_server_method());
134 else if (ver == TLS1_1_VERSION) 135 else if (ver == TLS1_1_VERSION)
135 return(TLSv1_1_server_method()); 136 return (TLSv1_1_server_method());
136 else if (ver == TLS1_2_VERSION) 137 else if (ver == TLS1_2_VERSION)
137 return(TLSv1_2_server_method()); 138 return (TLSv1_2_server_method());
138 else 139 else
139 return(NULL); 140 return (NULL);
140 } 141}
141 142
142IMPLEMENT_ssl23_meth_func(SSLv23_server_method, 143IMPLEMENT_ssl23_meth_func(SSLv23_server_method,
143 ssl23_accept, 144 ssl23_accept, ssl_undefined_function, ssl23_get_server_method)
144 ssl_undefined_function,
145 ssl23_get_server_method)
146 145
147int ssl23_accept(SSL *s) 146int
148 { 147ssl23_accept(SSL *s)
148{
149 BUF_MEM *buf; 149 BUF_MEM *buf;
150 unsigned long Time=(unsigned long)time(NULL); 150 unsigned long Time = (unsigned long)time(NULL);
151 void (*cb)(const SSL *ssl,int type,int val)=NULL; 151 void (*cb)(const SSL *ssl, int type, int val) = NULL;
152 int ret= -1; 152 int ret = -1;
153 int new_state,state; 153 int new_state, state;
154 154
155 RAND_add(&Time,sizeof(Time),0); 155 RAND_add(&Time, sizeof(Time), 0);
156 ERR_clear_error(); 156 ERR_clear_error();
157 errno = 0; 157 errno = 0;
158 158
159 if (s->info_callback != NULL) 159 if (s->info_callback != NULL)
160 cb=s->info_callback; 160 cb = s->info_callback;
161 else if (s->ctx->info_callback != NULL) 161 else if (s->ctx->info_callback != NULL)
162 cb=s->ctx->info_callback; 162 cb = s->ctx->info_callback;
163 163
164 s->in_handshake++; 164 s->in_handshake++;
165 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 165 if (!SSL_in_init(s) || SSL_in_before(s))
166 SSL_clear(s);
166 167
167 for (;;) 168 for (;;) {
168 { 169 state = s->state;
169 state=s->state;
170 170
171 switch(s->state) 171 switch (s->state) {
172 {
173 case SSL_ST_BEFORE: 172 case SSL_ST_BEFORE:
174 case SSL_ST_ACCEPT: 173 case SSL_ST_ACCEPT:
175 case SSL_ST_BEFORE|SSL_ST_ACCEPT: 174 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
176 case SSL_ST_OK|SSL_ST_ACCEPT: 175 case SSL_ST_OK|SSL_ST_ACCEPT:
177 176
178 s->server=1; 177 s->server = 1;
179 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 178 if (cb != NULL)
179 cb(s, SSL_CB_HANDSHAKE_START, 1);
180 180
181 /* s->version=SSL3_VERSION; */ 181 /* s->version=SSL3_VERSION; */
182 s->type=SSL_ST_ACCEPT; 182 s->type = SSL_ST_ACCEPT;
183 183
184 if (s->init_buf == NULL) 184 if (s->init_buf == NULL) {
185 { 185 if ((buf = BUF_MEM_new()) == NULL) {
186 if ((buf=BUF_MEM_new()) == NULL) 186 ret = -1;
187 {
188 ret= -1;
189 goto end; 187 goto end;
190 } 188 }
191 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) 189 if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
192 { 190 ret = -1;
193 ret= -1;
194 goto end; 191 goto end;
195 }
196 s->init_buf=buf;
197 } 192 }
193 s->init_buf = buf;
194 }
198 195
199 ssl3_init_finished_mac(s); 196 ssl3_init_finished_mac(s);
200 197
201 s->state=SSL23_ST_SR_CLNT_HELLO_A; 198 s->state = SSL23_ST_SR_CLNT_HELLO_A;
202 s->ctx->stats.sess_accept++; 199 s->ctx->stats.sess_accept++;
203 s->init_num=0; 200 s->init_num = 0;
204 break; 201 break;
205 202
206 case SSL23_ST_SR_CLNT_HELLO_A: 203 case SSL23_ST_SR_CLNT_HELLO_A:
207 case SSL23_ST_SR_CLNT_HELLO_B: 204 case SSL23_ST_SR_CLNT_HELLO_B:
208 205
209 s->shutdown=0; 206 s->shutdown = 0;
210 ret=ssl23_get_client_hello(s); 207 ret = ssl23_get_client_hello(s);
211 if (ret >= 0) cb=NULL; 208 if (ret >= 0)
209 cb = NULL;
212 goto end; 210 goto end;
213 /* break; */ 211 /* break; */
214 212
215 default: 213 default:
216 SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE); 214 SSLerr(SSL_F_SSL23_ACCEPT, SSL_R_UNKNOWN_STATE);
217 ret= -1; 215 ret = -1;
218 goto end; 216 goto end;
219 /* break; */ 217 /* break; */
220 } 218 }
221 219
222 if ((cb != NULL) && (s->state != state)) 220 if ((cb != NULL) && (s->state != state)) {
223 { 221 new_state = s->state;
224 new_state=s->state; 222 s->state = state;
225 s->state=state; 223 cb(s, SSL_CB_ACCEPT_LOOP, 1);
226 cb(s,SSL_CB_ACCEPT_LOOP,1); 224 s->state = new_state;
227 s->state=new_state;
228 }
229 } 225 }
226 }
230end: 227end:
231 s->in_handshake--; 228 s->in_handshake--;
232 if (cb != NULL) 229 if (cb != NULL)
233 cb(s,SSL_CB_ACCEPT_EXIT,ret); 230 cb(s, SSL_CB_ACCEPT_EXIT, ret);
234 return(ret); 231 return (ret);
235 } 232}
236 233
237 234
238int ssl23_get_client_hello(SSL *s) 235int
239 { 236ssl23_get_client_hello(SSL *s)
237{
240 char buf_space[11]; /* Request this many bytes in initial read. 238 char buf_space[11]; /* Request this many bytes in initial read.
241 * We can detect SSL 3.0/TLS 1.0 Client Hellos 239 * We can detect SSL 3.0/TLS 1.0 Client Hellos
242 * ('type == 3') correctly only when the following 240 * ('type == 3') correctly only when the following
243 * is in a single record, which is not guaranteed by 241 * is in a single record, which is not guaranteed by
244 * the protocol specification: 242 * the protocol specification:
245 * Byte Content 243 * Byte Content
246 * 0 type \ 244 * 0 type \
247 * 1/2 version > record header 245 * 1/2 version > record header
248 * 3/4 length / 246 * 3/4 length /
249 * 5 msg_type \ 247 * 5 msg_type \
250 * 6-8 length > Client Hello message 248 * 6-8 length > Client Hello message
251 * 9/10 client_version / 249 * 9/10 client_version /
252 */ 250 */
253 char *buf= &(buf_space[0]); 251 char *buf = &(buf_space[0]);
254 unsigned char *p,*d,*d_len,*dd; 252 unsigned char *p, *d, *d_len, *dd;
255 unsigned int i; 253 unsigned int i;
256 unsigned int csl,sil,cl; 254 unsigned int csl, sil, cl;
257 int n=0,j; 255 int n = 0, j;
258 int type=0; 256 int type = 0;
259 int v[2]; 257 int v[2];
260 258
261 if (s->state == SSL23_ST_SR_CLNT_HELLO_A) 259 if (s->state == SSL23_ST_SR_CLNT_HELLO_A) {
262 {
263 /* read the initial header */ 260 /* read the initial header */
264 v[0]=v[1]=0; 261 v[0] = v[1] = 0;
265 262
266 if (!ssl3_setup_buffers(s)) goto err; 263 if (!ssl3_setup_buffers(s))
264 goto err;
267 265
268 n=ssl23_read_bytes(s, sizeof buf_space); 266 n = ssl23_read_bytes(s, sizeof buf_space);
269 if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */ 267 if (n != sizeof buf_space)
268 return(n); /* n == -1 || n == 0 */
270 269
271 p=s->packet; 270 p = s->packet;
272 271
273 memcpy(buf,p,n); 272 memcpy(buf, p, n);
274 273
275 if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) 274 if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) {
276 {
277 /* 275 /*
278 * SSLv2 header 276 * SSLv2 header
279 */ 277 */
280 if ((p[3] == 0x00) && (p[4] == 0x02)) 278 if ((p[3] == 0x00) && (p[4] == 0x02)) {
281 { 279 v[0] = p[3];
282 v[0]=p[3]; v[1]=p[4]; 280 v[1] = p[4];
283 /* SSLv2 */ 281 /* SSLv2 */
284 if (!(s->options & SSL_OP_NO_SSLv2)) 282 if (!(s->options & SSL_OP_NO_SSLv2))
285 type=1; 283 type = 1;
286 } 284 } else if (p[3] == SSL3_VERSION_MAJOR) {
287 else if (p[3] == SSL3_VERSION_MAJOR) 285 v[0] = p[3];
288 { 286 v[1] = p[4];
289 v[0]=p[3]; v[1]=p[4];
290 /* SSLv3/TLSv1 */ 287 /* SSLv3/TLSv1 */
291 if (p[4] >= TLS1_VERSION_MINOR) 288 if (p[4] >= TLS1_VERSION_MINOR) {
292 {
293 if (p[4] >= TLS1_2_VERSION_MINOR && 289 if (p[4] >= TLS1_2_VERSION_MINOR &&
294 !(s->options & SSL_OP_NO_TLSv1_2)) 290 !(s->options & SSL_OP_NO_TLSv1_2)) {
295 { 291 s->version = TLS1_2_VERSION;
296 s->version=TLS1_2_VERSION; 292 s->state = SSL23_ST_SR_CLNT_HELLO_B;
297 s->state=SSL23_ST_SR_CLNT_HELLO_B; 293 } else if (p[4] >= TLS1_1_VERSION_MINOR &&
298 } 294 !(s->options & SSL_OP_NO_TLSv1_1)) {
299 else if (p[4] >= TLS1_1_VERSION_MINOR && 295 s->version = TLS1_1_VERSION;
300 !(s->options & SSL_OP_NO_TLSv1_1))
301 {
302 s->version=TLS1_1_VERSION;
303 /* type=2; */ /* done later to survive restarts */ 296 /* type=2; */ /* done later to survive restarts */
304 s->state=SSL23_ST_SR_CLNT_HELLO_B; 297 s->state = SSL23_ST_SR_CLNT_HELLO_B;
305 } 298 } else if (!(s->options & SSL_OP_NO_TLSv1)) {
306 else if (!(s->options & SSL_OP_NO_TLSv1)) 299 s->version = TLS1_VERSION;
307 {
308 s->version=TLS1_VERSION;
309 /* type=2; */ /* done later to survive restarts */ 300 /* type=2; */ /* done later to survive restarts */
310 s->state=SSL23_ST_SR_CLNT_HELLO_B; 301 s->state = SSL23_ST_SR_CLNT_HELLO_B;
311 } 302 } else if (!(s->options & SSL_OP_NO_SSLv3)) {
312 else if (!(s->options & SSL_OP_NO_SSLv3)) 303 s->version = SSL3_VERSION;
313 {
314 s->version=SSL3_VERSION;
315 /* type=2; */ 304 /* type=2; */
316 s->state=SSL23_ST_SR_CLNT_HELLO_B; 305 s->state = SSL23_ST_SR_CLNT_HELLO_B;
317 } 306 } else if (!(s->options & SSL_OP_NO_SSLv2)) {
318 else if (!(s->options & SSL_OP_NO_SSLv2)) 307 type = 1;
319 {
320 type=1;
321 }
322 } 308 }
323 else if (!(s->options & SSL_OP_NO_SSLv3)) 309 } else if (!(s->options & SSL_OP_NO_SSLv3)) {
324 { 310 s->version = SSL3_VERSION;
325 s->version=SSL3_VERSION;
326 /* type=2; */ 311 /* type=2; */
327 s->state=SSL23_ST_SR_CLNT_HELLO_B; 312 s->state = SSL23_ST_SR_CLNT_HELLO_B;
328 } 313 } else if (!(s->options & SSL_OP_NO_SSLv2))
329 else if (!(s->options & SSL_OP_NO_SSLv2)) 314 type = 1;
330 type=1;
331 315
332 }
333 } 316 }
334 else if ((p[0] == SSL3_RT_HANDSHAKE) && 317 } else if ((p[0] == SSL3_RT_HANDSHAKE) &&
335 (p[1] == SSL3_VERSION_MAJOR) && 318 (p[1] == SSL3_VERSION_MAJOR) &&
336 (p[5] == SSL3_MT_CLIENT_HELLO) && 319 (p[5] == SSL3_MT_CLIENT_HELLO) &&
337 ((p[3] == 0 && p[4] < 5 /* silly record length? */) 320 ((p[3] == 0 && p[4] < 5 /* silly record length? */)
338 || (p[9] >= p[1]))) 321 || (p[9] >= p[1]))) {
339 {
340 /* 322 /*
341 * SSLv3 or tls1 header 323 * SSLv3 or tls1 header
342 */ 324 */
343 325
344 v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */ 326 v[0] = p[1]; /* major version (= SSL3_VERSION_MAJOR) */
345 /* We must look at client_version inside the Client Hello message 327 /* We must look at client_version inside the Client Hello message
346 * to get the correct minor version. 328 * to get the correct minor version.
347 * However if we have only a pathologically small fragment of the 329 * However if we have only a pathologically small fragment of the
@@ -350,127 +332,108 @@ int ssl23_get_client_hello(SSL *s)
350 * No known SSL 3.0 client fragments ClientHello like this, 332 * No known SSL 3.0 client fragments ClientHello like this,
351 * so we simply assume TLS 1.0 to avoid protocol version downgrade 333 * so we simply assume TLS 1.0 to avoid protocol version downgrade
352 * attacks. */ 334 * attacks. */
353 if (p[3] == 0 && p[4] < 6) 335 if (p[3] == 0 && p[4] < 6) {
354 {
355#if 0 336#if 0
356 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL); 337 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_SMALL);
357 goto err; 338 goto err;
358#else 339#else
359 v[1] = TLS1_VERSION_MINOR; 340 v[1] = TLS1_VERSION_MINOR;
360#endif 341#endif
361 } 342 }
362 /* if major version number > 3 set minor to a value 343 /* if major version number > 3 set minor to a value
363 * which will use the highest version 3 we support. 344 * which will use the highest version 3 we support.
364 * If TLS 2.0 ever appears we will need to revise 345 * If TLS 2.0 ever appears we will need to revise
365 * this.... 346 * this....
366 */ 347 */
367 else if (p[9] > SSL3_VERSION_MAJOR) 348 else if (p[9] > SSL3_VERSION_MAJOR)
368 v[1]=0xff; 349 v[1] = 0xff;
369 else 350 else
370 v[1]=p[10]; /* minor version according to client_version */ 351 v[1] = p[10]; /* minor version according to client_version */
371 if (v[1] >= TLS1_VERSION_MINOR) 352 if (v[1] >= TLS1_VERSION_MINOR) {
372 {
373 if (v[1] >= TLS1_2_VERSION_MINOR && 353 if (v[1] >= TLS1_2_VERSION_MINOR &&
374 !(s->options & SSL_OP_NO_TLSv1_2)) 354 !(s->options & SSL_OP_NO_TLSv1_2)) {
375 { 355 s->version = TLS1_2_VERSION;
376 s->version=TLS1_2_VERSION; 356 type = 3;
377 type=3; 357 } else if (v[1] >= TLS1_1_VERSION_MINOR &&
378 } 358 !(s->options & SSL_OP_NO_TLSv1_1)) {
379 else if (v[1] >= TLS1_1_VERSION_MINOR && 359 s->version = TLS1_1_VERSION;
380 !(s->options & SSL_OP_NO_TLSv1_1)) 360 type = 3;
381 { 361 } else if (!(s->options & SSL_OP_NO_TLSv1)) {
382 s->version=TLS1_1_VERSION; 362 s->version = TLS1_VERSION;
383 type=3; 363 type = 3;
384 } 364 } else if (!(s->options & SSL_OP_NO_SSLv3)) {
385 else if (!(s->options & SSL_OP_NO_TLSv1)) 365 s->version = SSL3_VERSION;
386 { 366 type = 3;
387 s->version=TLS1_VERSION;
388 type=3;
389 }
390 else if (!(s->options & SSL_OP_NO_SSLv3))
391 {
392 s->version=SSL3_VERSION;
393 type=3;
394 }
395 } 367 }
396 else 368 } else {
397 {
398 /* client requests SSL 3.0 */ 369 /* client requests SSL 3.0 */
399 if (!(s->options & SSL_OP_NO_SSLv3)) 370 if (!(s->options & SSL_OP_NO_SSLv3)) {
400 { 371 s->version = SSL3_VERSION;
401 s->version=SSL3_VERSION; 372 type = 3;
402 type=3; 373 } else if (!(s->options & SSL_OP_NO_TLSv1)) {
403 }
404 else if (!(s->options & SSL_OP_NO_TLSv1))
405 {
406 /* we won't be able to use TLS of course, 374 /* we won't be able to use TLS of course,
407 * but this will send an appropriate alert */ 375 * but this will send an appropriate alert */
408 s->version=TLS1_VERSION; 376 s->version = TLS1_VERSION;
409 type=3; 377 type = 3;
410 }
411 } 378 }
412 } 379 }
413 else if ((strncmp("GET ", (char *)p,4) == 0) || 380 }
414 (strncmp("POST ",(char *)p,5) == 0) || 381 else if ((strncmp("GET ", (char *)p, 4) == 0) ||
415 (strncmp("HEAD ",(char *)p,5) == 0) || 382 (strncmp("POST ",(char *)p, 5) == 0) ||
416 (strncmp("PUT ", (char *)p,4) == 0)) 383 (strncmp("HEAD ",(char *)p, 5) == 0) ||
417 { 384 (strncmp("PUT ", (char *)p, 4) == 0)) {
418 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST); 385 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTP_REQUEST);
419 goto err; 386 goto err;
420 } 387 } else if (strncmp("CONNECT", (char *)p, 7) == 0) {
421 else if (strncmp("CONNECT",(char *)p,7) == 0) 388 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTPS_PROXY_REQUEST);
422 {
423 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
424 goto err; 389 goto err;
425 }
426 } 390 }
391 }
427 392
428#ifdef OPENSSL_FIPS 393#ifdef OPENSSL_FIPS
429 if (FIPS_mode() && (s->version < TLS1_VERSION)) 394 if (FIPS_mode() && (s->version < TLS1_VERSION)) {
430 {
431 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, 395 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
432 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); 396 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
433 goto err; 397 goto err;
434 } 398 }
435#endif 399#endif
436 400
437 if (s->state == SSL23_ST_SR_CLNT_HELLO_B) 401 if (s->state == SSL23_ST_SR_CLNT_HELLO_B) {
438 {
439 /* we have SSLv3/TLSv1 in an SSLv2 header 402 /* we have SSLv3/TLSv1 in an SSLv2 header
440 * (other cases skip this state) */ 403 * (other cases skip this state) */
441 404
442 type=2; 405 type = 2;
443 p=s->packet; 406 p = s->packet;
444 v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ 407 v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
445 v[1] = p[4]; 408 v[1] = p[4];
446 409
447 n=((p[0]&0x7f)<<8)|p[1]; 410 n = ((p[0] & 0x7f) << 8) | p[1];
448 if (n > (1024*4)) 411 if (n > (1024 * 4)) {
449 { 412 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_LARGE);
450 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
451 goto err; 413 goto err;
452 } 414 }
453 415
454 j=ssl23_read_bytes(s,n+2); 416 j = ssl23_read_bytes(s, n + 2);
455 if (j <= 0) return(j); 417 if (j <= 0)
418 return (j);
456 419
457 ssl3_finish_mac(s, s->packet+2, s->packet_length-2); 420 ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
458 if (s->msg_callback) 421 if (s->msg_callback)
459 s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */ 422 s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
460 423
461 p=s->packet; 424 p = s->packet;
462 p+=5; 425 p += 5;
463 n2s(p,csl); 426 n2s(p, csl);
464 n2s(p,sil); 427 n2s(p, sil);
465 n2s(p,cl); 428 n2s(p, cl);
466 d=(unsigned char *)s->init_buf->data; 429 d = (unsigned char *)s->init_buf->data;
467 if ((csl+sil+cl+11) != s->packet_length) /* We can't have TLS extensions in SSL 2.0 format 430 if ((csl + sil + cl + 11) != s->packet_length) /* We can't have TLS extensions in SSL 2.0 format
468 * Client Hello, can we? Error condition should be 431 * Client Hello, can we ? Error condition should be
469 * '>' otherweise */ 432 * '>' otherweise */
470 { 433 {
471 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH); 434 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_LENGTH_MISMATCH);
472 goto err; 435 goto err;
473 } 436 }
474 437
475 /* record header: msg_type ... */ 438 /* record header: msg_type ... */
476 *(d++) = SSL3_MT_CLIENT_HELLO; 439 *(d++) = SSL3_MT_CLIENT_HELLO;
@@ -484,130 +447,122 @@ int ssl23_get_client_hello(SSL *s)
484 447
485 /* lets populate the random area */ 448 /* lets populate the random area */
486 /* get the challenge_length */ 449 /* get the challenge_length */
487 i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl; 450 i = (cl > SSL3_RANDOM_SIZE) ? SSL3_RANDOM_SIZE : cl;
488 memset(d,0,SSL3_RANDOM_SIZE); 451 memset(d, 0, SSL3_RANDOM_SIZE);
489 memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i); 452 memcpy(&(d[SSL3_RANDOM_SIZE - i]), &(p[csl + sil]), i);
490 d+=SSL3_RANDOM_SIZE; 453 d += SSL3_RANDOM_SIZE;
491 454
492 /* no session-id reuse */ 455 /* no session-id reuse */
493 *(d++)=0; 456 *(d++) = 0;
494 457
495 /* ciphers */ 458 /* ciphers */
496 j=0; 459 j = 0;
497 dd=d; 460 dd = d;
498 d+=2; 461 d += 2;
499 for (i=0; i<csl; i+=3) 462 for (i = 0; i < csl; i += 3) {
500 { 463 if (p[i] != 0)
501 if (p[i] != 0) continue; 464 continue;
502 *(d++)=p[i+1]; 465 *(d++) = p[i + 1];
503 *(d++)=p[i+2]; 466 *(d++) = p[i + 2];
504 j+=2; 467 j += 2;
505 } 468 }
506 s2n(j,dd); 469 s2n(j, dd);
507 470
508 /* COMPRESSION */ 471 /* COMPRESSION */
509 *(d++)=1; 472 *(d++) = 1;
510 *(d++)=0; 473 *(d++) = 0;
511 474
512#if 0 475#if 0
513 /* copy any remaining data with may be extensions */ 476 /* copy any remaining data with may be extensions */
514 p = p+csl+sil+cl; 477 p = p + csl + sil + cl;
515 while (p < s->packet+s->packet_length) 478 while (p < s->packet + s->packet_length) {
516 {
517 *(d++)=*(p++); 479 *(d++)=*(p++);
518 } 480 }
519#endif 481#endif
520 482
521 i = (d-(unsigned char *)s->init_buf->data) - 4; 483 i = (d - (unsigned char *)s->init_buf->data) - 4;
522 l2n3((long)i, d_len); 484 l2n3((long)i, d_len);
523 485
524 /* get the data reused from the init_buf */ 486 /* get the data reused from the init_buf */
525 s->s3->tmp.reuse_message=1; 487 s->s3->tmp.reuse_message = 1;
526 s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; 488 s->s3->tmp.message_type = SSL3_MT_CLIENT_HELLO;
527 s->s3->tmp.message_size=i; 489 s->s3->tmp.message_size = i;
528 } 490 }
529 491
530 /* imaginary new state (for program structure): */ 492 /* imaginary new state (for program structure): */
531 /* s->state = SSL23_SR_CLNT_HELLO_C */ 493 /* s->state = SSL23_SR_CLNT_HELLO_C */
532 494
533 if (type == 1) 495 if (type == 1) {
534 {
535#ifdef OPENSSL_NO_SSL2 496#ifdef OPENSSL_NO_SSL2
536 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); 497 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
537 goto err; 498 goto err;
538#else 499#else
539 /* we are talking sslv2 */ 500 /* we are talking sslv2 */
540 /* we need to clean up the SSLv3/TLSv1 setup and put in the 501 /* we need to clean up the SSLv3/TLSv1 setup and put in the
541 * sslv2 stuff. */ 502 * sslv2 stuff. */
542 503
543 if (s->s2 == NULL) 504 if (s->s2 == NULL) {
544 {
545 if (!ssl2_new(s)) 505 if (!ssl2_new(s))
546 goto err; 506 goto err;
547 } 507 } else
548 else
549 ssl2_clear(s); 508 ssl2_clear(s);
550 509
551 if (s->s3 != NULL) ssl3_free(s); 510 if (s->s3 != NULL)
511 ssl3_free(s);
552 512
553 if (!BUF_MEM_grow_clean(s->init_buf, 513 if (!BUF_MEM_grow_clean(s->init_buf,
554 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) 514 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
555 {
556 goto err; 515 goto err;
557 } 516 }
558 517
559 s->state=SSL2_ST_GET_CLIENT_HELLO_A; 518 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
560 if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3) 519 if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
561 s->s2->ssl2_rollback=0; 520 s->s2->ssl2_rollback = 0;
562 else 521 else
563 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 522 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
564 * (SSL 3.0 draft/RFC 2246, App. E.2) */ 523 * (SSL 3.0 draft/RFC 2246, App. E.2) */
565 s->s2->ssl2_rollback=1; 524 s->s2->ssl2_rollback = 1;
566 525
567 /* setup the n bytes we have read so we get them from 526 /* setup the n bytes we have read so we get them from
568 * the sslv2 buffer */ 527 * the sslv2 buffer */
569 s->rstate=SSL_ST_READ_HEADER; 528 s->rstate = SSL_ST_READ_HEADER;
570 s->packet_length=n; 529 s->packet_length = n;
571 s->packet= &(s->s2->rbuf[0]); 530 s->packet = &(s->s2->rbuf[0]);
572 memcpy(s->packet,buf,n); 531 memcpy(s->packet, buf, n);
573 s->s2->rbuf_left=n; 532 s->s2->rbuf_left = n;
574 s->s2->rbuf_offs=0; 533 s->s2->rbuf_offs = 0;
575 534
576 s->method=SSLv2_server_method(); 535 s->method = SSLv2_server_method();
577 s->handshake_func=s->method->ssl_accept; 536 s->handshake_func = s->method->ssl_accept;
578#endif 537#endif
579 } 538 }
580 539
581 if ((type == 2) || (type == 3)) 540 if ((type == 2) || (type == 3)) {
582 {
583 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ 541 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
584 542
585 if (!ssl_init_wbio_buffer(s,1)) goto err; 543 if (!ssl_init_wbio_buffer(s, 1)) goto err;
586 544
587 /* we are in this state */ 545 /* we are in this state */
588 s->state=SSL3_ST_SR_CLNT_HELLO_A; 546 s->state = SSL3_ST_SR_CLNT_HELLO_A;
589 547
590 if (type == 3) 548 if (type == 3) {
591 {
592 /* put the 'n' bytes we have read into the input buffer 549 /* put the 'n' bytes we have read into the input buffer
593 * for SSLv3 */ 550 * for SSLv3 */
594 s->rstate=SSL_ST_READ_HEADER; 551 s->rstate = SSL_ST_READ_HEADER;
595 s->packet_length=n; 552 s->packet_length = n;
596 if (s->s3->rbuf.buf == NULL) 553 if (s->s3->rbuf.buf == NULL)
597 if (!ssl3_setup_read_buffer(s)) 554 if (!ssl3_setup_read_buffer(s))
598 goto err; 555 goto err;
599 556
600 s->packet= &(s->s3->rbuf.buf[0]); 557 s->packet = &(s->s3->rbuf.buf[0]);
601 memcpy(s->packet,buf,n); 558 memcpy(s->packet, buf, n);
602 s->s3->rbuf.left=n; 559 s->s3->rbuf.left = n;
603 s->s3->rbuf.offset=0; 560 s->s3->rbuf.offset = 0;
604 } 561 } else {
605 else 562 s->packet_length = 0;
606 { 563 s->s3->rbuf.left = 0;
607 s->packet_length=0; 564 s->s3->rbuf.offset = 0;
608 s->s3->rbuf.left=0; 565 }
609 s->s3->rbuf.offset=0;
610 }
611 if (s->version == TLS1_2_VERSION) 566 if (s->version == TLS1_2_VERSION)
612 s->method = TLSv1_2_server_method(); 567 s->method = TLSv1_2_server_method();
613 else if (s->version == TLS1_1_VERSION) 568 else if (s->version == TLS1_1_VERSION)
@@ -617,22 +572,23 @@ int ssl23_get_client_hello(SSL *s)
617 else 572 else
618 s->method = SSLv3_server_method(); 573 s->method = SSLv3_server_method();
619#if 0 /* ssl3_get_client_hello does this */ 574#if 0 /* ssl3_get_client_hello does this */
620 s->client_version=(v[0]<<8)|v[1]; 575 s->client_version = (v[0]<<8)|v[1];
621#endif 576#endif
622 s->handshake_func=s->method->ssl_accept; 577 s->handshake_func = s->method->ssl_accept;
623 } 578 }
624 579
625 if ((type < 1) || (type > 3)) 580 if ((type < 1) || (type > 3)) {
626 {
627 /* bad, very bad */ 581 /* bad, very bad */
628 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); 582 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL);
629 goto err; 583 goto err;
630 } 584 }
631 s->init_num=0; 585 s->init_num = 0;
632 586
633 if (buf != buf_space) OPENSSL_free(buf); 587 if (buf != buf_space)
634 return(SSL_accept(s)); 588 OPENSSL_free(buf);
589 return (SSL_accept(s));
635err: 590err:
636 if (buf != buf_space) OPENSSL_free(buf); 591 if (buf != buf_space)
637 return(-1); 592 OPENSSL_free(buf);
638 } 593 return (-1);
594}
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index 6315e9d876..0fd388a05a 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -119,160 +119,163 @@
119static const SSL_METHOD *ssl23_get_client_method(int ver); 119static const SSL_METHOD *ssl23_get_client_method(int ver);
120static int ssl23_client_hello(SSL *s); 120static int ssl23_client_hello(SSL *s);
121static int ssl23_get_server_hello(SSL *s); 121static int ssl23_get_server_hello(SSL *s);
122static const SSL_METHOD *ssl23_get_client_method(int ver) 122static const SSL_METHOD
123 { 123*ssl23_get_client_method(int ver)
124{
124#ifndef OPENSSL_NO_SSL2 125#ifndef OPENSSL_NO_SSL2
125 if (ver == SSL2_VERSION) 126 if (ver == SSL2_VERSION)
126 return(SSLv2_client_method()); 127 return (SSLv2_client_method());
127#endif 128#endif
128 if (ver == SSL3_VERSION) 129 if (ver == SSL3_VERSION)
129 return(SSLv3_client_method()); 130 return (SSLv3_client_method());
130 else if (ver == TLS1_VERSION) 131 else if (ver == TLS1_VERSION)
131 return(TLSv1_client_method()); 132 return (TLSv1_client_method());
132 else if (ver == TLS1_1_VERSION) 133 else if (ver == TLS1_1_VERSION)
133 return(TLSv1_1_client_method()); 134 return (TLSv1_1_client_method());
134 else if (ver == TLS1_2_VERSION) 135 else if (ver == TLS1_2_VERSION)
135 return(TLSv1_2_client_method()); 136 return (TLSv1_2_client_method());
136 else 137 else
137 return(NULL); 138 return (NULL);
138 } 139}
139 140
140IMPLEMENT_ssl23_meth_func(SSLv23_client_method, 141IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
141 ssl_undefined_function, 142 ssl_undefined_function, ssl23_connect, ssl23_get_client_method)
142 ssl23_connect, 143
143 ssl23_get_client_method) 144int
144 145ssl23_connect(SSL *s)
145int ssl23_connect(SSL *s) 146{
146 { 147 BUF_MEM *buf = NULL;
147 BUF_MEM *buf=NULL; 148 unsigned long Time = (unsigned long)time(NULL);
148 unsigned long Time=(unsigned long)time(NULL); 149 void (*cb)(const SSL *ssl, int type, int val) = NULL;
149 void (*cb)(const SSL *ssl,int type,int val)=NULL; 150 int ret = -1;
150 int ret= -1; 151 int new_state, state;
151 int new_state,state; 152
152 153 RAND_add(&Time, sizeof(Time), 0);
153 RAND_add(&Time,sizeof(Time),0);
154 ERR_clear_error(); 154 ERR_clear_error();
155 errno = 0; 155 errno = 0;
156 156
157 if (s->info_callback != NULL) 157 if (s->info_callback != NULL)
158 cb=s->info_callback; 158 cb = s->info_callback;
159 else if (s->ctx->info_callback != NULL) 159 else if (s->ctx->info_callback != NULL)
160 cb=s->ctx->info_callback; 160 cb = s->ctx->info_callback;
161 161
162 s->in_handshake++; 162 s->in_handshake++;
163 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 163 if (!SSL_in_init(s) || SSL_in_before(s))
164 SSL_clear(s);
164 165
165 for (;;) 166 for (;;) {
166 { 167 state = s->state;
167 state=s->state;
168 168
169 switch(s->state) 169 switch (s->state) {
170 {
171 case SSL_ST_BEFORE: 170 case SSL_ST_BEFORE:
172 case SSL_ST_CONNECT: 171 case SSL_ST_CONNECT:
173 case SSL_ST_BEFORE|SSL_ST_CONNECT: 172 case SSL_ST_BEFORE|SSL_ST_CONNECT:
174 case SSL_ST_OK|SSL_ST_CONNECT: 173 case SSL_ST_OK|SSL_ST_CONNECT:
175 174
176 if (s->session != NULL) 175 if (s->session != NULL) {
177 { 176 SSLerr(SSL_F_SSL23_CONNECT, SSL_R_SSL23_DOING_SESSION_ID_REUSE);
178 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE); 177 ret = -1;
179 ret= -1;
180 goto end; 178 goto end;
181 } 179 }
182 s->server=0; 180 s->server = 0;
183 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 181 if (cb != NULL)
182 cb(s, SSL_CB_HANDSHAKE_START, 1);
184 183
185 /* s->version=TLS1_VERSION; */ 184 /* s->version=TLS1_VERSION; */
186 s->type=SSL_ST_CONNECT; 185 s->type = SSL_ST_CONNECT;
187 186
188 if (s->init_buf == NULL) 187 if (s->init_buf == NULL) {
189 { 188 if ((buf = BUF_MEM_new()) == NULL) {
190 if ((buf=BUF_MEM_new()) == NULL) 189 ret = -1;
191 {
192 ret= -1;
193 goto end; 190 goto end;
194 } 191 }
195 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) 192 if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
196 { 193 ret = -1;
197 ret= -1;
198 goto end; 194 goto end;
199 }
200 s->init_buf=buf;
201 buf=NULL;
202 } 195 }
196 s->init_buf = buf;
197 buf = NULL;
198 }
203 199
204 if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } 200 if (!ssl3_setup_buffers(s)) {
201 ret = -1;
202 goto end;
203 }
205 204
206 ssl3_init_finished_mac(s); 205 ssl3_init_finished_mac(s);
207 206
208 s->state=SSL23_ST_CW_CLNT_HELLO_A; 207 s->state = SSL23_ST_CW_CLNT_HELLO_A;
209 s->ctx->stats.sess_connect++; 208 s->ctx->stats.sess_connect++;
210 s->init_num=0; 209 s->init_num = 0;
211 break; 210 break;
212 211
213 case SSL23_ST_CW_CLNT_HELLO_A: 212 case SSL23_ST_CW_CLNT_HELLO_A:
214 case SSL23_ST_CW_CLNT_HELLO_B: 213 case SSL23_ST_CW_CLNT_HELLO_B:
215 214
216 s->shutdown=0; 215 s->shutdown = 0;
217 ret=ssl23_client_hello(s); 216 ret = ssl23_client_hello(s);
218 if (ret <= 0) goto end; 217 if (ret <= 0)
219 s->state=SSL23_ST_CR_SRVR_HELLO_A; 218 goto end;
220 s->init_num=0; 219 s->state = SSL23_ST_CR_SRVR_HELLO_A;
220 s->init_num = 0;
221 221
222 break; 222 break;
223 223
224 case SSL23_ST_CR_SRVR_HELLO_A: 224 case SSL23_ST_CR_SRVR_HELLO_A:
225 case SSL23_ST_CR_SRVR_HELLO_B: 225 case SSL23_ST_CR_SRVR_HELLO_B:
226 ret=ssl23_get_server_hello(s); 226 ret = ssl23_get_server_hello(s);
227 if (ret >= 0) cb=NULL; 227 if (ret >= 0)
228 cb = NULL;
228 goto end; 229 goto end;
229 /* break; */ 230 /* break; */
230 231
231 default: 232 default:
232 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE); 233 SSLerr(SSL_F_SSL23_CONNECT, SSL_R_UNKNOWN_STATE);
233 ret= -1; 234 ret = -1;
234 goto end; 235 goto end;
235 /* break; */ 236 /* break; */
236 } 237 }
237 238
238 if (s->debug) { (void)BIO_flush(s->wbio); } 239 if (s->debug) {
240 (void)BIO_flush(s->wbio);
241 }
239 242
240 if ((cb != NULL) && (s->state != state)) 243 if ((cb != NULL) && (s->state != state)) {
241 { 244 new_state = s->state;
242 new_state=s->state; 245 s->state = state;
243 s->state=state; 246 cb(s, SSL_CB_CONNECT_LOOP, 1);
244 cb(s,SSL_CB_CONNECT_LOOP,1); 247 s->state = new_state;
245 s->state=new_state;
246 }
247 } 248 }
249 }
248end: 250end:
249 s->in_handshake--; 251 s->in_handshake--;
250 if (buf != NULL) 252 if (buf != NULL)
251 BUF_MEM_free(buf); 253 BUF_MEM_free(buf);
252 if (cb != NULL) 254 if (cb != NULL)
253 cb(s,SSL_CB_CONNECT_EXIT,ret); 255 cb(s, SSL_CB_CONNECT_EXIT, ret);
254 return(ret); 256 return (ret);
255 } 257}
256 258
257static int ssl23_no_ssl2_ciphers(SSL *s) 259static int
258 { 260ssl23_no_ssl2_ciphers(SSL *s)
261{
259 SSL_CIPHER *cipher; 262 SSL_CIPHER *cipher;
260 STACK_OF(SSL_CIPHER) *ciphers; 263 STACK_OF(SSL_CIPHER) *ciphers;
261 int i; 264 int i;
262 ciphers = SSL_get_ciphers(s); 265 ciphers = SSL_get_ciphers(s);
263 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) 266 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
264 {
265 cipher = sk_SSL_CIPHER_value(ciphers, i); 267 cipher = sk_SSL_CIPHER_value(ciphers, i);
266 if (cipher->algorithm_ssl == SSL_SSLV2) 268 if (cipher->algorithm_ssl == SSL_SSLV2)
267 return 0; 269 return 0;
268 }
269 return 1;
270 } 270 }
271 return 1;
272}
271 273
272/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 274/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
273 * on failure, 1 on success. */ 275 * on failure, 1 on success. */
274int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len) 276int
275 { 277ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
278{
276 int send_time = 0; 279 int send_time = 0;
277 280
278 if (len < 4) 281 if (len < 4)
@@ -281,22 +284,21 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
281 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0; 284 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
282 else 285 else
283 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0; 286 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
284 if (send_time) 287 if (send_time) {
285 {
286 unsigned long Time = (unsigned long)time(NULL); 288 unsigned long Time = (unsigned long)time(NULL);
287 unsigned char *p = result; 289 unsigned char *p = result;
288 l2n(Time, p); 290 l2n(Time, p);
289 return RAND_pseudo_bytes(p, len-4); 291 return RAND_pseudo_bytes(p, len - 4);
290 } 292 } else
291 else
292 return RAND_pseudo_bytes(result, len); 293 return RAND_pseudo_bytes(result, len);
293 } 294}
294 295
295static int ssl23_client_hello(SSL *s) 296static int
296 { 297ssl23_client_hello(SSL *s)
298{
297 unsigned char *buf; 299 unsigned char *buf;
298 unsigned char *p,*d; 300 unsigned char *p, *d;
299 int i,ch_len; 301 int i, ch_len;
300 unsigned long l; 302 unsigned long l;
301 int ssl2_compat; 303 int ssl2_compat;
302 int version = 0, version_major, version_minor; 304 int version = 0, version_major, version_minor;
@@ -320,14 +322,14 @@ static int ssl23_client_hello(SSL *s)
320 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the 322 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
321 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. 323 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
322 */ 324 */
323 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1 325 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1
324#if !defined(OPENSSL_NO_SSL3) 326#if !defined(OPENSSL_NO_SSL3)
325 |SSL_OP_NO_SSLv3 327 |SSL_OP_NO_SSLv3
326#endif 328#endif
327#if !defined(OPENSSL_NO_SSL2) 329#if !defined(OPENSSL_NO_SSL2)
328 |(ssl2_compat?SSL_OP_NO_SSLv2:0) 330 |(ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
329#endif 331#endif
330 ; 332 ;
331#if !defined(OPENSSL_NO_TLS1_2_CLIENT) 333#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
332 version = TLS1_2_VERSION; 334 version = TLS1_2_VERSION;
333 335
@@ -351,8 +353,7 @@ static int ssl23_client_hello(SSL *s)
351#endif 353#endif
352 354
353#ifndef OPENSSL_NO_TLSEXT 355#ifndef OPENSSL_NO_TLSEXT
354 if (version != SSL2_VERSION) 356 if (version != SSL2_VERSION) {
355 {
356 /* have to disable SSL 2.0 compatibility if we need TLS extensions */ 357 /* have to disable SSL 2.0 compatibility if we need TLS extensions */
357 358
358 if (s->tlsext_hostname != NULL) 359 if (s->tlsext_hostname != NULL)
@@ -363,67 +364,53 @@ static int ssl23_client_hello(SSL *s)
363 if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL) 364 if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
364 ssl2_compat = 0; 365 ssl2_compat = 0;
365#endif 366#endif
366 } 367 }
367#endif 368#endif
368 369
369 buf=(unsigned char *)s->init_buf->data; 370 buf = (unsigned char *)s->init_buf->data;
370 if (s->state == SSL23_ST_CW_CLNT_HELLO_A) 371 if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
371 {
372#if 0 372#if 0
373 /* don't reuse session-id's */ 373 /* don't reuse session-id's */
374 if (!ssl_get_new_session(s,0)) 374 if (!ssl_get_new_session(s, 0)) {
375 { 375 return (-1);
376 return(-1); 376 }
377 }
378#endif 377#endif
379 378
380 p=s->s3->client_random; 379 p = s->s3->client_random;
381 if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0) 380 if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
382 return -1; 381 return -1;
383 382
384 if (version == TLS1_2_VERSION) 383 if (version == TLS1_2_VERSION) {
385 {
386 version_major = TLS1_2_VERSION_MAJOR; 384 version_major = TLS1_2_VERSION_MAJOR;
387 version_minor = TLS1_2_VERSION_MINOR; 385 version_minor = TLS1_2_VERSION_MINOR;
388 } 386 } else if (version == TLS1_1_VERSION) {
389 else if (version == TLS1_1_VERSION)
390 {
391 version_major = TLS1_1_VERSION_MAJOR; 387 version_major = TLS1_1_VERSION_MAJOR;
392 version_minor = TLS1_1_VERSION_MINOR; 388 version_minor = TLS1_1_VERSION_MINOR;
393 } 389 } else if (version == TLS1_VERSION) {
394 else if (version == TLS1_VERSION)
395 {
396 version_major = TLS1_VERSION_MAJOR; 390 version_major = TLS1_VERSION_MAJOR;
397 version_minor = TLS1_VERSION_MINOR; 391 version_minor = TLS1_VERSION_MINOR;
398 } 392 }
399#ifdef OPENSSL_FIPS 393#ifdef OPENSSL_FIPS
400 else if(FIPS_mode()) 394 else if (FIPS_mode()) {
401 {
402 SSLerr(SSL_F_SSL23_CLIENT_HELLO, 395 SSLerr(SSL_F_SSL23_CLIENT_HELLO,
403 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); 396 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
404 return -1; 397 return -1;
405 } 398 }
406#endif 399#endif
407 else if (version == SSL3_VERSION) 400 else if (version == SSL3_VERSION) {
408 {
409 version_major = SSL3_VERSION_MAJOR; 401 version_major = SSL3_VERSION_MAJOR;
410 version_minor = SSL3_VERSION_MINOR; 402 version_minor = SSL3_VERSION_MINOR;
411 } 403 } else if (version == SSL2_VERSION) {
412 else if (version == SSL2_VERSION)
413 {
414 version_major = SSL2_VERSION_MAJOR; 404 version_major = SSL2_VERSION_MAJOR;
415 version_minor = SSL2_VERSION_MINOR; 405 version_minor = SSL2_VERSION_MINOR;
416 } 406 } else {
417 else 407 SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_PROTOCOLS_AVAILABLE);
418 { 408 return (-1);
419 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE); 409 }
420 return(-1);
421 }
422 410
423 s->client_version = version; 411 s->client_version = version;
424 412
425 if (ssl2_compat) 413 if (ssl2_compat) {
426 {
427 /* create SSL 2.0 compatible Client Hello */ 414 /* create SSL 2.0 compatible Client Hello */
428 415
429 /* two byte record header will be written last */ 416 /* two byte record header will be written last */
@@ -433,28 +420,27 @@ static int ssl23_client_hello(SSL *s)
433 *(d++) = SSL2_MT_CLIENT_HELLO; 420 *(d++) = SSL2_MT_CLIENT_HELLO;
434 *(d++) = version_major; 421 *(d++) = version_major;
435 *(d++) = version_minor; 422 *(d++) = version_minor;
436 423
437 /* Ciphers supported */ 424 /* Ciphers supported */
438 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p,0); 425 i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), p, 0);
439 if (i == 0) 426 if (i == 0) {
440 {
441 /* no ciphers */ 427 /* no ciphers */
442 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); 428 SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
443 return -1; 429 return -1;
444 } 430 }
445 s2n(i,d); 431 s2n(i, d);
446 p+=i; 432 p += i;
447 433
448 /* put in the session-id length (zero since there is no reuse) */ 434 /* put in the session-id length (zero since there is no reuse) */
449#if 0 435#if 0
450 s->session->session_id_length=0; 436 s->session->session_id_length = 0;
451#endif 437#endif
452 s2n(0,d); 438 s2n(0, d);
453 439
454 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) 440 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
455 ch_len=SSL2_CHALLENGE_LENGTH; 441 ch_len = SSL2_CHALLENGE_LENGTH;
456 else 442 else
457 ch_len=SSL2_MAX_CHALLENGE_LENGTH; 443 ch_len = SSL2_MAX_CHALLENGE_LENGTH;
458 444
459 /* write out sslv2 challenge */ 445 /* write out sslv2 challenge */
460 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), 446 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32),
@@ -462,34 +448,32 @@ static int ssl23_client_hello(SSL *s)
462 or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the 448 or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the
463 check in for futurproofing */ 449 check in for futurproofing */
464 if (SSL3_RANDOM_SIZE < ch_len) 450 if (SSL3_RANDOM_SIZE < ch_len)
465 i=SSL3_RANDOM_SIZE; 451 i = SSL3_RANDOM_SIZE;
466 else 452 else
467 i=ch_len; 453 i = ch_len;
468 s2n(i,d); 454 s2n(i, d);
469 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); 455 memset(&(s->s3->client_random[0]), 0, SSL3_RANDOM_SIZE);
470 if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0) 456 if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i) <= 0)
471 return -1; 457 return -1;
472 458
473 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); 459 memcpy(p, &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
474 p+=i; 460 p += i;
475 461
476 i= p- &(buf[2]); 462 i = p- &(buf[2]);
477 buf[0]=((i>>8)&0xff)|0x80; 463 buf[0] = ((i >> 8)&0xff)|0x80;
478 buf[1]=(i&0xff); 464 buf[1] = (i&0xff);
479 465
480 /* number of bytes to write */ 466 /* number of bytes to write */
481 s->init_num=i+2; 467 s->init_num = i + 2;
482 s->init_off=0; 468 s->init_off = 0;
483 469
484 ssl3_finish_mac(s,&(buf[2]),i); 470 ssl3_finish_mac(s, &(buf[2]), i);
485 } 471 } else {
486 else
487 {
488 /* create Client Hello in SSL 3.0/TLS 1.0 format */ 472 /* create Client Hello in SSL 3.0/TLS 1.0 format */
489 473
490 /* do the record header (5 bytes) and handshake message header (4 bytes) last */ 474 /* do the record header (5 bytes) and handshake message header (4 bytes) last */
491 d = p = &(buf[9]); 475 d = p = &(buf[9]);
492 476
493 *(p++) = version_major; 477 *(p++) = version_major;
494 *(p++) = version_minor; 478 *(p++) = version_minor;
495 479
@@ -501,73 +485,68 @@ static int ssl23_client_hello(SSL *s)
501 *(p++) = 0; 485 *(p++) = 0;
502 486
503 /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */ 487 /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
504 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char); 488 i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), ssl3_put_cipher_by_char);
505 if (i == 0) 489 if (i == 0) {
506 { 490 SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
507 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
508 return -1; 491 return -1;
509 } 492 }
510#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH 493#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
511 /* Some servers hang if client hello > 256 bytes 494 /* Some servers hang if client hello > 256 bytes
512 * as hack workaround chop number of supported ciphers 495 * as hack workaround chop number of supported ciphers
513 * to keep it well below this if we use TLS v1.2 496 * to keep it well below this if we use TLS v1.2
514 */ 497 */
515 if (TLS1_get_version(s) >= TLS1_2_VERSION 498 if (TLS1_get_version(s) >= TLS1_2_VERSION &&
516 && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH) 499 i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
517 i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1; 500 i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
518#endif 501#endif
519 s2n(i,p); 502 s2n(i, p);
520 p+=i; 503 p += i;
521 504
522 /* COMPRESSION */ 505 /* COMPRESSION */
523#ifdef OPENSSL_NO_COMP 506#ifdef OPENSSL_NO_COMP
524 *(p++)=1; 507 *(p++) = 1;
525#else 508#else
526 if ((s->options & SSL_OP_NO_COMPRESSION) 509 if ((s->options & SSL_OP_NO_COMPRESSION) ||
527 || !s->ctx->comp_methods) 510 !s->ctx->comp_methods)
528 j=0; 511 j = 0;
529 else 512 else
530 j=sk_SSL_COMP_num(s->ctx->comp_methods); 513 j = sk_SSL_COMP_num(s->ctx->comp_methods);
531 *(p++)=1+j; 514 *(p++) = 1 + j;
532 for (i=0; i<j; i++) 515 for (i = 0; i < j; i++) {
533 { 516 comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
534 comp=sk_SSL_COMP_value(s->ctx->comp_methods,i); 517 *(p++) = comp->id;
535 *(p++)=comp->id; 518 }
536 }
537#endif 519#endif
538 *(p++)=0; /* Add the NULL method */ 520 *(p++)=0; /* Add the NULL method */
539 521
540#ifndef OPENSSL_NO_TLSEXT 522#ifndef OPENSSL_NO_TLSEXT
541 /* TLS extensions*/ 523 /* TLS extensions*/
542 if (ssl_prepare_clienthello_tlsext(s) <= 0) 524 if (ssl_prepare_clienthello_tlsext(s) <= 0) {
543 { 525 SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
544 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
545 return -1; 526 return -1;
546 } 527 }
547 if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) 528 if ((p = ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
548 { 529 SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
549 SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
550 return -1; 530 return -1;
551 } 531 }
552#endif 532#endif
553 533
554 l = p-d; 534 l = p - d;
555 535
556 /* fill in 4-byte handshake header */ 536 /* fill in 4-byte handshake header */
557 d=&(buf[5]); 537 d = &(buf[5]);
558 *(d++)=SSL3_MT_CLIENT_HELLO; 538 *(d++) = SSL3_MT_CLIENT_HELLO;
559 l2n3(l,d); 539 l2n3(l, d);
560 540
561 l += 4; 541 l += 4;
562 542
563 if (l > SSL3_RT_MAX_PLAIN_LENGTH) 543 if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
564 { 544 SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
565 SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
566 return -1; 545 return -1;
567 } 546 }
568 547
569 /* fill in 5-byte record header */ 548 /* fill in 5-byte record header */
570 d=buf; 549 d = buf;
571 *(d++) = SSL3_RT_HANDSHAKE; 550 *(d++) = SSL3_RT_HANDSHAKE;
572 *(d++) = version_major; 551 *(d++) = version_major;
573 /* Some servers hang if we use long client hellos 552 /* Some servers hang if we use long client hellos
@@ -577,54 +556,54 @@ static int ssl23_client_hello(SSL *s)
577 *(d++) = 1; 556 *(d++) = 1;
578 else 557 else
579 *(d++) = version_minor; 558 *(d++) = version_minor;
580 s2n((int)l,d); 559 s2n((int)l, d);
581 560
582 /* number of bytes to write */ 561 /* number of bytes to write */
583 s->init_num=p-buf; 562 s->init_num = p - buf;
584 s->init_off=0; 563 s->init_off = 0;
585
586 ssl3_finish_mac(s,&(buf[5]), s->init_num - 5);
587 }
588 564
589 s->state=SSL23_ST_CW_CLNT_HELLO_B; 565 ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
590 s->init_off=0;
591 } 566 }
592 567
568 s->state = SSL23_ST_CW_CLNT_HELLO_B;
569 s->init_off = 0;
570 }
571
593 /* SSL3_ST_CW_CLNT_HELLO_B */ 572 /* SSL3_ST_CW_CLNT_HELLO_B */
594 ret = ssl23_write_bytes(s); 573 ret = ssl23_write_bytes(s);
595 574
596 if ((ret >= 2) && s->msg_callback) 575 if ((ret >= 2) && s->msg_callback) {
597 {
598 /* Client Hello has been sent; tell msg_callback */ 576 /* Client Hello has been sent; tell msg_callback */
599 577
600 if (ssl2_compat) 578 if (ssl2_compat)
601 s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); 579 s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data + 2, ret - 2, s, s->msg_callback_arg);
602 else 580 else
603 s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg); 581 s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data + 5, ret - 5, s, s->msg_callback_arg);
604 } 582 }
605 583
606 return ret; 584 return ret;
607 } 585}
608 586
609static int ssl23_get_server_hello(SSL *s) 587static int
610 { 588ssl23_get_server_hello(SSL *s)
589{
611 char buf[8]; 590 char buf[8];
612 unsigned char *p; 591 unsigned char *p;
613 int i; 592 int i;
614 int n; 593 int n;
615 594
616 n=ssl23_read_bytes(s,7); 595 n = ssl23_read_bytes(s, 7);
617 596
618 if (n != 7) return(n); 597 if (n != 7)
619 p=s->packet; 598 return (n);
599 p = s->packet;
620 600
621 memcpy(buf,p,n); 601 memcpy(buf, p, n);
622 602
623 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && 603 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
624 (p[5] == 0x00) && (p[6] == 0x02)) 604 (p[5] == 0x00) && (p[6] == 0x02)) {
625 {
626#ifdef OPENSSL_NO_SSL2 605#ifdef OPENSSL_NO_SSL2
627 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); 606 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
628 goto err; 607 goto err;
629#else 608#else
630 /* we are talking sslv2 */ 609 /* we are talking sslv2 */
@@ -632,169 +611,150 @@ static int ssl23_get_server_hello(SSL *s)
632 * sslv2 stuff. */ 611 * sslv2 stuff. */
633 int ch_len; 612 int ch_len;
634 613
635 if (s->options & SSL_OP_NO_SSLv2) 614 if (s->options & SSL_OP_NO_SSLv2) {
636 { 615 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
637 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
638 goto err; 616 goto err;
639 } 617 }
640 if (s->s2 == NULL) 618 if (s->s2 == NULL) {
641 {
642 if (!ssl2_new(s)) 619 if (!ssl2_new(s))
643 goto err; 620 goto err;
644 } 621 } else
645 else
646 ssl2_clear(s); 622 ssl2_clear(s);
647 623
648 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) 624 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
649 ch_len=SSL2_CHALLENGE_LENGTH; 625 ch_len = SSL2_CHALLENGE_LENGTH;
650 else 626 else
651 ch_len=SSL2_MAX_CHALLENGE_LENGTH; 627 ch_len = SSL2_MAX_CHALLENGE_LENGTH;
652 628
653 /* write out sslv2 challenge */ 629 /* write out sslv2 challenge */
654 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because 630 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because
655 it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or 631 it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
656 SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for 632 SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
657 futurproofing */ 633 futurproofing */
658 i=(SSL3_RANDOM_SIZE < ch_len) 634 i = (SSL3_RANDOM_SIZE < ch_len) ? SSL3_RANDOM_SIZE : ch_len;
659 ?SSL3_RANDOM_SIZE:ch_len; 635 s->s2->challenge_length = i;
660 s->s2->challenge_length=i;
661 memcpy(s->s2->challenge, 636 memcpy(s->s2->challenge,
662 &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); 637 &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
663 638
664 if (s->s3 != NULL) ssl3_free(s); 639 if (s->s3 != NULL)
640 ssl3_free(s);
665 641
666 if (!BUF_MEM_grow_clean(s->init_buf, 642 if (!BUF_MEM_grow_clean(s->init_buf,
667 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) 643 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
668 { 644 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
669 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
670 goto err; 645 goto err;
671 } 646 }
672 647
673 s->state=SSL2_ST_GET_SERVER_HELLO_A; 648 s->state = SSL2_ST_GET_SERVER_HELLO_A;
674 if (!(s->client_version == SSL2_VERSION)) 649 if (!(s->client_version == SSL2_VERSION))
675 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */ 650 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
676 s->s2->ssl2_rollback=1; 651 s->s2->ssl2_rollback = 1;
677 652
678 /* setup the 7 bytes we have read so we get them from 653 /* setup the 7 bytes we have read so we get them from
679 * the sslv2 buffer */ 654 * the sslv2 buffer */
680 s->rstate=SSL_ST_READ_HEADER; 655 s->rstate = SSL_ST_READ_HEADER;
681 s->packet_length=n; 656 s->packet_length = n;
682 s->packet= &(s->s2->rbuf[0]); 657 s->packet = &(s->s2->rbuf[0]);
683 memcpy(s->packet,buf,n); 658 memcpy(s->packet, buf, n);
684 s->s2->rbuf_left=n; 659 s->s2->rbuf_left = n;
685 s->s2->rbuf_offs=0; 660 s->s2->rbuf_offs = 0;
686 661
687 /* we have already written one */ 662 /* we have already written one */
688 s->s2->write_sequence=1; 663 s->s2->write_sequence = 1;
689 664
690 s->method=SSLv2_client_method(); 665 s->method = SSLv2_client_method();
691 s->handshake_func=s->method->ssl_connect; 666 s->handshake_func = s->method->ssl_connect;
692#endif 667#endif
693 } 668 } else if (p[1] == SSL3_VERSION_MAJOR &&
694 else if (p[1] == SSL3_VERSION_MAJOR && 669 p[2] <= TLS1_2_VERSION_MINOR &&
695 p[2] <= TLS1_2_VERSION_MINOR && 670 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
696 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) || 671 (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
697 (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2)))
698 {
699 /* we have sslv3 or tls1 (server hello or alert) */ 672 /* we have sslv3 or tls1 (server hello or alert) */
700 673
701 if ((p[2] == SSL3_VERSION_MINOR) && 674 if ((p[2] == SSL3_VERSION_MINOR) &&
702 !(s->options & SSL_OP_NO_SSLv3)) 675 !(s->options & SSL_OP_NO_SSLv3)) {
703 {
704#ifdef OPENSSL_FIPS 676#ifdef OPENSSL_FIPS
705 if(FIPS_mode()) 677 if (FIPS_mode()) {
706 {
707 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, 678 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
708 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); 679 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
709 goto err; 680 goto err;
710 }
711#endif
712 s->version=SSL3_VERSION;
713 s->method=SSLv3_client_method();
714 }
715 else if ((p[2] == TLS1_VERSION_MINOR) &&
716 !(s->options & SSL_OP_NO_TLSv1))
717 {
718 s->version=TLS1_VERSION;
719 s->method=TLSv1_client_method();
720 } 681 }
721 else if ((p[2] == TLS1_1_VERSION_MINOR) && 682#endif
722 !(s->options & SSL_OP_NO_TLSv1_1)) 683 s->version = SSL3_VERSION;
723 { 684 s->method = SSLv3_client_method();
724 s->version=TLS1_1_VERSION; 685 } else if ((p[2] == TLS1_VERSION_MINOR) &&
725 s->method=TLSv1_1_client_method(); 686 !(s->options & SSL_OP_NO_TLSv1)) {
726 } 687 s->version = TLS1_VERSION;
727 else if ((p[2] == TLS1_2_VERSION_MINOR) && 688 s->method = TLSv1_client_method();
728 !(s->options & SSL_OP_NO_TLSv1_2)) 689 } else if ((p[2] == TLS1_1_VERSION_MINOR) &&
729 { 690 !(s->options & SSL_OP_NO_TLSv1_1)) {
730 s->version=TLS1_2_VERSION; 691 s->version = TLS1_1_VERSION;
731 s->method=TLSv1_2_client_method(); 692 s->method = TLSv1_1_client_method();
732 } 693 } else if ((p[2] == TLS1_2_VERSION_MINOR) &&
733 else 694 !(s->options & SSL_OP_NO_TLSv1_2)) {
734 { 695 s->version = TLS1_2_VERSION;
735 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); 696 s->method = TLSv1_2_client_method();
697 } else {
698 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
736 goto err; 699 goto err;
737 } 700 }
738 701
739 if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) 702 if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) {
740 {
741 /* fatal alert */ 703 /* fatal alert */
742 704
743 void (*cb)(const SSL *ssl,int type,int val)=NULL; 705 void (*cb)(const SSL *ssl, int type, int val) = NULL;
744 int j; 706 int j;
745 707
746 if (s->info_callback != NULL) 708 if (s->info_callback != NULL)
747 cb=s->info_callback; 709 cb = s->info_callback;
748 else if (s->ctx->info_callback != NULL) 710 else if (s->ctx->info_callback != NULL)
749 cb=s->ctx->info_callback; 711 cb = s->ctx->info_callback;
750 712
751 i=p[5]; 713 i = p[5];
752 if (cb != NULL) 714 if (cb != NULL) {
753 { 715 j = (i << 8) | p[6];
754 j=(i<<8)|p[6]; 716 cb(s, SSL_CB_READ_ALERT, j);
755 cb(s,SSL_CB_READ_ALERT,j); 717 }
756 } 718
757
758 if (s->msg_callback) 719 if (s->msg_callback)
759 s->msg_callback(0, s->version, SSL3_RT_ALERT, p+5, 2, s, s->msg_callback_arg); 720 s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s, s->msg_callback_arg);
760 721
761 s->rwstate=SSL_NOTHING; 722 s->rwstate = SSL_NOTHING;
762 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]); 723 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_AD_REASON_OFFSET + p[6]);
763 goto err; 724 goto err;
764 } 725 }
765 726
766 if (!ssl_init_wbio_buffer(s,1)) goto err; 727 if (!ssl_init_wbio_buffer(s, 1))
728 goto err;
767 729
768 /* we are in this state */ 730 /* we are in this state */
769 s->state=SSL3_ST_CR_SRVR_HELLO_A; 731 s->state = SSL3_ST_CR_SRVR_HELLO_A;
770 732
771 /* put the 7 bytes we have read into the input buffer 733 /* put the 7 bytes we have read into the input buffer
772 * for SSLv3 */ 734 * for SSLv3 */
773 s->rstate=SSL_ST_READ_HEADER; 735 s->rstate = SSL_ST_READ_HEADER;
774 s->packet_length=n; 736 s->packet_length = n;
775 if (s->s3->rbuf.buf == NULL) 737 if (s->s3->rbuf.buf == NULL)
776 if (!ssl3_setup_read_buffer(s)) 738 if (!ssl3_setup_read_buffer(s))
777 goto err; 739 goto err;
778 s->packet= &(s->s3->rbuf.buf[0]); 740 s->packet = &(s->s3->rbuf.buf[0]);
779 memcpy(s->packet,buf,n); 741 memcpy(s->packet, buf, n);
780 s->s3->rbuf.left=n; 742 s->s3->rbuf.left = n;
781 s->s3->rbuf.offset=0; 743 s->s3->rbuf.offset = 0;
782 744
783 s->handshake_func=s->method->ssl_connect; 745 s->handshake_func = s->method->ssl_connect;
784 } 746 } else {
785 else 747 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL);
786 {
787 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
788 goto err; 748 goto err;
789 } 749 }
790 s->init_num=0; 750 s->init_num = 0;
791 751
792 /* Since, if we are sending a ssl23 client hello, we are not 752 /* Since, if we are sending a ssl23 client hello, we are not
793 * reusing a session-id */ 753 * reusing a session-id */
794 if (!ssl_get_new_session(s,0)) 754 if (!ssl_get_new_session(s, 0))
795 goto err; 755 goto err;
796 756
797 return(SSL_connect(s)); 757 return (SSL_connect(s));
798err: 758err:
799 return(-1); 759 return (-1);
800 } 760}
diff --git a/src/lib/libssl/src/ssl/s23_lib.c b/src/lib/libssl/src/ssl/s23_lib.c
index a6285b767f..3a4d5a6ecb 100644
--- a/src/lib/libssl/src/ssl/s23_lib.c
+++ b/src/lib/libssl/src/ssl/s23_lib.c
@@ -60,128 +60,126 @@
60#include <openssl/objects.h> 60#include <openssl/objects.h>
61#include "ssl_locl.h" 61#include "ssl_locl.h"
62 62
63long ssl23_default_timeout(void) 63long
64 { 64ssl23_default_timeout(void)
65 return(300); 65{
66 } 66 return (300);
67}
67 68
68int ssl23_num_ciphers(void) 69int
69 { 70ssl23_num_ciphers(void)
71{
70 return(ssl3_num_ciphers() 72 return(ssl3_num_ciphers()
71#ifndef OPENSSL_NO_SSL2 73#ifndef OPENSSL_NO_SSL2
72 + ssl2_num_ciphers() 74 + ssl2_num_ciphers()
73#endif 75#endif
74 ); 76 );
75 } 77}
76 78
77const SSL_CIPHER *ssl23_get_cipher(unsigned int u) 79const SSL_CIPHER
78 { 80*ssl23_get_cipher(unsigned int u)
79 unsigned int uu=ssl3_num_ciphers(); 81{
82 unsigned int uu = ssl3_num_ciphers();
80 83
81 if (u < uu) 84 if (u < uu)
82 return(ssl3_get_cipher(u)); 85 return (ssl3_get_cipher(u));
83 else 86 else
84#ifndef OPENSSL_NO_SSL2 87#ifndef OPENSSL_NO_SSL2
85 return(ssl2_get_cipher(u-uu)); 88 return (ssl2_get_cipher(u - uu));
86#else 89#else
87 return(NULL); 90 return (NULL);
88#endif 91#endif
89 } 92}
90 93
91/* This function needs to check if the ciphers required are actually 94/* This function needs to check if the ciphers required are actually
92 * available */ 95 * available */
93const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) 96const SSL_CIPHER
94 { 97*ssl23_get_cipher_by_char(const unsigned char *p)
98{
95 const SSL_CIPHER *cp; 99 const SSL_CIPHER *cp;
96 100
97 cp=ssl3_get_cipher_by_char(p); 101 cp = ssl3_get_cipher_by_char(p);
98#ifndef OPENSSL_NO_SSL2 102#ifndef OPENSSL_NO_SSL2
99 if (cp == NULL) 103 if (cp == NULL)
100 cp=ssl2_get_cipher_by_char(p); 104 cp = ssl2_get_cipher_by_char(p);
101#endif 105#endif
102 return(cp); 106 return (cp);
103 } 107}
104 108
105int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 109int
106 { 110ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
111{
107 long l; 112 long l;
108 113
109 /* We can write SSLv2 and SSLv3 ciphers */ 114 /* We can write SSLv2 and SSLv3 ciphers */
110 if (p != NULL) 115 if (p != NULL) {
111 { 116 l = c->id;
112 l=c->id; 117 p[0] = ((unsigned char)(l >> 16L))&0xFF;
113 p[0]=((unsigned char)(l>>16L))&0xFF; 118 p[1] = ((unsigned char)(l >> 8L))&0xFF;
114 p[1]=((unsigned char)(l>> 8L))&0xFF; 119 p[2] = ((unsigned char)(l ))&0xFF;
115 p[2]=((unsigned char)(l ))&0xFF;
116 }
117 return(3);
118 } 120 }
121 return (3);
122}
119 123
120int ssl23_read(SSL *s, void *buf, int len) 124int
121 { 125ssl23_read(SSL *s, void *buf, int len)
126{
122 int n; 127 int n;
123 128
124 errno = 0; 129 errno = 0;
125 if (SSL_in_init(s) && (!s->in_handshake)) 130 if (SSL_in_init(s) && (!s->in_handshake)) {
126 { 131 n = s->handshake_func(s);
127 n=s->handshake_func(s); 132 if (n < 0)
128 if (n < 0) return(n); 133 return (n);
129 if (n == 0) 134 if (n == 0) {
130 { 135 SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
131 SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE); 136 return (-1);
132 return(-1);
133 }
134 return(SSL_read(s,buf,len));
135 } 137 }
136 else 138 return (SSL_read(s, buf, len));
137 { 139 } else {
138 ssl_undefined_function(s); 140 ssl_undefined_function(s);
139 return(-1); 141 return (-1);
140 }
141 } 142 }
143}
142 144
143int ssl23_peek(SSL *s, void *buf, int len) 145int
144 { 146ssl23_peek(SSL *s, void *buf, int len)
147{
145 int n; 148 int n;
146 149
147 errno = 0; 150 errno = 0;
148 if (SSL_in_init(s) && (!s->in_handshake)) 151 if (SSL_in_init(s) && (!s->in_handshake)) {
149 { 152 n = s->handshake_func(s);
150 n=s->handshake_func(s); 153 if (n < 0)
151 if (n < 0) return(n); 154 return (n);
152 if (n == 0) 155 if (n == 0) {
153 { 156 SSLerr(SSL_F_SSL23_PEEK, SSL_R_SSL_HANDSHAKE_FAILURE);
154 SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE); 157 return (-1);
155 return(-1);
156 }
157 return(SSL_peek(s,buf,len));
158 } 158 }
159 else 159 return (SSL_peek(s, buf, len));
160 { 160 } else {
161 ssl_undefined_function(s); 161 ssl_undefined_function(s);
162 return(-1); 162 return (-1);
163 }
164 } 163 }
164}
165 165
166int ssl23_write(SSL *s, const void *buf, int len) 166int
167 { 167ssl23_write(SSL *s, const void *buf, int len)
168{
168 int n; 169 int n;
169 170
170 errno = 0; 171 errno = 0;
171 if (SSL_in_init(s) && (!s->in_handshake)) 172 if (SSL_in_init(s) && (!s->in_handshake)) {
172 { 173 n = s->handshake_func(s);
173 n=s->handshake_func(s); 174 if (n < 0)
174 if (n < 0) return(n); 175 return (n);
175 if (n == 0) 176 if (n == 0) {
176 { 177 SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
177 SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); 178 return (-1);
178 return(-1);
179 }
180 return(SSL_write(s,buf,len));
181 } 179 }
182 else 180 return (SSL_write(s, buf, len));
183 { 181 } else {
184 ssl_undefined_function(s); 182 ssl_undefined_function(s);
185 return(-1); 183 return (-1);
186 }
187 } 184 }
185}
diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c
index 40eae0f0be..ca1bb6819f 100644
--- a/src/lib/libssl/src/ssl/s23_meth.c
+++ b/src/lib/libssl/src/ssl/s23_meth.c
@@ -61,32 +61,31 @@
61#include "ssl_locl.h" 61#include "ssl_locl.h"
62 62
63static const SSL_METHOD *ssl23_get_method(int ver); 63static const SSL_METHOD *ssl23_get_method(int ver);
64static const SSL_METHOD *ssl23_get_method(int ver) 64static const SSL_METHOD
65 { 65*ssl23_get_method(int ver)
66{
66#ifndef OPENSSL_NO_SSL2 67#ifndef OPENSSL_NO_SSL2
67 if (ver == SSL2_VERSION) 68 if (ver == SSL2_VERSION)
68 return(SSLv2_method()); 69 return (SSLv2_method());
69 else 70 else
70#endif 71#endif
71#ifndef OPENSSL_NO_SSL3 72#ifndef OPENSSL_NO_SSL3
72 if (ver == SSL3_VERSION) 73 if (ver == SSL3_VERSION)
73 return(SSLv3_method()); 74 return (SSLv3_method());
74 else 75 else
75#endif 76#endif
76#ifndef OPENSSL_NO_TLS1 77#ifndef OPENSSL_NO_TLS1
77 if (ver == TLS1_VERSION) 78 if (ver == TLS1_VERSION)
78 return(TLSv1_method()); 79 return (TLSv1_method());
79 else if (ver == TLS1_1_VERSION) 80 else if (ver == TLS1_1_VERSION)
80 return(TLSv1_1_method()); 81 return (TLSv1_1_method());
81 else if (ver == TLS1_2_VERSION) 82 else if (ver == TLS1_2_VERSION)
82 return(TLSv1_2_method()); 83 return (TLSv1_2_method());
83 else 84 else
84#endif 85#endif
85 return(NULL); 86 return (NULL);
86 } 87}
87 88
88IMPLEMENT_ssl23_meth_func(SSLv23_method, 89IMPLEMENT_ssl23_meth_func(SSLv23_method,
89 ssl23_accept, 90 ssl23_accept, ssl23_connect, ssl23_get_method)
90 ssl23_connect,
91 ssl23_get_method)
92 91
diff --git a/src/lib/libssl/src/ssl/s23_pkt.c b/src/lib/libssl/src/ssl/s23_pkt.c
index eba8d9d8fc..28d07a2212 100644
--- a/src/lib/libssl/src/ssl/s23_pkt.c
+++ b/src/lib/libssl/src/ssl/s23_pkt.c
@@ -62,55 +62,53 @@
62#include <openssl/evp.h> 62#include <openssl/evp.h>
63#include <openssl/buffer.h> 63#include <openssl/buffer.h>
64 64
65int ssl23_write_bytes(SSL *s) 65int
66 { 66ssl23_write_bytes(SSL *s)
67 int i,num,tot; 67{
68 int i, num, tot;
68 char *buf; 69 char *buf;
69 70
70 buf=s->init_buf->data; 71 buf = s->init_buf->data;
71 tot=s->init_off; 72 tot = s->init_off;
72 num=s->init_num; 73 num = s->init_num;
73 for (;;) 74 for (;;) {
74 { 75 s->rwstate = SSL_WRITING;
75 s->rwstate=SSL_WRITING; 76 i = BIO_write(s->wbio, &(buf[tot]), num);
76 i=BIO_write(s->wbio,&(buf[tot]),num); 77 if (i <= 0) {
77 if (i <= 0) 78 s->init_off = tot;
78 { 79 s->init_num = num;
79 s->init_off=tot; 80 return (i);
80 s->init_num=num;
81 return(i);
82 }
83 s->rwstate=SSL_NOTHING;
84 if (i == num) return(tot+i);
85
86 num-=i;
87 tot+=i;
88 } 81 }
82 s->rwstate = SSL_NOTHING;
83 if (i == num)
84 return (tot + i);
85
86 num -= i;
87 tot += i;
89 } 88 }
89}
90 90
91/* return regularly only when we have read (at least) 'n' bytes */ 91/* return regularly only when we have read (at least) 'n' bytes */
92int ssl23_read_bytes(SSL *s, int n) 92int
93 { 93ssl23_read_bytes(SSL *s, int n)
94{
94 unsigned char *p; 95 unsigned char *p;
95 int j; 96 int j;
96 97
97 if (s->packet_length < (unsigned int)n) 98 if (s->packet_length < (unsigned int)n) {
98 { 99 p = s->packet;
99 p=s->packet;
100 100
101 for (;;) 101 for (;;) {
102 { 102 s->rwstate = SSL_READING;
103 s->rwstate=SSL_READING; 103 j = BIO_read(s->rbio,(char *)&(p[s->packet_length]),
104 j=BIO_read(s->rbio,(char *)&(p[s->packet_length]), 104 n - s->packet_length);
105 n-s->packet_length);
106 if (j <= 0) 105 if (j <= 0)
107 return(j); 106 return (j);
108 s->rwstate=SSL_NOTHING; 107 s->rwstate = SSL_NOTHING;
109 s->packet_length+=j; 108 s->packet_length += j;
110 if (s->packet_length >= (unsigned int)n) 109 if (s->packet_length >= (unsigned int)n)
111 return(s->packet_length); 110 return (s->packet_length);
112 }
113 } 111 }
114 return(n);
115 } 112 }
116 113 return (n);
114}
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index 2ac8786c62..35db7b4992 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -121,227 +121,209 @@
121 121
122static const SSL_METHOD *ssl23_get_server_method(int ver); 122static const SSL_METHOD *ssl23_get_server_method(int ver);
123int ssl23_get_client_hello(SSL *s); 123int ssl23_get_client_hello(SSL *s);
124static const SSL_METHOD *ssl23_get_server_method(int ver) 124static const SSL_METHOD
125 { 125*ssl23_get_server_method(int ver)
126{
126#ifndef OPENSSL_NO_SSL2 127#ifndef OPENSSL_NO_SSL2
127 if (ver == SSL2_VERSION) 128 if (ver == SSL2_VERSION)
128 return(SSLv2_server_method()); 129 return (SSLv2_server_method());
129#endif 130#endif
130 if (ver == SSL3_VERSION) 131 if (ver == SSL3_VERSION)
131 return(SSLv3_server_method()); 132 return (SSLv3_server_method());
132 else if (ver == TLS1_VERSION) 133 else if (ver == TLS1_VERSION)
133 return(TLSv1_server_method()); 134 return (TLSv1_server_method());
134 else if (ver == TLS1_1_VERSION) 135 else if (ver == TLS1_1_VERSION)
135 return(TLSv1_1_server_method()); 136 return (TLSv1_1_server_method());
136 else if (ver == TLS1_2_VERSION) 137 else if (ver == TLS1_2_VERSION)
137 return(TLSv1_2_server_method()); 138 return (TLSv1_2_server_method());
138 else 139 else
139 return(NULL); 140 return (NULL);
140 } 141}
141 142
142IMPLEMENT_ssl23_meth_func(SSLv23_server_method, 143IMPLEMENT_ssl23_meth_func(SSLv23_server_method,
143 ssl23_accept, 144 ssl23_accept, ssl_undefined_function, ssl23_get_server_method)
144 ssl_undefined_function,
145 ssl23_get_server_method)
146 145
147int ssl23_accept(SSL *s) 146int
148 { 147ssl23_accept(SSL *s)
148{
149 BUF_MEM *buf; 149 BUF_MEM *buf;
150 unsigned long Time=(unsigned long)time(NULL); 150 unsigned long Time = (unsigned long)time(NULL);
151 void (*cb)(const SSL *ssl,int type,int val)=NULL; 151 void (*cb)(const SSL *ssl, int type, int val) = NULL;
152 int ret= -1; 152 int ret = -1;
153 int new_state,state; 153 int new_state, state;
154 154
155 RAND_add(&Time,sizeof(Time),0); 155 RAND_add(&Time, sizeof(Time), 0);
156 ERR_clear_error(); 156 ERR_clear_error();
157 errno = 0; 157 errno = 0;
158 158
159 if (s->info_callback != NULL) 159 if (s->info_callback != NULL)
160 cb=s->info_callback; 160 cb = s->info_callback;
161 else if (s->ctx->info_callback != NULL) 161 else if (s->ctx->info_callback != NULL)
162 cb=s->ctx->info_callback; 162 cb = s->ctx->info_callback;
163 163
164 s->in_handshake++; 164 s->in_handshake++;
165 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 165 if (!SSL_in_init(s) || SSL_in_before(s))
166 SSL_clear(s);
166 167
167 for (;;) 168 for (;;) {
168 { 169 state = s->state;
169 state=s->state;
170 170
171 switch(s->state) 171 switch (s->state) {
172 {
173 case SSL_ST_BEFORE: 172 case SSL_ST_BEFORE:
174 case SSL_ST_ACCEPT: 173 case SSL_ST_ACCEPT:
175 case SSL_ST_BEFORE|SSL_ST_ACCEPT: 174 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
176 case SSL_ST_OK|SSL_ST_ACCEPT: 175 case SSL_ST_OK|SSL_ST_ACCEPT:
177 176
178 s->server=1; 177 s->server = 1;
179 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 178 if (cb != NULL)
179 cb(s, SSL_CB_HANDSHAKE_START, 1);
180 180
181 /* s->version=SSL3_VERSION; */ 181 /* s->version=SSL3_VERSION; */
182 s->type=SSL_ST_ACCEPT; 182 s->type = SSL_ST_ACCEPT;
183 183
184 if (s->init_buf == NULL) 184 if (s->init_buf == NULL) {
185 { 185 if ((buf = BUF_MEM_new()) == NULL) {
186 if ((buf=BUF_MEM_new()) == NULL) 186 ret = -1;
187 {
188 ret= -1;
189 goto end; 187 goto end;
190 } 188 }
191 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) 189 if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
192 { 190 ret = -1;
193 ret= -1;
194 goto end; 191 goto end;
195 }
196 s->init_buf=buf;
197 } 192 }
193 s->init_buf = buf;
194 }
198 195
199 ssl3_init_finished_mac(s); 196 ssl3_init_finished_mac(s);
200 197
201 s->state=SSL23_ST_SR_CLNT_HELLO_A; 198 s->state = SSL23_ST_SR_CLNT_HELLO_A;
202 s->ctx->stats.sess_accept++; 199 s->ctx->stats.sess_accept++;
203 s->init_num=0; 200 s->init_num = 0;
204 break; 201 break;
205 202
206 case SSL23_ST_SR_CLNT_HELLO_A: 203 case SSL23_ST_SR_CLNT_HELLO_A:
207 case SSL23_ST_SR_CLNT_HELLO_B: 204 case SSL23_ST_SR_CLNT_HELLO_B:
208 205
209 s->shutdown=0; 206 s->shutdown = 0;
210 ret=ssl23_get_client_hello(s); 207 ret = ssl23_get_client_hello(s);
211 if (ret >= 0) cb=NULL; 208 if (ret >= 0)
209 cb = NULL;
212 goto end; 210 goto end;
213 /* break; */ 211 /* break; */
214 212
215 default: 213 default:
216 SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE); 214 SSLerr(SSL_F_SSL23_ACCEPT, SSL_R_UNKNOWN_STATE);
217 ret= -1; 215 ret = -1;
218 goto end; 216 goto end;
219 /* break; */ 217 /* break; */
220 } 218 }
221 219
222 if ((cb != NULL) && (s->state != state)) 220 if ((cb != NULL) && (s->state != state)) {
223 { 221 new_state = s->state;
224 new_state=s->state; 222 s->state = state;
225 s->state=state; 223 cb(s, SSL_CB_ACCEPT_LOOP, 1);
226 cb(s,SSL_CB_ACCEPT_LOOP,1); 224 s->state = new_state;
227 s->state=new_state;
228 }
229 } 225 }
226 }
230end: 227end:
231 s->in_handshake--; 228 s->in_handshake--;
232 if (cb != NULL) 229 if (cb != NULL)
233 cb(s,SSL_CB_ACCEPT_EXIT,ret); 230 cb(s, SSL_CB_ACCEPT_EXIT, ret);
234 return(ret); 231 return (ret);
235 } 232}
236 233
237 234
238int ssl23_get_client_hello(SSL *s) 235int
239 { 236ssl23_get_client_hello(SSL *s)
237{
240 char buf_space[11]; /* Request this many bytes in initial read. 238 char buf_space[11]; /* Request this many bytes in initial read.
241 * We can detect SSL 3.0/TLS 1.0 Client Hellos 239 * We can detect SSL 3.0/TLS 1.0 Client Hellos
242 * ('type == 3') correctly only when the following 240 * ('type == 3') correctly only when the following
243 * is in a single record, which is not guaranteed by 241 * is in a single record, which is not guaranteed by
244 * the protocol specification: 242 * the protocol specification:
245 * Byte Content 243 * Byte Content
246 * 0 type \ 244 * 0 type \
247 * 1/2 version > record header 245 * 1/2 version > record header
248 * 3/4 length / 246 * 3/4 length /
249 * 5 msg_type \ 247 * 5 msg_type \
250 * 6-8 length > Client Hello message 248 * 6-8 length > Client Hello message
251 * 9/10 client_version / 249 * 9/10 client_version /
252 */ 250 */
253 char *buf= &(buf_space[0]); 251 char *buf = &(buf_space[0]);
254 unsigned char *p,*d,*d_len,*dd; 252 unsigned char *p, *d, *d_len, *dd;
255 unsigned int i; 253 unsigned int i;
256 unsigned int csl,sil,cl; 254 unsigned int csl, sil, cl;
257 int n=0,j; 255 int n = 0, j;
258 int type=0; 256 int type = 0;
259 int v[2]; 257 int v[2];
260 258
261 if (s->state == SSL23_ST_SR_CLNT_HELLO_A) 259 if (s->state == SSL23_ST_SR_CLNT_HELLO_A) {
262 {
263 /* read the initial header */ 260 /* read the initial header */
264 v[0]=v[1]=0; 261 v[0] = v[1] = 0;
265 262
266 if (!ssl3_setup_buffers(s)) goto err; 263 if (!ssl3_setup_buffers(s))
264 goto err;
267 265
268 n=ssl23_read_bytes(s, sizeof buf_space); 266 n = ssl23_read_bytes(s, sizeof buf_space);
269 if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */ 267 if (n != sizeof buf_space)
268 return(n); /* n == -1 || n == 0 */
270 269
271 p=s->packet; 270 p = s->packet;
272 271
273 memcpy(buf,p,n); 272 memcpy(buf, p, n);
274 273
275 if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) 274 if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) {
276 {
277 /* 275 /*
278 * SSLv2 header 276 * SSLv2 header
279 */ 277 */
280 if ((p[3] == 0x00) && (p[4] == 0x02)) 278 if ((p[3] == 0x00) && (p[4] == 0x02)) {
281 { 279 v[0] = p[3];
282 v[0]=p[3]; v[1]=p[4]; 280 v[1] = p[4];
283 /* SSLv2 */ 281 /* SSLv2 */
284 if (!(s->options & SSL_OP_NO_SSLv2)) 282 if (!(s->options & SSL_OP_NO_SSLv2))
285 type=1; 283 type = 1;
286 } 284 } else if (p[3] == SSL3_VERSION_MAJOR) {
287 else if (p[3] == SSL3_VERSION_MAJOR) 285 v[0] = p[3];
288 { 286 v[1] = p[4];
289 v[0]=p[3]; v[1]=p[4];
290 /* SSLv3/TLSv1 */ 287 /* SSLv3/TLSv1 */
291 if (p[4] >= TLS1_VERSION_MINOR) 288 if (p[4] >= TLS1_VERSION_MINOR) {
292 {
293 if (p[4] >= TLS1_2_VERSION_MINOR && 289 if (p[4] >= TLS1_2_VERSION_MINOR &&
294 !(s->options & SSL_OP_NO_TLSv1_2)) 290 !(s->options & SSL_OP_NO_TLSv1_2)) {
295 { 291 s->version = TLS1_2_VERSION;
296 s->version=TLS1_2_VERSION; 292 s->state = SSL23_ST_SR_CLNT_HELLO_B;
297 s->state=SSL23_ST_SR_CLNT_HELLO_B; 293 } else if (p[4] >= TLS1_1_VERSION_MINOR &&
298 } 294 !(s->options & SSL_OP_NO_TLSv1_1)) {
299 else if (p[4] >= TLS1_1_VERSION_MINOR && 295 s->version = TLS1_1_VERSION;
300 !(s->options & SSL_OP_NO_TLSv1_1))
301 {
302 s->version=TLS1_1_VERSION;
303 /* type=2; */ /* done later to survive restarts */ 296 /* type=2; */ /* done later to survive restarts */
304 s->state=SSL23_ST_SR_CLNT_HELLO_B; 297 s->state = SSL23_ST_SR_CLNT_HELLO_B;
305 } 298 } else if (!(s->options & SSL_OP_NO_TLSv1)) {
306 else if (!(s->options & SSL_OP_NO_TLSv1)) 299 s->version = TLS1_VERSION;
307 {
308 s->version=TLS1_VERSION;
309 /* type=2; */ /* done later to survive restarts */ 300 /* type=2; */ /* done later to survive restarts */
310 s->state=SSL23_ST_SR_CLNT_HELLO_B; 301 s->state = SSL23_ST_SR_CLNT_HELLO_B;
311 } 302 } else if (!(s->options & SSL_OP_NO_SSLv3)) {
312 else if (!(s->options & SSL_OP_NO_SSLv3)) 303 s->version = SSL3_VERSION;
313 {
314 s->version=SSL3_VERSION;
315 /* type=2; */ 304 /* type=2; */
316 s->state=SSL23_ST_SR_CLNT_HELLO_B; 305 s->state = SSL23_ST_SR_CLNT_HELLO_B;
317 } 306 } else if (!(s->options & SSL_OP_NO_SSLv2)) {
318 else if (!(s->options & SSL_OP_NO_SSLv2)) 307 type = 1;
319 {
320 type=1;
321 }
322 } 308 }
323 else if (!(s->options & SSL_OP_NO_SSLv3)) 309 } else if (!(s->options & SSL_OP_NO_SSLv3)) {
324 { 310 s->version = SSL3_VERSION;
325 s->version=SSL3_VERSION;
326 /* type=2; */ 311 /* type=2; */
327 s->state=SSL23_ST_SR_CLNT_HELLO_B; 312 s->state = SSL23_ST_SR_CLNT_HELLO_B;
328 } 313 } else if (!(s->options & SSL_OP_NO_SSLv2))
329 else if (!(s->options & SSL_OP_NO_SSLv2)) 314 type = 1;
330 type=1;
331 315
332 }
333 } 316 }
334 else if ((p[0] == SSL3_RT_HANDSHAKE) && 317 } else if ((p[0] == SSL3_RT_HANDSHAKE) &&
335 (p[1] == SSL3_VERSION_MAJOR) && 318 (p[1] == SSL3_VERSION_MAJOR) &&
336 (p[5] == SSL3_MT_CLIENT_HELLO) && 319 (p[5] == SSL3_MT_CLIENT_HELLO) &&
337 ((p[3] == 0 && p[4] < 5 /* silly record length? */) 320 ((p[3] == 0 && p[4] < 5 /* silly record length? */)
338 || (p[9] >= p[1]))) 321 || (p[9] >= p[1]))) {
339 {
340 /* 322 /*
341 * SSLv3 or tls1 header 323 * SSLv3 or tls1 header
342 */ 324 */
343 325
344 v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */ 326 v[0] = p[1]; /* major version (= SSL3_VERSION_MAJOR) */
345 /* We must look at client_version inside the Client Hello message 327 /* We must look at client_version inside the Client Hello message
346 * to get the correct minor version. 328 * to get the correct minor version.
347 * However if we have only a pathologically small fragment of the 329 * However if we have only a pathologically small fragment of the
@@ -350,127 +332,108 @@ int ssl23_get_client_hello(SSL *s)
350 * No known SSL 3.0 client fragments ClientHello like this, 332 * No known SSL 3.0 client fragments ClientHello like this,
351 * so we simply assume TLS 1.0 to avoid protocol version downgrade 333 * so we simply assume TLS 1.0 to avoid protocol version downgrade
352 * attacks. */ 334 * attacks. */
353 if (p[3] == 0 && p[4] < 6) 335 if (p[3] == 0 && p[4] < 6) {
354 {
355#if 0 336#if 0
356 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL); 337 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_SMALL);
357 goto err; 338 goto err;
358#else 339#else
359 v[1] = TLS1_VERSION_MINOR; 340 v[1] = TLS1_VERSION_MINOR;
360#endif 341#endif
361 } 342 }
362 /* if major version number > 3 set minor to a value 343 /* if major version number > 3 set minor to a value
363 * which will use the highest version 3 we support. 344 * which will use the highest version 3 we support.
364 * If TLS 2.0 ever appears we will need to revise 345 * If TLS 2.0 ever appears we will need to revise
365 * this.... 346 * this....
366 */ 347 */
367 else if (p[9] > SSL3_VERSION_MAJOR) 348 else if (p[9] > SSL3_VERSION_MAJOR)
368 v[1]=0xff; 349 v[1] = 0xff;
369 else 350 else
370 v[1]=p[10]; /* minor version according to client_version */ 351 v[1] = p[10]; /* minor version according to client_version */
371 if (v[1] >= TLS1_VERSION_MINOR) 352 if (v[1] >= TLS1_VERSION_MINOR) {
372 {
373 if (v[1] >= TLS1_2_VERSION_MINOR && 353 if (v[1] >= TLS1_2_VERSION_MINOR &&
374 !(s->options & SSL_OP_NO_TLSv1_2)) 354 !(s->options & SSL_OP_NO_TLSv1_2)) {
375 { 355 s->version = TLS1_2_VERSION;
376 s->version=TLS1_2_VERSION; 356 type = 3;
377 type=3; 357 } else if (v[1] >= TLS1_1_VERSION_MINOR &&
378 } 358 !(s->options & SSL_OP_NO_TLSv1_1)) {
379 else if (v[1] >= TLS1_1_VERSION_MINOR && 359 s->version = TLS1_1_VERSION;
380 !(s->options & SSL_OP_NO_TLSv1_1)) 360 type = 3;
381 { 361 } else if (!(s->options & SSL_OP_NO_TLSv1)) {
382 s->version=TLS1_1_VERSION; 362 s->version = TLS1_VERSION;
383 type=3; 363 type = 3;
384 } 364 } else if (!(s->options & SSL_OP_NO_SSLv3)) {
385 else if (!(s->options & SSL_OP_NO_TLSv1)) 365 s->version = SSL3_VERSION;
386 { 366 type = 3;
387 s->version=TLS1_VERSION;
388 type=3;
389 }
390 else if (!(s->options & SSL_OP_NO_SSLv3))
391 {
392 s->version=SSL3_VERSION;
393 type=3;
394 }
395 } 367 }
396 else 368 } else {
397 {
398 /* client requests SSL 3.0 */ 369 /* client requests SSL 3.0 */
399 if (!(s->options & SSL_OP_NO_SSLv3)) 370 if (!(s->options & SSL_OP_NO_SSLv3)) {
400 { 371 s->version = SSL3_VERSION;
401 s->version=SSL3_VERSION; 372 type = 3;
402 type=3; 373 } else if (!(s->options & SSL_OP_NO_TLSv1)) {
403 }
404 else if (!(s->options & SSL_OP_NO_TLSv1))
405 {
406 /* we won't be able to use TLS of course, 374 /* we won't be able to use TLS of course,
407 * but this will send an appropriate alert */ 375 * but this will send an appropriate alert */
408 s->version=TLS1_VERSION; 376 s->version = TLS1_VERSION;
409 type=3; 377 type = 3;
410 }
411 } 378 }
412 } 379 }
413 else if ((strncmp("GET ", (char *)p,4) == 0) || 380 }
414 (strncmp("POST ",(char *)p,5) == 0) || 381 else if ((strncmp("GET ", (char *)p, 4) == 0) ||
415 (strncmp("HEAD ",(char *)p,5) == 0) || 382 (strncmp("POST ",(char *)p, 5) == 0) ||
416 (strncmp("PUT ", (char *)p,4) == 0)) 383 (strncmp("HEAD ",(char *)p, 5) == 0) ||
417 { 384 (strncmp("PUT ", (char *)p, 4) == 0)) {
418 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST); 385 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTP_REQUEST);
419 goto err; 386 goto err;
420 } 387 } else if (strncmp("CONNECT", (char *)p, 7) == 0) {
421 else if (strncmp("CONNECT",(char *)p,7) == 0) 388 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTPS_PROXY_REQUEST);
422 {
423 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
424 goto err; 389 goto err;
425 }
426 } 390 }
391 }
427 392
428#ifdef OPENSSL_FIPS 393#ifdef OPENSSL_FIPS
429 if (FIPS_mode() && (s->version < TLS1_VERSION)) 394 if (FIPS_mode() && (s->version < TLS1_VERSION)) {
430 {
431 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, 395 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
432 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); 396 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
433 goto err; 397 goto err;
434 } 398 }
435#endif 399#endif
436 400
437 if (s->state == SSL23_ST_SR_CLNT_HELLO_B) 401 if (s->state == SSL23_ST_SR_CLNT_HELLO_B) {
438 {
439 /* we have SSLv3/TLSv1 in an SSLv2 header 402 /* we have SSLv3/TLSv1 in an SSLv2 header
440 * (other cases skip this state) */ 403 * (other cases skip this state) */
441 404
442 type=2; 405 type = 2;
443 p=s->packet; 406 p = s->packet;
444 v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ 407 v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
445 v[1] = p[4]; 408 v[1] = p[4];
446 409
447 n=((p[0]&0x7f)<<8)|p[1]; 410 n = ((p[0] & 0x7f) << 8) | p[1];
448 if (n > (1024*4)) 411 if (n > (1024 * 4)) {
449 { 412 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_LARGE);
450 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
451 goto err; 413 goto err;
452 } 414 }
453 415
454 j=ssl23_read_bytes(s,n+2); 416 j = ssl23_read_bytes(s, n + 2);
455 if (j <= 0) return(j); 417 if (j <= 0)
418 return (j);
456 419
457 ssl3_finish_mac(s, s->packet+2, s->packet_length-2); 420 ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
458 if (s->msg_callback) 421 if (s->msg_callback)
459 s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */ 422 s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
460 423
461 p=s->packet; 424 p = s->packet;
462 p+=5; 425 p += 5;
463 n2s(p,csl); 426 n2s(p, csl);
464 n2s(p,sil); 427 n2s(p, sil);
465 n2s(p,cl); 428 n2s(p, cl);
466 d=(unsigned char *)s->init_buf->data; 429 d = (unsigned char *)s->init_buf->data;
467 if ((csl+sil+cl+11) != s->packet_length) /* We can't have TLS extensions in SSL 2.0 format 430 if ((csl + sil + cl + 11) != s->packet_length) /* We can't have TLS extensions in SSL 2.0 format
468 * Client Hello, can we? Error condition should be 431 * Client Hello, can we ? Error condition should be
469 * '>' otherweise */ 432 * '>' otherweise */
470 { 433 {
471 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH); 434 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_LENGTH_MISMATCH);
472 goto err; 435 goto err;
473 } 436 }
474 437
475 /* record header: msg_type ... */ 438 /* record header: msg_type ... */
476 *(d++) = SSL3_MT_CLIENT_HELLO; 439 *(d++) = SSL3_MT_CLIENT_HELLO;
@@ -484,130 +447,122 @@ int ssl23_get_client_hello(SSL *s)
484 447
485 /* lets populate the random area */ 448 /* lets populate the random area */
486 /* get the challenge_length */ 449 /* get the challenge_length */
487 i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl; 450 i = (cl > SSL3_RANDOM_SIZE) ? SSL3_RANDOM_SIZE : cl;
488 memset(d,0,SSL3_RANDOM_SIZE); 451 memset(d, 0, SSL3_RANDOM_SIZE);
489 memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i); 452 memcpy(&(d[SSL3_RANDOM_SIZE - i]), &(p[csl + sil]), i);
490 d+=SSL3_RANDOM_SIZE; 453 d += SSL3_RANDOM_SIZE;
491 454
492 /* no session-id reuse */ 455 /* no session-id reuse */
493 *(d++)=0; 456 *(d++) = 0;
494 457
495 /* ciphers */ 458 /* ciphers */
496 j=0; 459 j = 0;
497 dd=d; 460 dd = d;
498 d+=2; 461 d += 2;
499 for (i=0; i<csl; i+=3) 462 for (i = 0; i < csl; i += 3) {
500 { 463 if (p[i] != 0)
501 if (p[i] != 0) continue; 464 continue;
502 *(d++)=p[i+1]; 465 *(d++) = p[i + 1];
503 *(d++)=p[i+2]; 466 *(d++) = p[i + 2];
504 j+=2; 467 j += 2;
505 } 468 }
506 s2n(j,dd); 469 s2n(j, dd);
507 470
508 /* COMPRESSION */ 471 /* COMPRESSION */
509 *(d++)=1; 472 *(d++) = 1;
510 *(d++)=0; 473 *(d++) = 0;
511 474
512#if 0 475#if 0
513 /* copy any remaining data with may be extensions */ 476 /* copy any remaining data with may be extensions */
514 p = p+csl+sil+cl; 477 p = p + csl + sil + cl;
515 while (p < s->packet+s->packet_length) 478 while (p < s->packet + s->packet_length) {
516 {
517 *(d++)=*(p++); 479 *(d++)=*(p++);
518 } 480 }
519#endif 481#endif
520 482
521 i = (d-(unsigned char *)s->init_buf->data) - 4; 483 i = (d - (unsigned char *)s->init_buf->data) - 4;
522 l2n3((long)i, d_len); 484 l2n3((long)i, d_len);
523 485
524 /* get the data reused from the init_buf */ 486 /* get the data reused from the init_buf */
525 s->s3->tmp.reuse_message=1; 487 s->s3->tmp.reuse_message = 1;
526 s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; 488 s->s3->tmp.message_type = SSL3_MT_CLIENT_HELLO;
527 s->s3->tmp.message_size=i; 489 s->s3->tmp.message_size = i;
528 } 490 }
529 491
530 /* imaginary new state (for program structure): */ 492 /* imaginary new state (for program structure): */
531 /* s->state = SSL23_SR_CLNT_HELLO_C */ 493 /* s->state = SSL23_SR_CLNT_HELLO_C */
532 494
533 if (type == 1) 495 if (type == 1) {
534 {
535#ifdef OPENSSL_NO_SSL2 496#ifdef OPENSSL_NO_SSL2
536 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); 497 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
537 goto err; 498 goto err;
538#else 499#else
539 /* we are talking sslv2 */ 500 /* we are talking sslv2 */
540 /* we need to clean up the SSLv3/TLSv1 setup and put in the 501 /* we need to clean up the SSLv3/TLSv1 setup and put in the
541 * sslv2 stuff. */ 502 * sslv2 stuff. */
542 503
543 if (s->s2 == NULL) 504 if (s->s2 == NULL) {
544 {
545 if (!ssl2_new(s)) 505 if (!ssl2_new(s))
546 goto err; 506 goto err;
547 } 507 } else
548 else
549 ssl2_clear(s); 508 ssl2_clear(s);
550 509
551 if (s->s3 != NULL) ssl3_free(s); 510 if (s->s3 != NULL)
511 ssl3_free(s);
552 512
553 if (!BUF_MEM_grow_clean(s->init_buf, 513 if (!BUF_MEM_grow_clean(s->init_buf,
554 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) 514 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
555 {
556 goto err; 515 goto err;
557 } 516 }
558 517
559 s->state=SSL2_ST_GET_CLIENT_HELLO_A; 518 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
560 if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3) 519 if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
561 s->s2->ssl2_rollback=0; 520 s->s2->ssl2_rollback = 0;
562 else 521 else
563 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 522 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
564 * (SSL 3.0 draft/RFC 2246, App. E.2) */ 523 * (SSL 3.0 draft/RFC 2246, App. E.2) */
565 s->s2->ssl2_rollback=1; 524 s->s2->ssl2_rollback = 1;
566 525
567 /* setup the n bytes we have read so we get them from 526 /* setup the n bytes we have read so we get them from
568 * the sslv2 buffer */ 527 * the sslv2 buffer */
569 s->rstate=SSL_ST_READ_HEADER; 528 s->rstate = SSL_ST_READ_HEADER;
570 s->packet_length=n; 529 s->packet_length = n;
571 s->packet= &(s->s2->rbuf[0]); 530 s->packet = &(s->s2->rbuf[0]);
572 memcpy(s->packet,buf,n); 531 memcpy(s->packet, buf, n);
573 s->s2->rbuf_left=n; 532 s->s2->rbuf_left = n;
574 s->s2->rbuf_offs=0; 533 s->s2->rbuf_offs = 0;
575 534
576 s->method=SSLv2_server_method(); 535 s->method = SSLv2_server_method();
577 s->handshake_func=s->method->ssl_accept; 536 s->handshake_func = s->method->ssl_accept;
578#endif 537#endif
579 } 538 }
580 539
581 if ((type == 2) || (type == 3)) 540 if ((type == 2) || (type == 3)) {
582 {
583 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ 541 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
584 542
585 if (!ssl_init_wbio_buffer(s,1)) goto err; 543 if (!ssl_init_wbio_buffer(s, 1)) goto err;
586 544
587 /* we are in this state */ 545 /* we are in this state */
588 s->state=SSL3_ST_SR_CLNT_HELLO_A; 546 s->state = SSL3_ST_SR_CLNT_HELLO_A;
589 547
590 if (type == 3) 548 if (type == 3) {
591 {
592 /* put the 'n' bytes we have read into the input buffer 549 /* put the 'n' bytes we have read into the input buffer
593 * for SSLv3 */ 550 * for SSLv3 */
594 s->rstate=SSL_ST_READ_HEADER; 551 s->rstate = SSL_ST_READ_HEADER;
595 s->packet_length=n; 552 s->packet_length = n;
596 if (s->s3->rbuf.buf == NULL) 553 if (s->s3->rbuf.buf == NULL)
597 if (!ssl3_setup_read_buffer(s)) 554 if (!ssl3_setup_read_buffer(s))
598 goto err; 555 goto err;
599 556
600 s->packet= &(s->s3->rbuf.buf[0]); 557 s->packet = &(s->s3->rbuf.buf[0]);
601 memcpy(s->packet,buf,n); 558 memcpy(s->packet, buf, n);
602 s->s3->rbuf.left=n; 559 s->s3->rbuf.left = n;
603 s->s3->rbuf.offset=0; 560 s->s3->rbuf.offset = 0;
604 } 561 } else {
605 else 562 s->packet_length = 0;
606 { 563 s->s3->rbuf.left = 0;
607 s->packet_length=0; 564 s->s3->rbuf.offset = 0;
608 s->s3->rbuf.left=0; 565 }
609 s->s3->rbuf.offset=0;
610 }
611 if (s->version == TLS1_2_VERSION) 566 if (s->version == TLS1_2_VERSION)
612 s->method = TLSv1_2_server_method(); 567 s->method = TLSv1_2_server_method();
613 else if (s->version == TLS1_1_VERSION) 568 else if (s->version == TLS1_1_VERSION)
@@ -617,22 +572,23 @@ int ssl23_get_client_hello(SSL *s)
617 else 572 else
618 s->method = SSLv3_server_method(); 573 s->method = SSLv3_server_method();
619#if 0 /* ssl3_get_client_hello does this */ 574#if 0 /* ssl3_get_client_hello does this */
620 s->client_version=(v[0]<<8)|v[1]; 575 s->client_version = (v[0]<<8)|v[1];
621#endif 576#endif
622 s->handshake_func=s->method->ssl_accept; 577 s->handshake_func = s->method->ssl_accept;
623 } 578 }
624 579
625 if ((type < 1) || (type > 3)) 580 if ((type < 1) || (type > 3)) {
626 {
627 /* bad, very bad */ 581 /* bad, very bad */
628 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); 582 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL);
629 goto err; 583 goto err;
630 } 584 }
631 s->init_num=0; 585 s->init_num = 0;
632 586
633 if (buf != buf_space) OPENSSL_free(buf); 587 if (buf != buf_space)
634 return(SSL_accept(s)); 588 OPENSSL_free(buf);
589 return (SSL_accept(s));
635err: 590err:
636 if (buf != buf_space) OPENSSL_free(buf); 591 if (buf != buf_space)
637 return(-1); 592 OPENSSL_free(buf);
638 } 593 return (-1);
594}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 00:33:06 +0000