summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortedu <>2014-04-15 21:47:56 +0000
committertedu <>2014-04-15 21:47:56 +0000
commitd29691e0c778ae0a3a5eb74acbb053caacdee990 (patch)
treee9ca306a8d286d0b62f82cb4b82cffd7dfbb0e70 /src
parent0fccfaa49773dea8f4e6d9930d774dd2a44b33db (diff)
downloadopenbsd-d29691e0c778ae0a3a5eb74acbb053caacdee990.tar.gz
openbsd-d29691e0c778ae0a3a5eb74acbb053caacdee990.tar.bz2
openbsd-d29691e0c778ae0a3a5eb74acbb053caacdee990.zip
remove ssl2 support even more completely.
in the process, always include ssl3 and tls1, we don't need config options for them. when the time comes to expire ssl3, it will be with an ax. checked by miod
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/s23_clnt.c80
-rw-r--r--src/lib/libssl/s23_lib.c16
-rw-r--r--src/lib/libssl/s23_srvr.c44
-rw-r--r--src/lib/libssl/src/apps/ciphers.c14
-rw-r--r--src/lib/libssl/src/apps/ocsp.c9
-rw-r--r--src/lib/libssl/src/apps/progs.h8
-rw-r--r--src/lib/libssl/src/apps/s_client.c14
-rw-r--r--src/lib/libssl/src/apps/s_server.c8
-rw-r--r--src/lib/libssl/src/apps/s_time.c12
-rw-r--r--src/lib/libssl/src/ssl/s23_clnt.c80
-rw-r--r--src/lib/libssl/src/ssl/s23_lib.c16
-rw-r--r--src/lib/libssl/src/ssl/s23_meth.c14
-rw-r--r--src/lib/libssl/src/ssl/s23_srvr.c44
-rw-r--r--src/lib/libssl/src/ssl/s2_clnt.c1076
-rw-r--r--src/lib/libssl/src/ssl/s2_enc.c190
-rw-r--r--src/lib/libssl/src/ssl/s2_lib.c569
-rw-r--r--src/lib/libssl/src/ssl/s2_meth.c83
-rw-r--r--src/lib/libssl/src/ssl/s2_pkt.c696
-rw-r--r--src/lib/libssl/src/ssl/s2_srvr.c1092
-rw-r--r--src/lib/libssl/src/ssl/ssl.h10
-rw-r--r--src/lib/libssl/src/ssl/ssl_stat.c197
-rw-r--r--src/lib/libssl/src/ssl/ssltest.c39
-rw-r--r--src/lib/libssl/ssl.h10
-rw-r--r--src/lib/libssl/ssl/Makefile4
-rw-r--r--src/lib/libssl/ssl_stat.c197
25 files changed, 13 insertions, 4509 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 3d2e7510cf..7c9de0dd0e 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -122,10 +122,6 @@ static int ssl23_get_server_hello(SSL *s);
122static const SSL_METHOD 122static const SSL_METHOD
123*ssl23_get_client_method(int ver) 123*ssl23_get_client_method(int ver)
124{ 124{
125#ifndef OPENSSL_NO_SSL2
126 if (ver == SSL2_VERSION)
127 return (SSLv2_client_method());
128#endif
129 if (ver == SSL3_VERSION) 125 if (ver == SSL3_VERSION)
130 return (SSLv3_client_method()); 126 return (SSLv3_client_method());
131 else if (ver == TLS1_VERSION) 127 else if (ver == TLS1_VERSION)
@@ -320,14 +316,7 @@ ssl23_client_hello(SSL *s)
320 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the 316 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
321 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. 317 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
322 */ 318 */
323 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1 319 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3;
324#if !defined(OPENSSL_NO_SSL3)
325 |SSL_OP_NO_SSLv3
326#endif
327#if !defined(OPENSSL_NO_SSL2)
328 |(ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
329#endif
330 ;
331#if !defined(OPENSSL_NO_TLS1_2_CLIENT) 320#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
332 version = TLS1_2_VERSION; 321 version = TLS1_2_VERSION;
333 322
@@ -340,15 +329,9 @@ ssl23_client_hello(SSL *s)
340 if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask) 329 if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
341 version = TLS1_VERSION; 330 version = TLS1_VERSION;
342 mask &= ~SSL_OP_NO_TLSv1; 331 mask &= ~SSL_OP_NO_TLSv1;
343#if !defined(OPENSSL_NO_SSL3)
344 if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask) 332 if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
345 version = SSL3_VERSION; 333 version = SSL3_VERSION;
346 mask &= ~SSL_OP_NO_SSLv3; 334 mask &= ~SSL_OP_NO_SSLv3;
347#endif
348#if !defined(OPENSSL_NO_SSL2)
349 if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
350 version = SSL2_VERSION;
351#endif
352 335
353#ifndef OPENSSL_NO_TLSEXT 336#ifndef OPENSSL_NO_TLSEXT
354 if (version != SSL2_VERSION) { 337 if (version != SSL2_VERSION) {
@@ -592,69 +575,8 @@ ssl23_get_server_hello(SSL *s)
592 575
593 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && 576 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
594 (p[5] == 0x00) && (p[6] == 0x02)) { 577 (p[5] == 0x00) && (p[6] == 0x02)) {
595#ifdef OPENSSL_NO_SSL2
596 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); 578 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
597 goto err; 579 goto err;
598#else
599 /* we are talking sslv2 */
600 /* we need to clean up the SSLv3 setup and put in the
601 * sslv2 stuff. */
602 int ch_len;
603
604 if (s->options & SSL_OP_NO_SSLv2) {
605 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
606 goto err;
607 }
608 if (s->s2 == NULL) {
609 if (!ssl2_new(s))
610 goto err;
611 } else
612 ssl2_clear(s);
613
614 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
615 ch_len = SSL2_CHALLENGE_LENGTH;
616 else
617 ch_len = SSL2_MAX_CHALLENGE_LENGTH;
618
619 /* write out sslv2 challenge */
620 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because
621 it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
622 SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
623 futurproofing */
624 i = (SSL3_RANDOM_SIZE < ch_len) ? SSL3_RANDOM_SIZE : ch_len;
625 s->s2->challenge_length = i;
626 memcpy(s->s2->challenge,
627 &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
628
629 if (s->s3 != NULL)
630 ssl3_free(s);
631
632 if (!BUF_MEM_grow_clean(s->init_buf,
633 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
634 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
635 goto err;
636 }
637
638 s->state = SSL2_ST_GET_SERVER_HELLO_A;
639 if (!(s->client_version == SSL2_VERSION))
640 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
641 s->s2->ssl2_rollback = 1;
642
643 /* setup the 7 bytes we have read so we get them from
644 * the sslv2 buffer */
645 s->rstate = SSL_ST_READ_HEADER;
646 s->packet_length = n;
647 s->packet = &(s->s2->rbuf[0]);
648 memcpy(s->packet, buf, n);
649 s->s2->rbuf_left = n;
650 s->s2->rbuf_offs = 0;
651
652 /* we have already written one */
653 s->s2->write_sequence = 1;
654
655 s->method = SSLv2_client_method();
656 s->handshake_func = s->method->ssl_connect;
657#endif
658 } else if (p[1] == SSL3_VERSION_MAJOR && 580 } else if (p[1] == SSL3_VERSION_MAJOR &&
659 p[2] <= TLS1_2_VERSION_MINOR && 581 p[2] <= TLS1_2_VERSION_MINOR &&
660 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) || 582 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
index 3a4d5a6ecb..74afe01d94 100644
--- a/src/lib/libssl/s23_lib.c
+++ b/src/lib/libssl/s23_lib.c
@@ -69,11 +69,7 @@ ssl23_default_timeout(void)
69int 69int
70ssl23_num_ciphers(void) 70ssl23_num_ciphers(void)
71{ 71{
72 return(ssl3_num_ciphers() 72 return(ssl3_num_ciphers());
73#ifndef OPENSSL_NO_SSL2
74 + ssl2_num_ciphers()
75#endif
76 );
77} 73}
78 74
79const SSL_CIPHER 75const SSL_CIPHER
@@ -84,11 +80,7 @@ const SSL_CIPHER
84 if (u < uu) 80 if (u < uu)
85 return (ssl3_get_cipher(u)); 81 return (ssl3_get_cipher(u));
86 else 82 else
87#ifndef OPENSSL_NO_SSL2 83 return (NULL);
88 return (ssl2_get_cipher(u - uu));
89#else
90 return (NULL);
91#endif
92} 84}
93 85
94/* This function needs to check if the ciphers required are actually 86/* This function needs to check if the ciphers required are actually
@@ -99,10 +91,6 @@ const SSL_CIPHER
99 const SSL_CIPHER *cp; 91 const SSL_CIPHER *cp;
100 92
101 cp = ssl3_get_cipher_by_char(p); 93 cp = ssl3_get_cipher_by_char(p);
102#ifndef OPENSSL_NO_SSL2
103 if (cp == NULL)
104 cp = ssl2_get_cipher_by_char(p);
105#endif
106 return (cp); 94 return (cp);
107} 95}
108 96
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index ca95d4e636..a6062667a0 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -121,10 +121,6 @@ int ssl23_get_client_hello(SSL *s);
121static const SSL_METHOD 121static const SSL_METHOD
122*ssl23_get_server_method(int ver) 122*ssl23_get_server_method(int ver)
123{ 123{
124#ifndef OPENSSL_NO_SSL2
125 if (ver == SSL2_VERSION)
126 return (SSLv2_server_method());
127#endif
128 if (ver == SSL3_VERSION) 124 if (ver == SSL3_VERSION)
129 return (SSLv3_server_method()); 125 return (SSLv3_server_method());
130 else if (ver == TLS1_VERSION) 126 else if (ver == TLS1_VERSION)
@@ -480,48 +476,8 @@ ssl23_get_client_hello(SSL *s)
480 /* s->state = SSL23_SR_CLNT_HELLO_C */ 476 /* s->state = SSL23_SR_CLNT_HELLO_C */
481 477
482 if (type == 1) { 478 if (type == 1) {
483#ifdef OPENSSL_NO_SSL2
484 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); 479 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
485 goto err; 480 goto err;
486#else
487 /* we are talking sslv2 */
488 /* we need to clean up the SSLv3/TLSv1 setup and put in the
489 * sslv2 stuff. */
490
491 if (s->s2 == NULL) {
492 if (!ssl2_new(s))
493 goto err;
494 } else
495 ssl2_clear(s);
496
497 if (s->s3 != NULL)
498 ssl3_free(s);
499
500 if (!BUF_MEM_grow_clean(s->init_buf,
501 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
502 goto err;
503 }
504
505 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
506 if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
507 s->s2->ssl2_rollback = 0;
508 else
509 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
510 * (SSL 3.0 draft/RFC 2246, App. E.2) */
511 s->s2->ssl2_rollback = 1;
512
513 /* setup the n bytes we have read so we get them from
514 * the sslv2 buffer */
515 s->rstate = SSL_ST_READ_HEADER;
516 s->packet_length = n;
517 s->packet = &(s->s2->rbuf[0]);
518 memcpy(s->packet, buf, n);
519 s->s2->rbuf_left = n;
520 s->s2->rbuf_offs = 0;
521
522 s->method = SSLv2_server_method();
523 s->handshake_func = s->method->ssl_accept;
524#endif
525 } 481 }
526 482
527 if ((type == 2) || (type == 3)) { 483 if ((type == 2) || (type == 3)) {
diff --git a/src/lib/libssl/src/apps/ciphers.c b/src/lib/libssl/src/apps/ciphers.c
index 5f2b739700..1906ca85a2 100644
--- a/src/lib/libssl/src/apps/ciphers.c
+++ b/src/lib/libssl/src/apps/ciphers.c
@@ -96,13 +96,7 @@ int MAIN(int argc, char **argv)
96 char buf[512]; 96 char buf[512];
97 BIO *STDout=NULL; 97 BIO *STDout=NULL;
98 98
99#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
100 meth=SSLv23_server_method();
101#elif !defined(OPENSSL_NO_SSL3)
102 meth=SSLv3_server_method(); 99 meth=SSLv3_server_method();
103#elif !defined(OPENSSL_NO_SSL2)
104 meth=SSLv2_server_method();
105#endif
106 100
107 apps_startup(); 101 apps_startup();
108 102
@@ -126,18 +120,10 @@ int MAIN(int argc, char **argv)
126 verbose=1; 120 verbose=1;
127 else if (strcmp(*argv,"-V") == 0) 121 else if (strcmp(*argv,"-V") == 0)
128 verbose=Verbose=1; 122 verbose=Verbose=1;
129#ifndef OPENSSL_NO_SSL2
130 else if (strcmp(*argv,"-ssl2") == 0)
131 meth=SSLv2_client_method();
132#endif
133#ifndef OPENSSL_NO_SSL3
134 else if (strcmp(*argv,"-ssl3") == 0) 123 else if (strcmp(*argv,"-ssl3") == 0)
135 meth=SSLv3_client_method(); 124 meth=SSLv3_client_method();
136#endif
137#ifndef OPENSSL_NO_TLS1
138 else if (strcmp(*argv,"-tls1") == 0) 125 else if (strcmp(*argv,"-tls1") == 0)
139 meth=TLSv1_client_method(); 126 meth=TLSv1_client_method();
140#endif
141 else if ((strncmp(*argv,"-h",2) == 0) || 127 else if ((strncmp(*argv,"-h",2) == 0) ||
142 (strcmp(*argv,"-?") == 0)) 128 (strcmp(*argv,"-?") == 0))
143 { 129 {
diff --git a/src/lib/libssl/src/apps/ocsp.c b/src/lib/libssl/src/apps/ocsp.c
index 83c5a76700..b0ec7cdb19 100644
--- a/src/lib/libssl/src/apps/ocsp.c
+++ b/src/lib/libssl/src/apps/ocsp.c
@@ -1388,16 +1388,7 @@ OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
1388 if (use_ssl == 1) 1388 if (use_ssl == 1)
1389 { 1389 {
1390 BIO *sbio; 1390 BIO *sbio;
1391#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
1392 ctx = SSL_CTX_new(SSLv23_client_method());
1393#elif !defined(OPENSSL_NO_SSL3)
1394 ctx = SSL_CTX_new(SSLv3_client_method()); 1391 ctx = SSL_CTX_new(SSLv3_client_method());
1395#elif !defined(OPENSSL_NO_SSL2)
1396 ctx = SSL_CTX_new(SSLv2_client_method());
1397#else
1398 BIO_printf(err, "SSL is disabled\n");
1399 goto end;
1400#endif
1401 if (ctx == NULL) 1392 if (ctx == NULL)
1402 { 1393 {
1403 BIO_printf(err, "Error creating SSL context.\n"); 1394 BIO_printf(err, "Error creating SSL context.\n");
diff --git a/src/lib/libssl/src/apps/progs.h b/src/lib/libssl/src/apps/progs.h
index 949e78066b..b8d6b5ad17 100644
--- a/src/lib/libssl/src/apps/progs.h
+++ b/src/lib/libssl/src/apps/progs.h
@@ -107,16 +107,16 @@ FUNCTION functions[] = {
107 {FUNC_TYPE_GENERAL,"gendsa",gendsa_main}, 107 {FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
108#endif 108#endif
109 {FUNC_TYPE_GENERAL,"genpkey",genpkey_main}, 109 {FUNC_TYPE_GENERAL,"genpkey",genpkey_main},
110#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) 110#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL3))
111 {FUNC_TYPE_GENERAL,"s_server",s_server_main}, 111 {FUNC_TYPE_GENERAL,"s_server",s_server_main},
112#endif 112#endif
113#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) 113#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL3))
114 {FUNC_TYPE_GENERAL,"s_client",s_client_main}, 114 {FUNC_TYPE_GENERAL,"s_client",s_client_main},
115#endif 115#endif
116#ifndef OPENSSL_NO_SPEED 116#ifndef OPENSSL_NO_SPEED
117 {FUNC_TYPE_GENERAL,"speed",speed_main}, 117 {FUNC_TYPE_GENERAL,"speed",speed_main},
118#endif 118#endif
119#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) 119#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL3))
120 {FUNC_TYPE_GENERAL,"s_time",s_time_main}, 120 {FUNC_TYPE_GENERAL,"s_time",s_time_main},
121#endif 121#endif
122 {FUNC_TYPE_GENERAL,"version",version_main}, 122 {FUNC_TYPE_GENERAL,"version",version_main},
@@ -126,7 +126,7 @@ FUNCTION functions[] = {
126#endif 126#endif
127 {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main}, 127 {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
128 {FUNC_TYPE_GENERAL,"sess_id",sess_id_main}, 128 {FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
129#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) 129#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL3))
130 {FUNC_TYPE_GENERAL,"ciphers",ciphers_main}, 130 {FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
131#endif 131#endif
132 {FUNC_TYPE_GENERAL,"nseq",nseq_main}, 132 {FUNC_TYPE_GENERAL,"nseq",nseq_main},
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c
index e9840ddf09..7bea7204c1 100644
--- a/src/lib/libssl/src/apps/s_client.c
+++ b/src/lib/libssl/src/apps/s_client.c
@@ -337,9 +337,6 @@ static void sc_usage(void)
337 BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n"); 337 BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n");
338 BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); 338 BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N);
339#endif 339#endif
340#ifndef OPENSSL_NO_SSL2
341 BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
342#endif
343 BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); 340 BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
344 BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n"); 341 BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n");
345 BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); 342 BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n");
@@ -348,9 +345,6 @@ static void sc_usage(void)
348 BIO_printf(bio_err," -mtu - set the link layer MTU\n"); 345 BIO_printf(bio_err," -mtu - set the link layer MTU\n");
349 BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); 346 BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
350 BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); 347 BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
351#ifndef OPENSSL_NO_SSL2
352 BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n");
353#endif
354 BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); 348 BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n");
355 BIO_printf(bio_err," command to see what is available\n"); 349 BIO_printf(bio_err," command to see what is available\n");
356 BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); 350 BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
@@ -811,22 +805,14 @@ int MAIN(int argc, char **argv)
811 meth=TLSv1_client_method(); 805 meth=TLSv1_client_method();
812 } 806 }
813#endif 807#endif
814#ifndef OPENSSL_NO_SSL2
815 else if (strcmp(*argv,"-ssl2") == 0)
816 meth=SSLv2_client_method();
817#endif
818#ifndef OPENSSL_NO_SSL3
819 else if (strcmp(*argv,"-ssl3") == 0) 808 else if (strcmp(*argv,"-ssl3") == 0)
820 meth=SSLv3_client_method(); 809 meth=SSLv3_client_method();
821#endif
822#ifndef OPENSSL_NO_TLS1
823 else if (strcmp(*argv,"-tls1_2") == 0) 810 else if (strcmp(*argv,"-tls1_2") == 0)
824 meth=TLSv1_2_client_method(); 811 meth=TLSv1_2_client_method();
825 else if (strcmp(*argv,"-tls1_1") == 0) 812 else if (strcmp(*argv,"-tls1_1") == 0)
826 meth=TLSv1_1_client_method(); 813 meth=TLSv1_1_client_method();
827 else if (strcmp(*argv,"-tls1") == 0) 814 else if (strcmp(*argv,"-tls1") == 0)
828 meth=TLSv1_client_method(); 815 meth=TLSv1_client_method();
829#endif
830#ifndef OPENSSL_NO_DTLS1 816#ifndef OPENSSL_NO_DTLS1
831 else if (strcmp(*argv,"-dtls1") == 0) 817 else if (strcmp(*argv,"-dtls1") == 0)
832 { 818 {
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c
index de54aa6abd..26e1fe9505 100644
--- a/src/lib/libssl/src/apps/s_server.c
+++ b/src/lib/libssl/src/apps/s_server.c
@@ -1091,22 +1091,14 @@ int MAIN(int argc, char *argv[])
1091 else if (strcmp(*argv,"-no_ticket") == 0) 1091 else if (strcmp(*argv,"-no_ticket") == 0)
1092 { off|=SSL_OP_NO_TICKET; } 1092 { off|=SSL_OP_NO_TICKET; }
1093#endif 1093#endif
1094#ifndef OPENSSL_NO_SSL2
1095 else if (strcmp(*argv,"-ssl2") == 0)
1096 { meth=SSLv2_server_method(); }
1097#endif
1098#ifndef OPENSSL_NO_SSL3
1099 else if (strcmp(*argv,"-ssl3") == 0) 1094 else if (strcmp(*argv,"-ssl3") == 0)
1100 { meth=SSLv3_server_method(); } 1095 { meth=SSLv3_server_method(); }
1101#endif
1102#ifndef OPENSSL_NO_TLS1
1103 else if (strcmp(*argv,"-tls1") == 0) 1096 else if (strcmp(*argv,"-tls1") == 0)
1104 { meth=TLSv1_server_method(); } 1097 { meth=TLSv1_server_method(); }
1105 else if (strcmp(*argv,"-tls1_1") == 0) 1098 else if (strcmp(*argv,"-tls1_1") == 0)
1106 { meth=TLSv1_1_server_method(); } 1099 { meth=TLSv1_1_server_method(); }
1107 else if (strcmp(*argv,"-tls1_2") == 0) 1100 else if (strcmp(*argv,"-tls1_2") == 0)
1108 { meth=TLSv1_2_server_method(); } 1101 { meth=TLSv1_2_server_method(); }
1109#endif
1110#ifndef OPENSSL_NO_DTLS1 1102#ifndef OPENSSL_NO_DTLS1
1111 else if (strcmp(*argv,"-dtls1") == 0) 1103 else if (strcmp(*argv,"-dtls1") == 0)
1112 { 1104 {
diff --git a/src/lib/libssl/src/apps/s_time.c b/src/lib/libssl/src/apps/s_time.c
index cda06bba59..f9fcf7d374 100644
--- a/src/lib/libssl/src/apps/s_time.c
+++ b/src/lib/libssl/src/apps/s_time.c
@@ -279,14 +279,8 @@ static int parseArgs(int argc, char **argv)
279 } 279 }
280 else if(strcmp(*argv,"-bugs") == 0) 280 else if(strcmp(*argv,"-bugs") == 0)
281 st_bugs=1; 281 st_bugs=1;
282#ifndef OPENSSL_NO_SSL2
283 else if(strcmp(*argv,"-ssl2") == 0)
284 s_time_meth=SSLv2_client_method();
285#endif
286#ifndef OPENSSL_NO_SSL3
287 else if(strcmp(*argv,"-ssl3") == 0) 282 else if(strcmp(*argv,"-ssl3") == 0)
288 s_time_meth=SSLv3_client_method(); 283 s_time_meth=SSLv3_client_method();
289#endif
290 else if( strcmp(*argv,"-time") == 0) { 284 else if( strcmp(*argv,"-time") == 0) {
291 285
292 if (--argc < 1) goto bad; 286 if (--argc < 1) goto bad;
@@ -346,13 +340,7 @@ int MAIN(int argc, char **argv)
346 if (bio_err == NULL) 340 if (bio_err == NULL)
347 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 341 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
348 342
349#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
350 s_time_meth=SSLv23_client_method();
351#elif !defined(OPENSSL_NO_SSL3)
352 s_time_meth=SSLv3_client_method(); 343 s_time_meth=SSLv3_client_method();
353#elif !defined(OPENSSL_NO_SSL2)
354 s_time_meth=SSLv2_client_method();
355#endif
356 344
357 /* parse the command line arguments */ 345 /* parse the command line arguments */
358 if( parseArgs( argc, argv ) < 0 ) 346 if( parseArgs( argc, argv ) < 0 )
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index 3d2e7510cf..7c9de0dd0e 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -122,10 +122,6 @@ static int ssl23_get_server_hello(SSL *s);
122static const SSL_METHOD 122static const SSL_METHOD
123*ssl23_get_client_method(int ver) 123*ssl23_get_client_method(int ver)
124{ 124{
125#ifndef OPENSSL_NO_SSL2
126 if (ver == SSL2_VERSION)
127 return (SSLv2_client_method());
128#endif
129 if (ver == SSL3_VERSION) 125 if (ver == SSL3_VERSION)
130 return (SSLv3_client_method()); 126 return (SSLv3_client_method());
131 else if (ver == TLS1_VERSION) 127 else if (ver == TLS1_VERSION)
@@ -320,14 +316,7 @@ ssl23_client_hello(SSL *s)
320 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the 316 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
321 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. 317 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
322 */ 318 */
323 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1 319 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3;
324#if !defined(OPENSSL_NO_SSL3)
325 |SSL_OP_NO_SSLv3
326#endif
327#if !defined(OPENSSL_NO_SSL2)
328 |(ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
329#endif
330 ;
331#if !defined(OPENSSL_NO_TLS1_2_CLIENT) 320#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
332 version = TLS1_2_VERSION; 321 version = TLS1_2_VERSION;
333 322
@@ -340,15 +329,9 @@ ssl23_client_hello(SSL *s)
340 if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask) 329 if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
341 version = TLS1_VERSION; 330 version = TLS1_VERSION;
342 mask &= ~SSL_OP_NO_TLSv1; 331 mask &= ~SSL_OP_NO_TLSv1;
343#if !defined(OPENSSL_NO_SSL3)
344 if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask) 332 if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
345 version = SSL3_VERSION; 333 version = SSL3_VERSION;
346 mask &= ~SSL_OP_NO_SSLv3; 334 mask &= ~SSL_OP_NO_SSLv3;
347#endif
348#if !defined(OPENSSL_NO_SSL2)
349 if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
350 version = SSL2_VERSION;
351#endif
352 335
353#ifndef OPENSSL_NO_TLSEXT 336#ifndef OPENSSL_NO_TLSEXT
354 if (version != SSL2_VERSION) { 337 if (version != SSL2_VERSION) {
@@ -592,69 +575,8 @@ ssl23_get_server_hello(SSL *s)
592 575
593 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && 576 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
594 (p[5] == 0x00) && (p[6] == 0x02)) { 577 (p[5] == 0x00) && (p[6] == 0x02)) {
595#ifdef OPENSSL_NO_SSL2
596 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); 578 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
597 goto err; 579 goto err;
598#else
599 /* we are talking sslv2 */
600 /* we need to clean up the SSLv3 setup and put in the
601 * sslv2 stuff. */
602 int ch_len;
603
604 if (s->options & SSL_OP_NO_SSLv2) {
605 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
606 goto err;
607 }
608 if (s->s2 == NULL) {
609 if (!ssl2_new(s))
610 goto err;
611 } else
612 ssl2_clear(s);
613
614 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
615 ch_len = SSL2_CHALLENGE_LENGTH;
616 else
617 ch_len = SSL2_MAX_CHALLENGE_LENGTH;
618
619 /* write out sslv2 challenge */
620 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because
621 it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
622 SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
623 futurproofing */
624 i = (SSL3_RANDOM_SIZE < ch_len) ? SSL3_RANDOM_SIZE : ch_len;
625 s->s2->challenge_length = i;
626 memcpy(s->s2->challenge,
627 &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
628
629 if (s->s3 != NULL)
630 ssl3_free(s);
631
632 if (!BUF_MEM_grow_clean(s->init_buf,
633 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
634 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
635 goto err;
636 }
637
638 s->state = SSL2_ST_GET_SERVER_HELLO_A;
639 if (!(s->client_version == SSL2_VERSION))
640 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
641 s->s2->ssl2_rollback = 1;
642
643 /* setup the 7 bytes we have read so we get them from
644 * the sslv2 buffer */
645 s->rstate = SSL_ST_READ_HEADER;
646 s->packet_length = n;
647 s->packet = &(s->s2->rbuf[0]);
648 memcpy(s->packet, buf, n);
649 s->s2->rbuf_left = n;
650 s->s2->rbuf_offs = 0;
651
652 /* we have already written one */
653 s->s2->write_sequence = 1;
654
655 s->method = SSLv2_client_method();
656 s->handshake_func = s->method->ssl_connect;
657#endif
658 } else if (p[1] == SSL3_VERSION_MAJOR && 580 } else if (p[1] == SSL3_VERSION_MAJOR &&
659 p[2] <= TLS1_2_VERSION_MINOR && 581 p[2] <= TLS1_2_VERSION_MINOR &&
660 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) || 582 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
diff --git a/src/lib/libssl/src/ssl/s23_lib.c b/src/lib/libssl/src/ssl/s23_lib.c
index 3a4d5a6ecb..74afe01d94 100644
--- a/src/lib/libssl/src/ssl/s23_lib.c
+++ b/src/lib/libssl/src/ssl/s23_lib.c
@@ -69,11 +69,7 @@ ssl23_default_timeout(void)
69int 69int
70ssl23_num_ciphers(void) 70ssl23_num_ciphers(void)
71{ 71{
72 return(ssl3_num_ciphers() 72 return(ssl3_num_ciphers());
73#ifndef OPENSSL_NO_SSL2
74 + ssl2_num_ciphers()
75#endif
76 );
77} 73}
78 74
79const SSL_CIPHER 75const SSL_CIPHER
@@ -84,11 +80,7 @@ const SSL_CIPHER
84 if (u < uu) 80 if (u < uu)
85 return (ssl3_get_cipher(u)); 81 return (ssl3_get_cipher(u));
86 else 82 else
87#ifndef OPENSSL_NO_SSL2 83 return (NULL);
88 return (ssl2_get_cipher(u - uu));
89#else
90 return (NULL);
91#endif
92} 84}
93 85
94/* This function needs to check if the ciphers required are actually 86/* This function needs to check if the ciphers required are actually
@@ -99,10 +91,6 @@ const SSL_CIPHER
99 const SSL_CIPHER *cp; 91 const SSL_CIPHER *cp;
100 92
101 cp = ssl3_get_cipher_by_char(p); 93 cp = ssl3_get_cipher_by_char(p);
102#ifndef OPENSSL_NO_SSL2
103 if (cp == NULL)
104 cp = ssl2_get_cipher_by_char(p);
105#endif
106 return (cp); 94 return (cp);
107} 95}
108 96
diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c
index ca1bb6819f..f7d9910b8a 100644
--- a/src/lib/libssl/src/ssl/s23_meth.c
+++ b/src/lib/libssl/src/ssl/s23_meth.c
@@ -64,26 +64,16 @@ static const SSL_METHOD *ssl23_get_method(int ver);
64static const SSL_METHOD 64static const SSL_METHOD
65*ssl23_get_method(int ver) 65*ssl23_get_method(int ver)
66{ 66{
67#ifndef OPENSSL_NO_SSL2
68 if (ver == SSL2_VERSION)
69 return (SSLv2_method());
70 else
71#endif
72#ifndef OPENSSL_NO_SSL3
73 if (ver == SSL3_VERSION) 67 if (ver == SSL3_VERSION)
74 return (SSLv3_method()); 68 return (SSLv3_method());
75 else 69 else if (ver == TLS1_VERSION)
76#endif
77#ifndef OPENSSL_NO_TLS1
78 if (ver == TLS1_VERSION)
79 return (TLSv1_method()); 70 return (TLSv1_method());
80 else if (ver == TLS1_1_VERSION) 71 else if (ver == TLS1_1_VERSION)
81 return (TLSv1_1_method()); 72 return (TLSv1_1_method());
82 else if (ver == TLS1_2_VERSION) 73 else if (ver == TLS1_2_VERSION)
83 return (TLSv1_2_method()); 74 return (TLSv1_2_method());
84 else 75 else
85#endif 76 return (NULL);
86 return (NULL);
87} 77}
88 78
89IMPLEMENT_ssl23_meth_func(SSLv23_method, 79IMPLEMENT_ssl23_meth_func(SSLv23_method,
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index ca95d4e636..a6062667a0 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -121,10 +121,6 @@ int ssl23_get_client_hello(SSL *s);
121static const SSL_METHOD 121static const SSL_METHOD
122*ssl23_get_server_method(int ver) 122*ssl23_get_server_method(int ver)
123{ 123{
124#ifndef OPENSSL_NO_SSL2
125 if (ver == SSL2_VERSION)
126 return (SSLv2_server_method());
127#endif
128 if (ver == SSL3_VERSION) 124 if (ver == SSL3_VERSION)
129 return (SSLv3_server_method()); 125 return (SSLv3_server_method());
130 else if (ver == TLS1_VERSION) 126 else if (ver == TLS1_VERSION)
@@ -480,48 +476,8 @@ ssl23_get_client_hello(SSL *s)
480 /* s->state = SSL23_SR_CLNT_HELLO_C */ 476 /* s->state = SSL23_SR_CLNT_HELLO_C */
481 477
482 if (type == 1) { 478 if (type == 1) {
483#ifdef OPENSSL_NO_SSL2
484 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); 479 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
485 goto err; 480 goto err;
486#else
487 /* we are talking sslv2 */
488 /* we need to clean up the SSLv3/TLSv1 setup and put in the
489 * sslv2 stuff. */
490
491 if (s->s2 == NULL) {
492 if (!ssl2_new(s))
493 goto err;
494 } else
495 ssl2_clear(s);
496
497 if (s->s3 != NULL)
498 ssl3_free(s);
499
500 if (!BUF_MEM_grow_clean(s->init_buf,
501 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
502 goto err;
503 }
504
505 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
506 if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
507 s->s2->ssl2_rollback = 0;
508 else
509 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
510 * (SSL 3.0 draft/RFC 2246, App. E.2) */
511 s->s2->ssl2_rollback = 1;
512
513 /* setup the n bytes we have read so we get them from
514 * the sslv2 buffer */
515 s->rstate = SSL_ST_READ_HEADER;
516 s->packet_length = n;
517 s->packet = &(s->s2->rbuf[0]);
518 memcpy(s->packet, buf, n);
519 s->s2->rbuf_left = n;
520 s->s2->rbuf_offs = 0;
521
522 s->method = SSLv2_server_method();
523 s->handshake_func = s->method->ssl_accept;
524#endif
525 } 481 }
526 482
527 if ((type == 2) || (type == 3)) { 483 if ((type == 2) || (type == 3)) {
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c
deleted file mode 100644
index 6c48c25064..0000000000
--- a/src/lib/libssl/src/ssl/s2_clnt.c
+++ /dev/null
@@ -1,1076 +0,0 @@
1/* ssl/s2_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "ssl_locl.h"
113#ifndef OPENSSL_NO_SSL2
114#include <stdio.h>
115#include <openssl/rand.h>
116#include <openssl/buffer.h>
117#include <openssl/objects.h>
118#include <openssl/evp.h>
119
120static const SSL_METHOD *ssl2_get_client_method(int ver);
121static int get_server_finished(SSL *s);
122static int get_server_verify(SSL *s);
123static int get_server_hello(SSL *s);
124static int client_hello(SSL *s);
125
126static int client_master_key(SSL *s);
127static int client_finished(SSL *s);
128static int client_certificate(SSL *s);
129static int
130ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
131unsigned char *to, int padding);
132#define BREAK break
133
134static const SSL_METHOD
135*ssl2_get_client_method(int ver)
136{
137 if (ver == SSL2_VERSION)
138 return (SSLv2_client_method());
139 else
140 return (NULL);
141}
142
143IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
144 ssl_undefined_function, ssl2_connect, ssl2_get_client_method)
145
146int
147ssl2_connect(SSL *s)
148{
149 BUF_MEM *buf = NULL;
150 int ret = -1;
151 void (*cb)(const SSL *ssl, int type, int val) = NULL;
152 int new_state, state;
153
154 ERR_clear_error();
155 errno = 0;
156
157 if (s->info_callback != NULL)
158 cb = s->info_callback;
159 else if (s->ctx->info_callback != NULL)
160 cb = s->ctx->info_callback;
161
162 /* init things to blank */
163 s->in_handshake++;
164 if (!SSL_in_init(s) || SSL_in_before(s))
165 SSL_clear(s);
166
167 for (;;) {
168 state = s->state;
169
170 switch (s->state) {
171 case SSL_ST_BEFORE:
172 case SSL_ST_CONNECT:
173 case SSL_ST_BEFORE|SSL_ST_CONNECT:
174 case SSL_ST_OK|SSL_ST_CONNECT:
175
176 s->server = 0;
177 if (cb != NULL)
178 cb(s, SSL_CB_HANDSHAKE_START, 1);
179
180 s->version = SSL2_VERSION;
181 s->type = SSL_ST_CONNECT;
182
183 buf = s->init_buf;
184 if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
185 ret = -1;
186 goto end;
187 }
188 if (!BUF_MEM_grow(buf,
189 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
190 if (buf == s->init_buf)
191 buf = NULL;
192 ret = -1;
193 goto end;
194 }
195 s->init_buf = buf;
196 buf = NULL;
197 s->init_num = 0;
198 s->state = SSL2_ST_SEND_CLIENT_HELLO_A;
199 s->ctx->stats.sess_connect++;
200 s->handshake_func = ssl2_connect;
201 BREAK;
202
203 case SSL2_ST_SEND_CLIENT_HELLO_A:
204 case SSL2_ST_SEND_CLIENT_HELLO_B:
205 s->shutdown = 0;
206 ret = client_hello(s);
207 if (ret <= 0)
208 goto end;
209 s->init_num = 0;
210 s->state = SSL2_ST_GET_SERVER_HELLO_A;
211 BREAK;
212
213 case SSL2_ST_GET_SERVER_HELLO_A:
214 case SSL2_ST_GET_SERVER_HELLO_B:
215 ret = get_server_hello(s);
216 if (ret <= 0)
217 goto end;
218 s->init_num = 0;
219 if (!s->hit) /* new session */
220 {
221 s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
222 BREAK;
223
224 } else {
225 s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
226 break;
227 }
228
229 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
230 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
231 ret = client_master_key(s);
232 if (ret <= 0)
233 goto end;
234 s->init_num = 0;
235 s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
236 break;
237
238 case SSL2_ST_CLIENT_START_ENCRYPTION:
239 /* Ok, we now have all the stuff needed to
240 * start encrypting, so lets fire it up :-) */
241 if (!ssl2_enc_init(s, 1)) {
242 ret = -1;
243 goto end;
244 }
245 s->s2->clear_text = 0;
246 s->state = SSL2_ST_SEND_CLIENT_FINISHED_A;
247 break;
248
249 case SSL2_ST_SEND_CLIENT_FINISHED_A:
250 case SSL2_ST_SEND_CLIENT_FINISHED_B:
251 ret = client_finished(s);
252 if (ret <= 0)
253 goto end;
254 s->init_num = 0;
255 s->state = SSL2_ST_GET_SERVER_VERIFY_A;
256 break;
257
258 case SSL2_ST_GET_SERVER_VERIFY_A:
259 case SSL2_ST_GET_SERVER_VERIFY_B:
260 ret = get_server_verify(s);
261 if (ret <= 0)
262 goto end;
263 s->init_num = 0;
264 s->state = SSL2_ST_GET_SERVER_FINISHED_A;
265 break;
266
267 case SSL2_ST_GET_SERVER_FINISHED_A:
268 case SSL2_ST_GET_SERVER_FINISHED_B:
269 ret = get_server_finished(s);
270 if (ret <= 0)
271 goto end;
272 break;
273
274 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
275 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
276 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
277 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
278 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
279 ret = client_certificate(s);
280 if (ret <= 0)
281 goto end;
282 s->init_num = 0;
283 s->state = SSL2_ST_GET_SERVER_FINISHED_A;
284 break;
285
286 case SSL_ST_OK:
287 if (s->init_buf != NULL) {
288 BUF_MEM_free(s->init_buf);
289 s->init_buf = NULL;
290 }
291 s->init_num = 0;
292 /* ERR_clear_error();*/
293
294 /* If we want to cache session-ids in the client
295 * and we successfully add the session-id to the
296 * cache, and there is a callback, then pass it out.
297 * 26/11/96 - eay - only add if not a re-used session.
298 */
299
300 ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
301 if (s->hit)
302 s->ctx->stats.sess_hit++;
303
304 ret = 1;
305 /* s->server=0; */
306 s->ctx->stats.sess_connect_good++;
307
308 if (cb != NULL)
309 cb(s, SSL_CB_HANDSHAKE_DONE, 1);
310
311 goto end;
312 /* break; */
313 default:
314 SSLerr(SSL_F_SSL2_CONNECT, SSL_R_UNKNOWN_STATE);
315 return (-1);
316 /* break; */
317 }
318
319 if ((cb != NULL) && (s->state != state)) {
320 new_state = s->state;
321 s->state = state;
322 cb(s, SSL_CB_CONNECT_LOOP, 1);
323 s->state = new_state;
324 }
325 }
326end:
327 s->in_handshake--;
328 if (buf != NULL)
329 BUF_MEM_free(buf);
330 if (cb != NULL)
331 cb(s, SSL_CB_CONNECT_EXIT, ret);
332 return (ret);
333}
334
335static int
336get_server_hello(SSL *s)
337{
338 unsigned char *buf;
339 unsigned char *p;
340 int i, j;
341 unsigned long len;
342 STACK_OF(SSL_CIPHER) *sk = NULL, *cl, *prio, *allow;
343
344 buf = (unsigned char *)s->init_buf->data;
345 p = buf;
346 if (s->state == SSL2_ST_GET_SERVER_HELLO_A) {
347 i = ssl2_read(s,(char *)&(buf[s->init_num]), 11 - s->init_num);
348 if (i < (11 - s->init_num))
349 return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
350 s->init_num = 11;
351
352 if (*(p++) != SSL2_MT_SERVER_HELLO) {
353 if (p[-1] != SSL2_MT_ERROR) {
354 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
355 SSLerr(SSL_F_GET_SERVER_HELLO,
356 SSL_R_READ_WRONG_PACKET_TYPE);
357 } else
358 SSLerr(SSL_F_GET_SERVER_HELLO,
359 SSL_R_PEER_ERROR);
360 return (-1);
361 }
362#if 0
363 s->hit = (*(p++)) ? 1 : 0;
364 /* Some [PPC?] compilers fail to increment p in above
365 statement, e.g. one provided with Rhapsody 5.5, but
366 most recent example XL C 11.1 for AIX, even without
367 optimization flag... */
368#else
369 s->hit = (*p) ? 1 : 0;
370 p++;
371#endif
372 s->s2->tmp.cert_type= *(p++);
373 n2s(p, i);
374 if (i < s->version)
375 s->version = i;
376 n2s(p, i);
377 s->s2->tmp.cert_length = i;
378 n2s(p, i);
379 s->s2->tmp.csl = i;
380 n2s(p, i);
381 s->s2->tmp.conn_id_length = i;
382 s->state = SSL2_ST_GET_SERVER_HELLO_B;
383 }
384
385 /* SSL2_ST_GET_SERVER_HELLO_B */
386 len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length;
387 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
388 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_MESSAGE_TOO_LONG);
389 return -1;
390 }
391 j = (int)len - s->init_num;
392 i = ssl2_read(s,(char *)&(buf[s->init_num]), j);
393 if (i != j)
394 return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
395 if (s->msg_callback)
396 s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */
397
398 /* things are looking good */
399
400 p = buf + 11;
401 if (s->hit) {
402 if (s->s2->tmp.cert_length != 0) {
403 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
404 return (-1);
405 }
406 if (s->s2->tmp.cert_type != 0) {
407 if (!(s->options &
408 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) {
409 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
410 return (-1);
411 }
412 }
413 if (s->s2->tmp.csl != 0) {
414 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
415 return (-1);
416 }
417 } else {
418#ifdef undef
419 /* very bad */
420 memset(s->session->session_id, 0,
421 SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
422 s->session->session_id_length = 0;
423 */
424#endif
425
426 /* we need to do this in case we were trying to reuse a
427 * client session but others are already reusing it.
428 * If this was a new 'blank' session ID, the session-id
429 * length will still be 0 */
430 if (s->session->session_id_length > 0) {
431 if (!ssl_get_new_session(s, 0)) {
432 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
433 return (-1);
434 }
435 }
436
437 if (ssl2_set_certificate(s, s->s2->tmp.cert_type,
438 s->s2->tmp.cert_length, p) <= 0) {
439 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
440 return (-1);
441 }
442 p += s->s2->tmp.cert_length;
443
444 if (s->s2->tmp.csl == 0) {
445 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
446 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_LIST);
447 return (-1);
448 }
449
450 /* We have just received a list of ciphers back from the
451 * server. We need to get the ones that match, then select
452 * the one we want the most :-). */
453
454 /* load the ciphers */
455 sk = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.csl,
456 &s->session->ciphers);
457 p += s->s2->tmp.csl;
458 if (sk == NULL) {
459 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
460 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
461 return (-1);
462 }
463
464 (void)sk_SSL_CIPHER_set_cmp_func(sk, ssl_cipher_ptr_id_cmp);
465
466 /* get the array of ciphers we will accept */
467 cl = SSL_get_ciphers(s);
468 (void)sk_SSL_CIPHER_set_cmp_func(cl, ssl_cipher_ptr_id_cmp);
469
470 /*
471 * If server preference flag set, choose the first
472 * (highest priority) cipher the server sends, otherwise
473 * client preference has priority.
474 */
475 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
476 prio = sk;
477 allow = cl;
478 } else {
479 prio = cl;
480 allow = sk;
481 }
482 /* In theory we could have ciphers sent back that we
483 * don't want to use but that does not matter since we
484 * will check against the list we originally sent and
485 * for performance reasons we should not bother to match
486 * the two lists up just to check. */
487 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
488 if (sk_SSL_CIPHER_find(allow,
489 sk_SSL_CIPHER_value(prio, i)) >= 0)
490 break;
491 }
492
493 if (i >= sk_SSL_CIPHER_num(prio)) {
494 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
495 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_MATCH);
496 return (-1);
497 }
498 s->session->cipher = sk_SSL_CIPHER_value(prio, i);
499
500
501 if (s->session->peer != NULL) /* can't happen*/
502 {
503 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
504 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
505 return (-1);
506 }
507
508 s->session->peer = s->session->sess_cert->peer_key->x509;
509 /* peer_key->x509 has been set by ssl2_set_certificate. */
510 CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
511 }
512
513 if (s->session->sess_cert == NULL
514 || s->session->peer != s->session->sess_cert->peer_key->x509)
515 /* can't happen */
516 {
517 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
518 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
519 return (-1);
520 }
521
522 s->s2->conn_id_length = s->s2->tmp.conn_id_length;
523 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
524 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
525 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
526 return -1;
527 }
528 memcpy(s->s2->conn_id, p, s->s2->tmp.conn_id_length);
529 return (1);
530}
531
532static int
533client_hello(SSL *s)
534{
535 unsigned char *buf;
536 unsigned char *p, *d;
537/* CIPHER **cipher;*/
538 int i, n, j;
539
540 buf = (unsigned char *)s->init_buf->data;
541 if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) {
542 if ((s->session == NULL) ||
543 (s->session->ssl_version != s->version)) {
544 if (!ssl_get_new_session(s, 0)) {
545 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
546 return (-1);
547 }
548 }
549 /* else use the pre-loaded session */
550
551 p = buf;
552 /* header */
553 d = p + 9;
554 /* data section */
555 *(p++) = SSL2_MT_CLIENT_HELLO;
556 /* type */
557 s2n(SSL2_VERSION, p);
558 /* version */
559 n = j=0;
560
561 n = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), d, 0);
562 d += n;
563
564 if (n == 0) {
565 SSLerr(SSL_F_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
566 return (-1);
567 }
568
569 s2n(n, p);
570 /* cipher spec num bytes */
571
572 if ((s->session->session_id_length > 0) &&
573 (s->session->session_id_length <=
574 SSL2_MAX_SSL_SESSION_ID_LENGTH)) {
575 i = s->session->session_id_length;
576 s2n(i, p);
577 /* session id length */
578 memcpy(d, s->session->session_id,(unsigned int)i);
579 d += i;
580 } else {
581 s2n(0, p);
582 }
583
584 s->s2->challenge_length = SSL2_CHALLENGE_LENGTH;
585 s2n(SSL2_CHALLENGE_LENGTH, p);
586 /* challenge length */
587 /*challenge id data*/
588 if (RAND_pseudo_bytes(s->s2->challenge, SSL2_CHALLENGE_LENGTH) <= 0)
589 return -1;
590 memcpy(d, s->s2->challenge, SSL2_CHALLENGE_LENGTH);
591 d += SSL2_CHALLENGE_LENGTH;
592
593 s->state = SSL2_ST_SEND_CLIENT_HELLO_B;
594 s->init_num = d - buf;
595 s->init_off = 0;
596 }
597 /* SSL2_ST_SEND_CLIENT_HELLO_B */
598 return (ssl2_do_write(s));
599}
600
601static int
602client_master_key(SSL *s)
603{
604 unsigned char *buf;
605 unsigned char *p, *d;
606 int clear, enc, karg, i;
607 SSL_SESSION *sess;
608 const EVP_CIPHER *c;
609 const EVP_MD *md;
610
611 buf = (unsigned char *)s->init_buf->data;
612 if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) {
613
614 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
615 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
616 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
617 return (-1);
618 }
619 sess = s->session;
620 p = buf;
621 d = p + 10;
622 *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
623
624 i = ssl_put_cipher_by_char(s, sess->cipher, p);
625 p += i;
626
627 /* make key_arg data */
628 i = EVP_CIPHER_iv_length(c);
629 sess->key_arg_length = i;
630 if (i > SSL_MAX_KEY_ARG_LENGTH) {
631 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
632 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
633 return -1;
634 }
635 if (i > 0)
636 if (RAND_pseudo_bytes(sess->key_arg, i) <= 0)
637 return -1;
638
639 /* make a master key */
640 i = EVP_CIPHER_key_length(c);
641 sess->master_key_length = i;
642 if (i > 0) {
643 if (i > (int)sizeof(sess->master_key)) {
644 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
645 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
646 return -1;
647 }
648 if (RAND_bytes(sess->master_key, i) <= 0) {
649 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
650 return (-1);
651 }
652 }
653
654 if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
655 enc = 8;
656 else if (SSL_C_IS_EXPORT(sess->cipher))
657 enc = 5;
658 else
659 enc = i;
660
661 if ((int)i < enc) {
662 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
663 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_CIPHER_TABLE_SRC_ERROR);
664 return (-1);
665 }
666 clear = i - enc;
667 s2n(clear, p);
668 memcpy(d, sess->master_key,(unsigned int)clear);
669 d += clear;
670
671 enc = ssl_rsa_public_encrypt(sess->sess_cert, enc,
672 &(sess->master_key[clear]), d,
673 (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
674 RSA_PKCS1_PADDING);
675 if (enc <= 0) {
676 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
677 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
678 return (-1);
679 }
680#ifdef PKCS1_CHECK
681 if (s->options & SSL_OP_PKCS1_CHECK_1)
682 d[1]++;
683 if (s->options & SSL_OP_PKCS1_CHECK_2)
684 sess->master_key[clear]++;
685#endif
686 s2n(enc, p);
687 d += enc;
688 karg = sess->key_arg_length;
689
690 s2n(karg,p); /* key arg size */
691 if (karg > (int)sizeof(sess->key_arg)) {
692 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
693 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
694 return -1;
695 }
696 memcpy(d, sess->key_arg,(unsigned int)karg);
697 d += karg;
698
699 s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
700 s->init_num = d - buf;
701 s->init_off = 0;
702 }
703
704 /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
705 return (ssl2_do_write(s));
706}
707
708static int
709client_finished(SSL *s)
710{
711 unsigned char *p;
712
713 if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
714 p = (unsigned char *)s->init_buf->data;
715 *(p++) = SSL2_MT_CLIENT_FINISHED;
716 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
717 SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
718 return -1;
719 }
720 memcpy(p, s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
721
722 s->state = SSL2_ST_SEND_CLIENT_FINISHED_B;
723 s->init_num = s->s2->conn_id_length + 1;
724 s->init_off = 0;
725 }
726 return (ssl2_do_write(s));
727}
728
729/* read the data and then respond */
730static int
731client_certificate(SSL *s)
732{
733 unsigned char *buf;
734 unsigned char *p, *d;
735 int i;
736 unsigned int n;
737 int cert_ch_len;
738 unsigned char *cert_ch;
739
740 buf = (unsigned char *)s->init_buf->data;
741
742 /* We have a cert associated with the SSL, so attach it to
743 * the session if it does not have one */
744
745 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) {
746 i = ssl2_read(s,(char *)&(buf[s->init_num]),
747 SSL2_MAX_CERT_CHALLENGE_LENGTH + 2 - s->init_num);
748 if (i < (SSL2_MIN_CERT_CHALLENGE_LENGTH + 2 - s->init_num))
749 return (ssl2_part_read(s, SSL_F_CLIENT_CERTIFICATE, i));
750 s->init_num += i;
751 if (s->msg_callback)
752 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */
753
754 /* type=buf[0]; */
755 /* type eq x509 */
756 if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
757 ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
758 SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_AUTHENTICATION_TYPE);
759 return (-1);
760 }
761
762 if ((s->cert == NULL) || (s->cert->key->x509 == NULL) ||
763 (s->cert->key->privatekey == NULL)) {
764 s->state = SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
765 } else
766 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
767 }
768
769 cert_ch = buf + 2;
770 cert_ch_len = s->init_num - 2;
771
772 if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) {
773 X509 *x509 = NULL;
774 EVP_PKEY *pkey = NULL;
775
776 /* If we get an error we need to
777 * ssl->rwstate=SSL_X509_LOOKUP;
778 * return(error);
779 * We should then be retried when things are ok and we
780 * can get a cert or not */
781
782 i = 0;
783 if (s->ctx->client_cert_cb != NULL) {
784 i = s->ctx->client_cert_cb(s, &(x509), &(pkey));
785 }
786
787 if (i < 0) {
788 s->rwstate = SSL_X509_LOOKUP;
789 return (-1);
790 }
791 s->rwstate = SSL_NOTHING;
792
793 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
794 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
795 if (!SSL_use_certificate(s, x509) ||
796 !SSL_use_PrivateKey(s, pkey)) {
797 i = 0;
798 }
799 X509_free(x509);
800 EVP_PKEY_free(pkey);
801 } else if (i == 1) {
802 if (x509 != NULL)
803 X509_free(x509);
804 if (pkey != NULL)
805 EVP_PKEY_free(pkey);
806 SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
807 i = 0;
808 }
809
810 if (i == 0) {
811 /* We have no client certificate to respond with
812 * so send the correct error message back */
813 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
814 p = buf;
815 *(p++) = SSL2_MT_ERROR;
816 s2n(SSL2_PE_NO_CERTIFICATE, p);
817 s->init_off = 0;
818 s->init_num = 3;
819 /* Write is done at the end */
820 }
821 }
822
823 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) {
824 return (ssl2_do_write(s));
825 }
826
827 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) {
828 EVP_MD_CTX ctx;
829
830 /* ok, now we calculate the checksum
831 * do it first so we can reuse buf :-) */
832 p = buf;
833 EVP_MD_CTX_init(&ctx);
834 EVP_SignInit_ex(&ctx, s->ctx->rsa_md5, NULL);
835 EVP_SignUpdate(&ctx, s->s2->key_material,
836 s->s2->key_material_length);
837 EVP_SignUpdate(&ctx, cert_ch,(unsigned int)cert_ch_len);
838 i = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
839 /* Don't update the signature if it fails - FIXME: probably should handle this better */
840 if (i > 0)
841 EVP_SignUpdate(&ctx, buf,(unsigned int)i);
842
843 p = buf;
844 d = p + 6;
845 *(p++) = SSL2_MT_CLIENT_CERTIFICATE;
846 *(p++) = SSL2_CT_X509_CERTIFICATE;
847 n = i2d_X509(s->cert->key->x509, &d);
848 s2n(n, p);
849
850 if (!EVP_SignFinal(&ctx, d, &n, s->cert->key->privatekey)) {
851 /* this is not good. If things have failed it
852 * means there so something wrong with the key.
853 * We will continue with a 0 length signature
854 */
855 }
856 EVP_MD_CTX_cleanup(&ctx);
857 s2n(n, p);
858 d += n;
859
860 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
861 s->init_num = d - buf;
862 s->init_off = 0;
863 }
864 /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
865 return (ssl2_do_write(s));
866}
867
868static int
869get_server_verify(SSL *s)
870{
871 unsigned char *p;
872 int i, n, len;
873
874 p = (unsigned char *)s->init_buf->data;
875 if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) {
876 i = ssl2_read(s,(char *)&(p[s->init_num]), 1 - s->init_num);
877 if (i < (1 - s->init_num))
878 return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
879 s->init_num += i;
880
881 s->state = SSL2_ST_GET_SERVER_VERIFY_B;
882 if (*p != SSL2_MT_SERVER_VERIFY) {
883 if (p[0] != SSL2_MT_ERROR) {
884 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
885 SSLerr(SSL_F_GET_SERVER_VERIFY,
886 SSL_R_READ_WRONG_PACKET_TYPE);
887 } else {
888 SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_PEER_ERROR);
889 /* try to read the error message */
890 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
891 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
892 }
893 return (-1);
894 }
895 }
896
897 p = (unsigned char *)s->init_buf->data;
898 len = 1 + s->s2->challenge_length;
899 n = len - s->init_num;
900 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
901 if (i < n)
902 return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
903 if (s->msg_callback)
904 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
905 p += 1;
906
907 if (CRYPTO_memcmp(p, s->s2->challenge, s->s2->challenge_length) != 0) {
908 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
909 SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_CHALLENGE_IS_DIFFERENT);
910 return (-1);
911 }
912 return (1);
913}
914
915static int
916get_server_finished(SSL *s)
917{
918 unsigned char *buf;
919 unsigned char *p;
920 int i, n, len;
921
922 buf = (unsigned char *)s->init_buf->data;
923 p = buf;
924 if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) {
925 i = ssl2_read(s,(char *)&(buf[s->init_num]), 1 - s->init_num);
926 if (i < (1 - s->init_num))
927 return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
928 s->init_num += i;
929
930 if (*p == SSL2_MT_REQUEST_CERTIFICATE) {
931 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
932 return (1);
933 } else if (*p != SSL2_MT_SERVER_FINISHED) {
934 if (p[0] != SSL2_MT_ERROR) {
935 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
936 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_READ_WRONG_PACKET_TYPE);
937 } else {
938 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_PEER_ERROR);
939 /* try to read the error message */
940 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
941 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
942 }
943 return (-1);
944 }
945 s->state = SSL2_ST_GET_SERVER_FINISHED_B;
946 }
947
948 len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
949 n = len - s->init_num;
950 i = ssl2_read(s,(char *)&(buf[s->init_num]), n);
951 if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */
952 return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
953 s->init_num += i;
954 if (s->msg_callback)
955 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */
956
957 if (!s->hit) /* new session */
958 {
959 /* new session-id */
960 /* Make sure we were not trying to re-use an old SSL_SESSION
961 * or bad things can happen */
962 /* ZZZZZZZZZZZZZ */
963 s->session->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
964 memcpy(s->session->session_id, p + 1, SSL2_SSL_SESSION_ID_LENGTH);
965 } else {
966 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
967 if ((s->session->session_id_length > sizeof s->session->session_id)
968 || (0 != memcmp(buf + 1, s->session->session_id,
969 (unsigned int)s->session->session_id_length))) {
970 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
971 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
972 return (-1);
973 }
974 }
975 }
976 s->state = SSL_ST_OK;
977 return (1);
978}
979
980/* loads in the certificate from the server */
981int
982ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
983{
984 STACK_OF(X509) *sk = NULL;
985 EVP_PKEY *pkey = NULL;
986 SESS_CERT *sc = NULL;
987 int i;
988 X509 *x509 = NULL;
989 int ret = 0;
990
991 x509 = d2i_X509(NULL, &data,(long)len);
992 if (x509 == NULL) {
993 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_X509_LIB);
994 goto err;
995 }
996
997 if ((sk = sk_X509_new_null()) == NULL || !sk_X509_push(sk, x509)) {
998 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_MALLOC_FAILURE);
999 goto err;
1000 }
1001
1002 i = ssl_verify_cert_chain(s, sk);
1003
1004 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
1005 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED);
1006 goto err;
1007 }
1008 ERR_clear_error(); /* but we keep s->verify_result */
1009 s->session->verify_result = s->verify_result;
1010
1011 /* server's cert for this session */
1012 sc = ssl_sess_cert_new();
1013 if (sc == NULL) {
1014 ret = -1;
1015 goto err;
1016 }
1017 if (s->session->sess_cert)
1018 ssl_sess_cert_free(s->session->sess_cert);
1019 s->session->sess_cert = sc;
1020
1021 sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509 = x509;
1022 sc->peer_key = &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
1023
1024 pkey = X509_get_pubkey(x509);
1025 x509 = NULL;
1026 if (pkey == NULL) {
1027 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
1028 goto err;
1029 }
1030 if (pkey->type != EVP_PKEY_RSA) {
1031 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_PUBLIC_KEY_NOT_RSA);
1032 goto err;
1033 }
1034
1035 if (!ssl_set_peer_cert_type(sc, SSL2_CT_X509_CERTIFICATE))
1036 goto err;
1037 ret = 1;
1038err:
1039 sk_X509_free(sk);
1040 X509_free(x509);
1041 EVP_PKEY_free(pkey);
1042 return (ret);
1043}
1044
1045static int
1046ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
1047 unsigned char *to, int padding)
1048{
1049 EVP_PKEY *pkey = NULL;
1050 int i = -1;
1051
1052 if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
1053 ((pkey = X509_get_pubkey(sc->peer_key->x509)) == NULL)) {
1054 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_NO_PUBLICKEY);
1055 return (-1);
1056 }
1057 if (pkey->type != EVP_PKEY_RSA) {
1058 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1059 goto end;
1060 }
1061
1062 /* we have the public key */
1063 i = RSA_public_encrypt(len, from, to, pkey->pkey.rsa, padding);
1064 if (i < 0)
1065 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, ERR_R_RSA_LIB);
1066end:
1067 EVP_PKEY_free(pkey);
1068 return (i);
1069}
1070#else /* !OPENSSL_NO_SSL2 */
1071
1072# if PEDANTIC
1073static void *dummy = &dummy;
1074# endif
1075
1076#endif
diff --git a/src/lib/libssl/src/ssl/s2_enc.c b/src/lib/libssl/src/ssl/s2_enc.c
deleted file mode 100644
index 8d2273f9ef..0000000000
--- a/src/lib/libssl/src/ssl/s2_enc.c
+++ /dev/null
@@ -1,190 +0,0 @@
1/* ssl/s2_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "ssl_locl.h"
60#ifndef OPENSSL_NO_SSL2
61#include <stdio.h>
62
63int
64ssl2_enc_init(SSL *s, int client)
65{
66 /* Max number of bytes needed */
67 EVP_CIPHER_CTX *rs, *ws;
68 const EVP_CIPHER *c;
69 const EVP_MD *md;
70 int num;
71
72 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
73 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
74 SSLerr(SSL_F_SSL2_ENC_INIT, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
75 return (0);
76 }
77 ssl_replace_hash(&s->read_hash, md);
78 ssl_replace_hash(&s->write_hash, md);
79
80 if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx =
81 (EVP_CIPHER_CTX *)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
82 goto err;
83
84 /* make sure it's intialized in case the malloc for enc_write_ctx fails
85 * and we exit with an error */
86 rs = s->enc_read_ctx;
87 EVP_CIPHER_CTX_init(rs);
88
89 if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx =
90 (EVP_CIPHER_CTX *)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
91 goto err;
92
93 ws = s->enc_write_ctx;
94 EVP_CIPHER_CTX_init(ws);
95
96 num = c->key_len;
97 s->s2->key_material_length = num*2;
98 OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
99
100 if (ssl2_generate_key_material(s) <= 0)
101 return 0;
102
103 OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
104 EVP_EncryptInit_ex(ws, c, NULL, &(s->s2->key_material[(client) ? num : 0]),
105 s->session->key_arg);
106 EVP_DecryptInit_ex(rs, c, NULL, &(s->s2->key_material[(client) ? 0 : num]),
107 s->session->key_arg);
108 s->s2->read_key = &(s->s2->key_material[(client) ? 0 : num]);
109 s->s2->write_key = &(s->s2->key_material[(client) ? num : 0]);
110 return (1);
111err:
112 SSLerr(SSL_F_SSL2_ENC_INIT, ERR_R_MALLOC_FAILURE);
113 return (0);
114}
115
116/* read/writes from s->s2->mac_data using length for encrypt and
117 * decrypt. It sets s->s2->padding and s->[rw]length
118 * if we are encrypting */
119void
120ssl2_enc(SSL *s, int send)
121{
122 EVP_CIPHER_CTX *ds;
123 unsigned long l;
124 int bs;
125
126 if (send) {
127 ds = s->enc_write_ctx;
128 l = s->s2->wlength;
129 } else {
130 ds = s->enc_read_ctx;
131 l = s->s2->rlength;
132 }
133
134 /* check for NULL cipher */
135 if (ds == NULL)
136 return;
137
138
139 bs = ds->cipher->block_size;
140 /* This should be using (bs-1) and bs instead of 7 and 8, but
141 * what the hell. */
142 if (bs == 8)
143 l = (l + 7) / 8 * 8;
144
145 EVP_Cipher(ds, s->s2->mac_data, s->s2->mac_data, l);
146}
147
148void
149ssl2_mac(SSL *s, unsigned char *md, int send)
150{
151 EVP_MD_CTX c;
152 unsigned char sequence[4], *p, *sec, *act;
153 unsigned long seq;
154 unsigned int len;
155
156 if (send) {
157 seq = s->s2->write_sequence;
158 sec = s->s2->write_key;
159 len = s->s2->wact_data_length;
160 act = s->s2->wact_data;
161 } else {
162 seq = s->s2->read_sequence;
163 sec = s->s2->read_key;
164 len = s->s2->ract_data_length;
165 act = s->s2->ract_data;
166 }
167
168 p = &(sequence[0]);
169 l2n(seq, p);
170
171 /* There has to be a MAC algorithm. */
172 EVP_MD_CTX_init(&c);
173 EVP_MD_CTX_copy(&c, s->read_hash);
174 EVP_DigestUpdate(&c, sec,
175 EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
176 EVP_DigestUpdate(&c, act, len);
177
178 /* the above line also does the pad data */
179 EVP_DigestUpdate(&c, sequence, 4);
180
181 EVP_DigestFinal_ex(&c, md, NULL);
182 EVP_MD_CTX_cleanup(&c);
183}
184#else /* !OPENSSL_NO_SSL2 */
185
186# if PEDANTIC
187static void *dummy = &dummy;
188# endif
189
190#endif
diff --git a/src/lib/libssl/src/ssl/s2_lib.c b/src/lib/libssl/src/ssl/s2_lib.c
deleted file mode 100644
index 76ed912927..0000000000
--- a/src/lib/libssl/src/ssl/s2_lib.c
+++ /dev/null
@@ -1,569 +0,0 @@
1/* ssl/s2_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "ssl_locl.h"
113#ifndef OPENSSL_NO_SSL2
114#include <stdio.h>
115#include <openssl/objects.h>
116#include <openssl/evp.h>
117#include <openssl/md5.h>
118
119const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT;
120
121#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
122
123/* list of available SSLv2 ciphers (sorted by id) */
124OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
125#if 0
126/* NULL_WITH_MD5 v3 */
127 {
128 1,
129 SSL2_TXT_NULL_WITH_MD5,
130 SSL2_CK_NULL_WITH_MD5,
131 SSL_kRSA,
132 SSL_aRSA,
133 SSL_eNULL,
134 SSL_MD5,
135 SSL_SSLV2,
136 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
137 0,
138 0,
139 0,
140 },
141#endif
142
143/* RC4_128_WITH_MD5 */
144 {
145 1,
146 SSL2_TXT_RC4_128_WITH_MD5,
147 SSL2_CK_RC4_128_WITH_MD5,
148 SSL_kRSA,
149 SSL_aRSA,
150 SSL_RC4,
151 SSL_MD5,
152 SSL_SSLV2,
153 SSL_NOT_EXP|SSL_MEDIUM,
154 0,
155 128,
156 128,
157 },
158
159/* RC4_128_EXPORT40_WITH_MD5 */
160 {
161 1,
162 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
163 SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
164 SSL_kRSA,
165 SSL_aRSA,
166 SSL_RC4,
167 SSL_MD5,
168 SSL_SSLV2,
169 SSL_EXPORT|SSL_EXP40,
170 SSL2_CF_5_BYTE_ENC,
171 40,
172 128,
173 },
174
175/* RC2_128_CBC_WITH_MD5 */
176 {
177 1,
178 SSL2_TXT_RC2_128_CBC_WITH_MD5,
179 SSL2_CK_RC2_128_CBC_WITH_MD5,
180 SSL_kRSA,
181 SSL_aRSA,
182 SSL_RC2,
183 SSL_MD5,
184 SSL_SSLV2,
185 SSL_NOT_EXP|SSL_MEDIUM,
186 0,
187 128,
188 128,
189 },
190
191/* RC2_128_CBC_EXPORT40_WITH_MD5 */
192 {
193 1,
194 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
195 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
196 SSL_kRSA,
197 SSL_aRSA,
198 SSL_RC2,
199 SSL_MD5,
200 SSL_SSLV2,
201 SSL_EXPORT|SSL_EXP40,
202 SSL2_CF_5_BYTE_ENC,
203 40,
204 128,
205 },
206
207#ifndef OPENSSL_NO_IDEA
208/* IDEA_128_CBC_WITH_MD5 */
209 {
210 1,
211 SSL2_TXT_IDEA_128_CBC_WITH_MD5,
212 SSL2_CK_IDEA_128_CBC_WITH_MD5,
213 SSL_kRSA,
214 SSL_aRSA,
215 SSL_IDEA,
216 SSL_MD5,
217 SSL_SSLV2,
218 SSL_NOT_EXP|SSL_MEDIUM,
219 0,
220 128,
221 128,
222 },
223#endif
224
225/* DES_64_CBC_WITH_MD5 */
226 {
227 1,
228 SSL2_TXT_DES_64_CBC_WITH_MD5,
229 SSL2_CK_DES_64_CBC_WITH_MD5,
230 SSL_kRSA,
231 SSL_aRSA,
232 SSL_DES,
233 SSL_MD5,
234 SSL_SSLV2,
235 SSL_NOT_EXP|SSL_LOW,
236 0,
237 56,
238 56,
239 },
240
241/* DES_192_EDE3_CBC_WITH_MD5 */
242 {
243 1,
244 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
245 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
246 SSL_kRSA,
247 SSL_aRSA,
248 SSL_3DES,
249 SSL_MD5,
250 SSL_SSLV2,
251 SSL_NOT_EXP|SSL_HIGH,
252 0,
253 168,
254 168,
255 },
256
257#if 0
258/* RC4_64_WITH_MD5 */
259 {
260 1,
261 SSL2_TXT_RC4_64_WITH_MD5,
262 SSL2_CK_RC4_64_WITH_MD5,
263 SSL_kRSA,
264 SSL_aRSA,
265 SSL_RC4,
266 SSL_MD5,
267 SSL_SSLV2,
268 SSL_NOT_EXP|SSL_LOW,
269 SSL2_CF_8_BYTE_ENC,
270 64,
271 64,
272 },
273#endif
274
275#if 0
276/* NULL SSLeay (testing) */
277 {
278 0,
279 SSL2_TXT_NULL,
280 SSL2_CK_NULL,
281 0,
282 0,
283 0,
284 0,
285 SSL_SSLV2,
286 SSL_STRONG_NONE,
287 0,
288 0,
289 0,
290 },
291#endif
292
293/* end of list :-) */
294};
295
296long
297ssl2_default_timeout(void)
298{
299 return (300);
300}
301
302int
303ssl2_num_ciphers(void)
304{
305 return (SSL2_NUM_CIPHERS);
306}
307
308const SSL_CIPHER
309*ssl2_get_cipher(unsigned int u)
310{
311 if (u < SSL2_NUM_CIPHERS)
312 return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
313 else
314 return (NULL);
315}
316
317int
318ssl2_pending(const SSL *s)
319{
320 return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
321}
322
323int
324ssl2_new(SSL *s)
325{
326 SSL2_STATE *s2;
327
328 if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
329 goto err;
330 memset(s2, 0, sizeof *s2);
331
332#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
333# error "assertion failed"
334#endif
335
336 if ((s2->rbuf = OPENSSL_malloc(
337 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL)
338 goto err;
339 /* wbuf needs one byte more because when using two-byte headers,
340 * we leave the first byte unused in do_ssl_write (s2_pkt.c) */
341 if ((s2->wbuf = OPENSSL_malloc(
342 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL)
343 goto err;
344 s->s2 = s2;
345
346 ssl2_clear(s);
347 return (1);
348err:
349 if (s2 != NULL) {
350 if (s2->wbuf != NULL)
351 OPENSSL_free(s2->wbuf);
352 if (s2->rbuf != NULL)
353 OPENSSL_free(s2->rbuf);
354 OPENSSL_free(s2);
355 }
356 return (0);
357}
358
359void
360ssl2_free(SSL *s)
361{
362 SSL2_STATE *s2;
363
364 if (s == NULL)
365 return;
366
367 s2 = s->s2;
368 if (s2->rbuf != NULL)
369 OPENSSL_free(s2->rbuf);
370 if (s2->wbuf != NULL)
371 OPENSSL_free(s2->wbuf);
372 OPENSSL_cleanse(s2, sizeof *s2);
373 OPENSSL_free(s2);
374 s->s2 = NULL;
375}
376
377void
378ssl2_clear(SSL *s)
379{
380 SSL2_STATE *s2;
381 unsigned char *rbuf, *wbuf;
382
383 s2 = s->s2;
384
385 rbuf = s2->rbuf;
386 wbuf = s2->wbuf;
387
388 memset(s2, 0, sizeof *s2);
389
390 s2->rbuf = rbuf;
391 s2->wbuf = wbuf;
392 s2->clear_text = 1;
393 s->packet = s2->rbuf;
394 s->version = SSL2_VERSION;
395 s->packet_length = 0;
396}
397
398long
399ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
400{
401 int ret = 0;
402
403 switch (cmd) {
404 case SSL_CTRL_GET_SESSION_REUSED:
405 ret = s->hit;
406 break;
407 default:
408 break;
409 }
410 return (ret);
411}
412
413long
414ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
415{
416 return (0);
417}
418
419long
420ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
421{
422 return (0);
423}
424
425long
426ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
427{
428 return (0);
429}
430
431/* This function needs to check if the ciphers required are actually
432 * available */
433const SSL_CIPHER
434*ssl2_get_cipher_by_char(const unsigned char *p)
435{
436 SSL_CIPHER c;
437 const SSL_CIPHER *cp;
438 unsigned long id;
439
440 id = 0x02000000L|((unsigned long)p[0]<<16L)|
441 ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
442 c.id = id;
443 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
444 if ((cp == NULL) || (cp->valid == 0))
445 return NULL;
446 else
447 return cp;
448}
449
450int
451ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
452{
453 long l;
454
455 if (p != NULL) {
456 l = c->id;
457 if ((l & 0xff000000) != 0x02000000)
458 return (0);
459 p[0] = ((unsigned char)(l >> 16L))&0xFF;
460 p[1] = ((unsigned char)(l >> 8L))&0xFF;
461 p[2] = ((unsigned char)(l ))&0xFF;
462 }
463 return (3);
464}
465
466int
467ssl2_generate_key_material(SSL *s)
468{
469 unsigned int i;
470 EVP_MD_CTX ctx;
471 unsigned char *km;
472 unsigned char c = '0';
473 const EVP_MD *md5;
474 int md_size;
475
476 md5 = EVP_md5();
477
478 EVP_MD_CTX_init(&ctx);
479 km = s->s2->key_material;
480
481 if (s->session->master_key_length < 0 ||
482 s->session->master_key_length > (int)sizeof(s->session->master_key)) {
483 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
484 return 0;
485 }
486 md_size = EVP_MD_size(md5);
487 if (md_size < 0)
488 return 0;
489 for (i = 0; i < s->s2->key_material_length; i += md_size) {
490 if (((km - s->s2->key_material) + md_size) >
491 (int)sizeof(s->s2->key_material)) {
492 /* EVP_DigestFinal_ex() below would write beyond buffer */
493 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
494 return 0;
495 }
496
497 EVP_DigestInit_ex(&ctx, md5, NULL);
498
499 OPENSSL_assert(s->session->master_key_length >= 0 &&
500 s->session->master_key_length <
501 (int)sizeof(s->session->master_key));
502 EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length);
503 EVP_DigestUpdate(&ctx, &c, 1);
504 c++;
505 EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
506 EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
507 EVP_DigestFinal_ex(&ctx, km, NULL);
508 km += md_size;
509 }
510
511 EVP_MD_CTX_cleanup(&ctx);
512 return 1;
513}
514
515void
516ssl2_return_error(SSL *s, int err)
517{
518 if (!s->error) {
519 s->error = 3;
520 s->error_code = err;
521
522 ssl2_write_error(s);
523 }
524}
525
526
527void
528ssl2_write_error(SSL *s)
529{
530 unsigned char buf[3];
531 int i, error;
532
533 buf[0] = SSL2_MT_ERROR;
534 buf[1] = (s->error_code >> 8)&0xff;
535 buf[2] = (s->error_code)&0xff;
536
537/* state=s->rwstate;*/
538
539 error=s->error; /* number of bytes left to write */
540 s->error = 0;
541 OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
542 i = ssl2_write(s, &(buf[3 - error]), error);
543
544/* if (i == error) s->rwstate=state; */
545
546 if (i < 0)
547 s->error = error;
548 else {
549 s->error = error - i;
550
551 if (s->error == 0)
552 if (s->msg_callback)
553 s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */
554 }
555}
556
557int
558ssl2_shutdown(SSL *s)
559{
560 s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
561 return (1);
562}
563#else /* !OPENSSL_NO_SSL2 */
564
565# if PEDANTIC
566static void *dummy = &dummy;
567# endif
568
569#endif
diff --git a/src/lib/libssl/src/ssl/s2_meth.c b/src/lib/libssl/src/ssl/s2_meth.c
deleted file mode 100644
index ca08fc6e22..0000000000
--- a/src/lib/libssl/src/ssl/s2_meth.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* ssl/s2_meth.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "ssl_locl.h"
60#ifndef OPENSSL_NO_SSL2
61#include <stdio.h>
62#include <openssl/objects.h>
63
64static const SSL_METHOD *ssl2_get_method(int ver);
65static const SSL_METHOD
66*ssl2_get_method(int ver)
67{
68 if (ver == SSL2_VERSION)
69 return (SSLv2_method());
70 else
71 return (NULL);
72}
73
74IMPLEMENT_ssl2_meth_func(SSLv2_method,
75 ssl2_accept, ssl2_connect, ssl2_get_method)
76
77#else /* !OPENSSL_NO_SSL2 */
78
79# if PEDANTIC
80static void *dummy = &dummy;
81# endif
82
83#endif
diff --git a/src/lib/libssl/src/ssl/s2_pkt.c b/src/lib/libssl/src/ssl/s2_pkt.c
deleted file mode 100644
index 3a92c81d65..0000000000
--- a/src/lib/libssl/src/ssl/s2_pkt.c
+++ /dev/null
@@ -1,696 +0,0 @@
1/* ssl/s2_pkt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "ssl_locl.h"
113#ifndef OPENSSL_NO_SSL2
114#include <stdio.h>
115#include <errno.h>
116
117static int read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend);
118static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
119static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
120static int ssl_mt_error(int n);
121
122
123/* SSL 2.0 imlementation for SSL_read/SSL_peek -
124 * This routine will return 0 to len bytes, decrypted etc if required.
125 */
126static int
127ssl2_read_internal(SSL *s, void *buf, int len, int peek)
128{
129 int n;
130 unsigned char mac[MAX_MAC_SIZE];
131 unsigned char *p;
132 int i;
133 int mac_size;
134
135 ssl2_read_again:
136 if (SSL_in_init(s) && !s->in_handshake) {
137 n = s->handshake_func(s);
138 if (n < 0)
139 return (n);
140 if (n == 0) {
141 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_SSL_HANDSHAKE_FAILURE);
142 return (-1);
143 }
144 }
145
146 errno = 0;
147 s->rwstate = SSL_NOTHING;
148 if (len <= 0)
149 return (len);
150
151 if (s->s2->ract_data_length != 0) /* read from buffer */
152 {
153 if (len > s->s2->ract_data_length)
154 n = s->s2->ract_data_length;
155 else
156 n = len;
157
158 memcpy(buf, s->s2->ract_data,(unsigned int)n);
159 if (!peek) {
160 s->s2->ract_data_length -= n;
161 s->s2->ract_data += n;
162 if (s->s2->ract_data_length == 0)
163 s->rstate = SSL_ST_READ_HEADER;
164 }
165
166 return (n);
167 }
168
169 /* s->s2->ract_data_length == 0
170 *
171 * Fill the buffer, then goto ssl2_read_again.
172 */
173
174 if (s->rstate == SSL_ST_READ_HEADER) {
175 if (s->first_packet) {
176 n = read_n(s, 5, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
177 if (n <= 0) return(n); /* error or non-blocking */
178 s->first_packet = 0;
179 p = s->packet;
180 if (!((p[0] & 0x80) && (
181 (p[2] == SSL2_MT_CLIENT_HELLO) ||
182 (p[2] == SSL2_MT_SERVER_HELLO)))) {
183 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_NON_SSLV2_INITIAL_PACKET);
184 return (-1);
185 }
186 } else {
187 n = read_n(s, 2, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
188 if (n <= 0)
189 return(n); /* error or non-blocking */
190 }
191 /* part read stuff */
192
193 s->rstate = SSL_ST_READ_BODY;
194 p = s->packet;
195 /* Do header */
196 /*s->s2->padding=0;*/
197 s->s2->escape = 0;
198 s->s2->rlength = (((unsigned int)p[0]) << 8)|((unsigned int)p[1]);
199 if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */
200 {
201 s->s2->three_byte_header = 0;
202 s->s2->rlength&=TWO_BYTE_MASK;
203
204 } else {
205 s->s2->three_byte_header = 1;
206 s->s2->rlength&=THREE_BYTE_MASK;
207
208 /* security >s2->escape */
209 s->s2->escape = ((p[0] & SEC_ESC_BIT)) ? 1 : 0;
210 }
211 }
212
213 if (s->rstate == SSL_ST_READ_BODY) {
214 n = s->s2->rlength + 2 + s->s2->three_byte_header;
215 if (n > (int)s->packet_length) {
216 n -= s->packet_length;
217 i = read_n(s, (unsigned int)n, (unsigned int)n, 1);
218 if (i <= 0)
219 return(i); /* ERROR */
220 }
221
222 p = &(s->packet[2]);
223 s->rstate = SSL_ST_READ_HEADER;
224 if (s->s2->three_byte_header)
225 s->s2->padding= *(p++);
226 else s->s2->padding = 0;
227
228 /* Data portion */
229 if (s->s2->clear_text) {
230 mac_size = 0;
231 s->s2->mac_data = p;
232 s->s2->ract_data = p;
233 if (s->s2->padding) {
234 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
235 return (-1);
236 }
237 } else {
238 mac_size = EVP_MD_CTX_size(s->read_hash);
239 if (mac_size < 0)
240 return -1;
241 OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
242 s->s2->mac_data = p;
243 s->s2->ract_data = &p[mac_size];
244 if (s->s2->padding + mac_size > s->s2->rlength) {
245 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
246 return (-1);
247 }
248 }
249
250 s->s2->ract_data_length = s->s2->rlength;
251 /* added a check for length > max_size in case
252 * encryption was not turned on yet due to an error */
253 if ((!s->s2->clear_text) &&
254 (s->s2->rlength >= (unsigned int)mac_size)) {
255 ssl2_enc(s, 0);
256 s->s2->ract_data_length -= mac_size;
257 ssl2_mac(s, mac, 0);
258 s->s2->ract_data_length -= s->s2->padding;
259 if ((CRYPTO_memcmp(mac, s->s2->mac_data, mac_size) != 0) ||
260 (s->s2->rlength % EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) {
261 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_MAC_DECODE);
262 return (-1);
263 }
264 }
265 INC32(s->s2->read_sequence); /* expect next number */
266 /* s->s2->ract_data is now available for processing */
267
268 /* Possibly the packet that we just read had 0 actual data bytes.
269 * (SSLeay/OpenSSL itself never sends such packets; see ssl2_write.)
270 * In this case, returning 0 would be interpreted by the caller
271 * as indicating EOF, so it's not a good idea. Instead, we just
272 * continue reading; thus ssl2_read_internal may have to process
273 * multiple packets before it can return.
274 *
275 * [Note that using select() for blocking sockets *never* guarantees
276 * that the next SSL_read will not block -- the available
277 * data may contain incomplete packets, and except for SSL 2,
278 * renegotiation can confuse things even more.] */
279
280 goto ssl2_read_again; /* This should really be
281 * "return ssl2_read(s, buf, len)",
282 * but that would allow for
283 * denial - of - service attacks if a
284 * C compiler is used that does not
285 * recognize end-recursion. */
286 } else {
287 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_STATE);
288 return (-1);
289 }
290}
291
292int
293ssl2_read(SSL *s, void *buf, int len)
294{
295 return ssl2_read_internal(s, buf, len, 0);
296}
297
298int
299ssl2_peek(SSL *s, void *buf, int len)
300{
301 return ssl2_read_internal(s, buf, len, 1);
302}
303
304static int
305read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend)
306{
307 int i, off, newb;
308
309 /* if there is stuff still in the buffer from a previous read,
310 * and there is more than we want, take some. */
311 if (s->s2->rbuf_left >= (int)n) {
312 if (extend)
313 s->packet_length += n;
314 else {
315 s->packet = &(s->s2->rbuf[s->s2->rbuf_offs]);
316 s->packet_length = n;
317 }
318 s->s2->rbuf_left -= n;
319 s->s2->rbuf_offs += n;
320 return (n);
321 }
322
323 if (!s->read_ahead)
324 max = n;
325 if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2))
326 max = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2;
327
328
329 /* Else we want more than we have.
330 * First, if there is some left or we want to extend */
331 off = 0;
332 if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) {
333 newb = s->s2->rbuf_left;
334 if (extend) {
335 off = s->packet_length;
336 if (s->packet != s->s2->rbuf)
337 memcpy(s->s2->rbuf, s->packet,
338 (unsigned int)newb + off);
339 } else if (s->s2->rbuf_offs != 0) {
340 memcpy(s->s2->rbuf, &(s->s2->rbuf[s->s2->rbuf_offs]),
341 (unsigned int)newb);
342 s->s2->rbuf_offs = 0;
343 }
344 s->s2->rbuf_left = 0;
345 } else
346 newb = 0;
347
348 /* off is the offset to start writing too.
349 * r->s2->rbuf_offs is the 'unread data', now 0.
350 * newb is the number of new bytes so far
351 */
352 s->packet = s->s2->rbuf;
353 while (newb < (int)n) {
354 errno = 0;
355 if (s->rbio != NULL) {
356 s->rwstate = SSL_READING;
357 i = BIO_read(s->rbio,(char *)&(s->s2->rbuf[off + newb]),
358 max - newb);
359 } else {
360 SSLerr(SSL_F_READ_N, SSL_R_READ_BIO_NOT_SET);
361 i = -1;
362 }
363#ifdef PKT_DEBUG
364 if (s->debug & 0x01)
365 sleep(1);
366#endif
367 if (i <= 0) {
368 s->s2->rbuf_left += newb;
369 return (i);
370 }
371 newb += i;
372 }
373
374 /* record unread data */
375 if (newb > (int)n) {
376 s->s2->rbuf_offs = n + off;
377 s->s2->rbuf_left = newb - n;
378 } else {
379 s->s2->rbuf_offs = 0;
380 s->s2->rbuf_left = 0;
381 }
382 if (extend)
383 s->packet_length += n;
384 else
385 s->packet_length = n;
386 s->rwstate = SSL_NOTHING;
387 return (n);
388}
389
390int
391ssl2_write(SSL *s, const void *_buf, int len)
392{
393 const unsigned char *buf = _buf;
394 unsigned int n, tot;
395 int i;
396
397 if (SSL_in_init(s) && !s->in_handshake) {
398 i = s->handshake_func(s);
399 if (i < 0)
400 return (i);
401 if (i == 0) {
402 SSLerr(SSL_F_SSL2_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
403 return (-1);
404 }
405 }
406
407 if (s->error) {
408 ssl2_write_error(s);
409 if (s->error)
410 return (-1);
411 }
412
413 errno = 0;
414 s->rwstate = SSL_NOTHING;
415 if (len <= 0)
416 return (len);
417
418 tot = s->s2->wnum;
419 s->s2->wnum = 0;
420
421 n = (len - tot);
422 for (;;) {
423 i = n_do_ssl_write(s, &(buf[tot]), n);
424 if (i <= 0) {
425 s->s2->wnum = tot;
426 return (i);
427 }
428 if ((i == (int)n) ||
429 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) {
430 return (tot + i);
431 }
432
433 n -= i;
434 tot += i;
435 }
436}
437
438static int
439write_pending(SSL *s, const unsigned char *buf, unsigned int len)
440{
441 int i;
442
443 /* s->s2->wpend_len != 0 MUST be true. */
444
445 /* check that they have given us the same buffer to
446 * write */
447 if ((s->s2->wpend_tot > (int)len) ||
448 ((s->s2->wpend_buf != buf) &&
449 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) {
450 SSLerr(SSL_F_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
451 return (-1);
452 }
453
454 for (;;) {
455 errno = 0;
456 if (s->wbio != NULL) {
457 s->rwstate = SSL_WRITING;
458 i = BIO_write(s->wbio,
459 (char *)&(s->s2->write_ptr[s->s2->wpend_off]),
460 (unsigned int)s->s2->wpend_len);
461 } else {
462 SSLerr(SSL_F_WRITE_PENDING, SSL_R_WRITE_BIO_NOT_SET);
463 i = -1;
464 }
465#ifdef PKT_DEBUG
466 if (s->debug & 0x01)
467 sleep(1);
468#endif
469 if (i == s->s2->wpend_len) {
470 s->s2->wpend_len = 0;
471 s->rwstate = SSL_NOTHING;
472 return (s->s2->wpend_ret);
473 } else if (i <= 0)
474 return (i);
475 s->s2->wpend_off += i;
476 s->s2->wpend_len -= i;
477 }
478}
479
480static int
481n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
482{
483 unsigned int j, k, olen, p, bs;
484 int mac_size;
485 register unsigned char *pp;
486
487 olen = len;
488
489 /* first check if there is data from an encryption waiting to
490 * be sent - it must be sent because the other end is waiting.
491 * This will happen with non-blocking IO. We print it and then
492 * return.
493 */
494 if (s->s2->wpend_len != 0)
495 return (write_pending(s, buf, len));
496
497 /* set mac_size to mac size */
498 if (s->s2->clear_text)
499 mac_size = 0;
500 else {
501 mac_size = EVP_MD_CTX_size(s->write_hash);
502 if (mac_size < 0)
503 return -1;
504 }
505
506 /* lets set the pad p */
507 if (s->s2->clear_text) {
508 if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
509 len = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
510 p = 0;
511 s->s2->three_byte_header = 0;
512 /* len=len; */
513 } else {
514 bs = EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
515 j = len + mac_size;
516 /* Two-byte headers allow for a larger record length than
517 * three-byte headers, but we can't use them if we need
518 * padding or if we have to set the escape bit. */
519 if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
520 (!s->s2->escape)) {
521 if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
522 j = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
523 /* set k to the max number of bytes with 2
524 * byte header */
525 k = j - (j % bs);
526 /* how many data bytes? */
527 len = k - mac_size;
528
529 s->s2->three_byte_header = 0;
530 p = 0;
531 } else if ((bs <= 1) && (!s->s2->escape)) {
532 /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
533 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */
534 s->s2->three_byte_header = 0;
535 p = 0;
536 }
537 else /* we may have to use a 3 byte header */
538 {
539 /* If s->s2->escape is not set, then
540 * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
541 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */
542 p = (j % bs);
543 p = (p == 0) ? 0 : (bs - p);
544 if (s->s2->escape) {
545 s->s2->three_byte_header = 1;
546 if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
547 j = SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
548 } else
549 s->s2->three_byte_header = (p == 0) ? 0 : 1;
550 }
551 }
552
553 /* Now
554 * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
555 * holds, and if s->s2->three_byte_header is set, then even
556 * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
557 */
558
559 /* mac_size is the number of MAC bytes
560 * len is the number of data bytes we are going to send
561 * p is the number of padding bytes
562 * (if it is a two-byte header, then p == 0) */
563
564 s->s2->wlength = len;
565 s->s2->padding = p;
566 s->s2->mac_data = &(s->s2->wbuf[3]);
567 s->s2->wact_data = &(s->s2->wbuf[3 + mac_size]);
568 /* we copy the data into s->s2->wbuf */
569 memcpy(s->s2->wact_data, buf, len);
570 if (p)
571 memset(&(s->s2->wact_data[len]), 0, p); /* arbitrary padding */
572
573 if (!s->s2->clear_text) {
574 s->s2->wact_data_length = len + p;
575 ssl2_mac(s, s->s2->mac_data, 1);
576 s->s2->wlength += p + mac_size;
577 ssl2_enc(s, 1);
578 }
579
580 /* package up the header */
581 s->s2->wpend_len = s->s2->wlength;
582 if (s->s2->three_byte_header) /* 3 byte header */
583 {
584 pp = s->s2->mac_data;
585 pp -= 3;
586 pp[0] = (s->s2->wlength >> 8) & (THREE_BYTE_MASK >> 8);
587 if (s->s2->escape)
588 pp[0]|=SEC_ESC_BIT;
589 pp[1] = s->s2->wlength&0xff;
590 pp[2] = s->s2->padding;
591 s->s2->wpend_len += 3;
592 } else {
593 pp = s->s2->mac_data;
594 pp -= 2;
595 pp[0] = ((s->s2->wlength >> 8) & (TWO_BYTE_MASK >> 8)) | TWO_BYTE_BIT;
596 pp[1] = s->s2->wlength&0xff;
597 s->s2->wpend_len += 2;
598 }
599 s->s2->write_ptr = pp;
600
601 INC32(s->s2->write_sequence); /* expect next number */
602
603 /* lets try to actually write the data */
604 s->s2->wpend_tot = olen;
605 s->s2->wpend_buf = buf;
606
607 s->s2->wpend_ret = len;
608
609 s->s2->wpend_off = 0;
610 return (write_pending(s, buf, olen));
611}
612
613int
614ssl2_part_read(SSL *s, unsigned long f, int i)
615{
616 unsigned char *p;
617 int j;
618
619 if (i < 0) {
620 /* ssl2_return_error(s); */
621 /* for non-blocking io,
622 * this is not necessarily fatal */
623 return (i);
624 } else {
625 s->init_num += i;
626
627 /* Check for error. While there are recoverable errors,
628 * this function is not called when those must be expected;
629 * any error detected here is fatal. */
630 if (s->init_num >= 3) {
631 p = (unsigned char *)s->init_buf->data;
632 if (p[0] == SSL2_MT_ERROR) {
633 j = (p[1]<<8)|p[2];
634 SSLerr((int)f, ssl_mt_error(j));
635 s->init_num -= 3;
636 if (s->init_num > 0)
637 memmove(p, p + 3, s->init_num);
638 }
639 }
640
641 /* If it's not an error message, we have some error anyway --
642 * the message was shorter than expected. This too is treated
643 * as fatal (at least if SSL_get_error is asked for its opinion). */
644 return (0);
645 }
646}
647
648int
649ssl2_do_write(SSL *s)
650{
651 int ret;
652
653 ret = ssl2_write(s, &s->init_buf->data[s->init_off], s->init_num);
654 if (ret == s->init_num) {
655 if (s->msg_callback)
656 s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
657 return (1);
658 }
659 if (ret < 0)
660 return (-1);
661 s->init_off += ret;
662 s->init_num -= ret;
663 return (0);
664}
665
666static int
667ssl_mt_error(int n)
668{
669 int ret;
670
671 switch (n) {
672 case SSL2_PE_NO_CIPHER:
673 ret = SSL_R_PEER_ERROR_NO_CIPHER;
674 break;
675 case SSL2_PE_NO_CERTIFICATE:
676 ret = SSL_R_PEER_ERROR_NO_CERTIFICATE;
677 break;
678 case SSL2_PE_BAD_CERTIFICATE:
679 ret = SSL_R_PEER_ERROR_CERTIFICATE;
680 break;
681 case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
682 ret = SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
683 break;
684 default:
685 ret = SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
686 break;
687 }
688 return (ret);
689}
690#else /* !OPENSSL_NO_SSL2 */
691
692# if PEDANTIC
693static void *dummy = &dummy;
694# endif
695
696#endif
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c
deleted file mode 100644
index 8023243e9a..0000000000
--- a/src/lib/libssl/src/ssl/s2_srvr.c
+++ /dev/null
@@ -1,1092 +0,0 @@
1/* ssl/s2_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "ssl_locl.h"
113#ifndef OPENSSL_NO_SSL2
114#include <stdio.h>
115#include <openssl/bio.h>
116#include <openssl/rand.h>
117#include <openssl/objects.h>
118#include <openssl/evp.h>
119
120static const SSL_METHOD *ssl2_get_server_method(int ver);
121static int get_client_master_key(SSL *s);
122static int get_client_hello(SSL *s);
123static int server_hello(SSL *s);
124
125static int get_client_finished(SSL *s);
126static int server_verify(SSL *s);
127static int server_finish(SSL *s);
128static int request_certificate(SSL *s);
129static int
130ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
131unsigned char *to, int padding);
132#define BREAK break
133
134static const SSL_METHOD
135*ssl2_get_server_method(int ver)
136{
137 if (ver == SSL2_VERSION)
138 return (SSLv2_server_method());
139 else
140 return (NULL);
141}
142
143IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
144 ssl2_accept, ssl_undefined_function, ssl2_get_server_method)
145
146int
147ssl2_accept(SSL *s)
148{
149 BUF_MEM *buf = NULL;
150 int ret = -1;
151 long num1;
152 void (*cb)(const SSL *ssl, int type, int val) = NULL;
153 int new_state, state;
154
155 ERR_clear_error();
156 errno = 0;
157
158 if (s->info_callback != NULL)
159 cb = s->info_callback;
160 else if (s->ctx->info_callback != NULL)
161 cb = s->ctx->info_callback;
162
163 /* init things to blank */
164 s->in_handshake++;
165 if (!SSL_in_init(s) || SSL_in_before(s))
166 SSL_clear(s);
167
168 if (s->cert == NULL) {
169 SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
170 return (-1);
171 }
172
173 errno = 0;
174 for (;;) {
175 state = s->state;
176
177 switch (s->state) {
178 case SSL_ST_BEFORE:
179 case SSL_ST_ACCEPT:
180 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
181 case SSL_ST_OK|SSL_ST_ACCEPT:
182
183 s->server = 1;
184 if (cb != NULL)
185 cb(s, SSL_CB_HANDSHAKE_START, 1);
186
187 s->version = SSL2_VERSION;
188 s->type = SSL_ST_ACCEPT;
189
190 buf = s->init_buf;
191 if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
192 ret = -1;
193 goto end;
194 }
195 if (!BUF_MEM_grow(buf,
196 (int)SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
197 ret = -1;
198 goto end;
199 }
200 s->init_buf = buf;
201 s->init_num = 0;
202 s->ctx->stats.sess_accept++;
203 s->handshake_func = ssl2_accept;
204 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
205 BREAK;
206
207 case SSL2_ST_GET_CLIENT_HELLO_A:
208 case SSL2_ST_GET_CLIENT_HELLO_B:
209 case SSL2_ST_GET_CLIENT_HELLO_C:
210 s->shutdown = 0;
211 ret = get_client_hello(s);
212 if (ret <= 0)
213 goto end;
214 s->init_num = 0;
215 s->state = SSL2_ST_SEND_SERVER_HELLO_A;
216 BREAK;
217
218 case SSL2_ST_SEND_SERVER_HELLO_A:
219 case SSL2_ST_SEND_SERVER_HELLO_B:
220 ret = server_hello(s);
221 if (ret <= 0)
222 goto end;
223 s->init_num = 0;
224 if (!s->hit) {
225 s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_A;
226 BREAK;
227 } else {
228 s->state = SSL2_ST_SERVER_START_ENCRYPTION;
229 BREAK;
230 }
231 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
232 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
233 ret = get_client_master_key(s);
234 if (ret <= 0)
235 goto end;
236 s->init_num = 0;
237 s->state = SSL2_ST_SERVER_START_ENCRYPTION;
238 BREAK;
239
240 case SSL2_ST_SERVER_START_ENCRYPTION:
241 /* Ok we how have sent all the stuff needed to
242 * start encrypting, the next packet back will
243 * be encrypted. */
244 if (!ssl2_enc_init(s, 0)) {
245 ret = -1;
246 goto end;
247 }
248 s->s2->clear_text = 0;
249 s->state = SSL2_ST_SEND_SERVER_VERIFY_A;
250 BREAK;
251
252 case SSL2_ST_SEND_SERVER_VERIFY_A:
253 case SSL2_ST_SEND_SERVER_VERIFY_B:
254 ret = server_verify(s);
255 if (ret <= 0)
256 goto end;
257 s->init_num = 0;
258 if (s->hit) {
259 /* If we are in here, we have been
260 * buffering the output, so we need to
261 * flush it and remove buffering from
262 * future traffic */
263 s->state = SSL2_ST_SEND_SERVER_VERIFY_C;
264 BREAK;
265 } else {
266 s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
267 break;
268 }
269
270 case SSL2_ST_SEND_SERVER_VERIFY_C:
271 /* get the number of bytes to write */
272 num1 = BIO_ctrl(s->wbio, BIO_CTRL_INFO, 0, NULL);
273 if (num1 > 0) {
274 s->rwstate = SSL_WRITING;
275 num1 = BIO_flush(s->wbio);
276 if (num1 <= 0) {
277 ret = -1;
278 goto end;
279 }
280 s->rwstate = SSL_NOTHING;
281 }
282
283 /* flushed and now remove buffering */
284 s->wbio = BIO_pop(s->wbio);
285
286 s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
287 BREAK;
288
289 case SSL2_ST_GET_CLIENT_FINISHED_A:
290 case SSL2_ST_GET_CLIENT_FINISHED_B:
291 ret = get_client_finished(s);
292 if (ret <= 0)
293 goto end;
294 s->init_num = 0;
295 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
296 BREAK;
297
298 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
299 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
300 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
301 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
302 /* don't do a 'request certificate' if we
303 * don't want to, or we already have one, and
304 * we only want to do it once. */
305 if (!(s->verify_mode & SSL_VERIFY_PEER) ||
306 ((s->session->peer != NULL) &&
307 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) {
308 s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
309 break;
310 } else {
311 ret = request_certificate(s);
312 if (ret <= 0)
313 goto end;
314 s->init_num = 0;
315 s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
316 }
317 BREAK;
318
319 case SSL2_ST_SEND_SERVER_FINISHED_A:
320 case SSL2_ST_SEND_SERVER_FINISHED_B:
321 ret = server_finish(s);
322 if (ret <= 0)
323 goto end;
324 s->init_num = 0;
325 s->state = SSL_ST_OK;
326 break;
327
328 case SSL_ST_OK:
329 BUF_MEM_free(s->init_buf);
330 ssl_free_wbio_buffer(s);
331 s->init_buf = NULL;
332 s->init_num = 0;
333 /* ERR_clear_error();*/
334
335 ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
336
337 s->ctx->stats.sess_accept_good++;
338 /* s->server=1; */
339 ret = 1;
340
341 if (cb != NULL)
342 cb(s, SSL_CB_HANDSHAKE_DONE, 1);
343
344 goto end;
345 /* BREAK; */
346
347 default:
348 SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_UNKNOWN_STATE);
349 ret = -1;
350 goto end;
351 /* BREAK; */
352 }
353
354 if ((cb != NULL) && (s->state != state)) {
355 new_state = s->state;
356 s->state = state;
357 cb(s, SSL_CB_ACCEPT_LOOP, 1);
358 s->state = new_state;
359 }
360 }
361end:
362 s->in_handshake--;
363 if (cb != NULL)
364 cb(s, SSL_CB_ACCEPT_EXIT, ret);
365 return (ret);
366}
367
368static int
369get_client_master_key(SSL *s)
370{
371 int is_export, i, n, keya, ek;
372 unsigned long len;
373 unsigned char *p;
374 const SSL_CIPHER *cp;
375 const EVP_CIPHER *c;
376 const EVP_MD *md;
377
378 p = (unsigned char *)s->init_buf->data;
379 if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
380 i = ssl2_read(s,(char *)&(p[s->init_num]), 10 - s->init_num);
381
382 if (i < (10 - s->init_num))
383 return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
384 s->init_num = 10;
385
386 if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) {
387 if (p[-1] != SSL2_MT_ERROR) {
388 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
389 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_READ_WRONG_PACKET_TYPE);
390 } else
391 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
392 return (-1);
393 }
394
395 cp = ssl2_get_cipher_by_char(p);
396 if (cp == NULL) {
397 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
398 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
399 return (-1);
400 }
401 s->session->cipher = cp;
402
403 p += 3;
404 n2s(p, i);
405 s->s2->tmp.clear = i;
406 n2s(p, i);
407 s->s2->tmp.enc = i;
408 n2s(p, i);
409 if (i > SSL_MAX_KEY_ARG_LENGTH) {
410 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
411 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
412 return -1;
413 }
414 s->session->key_arg_length = i;
415 s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_B;
416 }
417
418 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
419 p = (unsigned char *)s->init_buf->data;
420 if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
421 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
422 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
423 return -1;
424 }
425 keya = s->session->key_arg_length;
426 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
427 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
428 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
429 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_MESSAGE_TOO_LONG);
430 return -1;
431 }
432 n = (int)len - s->init_num;
433 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
434 if (i != n)
435 return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
436 if (s->msg_callback)
437 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */
438 p += 10;
439
440 memcpy(s->session->key_arg, &(p[s->s2->tmp.clear + s->s2->tmp.enc]),
441 (unsigned int)keya);
442
443 if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) {
444 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
445 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY);
446 return (-1);
447 }
448 i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
449 &(p[s->s2->tmp.clear]), &(p[s->s2->tmp.clear]),
450 (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : RSA_PKCS1_PADDING);
451
452 is_export = SSL_C_IS_EXPORT(s->session->cipher);
453
454 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
455 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
456 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
457 return (0);
458 }
459
460 if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
461 is_export = 1;
462 ek = 8;
463 } else
464 ek = 5;
465
466 /* bad decrypt */
467#if 1
468 /* If a bad decrypt, continue with protocol but with a
469 * random master secret (Bleichenbacher attack) */
470 if ((i < 0) || ((!is_export && (i != EVP_CIPHER_key_length(c))) ||
471 (is_export && ((i != ek) || (s->s2->tmp.clear + (unsigned int)i !=
472 (unsigned int)EVP_CIPHER_key_length(c)))))) {
473 ERR_clear_error();
474 if (is_export)
475 i = ek;
476 else
477 i = EVP_CIPHER_key_length(c);
478 if (RAND_pseudo_bytes(p, i) <= 0)
479 return 0;
480 }
481#else
482 if (i < 0) {
483 error = 1;
484 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_BAD_RSA_DECRYPT);
485 }
486 /* incorrect number of key bytes for non export cipher */
487 else if ((!is_export && (i != EVP_CIPHER_key_length(c))) ||
488 (is_export && ((i != ek) || (s->s2->tmp.clear + i !=
489 EVP_CIPHER_key_length(c))))) {
490 error = 1;
491 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_WRONG_NUMBER_OF_KEY_BITS);
492 }
493 if (error) {
494 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
495 return (-1);
496 }
497#endif
498
499 if (is_export)
500 i += s->s2->tmp.clear;
501
502 if (i > SSL_MAX_MASTER_KEY_LENGTH) {
503 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
504 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
505 return -1;
506 }
507 s->session->master_key_length = i;
508 memcpy(s->session->master_key, p,(unsigned int)i);
509 return (1);
510}
511
512static int
513get_client_hello(SSL *s)
514{
515 int i, n;
516 unsigned long len;
517 unsigned char *p;
518 STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
519 STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */
520 STACK_OF(SSL_CIPHER) *prio, *allow;
521 int z;
522
523 /* This is a bit of a hack to check for the correct packet
524 * type the first time round. */
525 if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) {
526 s->first_packet = 1;
527 s->state = SSL2_ST_GET_CLIENT_HELLO_B;
528 }
529
530 p = (unsigned char *)s->init_buf->data;
531 if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) {
532 i = ssl2_read(s,(char *)&(p[s->init_num]), 9 - s->init_num);
533 if (i < (9 - s->init_num))
534 return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
535 s->init_num = 9;
536
537 if (*(p++) != SSL2_MT_CLIENT_HELLO) {
538 if (p[-1] != SSL2_MT_ERROR) {
539 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
540 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
541 } else
542 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_PEER_ERROR);
543 return (-1);
544 }
545 n2s(p, i);
546 if (i < s->version)
547 s->version = i;
548 n2s(p, i);
549 s->s2->tmp.cipher_spec_length = i;
550 n2s(p, i);
551 s->s2->tmp.session_id_length = i;
552 n2s(p, i);
553 s->s2->challenge_length = i;
554 if ((i < SSL2_MIN_CHALLENGE_LENGTH) ||
555 (i > SSL2_MAX_CHALLENGE_LENGTH)) {
556 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
557 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_INVALID_CHALLENGE_LENGTH);
558 return (-1);
559 }
560 s->state = SSL2_ST_GET_CLIENT_HELLO_C;
561 }
562
563 /* SSL2_ST_GET_CLIENT_HELLO_C */
564 p = (unsigned char *)s->init_buf->data;
565 len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length;
566 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
567 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
568 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_MESSAGE_TOO_LONG);
569 return -1;
570 }
571 n = (int)len - s->init_num;
572 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
573 if (i != n)
574 return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
575 if (s->msg_callback)
576 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */
577 p += 9;
578
579 /* get session-id before cipher stuff so we can get out session
580 * structure if it is cached */
581 /* session-id */
582 if ((s->s2->tmp.session_id_length != 0) &&
583 (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) {
584 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
585 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_BAD_SSL_SESSION_ID_LENGTH);
586 return (-1);
587 }
588
589 if (s->s2->tmp.session_id_length == 0) {
590 if (!ssl_get_new_session(s, 1)) {
591 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
592 return (-1);
593 }
594 } else {
595 i = ssl_get_prev_session(s, &(p[s->s2->tmp.cipher_spec_length]),
596 s->s2->tmp.session_id_length, NULL);
597 if (i == 1)
598 { /* previous session */
599 s->hit = 1;
600 } else if (i == -1) {
601 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
602 return (-1);
603 } else {
604 if (s->cert == NULL) {
605 ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
606 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CERTIFICATE_SET);
607 return (-1);
608 }
609
610 if (!ssl_get_new_session(s, 1)) {
611 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
612 return (-1);
613 }
614 }
615 }
616
617 if (!s->hit) {
618 cs = ssl_bytes_to_cipher_list(s, p,
619 s->s2->tmp.cipher_spec_length, &s->session->ciphers);
620 if (cs == NULL)
621 goto mem_err;
622
623 cl = SSL_get_ciphers(s);
624
625 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
626 prio = sk_SSL_CIPHER_dup(cl);
627 if (prio == NULL)
628 goto mem_err;
629 allow = cs;
630 } else {
631 prio = cs;
632 allow = cl;
633 }
634 for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
635 if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) {
636 (void)sk_SSL_CIPHER_delete(prio, z);
637 z--;
638 }
639 }
640 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
641 sk_SSL_CIPHER_free(s->session->ciphers);
642 s->session->ciphers = prio;
643 }
644 /* s->session->ciphers should now have a list of
645 * ciphers that are on both the client and server.
646 * This list is ordered by the order the client sent
647 * the ciphers or in the order of the server's preference
648 * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
649 */
650 }
651 p += s->s2->tmp.cipher_spec_length;
652 /* done cipher selection */
653
654 /* session id extracted already */
655 p += s->s2->tmp.session_id_length;
656
657 /* challenge */
658 if (s->s2->challenge_length > sizeof s->s2->challenge) {
659 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
660 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
661 return -1;
662 }
663 memcpy(s->s2->challenge, p, (unsigned int)s->s2->challenge_length);
664 return (1);
665mem_err:
666 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_MALLOC_FAILURE);
667 return (0);
668}
669
670static int
671server_hello(SSL *s)
672{
673 unsigned char *p, *d;
674 int n, hit;
675
676 p = (unsigned char *)s->init_buf->data;
677 if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) {
678 d = p + 11;
679 *(p++) = SSL2_MT_SERVER_HELLO;
680 /* type */
681 hit = s->hit;
682 *(p++) = (unsigned char)hit;
683#if 1
684 if (!hit) {
685 if (s->session->sess_cert != NULL)
686 /* This can't really happen because get_client_hello
687 * has called ssl_get_new_session, which does not set
688 * sess_cert. */
689 ssl_sess_cert_free(s->session->sess_cert);
690 s->session->sess_cert = ssl_sess_cert_new();
691 if (s->session->sess_cert == NULL) {
692 SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
693 return (-1);
694 }
695 }
696 /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
697 * depending on whether it survived in the internal cache
698 * or was retrieved from an external cache.
699 * If it is NULL, we cannot put any useful data in it anyway,
700 * so we don't touch it.
701 */
702
703#else /* That's what used to be done when cert_st and sess_cert_st were
704 * the same. */
705 if (!hit) { /* else add cert to session */
706 CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
707 if (s->session->sess_cert != NULL)
708 ssl_cert_free(s->session->sess_cert);
709 s->session->sess_cert = s->cert;
710
711 } else /* We have a session id - cache hit, if the
712 * session - id has no certificate listed against
713 * the 'cert' structure, grab the 'old' one
714 * listed against the SSL connection */
715 {
716 if (s->session->sess_cert == NULL) {
717 CRYPTO_add(&s->cert->references, 1,
718 CRYPTO_LOCK_SSL_CERT);
719 s->session->sess_cert = s->cert;
720 }
721 }
722#endif
723
724 if (s->cert == NULL) {
725 ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
726 SSLerr(SSL_F_SERVER_HELLO, SSL_R_NO_CERTIFICATE_SPECIFIED);
727 return (-1);
728 }
729
730 if (hit) {
731 *(p++) = 0;
732 /* no certificate type */
733 s2n(s->version,p); /* version */
734 s2n(0, p);
735 /* cert len */
736 s2n(0, p);
737 /* ciphers len */
738 } else {
739 /* EAY EAY */
740 /* put certificate type */
741 *(p++) = SSL2_CT_X509_CERTIFICATE;
742 s2n(s->version,p); /* version */
743 n = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
744 s2n(n, p);
745 /* certificate length */
746 i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &d);
747 n = 0;
748
749 /* lets send out the ciphers we like in the
750 * prefered order */
751 n = ssl_cipher_list_to_bytes(s, s->session->ciphers, d, 0);
752 d += n;
753 s2n(n, p);
754 /* add cipher length */
755 }
756
757 /* make and send conn_id */
758 s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */
759 s->s2->conn_id_length = SSL2_CONNECTION_ID_LENGTH;
760 if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0)
761 return -1;
762 memcpy(d, s->s2->conn_id, SSL2_CONNECTION_ID_LENGTH);
763 d += SSL2_CONNECTION_ID_LENGTH;
764
765 s->state = SSL2_ST_SEND_SERVER_HELLO_B;
766 s->init_num = d - (unsigned char *)s->init_buf->data;
767 s->init_off = 0;
768 }
769 /* SSL2_ST_SEND_SERVER_HELLO_B */
770 /* If we are using TCP/IP, the performance is bad if we do 2
771 * writes without a read between them. This occurs when
772 * Session-id reuse is used, so I will put in a buffering module
773 */
774 if (s->hit) {
775 if (!ssl_init_wbio_buffer(s, 1))
776 return (-1);
777 }
778
779 return (ssl2_do_write(s));
780}
781
782static int
783get_client_finished(SSL *s)
784{
785 unsigned char *p;
786 int i, n;
787 unsigned long len;
788
789 p = (unsigned char *)s->init_buf->data;
790 if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) {
791 i = ssl2_read(s,(char *)&(p[s->init_num]), 1 - s->init_num);
792 if (i < 1 - s->init_num)
793 return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
794 s->init_num += i;
795
796 if (*p != SSL2_MT_CLIENT_FINISHED) {
797 if (*p != SSL2_MT_ERROR) {
798 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
799 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_READ_WRONG_PACKET_TYPE);
800 } else {
801 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_PEER_ERROR);
802 /* try to read the error message */
803 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
804 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
805 }
806 return (-1);
807 }
808 s->state = SSL2_ST_GET_CLIENT_FINISHED_B;
809 }
810
811 /* SSL2_ST_GET_CLIENT_FINISHED_B */
812 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
813 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
814 SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
815 return -1;
816 }
817 len = 1 + (unsigned long)s->s2->conn_id_length;
818 n = (int)len - s->init_num;
819 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
820 if (i < n) {
821 return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
822 }
823 if (s->msg_callback)
824 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */
825 p += 1;
826 if (memcmp(p, s->s2->conn_id, s->s2->conn_id_length) != 0) {
827 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
828 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_CONNECTION_ID_IS_DIFFERENT);
829 return (-1);
830 }
831 return (1);
832}
833
834static int
835server_verify(SSL *s)
836{
837 unsigned char *p;
838
839 if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
840 p = (unsigned char *)s->init_buf->data;
841 *(p++) = SSL2_MT_SERVER_VERIFY;
842 if (s->s2->challenge_length > sizeof s->s2->challenge) {
843 SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
844 return -1;
845 }
846 memcpy(p, s->s2->challenge,(unsigned int)s->s2->challenge_length);
847 /* p+=s->s2->challenge_length; */
848
849 s->state = SSL2_ST_SEND_SERVER_VERIFY_B;
850 s->init_num = s->s2->challenge_length + 1;
851 s->init_off = 0;
852 }
853 return (ssl2_do_write(s));
854}
855
856static int
857server_finish(SSL *s)
858{
859 unsigned char *p;
860
861 if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) {
862 p = (unsigned char *)s->init_buf->data;
863 *(p++) = SSL2_MT_SERVER_FINISHED;
864
865 if (s->session->session_id_length > sizeof s->session->session_id) {
866 SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
867 return -1;
868 }
869 memcpy(p, s->session->session_id, (unsigned int)s->session->session_id_length);
870 /* p+=s->session->session_id_length; */
871
872 s->state = SSL2_ST_SEND_SERVER_FINISHED_B;
873 s->init_num = s->session->session_id_length + 1;
874 s->init_off = 0;
875 }
876
877 /* SSL2_ST_SEND_SERVER_FINISHED_B */
878 return (ssl2_do_write(s));
879}
880
881/* send the request and check the response */
882static int
883request_certificate(SSL *s)
884{
885 const unsigned char *cp;
886 unsigned char *p, *p2, *buf2;
887 unsigned char *ccd;
888 int i, j, ctype, ret = -1;
889 unsigned long len;
890 X509 *x509 = NULL;
891 STACK_OF(X509) *sk = NULL;
892
893 ccd = s->s2->tmp.ccl;
894 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) {
895 p = (unsigned char *)s->init_buf->data;
896 *(p++) = SSL2_MT_REQUEST_CERTIFICATE;
897 *(p++) = SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
898 if (RAND_pseudo_bytes(ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
899 return -1;
900 memcpy(p, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH);
901
902 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
903 s->init_num = SSL2_MIN_CERT_CHALLENGE_LENGTH + 2;
904 s->init_off = 0;
905 }
906
907 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) {
908 i = ssl2_do_write(s);
909 if (i <= 0) {
910 ret = i;
911 goto end;
912 }
913
914 s->init_num = 0;
915 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
916 }
917
918 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) {
919 p = (unsigned char *)s->init_buf->data;
920 i = ssl2_read(s, (char *)&(p[s->init_num]), 6 - s->init_num); /* try to read 6 octets ... */
921 if (i < 3 - s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3
922 * (probably NO-CERTIFICATE-ERROR) */
923 {
924 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
925 goto end;
926 }
927 s->init_num += i;
928
929 if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) {
930 n2s(p, i);
931 if (i != SSL2_PE_NO_CERTIFICATE) {
932 /* not the error message we expected -- let ssl2_part_read handle it */
933 s->init_num -= 3;
934 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, 3);
935 goto end;
936 }
937
938 if (s->msg_callback)
939 s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */
940
941 /* this is the one place where we can recover from an SSL 2.0 error */
942
943 if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
944 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
945 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
946 goto end;
947 }
948 ret = 1;
949 goto end;
950 }
951 if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) {
952 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
953 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_SHORT_READ);
954 goto end;
955 }
956 if (s->init_num != 6) {
957 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
958 goto end;
959 }
960
961 /* ok we have a response */
962 /* certificate type, there is only one right now. */
963 ctype= *(p++);
964 if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
965 ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
966 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_RESPONSE_ARGUMENT);
967 goto end;
968 }
969 n2s(p, i);
970 s->s2->tmp.clen = i;
971 n2s(p, i);
972 s->s2->tmp.rlen = i;
973 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
974 }
975
976 /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
977 p = (unsigned char *)s->init_buf->data;
978 len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
979 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
980 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_MESSAGE_TOO_LONG);
981 goto end;
982 }
983 j = (int)len - s->init_num;
984 i = ssl2_read(s,(char *)&(p[s->init_num]), j);
985 if (i < j) {
986 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
987 goto end;
988 }
989 if (s->msg_callback)
990 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */
991 p += 6;
992
993 cp = p;
994 x509 = (X509 *)d2i_X509(NULL, &cp,(long)s->s2->tmp.clen);
995 if (x509 == NULL) {
996 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_X509_LIB);
997 goto msg_end;
998 }
999
1000 if (((sk = sk_X509_new_null()) == NULL) || (!sk_X509_push(sk, x509))) {
1001 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1002 goto msg_end;
1003 }
1004
1005 i = ssl_verify_cert_chain(s, sk);
1006
1007 if (i > 0) /* we like the packet, now check the chksum */
1008 {
1009 EVP_MD_CTX ctx;
1010 EVP_PKEY *pkey = NULL;
1011
1012 EVP_MD_CTX_init(&ctx);
1013 if (!EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL) ||
1014 !EVP_VerifyUpdate(&ctx, s->s2->key_material,
1015 s->s2->key_material_length) ||
1016 !EVP_VerifyUpdate(&ctx, ccd,
1017 SSL2_MIN_CERT_CHALLENGE_LENGTH))
1018 goto msg_end;
1019
1020 i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
1021 buf2 = OPENSSL_malloc((unsigned int)i);
1022 if (buf2 == NULL) {
1023 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1024 goto msg_end;
1025 }
1026 p2 = buf2;
1027 i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &p2);
1028 if (!EVP_VerifyUpdate(&ctx, buf2,(unsigned int)i)) {
1029 OPENSSL_free(buf2);
1030 goto msg_end;
1031 }
1032 OPENSSL_free(buf2);
1033
1034 pkey = X509_get_pubkey(x509);
1035 if (pkey == NULL)
1036 goto end;
1037 i = EVP_VerifyFinal(&ctx, cp, s->s2->tmp.rlen, pkey);
1038 EVP_PKEY_free(pkey);
1039 EVP_MD_CTX_cleanup(&ctx);
1040
1041 if (i > 0) {
1042 if (s->session->peer != NULL)
1043 X509_free(s->session->peer);
1044 s->session->peer = x509;
1045 CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
1046 s->session->verify_result = s->verify_result;
1047 ret = 1;
1048 goto end;
1049 } else {
1050 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_CHECKSUM);
1051 goto msg_end;
1052 }
1053 } else {
1054msg_end:
1055 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
1056 }
1057end:
1058 sk_X509_free(sk);
1059 X509_free(x509);
1060 return (ret);
1061}
1062
1063static int
1064ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
1065 unsigned char *to, int padding)
1066{
1067 RSA *rsa;
1068 int i;
1069
1070 if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) {
1071 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_NO_PRIVATEKEY);
1072 return (-1);
1073 }
1074 if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) {
1075 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1076 return (-1);
1077 }
1078 rsa = c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
1079
1080 /* we have the public key */
1081 i = RSA_private_decrypt(len, from, to, rsa, padding);
1082 if (i < 0)
1083 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, ERR_R_RSA_LIB);
1084 return (i);
1085}
1086#else /* !OPENSSL_NO_SSL2 */
1087
1088# if PEDANTIC
1089static void *dummy = &dummy;
1090# endif
1091
1092#endif
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
index 97e4a3f96c..d3e015e738 100644
--- a/src/lib/libssl/src/ssl/ssl.h
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -350,10 +350,6 @@ extern "C" {
350extern "C" { 350extern "C" {
351#endif 351#endif
352 352
353#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
354#define OPENSSL_NO_SSL2
355#endif
356
357#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 353#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
358#define SSL_FILETYPE_PEM X509_FILETYPE_PEM 354#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
359 355
@@ -1839,12 +1835,6 @@ const char *SSL_get_version(const SSL *s);
1839/* This sets the 'default' SSL version that SSL_new() will create */ 1835/* This sets the 'default' SSL version that SSL_new() will create */
1840int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); 1836int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
1841 1837
1842#ifndef OPENSSL_NO_SSL2
1843const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
1844const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
1845const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
1846#endif
1847
1848const SSL_METHOD *SSLv3_method(void); /* SSLv3 */ 1838const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1849const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ 1839const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1850const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ 1840const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
diff --git a/src/lib/libssl/src/ssl/ssl_stat.c b/src/lib/libssl/src/ssl/ssl_stat.c
index 3d9371cdd7..da55c92de2 100644
--- a/src/lib/libssl/src/ssl/ssl_stat.c
+++ b/src/lib/libssl/src/ssl/ssl_stat.c
@@ -109,86 +109,6 @@ const char
109 str="before/accept initialization"; break; 109 str="before/accept initialization"; break;
110 case SSL_ST_OK|SSL_ST_ACCEPT: 110 case SSL_ST_OK|SSL_ST_ACCEPT:
111 str="ok/accept SSL initialization"; break; 111 str="ok/accept SSL initialization"; break;
112#ifndef OPENSSL_NO_SSL2
113 case SSL2_ST_CLIENT_START_ENCRYPTION:
114 str="SSLv2 client start encryption"; break;
115 case SSL2_ST_SERVER_START_ENCRYPTION:
116 str="SSLv2 server start encryption"; break;
117 case SSL2_ST_SEND_CLIENT_HELLO_A:
118 str="SSLv2 write client hello A"; break;
119 case SSL2_ST_SEND_CLIENT_HELLO_B:
120 str="SSLv2 write client hello B"; break;
121 case SSL2_ST_GET_SERVER_HELLO_A:
122 str="SSLv2 read server hello A"; break;
123 case SSL2_ST_GET_SERVER_HELLO_B:
124 str="SSLv2 read server hello B"; break;
125 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
126 str="SSLv2 write client master key A"; break;
127 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
128 str="SSLv2 write client master key B"; break;
129 case SSL2_ST_SEND_CLIENT_FINISHED_A:
130 str="SSLv2 write client finished A"; break;
131 case SSL2_ST_SEND_CLIENT_FINISHED_B:
132 str="SSLv2 write client finished B"; break;
133 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
134 str="SSLv2 write client certificate A"; break;
135 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
136 str="SSLv2 write client certificate B"; break;
137 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
138 str="SSLv2 write client certificate C"; break;
139 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
140 str="SSLv2 write client certificate D"; break;
141 case SSL2_ST_GET_SERVER_VERIFY_A:
142 str="SSLv2 read server verify A"; break;
143 case SSL2_ST_GET_SERVER_VERIFY_B:
144 str="SSLv2 read server verify B"; break;
145 case SSL2_ST_GET_SERVER_FINISHED_A:
146 str="SSLv2 read server finished A"; break;
147 case SSL2_ST_GET_SERVER_FINISHED_B:
148 str="SSLv2 read server finished B"; break;
149 case SSL2_ST_GET_CLIENT_HELLO_A:
150 str="SSLv2 read client hello A"; break;
151 case SSL2_ST_GET_CLIENT_HELLO_B:
152 str="SSLv2 read client hello B"; break;
153 case SSL2_ST_GET_CLIENT_HELLO_C:
154 str="SSLv2 read client hello C"; break;
155 case SSL2_ST_SEND_SERVER_HELLO_A:
156 str="SSLv2 write server hello A"; break;
157 case SSL2_ST_SEND_SERVER_HELLO_B:
158 str="SSLv2 write server hello B"; break;
159 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
160 str="SSLv2 read client master key A"; break;
161 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
162 str="SSLv2 read client master key B"; break;
163 case SSL2_ST_SEND_SERVER_VERIFY_A:
164 str="SSLv2 write server verify A"; break;
165 case SSL2_ST_SEND_SERVER_VERIFY_B:
166 str="SSLv2 write server verify B"; break;
167 case SSL2_ST_SEND_SERVER_VERIFY_C:
168 str="SSLv2 write server verify C"; break;
169 case SSL2_ST_GET_CLIENT_FINISHED_A:
170 str="SSLv2 read client finished A"; break;
171 case SSL2_ST_GET_CLIENT_FINISHED_B:
172 str="SSLv2 read client finished B"; break;
173 case SSL2_ST_SEND_SERVER_FINISHED_A:
174 str="SSLv2 write server finished A"; break;
175 case SSL2_ST_SEND_SERVER_FINISHED_B:
176 str="SSLv2 write server finished B"; break;
177 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
178 str="SSLv2 write request certificate A"; break;
179 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
180 str="SSLv2 write request certificate B"; break;
181 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
182 str="SSLv2 write request certificate C"; break;
183 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
184 str="SSLv2 write request certificate D"; break;
185 case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
186 str="SSLv2 X509 read server certificate"; break;
187 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
188 str="SSLv2 X509 read client certificate"; break;
189#endif
190
191#ifndef OPENSSL_NO_SSL3
192/* SSLv3 additions */ 112/* SSLv3 additions */
193 case SSL3_ST_CW_CLNT_HELLO_A: 113 case SSL3_ST_CW_CLNT_HELLO_A:
194 str="SSLv3 write client hello A"; break; 114 str="SSLv3 write client hello A"; break;
@@ -312,25 +232,6 @@ const char
312 str="SSLv3 read certificate verify A"; break; 232 str="SSLv3 read certificate verify A"; break;
313 case SSL3_ST_SR_CERT_VRFY_B: 233 case SSL3_ST_SR_CERT_VRFY_B:
314 str="SSLv3 read certificate verify B"; break; 234 str="SSLv3 read certificate verify B"; break;
315#endif
316
317#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
318/* SSLv2/v3 compatibility states */
319/* client */
320 case SSL23_ST_CW_CLNT_HELLO_A:
321 str="SSLv2/v3 write client hello A"; break;
322 case SSL23_ST_CW_CLNT_HELLO_B:
323 str="SSLv2/v3 write client hello B"; break;
324 case SSL23_ST_CR_SRVR_HELLO_A:
325 str="SSLv2/v3 read server hello A"; break;
326 case SSL23_ST_CR_SRVR_HELLO_B:
327 str="SSLv2/v3 read server hello B"; break;
328/* server */
329 case SSL23_ST_SR_CLNT_HELLO_A:
330 str="SSLv2/v3 read client hello A"; break;
331 case SSL23_ST_SR_CLNT_HELLO_B:
332 str="SSLv2/v3 read client hello B"; break;
333#endif
334 235
335/* DTLS */ 236/* DTLS */
336 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 237 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
@@ -380,86 +281,7 @@ const char
380 str="CINIT "; break; 281 str="CINIT "; break;
381 case SSL_ST_OK: 282 case SSL_ST_OK:
382 str="SSLOK "; break; 283 str="SSLOK "; break;
383#ifndef OPENSSL_NO_SSL2
384 case SSL2_ST_CLIENT_START_ENCRYPTION:
385 str="2CSENC"; break;
386 case SSL2_ST_SERVER_START_ENCRYPTION:
387 str="2SSENC"; break;
388 case SSL2_ST_SEND_CLIENT_HELLO_A:
389 str="2SCH_A"; break;
390 case SSL2_ST_SEND_CLIENT_HELLO_B:
391 str="2SCH_B"; break;
392 case SSL2_ST_GET_SERVER_HELLO_A:
393 str="2GSH_A"; break;
394 case SSL2_ST_GET_SERVER_HELLO_B:
395 str="2GSH_B"; break;
396 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
397 str="2SCMKA"; break;
398 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
399 str="2SCMKB"; break;
400 case SSL2_ST_SEND_CLIENT_FINISHED_A:
401 str="2SCF_A"; break;
402 case SSL2_ST_SEND_CLIENT_FINISHED_B:
403 str="2SCF_B"; break;
404 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
405 str="2SCC_A"; break;
406 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
407 str="2SCC_B"; break;
408 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
409 str="2SCC_C"; break;
410 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
411 str="2SCC_D"; break;
412 case SSL2_ST_GET_SERVER_VERIFY_A:
413 str="2GSV_A"; break;
414 case SSL2_ST_GET_SERVER_VERIFY_B:
415 str="2GSV_B"; break;
416 case SSL2_ST_GET_SERVER_FINISHED_A:
417 str="2GSF_A"; break;
418 case SSL2_ST_GET_SERVER_FINISHED_B:
419 str="2GSF_B"; break;
420 case SSL2_ST_GET_CLIENT_HELLO_A:
421 str="2GCH_A"; break;
422 case SSL2_ST_GET_CLIENT_HELLO_B:
423 str="2GCH_B"; break;
424 case SSL2_ST_GET_CLIENT_HELLO_C:
425 str="2GCH_C"; break;
426 case SSL2_ST_SEND_SERVER_HELLO_A:
427 str="2SSH_A"; break;
428 case SSL2_ST_SEND_SERVER_HELLO_B:
429 str="2SSH_B"; break;
430 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
431 str="2GCMKA"; break;
432 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
433 str="2GCMKA"; break;
434 case SSL2_ST_SEND_SERVER_VERIFY_A:
435 str="2SSV_A"; break;
436 case SSL2_ST_SEND_SERVER_VERIFY_B:
437 str="2SSV_B"; break;
438 case SSL2_ST_SEND_SERVER_VERIFY_C:
439 str="2SSV_C"; break;
440 case SSL2_ST_GET_CLIENT_FINISHED_A:
441 str="2GCF_A"; break;
442 case SSL2_ST_GET_CLIENT_FINISHED_B:
443 str="2GCF_B"; break;
444 case SSL2_ST_SEND_SERVER_FINISHED_A:
445 str="2SSF_A"; break;
446 case SSL2_ST_SEND_SERVER_FINISHED_B:
447 str="2SSF_B"; break;
448 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
449 str="2SRC_A"; break;
450 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
451 str="2SRC_B"; break;
452 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
453 str="2SRC_C"; break;
454 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
455 str="2SRC_D"; break;
456 case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
457 str="2X9GSC"; break;
458 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
459 str="2X9GCC"; break;
460#endif
461 284
462#ifndef OPENSSL_NO_SSL3
463/* SSLv3 additions */ 285/* SSLv3 additions */
464 case SSL3_ST_SW_FLUSH: 286 case SSL3_ST_SW_FLUSH:
465 case SSL3_ST_CW_FLUSH: 287 case SSL3_ST_CW_FLUSH:
@@ -574,25 +396,6 @@ const char
574 str="3RCV_A"; break; 396 str="3RCV_A"; break;
575 case SSL3_ST_SR_CERT_VRFY_B: 397 case SSL3_ST_SR_CERT_VRFY_B:
576 str="3RCV_B"; break; 398 str="3RCV_B"; break;
577#endif
578
579#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
580/* SSLv2/v3 compatibility states */
581/* client */
582 case SSL23_ST_CW_CLNT_HELLO_A:
583 str="23WCHA"; break;
584 case SSL23_ST_CW_CLNT_HELLO_B:
585 str="23WCHB"; break;
586 case SSL23_ST_CR_SRVR_HELLO_A:
587 str="23RSHA"; break;
588 case SSL23_ST_CR_SRVR_HELLO_B:
589 str="23RSHA"; break;
590/* server */
591 case SSL23_ST_SR_CLNT_HELLO_A:
592 str="23RCHA"; break;
593 case SSL23_ST_SR_CLNT_HELLO_B:
594 str="23RCHB"; break;
595#endif
596/* DTLS */ 399/* DTLS */
597 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 400 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
598 str="DRCHVA"; break; 401 str="DRCHVA"; break;
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c
index ea236df44d..771c50a3e1 100644
--- a/src/lib/libssl/src/ssl/ssltest.c
+++ b/src/lib/libssl/src/ssl/ssltest.c
@@ -324,15 +324,8 @@ sv_usage(void)
324 fprintf(stderr, " -srpuser user - SRP username to use\n"); 324 fprintf(stderr, " -srpuser user - SRP username to use\n");
325 fprintf(stderr, " -srppass arg - password for 'user'\n"); 325 fprintf(stderr, " -srppass arg - password for 'user'\n");
326#endif 326#endif
327#ifndef OPENSSL_NO_SSL2
328 fprintf(stderr, " -ssl2 - use SSLv2\n");
329#endif
330#ifndef OPENSSL_NO_SSL3
331 fprintf(stderr, " -ssl3 - use SSLv3\n"); 327 fprintf(stderr, " -ssl3 - use SSLv3\n");
332#endif
333#ifndef OPENSSL_NO_TLS1
334 fprintf(stderr, " -tls1 - use TLSv1\n"); 328 fprintf(stderr, " -tls1 - use TLSv1\n");
335#endif
336 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 329 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
337 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 330 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
338 fprintf(stderr, " -cert arg - Server certificate file\n"); 331 fprintf(stderr, " -cert arg - Server certificate file\n");
@@ -778,27 +771,12 @@ bad:
778 } 771 }
779#endif 772#endif
780 773
781#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
782 if (ssl2)
783 meth = SSLv2_method();
784 else if (tls1)
785 meth = TLSv1_method();
786 else if (ssl3)
787 meth = SSLv3_method();
788 else
789 meth = SSLv23_method();
790#else
791#ifdef OPENSSL_NO_SSL2
792 if (tls1) 774 if (tls1)
793 meth = TLSv1_method(); 775 meth = TLSv1_method();
794 else if (ssl3) 776 else if (ssl3)
795 meth = SSLv3_method(); 777 meth = SSLv3_method();
796 else 778 else
797 meth = SSLv23_method(); 779 meth = SSLv23_method();
798#else
799 meth = SSLv2_method();
800#endif
801#endif
802 780
803 c_ctx = SSL_CTX_new(meth); 781 c_ctx = SSL_CTX_new(meth);
804 s_ctx = SSL_CTX_new(meth); 782 s_ctx = SSL_CTX_new(meth);
@@ -2325,20 +2303,6 @@ do_test_cipherlist(void)
2325 const SSL_METHOD *meth; 2303 const SSL_METHOD *meth;
2326 const SSL_CIPHER *ci, *tci = NULL; 2304 const SSL_CIPHER *ci, *tci = NULL;
2327 2305
2328#ifndef OPENSSL_NO_SSL2
2329 fprintf(stderr, "testing SSLv2 cipher list order: ");
2330 meth = SSLv2_method();
2331 while ((ci = meth->get_cipher(i++)) != NULL) {
2332 if (tci != NULL)
2333 if (ci->id >= tci->id) {
2334 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
2335 return 0;
2336 }
2337 tci = ci;
2338 }
2339 fprintf(stderr, "ok\n");
2340#endif
2341#ifndef OPENSSL_NO_SSL3
2342 fprintf(stderr, "testing SSLv3 cipher list order: "); 2306 fprintf(stderr, "testing SSLv3 cipher list order: ");
2343 meth = SSLv3_method(); 2307 meth = SSLv3_method();
2344 tci = NULL; 2308 tci = NULL;
@@ -2351,8 +2315,6 @@ do_test_cipherlist(void)
2351 tci = ci; 2315 tci = ci;
2352 } 2316 }
2353 fprintf(stderr, "ok\n"); 2317 fprintf(stderr, "ok\n");
2354#endif
2355#ifndef OPENSSL_NO_TLS1
2356 fprintf(stderr, "testing TLSv1 cipher list order: "); 2318 fprintf(stderr, "testing TLSv1 cipher list order: ");
2357 meth = TLSv1_method(); 2319 meth = TLSv1_method();
2358 tci = NULL; 2320 tci = NULL;
@@ -2365,7 +2327,6 @@ do_test_cipherlist(void)
2365 tci = ci; 2327 tci = ci;
2366 } 2328 }
2367 fprintf(stderr, "ok\n"); 2329 fprintf(stderr, "ok\n");
2368#endif
2369 2330
2370 return 1; 2331 return 1;
2371} 2332}
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 97e4a3f96c..d3e015e738 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -350,10 +350,6 @@ extern "C" {
350extern "C" { 350extern "C" {
351#endif 351#endif
352 352
353#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
354#define OPENSSL_NO_SSL2
355#endif
356
357#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 353#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
358#define SSL_FILETYPE_PEM X509_FILETYPE_PEM 354#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
359 355
@@ -1839,12 +1835,6 @@ const char *SSL_get_version(const SSL *s);
1839/* This sets the 'default' SSL version that SSL_new() will create */ 1835/* This sets the 'default' SSL version that SSL_new() will create */
1840int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); 1836int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
1841 1837
1842#ifndef OPENSSL_NO_SSL2
1843const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
1844const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
1845const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
1846#endif
1847
1848const SSL_METHOD *SSLv3_method(void); /* SSLv3 */ 1838const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1849const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ 1839const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1850const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ 1840const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
diff --git a/src/lib/libssl/ssl/Makefile b/src/lib/libssl/ssl/Makefile
index 89c79ed8f9..6c41b6449c 100644
--- a/src/lib/libssl/ssl/Makefile
+++ b/src/lib/libssl/ssl/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.34 2014/04/14 22:12:26 beck Exp $ 1# $OpenBSD: Makefile,v 1.35 2014/04/15 21:47:56 tedu Exp $
2 2
3LIB= ssl 3LIB= ssl
4 4
@@ -7,12 +7,10 @@ LSSL_SRC= ${SSL_SRC}/ssl
7 7
8CFLAGS+= -DTERMIOS -DANSI_SOURCE 8CFLAGS+= -DTERMIOS -DANSI_SOURCE
9CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 9CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5
10CFLAGS+= -DOPENSSL_NO_SSL2
11CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS 10CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS
12CFLAGS+= -I${SSL_SRC} 11CFLAGS+= -I${SSL_SRC}
13 12
14SRCS=\ 13SRCS=\
15 s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \
16 s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \ 14 s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \
17 s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ 15 s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \
18 t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \ 16 t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
index 3d9371cdd7..da55c92de2 100644
--- a/src/lib/libssl/ssl_stat.c
+++ b/src/lib/libssl/ssl_stat.c
@@ -109,86 +109,6 @@ const char
109 str="before/accept initialization"; break; 109 str="before/accept initialization"; break;
110 case SSL_ST_OK|SSL_ST_ACCEPT: 110 case SSL_ST_OK|SSL_ST_ACCEPT:
111 str="ok/accept SSL initialization"; break; 111 str="ok/accept SSL initialization"; break;
112#ifndef OPENSSL_NO_SSL2
113 case SSL2_ST_CLIENT_START_ENCRYPTION:
114 str="SSLv2 client start encryption"; break;
115 case SSL2_ST_SERVER_START_ENCRYPTION:
116 str="SSLv2 server start encryption"; break;
117 case SSL2_ST_SEND_CLIENT_HELLO_A:
118 str="SSLv2 write client hello A"; break;
119 case SSL2_ST_SEND_CLIENT_HELLO_B:
120 str="SSLv2 write client hello B"; break;
121 case SSL2_ST_GET_SERVER_HELLO_A:
122 str="SSLv2 read server hello A"; break;
123 case SSL2_ST_GET_SERVER_HELLO_B:
124 str="SSLv2 read server hello B"; break;
125 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
126 str="SSLv2 write client master key A"; break;
127 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
128 str="SSLv2 write client master key B"; break;
129 case SSL2_ST_SEND_CLIENT_FINISHED_A:
130 str="SSLv2 write client finished A"; break;
131 case SSL2_ST_SEND_CLIENT_FINISHED_B:
132 str="SSLv2 write client finished B"; break;
133 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
134 str="SSLv2 write client certificate A"; break;
135 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
136 str="SSLv2 write client certificate B"; break;
137 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
138 str="SSLv2 write client certificate C"; break;
139 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
140 str="SSLv2 write client certificate D"; break;
141 case SSL2_ST_GET_SERVER_VERIFY_A:
142 str="SSLv2 read server verify A"; break;
143 case SSL2_ST_GET_SERVER_VERIFY_B:
144 str="SSLv2 read server verify B"; break;
145 case SSL2_ST_GET_SERVER_FINISHED_A:
146 str="SSLv2 read server finished A"; break;
147 case SSL2_ST_GET_SERVER_FINISHED_B:
148 str="SSLv2 read server finished B"; break;
149 case SSL2_ST_GET_CLIENT_HELLO_A:
150 str="SSLv2 read client hello A"; break;
151 case SSL2_ST_GET_CLIENT_HELLO_B:
152 str="SSLv2 read client hello B"; break;
153 case SSL2_ST_GET_CLIENT_HELLO_C:
154 str="SSLv2 read client hello C"; break;
155 case SSL2_ST_SEND_SERVER_HELLO_A:
156 str="SSLv2 write server hello A"; break;
157 case SSL2_ST_SEND_SERVER_HELLO_B:
158 str="SSLv2 write server hello B"; break;
159 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
160 str="SSLv2 read client master key A"; break;
161 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
162 str="SSLv2 read client master key B"; break;
163 case SSL2_ST_SEND_SERVER_VERIFY_A:
164 str="SSLv2 write server verify A"; break;
165 case SSL2_ST_SEND_SERVER_VERIFY_B:
166 str="SSLv2 write server verify B"; break;
167 case SSL2_ST_SEND_SERVER_VERIFY_C:
168 str="SSLv2 write server verify C"; break;
169 case SSL2_ST_GET_CLIENT_FINISHED_A:
170 str="SSLv2 read client finished A"; break;
171 case SSL2_ST_GET_CLIENT_FINISHED_B:
172 str="SSLv2 read client finished B"; break;
173 case SSL2_ST_SEND_SERVER_FINISHED_A:
174 str="SSLv2 write server finished A"; break;
175 case SSL2_ST_SEND_SERVER_FINISHED_B:
176 str="SSLv2 write server finished B"; break;
177 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
178 str="SSLv2 write request certificate A"; break;
179 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
180 str="SSLv2 write request certificate B"; break;
181 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
182 str="SSLv2 write request certificate C"; break;
183 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
184 str="SSLv2 write request certificate D"; break;
185 case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
186 str="SSLv2 X509 read server certificate"; break;
187 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
188 str="SSLv2 X509 read client certificate"; break;
189#endif
190
191#ifndef OPENSSL_NO_SSL3
192/* SSLv3 additions */ 112/* SSLv3 additions */
193 case SSL3_ST_CW_CLNT_HELLO_A: 113 case SSL3_ST_CW_CLNT_HELLO_A:
194 str="SSLv3 write client hello A"; break; 114 str="SSLv3 write client hello A"; break;
@@ -312,25 +232,6 @@ const char
312 str="SSLv3 read certificate verify A"; break; 232 str="SSLv3 read certificate verify A"; break;
313 case SSL3_ST_SR_CERT_VRFY_B: 233 case SSL3_ST_SR_CERT_VRFY_B:
314 str="SSLv3 read certificate verify B"; break; 234 str="SSLv3 read certificate verify B"; break;
315#endif
316
317#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
318/* SSLv2/v3 compatibility states */
319/* client */
320 case SSL23_ST_CW_CLNT_HELLO_A:
321 str="SSLv2/v3 write client hello A"; break;
322 case SSL23_ST_CW_CLNT_HELLO_B:
323 str="SSLv2/v3 write client hello B"; break;
324 case SSL23_ST_CR_SRVR_HELLO_A:
325 str="SSLv2/v3 read server hello A"; break;
326 case SSL23_ST_CR_SRVR_HELLO_B:
327 str="SSLv2/v3 read server hello B"; break;
328/* server */
329 case SSL23_ST_SR_CLNT_HELLO_A:
330 str="SSLv2/v3 read client hello A"; break;
331 case SSL23_ST_SR_CLNT_HELLO_B:
332 str="SSLv2/v3 read client hello B"; break;
333#endif
334 235
335/* DTLS */ 236/* DTLS */
336 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 237 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
@@ -380,86 +281,7 @@ const char
380 str="CINIT "; break; 281 str="CINIT "; break;
381 case SSL_ST_OK: 282 case SSL_ST_OK:
382 str="SSLOK "; break; 283 str="SSLOK "; break;
383#ifndef OPENSSL_NO_SSL2
384 case SSL2_ST_CLIENT_START_ENCRYPTION:
385 str="2CSENC"; break;
386 case SSL2_ST_SERVER_START_ENCRYPTION:
387 str="2SSENC"; break;
388 case SSL2_ST_SEND_CLIENT_HELLO_A:
389 str="2SCH_A"; break;
390 case SSL2_ST_SEND_CLIENT_HELLO_B:
391 str="2SCH_B"; break;
392 case SSL2_ST_GET_SERVER_HELLO_A:
393 str="2GSH_A"; break;
394 case SSL2_ST_GET_SERVER_HELLO_B:
395 str="2GSH_B"; break;
396 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
397 str="2SCMKA"; break;
398 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
399 str="2SCMKB"; break;
400 case SSL2_ST_SEND_CLIENT_FINISHED_A:
401 str="2SCF_A"; break;
402 case SSL2_ST_SEND_CLIENT_FINISHED_B:
403 str="2SCF_B"; break;
404 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
405 str="2SCC_A"; break;
406 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
407 str="2SCC_B"; break;
408 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
409 str="2SCC_C"; break;
410 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
411 str="2SCC_D"; break;
412 case SSL2_ST_GET_SERVER_VERIFY_A:
413 str="2GSV_A"; break;
414 case SSL2_ST_GET_SERVER_VERIFY_B:
415 str="2GSV_B"; break;
416 case SSL2_ST_GET_SERVER_FINISHED_A:
417 str="2GSF_A"; break;
418 case SSL2_ST_GET_SERVER_FINISHED_B:
419 str="2GSF_B"; break;
420 case SSL2_ST_GET_CLIENT_HELLO_A:
421 str="2GCH_A"; break;
422 case SSL2_ST_GET_CLIENT_HELLO_B:
423 str="2GCH_B"; break;
424 case SSL2_ST_GET_CLIENT_HELLO_C:
425 str="2GCH_C"; break;
426 case SSL2_ST_SEND_SERVER_HELLO_A:
427 str="2SSH_A"; break;
428 case SSL2_ST_SEND_SERVER_HELLO_B:
429 str="2SSH_B"; break;
430 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
431 str="2GCMKA"; break;
432 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
433 str="2GCMKA"; break;
434 case SSL2_ST_SEND_SERVER_VERIFY_A:
435 str="2SSV_A"; break;
436 case SSL2_ST_SEND_SERVER_VERIFY_B:
437 str="2SSV_B"; break;
438 case SSL2_ST_SEND_SERVER_VERIFY_C:
439 str="2SSV_C"; break;
440 case SSL2_ST_GET_CLIENT_FINISHED_A:
441 str="2GCF_A"; break;
442 case SSL2_ST_GET_CLIENT_FINISHED_B:
443 str="2GCF_B"; break;
444 case SSL2_ST_SEND_SERVER_FINISHED_A:
445 str="2SSF_A"; break;
446 case SSL2_ST_SEND_SERVER_FINISHED_B:
447 str="2SSF_B"; break;
448 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
449 str="2SRC_A"; break;
450 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
451 str="2SRC_B"; break;
452 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
453 str="2SRC_C"; break;
454 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
455 str="2SRC_D"; break;
456 case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
457 str="2X9GSC"; break;
458 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
459 str="2X9GCC"; break;
460#endif
461 284
462#ifndef OPENSSL_NO_SSL3
463/* SSLv3 additions */ 285/* SSLv3 additions */
464 case SSL3_ST_SW_FLUSH: 286 case SSL3_ST_SW_FLUSH:
465 case SSL3_ST_CW_FLUSH: 287 case SSL3_ST_CW_FLUSH:
@@ -574,25 +396,6 @@ const char
574 str="3RCV_A"; break; 396 str="3RCV_A"; break;
575 case SSL3_ST_SR_CERT_VRFY_B: 397 case SSL3_ST_SR_CERT_VRFY_B:
576 str="3RCV_B"; break; 398 str="3RCV_B"; break;
577#endif
578
579#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
580/* SSLv2/v3 compatibility states */
581/* client */
582 case SSL23_ST_CW_CLNT_HELLO_A:
583 str="23WCHA"; break;
584 case SSL23_ST_CW_CLNT_HELLO_B:
585 str="23WCHB"; break;
586 case SSL23_ST_CR_SRVR_HELLO_A:
587 str="23RSHA"; break;
588 case SSL23_ST_CR_SRVR_HELLO_B:
589 str="23RSHA"; break;
590/* server */
591 case SSL23_ST_SR_CLNT_HELLO_A:
592 str="23RCHA"; break;
593 case SSL23_ST_SR_CLNT_HELLO_B:
594 str="23RCHB"; break;
595#endif
596/* DTLS */ 399/* DTLS */
597 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 400 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
598 str="DRCHVA"; break; 401 str="DRCHVA"; break;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 15:03:47 +0000