summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/s23_clnt.c14
-rw-r--r--src/lib/libssl/s23_lib.c12
-rw-r--r--src/lib/libssl/s23_pkt.c16
-rw-r--r--src/lib/libssl/s23_srvr.c26
-rw-r--r--src/lib/libssl/src/ssl/kssl.c97
-rw-r--r--src/lib/libssl/src/ssl/kssl.h2
-rw-r--r--src/lib/libssl/src/ssl/s23_clnt.c14
-rw-r--r--src/lib/libssl/src/ssl/s23_lib.c12
-rw-r--r--src/lib/libssl/src/ssl/s23_meth.c12
-rw-r--r--src/lib/libssl/src/ssl/s23_pkt.c16
-rw-r--r--src/lib/libssl/src/ssl/s23_srvr.c26
-rw-r--r--src/lib/libssl/src/ssl/tls1.h20
-rw-r--r--src/lib/libssl/src/ssl/tls_srp.c33
-rw-r--r--src/lib/libssl/tls1.h20
14 files changed, 163 insertions, 157 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 65e2be0c8c..293b1e5da2 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,7 +63,7 @@
63 * are met: 63 * are met:
64 * 64 *
65 * 1. Redistributions of source code must retain the above copyright 65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer. 66 * notice, this list of conditions and the following disclaimer.
67 * 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright 68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in 69 * notice, this list of conditions and the following disclaimer in
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
index 226af4b3cb..2a8d9157d2 100644
--- a/src/lib/libssl/s23_lib.c
+++ b/src/lib/libssl/s23_lib.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c
index 28d07a2212..7e270ed59f 100644
--- a/src/lib/libssl/s23_pkt.c
+++ b/src/lib/libssl/s23_pkt.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -100,8 +100,8 @@ ssl23_read_bytes(SSL *s, int n)
100 100
101 for (;;) { 101 for (;;) {
102 s->rwstate = SSL_READING; 102 s->rwstate = SSL_READING;
103 j = BIO_read(s->rbio,(char *)&(p[s->packet_length]), 103 j = BIO_read(s->rbio, (char *)&(p[s->packet_length]),
104 n - s->packet_length); 104 n - s->packet_length);
105 if (j <= 0) 105 if (j <= 0)
106 return (j); 106 return (j);
107 s->rwstate = SSL_NOTHING; 107 s->rwstate = SSL_NOTHING;
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index 665907ee12..1f17c19c06 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,7 +63,7 @@
63 * are met: 63 * are met:
64 * 64 *
65 * 1. Redistributions of source code must retain the above copyright 65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer. 66 * notice, this list of conditions and the following disclaimer.
67 * 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright 68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in 69 * notice, this list of conditions and the following disclaimer in
@@ -307,8 +307,8 @@ ssl23_get_client_hello(SSL *s)
307 } else if ((p[0] == SSL3_RT_HANDSHAKE) && 307 } else if ((p[0] == SSL3_RT_HANDSHAKE) &&
308 (p[1] == SSL3_VERSION_MAJOR) && 308 (p[1] == SSL3_VERSION_MAJOR) &&
309 (p[5] == SSL3_MT_CLIENT_HELLO) && 309 (p[5] == SSL3_MT_CLIENT_HELLO) &&
310 ((p[3] == 0 && p[4] < 5 /* silly record length? */) 310 ((p[3] == 0 && p[4] < 5 /* silly record length? */) ||
311 || (p[9] >= p[1]))) { 311 (p[9] >= p[1]))) {
312 /* 312 /*
313 * SSLv3 or tls1 header 313 * SSLv3 or tls1 header
314 */ 314 */
@@ -397,7 +397,7 @@ ssl23_get_client_hello(SSL *s)
397 ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2); 397 ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
398 if (s->msg_callback) 398 if (s->msg_callback)
399 s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2, 399 s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
400 s->packet_length-2, s, s->msg_callback_arg); 400 s->packet_length - 2, s, s->msg_callback_arg);
401 401
402 p = s->packet; 402 p = s->packet;
403 p += 5; 403 p += 5;
@@ -405,8 +405,7 @@ ssl23_get_client_hello(SSL *s)
405 n2s(p, sil); 405 n2s(p, sil);
406 n2s(p, cl); 406 n2s(p, cl);
407 d = (unsigned char *)s->init_buf->data; 407 d = (unsigned char *)s->init_buf->data;
408 if ((csl + sil + cl + 11) != s->packet_length) 408 if ((csl + sil + cl + 11) != s->packet_length) {
409 {
410 /* 409 /*
411 * We can't have TLS extensions in SSL 2.0 format 410 * We can't have TLS extensions in SSL 2.0 format
412 * Client Hello, can we ? Error condition should be 411 * Client Hello, can we ? Error condition should be
@@ -482,7 +481,8 @@ ssl23_get_client_hello(SSL *s)
482 if ((type == 2) || (type == 3)) { 481 if ((type == 2) || (type == 3)) {
483 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ 482 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
484 483
485 if (!ssl_init_wbio_buffer(s, 1)) goto err; 484 if (!ssl_init_wbio_buffer(s, 1))
485 goto err;
486 486
487 /* we are in this state */ 487 /* we are in this state */
488 s->state = SSL3_ST_SR_CLNT_HELLO_A; 488 s->state = SSL3_ST_SR_CLNT_HELLO_A;
diff --git a/src/lib/libssl/src/ssl/kssl.c b/src/lib/libssl/src/ssl/kssl.c
index a0beabe753..b71753c191 100644
--- a/src/lib/libssl/src/ssl/kssl.c
+++ b/src/lib/libssl/src/ssl/kssl.c
@@ -9,7 +9,7 @@
9 * are met: 9 * are met:
10 * 10 *
11 * 1. Redistributions of source code must retain the above copyright 11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer. 12 * notice, this list of conditions and the following disclaimer.
13 * 13 *
14 * 2. Redistributions in binary form must reproduce the above copyright 14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in 15 * notice, this list of conditions and the following disclaimer in
@@ -145,7 +145,7 @@ kssl_map_enc(krb5_enctype enctype)
145** "62 xx 30 yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and 145** "62 xx 30 yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and
146** xx and yy are possibly multi-byte length fields. 146** xx and yy are possibly multi-byte length fields.
147*/ 147*/
148static int 148static int
149kssl_test_confound(unsigned char *p) 149kssl_test_confound(unsigned char *p)
150{ 150{
151 int len = 2; 151 int len = 2;
@@ -194,7 +194,7 @@ kssl_test_confound(unsigned char *p)
194 break; 194 break;
195 } 195 }
196 196
197 return (xx - len == yy) ? 1: 0; 197 return (xx - len == yy) ? 1 : 0;
198} 198}
199 199
200/* Allocate, fill, and return cksumlens array of checksum lengths. 200/* Allocate, fill, and return cksumlens array of checksum lengths.
@@ -203,7 +203,7 @@ kssl_test_confound(unsigned char *p)
203** 203**
204** The krb5_cksumarray[] was an internal variable that has since been 204** The krb5_cksumarray[] was an internal variable that has since been
205** replaced by a more general method for storing the data. It should 205** replaced by a more general method for storing the data. It should
206** not be used. Instead we use real API calls and make a guess for 206** not be used. Instead we use real API calls and make a guess for
207** what the highest assigned CKSUMTYPE_ constant is. As of 1.2.2 207** what the highest assigned CKSUMTYPE_ constant is. As of 1.2.2
208** it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3). So we will use 0x0010. 208** it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3). So we will use 0x0010.
209*/ 209*/
@@ -258,7 +258,7 @@ kssl_skip_confound(krb5_enctype etype, unsigned char *a)
258 static size_t *cksumlens = NULL; 258 static size_t *cksumlens = NULL;
259 unsigned char *test_auth; 259 unsigned char *test_auth;
260 260
261 conlen = (etype) ? 8: 0; 261 conlen = (etype) ? 8 : 0;
262 262
263 if (!cksumlens && !(cksumlens = populate_cksumlens())) 263 if (!cksumlens && !(cksumlens = populate_cksumlens()))
264 return NULL; 264 return NULL;
@@ -342,7 +342,7 @@ print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
342 } 342 }
343#ifdef KRB5_HEIMDAL 343#ifdef KRB5_HEIMDAL
344 printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype, 344 printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype,
345 keyblk->keyvalue->length); 345 keyblk->keyvalue->length);
346 for (i = 0; i < (int)keyblk->keyvalue->length; i++) { 346 for (i = 0; i < (int)keyblk->keyvalue->length; i++) {
347 printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]); 347 printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]);
348 } 348 }
@@ -369,7 +369,7 @@ print_krb5_princ(char *label, krb5_principal_data *princ)
369 if (princ == NULL) 369 if (princ == NULL)
370 return; 370 return;
371 for (ui = 0; ui < (int)princ->realm.length; ui++) 371 for (ui = 0; ui < (int)princ->realm.length; ui++)
372 putchar(princ->realm.data[ui]); 372 putchar(princ->realm.data[ui]);
373 printf(" (nametype %d) has %d strings:\n", princ->type, princ->length); 373 printf(" (nametype %d) has %d strings:\n", princ->type, princ->length);
374 for (i = 0; i < (int)princ->length; i++) { 374 for (i = 0; i < (int)princ->length; i++) {
375 printf("\t%d [%d]: ", i, princ->data[i].length); 375 printf("\t%d [%d]: ", i, princ->data[i].length);
@@ -420,7 +420,7 @@ kssl_cget_tkt(
420 } 420 }
421 421
422 if ((krb5rc = krb5_init_context(&krb5context)) != 0) { 422 if ((krb5rc = krb5_init_context(&krb5context)) != 0) {
423 (void) snprintf(kssl_err->text,KSSL_ERR_MAX, 423 (void) snprintf(kssl_err->text, KSSL_ERR_MAX,
424 "krb5_init_context() fails: %d\n", krb5rc); 424 "krb5_init_context() fails: %d\n", krb5rc);
425 kssl_err->reason = SSL_R_KRB5_C_INIT; 425 kssl_err->reason = SSL_R_KRB5_C_INIT;
426 goto err; 426 goto err;
@@ -428,12 +428,12 @@ kssl_cget_tkt(
428 428
429 if ((krb5rc = krb5_sname_to_principal(krb5context, 429 if ((krb5rc = krb5_sname_to_principal(krb5context,
430 kssl_ctx->service_host, 430 kssl_ctx->service_host,
431 (kssl_ctx->service_name)? kssl_ctx->service_name: KRB5SVC, 431 (kssl_ctx->service_name) ? kssl_ctx->service_name : KRB5SVC,
432 KRB5_NT_SRV_HST, &krb5creds.server)) != 0) { 432 KRB5_NT_SRV_HST, &krb5creds.server)) != 0) {
433 (void) snprintf(kssl_err->text,KSSL_ERR_MAX, 433 (void) snprintf(kssl_err->text, KSSL_ERR_MAX,
434 "krb5_sname_to_principal() fails for %s/%s\n", 434 "krb5_sname_to_principal() fails for %s/%s\n",
435 kssl_ctx->service_host, 435 kssl_ctx->service_host, (kssl_ctx->service_name) ?
436 (kssl_ctx->service_name)? kssl_ctx->service_name: KRB5SVC); 436 kssl_ctx->service_name : KRB5SVC);
437 kssl_err->reason = SSL_R_KRB5_C_INIT; 437 kssl_err->reason = SSL_R_KRB5_C_INIT;
438 goto err; 438 goto err;
439 } 439 }
@@ -445,12 +445,11 @@ kssl_cget_tkt(
445 } 445 }
446 446
447 if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef, 447 if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
448 &krb5creds.client)) != 0) 448 &krb5creds.client)) != 0) {
449 {
450 kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC, 449 kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
451 "krb5_cc_get_principal() fails.\n"); 450 "krb5_cc_get_principal() fails.\n");
452 goto err; 451 goto err;
453 } 452 }
454 453
455 if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef, 454 if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
456 &krb5creds, &krb5credsp)) != 0) { 455 &krb5creds, &krb5credsp)) != 0) {
@@ -494,12 +493,12 @@ kssl_cget_tkt(
494 ap_req = (KRB5_APREQBODY *) d2i_KRB5_APREQ(NULL, &p, arlen); 493 ap_req = (KRB5_APREQBODY *) d2i_KRB5_APREQ(NULL, &p, arlen);
495 if (ap_req) { 494 if (ap_req) {
496 authenp->length = i2d_KRB5_ENCDATA( 495 authenp->length = i2d_KRB5_ENCDATA(
497 ap_req->authenticator, NULL); 496 ap_req->authenticator, NULL);
498 if (authenp->length && 497 if (authenp->length &&
499 (authenp->data = malloc(authenp->length))) { 498 (authenp->data = malloc(authenp->length))) {
500 unsigned char *adp = (unsigned char *)authenp->data; 499 unsigned char *adp = (unsigned char *)authenp->data;
501 authenp->length = i2d_KRB5_ENCDATA( 500 authenp->length = i2d_KRB5_ENCDATA(
502 ap_req->authenticator, &adp); 501 ap_req->authenticator, &adp);
503 } 502 }
504 } 503 }
505 504
@@ -522,7 +521,7 @@ kssl_cget_tkt(
522 else 521 else
523 krb5rc = 0; 522 krb5rc = 0;
524 523
525 err: 524err:
526#ifdef KSSL_DEBUG 525#ifdef KSSL_DEBUG
527 kssl_ctx_show(kssl_ctx); 526 kssl_ctx_show(kssl_ctx);
528#endif /* KSSL_DEBUG */ 527#endif /* KSSL_DEBUG */
@@ -557,7 +556,7 @@ kssl_TKT2tkt(
557 /* OUT */ krb5_ticket **krb5ticket, 556 /* OUT */ krb5_ticket **krb5ticket,
558 /* OUT */ KSSL_ERR *kssl_err ) 557 /* OUT */ KSSL_ERR *kssl_err )
559{ 558{
560 krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC; 559 krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
561 krb5_ticket *new5ticket = NULL; 560 krb5_ticket *new5ticket = NULL;
562 ASN1_GENERALSTRING *gstr_svc, *gstr_host; 561 ASN1_GENERALSTRING *gstr_svc, *gstr_host;
563 562
@@ -609,8 +608,8 @@ kssl_TKT2tkt(
609 return KRB5KRB_ERR_GENERIC; 608 return KRB5KRB_ERR_GENERIC;
610 } else { 609 } else {
611 memcpy(new5ticket->enc_part.ciphertext.data, 610 memcpy(new5ticket->enc_part.ciphertext.data,
612 asn1ticket->encdata->cipher->data, 611 asn1ticket->encdata->cipher->data,
613 asn1ticket->encdata->cipher->length); 612 asn1ticket->encdata->cipher->length);
614 } 613 }
615 614
616 *krb5ticket = new5ticket; 615 *krb5ticket = new5ticket;
@@ -632,8 +631,8 @@ kssl_sget_tkt(
632 /* OUT */ krb5_ticket_times *ttimes, 631 /* OUT */ krb5_ticket_times *ttimes,
633 /* OUT */ KSSL_ERR *kssl_err ) 632 /* OUT */ KSSL_ERR *kssl_err )
634{ 633{
635 krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC; 634 krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
636 static krb5_context krb5context = NULL; 635 static krb5_context krb5context = NULL;
637 static krb5_auth_context krb5auth_context = NULL; 636 static krb5_auth_context krb5auth_context = NULL;
638 krb5_ticket *krb5ticket = NULL; 637 krb5_ticket *krb5ticket = NULL;
639 KRB5_TKTBODY *asn1ticket = NULL; 638 KRB5_TKTBODY *asn1ticket = NULL;
@@ -641,7 +640,7 @@ kssl_sget_tkt(
641 krb5_keytab krb5keytab = NULL; 640 krb5_keytab krb5keytab = NULL;
642 krb5_keytab_entry kt_entry; 641 krb5_keytab_entry kt_entry;
643 krb5_principal krb5server; 642 krb5_principal krb5server;
644 krb5_rcache rcache = NULL; 643 krb5_rcache rcache = NULL;
645 644
646 kssl_err_set(kssl_err, 0, ""); 645 kssl_err_set(kssl_err, 0, "");
647 646
@@ -788,13 +787,13 @@ kssl_sget_tkt(
788 krb5_address **paddr = krb5ticket->enc_part2->caddrs; 787 krb5_address **paddr = krb5ticket->enc_part2->caddrs;
789 printf("Decrypted ticket fields:\n"); 788 printf("Decrypted ticket fields:\n");
790 printf("\tflags: %X, transit-type: %X", 789 printf("\tflags: %X, transit-type: %X",
791 krb5ticket->enc_part2->flags, 790 krb5ticket->enc_part2->flags,
792 krb5ticket->enc_part2->transited.tr_type); 791 krb5ticket->enc_part2->transited.tr_type);
793 print_krb5_data("\ttransit-data: ", 792 print_krb5_data("\ttransit-data: ",
794 &(krb5ticket->enc_part2->transited.tr_contents)); 793 &(krb5ticket->enc_part2->transited.tr_contents));
795 printf("\tcaddrs: %p, authdata: %p\n", 794 printf("\tcaddrs: %p, authdata: %p\n",
796 krb5ticket->enc_part2->caddrs, 795 krb5ticket->enc_part2->caddrs,
797 krb5ticket->enc_part2->authorization_data); 796 krb5ticket->enc_part2->authorization_data);
798 if (paddr) { 797 if (paddr) {
799 printf("\tcaddrs:\n"); 798 printf("\tcaddrs:\n");
800 for (i = 0; paddr[i] != NULL; i++) { 799 for (i = 0; paddr[i] != NULL; i++) {
@@ -805,9 +804,9 @@ kssl_sget_tkt(
805 } 804 }
806 } 805 }
807 printf("\tstart/auth/end times: %d / %d / %d\n", 806 printf("\tstart/auth/end times: %d / %d / %d\n",
808 krb5ticket->enc_part2->times.starttime, 807 krb5ticket->enc_part2->times.starttime,
809 krb5ticket->enc_part2->times.authtime, 808 krb5ticket->enc_part2->times.authtime,
810 krb5ticket->enc_part2->times.endtime); 809 krb5ticket->enc_part2->times.endtime);
811 } 810 }
812#endif /* KSSL_DEBUG */ 811#endif /* KSSL_DEBUG */
813 } 812 }
@@ -841,7 +840,7 @@ kssl_sget_tkt(
841 ttimes->endtime = krb5ticket->enc_part2->times.endtime; 840 ttimes->endtime = krb5ticket->enc_part2->times.endtime;
842 ttimes->renew_till = krb5ticket->enc_part2->times.renew_till; 841 ttimes->renew_till = krb5ticket->enc_part2->times.renew_till;
843 842
844 err: 843err:
845#ifdef KSSL_DEBUG 844#ifdef KSSL_DEBUG
846 kssl_ctx_show(kssl_ctx); 845 kssl_ctx_show(kssl_ctx);
847#endif /* KSSL_DEBUG */ 846#endif /* KSSL_DEBUG */
@@ -1126,7 +1125,7 @@ kssl_keytab_is_available(KSSL_CTX *kssl_ctx)
1126 krb5_kt_free_entry(krb5context, &entry); 1125 krb5_kt_free_entry(krb5context, &entry);
1127 rc = 1; 1126 rc = 1;
1128 1127
1129 exit: 1128exit:
1130 if (krb5keytab) 1129 if (krb5keytab)
1131 krb5_kt_close(krb5context, krb5keytab); 1130 krb5_kt_close(krb5context, krb5keytab);
1132 if (princ) 1131 if (princ)
@@ -1175,7 +1174,7 @@ kssl_tgt_is_available(KSSL_CTX *kssl_ctx)
1175 1174
1176 rc = 1; 1175 rc = 1;
1177 1176
1178 err: 1177err:
1179#ifdef KSSL_DEBUG 1178#ifdef KSSL_DEBUG
1180 kssl_ctx_show(kssl_ctx); 1179 kssl_ctx_show(kssl_ctx);
1181#endif /* KSSL_DEBUG */ 1180#endif /* KSSL_DEBUG */
@@ -1214,7 +1213,8 @@ kssl_krb5_free_data_contents(krb5_context context, krb5_data *data)
1214** return NULL on failure. 1213** return NULL on failure.
1215*/ 1214*/
1216static struct tm * 1215static struct tm *
1217k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm) { 1216k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
1217{
1218 char c, *p; 1218 char c, *p;
1219 1219
1220 if (!k_tm) 1220 if (!k_tm)
@@ -1294,7 +1294,7 @@ get_rc_clockskew(krb5_context context)
1294** See Also: (Kerberos source)/krb5/lib/krb5/krb/valid_times.c 1294** See Also: (Kerberos source)/krb5/lib/krb5/krb/valid_times.c
1295** 20010420 VRS 1295** 20010420 VRS
1296*/ 1296*/
1297krb5_error_code 1297krb5_error_code
1298kssl_validate_times(krb5_timestamp atime, krb5_ticket_times *ttimes) 1298kssl_validate_times(krb5_timestamp atime, krb5_ticket_times *ttimes)
1299{ 1299{
1300 krb5_deltat skew; 1300 krb5_deltat skew;
@@ -1333,7 +1333,7 @@ kssl_validate_times(krb5_timestamp atime, krb5_ticket_times *ttimes)
1333 1333
1334/* Decode and decrypt given DER-encoded authenticator, then pass 1334/* Decode and decrypt given DER-encoded authenticator, then pass
1335** authenticator ctime back in *atimep (or 0 if time unavailable). 1335** authenticator ctime back in *atimep (or 0 if time unavailable).
1336** Returns krb5_error_code and kssl_err on error. A NULL 1336** Returns krb5_error_code and kssl_err on error. A NULL
1337** authenticator (authentp->length == 0) is not considered an error. 1337** authenticator (authentp->length == 0) is not considered an error.
1338** Note that kssl_check_authent() makes use of the KRB5 session key; 1338** Note that kssl_check_authent() makes use of the KRB5 session key;
1339** you must call kssl_sget_tkt() to get the key before calling this routine. 1339** you must call kssl_sget_tkt() to get the key before calling this routine.
@@ -1345,7 +1345,7 @@ kssl_check_authent(
1345 /* OUT */ krb5_timestamp *atimep, 1345 /* OUT */ krb5_timestamp *atimep,
1346 /* OUT */ KSSL_ERR *kssl_err ) 1346 /* OUT */ KSSL_ERR *kssl_err )
1347{ 1347{
1348 krb5_error_code krb5rc = 0; 1348 krb5_error_code krb5rc = 0;
1349 KRB5_ENCDATA *dec_authent = NULL; 1349 KRB5_ENCDATA *dec_authent = NULL;
1350 KRB5_AUTHENTBODY *auth = NULL; 1350 KRB5_AUTHENTBODY *auth = NULL;
1351 krb5_enctype enctype; 1351 krb5_enctype enctype;
@@ -1394,7 +1394,7 @@ kssl_check_authent(
1394 1394
1395 p = (unsigned char *)authentp->data; 1395 p = (unsigned char *)authentp->data;
1396 if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p, 1396 if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p,
1397 (long)authentp->length)) == NULL) { 1397 (long)authentp->length)) == NULL) {
1398 kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, 1398 kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
1399 "Error decoding authenticator.\n"); 1399 "Error decoding authenticator.\n");
1400 krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; 1400 krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
@@ -1481,7 +1481,8 @@ kssl_check_authent(
1481 printf("kssl_check_authent: returns %d for client time ", *atimep); 1481 printf("kssl_check_authent: returns %d for client time ", *atimep);
1482 if (auth && auth->ctime && auth->ctime->length && auth->ctime->data) 1482 if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
1483 printf("%.*s\n", auth->ctime->length, auth->ctime->data); 1483 printf("%.*s\n", auth->ctime->length, auth->ctime->data);
1484 else printf("NULL\n"); 1484 else
1485 printf("NULL\n");
1485#endif /* KSSL_DEBUG */ 1486#endif /* KSSL_DEBUG */
1486 1487
1487err: 1488err:
@@ -1511,11 +1512,11 @@ kssl_build_principal_2(
1511{ 1512{
1512 krb5_data *p_data = NULL; 1513 krb5_data *p_data = NULL;
1513 krb5_principal new_p = NULL; 1514 krb5_principal new_p = NULL;
1514 char *new_r = NULL; 1515 char *new_r = NULL;
1515 1516
1516 if ((p_data = (krb5_data *)calloc(2, sizeof(krb5_data))) == NULL || 1517 if ((p_data = (krb5_data *)calloc(2, sizeof(krb5_data))) == NULL ||
1517 (new_p = (krb5_principal)calloc(1, sizeof(krb5_principal_data))) 1518 (new_p = (krb5_principal)calloc(1, sizeof(krb5_principal_data))) ==
1518 == NULL) 1519 NULL)
1519 goto err; 1520 goto err;
1520 new_p->length = 2; 1521 new_p->length = 2;
1521 new_p->data = p_data; 1522 new_p->data = p_data;
@@ -1535,7 +1536,7 @@ kssl_build_principal_2(
1535 goto err; 1536 goto err;
1536 memcpy(new_p->data[1].data, host, hlen); 1537 memcpy(new_p->data[1].data, host, hlen);
1537 new_p->data[1].length = hlen; 1538 new_p->data[1].length = hlen;
1538 1539
1539 krb5_princ_type(context, new_p) = KRB5_NT_UNKNOWN; 1540 krb5_princ_type(context, new_p) = KRB5_NT_UNKNOWN;
1540 *princ = new_p; 1541 *princ = new_p;
1541 return 0; 1542 return 0;
@@ -1556,7 +1557,7 @@ void
1556SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx) 1557SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx)
1557{ 1558{
1558 s->kssl_ctx = kctx; 1559 s->kssl_ctx = kctx;
1559} 1560}
1560 1561
1561KSSL_CTX * 1562KSSL_CTX *
1562SSL_get0_kssl_ctx(SSL *s) 1563SSL_get0_kssl_ctx(SSL *s)
diff --git a/src/lib/libssl/src/ssl/kssl.h b/src/lib/libssl/src/ssl/kssl.h
index b61e3240c8..ec75188a8e 100644
--- a/src/lib/libssl/src/ssl/kssl.h
+++ b/src/lib/libssl/src/ssl/kssl.h
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index 65e2be0c8c..293b1e5da2 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,7 +63,7 @@
63 * are met: 63 * are met:
64 * 64 *
65 * 1. Redistributions of source code must retain the above copyright 65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer. 66 * notice, this list of conditions and the following disclaimer.
67 * 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright 68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in 69 * notice, this list of conditions and the following disclaimer in
diff --git a/src/lib/libssl/src/ssl/s23_lib.c b/src/lib/libssl/src/ssl/s23_lib.c
index 226af4b3cb..2a8d9157d2 100644
--- a/src/lib/libssl/src/ssl/s23_lib.c
+++ b/src/lib/libssl/src/ssl/s23_lib.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c
index ad9a513fd4..d19d96a9b7 100644
--- a/src/lib/libssl/src/ssl/s23_meth.c
+++ b/src/lib/libssl/src/ssl/s23_meth.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
diff --git a/src/lib/libssl/src/ssl/s23_pkt.c b/src/lib/libssl/src/ssl/s23_pkt.c
index 28d07a2212..7e270ed59f 100644
--- a/src/lib/libssl/src/ssl/s23_pkt.c
+++ b/src/lib/libssl/src/ssl/s23_pkt.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -100,8 +100,8 @@ ssl23_read_bytes(SSL *s, int n)
100 100
101 for (;;) { 101 for (;;) {
102 s->rwstate = SSL_READING; 102 s->rwstate = SSL_READING;
103 j = BIO_read(s->rbio,(char *)&(p[s->packet_length]), 103 j = BIO_read(s->rbio, (char *)&(p[s->packet_length]),
104 n - s->packet_length); 104 n - s->packet_length);
105 if (j <= 0) 105 if (j <= 0)
106 return (j); 106 return (j);
107 s->rwstate = SSL_NOTHING; 107 s->rwstate = SSL_NOTHING;
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index 665907ee12..1f17c19c06 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,7 +63,7 @@
63 * are met: 63 * are met:
64 * 64 *
65 * 1. Redistributions of source code must retain the above copyright 65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer. 66 * notice, this list of conditions and the following disclaimer.
67 * 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright 68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in 69 * notice, this list of conditions and the following disclaimer in
@@ -307,8 +307,8 @@ ssl23_get_client_hello(SSL *s)
307 } else if ((p[0] == SSL3_RT_HANDSHAKE) && 307 } else if ((p[0] == SSL3_RT_HANDSHAKE) &&
308 (p[1] == SSL3_VERSION_MAJOR) && 308 (p[1] == SSL3_VERSION_MAJOR) &&
309 (p[5] == SSL3_MT_CLIENT_HELLO) && 309 (p[5] == SSL3_MT_CLIENT_HELLO) &&
310 ((p[3] == 0 && p[4] < 5 /* silly record length? */) 310 ((p[3] == 0 && p[4] < 5 /* silly record length? */) ||
311 || (p[9] >= p[1]))) { 311 (p[9] >= p[1]))) {
312 /* 312 /*
313 * SSLv3 or tls1 header 313 * SSLv3 or tls1 header
314 */ 314 */
@@ -397,7 +397,7 @@ ssl23_get_client_hello(SSL *s)
397 ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2); 397 ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
398 if (s->msg_callback) 398 if (s->msg_callback)
399 s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2, 399 s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
400 s->packet_length-2, s, s->msg_callback_arg); 400 s->packet_length - 2, s, s->msg_callback_arg);
401 401
402 p = s->packet; 402 p = s->packet;
403 p += 5; 403 p += 5;
@@ -405,8 +405,7 @@ ssl23_get_client_hello(SSL *s)
405 n2s(p, sil); 405 n2s(p, sil);
406 n2s(p, cl); 406 n2s(p, cl);
407 d = (unsigned char *)s->init_buf->data; 407 d = (unsigned char *)s->init_buf->data;
408 if ((csl + sil + cl + 11) != s->packet_length) 408 if ((csl + sil + cl + 11) != s->packet_length) {
409 {
410 /* 409 /*
411 * We can't have TLS extensions in SSL 2.0 format 410 * We can't have TLS extensions in SSL 2.0 format
412 * Client Hello, can we ? Error condition should be 411 * Client Hello, can we ? Error condition should be
@@ -482,7 +481,8 @@ ssl23_get_client_hello(SSL *s)
482 if ((type == 2) || (type == 3)) { 481 if ((type == 2) || (type == 3)) {
483 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ 482 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
484 483
485 if (!ssl_init_wbio_buffer(s, 1)) goto err; 484 if (!ssl_init_wbio_buffer(s, 1))
485 goto err;
486 486
487 /* we are in this state */ 487 /* we are in this state */
488 s->state = SSL3_ST_SR_CLNT_HELLO_A; 488 s->state = SSL3_ST_SR_CLNT_HELLO_A;
diff --git a/src/lib/libssl/src/ssl/tls1.h b/src/lib/libssl/src/ssl/tls1.h
index 43879f82af..e05168cffe 100644
--- a/src/lib/libssl/src/ssl/tls1.h
+++ b/src/lib/libssl/src/ssl/tls1.h
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,7 +63,7 @@
63 * are met: 63 * are met:
64 * 64 *
65 * 1. Redistributions of source code must retain the above copyright 65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer. 66 * notice, this list of conditions and the following disclaimer.
67 * 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright 68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in 69 * notice, this list of conditions and the following disclaimer in
@@ -111,7 +111,7 @@
111/* ==================================================================== 111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * 113 *
114 * Portions of the attached software ("Contribution") are developed by 114 * Portions of the attached software ("Contribution") are developed by
115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116 * 116 *
117 * The Contribution is licensed pursuant to the OpenSSL open source 117 * The Contribution is licensed pursuant to the OpenSSL open source
@@ -148,8 +148,8 @@
148 * OTHERWISE. 148 * OTHERWISE.
149 */ 149 */
150 150
151#ifndef HEADER_TLS1_H 151#ifndef HEADER_TLS1_H
152#define HEADER_TLS1_H 152#define HEADER_TLS1_H
153 153
154#include <openssl/buffer.h> 154#include <openssl/buffer.h>
155 155
diff --git a/src/lib/libssl/src/ssl/tls_srp.c b/src/lib/libssl/src/ssl/tls_srp.c
index c585211cd0..e03eabcef6 100644
--- a/src/lib/libssl/src/ssl/tls_srp.c
+++ b/src/lib/libssl/src/ssl/tls_srp.c
@@ -1,6 +1,6 @@
1/* ssl/tls_srp.c */ 1/* ssl/tls_srp.c */
2/* Written by Christophe Renou (christophe.renou@edelweb.fr) with 2/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
3 * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr) 3 * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
4 * for the EdelKey project and contributed to the OpenSSL project 2004. 4 * for the EdelKey project and contributed to the OpenSSL project 2004.
5 */ 5 */
6/* ==================================================================== 6/* ====================================================================
@@ -11,7 +11,7 @@
11 * are met: 11 * are met:
12 * 12 *
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
15 * 15 *
16 * 2. Redistributions in binary form must reproduce the above copyright 16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in 17 * notice, this list of conditions and the following disclaimer in
@@ -64,7 +64,8 @@
64#include <openssl/err.h> 64#include <openssl/err.h>
65 65
66int 66int
67SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx) { 67SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx)
68{
68 if (ctx == NULL) 69 if (ctx == NULL)
69 return 0; 70 return 0;
70 free(ctx->srp_ctx.login); 71 free(ctx->srp_ctx.login);
@@ -96,7 +97,8 @@ SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx) {
96} 97}
97 98
98int 99int
99SSL_SRP_CTX_free(struct ssl_st *s) { 100SSL_SRP_CTX_free(struct ssl_st *s)
101{
100 if (s == NULL) 102 if (s == NULL)
101 return 0; 103 return 0;
102 free(s->srp_ctx.login); 104 free(s->srp_ctx.login);
@@ -128,7 +130,8 @@ SSL_SRP_CTX_free(struct ssl_st *s) {
128} 130}
129 131
130int 132int
131SSL_SRP_CTX_init(struct ssl_st *s) { 133SSL_SRP_CTX_init(struct ssl_st *s)
134{
132 SSL_CTX *ctx; 135 SSL_CTX *ctx;
133 136
134 if ((s == NULL) || ((ctx = s->ctx) == NULL)) 137 if ((s == NULL) || ((ctx = s->ctx) == NULL))
@@ -194,7 +197,8 @@ err:
194} 197}
195 198
196int 199int
197SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx) { 200SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx)
201{
198 if (ctx == NULL) 202 if (ctx == NULL)
199 return 0; 203 return 0;
200 204
@@ -232,7 +236,7 @@ SSL_srp_server_param_with_username(SSL *s, int *ad)
232 *ad = SSL_AD_UNKNOWN_PSK_IDENTITY; 236 *ad = SSL_AD_UNKNOWN_PSK_IDENTITY;
233 if ((s->srp_ctx.TLS_ext_srp_username_callback !=NULL) && 237 if ((s->srp_ctx.TLS_ext_srp_username_callback !=NULL) &&
234 ((al = s->srp_ctx.TLS_ext_srp_username_callback(s, ad, 238 ((al = s->srp_ctx.TLS_ext_srp_username_callback(s, ad,
235 s->srp_ctx.SRP_cb_arg)) != SSL_ERROR_NONE)) 239 s->srp_ctx.SRP_cb_arg)) != SSL_ERROR_NONE))
236 return al; 240 return al;
237 241
238 *ad = SSL_AD_INTERNAL_ERROR; 242 *ad = SSL_AD_INTERNAL_ERROR;
@@ -379,8 +383,9 @@ SRP_generate_client_master_secret(SSL *s, unsigned char *master_key)
379 goto err; 383 goto err;
380 384
381 tmp_len = BN_num_bytes(K); 385 tmp_len = BN_num_bytes(K);
382 if ((tmp = malloc(tmp_len)) == NULL) goto err; 386 if ((tmp = malloc(tmp_len)) == NULL)
383 BN_bn2bin(K, tmp); 387 goto err;
388 BN_bn2bin(K, tmp);
384 ret = s->method->ssl3_enc->generate_master_secret(s, master_key, 389 ret = s->method->ssl3_enc->generate_master_secret(s, master_key,
385 tmp, tmp_len); 390 tmp, tmp_len);
386err: 391err:
@@ -477,14 +482,14 @@ int
477SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength) 482SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
478{ 483{
479 return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH, strength, 484 return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH, strength,
480 NULL); 485 NULL);
481} 486}
482 487
483int 488int
484SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, int (*cb)(SSL *, void *)) 489SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, int (*cb)(SSL *, void *))
485{ 490{
486 return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_VERIFY_PARAM_CB, 491 return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,
487 (void (*)(void))cb); 492 (void (*)(void))cb);
488} 493}
489 494
490int 495int
@@ -498,14 +503,14 @@ SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
498 int (*cb)(SSL *, int *, void *)) 503 int (*cb)(SSL *, int *, void *))
499{ 504{
500 return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB, 505 return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,
501 (void (*)(void))cb); 506 (void (*)(void))cb);
502} 507}
503 508
504int 509int
505SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *, void *)) 510SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *, void *))
506{ 511{
507 return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB, 512 return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,
508 (void (*)(void))cb); 513 (void (*)(void))cb);
509} 514}
510 515
511#endif 516#endif
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index 43879f82af..e05168cffe 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,7 +63,7 @@
63 * are met: 63 * are met:
64 * 64 *
65 * 1. Redistributions of source code must retain the above copyright 65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer. 66 * notice, this list of conditions and the following disclaimer.
67 * 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright 68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in 69 * notice, this list of conditions and the following disclaimer in
@@ -111,7 +111,7 @@
111/* ==================================================================== 111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * 113 *
114 * Portions of the attached software ("Contribution") are developed by 114 * Portions of the attached software ("Contribution") are developed by
115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116 * 116 *
117 * The Contribution is licensed pursuant to the OpenSSL open source 117 * The Contribution is licensed pursuant to the OpenSSL open source
@@ -148,8 +148,8 @@
148 * OTHERWISE. 148 * OTHERWISE.
149 */ 149 */
150 150
151#ifndef HEADER_TLS1_H 151#ifndef HEADER_TLS1_H
152#define HEADER_TLS1_H 152#define HEADER_TLS1_H
153 153
154#include <openssl/buffer.h> 154#include <openssl/buffer.h>
155 155
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-21 23:06:12 +0000