summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/src/ssl/s2_clnt.c1213
-rw-r--r--src/lib/libssl/src/ssl/s2_enc.c149
-rw-r--r--src/lib/libssl/src/ssl/s2_lib.c569
-rw-r--r--src/lib/libssl/src/ssl/s2_meth.c17
-rw-r--r--src/lib/libssl/src/ssl/s2_pkt.c742
-rw-r--r--src/lib/libssl/src/ssl/s2_srvr.c1264
6 files changed, 1909 insertions, 2045 deletions
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c
index 15fbef9c77..a1cfab6f2d 100644
--- a/src/lib/libssl/src/ssl/s2_clnt.c
+++ b/src/lib/libssl/src/ssl/s2_clnt.c
@@ -121,152 +121,156 @@ static const SSL_METHOD *ssl2_get_client_method(int ver);
121static int get_server_finished(SSL *s); 121static int get_server_finished(SSL *s);
122static int get_server_verify(SSL *s); 122static int get_server_verify(SSL *s);
123static int get_server_hello(SSL *s); 123static int get_server_hello(SSL *s);
124static int client_hello(SSL *s); 124static int client_hello(SSL *s);
125
125static int client_master_key(SSL *s); 126static int client_master_key(SSL *s);
126static int client_finished(SSL *s); 127static int client_finished(SSL *s);
127static int client_certificate(SSL *s); 128static int client_certificate(SSL *s);
128static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, 129static int
129 unsigned char *to,int padding); 130ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
131unsigned char *to, int padding);
130#define BREAK break 132#define BREAK break
131 133
132static const SSL_METHOD *ssl2_get_client_method(int ver) 134static const SSL_METHOD
133 { 135*ssl2_get_client_method(int ver)
136{
134 if (ver == SSL2_VERSION) 137 if (ver == SSL2_VERSION)
135 return(SSLv2_client_method()); 138 return (SSLv2_client_method());
136 else 139 else
137 return(NULL); 140 return (NULL);
138 } 141}
139 142
140IMPLEMENT_ssl2_meth_func(SSLv2_client_method, 143IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
141 ssl_undefined_function, 144 ssl_undefined_function, ssl2_connect, ssl2_get_client_method)
142 ssl2_connect, 145
143 ssl2_get_client_method) 146int
144 147ssl2_connect(SSL *s)
145int ssl2_connect(SSL *s) 148{
146 { 149 unsigned long l = (unsigned long)time(NULL);
147 unsigned long l=(unsigned long)time(NULL); 150 BUF_MEM *buf = NULL;
148 BUF_MEM *buf=NULL; 151 int ret = -1;
149 int ret= -1; 152 void (*cb)(const SSL *ssl, int type, int val) = NULL;
150 void (*cb)(const SSL *ssl,int type,int val)=NULL; 153 int new_state, state;
151 int new_state,state; 154
152 155 RAND_add(&l, sizeof(l), 0);
153 RAND_add(&l,sizeof(l),0);
154 ERR_clear_error(); 156 ERR_clear_error();
155 errno = 0; 157 errno = 0;
156 158
157 if (s->info_callback != NULL) 159 if (s->info_callback != NULL)
158 cb=s->info_callback; 160 cb = s->info_callback;
159 else if (s->ctx->info_callback != NULL) 161 else if (s->ctx->info_callback != NULL)
160 cb=s->ctx->info_callback; 162 cb = s->ctx->info_callback;
161 163
162 /* init things to blank */ 164 /* init things to blank */
163 s->in_handshake++; 165 s->in_handshake++;
164 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 166 if (!SSL_in_init(s) || SSL_in_before(s))
167 SSL_clear(s);
165 168
166 for (;;) 169 for (;;) {
167 { 170 state = s->state;
168 state=s->state;
169 171
170 switch (s->state) 172 switch (s->state) {
171 {
172 case SSL_ST_BEFORE: 173 case SSL_ST_BEFORE:
173 case SSL_ST_CONNECT: 174 case SSL_ST_CONNECT:
174 case SSL_ST_BEFORE|SSL_ST_CONNECT: 175 case SSL_ST_BEFORE|SSL_ST_CONNECT:
175 case SSL_ST_OK|SSL_ST_CONNECT: 176 case SSL_ST_OK|SSL_ST_CONNECT:
176 177
177 s->server=0; 178 s->server = 0;
178 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 179 if (cb != NULL)
180 cb(s, SSL_CB_HANDSHAKE_START, 1);
179 181
180 s->version=SSL2_VERSION; 182 s->version = SSL2_VERSION;
181 s->type=SSL_ST_CONNECT; 183 s->type = SSL_ST_CONNECT;
182 184
183 buf=s->init_buf; 185 buf = s->init_buf;
184 if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) 186 if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
185 { 187 ret = -1;
186 ret= -1;
187 goto end; 188 goto end;
188 } 189 }
189 if (!BUF_MEM_grow(buf, 190 if (!BUF_MEM_grow(buf,
190 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) 191 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
191 {
192 if (buf == s->init_buf) 192 if (buf == s->init_buf)
193 buf=NULL; 193 buf = NULL;
194 ret= -1; 194 ret = -1;
195 goto end; 195 goto end;
196 } 196 }
197 s->init_buf=buf; 197 s->init_buf = buf;
198 buf=NULL; 198 buf = NULL;
199 s->init_num=0; 199 s->init_num = 0;
200 s->state=SSL2_ST_SEND_CLIENT_HELLO_A; 200 s->state = SSL2_ST_SEND_CLIENT_HELLO_A;
201 s->ctx->stats.sess_connect++; 201 s->ctx->stats.sess_connect++;
202 s->handshake_func=ssl2_connect; 202 s->handshake_func = ssl2_connect;
203 BREAK; 203 BREAK;
204 204
205 case SSL2_ST_SEND_CLIENT_HELLO_A: 205 case SSL2_ST_SEND_CLIENT_HELLO_A:
206 case SSL2_ST_SEND_CLIENT_HELLO_B: 206 case SSL2_ST_SEND_CLIENT_HELLO_B:
207 s->shutdown=0; 207 s->shutdown = 0;
208 ret=client_hello(s); 208 ret = client_hello(s);
209 if (ret <= 0) goto end; 209 if (ret <= 0)
210 s->init_num=0; 210 goto end;
211 s->state=SSL2_ST_GET_SERVER_HELLO_A; 211 s->init_num = 0;
212 s->state = SSL2_ST_GET_SERVER_HELLO_A;
212 BREAK; 213 BREAK;
213 214
214 case SSL2_ST_GET_SERVER_HELLO_A: 215 case SSL2_ST_GET_SERVER_HELLO_A:
215 case SSL2_ST_GET_SERVER_HELLO_B: 216 case SSL2_ST_GET_SERVER_HELLO_B:
216 ret=get_server_hello(s); 217 ret = get_server_hello(s);
217 if (ret <= 0) goto end; 218 if (ret <= 0)
218 s->init_num=0; 219 goto end;
220 s->init_num = 0;
219 if (!s->hit) /* new session */ 221 if (!s->hit) /* new session */
220 { 222 {
221 s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_A; 223 s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
222 BREAK; 224 BREAK;
223 } 225
224 else 226 } else {
225 { 227 s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
226 s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
227 break; 228 break;
228 } 229 }
229 230
230 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: 231 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
231 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: 232 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
232 ret=client_master_key(s); 233 ret = client_master_key(s);
233 if (ret <= 0) goto end; 234 if (ret <= 0)
234 s->init_num=0; 235 goto end;
235 s->state=SSL2_ST_CLIENT_START_ENCRYPTION; 236 s->init_num = 0;
237 s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
236 break; 238 break;
237 239
238 case SSL2_ST_CLIENT_START_ENCRYPTION: 240 case SSL2_ST_CLIENT_START_ENCRYPTION:
239 /* Ok, we now have all the stuff needed to 241 /* Ok, we now have all the stuff needed to
240 * start encrypting, so lets fire it up :-) */ 242 * start encrypting, so lets fire it up :-) */
241 if (!ssl2_enc_init(s,1)) 243 if (!ssl2_enc_init(s, 1)) {
242 { 244 ret = -1;
243 ret= -1;
244 goto end; 245 goto end;
245 } 246 }
246 s->s2->clear_text=0; 247 s->s2->clear_text = 0;
247 s->state=SSL2_ST_SEND_CLIENT_FINISHED_A; 248 s->state = SSL2_ST_SEND_CLIENT_FINISHED_A;
248 break; 249 break;
249 250
250 case SSL2_ST_SEND_CLIENT_FINISHED_A: 251 case SSL2_ST_SEND_CLIENT_FINISHED_A:
251 case SSL2_ST_SEND_CLIENT_FINISHED_B: 252 case SSL2_ST_SEND_CLIENT_FINISHED_B:
252 ret=client_finished(s); 253 ret = client_finished(s);
253 if (ret <= 0) goto end; 254 if (ret <= 0)
254 s->init_num=0; 255 goto end;
255 s->state=SSL2_ST_GET_SERVER_VERIFY_A; 256 s->init_num = 0;
257 s->state = SSL2_ST_GET_SERVER_VERIFY_A;
256 break; 258 break;
257 259
258 case SSL2_ST_GET_SERVER_VERIFY_A: 260 case SSL2_ST_GET_SERVER_VERIFY_A:
259 case SSL2_ST_GET_SERVER_VERIFY_B: 261 case SSL2_ST_GET_SERVER_VERIFY_B:
260 ret=get_server_verify(s); 262 ret = get_server_verify(s);
261 if (ret <= 0) goto end; 263 if (ret <= 0)
262 s->init_num=0; 264 goto end;
263 s->state=SSL2_ST_GET_SERVER_FINISHED_A; 265 s->init_num = 0;
266 s->state = SSL2_ST_GET_SERVER_FINISHED_A;
264 break; 267 break;
265 268
266 case SSL2_ST_GET_SERVER_FINISHED_A: 269 case SSL2_ST_GET_SERVER_FINISHED_A:
267 case SSL2_ST_GET_SERVER_FINISHED_B: 270 case SSL2_ST_GET_SERVER_FINISHED_B:
268 ret=get_server_finished(s); 271 ret = get_server_finished(s);
269 if (ret <= 0) goto end; 272 if (ret <= 0)
273 goto end;
270 break; 274 break;
271 275
272 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: 276 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
@@ -274,20 +278,20 @@ int ssl2_connect(SSL *s)
274 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: 278 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
275 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: 279 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
276 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: 280 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
277 ret=client_certificate(s); 281 ret = client_certificate(s);
278 if (ret <= 0) goto end; 282 if (ret <= 0)
279 s->init_num=0; 283 goto end;
280 s->state=SSL2_ST_GET_SERVER_FINISHED_A; 284 s->init_num = 0;
285 s->state = SSL2_ST_GET_SERVER_FINISHED_A;
281 break; 286 break;
282 287
283 case SSL_ST_OK: 288 case SSL_ST_OK:
284 if (s->init_buf != NULL) 289 if (s->init_buf != NULL) {
285 {
286 BUF_MEM_free(s->init_buf); 290 BUF_MEM_free(s->init_buf);
287 s->init_buf=NULL; 291 s->init_buf = NULL;
288 } 292 }
289 s->init_num=0; 293 s->init_num = 0;
290 /* ERR_clear_error();*/ 294 /* ERR_clear_error();*/
291 295
292 /* If we want to cache session-ids in the client 296 /* If we want to cache session-ids in the client
293 * and we successfully add the session-id to the 297 * and we successfully add the session-id to the
@@ -295,133 +299,129 @@ int ssl2_connect(SSL *s)
295 * 26/11/96 - eay - only add if not a re-used session. 299 * 26/11/96 - eay - only add if not a re-used session.
296 */ 300 */
297 301
298 ssl_update_cache(s,SSL_SESS_CACHE_CLIENT); 302 ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
299 if (s->hit) s->ctx->stats.sess_hit++; 303 if (s->hit)
304 s->ctx->stats.sess_hit++;
300 305
301 ret=1; 306 ret = 1;
302 /* s->server=0; */ 307 /* s->server=0; */
303 s->ctx->stats.sess_connect_good++; 308 s->ctx->stats.sess_connect_good++;
304 309
305 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); 310 if (cb != NULL)
311 cb(s, SSL_CB_HANDSHAKE_DONE, 1);
306 312
307 goto end; 313 goto end;
308 /* break; */ 314 /* break; */
309 default: 315 default:
310 SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE); 316 SSLerr(SSL_F_SSL2_CONNECT, SSL_R_UNKNOWN_STATE);
311 return(-1); 317 return (-1);
312 /* break; */ 318 /* break; */
313 } 319 }
314 320
315 if ((cb != NULL) && (s->state != state)) 321 if ((cb != NULL) && (s->state != state)) {
316 { 322 new_state = s->state;
317 new_state=s->state; 323 s->state = state;
318 s->state=state; 324 cb(s, SSL_CB_CONNECT_LOOP, 1);
319 cb(s,SSL_CB_CONNECT_LOOP,1); 325 s->state = new_state;
320 s->state=new_state;
321 }
322 } 326 }
327 }
323end: 328end:
324 s->in_handshake--; 329 s->in_handshake--;
325 if (buf != NULL) 330 if (buf != NULL)
326 BUF_MEM_free(buf); 331 BUF_MEM_free(buf);
327 if (cb != NULL) 332 if (cb != NULL)
328 cb(s,SSL_CB_CONNECT_EXIT,ret); 333 cb(s, SSL_CB_CONNECT_EXIT, ret);
329 return(ret); 334 return (ret);
330 } 335}
331 336
332static int get_server_hello(SSL *s) 337static int
333 { 338get_server_hello(SSL *s)
339{
334 unsigned char *buf; 340 unsigned char *buf;
335 unsigned char *p; 341 unsigned char *p;
336 int i,j; 342 int i, j;
337 unsigned long len; 343 unsigned long len;
338 STACK_OF(SSL_CIPHER) *sk=NULL,*cl, *prio, *allow; 344 STACK_OF(SSL_CIPHER) *sk = NULL, *cl, *prio, *allow;
339 345
340 buf=(unsigned char *)s->init_buf->data; 346 buf = (unsigned char *)s->init_buf->data;
341 p=buf; 347 p = buf;
342 if (s->state == SSL2_ST_GET_SERVER_HELLO_A) 348 if (s->state == SSL2_ST_GET_SERVER_HELLO_A) {
343 { 349 i = ssl2_read(s,(char *)&(buf[s->init_num]), 11 - s->init_num);
344 i=ssl2_read(s,(char *)&(buf[s->init_num]),11-s->init_num); 350 if (i < (11 - s->init_num))
345 if (i < (11-s->init_num)) 351 return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
346 return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
347 s->init_num = 11; 352 s->init_num = 11;
348 353
349 if (*(p++) != SSL2_MT_SERVER_HELLO) 354 if (*(p++) != SSL2_MT_SERVER_HELLO) {
350 { 355 if (p[-1] != SSL2_MT_ERROR) {
351 if (p[-1] != SSL2_MT_ERROR) 356 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
352 {
353 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
354 SSLerr(SSL_F_GET_SERVER_HELLO, 357 SSLerr(SSL_F_GET_SERVER_HELLO,
355 SSL_R_READ_WRONG_PACKET_TYPE); 358 SSL_R_READ_WRONG_PACKET_TYPE);
356 } 359 } else
357 else
358 SSLerr(SSL_F_GET_SERVER_HELLO, 360 SSLerr(SSL_F_GET_SERVER_HELLO,
359 SSL_R_PEER_ERROR); 361 SSL_R_PEER_ERROR);
360 return(-1); 362 return (-1);
361 } 363 }
362#if 0 364#if 0
363 s->hit=(*(p++))?1:0; 365 s->hit = (*(p++)) ? 1 : 0;
364 /* Some [PPC?] compilers fail to increment p in above 366 /* Some [PPC?] compilers fail to increment p in above
365 statement, e.g. one provided with Rhapsody 5.5, but 367 statement, e.g. one provided with Rhapsody 5.5, but
366 most recent example XL C 11.1 for AIX, even without 368 most recent example XL C 11.1 for AIX, even without
367 optimization flag... */ 369 optimization flag... */
368#else 370#else
369 s->hit=(*p)?1:0; p++; 371 s->hit = (*p) ? 1 : 0;
372 p++;
370#endif 373#endif
371 s->s2->tmp.cert_type= *(p++); 374 s->s2->tmp.cert_type= *(p++);
372 n2s(p,i); 375 n2s(p, i);
373 if (i < s->version) s->version=i; 376 if (i < s->version)
374 n2s(p,i); s->s2->tmp.cert_length=i; 377 s->version = i;
375 n2s(p,i); s->s2->tmp.csl=i; 378 n2s(p, i);
376 n2s(p,i); s->s2->tmp.conn_id_length=i; 379 s->s2->tmp.cert_length = i;
377 s->state=SSL2_ST_GET_SERVER_HELLO_B; 380 n2s(p, i);
378 } 381 s->s2->tmp.csl = i;
382 n2s(p, i);
383 s->s2->tmp.conn_id_length = i;
384 s->state = SSL2_ST_GET_SERVER_HELLO_B;
385 }
379 386
380 /* SSL2_ST_GET_SERVER_HELLO_B */ 387 /* SSL2_ST_GET_SERVER_HELLO_B */
381 len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length; 388 len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length;
382 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 389 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
383 { 390 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_MESSAGE_TOO_LONG);
384 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_MESSAGE_TOO_LONG);
385 return -1; 391 return -1;
386 } 392 }
387 j = (int)len - s->init_num; 393 j = (int)len - s->init_num;
388 i = ssl2_read(s,(char *)&(buf[s->init_num]),j); 394 i = ssl2_read(s,(char *)&(buf[s->init_num]), j);
389 if (i != j) return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i)); 395 if (i != j)
396 return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
390 if (s->msg_callback) 397 if (s->msg_callback)
391 s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */ 398 s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */
392 399
393 /* things are looking good */ 400 /* things are looking good */
394 401
395 p = buf + 11; 402 p = buf + 11;
396 if (s->hit) 403 if (s->hit) {
397 { 404 if (s->s2->tmp.cert_length != 0) {
398 if (s->s2->tmp.cert_length != 0) 405 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
399 { 406 return (-1);
400 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_LENGTH_NOT_ZERO); 407 }
401 return(-1); 408 if (s->s2->tmp.cert_type != 0) {
402 }
403 if (s->s2->tmp.cert_type != 0)
404 {
405 if (!(s->options & 409 if (!(s->options &
406 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) 410 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) {
407 { 411 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
408 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO); 412 return (-1);
409 return(-1);
410 }
411 }
412 if (s->s2->tmp.csl != 0)
413 {
414 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
415 return(-1);
416 } 413 }
417 } 414 }
418 else 415 if (s->s2->tmp.csl != 0) {
419 { 416 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
417 return (-1);
418 }
419 } else {
420#ifdef undef 420#ifdef undef
421 /* very bad */ 421 /* very bad */
422 memset(s->session->session_id,0, 422 memset(s->session->session_id, 0,
423 SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES); 423 SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
424 s->session->session_id_length=0; 424 s->session->session_id_length = 0;
425 */ 425 */
426#endif 426#endif
427 427
@@ -429,372 +429,351 @@ static int get_server_hello(SSL *s)
429 * client session but others are already reusing it. 429 * client session but others are already reusing it.
430 * If this was a new 'blank' session ID, the session-id 430 * If this was a new 'blank' session ID, the session-id
431 * length will still be 0 */ 431 * length will still be 0 */
432 if (s->session->session_id_length > 0) 432 if (s->session->session_id_length > 0) {
433 { 433 if (!ssl_get_new_session(s, 0)) {
434 if (!ssl_get_new_session(s,0)) 434 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
435 { 435 return (-1);
436 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
437 return(-1);
438 }
439 } 436 }
437 }
440 438
441 if (ssl2_set_certificate(s,s->s2->tmp.cert_type, 439 if (ssl2_set_certificate(s, s->s2->tmp.cert_type,
442 s->s2->tmp.cert_length,p) <= 0) 440 s->s2->tmp.cert_length, p) <= 0) {
443 { 441 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
444 ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); 442 return (-1);
445 return(-1); 443 }
446 } 444 p += s->s2->tmp.cert_length;
447 p+=s->s2->tmp.cert_length;
448 445
449 if (s->s2->tmp.csl == 0) 446 if (s->s2->tmp.csl == 0) {
450 { 447 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
451 ssl2_return_error(s,SSL2_PE_NO_CIPHER); 448 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_LIST);
452 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_LIST); 449 return (-1);
453 return(-1); 450 }
454 }
455 451
456 /* We have just received a list of ciphers back from the 452 /* We have just received a list of ciphers back from the
457 * server. We need to get the ones that match, then select 453 * server. We need to get the ones that match, then select
458 * the one we want the most :-). */ 454 * the one we want the most :-). */
459 455
460 /* load the ciphers */ 456 /* load the ciphers */
461 sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl, 457 sk = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.csl,
462 &s->session->ciphers); 458 &s->session->ciphers);
463 p+=s->s2->tmp.csl; 459 p += s->s2->tmp.csl;
464 if (sk == NULL) 460 if (sk == NULL) {
465 { 461 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
466 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 462 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
467 SSLerr(SSL_F_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE); 463 return (-1);
468 return(-1); 464 }
469 }
470 465
471 (void)sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp); 466 (void)sk_SSL_CIPHER_set_cmp_func(sk, ssl_cipher_ptr_id_cmp);
472 467
473 /* get the array of ciphers we will accept */ 468 /* get the array of ciphers we will accept */
474 cl=SSL_get_ciphers(s); 469 cl = SSL_get_ciphers(s);
475 (void)sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp); 470 (void)sk_SSL_CIPHER_set_cmp_func(cl, ssl_cipher_ptr_id_cmp);
476 471
477 /* 472 /*
478 * If server preference flag set, choose the first 473 * If server preference flag set, choose the first
479 * (highest priority) cipher the server sends, otherwise 474 * (highest priority) cipher the server sends, otherwise
480 * client preference has priority. 475 * client preference has priority.
481 */ 476 */
482 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) 477 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
483 { 478 prio = sk;
484 prio = sk; 479 allow = cl;
485 allow = cl; 480 } else {
486 } 481 prio = cl;
487 else 482 allow = sk;
488 { 483 }
489 prio = cl;
490 allow = sk;
491 }
492 /* In theory we could have ciphers sent back that we 484 /* In theory we could have ciphers sent back that we
493 * don't want to use but that does not matter since we 485 * don't want to use but that does not matter since we
494 * will check against the list we originally sent and 486 * will check against the list we originally sent and
495 * for performance reasons we should not bother to match 487 * for performance reasons we should not bother to match
496 * the two lists up just to check. */ 488 * the two lists up just to check. */
497 for (i=0; i<sk_SSL_CIPHER_num(prio); i++) 489 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
498 {
499 if (sk_SSL_CIPHER_find(allow, 490 if (sk_SSL_CIPHER_find(allow,
500 sk_SSL_CIPHER_value(prio,i)) >= 0) 491 sk_SSL_CIPHER_value(prio, i)) >= 0)
501 break; 492 break;
502 } 493 }
503 494
504 if (i >= sk_SSL_CIPHER_num(prio)) 495 if (i >= sk_SSL_CIPHER_num(prio)) {
505 { 496 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
506 ssl2_return_error(s,SSL2_PE_NO_CIPHER); 497 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_MATCH);
507 SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH); 498 return (-1);
508 return(-1); 499 }
509 } 500 s->session->cipher = sk_SSL_CIPHER_value(prio, i);
510 s->session->cipher=sk_SSL_CIPHER_value(prio,i);
511 501
512 502
513 if (s->session->peer != NULL) /* can't happen*/ 503 if (s->session->peer != NULL) /* can't happen*/
514 { 504 {
515 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 505 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
516 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR); 506 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
517 return(-1); 507 return (-1);
518 } 508 }
519 509
520 s->session->peer = s->session->sess_cert->peer_key->x509; 510 s->session->peer = s->session->sess_cert->peer_key->x509;
521 /* peer_key->x509 has been set by ssl2_set_certificate. */ 511 /* peer_key->x509 has been set by ssl2_set_certificate. */
522 CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509); 512 CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
523 } 513 }
524 514
525 if (s->session->sess_cert == NULL 515 if (s->session->sess_cert == NULL
526 || s->session->peer != s->session->sess_cert->peer_key->x509) 516 || s->session->peer != s->session->sess_cert->peer_key->x509)
527 /* can't happen */ 517 /* can't happen */
528 { 518 {
529 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 519 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
530 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR); 520 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
531 return(-1); 521 return (-1);
532 } 522 }
533 523
534 s->s2->conn_id_length=s->s2->tmp.conn_id_length; 524 s->s2->conn_id_length = s->s2->tmp.conn_id_length;
535 if (s->s2->conn_id_length > sizeof s->s2->conn_id) 525 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
536 {
537 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 526 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
538 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG); 527 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
539 return -1; 528 return -1;
540 }
541 memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
542 return(1);
543 } 529 }
530 memcpy(s->s2->conn_id, p, s->s2->tmp.conn_id_length);
531 return (1);
532}
544 533
545static int client_hello(SSL *s) 534static int
546 { 535client_hello(SSL *s)
536{
547 unsigned char *buf; 537 unsigned char *buf;
548 unsigned char *p,*d; 538 unsigned char *p, *d;
549/* CIPHER **cipher;*/ 539/* CIPHER **cipher;*/
550 int i,n,j; 540 int i, n, j;
551 541
552 buf=(unsigned char *)s->init_buf->data; 542 buf = (unsigned char *)s->init_buf->data;
553 if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) 543 if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) {
554 {
555 if ((s->session == NULL) || 544 if ((s->session == NULL) ||
556 (s->session->ssl_version != s->version)) 545 (s->session->ssl_version != s->version)) {
557 { 546 if (!ssl_get_new_session(s, 0)) {
558 if (!ssl_get_new_session(s,0)) 547 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
559 { 548 return (-1);
560 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
561 return(-1);
562 }
563 } 549 }
550 }
564 /* else use the pre-loaded session */ 551 /* else use the pre-loaded session */
565 552
566 p=buf; /* header */ 553 p = buf;
567 d=p+9; /* data section */ 554 /* header */
568 *(p++)=SSL2_MT_CLIENT_HELLO; /* type */ 555 d = p + 9;
569 s2n(SSL2_VERSION,p); /* version */ 556 /* data section */
570 n=j=0; 557 *(p++) = SSL2_MT_CLIENT_HELLO;
571 558 /* type */
572 n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d,0); 559 s2n(SSL2_VERSION, p);
573 d+=n; 560 /* version */
574 561 n = j=0;
575 if (n == 0) 562
576 { 563 n = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), d, 0);
577 SSLerr(SSL_F_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); 564 d += n;
578 return(-1); 565
579 } 566 if (n == 0) {
567 SSLerr(SSL_F_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
568 return (-1);
569 }
580 570
581 s2n(n,p); /* cipher spec num bytes */ 571 s2n(n, p);
572 /* cipher spec num bytes */
582 573
583 if ((s->session->session_id_length > 0) && 574 if ((s->session->session_id_length > 0) &&
584 (s->session->session_id_length <= 575 (s->session->session_id_length <=
585 SSL2_MAX_SSL_SESSION_ID_LENGTH)) 576 SSL2_MAX_SSL_SESSION_ID_LENGTH)) {
586 { 577 i = s->session->session_id_length;
587 i=s->session->session_id_length; 578 s2n(i, p);
588 s2n(i,p); /* session id length */ 579 /* session id length */
589 memcpy(d,s->session->session_id,(unsigned int)i); 580 memcpy(d, s->session->session_id,(unsigned int)i);
590 d+=i; 581 d += i;
591 } 582 } else {
592 else 583 s2n(0, p);
593 { 584 }
594 s2n(0,p);
595 }
596 585
597 s->s2->challenge_length=SSL2_CHALLENGE_LENGTH; 586 s->s2->challenge_length = SSL2_CHALLENGE_LENGTH;
598 s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */ 587 s2n(SSL2_CHALLENGE_LENGTH, p);
588 /* challenge length */
599 /*challenge id data*/ 589 /*challenge id data*/
600 if (RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0) 590 if (RAND_pseudo_bytes(s->s2->challenge, SSL2_CHALLENGE_LENGTH) <= 0)
601 return -1; 591 return -1;
602 memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH); 592 memcpy(d, s->s2->challenge, SSL2_CHALLENGE_LENGTH);
603 d+=SSL2_CHALLENGE_LENGTH; 593 d += SSL2_CHALLENGE_LENGTH;
604 594
605 s->state=SSL2_ST_SEND_CLIENT_HELLO_B; 595 s->state = SSL2_ST_SEND_CLIENT_HELLO_B;
606 s->init_num=d-buf; 596 s->init_num = d - buf;
607 s->init_off=0; 597 s->init_off = 0;
608 }
609 /* SSL2_ST_SEND_CLIENT_HELLO_B */
610 return(ssl2_do_write(s));
611 } 598 }
599 /* SSL2_ST_SEND_CLIENT_HELLO_B */
600 return (ssl2_do_write(s));
601}
612 602
613static int client_master_key(SSL *s) 603static int
614 { 604client_master_key(SSL *s)
605{
615 unsigned char *buf; 606 unsigned char *buf;
616 unsigned char *p,*d; 607 unsigned char *p, *d;
617 int clear,enc,karg,i; 608 int clear, enc, karg, i;
618 SSL_SESSION *sess; 609 SSL_SESSION *sess;
619 const EVP_CIPHER *c; 610 const EVP_CIPHER *c;
620 const EVP_MD *md; 611 const EVP_MD *md;
621 612
622 buf=(unsigned char *)s->init_buf->data; 613 buf = (unsigned char *)s->init_buf->data;
623 if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) 614 if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) {
624 {
625 615
626 if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL)) 616 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
627 { 617 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
628 ssl2_return_error(s,SSL2_PE_NO_CIPHER); 618 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
629 SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); 619 return (-1);
630 return(-1); 620 }
631 } 621 sess = s->session;
632 sess=s->session; 622 p = buf;
633 p=buf; 623 d = p + 10;
634 d=p+10;
635 *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */ 624 *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
636 625
637 i=ssl_put_cipher_by_char(s,sess->cipher,p); 626 i = ssl_put_cipher_by_char(s, sess->cipher, p);
638 p+=i; 627 p += i;
639 628
640 /* make key_arg data */ 629 /* make key_arg data */
641 i=EVP_CIPHER_iv_length(c); 630 i = EVP_CIPHER_iv_length(c);
642 sess->key_arg_length=i; 631 sess->key_arg_length = i;
643 if (i > SSL_MAX_KEY_ARG_LENGTH) 632 if (i > SSL_MAX_KEY_ARG_LENGTH) {
644 {
645 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 633 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
646 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 634 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
647 return -1; 635 return -1;
648 } 636 }
649 if (i > 0) 637 if (i > 0)
650 if (RAND_pseudo_bytes(sess->key_arg,i) <= 0) 638 if (RAND_pseudo_bytes(sess->key_arg, i) <= 0)
651 return -1; 639 return -1;
652 640
653 /* make a master key */ 641 /* make a master key */
654 i=EVP_CIPHER_key_length(c); 642 i = EVP_CIPHER_key_length(c);
655 sess->master_key_length=i; 643 sess->master_key_length = i;
656 if (i > 0) 644 if (i > 0) {
657 { 645 if (i > (int)sizeof(sess->master_key)) {
658 if (i > (int)sizeof(sess->master_key))
659 {
660 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); 646 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
661 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 647 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
662 return -1; 648 return -1;
663 }
664 if (RAND_bytes(sess->master_key,i) <= 0)
665 {
666 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
667 return(-1);
668 }
669 } 649 }
650 if (RAND_bytes(sess->master_key, i) <= 0) {
651 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
652 return (-1);
653 }
654 }
670 655
671 if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) 656 if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
672 enc=8; 657 enc = 8;
673 else if (SSL_C_IS_EXPORT(sess->cipher)) 658 else if (SSL_C_IS_EXPORT(sess->cipher))
674 enc=5; 659 enc = 5;
675 else 660 else
676 enc=i; 661 enc = i;
677 662
678 if ((int)i < enc) 663 if ((int)i < enc) {
679 { 664 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
680 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 665 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_CIPHER_TABLE_SRC_ERROR);
681 SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR); 666 return (-1);
682 return(-1); 667 }
683 } 668 clear = i - enc;
684 clear=i-enc; 669 s2n(clear, p);
685 s2n(clear,p); 670 memcpy(d, sess->master_key,(unsigned int)clear);
686 memcpy(d,sess->master_key,(unsigned int)clear); 671 d += clear;
687 d+=clear; 672
688 673 enc = ssl_rsa_public_encrypt(sess->sess_cert, enc,
689 enc=ssl_rsa_public_encrypt(sess->sess_cert,enc, 674 &(sess->master_key[clear]), d,
690 &(sess->master_key[clear]),d, 675 (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
691 (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); 676 RSA_PKCS1_PADDING);
692 if (enc <= 0) 677 if (enc <= 0) {
693 { 678 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
694 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 679 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
695 SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR); 680 return (-1);
696 return(-1); 681 }
697 }
698#ifdef PKCS1_CHECK 682#ifdef PKCS1_CHECK
699 if (s->options & SSL_OP_PKCS1_CHECK_1) d[1]++; 683 if (s->options & SSL_OP_PKCS1_CHECK_1)
684 d[1]++;
700 if (s->options & SSL_OP_PKCS1_CHECK_2) 685 if (s->options & SSL_OP_PKCS1_CHECK_2)
701 sess->master_key[clear]++; 686 sess->master_key[clear]++;
702#endif 687#endif
703 s2n(enc,p); 688 s2n(enc, p);
704 d+=enc; 689 d += enc;
705 karg=sess->key_arg_length; 690 karg = sess->key_arg_length;
691
706 s2n(karg,p); /* key arg size */ 692 s2n(karg,p); /* key arg size */
707 if (karg > (int)sizeof(sess->key_arg)) 693 if (karg > (int)sizeof(sess->key_arg)) {
708 { 694 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
709 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
710 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 695 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
711 return -1; 696 return -1;
712 }
713 memcpy(d,sess->key_arg,(unsigned int)karg);
714 d+=karg;
715
716 s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
717 s->init_num=d-buf;
718 s->init_off=0;
719 } 697 }
698 memcpy(d, sess->key_arg,(unsigned int)karg);
699 d += karg;
720 700
721 /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */ 701 s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
722 return(ssl2_do_write(s)); 702 s->init_num = d - buf;
703 s->init_off = 0;
723 } 704 }
724 705
725static int client_finished(SSL *s) 706 /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
726 { 707 return (ssl2_do_write(s));
708}
709
710static int
711client_finished(SSL *s)
712{
727 unsigned char *p; 713 unsigned char *p;
728 714
729 if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) 715 if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
730 { 716 p = (unsigned char *)s->init_buf->data;
731 p=(unsigned char *)s->init_buf->data; 717 *(p++) = SSL2_MT_CLIENT_FINISHED;
732 *(p++)=SSL2_MT_CLIENT_FINISHED; 718 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
733 if (s->s2->conn_id_length > sizeof s->s2->conn_id)
734 {
735 SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); 719 SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
736 return -1; 720 return -1;
737 }
738 memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
739
740 s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
741 s->init_num=s->s2->conn_id_length+1;
742 s->init_off=0;
743 } 721 }
744 return(ssl2_do_write(s)); 722 memcpy(p, s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
723
724 s->state = SSL2_ST_SEND_CLIENT_FINISHED_B;
725 s->init_num = s->s2->conn_id_length + 1;
726 s->init_off = 0;
745 } 727 }
728 return (ssl2_do_write(s));
729}
746 730
747/* read the data and then respond */ 731/* read the data and then respond */
748static int client_certificate(SSL *s) 732static int
749 { 733client_certificate(SSL *s)
734{
750 unsigned char *buf; 735 unsigned char *buf;
751 unsigned char *p,*d; 736 unsigned char *p, *d;
752 int i; 737 int i;
753 unsigned int n; 738 unsigned int n;
754 int cert_ch_len; 739 int cert_ch_len;
755 unsigned char *cert_ch; 740 unsigned char *cert_ch;
756 741
757 buf=(unsigned char *)s->init_buf->data; 742 buf = (unsigned char *)s->init_buf->data;
758 743
759 /* We have a cert associated with the SSL, so attach it to 744 /* We have a cert associated with the SSL, so attach it to
760 * the session if it does not have one */ 745 * the session if it does not have one */
761 746
762 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) 747 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) {
763 { 748 i = ssl2_read(s,(char *)&(buf[s->init_num]),
764 i=ssl2_read(s,(char *)&(buf[s->init_num]), 749 SSL2_MAX_CERT_CHALLENGE_LENGTH + 2 - s->init_num);
765 SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num); 750 if (i < (SSL2_MIN_CERT_CHALLENGE_LENGTH + 2 - s->init_num))
766 if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num)) 751 return (ssl2_part_read(s, SSL_F_CLIENT_CERTIFICATE, i));
767 return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
768 s->init_num += i; 752 s->init_num += i;
769 if (s->msg_callback) 753 if (s->msg_callback)
770 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */ 754 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */
771 755
772 /* type=buf[0]; */ 756 /* type=buf[0]; */
773 /* type eq x509 */ 757 /* type eq x509 */
774 if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) 758 if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
775 { 759 ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
776 ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); 760 SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_AUTHENTICATION_TYPE);
777 SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_AUTHENTICATION_TYPE); 761 return (-1);
778 return(-1);
779 }
780
781 if ((s->cert == NULL) ||
782 (s->cert->key->x509 == NULL) ||
783 (s->cert->key->privatekey == NULL))
784 {
785 s->state=SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
786 }
787 else
788 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
789 } 762 }
790 763
764 if ((s->cert == NULL) || (s->cert->key->x509 == NULL) ||
765 (s->cert->key->privatekey == NULL)) {
766 s->state = SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
767 } else
768 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
769 }
770
791 cert_ch = buf + 2; 771 cert_ch = buf + 2;
792 cert_ch_len = s->init_num - 2; 772 cert_ch_len = s->init_num - 2;
793 773
794 if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) 774 if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) {
795 { 775 X509 *x509 = NULL;
796 X509 *x509=NULL; 776 EVP_PKEY *pkey = NULL;
797 EVP_PKEY *pkey=NULL;
798 777
799 /* If we get an error we need to 778 /* If we get an error we need to
800 * ssl->rwstate=SSL_X509_LOOKUP; 779 * ssl->rwstate=SSL_X509_LOOKUP;
@@ -802,326 +781,298 @@ static int client_certificate(SSL *s)
802 * We should then be retried when things are ok and we 781 * We should then be retried when things are ok and we
803 * can get a cert or not */ 782 * can get a cert or not */
804 783
805 i=0; 784 i = 0;
806 if (s->ctx->client_cert_cb != NULL) 785 if (s->ctx->client_cert_cb != NULL) {
807 { 786 i = s->ctx->client_cert_cb(s, &(x509), &(pkey));
808 i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); 787 }
809 }
810 788
811 if (i < 0) 789 if (i < 0) {
812 { 790 s->rwstate = SSL_X509_LOOKUP;
813 s->rwstate=SSL_X509_LOOKUP; 791 return (-1);
814 return(-1); 792 }
815 } 793 s->rwstate = SSL_NOTHING;
816 s->rwstate=SSL_NOTHING;
817 794
818 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) 795 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
819 { 796 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
820 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C; 797 if (!SSL_use_certificate(s, x509) ||
821 if ( !SSL_use_certificate(s,x509) || 798 !SSL_use_PrivateKey(s, pkey)) {
822 !SSL_use_PrivateKey(s,pkey)) 799 i = 0;
823 { 800 }
824 i=0;
825 }
826 X509_free(x509); 801 X509_free(x509);
827 EVP_PKEY_free(pkey); 802 EVP_PKEY_free(pkey);
828 } 803 } else if (i == 1) {
829 else if (i == 1) 804 if (x509 != NULL)
830 { 805 X509_free(x509);
831 if (x509 != NULL) X509_free(x509); 806 if (pkey != NULL)
832 if (pkey != NULL) EVP_PKEY_free(pkey); 807 EVP_PKEY_free(pkey);
833 SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); 808 SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
834 i=0; 809 i = 0;
835 } 810 }
836 811
837 if (i == 0) 812 if (i == 0) {
838 {
839 /* We have no client certificate to respond with 813 /* We have no client certificate to respond with
840 * so send the correct error message back */ 814 * so send the correct error message back */
841 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_B; 815 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
842 p=buf; 816 p = buf;
843 *(p++)=SSL2_MT_ERROR; 817 *(p++) = SSL2_MT_ERROR;
844 s2n(SSL2_PE_NO_CERTIFICATE,p); 818 s2n(SSL2_PE_NO_CERTIFICATE, p);
845 s->init_off=0; 819 s->init_off = 0;
846 s->init_num=3; 820 s->init_num = 3;
847 /* Write is done at the end */ 821 /* Write is done at the end */
848 }
849 } 822 }
823 }
850 824
851 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) 825 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) {
852 { 826 return (ssl2_do_write(s));
853 return(ssl2_do_write(s)); 827 }
854 }
855 828
856 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) 829 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) {
857 {
858 EVP_MD_CTX ctx; 830 EVP_MD_CTX ctx;
859 831
860 /* ok, now we calculate the checksum 832 /* ok, now we calculate the checksum
861 * do it first so we can reuse buf :-) */ 833 * do it first so we can reuse buf :-) */
862 p=buf; 834 p = buf;
863 EVP_MD_CTX_init(&ctx); 835 EVP_MD_CTX_init(&ctx);
864 EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL); 836 EVP_SignInit_ex(&ctx, s->ctx->rsa_md5, NULL);
865 EVP_SignUpdate(&ctx,s->s2->key_material, 837 EVP_SignUpdate(&ctx, s->s2->key_material,
866 s->s2->key_material_length); 838 s->s2->key_material_length);
867 EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); 839 EVP_SignUpdate(&ctx, cert_ch,(unsigned int)cert_ch_len);
868 i=i2d_X509(s->session->sess_cert->peer_key->x509,&p); 840 i = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
869 /* Don't update the signature if it fails - FIXME: probably should handle this better */ 841 /* Don't update the signature if it fails - FIXME: probably should handle this better */
870 if(i > 0) 842 if (i > 0)
871 EVP_SignUpdate(&ctx,buf,(unsigned int)i); 843 EVP_SignUpdate(&ctx, buf,(unsigned int)i);
872 844
873 p=buf; 845 p = buf;
874 d=p+6; 846 d = p + 6;
875 *(p++)=SSL2_MT_CLIENT_CERTIFICATE; 847 *(p++) = SSL2_MT_CLIENT_CERTIFICATE;
876 *(p++)=SSL2_CT_X509_CERTIFICATE; 848 *(p++) = SSL2_CT_X509_CERTIFICATE;
877 n=i2d_X509(s->cert->key->x509,&d); 849 n = i2d_X509(s->cert->key->x509, &d);
878 s2n(n,p); 850 s2n(n, p);
879 851
880 if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey)) 852 if (!EVP_SignFinal(&ctx, d, &n, s->cert->key->privatekey)) {
881 {
882 /* this is not good. If things have failed it 853 /* this is not good. If things have failed it
883 * means there so something wrong with the key. 854 * means there so something wrong with the key.
884 * We will continue with a 0 length signature 855 * We will continue with a 0 length signature
885 */ 856 */
886 } 857 }
887 EVP_MD_CTX_cleanup(&ctx); 858 EVP_MD_CTX_cleanup(&ctx);
888 s2n(n,p); 859 s2n(n, p);
889 d+=n; 860 d += n;
890 861
891 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_D; 862 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
892 s->init_num=d-buf; 863 s->init_num = d - buf;
893 s->init_off=0; 864 s->init_off = 0;
894 }
895 /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
896 return(ssl2_do_write(s));
897 } 865 }
866 /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
867 return (ssl2_do_write(s));
868}
898 869
899static int get_server_verify(SSL *s) 870static int
900 { 871get_server_verify(SSL *s)
872{
901 unsigned char *p; 873 unsigned char *p;
902 int i, n, len; 874 int i, n, len;
903 875
904 p=(unsigned char *)s->init_buf->data; 876 p = (unsigned char *)s->init_buf->data;
905 if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) 877 if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) {
906 { 878 i = ssl2_read(s,(char *)&(p[s->init_num]), 1 - s->init_num);
907 i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); 879 if (i < (1 - s->init_num))
908 if (i < (1-s->init_num)) 880 return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
909 return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
910 s->init_num += i; 881 s->init_num += i;
911 882
912 s->state= SSL2_ST_GET_SERVER_VERIFY_B; 883 s->state = SSL2_ST_GET_SERVER_VERIFY_B;
913 if (*p != SSL2_MT_SERVER_VERIFY) 884 if (*p != SSL2_MT_SERVER_VERIFY) {
914 { 885 if (p[0] != SSL2_MT_ERROR) {
915 if (p[0] != SSL2_MT_ERROR) 886 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
916 {
917 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
918 SSLerr(SSL_F_GET_SERVER_VERIFY, 887 SSLerr(SSL_F_GET_SERVER_VERIFY,
919 SSL_R_READ_WRONG_PACKET_TYPE); 888 SSL_R_READ_WRONG_PACKET_TYPE);
920 } 889 } else {
921 else 890 SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_PEER_ERROR);
922 {
923 SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_PEER_ERROR);
924 /* try to read the error message */ 891 /* try to read the error message */
925 i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); 892 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
926 return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); 893 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
927 }
928 return(-1);
929 } 894 }
895 return (-1);
930 } 896 }
931 897 }
932 p=(unsigned char *)s->init_buf->data; 898
899 p = (unsigned char *)s->init_buf->data;
933 len = 1 + s->s2->challenge_length; 900 len = 1 + s->s2->challenge_length;
934 n = len - s->init_num; 901 n = len - s->init_num;
935 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 902 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
936 if (i < n) 903 if (i < n)
937 return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i)); 904 return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
938 if (s->msg_callback) 905 if (s->msg_callback)
939 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */ 906 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
940 p += 1; 907 p += 1;
941 908
942 if (CRYPTO_memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0) 909 if (CRYPTO_memcmp(p, s->s2->challenge, s->s2->challenge_length) != 0) {
943 { 910 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
944 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 911 SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_CHALLENGE_IS_DIFFERENT);
945 SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT); 912 return (-1);
946 return(-1);
947 }
948 return(1);
949 } 913 }
914 return (1);
915}
950 916
951static int get_server_finished(SSL *s) 917static int
952 { 918get_server_finished(SSL *s)
919{
953 unsigned char *buf; 920 unsigned char *buf;
954 unsigned char *p; 921 unsigned char *p;
955 int i, n, len; 922 int i, n, len;
956 923
957 buf=(unsigned char *)s->init_buf->data; 924 buf = (unsigned char *)s->init_buf->data;
958 p=buf; 925 p = buf;
959 if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) 926 if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) {
960 { 927 i = ssl2_read(s,(char *)&(buf[s->init_num]), 1 - s->init_num);
961 i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num); 928 if (i < (1 - s->init_num))
962 if (i < (1-s->init_num)) 929 return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
963 return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
964 s->init_num += i; 930 s->init_num += i;
965 931
966 if (*p == SSL2_MT_REQUEST_CERTIFICATE) 932 if (*p == SSL2_MT_REQUEST_CERTIFICATE) {
967 { 933 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
968 s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_A; 934 return (1);
969 return(1); 935 } else if (*p != SSL2_MT_SERVER_FINISHED) {
970 } 936 if (p[0] != SSL2_MT_ERROR) {
971 else if (*p != SSL2_MT_SERVER_FINISHED) 937 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
972 { 938 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_READ_WRONG_PACKET_TYPE);
973 if (p[0] != SSL2_MT_ERROR) 939 } else {
974 { 940 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_PEER_ERROR);
975 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
976 SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
977 }
978 else
979 {
980 SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR);
981 /* try to read the error message */ 941 /* try to read the error message */
982 i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); 942 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
983 return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); 943 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
984 }
985 return(-1);
986 } 944 }
987 s->state=SSL2_ST_GET_SERVER_FINISHED_B; 945 return (-1);
988 } 946 }
947 s->state = SSL2_ST_GET_SERVER_FINISHED_B;
948 }
989 949
990 len = 1 + SSL2_SSL_SESSION_ID_LENGTH; 950 len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
991 n = len - s->init_num; 951 n = len - s->init_num;
992 i = ssl2_read(s,(char *)&(buf[s->init_num]), n); 952 i = ssl2_read(s,(char *)&(buf[s->init_num]), n);
993 if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */ 953 if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */
994 return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i)); 954 return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
995 s->init_num += i; 955 s->init_num += i;
996 if (s->msg_callback) 956 if (s->msg_callback)
997 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */ 957 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */
998 958
999 if (!s->hit) /* new session */ 959 if (!s->hit) /* new session */
1000 { 960 {
1001 /* new session-id */ 961 /* new session-id */
1002 /* Make sure we were not trying to re-use an old SSL_SESSION 962 /* Make sure we were not trying to re-use an old SSL_SESSION
1003 * or bad things can happen */ 963 * or bad things can happen */
1004 /* ZZZZZZZZZZZZZ */ 964 /* ZZZZZZZZZZZZZ */
1005 s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; 965 s->session->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
1006 memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH); 966 memcpy(s->session->session_id, p + 1, SSL2_SSL_SESSION_ID_LENGTH);
1007 } 967 } else {
1008 else 968 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
1009 {
1010 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
1011 {
1012 if ((s->session->session_id_length > sizeof s->session->session_id) 969 if ((s->session->session_id_length > sizeof s->session->session_id)
1013 || (0 != memcmp(buf + 1, s->session->session_id, 970 || (0 != memcmp(buf + 1, s->session->session_id,
1014 (unsigned int)s->session->session_id_length))) 971 (unsigned int)s->session->session_id_length))) {
1015 { 972 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
1016 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 973 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
1017 SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT); 974 return (-1);
1018 return(-1);
1019 }
1020 } 975 }
1021 } 976 }
1022 s->state = SSL_ST_OK;
1023 return(1);
1024 } 977 }
978 s->state = SSL_ST_OK;
979 return (1);
980}
1025 981
1026/* loads in the certificate from the server */ 982/* loads in the certificate from the server */
1027int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data) 983int
1028 { 984ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
1029 STACK_OF(X509) *sk=NULL; 985{
1030 EVP_PKEY *pkey=NULL; 986 STACK_OF(X509) *sk = NULL;
1031 SESS_CERT *sc=NULL; 987 EVP_PKEY *pkey = NULL;
988 SESS_CERT *sc = NULL;
1032 int i; 989 int i;
1033 X509 *x509=NULL; 990 X509 *x509 = NULL;
1034 int ret=0; 991 int ret = 0;
1035 992
1036 x509=d2i_X509(NULL,&data,(long)len); 993 x509 = d2i_X509(NULL, &data,(long)len);
1037 if (x509 == NULL) 994 if (x509 == NULL) {
1038 { 995 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_X509_LIB);
1039 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_X509_LIB);
1040 goto err; 996 goto err;
1041 } 997 }
1042 998
1043 if ((sk=sk_X509_new_null()) == NULL || !sk_X509_push(sk,x509)) 999 if ((sk = sk_X509_new_null()) == NULL || !sk_X509_push(sk, x509)) {
1044 { 1000 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1045 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1046 goto err; 1001 goto err;
1047 } 1002 }
1048 1003
1049 i=ssl_verify_cert_chain(s,sk); 1004 i = ssl_verify_cert_chain(s, sk);
1050 1005
1051 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) 1006 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
1052 { 1007 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED);
1053 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
1054 goto err; 1008 goto err;
1055 } 1009 }
1056 ERR_clear_error(); /* but we keep s->verify_result */ 1010 ERR_clear_error(); /* but we keep s->verify_result */
1057 s->session->verify_result = s->verify_result; 1011 s->session->verify_result = s->verify_result;
1058 1012
1059 /* server's cert for this session */ 1013 /* server's cert for this session */
1060 sc=ssl_sess_cert_new(); 1014 sc = ssl_sess_cert_new();
1061 if (sc == NULL) 1015 if (sc == NULL) {
1062 { 1016 ret = -1;
1063 ret= -1;
1064 goto err; 1017 goto err;
1065 } 1018 }
1066 if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert); 1019 if (s->session->sess_cert)
1067 s->session->sess_cert=sc; 1020 ssl_sess_cert_free(s->session->sess_cert);
1021 s->session->sess_cert = sc;
1068 1022
1069 sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509=x509; 1023 sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509 = x509;
1070 sc->peer_key= &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]); 1024 sc->peer_key = &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
1071 1025
1072 pkey=X509_get_pubkey(x509); 1026 pkey = X509_get_pubkey(x509);
1073 x509=NULL; 1027 x509 = NULL;
1074 if (pkey == NULL) 1028 if (pkey == NULL) {
1075 { 1029 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
1076 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
1077 goto err; 1030 goto err;
1078 } 1031 }
1079 if (pkey->type != EVP_PKEY_RSA) 1032 if (pkey->type != EVP_PKEY_RSA) {
1080 { 1033 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_PUBLIC_KEY_NOT_RSA);
1081 SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_PUBLIC_KEY_NOT_RSA);
1082 goto err; 1034 goto err;
1083 } 1035 }
1084 1036
1085 if (!ssl_set_peer_cert_type(sc,SSL2_CT_X509_CERTIFICATE)) 1037 if (!ssl_set_peer_cert_type(sc, SSL2_CT_X509_CERTIFICATE))
1086 goto err; 1038 goto err;
1087 ret=1; 1039 ret = 1;
1088err: 1040err:
1089 sk_X509_free(sk); 1041 sk_X509_free(sk);
1090 X509_free(x509); 1042 X509_free(x509);
1091 EVP_PKEY_free(pkey); 1043 EVP_PKEY_free(pkey);
1092 return(ret); 1044 return (ret);
1093 } 1045}
1094 1046
1095static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, 1047static int
1096 unsigned char *to, int padding) 1048ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
1097 { 1049 unsigned char *to, int padding)
1098 EVP_PKEY *pkey=NULL; 1050{
1099 int i= -1; 1051 EVP_PKEY *pkey = NULL;
1052 int i = -1;
1100 1053
1101 if ((sc == NULL) || (sc->peer_key->x509 == NULL) || 1054 if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
1102 ((pkey=X509_get_pubkey(sc->peer_key->x509)) == NULL)) 1055 ((pkey = X509_get_pubkey(sc->peer_key->x509)) == NULL)) {
1103 { 1056 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_NO_PUBLICKEY);
1104 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY); 1057 return (-1);
1105 return(-1); 1058 }
1106 } 1059 if (pkey->type != EVP_PKEY_RSA) {
1107 if (pkey->type != EVP_PKEY_RSA) 1060 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1108 {
1109 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1110 goto end; 1061 goto end;
1111 } 1062 }
1112 1063
1113 /* we have the public key */ 1064 /* we have the public key */
1114 i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding); 1065 i = RSA_public_encrypt(len, from, to, pkey->pkey.rsa, padding);
1115 if (i < 0) 1066 if (i < 0)
1116 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB); 1067 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, ERR_R_RSA_LIB);
1117end: 1068end:
1118 EVP_PKEY_free(pkey); 1069 EVP_PKEY_free(pkey);
1119 return(i); 1070 return (i);
1120 } 1071}
1121#else /* !OPENSSL_NO_SSL2 */ 1072#else /* !OPENSSL_NO_SSL2 */
1122 1073
1123# if PEDANTIC 1074# if PEDANTIC
1124static void *dummy=&dummy; 1075static void *dummy = &dummy;
1125# endif 1076# endif
1126 1077
1127#endif 1078#endif
diff --git a/src/lib/libssl/src/ssl/s2_enc.c b/src/lib/libssl/src/ssl/s2_enc.c
index ff3395f459..8d2273f9ef 100644
--- a/src/lib/libssl/src/ssl/s2_enc.c
+++ b/src/lib/libssl/src/ssl/s2_enc.c
@@ -60,134 +60,131 @@
60#ifndef OPENSSL_NO_SSL2 60#ifndef OPENSSL_NO_SSL2
61#include <stdio.h> 61#include <stdio.h>
62 62
63int ssl2_enc_init(SSL *s, int client) 63int
64 { 64ssl2_enc_init(SSL *s, int client)
65{
65 /* Max number of bytes needed */ 66 /* Max number of bytes needed */
66 EVP_CIPHER_CTX *rs,*ws; 67 EVP_CIPHER_CTX *rs, *ws;
67 const EVP_CIPHER *c; 68 const EVP_CIPHER *c;
68 const EVP_MD *md; 69 const EVP_MD *md;
69 int num; 70 int num;
70 71
71 if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL)) 72 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
72 { 73 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
73 ssl2_return_error(s,SSL2_PE_NO_CIPHER); 74 SSLerr(SSL_F_SSL2_ENC_INIT, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
74 SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); 75 return (0);
75 return(0); 76 }
76 } 77 ssl_replace_hash(&s->read_hash, md);
77 ssl_replace_hash(&s->read_hash,md); 78 ssl_replace_hash(&s->write_hash, md);
78 ssl_replace_hash(&s->write_hash,md); 79
79 80 if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx =
80 if ((s->enc_read_ctx == NULL) && 81 (EVP_CIPHER_CTX *)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
81 ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
82 OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
83 goto err; 82 goto err;
84 83
85 /* make sure it's intialized in case the malloc for enc_write_ctx fails 84 /* make sure it's intialized in case the malloc for enc_write_ctx fails
86 * and we exit with an error */ 85 * and we exit with an error */
87 rs= s->enc_read_ctx; 86 rs = s->enc_read_ctx;
88 EVP_CIPHER_CTX_init(rs); 87 EVP_CIPHER_CTX_init(rs);
89 88
90 if ((s->enc_write_ctx == NULL) && 89 if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx =
91 ((s->enc_write_ctx=(EVP_CIPHER_CTX *) 90 (EVP_CIPHER_CTX *)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
92 OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
93 goto err; 91 goto err;
94 92
95 ws= s->enc_write_ctx; 93 ws = s->enc_write_ctx;
96 EVP_CIPHER_CTX_init(ws); 94 EVP_CIPHER_CTX_init(ws);
97 95
98 num=c->key_len; 96 num = c->key_len;
99 s->s2->key_material_length=num*2; 97 s->s2->key_material_length = num*2;
100 OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material); 98 OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
101 99
102 if (ssl2_generate_key_material(s) <= 0) 100 if (ssl2_generate_key_material(s) <= 0)
103 return 0; 101 return 0;
104 102
105 OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg)); 103 OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
106 EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]), 104 EVP_EncryptInit_ex(ws, c, NULL, &(s->s2->key_material[(client) ? num : 0]),
107 s->session->key_arg); 105 s->session->key_arg);
108 EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]), 106 EVP_DecryptInit_ex(rs, c, NULL, &(s->s2->key_material[(client) ? 0 : num]),
109 s->session->key_arg); 107 s->session->key_arg);
110 s->s2->read_key= &(s->s2->key_material[(client)?0:num]); 108 s->s2->read_key = &(s->s2->key_material[(client) ? 0 : num]);
111 s->s2->write_key= &(s->s2->key_material[(client)?num:0]); 109 s->s2->write_key = &(s->s2->key_material[(client) ? num : 0]);
112 return(1); 110 return (1);
113err: 111err:
114 SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE); 112 SSLerr(SSL_F_SSL2_ENC_INIT, ERR_R_MALLOC_FAILURE);
115 return(0); 113 return (0);
116 } 114}
117 115
118/* read/writes from s->s2->mac_data using length for encrypt and 116/* read/writes from s->s2->mac_data using length for encrypt and
119 * decrypt. It sets s->s2->padding and s->[rw]length 117 * decrypt. It sets s->s2->padding and s->[rw]length
120 * if we are encrypting */ 118 * if we are encrypting */
121void ssl2_enc(SSL *s, int send) 119void
122 { 120ssl2_enc(SSL *s, int send)
121{
123 EVP_CIPHER_CTX *ds; 122 EVP_CIPHER_CTX *ds;
124 unsigned long l; 123 unsigned long l;
125 int bs; 124 int bs;
126 125
127 if (send) 126 if (send) {
128 { 127 ds = s->enc_write_ctx;
129 ds=s->enc_write_ctx; 128 l = s->s2->wlength;
130 l=s->s2->wlength; 129 } else {
131 } 130 ds = s->enc_read_ctx;
132 else 131 l = s->s2->rlength;
133 { 132 }
134 ds=s->enc_read_ctx;
135 l=s->s2->rlength;
136 }
137 133
138 /* check for NULL cipher */ 134 /* check for NULL cipher */
139 if (ds == NULL) return; 135 if (ds == NULL)
136 return;
140 137
141 138
142 bs=ds->cipher->block_size; 139 bs = ds->cipher->block_size;
143 /* This should be using (bs-1) and bs instead of 7 and 8, but 140 /* This should be using (bs-1) and bs instead of 7 and 8, but
144 * what the hell. */ 141 * what the hell. */
145 if (bs == 8) 142 if (bs == 8)
146 l=(l+7)/8*8; 143 l = (l + 7) / 8 * 8;
147 144
148 EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l); 145 EVP_Cipher(ds, s->s2->mac_data, s->s2->mac_data, l);
149 } 146}
150 147
151void ssl2_mac(SSL *s, unsigned char *md, int send) 148void
152 { 149ssl2_mac(SSL *s, unsigned char *md, int send)
150{
153 EVP_MD_CTX c; 151 EVP_MD_CTX c;
154 unsigned char sequence[4],*p,*sec,*act; 152 unsigned char sequence[4], *p, *sec, *act;
155 unsigned long seq; 153 unsigned long seq;
156 unsigned int len; 154 unsigned int len;
157 155
158 if (send) 156 if (send) {
159 { 157 seq = s->s2->write_sequence;
160 seq=s->s2->write_sequence; 158 sec = s->s2->write_key;
161 sec=s->s2->write_key; 159 len = s->s2->wact_data_length;
162 len=s->s2->wact_data_length; 160 act = s->s2->wact_data;
163 act=s->s2->wact_data; 161 } else {
164 } 162 seq = s->s2->read_sequence;
165 else 163 sec = s->s2->read_key;
166 { 164 len = s->s2->ract_data_length;
167 seq=s->s2->read_sequence; 165 act = s->s2->ract_data;
168 sec=s->s2->read_key; 166 }
169 len=s->s2->ract_data_length; 167
170 act=s->s2->ract_data; 168 p = &(sequence[0]);
171 } 169 l2n(seq, p);
172
173 p= &(sequence[0]);
174 l2n(seq,p);
175 170
176 /* There has to be a MAC algorithm. */ 171 /* There has to be a MAC algorithm. */
177 EVP_MD_CTX_init(&c); 172 EVP_MD_CTX_init(&c);
178 EVP_MD_CTX_copy(&c, s->read_hash); 173 EVP_MD_CTX_copy(&c, s->read_hash);
179 EVP_DigestUpdate(&c,sec, 174 EVP_DigestUpdate(&c, sec,
180 EVP_CIPHER_CTX_key_length(s->enc_read_ctx)); 175 EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
181 EVP_DigestUpdate(&c,act,len); 176 EVP_DigestUpdate(&c, act, len);
177
182 /* the above line also does the pad data */ 178 /* the above line also does the pad data */
183 EVP_DigestUpdate(&c,sequence,4); 179 EVP_DigestUpdate(&c, sequence, 4);
184 EVP_DigestFinal_ex(&c,md,NULL); 180
181 EVP_DigestFinal_ex(&c, md, NULL);
185 EVP_MD_CTX_cleanup(&c); 182 EVP_MD_CTX_cleanup(&c);
186 } 183}
187#else /* !OPENSSL_NO_SSL2 */ 184#else /* !OPENSSL_NO_SSL2 */
188 185
189# if PEDANTIC 186# if PEDANTIC
190static void *dummy=&dummy; 187static void *dummy = &dummy;
191# endif 188# endif
192 189
193#endif 190#endif
diff --git a/src/lib/libssl/src/ssl/s2_lib.c b/src/lib/libssl/src/ssl/s2_lib.c
index 9914604109..d3764ebbe9 100644
--- a/src/lib/libssl/src/ssl/s2_lib.c
+++ b/src/lib/libssl/src/ssl/s2_lib.c
@@ -121,336 +121,355 @@ const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT;
121#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) 121#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
122 122
123/* list of available SSLv2 ciphers (sorted by id) */ 123/* list of available SSLv2 ciphers (sorted by id) */
124OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={ 124OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
125#if 0 125#if 0
126/* NULL_WITH_MD5 v3 */ 126/* NULL_WITH_MD5 v3 */
127 { 127 {
128 1, 128 1,
129 SSL2_TXT_NULL_WITH_MD5, 129 SSL2_TXT_NULL_WITH_MD5,
130 SSL2_CK_NULL_WITH_MD5, 130 SSL2_CK_NULL_WITH_MD5,
131 SSL_kRSA, 131 SSL_kRSA,
132 SSL_aRSA, 132 SSL_aRSA,
133 SSL_eNULL, 133 SSL_eNULL,
134 SSL_MD5, 134 SSL_MD5,
135 SSL_SSLV2, 135 SSL_SSLV2,
136 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE, 136 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
137 0, 137 0,
138 0, 138 0,
139 0, 139 0,
140 }, 140 },
141#endif 141#endif
142 142
143/* RC4_128_WITH_MD5 */ 143/* RC4_128_WITH_MD5 */
144 { 144 {
145 1, 145 1,
146 SSL2_TXT_RC4_128_WITH_MD5, 146 SSL2_TXT_RC4_128_WITH_MD5,
147 SSL2_CK_RC4_128_WITH_MD5, 147 SSL2_CK_RC4_128_WITH_MD5,
148 SSL_kRSA, 148 SSL_kRSA,
149 SSL_aRSA, 149 SSL_aRSA,
150 SSL_RC4, 150 SSL_RC4,
151 SSL_MD5, 151 SSL_MD5,
152 SSL_SSLV2, 152 SSL_SSLV2,
153 SSL_NOT_EXP|SSL_MEDIUM, 153 SSL_NOT_EXP|SSL_MEDIUM,
154 0, 154 0,
155 128, 155 128,
156 128, 156 128,
157 }, 157 },
158 158
159/* RC4_128_EXPORT40_WITH_MD5 */ 159/* RC4_128_EXPORT40_WITH_MD5 */
160 { 160 {
161 1, 161 1,
162 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, 162 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
163 SSL2_CK_RC4_128_EXPORT40_WITH_MD5, 163 SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
164 SSL_kRSA, 164 SSL_kRSA,
165 SSL_aRSA, 165 SSL_aRSA,
166 SSL_RC4, 166 SSL_RC4,
167 SSL_MD5, 167 SSL_MD5,
168 SSL_SSLV2, 168 SSL_SSLV2,
169 SSL_EXPORT|SSL_EXP40, 169 SSL_EXPORT|SSL_EXP40,
170 SSL2_CF_5_BYTE_ENC, 170 SSL2_CF_5_BYTE_ENC,
171 40, 171 40,
172 128, 172 128,
173 }, 173 },
174 174
175/* RC2_128_CBC_WITH_MD5 */ 175/* RC2_128_CBC_WITH_MD5 */
176 { 176 {
177 1, 177 1,
178 SSL2_TXT_RC2_128_CBC_WITH_MD5, 178 SSL2_TXT_RC2_128_CBC_WITH_MD5,
179 SSL2_CK_RC2_128_CBC_WITH_MD5, 179 SSL2_CK_RC2_128_CBC_WITH_MD5,
180 SSL_kRSA, 180 SSL_kRSA,
181 SSL_aRSA, 181 SSL_aRSA,
182 SSL_RC2, 182 SSL_RC2,
183 SSL_MD5, 183 SSL_MD5,
184 SSL_SSLV2, 184 SSL_SSLV2,
185 SSL_NOT_EXP|SSL_MEDIUM, 185 SSL_NOT_EXP|SSL_MEDIUM,
186 0, 186 0,
187 128, 187 128,
188 128, 188 128,
189 }, 189 },
190 190
191/* RC2_128_CBC_EXPORT40_WITH_MD5 */ 191/* RC2_128_CBC_EXPORT40_WITH_MD5 */
192 { 192 {
193 1, 193 1,
194 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, 194 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
195 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, 195 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
196 SSL_kRSA, 196 SSL_kRSA,
197 SSL_aRSA, 197 SSL_aRSA,
198 SSL_RC2, 198 SSL_RC2,
199 SSL_MD5, 199 SSL_MD5,
200 SSL_SSLV2, 200 SSL_SSLV2,
201 SSL_EXPORT|SSL_EXP40, 201 SSL_EXPORT|SSL_EXP40,
202 SSL2_CF_5_BYTE_ENC, 202 SSL2_CF_5_BYTE_ENC,
203 40, 203 40,
204 128, 204 128,
205 }, 205 },
206 206
207#ifndef OPENSSL_NO_IDEA 207#ifndef OPENSSL_NO_IDEA
208/* IDEA_128_CBC_WITH_MD5 */ 208/* IDEA_128_CBC_WITH_MD5 */
209 { 209 {
210 1, 210 1,
211 SSL2_TXT_IDEA_128_CBC_WITH_MD5, 211 SSL2_TXT_IDEA_128_CBC_WITH_MD5,
212 SSL2_CK_IDEA_128_CBC_WITH_MD5, 212 SSL2_CK_IDEA_128_CBC_WITH_MD5,
213 SSL_kRSA, 213 SSL_kRSA,
214 SSL_aRSA, 214 SSL_aRSA,
215 SSL_IDEA, 215 SSL_IDEA,
216 SSL_MD5, 216 SSL_MD5,
217 SSL_SSLV2, 217 SSL_SSLV2,
218 SSL_NOT_EXP|SSL_MEDIUM, 218 SSL_NOT_EXP|SSL_MEDIUM,
219 0, 219 0,
220 128, 220 128,
221 128, 221 128,
222 }, 222 },
223#endif 223#endif
224 224
225/* DES_64_CBC_WITH_MD5 */ 225/* DES_64_CBC_WITH_MD5 */
226 { 226 {
227 1, 227 1,
228 SSL2_TXT_DES_64_CBC_WITH_MD5, 228 SSL2_TXT_DES_64_CBC_WITH_MD5,
229 SSL2_CK_DES_64_CBC_WITH_MD5, 229 SSL2_CK_DES_64_CBC_WITH_MD5,
230 SSL_kRSA, 230 SSL_kRSA,
231 SSL_aRSA, 231 SSL_aRSA,
232 SSL_DES, 232 SSL_DES,
233 SSL_MD5, 233 SSL_MD5,
234 SSL_SSLV2, 234 SSL_SSLV2,
235 SSL_NOT_EXP|SSL_LOW, 235 SSL_NOT_EXP|SSL_LOW,
236 0, 236 0,
237 56, 237 56,
238 56, 238 56,
239 }, 239 },
240 240
241/* DES_192_EDE3_CBC_WITH_MD5 */ 241/* DES_192_EDE3_CBC_WITH_MD5 */
242 { 242 {
243 1, 243 1,
244 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, 244 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
245 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, 245 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
246 SSL_kRSA, 246 SSL_kRSA,
247 SSL_aRSA, 247 SSL_aRSA,
248 SSL_3DES, 248 SSL_3DES,
249 SSL_MD5, 249 SSL_MD5,
250 SSL_SSLV2, 250 SSL_SSLV2,
251 SSL_NOT_EXP|SSL_HIGH, 251 SSL_NOT_EXP|SSL_HIGH,
252 0, 252 0,
253 168, 253 168,
254 168, 254 168,
255 }, 255 },
256 256
257#if 0 257#if 0
258/* RC4_64_WITH_MD5 */ 258/* RC4_64_WITH_MD5 */
259 { 259 {
260 1, 260 1,
261 SSL2_TXT_RC4_64_WITH_MD5, 261 SSL2_TXT_RC4_64_WITH_MD5,
262 SSL2_CK_RC4_64_WITH_MD5, 262 SSL2_CK_RC4_64_WITH_MD5,
263 SSL_kRSA, 263 SSL_kRSA,
264 SSL_aRSA, 264 SSL_aRSA,
265 SSL_RC4, 265 SSL_RC4,
266 SSL_MD5, 266 SSL_MD5,
267 SSL_SSLV2, 267 SSL_SSLV2,
268 SSL_NOT_EXP|SSL_LOW, 268 SSL_NOT_EXP|SSL_LOW,
269 SSL2_CF_8_BYTE_ENC, 269 SSL2_CF_8_BYTE_ENC,
270 64, 270 64,
271 64, 271 64,
272 }, 272 },
273#endif 273#endif
274 274
275#if 0 275#if 0
276/* NULL SSLeay (testing) */ 276/* NULL SSLeay (testing) */
277 { 277 {
278 0, 278 0,
279 SSL2_TXT_NULL, 279 SSL2_TXT_NULL,
280 SSL2_CK_NULL, 280 SSL2_CK_NULL,
281 0, 281 0,
282 0, 282 0,
283 0, 283 0,
284 0, 284 0,
285 SSL_SSLV2, 285 SSL_SSLV2,
286 SSL_STRONG_NONE, 286 SSL_STRONG_NONE,
287 0, 287 0,
288 0, 288 0,
289 0, 289 0,
290 }, 290 },
291#endif 291#endif
292 292
293/* end of list :-) */ 293/* end of list :-) */
294 }; 294};
295 295
296long ssl2_default_timeout(void) 296long
297 { 297ssl2_default_timeout(void)
298 return(300); 298{
299 } 299 return (300);
300 300}
301int ssl2_num_ciphers(void) 301
302 { 302int
303 return(SSL2_NUM_CIPHERS); 303ssl2_num_ciphers(void)
304 } 304{
305 305 return (SSL2_NUM_CIPHERS);
306const SSL_CIPHER *ssl2_get_cipher(unsigned int u) 306}
307 { 307
308const SSL_CIPHER
309*ssl2_get_cipher(unsigned int u)
310{
308 if (u < SSL2_NUM_CIPHERS) 311 if (u < SSL2_NUM_CIPHERS)
309 return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u])); 312 return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
310 else 313 else
311 return(NULL); 314 return (NULL);
312 } 315}
313 316
314int ssl2_pending(const SSL *s) 317int
315 { 318ssl2_pending(const SSL *s)
319{
316 return SSL_in_init(s) ? 0 : s->s2->ract_data_length; 320 return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
317 } 321}
318 322
319int ssl2_new(SSL *s) 323int
320 { 324ssl2_new(SSL *s)
325{
321 SSL2_STATE *s2; 326 SSL2_STATE *s2;
322 327
323 if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err; 328 if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
324 memset(s2,0,sizeof *s2); 329 goto err;
330 memset(s2, 0, sizeof *s2);
325 331
326#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2 332#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
327# error "assertion failed" 333# error "assertion failed"
328#endif 334#endif
329 335
330 if ((s2->rbuf=OPENSSL_malloc( 336 if ((s2->rbuf = OPENSSL_malloc(
331 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; 337 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL)
338 goto err;
332 /* wbuf needs one byte more because when using two-byte headers, 339 /* wbuf needs one byte more because when using two-byte headers,
333 * we leave the first byte unused in do_ssl_write (s2_pkt.c) */ 340 * we leave the first byte unused in do_ssl_write (s2_pkt.c) */
334 if ((s2->wbuf=OPENSSL_malloc( 341 if ((s2->wbuf = OPENSSL_malloc(
335 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err; 342 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL)
336 s->s2=s2; 343 goto err;
344 s->s2 = s2;
337 345
338 ssl2_clear(s); 346 ssl2_clear(s);
339 return(1); 347 return (1);
340err: 348err:
341 if (s2 != NULL) 349 if (s2 != NULL) {
342 { 350 if (s2->wbuf != NULL)
343 if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); 351 OPENSSL_free(s2->wbuf);
344 if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); 352 if (s2->rbuf != NULL)
353 OPENSSL_free(s2->rbuf);
345 OPENSSL_free(s2); 354 OPENSSL_free(s2);
346 }
347 return(0);
348 } 355 }
356 return (0);
357}
349 358
350void ssl2_free(SSL *s) 359void
351 { 360ssl2_free(SSL *s)
361{
352 SSL2_STATE *s2; 362 SSL2_STATE *s2;
353 363
354 if(s == NULL) 364 if (s == NULL)
355 return; 365 return;
356 366
357 s2=s->s2; 367 s2 = s->s2;
358 if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); 368 if (s2->rbuf != NULL)
359 if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); 369 OPENSSL_free(s2->rbuf);
360 OPENSSL_cleanse(s2,sizeof *s2); 370 if (s2->wbuf != NULL)
371 OPENSSL_free(s2->wbuf);
372 OPENSSL_cleanse(s2, sizeof *s2);
361 OPENSSL_free(s2); 373 OPENSSL_free(s2);
362 s->s2=NULL; 374 s->s2 = NULL;
363 } 375}
364 376
365void ssl2_clear(SSL *s) 377void
366 { 378ssl2_clear(SSL *s)
379{
367 SSL2_STATE *s2; 380 SSL2_STATE *s2;
368 unsigned char *rbuf,*wbuf; 381 unsigned char *rbuf, *wbuf;
369 382
370 s2=s->s2; 383 s2 = s->s2;
371 384
372 rbuf=s2->rbuf; 385 rbuf = s2->rbuf;
373 wbuf=s2->wbuf; 386 wbuf = s2->wbuf;
374 387
375 memset(s2,0,sizeof *s2); 388 memset(s2, 0, sizeof *s2);
376 389
377 s2->rbuf=rbuf; 390 s2->rbuf = rbuf;
378 s2->wbuf=wbuf; 391 s2->wbuf = wbuf;
379 s2->clear_text=1; 392 s2->clear_text = 1;
380 s->packet=s2->rbuf; 393 s->packet = s2->rbuf;
381 s->version=SSL2_VERSION; 394 s->version = SSL2_VERSION;
382 s->packet_length=0; 395 s->packet_length = 0;
383 } 396}
384 397
385long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg) 398long
386 { 399ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
387 int ret=0; 400{
401 int ret = 0;
388 402
389 switch(cmd) 403 switch (cmd) {
390 {
391 case SSL_CTRL_GET_SESSION_REUSED: 404 case SSL_CTRL_GET_SESSION_REUSED:
392 ret=s->hit; 405 ret = s->hit;
393 break; 406 break;
394 default: 407 default:
395 break; 408 break;
396 }
397 return(ret);
398 }
399
400long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
401 {
402 return(0);
403 }
404
405long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
406 {
407 return(0);
408 }
409
410long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
411 {
412 return(0);
413 } 409 }
410 return (ret);
411}
412
413long
414ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
415{
416 return (0);
417}
418
419long
420ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
421{
422 return (0);
423}
424
425long
426ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
427{
428 return (0);
429}
414 430
415/* This function needs to check if the ciphers required are actually 431/* This function needs to check if the ciphers required are actually
416 * available */ 432 * available */
417const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) 433const SSL_CIPHER
418 { 434*ssl2_get_cipher_by_char(const unsigned char *p)
435{
419 SSL_CIPHER c; 436 SSL_CIPHER c;
420 const SSL_CIPHER *cp; 437 const SSL_CIPHER *cp;
421 unsigned long id; 438 unsigned long id;
422 439
423 id=0x02000000L|((unsigned long)p[0]<<16L)| 440 id = 0x02000000L|((unsigned long)p[0]<<16L)|
424 ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; 441 ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
425 c.id=id; 442 c.id = id;
426 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS); 443 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
427 if ((cp == NULL) || (cp->valid == 0)) 444 if ((cp == NULL) || (cp->valid == 0))
428 return NULL; 445 return NULL;
429 else 446 else
430 return cp; 447 return cp;
431 } 448}
432 449
433int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 450int
434 { 451ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
452{
435 long l; 453 long l;
436 454
437 if (p != NULL) 455 if (p != NULL) {
438 { 456 l = c->id;
439 l=c->id; 457 if ((l & 0xff000000) != 0x02000000)
440 if ((l & 0xff000000) != 0x02000000) return(0); 458 return (0);
441 p[0]=((unsigned char)(l>>16L))&0xFF; 459 p[0] = ((unsigned char)(l >> 16L))&0xFF;
442 p[1]=((unsigned char)(l>> 8L))&0xFF; 460 p[1] = ((unsigned char)(l >> 8L))&0xFF;
443 p[2]=((unsigned char)(l ))&0xFF; 461 p[2] = ((unsigned char)(l ))&0xFF;
444 }
445 return(3);
446 } 462 }
463 return (3);
464}
447 465
448int ssl2_generate_key_material(SSL *s) 466int
449 { 467ssl2_generate_key_material(SSL *s)
468{
450 unsigned int i; 469 unsigned int i;
451 EVP_MD_CTX ctx; 470 EVP_MD_CTX ctx;
452 unsigned char *km; 471 unsigned char *km;
453 unsigned char c='0'; 472 unsigned char c = '0';
454 const EVP_MD *md5; 473 const EVP_MD *md5;
455 int md_size; 474 int md_size;
456 475
@@ -461,96 +480,94 @@ int ssl2_generate_key_material(SSL *s)
461 see SSLv2 docu */ 480 see SSLv2 docu */
462#endif 481#endif
463 EVP_MD_CTX_init(&ctx); 482 EVP_MD_CTX_init(&ctx);
464 km=s->s2->key_material; 483 km = s->s2->key_material;
465 484
466 if (s->session->master_key_length < 0 || 485 if (s->session->master_key_length < 0 ||
467 s->session->master_key_length > (int)sizeof(s->session->master_key)) 486 s->session->master_key_length > (int)sizeof(s->session->master_key)) {
468 { 487 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
469 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); 488 return 0;
470 return 0; 489 }
471 }
472 md_size = EVP_MD_size(md5); 490 md_size = EVP_MD_size(md5);
473 if (md_size < 0) 491 if (md_size < 0)
474 return 0; 492 return 0;
475 for (i=0; i<s->s2->key_material_length; i += md_size) 493 for (i = 0; i < s->s2->key_material_length; i += md_size) {
476 {
477 if (((km - s->s2->key_material) + md_size) > 494 if (((km - s->s2->key_material) + md_size) >
478 (int)sizeof(s->s2->key_material)) 495 (int)sizeof(s->s2->key_material)) {
479 {
480 /* EVP_DigestFinal_ex() below would write beyond buffer */ 496 /* EVP_DigestFinal_ex() below would write beyond buffer */
481 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); 497 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
482 return 0; 498 return 0;
483 } 499 }
484 500
485 EVP_DigestInit_ex(&ctx, md5, NULL); 501 EVP_DigestInit_ex(&ctx, md5, NULL);
486 502
487 OPENSSL_assert(s->session->master_key_length >= 0 503 OPENSSL_assert(s->session->master_key_length >= 0 &&
488 && s->session->master_key_length 504 s->session->master_key_length <
489 < (int)sizeof(s->session->master_key)); 505 (int)sizeof(s->session->master_key));
490 EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); 506 EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length);
491 EVP_DigestUpdate(&ctx,&c,1); 507 EVP_DigestUpdate(&ctx, &c, 1);
492 c++; 508 c++;
493 EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length); 509 EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
494 EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length); 510 EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
495 EVP_DigestFinal_ex(&ctx,km,NULL); 511 EVP_DigestFinal_ex(&ctx, km, NULL);
496 km += md_size; 512 km += md_size;
497 } 513 }
498 514
499 EVP_MD_CTX_cleanup(&ctx); 515 EVP_MD_CTX_cleanup(&ctx);
500 return 1; 516 return 1;
501 } 517}
502 518
503void ssl2_return_error(SSL *s, int err) 519void
504 { 520ssl2_return_error(SSL *s, int err)
505 if (!s->error) 521{
506 { 522 if (!s->error) {
507 s->error=3; 523 s->error = 3;
508 s->error_code=err; 524 s->error_code = err;
509 525
510 ssl2_write_error(s); 526 ssl2_write_error(s);
511 }
512 } 527 }
528}
513 529
514 530
515void ssl2_write_error(SSL *s) 531void
516 { 532ssl2_write_error(SSL *s)
533{
517 unsigned char buf[3]; 534 unsigned char buf[3];
518 int i,error; 535 int i, error;
519 536
520 buf[0]=SSL2_MT_ERROR; 537 buf[0] = SSL2_MT_ERROR;
521 buf[1]=(s->error_code>>8)&0xff; 538 buf[1] = (s->error_code >> 8)&0xff;
522 buf[2]=(s->error_code)&0xff; 539 buf[2] = (s->error_code)&0xff;
523 540
524/* state=s->rwstate;*/ 541/* state=s->rwstate;*/
525 542
526 error=s->error; /* number of bytes left to write */ 543 error=s->error; /* number of bytes left to write */
527 s->error=0; 544 s->error = 0;
528 OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf)); 545 OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
529 i=ssl2_write(s,&(buf[3-error]),error); 546 i = ssl2_write(s, &(buf[3 - error]), error);
530 547
531/* if (i == error) s->rwstate=state; */ 548/* if (i == error) s->rwstate=state; */
532 549
533 if (i < 0) 550 if (i < 0)
534 s->error=error; 551 s->error = error;
535 else 552 else {
536 { 553 s->error = error - i;
537 s->error=error-i;
538 554
539 if (s->error == 0) 555 if (s->error == 0)
540 if (s->msg_callback) 556 if (s->msg_callback)
541 s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */ 557 s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */
542 }
543 }
544
545int ssl2_shutdown(SSL *s)
546 {
547 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
548 return(1);
549 } 558 }
559}
560
561int
562ssl2_shutdown(SSL *s)
563{
564 s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
565 return (1);
566}
550#else /* !OPENSSL_NO_SSL2 */ 567#else /* !OPENSSL_NO_SSL2 */
551 568
552# if PEDANTIC 569# if PEDANTIC
553static void *dummy=&dummy; 570static void *dummy = &dummy;
554# endif 571# endif
555 572
556#endif 573#endif
diff --git a/src/lib/libssl/src/ssl/s2_meth.c b/src/lib/libssl/src/ssl/s2_meth.c
index f0e8ca593d..ca08fc6e22 100644
--- a/src/lib/libssl/src/ssl/s2_meth.c
+++ b/src/lib/libssl/src/ssl/s2_meth.c
@@ -62,23 +62,22 @@
62#include <openssl/objects.h> 62#include <openssl/objects.h>
63 63
64static const SSL_METHOD *ssl2_get_method(int ver); 64static const SSL_METHOD *ssl2_get_method(int ver);
65static const SSL_METHOD *ssl2_get_method(int ver) 65static const SSL_METHOD
66 { 66*ssl2_get_method(int ver)
67{
67 if (ver == SSL2_VERSION) 68 if (ver == SSL2_VERSION)
68 return(SSLv2_method()); 69 return (SSLv2_method());
69 else 70 else
70 return(NULL); 71 return (NULL);
71 } 72}
72 73
73IMPLEMENT_ssl2_meth_func(SSLv2_method, 74IMPLEMENT_ssl2_meth_func(SSLv2_method,
74 ssl2_accept, 75 ssl2_accept, ssl2_connect, ssl2_get_method)
75 ssl2_connect,
76 ssl2_get_method)
77 76
78#else /* !OPENSSL_NO_SSL2 */ 77#else /* !OPENSSL_NO_SSL2 */
79 78
80# if PEDANTIC 79# if PEDANTIC
81static void *dummy=&dummy; 80static void *dummy = &dummy;
82# endif 81# endif
83 82
84#endif 83#endif
diff --git a/src/lib/libssl/src/ssl/s2_pkt.c b/src/lib/libssl/src/ssl/s2_pkt.c
index 7efad40153..3a92c81d65 100644
--- a/src/lib/libssl/src/ssl/s2_pkt.c
+++ b/src/lib/libssl/src/ssl/s2_pkt.c
@@ -114,7 +114,7 @@
114#include <stdio.h> 114#include <stdio.h>
115#include <errno.h> 115#include <errno.h>
116 116
117static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); 117static int read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend);
118static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); 118static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
119static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); 119static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
120static int ssl_mt_error(int n); 120static int ssl_mt_error(int n);
@@ -123,158 +123,145 @@ static int ssl_mt_error(int n);
123/* SSL 2.0 imlementation for SSL_read/SSL_peek - 123/* SSL 2.0 imlementation for SSL_read/SSL_peek -
124 * This routine will return 0 to len bytes, decrypted etc if required. 124 * This routine will return 0 to len bytes, decrypted etc if required.
125 */ 125 */
126static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) 126static int
127 { 127ssl2_read_internal(SSL *s, void *buf, int len, int peek)
128{
128 int n; 129 int n;
129 unsigned char mac[MAX_MAC_SIZE]; 130 unsigned char mac[MAX_MAC_SIZE];
130 unsigned char *p; 131 unsigned char *p;
131 int i; 132 int i;
132 int mac_size; 133 int mac_size;
133 134
134 ssl2_read_again: 135 ssl2_read_again:
135 if (SSL_in_init(s) && !s->in_handshake) 136 if (SSL_in_init(s) && !s->in_handshake) {
136 { 137 n = s->handshake_func(s);
137 n=s->handshake_func(s); 138 if (n < 0)
138 if (n < 0) return(n); 139 return (n);
139 if (n == 0) 140 if (n == 0) {
140 { 141 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_SSL_HANDSHAKE_FAILURE);
141 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAILURE); 142 return (-1);
142 return(-1);
143 }
144 } 143 }
144 }
145 145
146 errno = 0; 146 errno = 0;
147 s->rwstate=SSL_NOTHING; 147 s->rwstate = SSL_NOTHING;
148 if (len <= 0) return(len); 148 if (len <= 0)
149 return (len);
149 150
150 if (s->s2->ract_data_length != 0) /* read from buffer */ 151 if (s->s2->ract_data_length != 0) /* read from buffer */
151 { 152 {
152 if (len > s->s2->ract_data_length) 153 if (len > s->s2->ract_data_length)
153 n=s->s2->ract_data_length; 154 n = s->s2->ract_data_length;
154 else 155 else
155 n=len; 156 n = len;
156 157
157 memcpy(buf,s->s2->ract_data,(unsigned int)n); 158 memcpy(buf, s->s2->ract_data,(unsigned int)n);
158 if (!peek) 159 if (!peek) {
159 { 160 s->s2->ract_data_length -= n;
160 s->s2->ract_data_length-=n; 161 s->s2->ract_data += n;
161 s->s2->ract_data+=n;
162 if (s->s2->ract_data_length == 0) 162 if (s->s2->ract_data_length == 0)
163 s->rstate=SSL_ST_READ_HEADER; 163 s->rstate = SSL_ST_READ_HEADER;
164 }
165
166 return(n);
167 } 164 }
168 165
166 return (n);
167 }
168
169 /* s->s2->ract_data_length == 0 169 /* s->s2->ract_data_length == 0
170 * 170 *
171 * Fill the buffer, then goto ssl2_read_again. 171 * Fill the buffer, then goto ssl2_read_again.
172 */ 172 */
173 173
174 if (s->rstate == SSL_ST_READ_HEADER) 174 if (s->rstate == SSL_ST_READ_HEADER) {
175 { 175 if (s->first_packet) {
176 if (s->first_packet) 176 n = read_n(s, 5, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
177 {
178 n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
179 if (n <= 0) return(n); /* error or non-blocking */ 177 if (n <= 0) return(n); /* error or non-blocking */
180 s->first_packet=0; 178 s->first_packet = 0;
181 p=s->packet; 179 p = s->packet;
182 if (!((p[0] & 0x80) && ( 180 if (!((p[0] & 0x80) && (
183 (p[2] == SSL2_MT_CLIENT_HELLO) || 181 (p[2] == SSL2_MT_CLIENT_HELLO) ||
184 (p[2] == SSL2_MT_SERVER_HELLO)))) 182 (p[2] == SSL2_MT_SERVER_HELLO)))) {
185 { 183 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_NON_SSLV2_INITIAL_PACKET);
186 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_NON_SSLV2_INITIAL_PACKET); 184 return (-1);
187 return(-1);
188 }
189 }
190 else
191 {
192 n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
193 if (n <= 0) return(n); /* error or non-blocking */
194 } 185 }
186 } else {
187 n = read_n(s, 2, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
188 if (n <= 0)
189 return(n); /* error or non-blocking */
190 }
195 /* part read stuff */ 191 /* part read stuff */
196 192
197 s->rstate=SSL_ST_READ_BODY; 193 s->rstate = SSL_ST_READ_BODY;
198 p=s->packet; 194 p = s->packet;
199 /* Do header */ 195 /* Do header */
200 /*s->s2->padding=0;*/ 196 /*s->s2->padding=0;*/
201 s->s2->escape=0; 197 s->s2->escape = 0;
202 s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]); 198 s->s2->rlength = (((unsigned int)p[0]) << 8)|((unsigned int)p[1]);
203 if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */ 199 if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */
204 { 200 {
205 s->s2->three_byte_header=0; 201 s->s2->three_byte_header = 0;
206 s->s2->rlength&=TWO_BYTE_MASK; 202 s->s2->rlength&=TWO_BYTE_MASK;
207 } 203
208 else 204 } else {
209 { 205 s->s2->three_byte_header = 1;
210 s->s2->three_byte_header=1;
211 s->s2->rlength&=THREE_BYTE_MASK; 206 s->s2->rlength&=THREE_BYTE_MASK;
212 207
213 /* security >s2->escape */ 208 /* security >s2->escape */
214 s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0; 209 s->s2->escape = ((p[0] & SEC_ESC_BIT)) ? 1 : 0;
215 }
216 } 210 }
211 }
217 212
218 if (s->rstate == SSL_ST_READ_BODY) 213 if (s->rstate == SSL_ST_READ_BODY) {
219 { 214 n = s->s2->rlength + 2 + s->s2->three_byte_header;
220 n=s->s2->rlength+2+s->s2->three_byte_header; 215 if (n > (int)s->packet_length) {
221 if (n > (int)s->packet_length) 216 n -= s->packet_length;
222 { 217 i = read_n(s, (unsigned int)n, (unsigned int)n, 1);
223 n-=s->packet_length; 218 if (i <= 0)
224 i=read_n(s,(unsigned int)n,(unsigned int)n,1); 219 return(i); /* ERROR */
225 if (i <= 0) return(i); /* ERROR */ 220 }
226 }
227 221
228 p= &(s->packet[2]); 222 p = &(s->packet[2]);
229 s->rstate=SSL_ST_READ_HEADER; 223 s->rstate = SSL_ST_READ_HEADER;
230 if (s->s2->three_byte_header) 224 if (s->s2->three_byte_header)
231 s->s2->padding= *(p++); 225 s->s2->padding= *(p++);
232 else s->s2->padding=0; 226 else s->s2->padding = 0;
233 227
234 /* Data portion */ 228 /* Data portion */
235 if (s->s2->clear_text) 229 if (s->s2->clear_text) {
236 {
237 mac_size = 0; 230 mac_size = 0;
238 s->s2->mac_data=p; 231 s->s2->mac_data = p;
239 s->s2->ract_data=p; 232 s->s2->ract_data = p;
240 if (s->s2->padding) 233 if (s->s2->padding) {
241 { 234 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
242 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); 235 return (-1);
243 return(-1);
244 }
245 } 236 }
246 else 237 } else {
247 { 238 mac_size = EVP_MD_CTX_size(s->read_hash);
248 mac_size=EVP_MD_CTX_size(s->read_hash);
249 if (mac_size < 0) 239 if (mac_size < 0)
250 return -1; 240 return -1;
251 OPENSSL_assert(mac_size <= MAX_MAC_SIZE); 241 OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
252 s->s2->mac_data=p; 242 s->s2->mac_data = p;
253 s->s2->ract_data= &p[mac_size]; 243 s->s2->ract_data = &p[mac_size];
254 if (s->s2->padding + mac_size > s->s2->rlength) 244 if (s->s2->padding + mac_size > s->s2->rlength) {
255 { 245 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
256 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); 246 return (-1);
257 return(-1);
258 }
259 } 247 }
248 }
260 249
261 s->s2->ract_data_length=s->s2->rlength; 250 s->s2->ract_data_length = s->s2->rlength;
262 /* added a check for length > max_size in case 251 /* added a check for length > max_size in case
263 * encryption was not turned on yet due to an error */ 252 * encryption was not turned on yet due to an error */
264 if ((!s->s2->clear_text) && 253 if ((!s->s2->clear_text) &&
265 (s->s2->rlength >= (unsigned int)mac_size)) 254 (s->s2->rlength >= (unsigned int)mac_size)) {
266 { 255 ssl2_enc(s, 0);
267 ssl2_enc(s,0); 256 s->s2->ract_data_length -= mac_size;
268 s->s2->ract_data_length-=mac_size; 257 ssl2_mac(s, mac, 0);
269 ssl2_mac(s,mac,0); 258 s->s2->ract_data_length -= s->s2->padding;
270 s->s2->ract_data_length-=s->s2->padding; 259 if ((CRYPTO_memcmp(mac, s->s2->mac_data, mac_size) != 0) ||
271 if ( (CRYPTO_memcmp(mac,s->s2->mac_data,mac_size) != 0) || 260 (s->s2->rlength % EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) {
272 (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) 261 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_MAC_DECODE);
273 { 262 return (-1);
274 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE);
275 return(-1);
276 }
277 } 263 }
264 }
278 INC32(s->s2->read_sequence); /* expect next number */ 265 INC32(s->s2->read_sequence); /* expect next number */
279 /* s->s2->ract_data is now available for processing */ 266 /* s->s2->ract_data is now available for processing */
280 267
@@ -291,181 +278,166 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
291 * renegotiation can confuse things even more.] */ 278 * renegotiation can confuse things even more.] */
292 279
293 goto ssl2_read_again; /* This should really be 280 goto ssl2_read_again; /* This should really be
294 * "return ssl2_read(s,buf,len)", 281 * "return ssl2_read(s, buf, len)",
295 * but that would allow for 282 * but that would allow for
296 * denial-of-service attacks if a 283 * denial - of - service attacks if a
297 * C compiler is used that does not 284 * C compiler is used that does not
298 * recognize end-recursion. */ 285 * recognize end-recursion. */
299 } 286 } else {
300 else 287 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_STATE);
301 { 288 return (-1);
302 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_STATE);
303 return(-1);
304 }
305 } 289 }
290}
306 291
307int ssl2_read(SSL *s, void *buf, int len) 292int
308 { 293ssl2_read(SSL *s, void *buf, int len)
294{
309 return ssl2_read_internal(s, buf, len, 0); 295 return ssl2_read_internal(s, buf, len, 0);
310 } 296}
311 297
312int ssl2_peek(SSL *s, void *buf, int len) 298int
313 { 299ssl2_peek(SSL *s, void *buf, int len)
300{
314 return ssl2_read_internal(s, buf, len, 1); 301 return ssl2_read_internal(s, buf, len, 1);
315 } 302}
316 303
317static int read_n(SSL *s, unsigned int n, unsigned int max, 304static int
318 unsigned int extend) 305read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend)
319 { 306{
320 int i,off,newb; 307 int i, off, newb;
321 308
322 /* if there is stuff still in the buffer from a previous read, 309 /* if there is stuff still in the buffer from a previous read,
323 * and there is more than we want, take some. */ 310 * and there is more than we want, take some. */
324 if (s->s2->rbuf_left >= (int)n) 311 if (s->s2->rbuf_left >= (int)n) {
325 {
326 if (extend) 312 if (extend)
327 s->packet_length+=n; 313 s->packet_length += n;
328 else 314 else {
329 { 315 s->packet = &(s->s2->rbuf[s->s2->rbuf_offs]);
330 s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]); 316 s->packet_length = n;
331 s->packet_length=n;
332 }
333 s->s2->rbuf_left-=n;
334 s->s2->rbuf_offs+=n;
335 return(n);
336 } 317 }
318 s->s2->rbuf_left -= n;
319 s->s2->rbuf_offs += n;
320 return (n);
321 }
322
323 if (!s->read_ahead)
324 max = n;
325 if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2))
326 max = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2;
337 327
338 if (!s->read_ahead) max=n;
339 if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2))
340 max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2;
341
342 328
343 /* Else we want more than we have. 329 /* Else we want more than we have.
344 * First, if there is some left or we want to extend */ 330 * First, if there is some left or we want to extend */
345 off=0; 331 off = 0;
346 if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) 332 if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) {
347 { 333 newb = s->s2->rbuf_left;
348 newb=s->s2->rbuf_left; 334 if (extend) {
349 if (extend) 335 off = s->packet_length;
350 {
351 off=s->packet_length;
352 if (s->packet != s->s2->rbuf) 336 if (s->packet != s->s2->rbuf)
353 memcpy(s->s2->rbuf,s->packet, 337 memcpy(s->s2->rbuf, s->packet,
354 (unsigned int)newb+off); 338 (unsigned int)newb + off);
355 } 339 } else if (s->s2->rbuf_offs != 0) {
356 else if (s->s2->rbuf_offs != 0) 340 memcpy(s->s2->rbuf, &(s->s2->rbuf[s->s2->rbuf_offs]),
357 { 341 (unsigned int)newb);
358 memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]), 342 s->s2->rbuf_offs = 0;
359 (unsigned int)newb);
360 s->s2->rbuf_offs=0;
361 }
362 s->s2->rbuf_left=0;
363 } 343 }
364 else 344 s->s2->rbuf_left = 0;
365 newb=0; 345 } else
346 newb = 0;
366 347
367 /* off is the offset to start writing too. 348 /* off is the offset to start writing too.
368 * r->s2->rbuf_offs is the 'unread data', now 0. 349 * r->s2->rbuf_offs is the 'unread data', now 0.
369 * newb is the number of new bytes so far 350 * newb is the number of new bytes so far
370 */ 351 */
371 s->packet=s->s2->rbuf; 352 s->packet = s->s2->rbuf;
372 while (newb < (int)n) 353 while (newb < (int)n) {
373 {
374 errno = 0; 354 errno = 0;
375 if (s->rbio != NULL) 355 if (s->rbio != NULL) {
376 { 356 s->rwstate = SSL_READING;
377 s->rwstate=SSL_READING; 357 i = BIO_read(s->rbio,(char *)&(s->s2->rbuf[off + newb]),
378 i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]), 358 max - newb);
379 max-newb); 359 } else {
380 } 360 SSLerr(SSL_F_READ_N, SSL_R_READ_BIO_NOT_SET);
381 else 361 i = -1;
382 { 362 }
383 SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET);
384 i= -1;
385 }
386#ifdef PKT_DEBUG 363#ifdef PKT_DEBUG
387 if (s->debug & 0x01) sleep(1); 364 if (s->debug & 0x01)
365 sleep(1);
388#endif 366#endif
389 if (i <= 0) 367 if (i <= 0) {
390 { 368 s->s2->rbuf_left += newb;
391 s->s2->rbuf_left+=newb; 369 return (i);
392 return(i);
393 }
394 newb+=i;
395 } 370 }
371 newb += i;
372 }
396 373
397 /* record unread data */ 374 /* record unread data */
398 if (newb > (int)n) 375 if (newb > (int)n) {
399 { 376 s->s2->rbuf_offs = n + off;
400 s->s2->rbuf_offs=n+off; 377 s->s2->rbuf_left = newb - n;
401 s->s2->rbuf_left=newb-n; 378 } else {
402 } 379 s->s2->rbuf_offs = 0;
403 else 380 s->s2->rbuf_left = 0;
404 { 381 }
405 s->s2->rbuf_offs=0;
406 s->s2->rbuf_left=0;
407 }
408 if (extend) 382 if (extend)
409 s->packet_length+=n; 383 s->packet_length += n;
410 else 384 else
411 s->packet_length=n; 385 s->packet_length = n;
412 s->rwstate=SSL_NOTHING; 386 s->rwstate = SSL_NOTHING;
413 return(n); 387 return (n);
414 } 388}
415 389
416int ssl2_write(SSL *s, const void *_buf, int len) 390int
417 { 391ssl2_write(SSL *s, const void *_buf, int len)
418 const unsigned char *buf=_buf; 392{
419 unsigned int n,tot; 393 const unsigned char *buf = _buf;
394 unsigned int n, tot;
420 int i; 395 int i;
421 396
422 if (SSL_in_init(s) && !s->in_handshake) 397 if (SSL_in_init(s) && !s->in_handshake) {
423 { 398 i = s->handshake_func(s);
424 i=s->handshake_func(s); 399 if (i < 0)
425 if (i < 0) return(i); 400 return (i);
426 if (i == 0) 401 if (i == 0) {
427 { 402 SSLerr(SSL_F_SSL2_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
428 SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); 403 return (-1);
429 return(-1);
430 }
431 } 404 }
405 }
432 406
433 if (s->error) 407 if (s->error) {
434 {
435 ssl2_write_error(s); 408 ssl2_write_error(s);
436 if (s->error) 409 if (s->error)
437 return(-1); 410 return (-1);
438 } 411 }
439 412
440 errno = 0; 413 errno = 0;
441 s->rwstate=SSL_NOTHING; 414 s->rwstate = SSL_NOTHING;
442 if (len <= 0) return(len); 415 if (len <= 0)
443 416 return (len);
444 tot=s->s2->wnum; 417
445 s->s2->wnum=0; 418 tot = s->s2->wnum;
446 419 s->s2->wnum = 0;
447 n=(len-tot); 420
448 for (;;) 421 n = (len - tot);
449 { 422 for (;;) {
450 i=n_do_ssl_write(s,&(buf[tot]),n); 423 i = n_do_ssl_write(s, &(buf[tot]), n);
451 if (i <= 0) 424 if (i <= 0) {
452 { 425 s->s2->wnum = tot;
453 s->s2->wnum=tot; 426 return (i);
454 return(i); 427 }
455 }
456 if ((i == (int)n) || 428 if ((i == (int)n) ||
457 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) 429 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) {
458 { 430 return (tot + i);
459 return(tot+i);
460 }
461
462 n-=i;
463 tot+=i;
464 } 431 }
432
433 n -= i;
434 tot += i;
465 } 435 }
436}
466 437
467static int write_pending(SSL *s, const unsigned char *buf, unsigned int len) 438static int
468 { 439write_pending(SSL *s, const unsigned char *buf, unsigned int len)
440{
469 int i; 441 int i;
470 442
471 /* s->s2->wpend_len != 0 MUST be true. */ 443 /* s->s2->wpend_len != 0 MUST be true. */
@@ -473,122 +445,110 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
473 /* check that they have given us the same buffer to 445 /* check that they have given us the same buffer to
474 * write */ 446 * write */
475 if ((s->s2->wpend_tot > (int)len) || 447 if ((s->s2->wpend_tot > (int)len) ||
476 ((s->s2->wpend_buf != buf) && 448 ((s->s2->wpend_buf != buf) &&
477 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) 449 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) {
478 { 450 SSLerr(SSL_F_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
479 SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); 451 return (-1);
480 return(-1); 452 }
481 }
482 453
483 for (;;) 454 for (;;) {
484 {
485 errno = 0; 455 errno = 0;
486 if (s->wbio != NULL) 456 if (s->wbio != NULL) {
487 { 457 s->rwstate = SSL_WRITING;
488 s->rwstate=SSL_WRITING; 458 i = BIO_write(s->wbio,
489 i=BIO_write(s->wbio, 459 (char *)&(s->s2->write_ptr[s->s2->wpend_off]),
490 (char *)&(s->s2->write_ptr[s->s2->wpend_off]), 460 (unsigned int)s->s2->wpend_len);
491 (unsigned int)s->s2->wpend_len); 461 } else {
492 } 462 SSLerr(SSL_F_WRITE_PENDING, SSL_R_WRITE_BIO_NOT_SET);
493 else 463 i = -1;
494 { 464 }
495 SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET);
496 i= -1;
497 }
498#ifdef PKT_DEBUG 465#ifdef PKT_DEBUG
499 if (s->debug & 0x01) sleep(1); 466 if (s->debug & 0x01)
467 sleep(1);
500#endif 468#endif
501 if (i == s->s2->wpend_len) 469 if (i == s->s2->wpend_len) {
502 { 470 s->s2->wpend_len = 0;
503 s->s2->wpend_len=0; 471 s->rwstate = SSL_NOTHING;
504 s->rwstate=SSL_NOTHING; 472 return (s->s2->wpend_ret);
505 return(s->s2->wpend_ret); 473 } else if (i <= 0)
506 } 474 return (i);
507 else if (i <= 0) 475 s->s2->wpend_off += i;
508 return(i); 476 s->s2->wpend_len -= i;
509 s->s2->wpend_off+=i;
510 s->s2->wpend_len-=i;
511 }
512 } 477 }
478}
513 479
514static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) 480static int
515 { 481n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
516 unsigned int j,k,olen,p,bs; 482{
483 unsigned int j, k, olen, p, bs;
517 int mac_size; 484 int mac_size;
518 register unsigned char *pp; 485 register unsigned char *pp;
519 486
520 olen=len; 487 olen = len;
521 488
522 /* first check if there is data from an encryption waiting to 489 /* first check if there is data from an encryption waiting to
523 * be sent - it must be sent because the other end is waiting. 490 * be sent - it must be sent because the other end is waiting.
524 * This will happen with non-blocking IO. We print it and then 491 * This will happen with non-blocking IO. We print it and then
525 * return. 492 * return.
526 */ 493 */
527 if (s->s2->wpend_len != 0) return(write_pending(s,buf,len)); 494 if (s->s2->wpend_len != 0)
495 return (write_pending(s, buf, len));
528 496
529 /* set mac_size to mac size */ 497 /* set mac_size to mac size */
530 if (s->s2->clear_text) 498 if (s->s2->clear_text)
531 mac_size=0; 499 mac_size = 0;
532 else 500 else {
533 { 501 mac_size = EVP_MD_CTX_size(s->write_hash);
534 mac_size=EVP_MD_CTX_size(s->write_hash);
535 if (mac_size < 0) 502 if (mac_size < 0)
536 return -1; 503 return -1;
537 } 504 }
538 505
539 /* lets set the pad p */ 506 /* lets set the pad p */
540 if (s->s2->clear_text) 507 if (s->s2->clear_text) {
541 {
542 if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) 508 if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
543 len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; 509 len = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
544 p=0; 510 p = 0;
545 s->s2->three_byte_header=0; 511 s->s2->three_byte_header = 0;
546 /* len=len; */ 512 /* len=len; */
547 } 513 } else {
548 else 514 bs = EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
549 { 515 j = len + mac_size;
550 bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
551 j=len+mac_size;
552 /* Two-byte headers allow for a larger record length than 516 /* Two-byte headers allow for a larger record length than
553 * three-byte headers, but we can't use them if we need 517 * three-byte headers, but we can't use them if we need
554 * padding or if we have to set the escape bit. */ 518 * padding or if we have to set the escape bit. */
555 if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) && 519 if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
556 (!s->s2->escape)) 520 (!s->s2->escape)) {
557 {
558 if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) 521 if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
559 j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; 522 j = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
560 /* set k to the max number of bytes with 2 523 /* set k to the max number of bytes with 2
561 * byte header */ 524 * byte header */
562 k=j-(j%bs); 525 k = j - (j % bs);
563 /* how many data bytes? */ 526 /* how many data bytes? */
564 len=k-mac_size; 527 len = k - mac_size;
565 s->s2->three_byte_header=0; 528
566 p=0; 529 s->s2->three_byte_header = 0;
567 } 530 p = 0;
568 else if ((bs <= 1) && (!s->s2->escape)) 531 } else if ((bs <= 1) && (!s->s2->escape)) {
569 {
570 /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus 532 /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
571 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */ 533 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */
572 s->s2->three_byte_header=0; 534 s->s2->three_byte_header = 0;
573 p=0; 535 p = 0;
574 } 536 }
575 else /* we may have to use a 3 byte header */ 537 else /* we may have to use a 3 byte header */
576 { 538 {
577 /* If s->s2->escape is not set, then 539 /* If s->s2->escape is not set, then
578 * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus 540 * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
579 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */ 541 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */
580 p=(j%bs); 542 p = (j % bs);
581 p=(p == 0)?0:(bs-p); 543 p = (p == 0) ? 0 : (bs - p);
582 if (s->s2->escape) 544 if (s->s2->escape) {
583 { 545 s->s2->three_byte_header = 1;
584 s->s2->three_byte_header=1;
585 if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 546 if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
586 j=SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER; 547 j = SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
587 } 548 } else
588 else 549 s->s2->three_byte_header = (p == 0) ? 0 : 1;
589 s->s2->three_byte_header=(p == 0)?0:1;
590 }
591 } 550 }
551 }
592 552
593 /* Now 553 /* Now
594 * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 554 * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
@@ -601,142 +561,136 @@ static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
601 * p is the number of padding bytes 561 * p is the number of padding bytes
602 * (if it is a two-byte header, then p == 0) */ 562 * (if it is a two-byte header, then p == 0) */
603 563
604 s->s2->wlength=len; 564 s->s2->wlength = len;
605 s->s2->padding=p; 565 s->s2->padding = p;
606 s->s2->mac_data= &(s->s2->wbuf[3]); 566 s->s2->mac_data = &(s->s2->wbuf[3]);
607 s->s2->wact_data= &(s->s2->wbuf[3+mac_size]); 567 s->s2->wact_data = &(s->s2->wbuf[3 + mac_size]);
608 /* we copy the data into s->s2->wbuf */ 568 /* we copy the data into s->s2->wbuf */
609 memcpy(s->s2->wact_data,buf,len); 569 memcpy(s->s2->wact_data, buf, len);
610 if (p) 570 if (p)
611 memset(&(s->s2->wact_data[len]),0,p); /* arbitrary padding */ 571 memset(&(s->s2->wact_data[len]), 0, p); /* arbitrary padding */
612 572
613 if (!s->s2->clear_text) 573 if (!s->s2->clear_text) {
614 { 574 s->s2->wact_data_length = len + p;
615 s->s2->wact_data_length=len+p; 575 ssl2_mac(s, s->s2->mac_data, 1);
616 ssl2_mac(s,s->s2->mac_data,1); 576 s->s2->wlength += p + mac_size;
617 s->s2->wlength+=p+mac_size; 577 ssl2_enc(s, 1);
618 ssl2_enc(s,1); 578 }
619 }
620 579
621 /* package up the header */ 580 /* package up the header */
622 s->s2->wpend_len=s->s2->wlength; 581 s->s2->wpend_len = s->s2->wlength;
623 if (s->s2->three_byte_header) /* 3 byte header */ 582 if (s->s2->three_byte_header) /* 3 byte header */
624 { 583 {
625 pp=s->s2->mac_data; 584 pp = s->s2->mac_data;
626 pp-=3; 585 pp -= 3;
627 pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8); 586 pp[0] = (s->s2->wlength >> 8) & (THREE_BYTE_MASK >> 8);
628 if (s->s2->escape) pp[0]|=SEC_ESC_BIT; 587 if (s->s2->escape)
629 pp[1]=s->s2->wlength&0xff; 588 pp[0]|=SEC_ESC_BIT;
630 pp[2]=s->s2->padding; 589 pp[1] = s->s2->wlength&0xff;
631 s->s2->wpend_len+=3; 590 pp[2] = s->s2->padding;
632 } 591 s->s2->wpend_len += 3;
633 else 592 } else {
634 { 593 pp = s->s2->mac_data;
635 pp=s->s2->mac_data; 594 pp -= 2;
636 pp-=2; 595 pp[0] = ((s->s2->wlength >> 8) & (TWO_BYTE_MASK >> 8)) | TWO_BYTE_BIT;
637 pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT; 596 pp[1] = s->s2->wlength&0xff;
638 pp[1]=s->s2->wlength&0xff; 597 s->s2->wpend_len += 2;
639 s->s2->wpend_len+=2; 598 }
640 } 599 s->s2->write_ptr = pp;
641 s->s2->write_ptr=pp; 600
642
643 INC32(s->s2->write_sequence); /* expect next number */ 601 INC32(s->s2->write_sequence); /* expect next number */
644 602
645 /* lets try to actually write the data */ 603 /* lets try to actually write the data */
646 s->s2->wpend_tot=olen; 604 s->s2->wpend_tot = olen;
647 s->s2->wpend_buf=buf; 605 s->s2->wpend_buf = buf;
648 606
649 s->s2->wpend_ret=len; 607 s->s2->wpend_ret = len;
650 608
651 s->s2->wpend_off=0; 609 s->s2->wpend_off = 0;
652 return(write_pending(s,buf,olen)); 610 return (write_pending(s, buf, olen));
653 } 611}
654 612
655int ssl2_part_read(SSL *s, unsigned long f, int i) 613int
656 { 614ssl2_part_read(SSL *s, unsigned long f, int i)
615{
657 unsigned char *p; 616 unsigned char *p;
658 int j; 617 int j;
659 618
660 if (i < 0) 619 if (i < 0) {
661 {
662 /* ssl2_return_error(s); */ 620 /* ssl2_return_error(s); */
663 /* for non-blocking io, 621 /* for non-blocking io,
664 * this is not necessarily fatal */ 622 * this is not necessarily fatal */
665 return(i); 623 return (i);
666 } 624 } else {
667 else 625 s->init_num += i;
668 {
669 s->init_num+=i;
670 626
671 /* Check for error. While there are recoverable errors, 627 /* Check for error. While there are recoverable errors,
672 * this function is not called when those must be expected; 628 * this function is not called when those must be expected;
673 * any error detected here is fatal. */ 629 * any error detected here is fatal. */
674 if (s->init_num >= 3) 630 if (s->init_num >= 3) {
675 { 631 p = (unsigned char *)s->init_buf->data;
676 p=(unsigned char *)s->init_buf->data; 632 if (p[0] == SSL2_MT_ERROR) {
677 if (p[0] == SSL2_MT_ERROR) 633 j = (p[1]<<8)|p[2];
678 { 634 SSLerr((int)f, ssl_mt_error(j));
679 j=(p[1]<<8)|p[2];
680 SSLerr((int)f,ssl_mt_error(j));
681 s->init_num -= 3; 635 s->init_num -= 3;
682 if (s->init_num > 0) 636 if (s->init_num > 0)
683 memmove(p, p+3, s->init_num); 637 memmove(p, p + 3, s->init_num);
684 }
685 } 638 }
639 }
686 640
687 /* If it's not an error message, we have some error anyway -- 641 /* If it's not an error message, we have some error anyway --
688 * the message was shorter than expected. This too is treated 642 * the message was shorter than expected. This too is treated
689 * as fatal (at least if SSL_get_error is asked for its opinion). */ 643 * as fatal (at least if SSL_get_error is asked for its opinion). */
690 return(0); 644 return (0);
691 }
692 } 645 }
646}
693 647
694int ssl2_do_write(SSL *s) 648int
695 { 649ssl2_do_write(SSL *s)
650{
696 int ret; 651 int ret;
697 652
698 ret=ssl2_write(s,&s->init_buf->data[s->init_off],s->init_num); 653 ret = ssl2_write(s, &s->init_buf->data[s->init_off], s->init_num);
699 if (ret == s->init_num) 654 if (ret == s->init_num) {
700 {
701 if (s->msg_callback) 655 if (s->msg_callback)
702 s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg); 656 s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
703 return(1); 657 return (1);
704 }
705 if (ret < 0)
706 return(-1);
707 s->init_off+=ret;
708 s->init_num-=ret;
709 return(0);
710 } 658 }
711 659 if (ret < 0)
712static int ssl_mt_error(int n) 660 return (-1);
713 { 661 s->init_off += ret;
662 s->init_num -= ret;
663 return (0);
664}
665
666static int
667ssl_mt_error(int n)
668{
714 int ret; 669 int ret;
715 670
716 switch (n) 671 switch (n) {
717 {
718 case SSL2_PE_NO_CIPHER: 672 case SSL2_PE_NO_CIPHER:
719 ret=SSL_R_PEER_ERROR_NO_CIPHER; 673 ret = SSL_R_PEER_ERROR_NO_CIPHER;
720 break; 674 break;
721 case SSL2_PE_NO_CERTIFICATE: 675 case SSL2_PE_NO_CERTIFICATE:
722 ret=SSL_R_PEER_ERROR_NO_CERTIFICATE; 676 ret = SSL_R_PEER_ERROR_NO_CERTIFICATE;
723 break; 677 break;
724 case SSL2_PE_BAD_CERTIFICATE: 678 case SSL2_PE_BAD_CERTIFICATE:
725 ret=SSL_R_PEER_ERROR_CERTIFICATE; 679 ret = SSL_R_PEER_ERROR_CERTIFICATE;
726 break; 680 break;
727 case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE: 681 case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
728 ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE; 682 ret = SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
729 break; 683 break;
730 default: 684 default:
731 ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE; 685 ret = SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
732 break; 686 break;
733 }
734 return(ret);
735 } 687 }
688 return (ret);
689}
736#else /* !OPENSSL_NO_SSL2 */ 690#else /* !OPENSSL_NO_SSL2 */
737 691
738# if PEDANTIC 692# if PEDANTIC
739static void *dummy=&dummy; 693static void *dummy = &dummy;
740# endif 694# endif
741 695
742#endif 696#endif
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c
index cac405db7c..aa63fe85ba 100644
--- a/src/lib/libssl/src/ssl/s2_srvr.c
+++ b/src/lib/libssl/src/ssl/s2_srvr.c
@@ -120,174 +120,181 @@
120static const SSL_METHOD *ssl2_get_server_method(int ver); 120static const SSL_METHOD *ssl2_get_server_method(int ver);
121static int get_client_master_key(SSL *s); 121static int get_client_master_key(SSL *s);
122static int get_client_hello(SSL *s); 122static int get_client_hello(SSL *s);
123static int server_hello(SSL *s); 123static int server_hello(SSL *s);
124
124static int get_client_finished(SSL *s); 125static int get_client_finished(SSL *s);
125static int server_verify(SSL *s); 126static int server_verify(SSL *s);
126static int server_finish(SSL *s); 127static int server_finish(SSL *s);
127static int request_certificate(SSL *s); 128static int request_certificate(SSL *s);
128static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, 129static int
129 unsigned char *to,int padding); 130ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
131unsigned char *to, int padding);
130#define BREAK break 132#define BREAK break
131 133
132static const SSL_METHOD *ssl2_get_server_method(int ver) 134static const SSL_METHOD
133 { 135*ssl2_get_server_method(int ver)
136{
134 if (ver == SSL2_VERSION) 137 if (ver == SSL2_VERSION)
135 return(SSLv2_server_method()); 138 return (SSLv2_server_method());
136 else 139 else
137 return(NULL); 140 return (NULL);
138 } 141}
139 142
140IMPLEMENT_ssl2_meth_func(SSLv2_server_method, 143IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
141 ssl2_accept, 144 ssl2_accept, ssl_undefined_function, ssl2_get_server_method)
142 ssl_undefined_function, 145
143 ssl2_get_server_method) 146int
144 147ssl2_accept(SSL *s)
145int ssl2_accept(SSL *s) 148{
146 { 149 unsigned long l = (unsigned long)time(NULL);
147 unsigned long l=(unsigned long)time(NULL); 150 BUF_MEM *buf = NULL;
148 BUF_MEM *buf=NULL; 151 int ret = -1;
149 int ret= -1;
150 long num1; 152 long num1;
151 void (*cb)(const SSL *ssl,int type,int val)=NULL; 153 void (*cb)(const SSL *ssl, int type, int val) = NULL;
152 int new_state,state; 154 int new_state, state;
153 155
154 RAND_add(&l,sizeof(l),0); 156 RAND_add(&l, sizeof(l), 0);
155 ERR_clear_error(); 157 ERR_clear_error();
156 errno = 0; 158 errno = 0;
157 159
158 if (s->info_callback != NULL) 160 if (s->info_callback != NULL)
159 cb=s->info_callback; 161 cb = s->info_callback;
160 else if (s->ctx->info_callback != NULL) 162 else if (s->ctx->info_callback != NULL)
161 cb=s->ctx->info_callback; 163 cb = s->ctx->info_callback;
162 164
163 /* init things to blank */ 165 /* init things to blank */
164 s->in_handshake++; 166 s->in_handshake++;
165 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 167 if (!SSL_in_init(s) || SSL_in_before(s))
168 SSL_clear(s);
166 169
167 if (s->cert == NULL) 170 if (s->cert == NULL) {
168 { 171 SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
169 SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET); 172 return (-1);
170 return(-1); 173 }
171 }
172 174
173 errno = 0; 175 errno = 0;
174 for (;;) 176 for (;;) {
175 { 177 state = s->state;
176 state=s->state;
177 178
178 switch (s->state) 179 switch (s->state) {
179 {
180 case SSL_ST_BEFORE: 180 case SSL_ST_BEFORE:
181 case SSL_ST_ACCEPT: 181 case SSL_ST_ACCEPT:
182 case SSL_ST_BEFORE|SSL_ST_ACCEPT: 182 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
183 case SSL_ST_OK|SSL_ST_ACCEPT: 183 case SSL_ST_OK|SSL_ST_ACCEPT:
184 184
185 s->server=1; 185 s->server = 1;
186 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 186 if (cb != NULL)
187 cb(s, SSL_CB_HANDSHAKE_START, 1);
187 188
188 s->version=SSL2_VERSION; 189 s->version = SSL2_VERSION;
189 s->type=SSL_ST_ACCEPT; 190 s->type = SSL_ST_ACCEPT;
190 191
191 buf=s->init_buf; 192 buf = s->init_buf;
192 if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) 193 if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
193 { ret= -1; goto end; } 194 ret = -1;
194 if (!BUF_MEM_grow(buf,(int) 195 goto end;
195 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) 196 }
196 { ret= -1; goto end; } 197 if (!BUF_MEM_grow(buf,
197 s->init_buf=buf; 198 (int)SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
198 s->init_num=0; 199 ret = -1;
200 goto end;
201 }
202 s->init_buf = buf;
203 s->init_num = 0;
199 s->ctx->stats.sess_accept++; 204 s->ctx->stats.sess_accept++;
200 s->handshake_func=ssl2_accept; 205 s->handshake_func = ssl2_accept;
201 s->state=SSL2_ST_GET_CLIENT_HELLO_A; 206 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
202 BREAK; 207 BREAK;
203 208
204 case SSL2_ST_GET_CLIENT_HELLO_A: 209 case SSL2_ST_GET_CLIENT_HELLO_A:
205 case SSL2_ST_GET_CLIENT_HELLO_B: 210 case SSL2_ST_GET_CLIENT_HELLO_B:
206 case SSL2_ST_GET_CLIENT_HELLO_C: 211 case SSL2_ST_GET_CLIENT_HELLO_C:
207 s->shutdown=0; 212 s->shutdown = 0;
208 ret=get_client_hello(s); 213 ret = get_client_hello(s);
209 if (ret <= 0) goto end; 214 if (ret <= 0)
210 s->init_num=0; 215 goto end;
211 s->state=SSL2_ST_SEND_SERVER_HELLO_A; 216 s->init_num = 0;
217 s->state = SSL2_ST_SEND_SERVER_HELLO_A;
212 BREAK; 218 BREAK;
213 219
214 case SSL2_ST_SEND_SERVER_HELLO_A: 220 case SSL2_ST_SEND_SERVER_HELLO_A:
215 case SSL2_ST_SEND_SERVER_HELLO_B: 221 case SSL2_ST_SEND_SERVER_HELLO_B:
216 ret=server_hello(s); 222 ret = server_hello(s);
217 if (ret <= 0) goto end; 223 if (ret <= 0)
218 s->init_num=0; 224 goto end;
219 if (!s->hit) 225 s->init_num = 0;
220 { 226 if (!s->hit) {
221 s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A; 227 s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_A;
222 BREAK; 228 BREAK;
223 } 229 } else {
224 else 230 s->state = SSL2_ST_SERVER_START_ENCRYPTION;
225 {
226 s->state=SSL2_ST_SERVER_START_ENCRYPTION;
227 BREAK; 231 BREAK;
228 } 232 }
229 case SSL2_ST_GET_CLIENT_MASTER_KEY_A: 233 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
230 case SSL2_ST_GET_CLIENT_MASTER_KEY_B: 234 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
231 ret=get_client_master_key(s); 235 ret = get_client_master_key(s);
232 if (ret <= 0) goto end; 236 if (ret <= 0)
233 s->init_num=0; 237 goto end;
234 s->state=SSL2_ST_SERVER_START_ENCRYPTION; 238 s->init_num = 0;
239 s->state = SSL2_ST_SERVER_START_ENCRYPTION;
235 BREAK; 240 BREAK;
236 241
237 case SSL2_ST_SERVER_START_ENCRYPTION: 242 case SSL2_ST_SERVER_START_ENCRYPTION:
238 /* Ok we how have sent all the stuff needed to 243 /* Ok we how have sent all the stuff needed to
239 * start encrypting, the next packet back will 244 * start encrypting, the next packet back will
240 * be encrypted. */ 245 * be encrypted. */
241 if (!ssl2_enc_init(s,0)) 246 if (!ssl2_enc_init(s, 0)) {
242 { ret= -1; goto end; } 247 ret = -1;
243 s->s2->clear_text=0; 248 goto end;
244 s->state=SSL2_ST_SEND_SERVER_VERIFY_A; 249 }
250 s->s2->clear_text = 0;
251 s->state = SSL2_ST_SEND_SERVER_VERIFY_A;
245 BREAK; 252 BREAK;
246 253
247 case SSL2_ST_SEND_SERVER_VERIFY_A: 254 case SSL2_ST_SEND_SERVER_VERIFY_A:
248 case SSL2_ST_SEND_SERVER_VERIFY_B: 255 case SSL2_ST_SEND_SERVER_VERIFY_B:
249 ret=server_verify(s); 256 ret = server_verify(s);
250 if (ret <= 0) goto end; 257 if (ret <= 0)
251 s->init_num=0; 258 goto end;
252 if (s->hit) 259 s->init_num = 0;
253 { 260 if (s->hit) {
254 /* If we are in here, we have been 261 /* If we are in here, we have been
255 * buffering the output, so we need to 262 * buffering the output, so we need to
256 * flush it and remove buffering from 263 * flush it and remove buffering from
257 * future traffic */ 264 * future traffic */
258 s->state=SSL2_ST_SEND_SERVER_VERIFY_C; 265 s->state = SSL2_ST_SEND_SERVER_VERIFY_C;
259 BREAK; 266 BREAK;
260 } 267 } else {
261 else 268 s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
262 {
263 s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
264 break; 269 break;
265 } 270 }
266 271
267 case SSL2_ST_SEND_SERVER_VERIFY_C: 272 case SSL2_ST_SEND_SERVER_VERIFY_C:
268 /* get the number of bytes to write */ 273 /* get the number of bytes to write */
269 num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); 274 num1 = BIO_ctrl(s->wbio, BIO_CTRL_INFO, 0, NULL);
270 if (num1 > 0) 275 if (num1 > 0) {
271 { 276 s->rwstate = SSL_WRITING;
272 s->rwstate=SSL_WRITING; 277 num1 = BIO_flush(s->wbio);
273 num1=BIO_flush(s->wbio); 278 if (num1 <= 0) {
274 if (num1 <= 0) { ret= -1; goto end; } 279 ret = -1;
275 s->rwstate=SSL_NOTHING; 280 goto end;
276 } 281 }
282 s->rwstate = SSL_NOTHING;
283 }
277 284
278 /* flushed and now remove buffering */ 285 /* flushed and now remove buffering */
279 s->wbio=BIO_pop(s->wbio); 286 s->wbio = BIO_pop(s->wbio);
280 287
281 s->state=SSL2_ST_GET_CLIENT_FINISHED_A; 288 s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
282 BREAK; 289 BREAK;
283 290
284 case SSL2_ST_GET_CLIENT_FINISHED_A: 291 case SSL2_ST_GET_CLIENT_FINISHED_A:
285 case SSL2_ST_GET_CLIENT_FINISHED_B: 292 case SSL2_ST_GET_CLIENT_FINISHED_B:
286 ret=get_client_finished(s); 293 ret = get_client_finished(s);
287 if (ret <= 0) 294 if (ret <= 0)
288 goto end; 295 goto end;
289 s->init_num=0; 296 s->init_num = 0;
290 s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A; 297 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
291 BREAK; 298 BREAK;
292 299
293 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: 300 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
@@ -298,229 +305,216 @@ int ssl2_accept(SSL *s)
298 * don't want to, or we already have one, and 305 * don't want to, or we already have one, and
299 * we only want to do it once. */ 306 * we only want to do it once. */
300 if (!(s->verify_mode & SSL_VERIFY_PEER) || 307 if (!(s->verify_mode & SSL_VERIFY_PEER) ||
301 ((s->session->peer != NULL) && 308 ((s->session->peer != NULL) &&
302 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) 309 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) {
303 { 310 s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
304 s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
305 break; 311 break;
306 } 312 } else {
307 else 313 ret = request_certificate(s);
308 { 314 if (ret <= 0)
309 ret=request_certificate(s); 315 goto end;
310 if (ret <= 0) goto end; 316 s->init_num = 0;
311 s->init_num=0; 317 s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
312 s->state=SSL2_ST_SEND_SERVER_FINISHED_A; 318 }
313 }
314 BREAK; 319 BREAK;
315 320
316 case SSL2_ST_SEND_SERVER_FINISHED_A: 321 case SSL2_ST_SEND_SERVER_FINISHED_A:
317 case SSL2_ST_SEND_SERVER_FINISHED_B: 322 case SSL2_ST_SEND_SERVER_FINISHED_B:
318 ret=server_finish(s); 323 ret = server_finish(s);
319 if (ret <= 0) goto end; 324 if (ret <= 0)
320 s->init_num=0; 325 goto end;
321 s->state=SSL_ST_OK; 326 s->init_num = 0;
327 s->state = SSL_ST_OK;
322 break; 328 break;
323 329
324 case SSL_ST_OK: 330 case SSL_ST_OK:
325 BUF_MEM_free(s->init_buf); 331 BUF_MEM_free(s->init_buf);
326 ssl_free_wbio_buffer(s); 332 ssl_free_wbio_buffer(s);
327 s->init_buf=NULL; 333 s->init_buf = NULL;
328 s->init_num=0; 334 s->init_num = 0;
329 /* ERR_clear_error();*/ 335 /* ERR_clear_error();*/
330 336
331 ssl_update_cache(s,SSL_SESS_CACHE_SERVER); 337 ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
332 338
333 s->ctx->stats.sess_accept_good++; 339 s->ctx->stats.sess_accept_good++;
334 /* s->server=1; */ 340 /* s->server=1; */
335 ret=1; 341 ret = 1;
336 342
337 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); 343 if (cb != NULL)
344 cb(s, SSL_CB_HANDSHAKE_DONE, 1);
338 345
339 goto end; 346 goto end;
340 /* BREAK; */ 347 /* BREAK; */
341 348
342 default: 349 default:
343 SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE); 350 SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_UNKNOWN_STATE);
344 ret= -1; 351 ret = -1;
345 goto end; 352 goto end;
346 /* BREAK; */ 353 /* BREAK; */
347 }
348
349 if ((cb != NULL) && (s->state != state))
350 {
351 new_state=s->state;
352 s->state=state;
353 cb(s,SSL_CB_ACCEPT_LOOP,1);
354 s->state=new_state;
355 }
356 } 354 }
355
356 if ((cb != NULL) && (s->state != state)) {
357 new_state = s->state;
358 s->state = state;
359 cb(s, SSL_CB_ACCEPT_LOOP, 1);
360 s->state = new_state;
361 }
362 }
357end: 363end:
358 s->in_handshake--; 364 s->in_handshake--;
359 if (cb != NULL) 365 if (cb != NULL)
360 cb(s,SSL_CB_ACCEPT_EXIT,ret); 366 cb(s, SSL_CB_ACCEPT_EXIT, ret);
361 return(ret); 367 return (ret);
362 } 368}
363 369
364static int get_client_master_key(SSL *s) 370static int
365 { 371get_client_master_key(SSL *s)
366 int is_export,i,n,keya,ek; 372{
373 int is_export, i, n, keya, ek;
367 unsigned long len; 374 unsigned long len;
368 unsigned char *p; 375 unsigned char *p;
369 const SSL_CIPHER *cp; 376 const SSL_CIPHER *cp;
370 const EVP_CIPHER *c; 377 const EVP_CIPHER *c;
371 const EVP_MD *md; 378 const EVP_MD *md;
372 379
373 p=(unsigned char *)s->init_buf->data; 380 p = (unsigned char *)s->init_buf->data;
374 if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) 381 if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
375 { 382 i = ssl2_read(s,(char *)&(p[s->init_num]), 10 - s->init_num);
376 i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num);
377 383
378 if (i < (10-s->init_num)) 384 if (i < (10 - s->init_num))
379 return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); 385 return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
380 s->init_num = 10; 386 s->init_num = 10;
381 387
382 if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) 388 if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) {
383 { 389 if (p[-1] != SSL2_MT_ERROR) {
384 if (p[-1] != SSL2_MT_ERROR) 390 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
385 { 391 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_READ_WRONG_PACKET_TYPE);
386 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 392 } else
387 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE);
388 }
389 else
390 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR); 393 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
391 return(-1); 394 return (-1);
392 } 395 }
393 396
394 cp=ssl2_get_cipher_by_char(p); 397 cp = ssl2_get_cipher_by_char(p);
395 if (cp == NULL) 398 if (cp == NULL) {
396 { 399 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
397 ssl2_return_error(s,SSL2_PE_NO_CIPHER);
398 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); 400 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
399 return(-1); 401 return (-1);
400 } 402 }
401 s->session->cipher= cp; 403 s->session->cipher = cp;
402 404
403 p+=3; 405 p += 3;
404 n2s(p,i); s->s2->tmp.clear=i; 406 n2s(p, i);
405 n2s(p,i); s->s2->tmp.enc=i; 407 s->s2->tmp.clear = i;
406 n2s(p,i); 408 n2s(p, i);
407 if(i > SSL_MAX_KEY_ARG_LENGTH) 409 s->s2->tmp.enc = i;
408 { 410 n2s(p, i);
409 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 411 if (i > SSL_MAX_KEY_ARG_LENGTH) {
412 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
410 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG); 413 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
411 return -1; 414 return -1;
412 }
413 s->session->key_arg_length=i;
414 s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
415 } 415 }
416 s->session->key_arg_length = i;
417 s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_B;
418 }
416 419
417 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ 420 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
418 p=(unsigned char *)s->init_buf->data; 421 p = (unsigned char *)s->init_buf->data;
419 if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 422 if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
420 { 423 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
421 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
422 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 424 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
423 return -1; 425 return -1;
424 } 426 }
425 keya=s->session->key_arg_length; 427 keya = s->session->key_arg_length;
426 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya; 428 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
427 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 429 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
428 { 430 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
429 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 431 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_MESSAGE_TOO_LONG);
430 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_MESSAGE_TOO_LONG);
431 return -1; 432 return -1;
432 } 433 }
433 n = (int)len - s->init_num; 434 n = (int)len - s->init_num;
434 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 435 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
435 if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); 436 if (i != n)
437 return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
436 if (s->msg_callback) 438 if (s->msg_callback)
437 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */ 439 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */
438 p += 10; 440 p += 10;
439 441
440 memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]), 442 memcpy(s->session->key_arg, &(p[s->s2->tmp.clear + s->s2->tmp.enc]),
441 (unsigned int)keya); 443 (unsigned int)keya);
442 444
443 if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) 445 if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) {
444 { 446 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
445 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 447 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY);
446 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); 448 return (-1);
447 return(-1); 449 }
448 } 450 i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
449 i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, 451 &(p[s->s2->tmp.clear]), &(p[s->s2->tmp.clear]),
450 &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), 452 (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : RSA_PKCS1_PADDING);
451 (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
452 453
453 is_export=SSL_C_IS_EXPORT(s->session->cipher); 454 is_export = SSL_C_IS_EXPORT(s->session->cipher);
454
455 if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))
456 {
457 ssl2_return_error(s,SSL2_PE_NO_CIPHER);
458 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
459 return(0);
460 }
461 455
462 if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) 456 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
463 { 457 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
464 is_export=1; 458 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
465 ek=8; 459 return (0);
466 } 460 }
467 else 461
468 ek=5; 462 if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
463 is_export = 1;
464 ek = 8;
465 } else
466 ek = 5;
469 467
470 /* bad decrypt */ 468 /* bad decrypt */
471#if 1 469#if 1
472 /* If a bad decrypt, continue with protocol but with a 470 /* If a bad decrypt, continue with protocol but with a
473 * random master secret (Bleichenbacher attack) */ 471 * random master secret (Bleichenbacher attack) */
474 if ((i < 0) || 472 if ((i < 0) || ((!is_export && (i != EVP_CIPHER_key_length(c))) ||
475 ((!is_export && (i != EVP_CIPHER_key_length(c))) 473 (is_export && ((i != ek) || (s->s2->tmp.clear + (unsigned int)i !=
476 || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i != 474 (unsigned int)EVP_CIPHER_key_length(c)))))) {
477 (unsigned int)EVP_CIPHER_key_length(c))))))
478 {
479 ERR_clear_error(); 475 ERR_clear_error();
480 if (is_export) 476 if (is_export)
481 i=ek; 477 i = ek;
482 else 478 else
483 i=EVP_CIPHER_key_length(c); 479 i = EVP_CIPHER_key_length(c);
484 if (RAND_pseudo_bytes(p,i) <= 0) 480 if (RAND_pseudo_bytes(p, i) <= 0)
485 return 0; 481 return 0;
486 } 482 }
487#else 483#else
488 if (i < 0) 484 if (i < 0) {
489 { 485 error = 1;
490 error=1; 486 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_BAD_RSA_DECRYPT);
491 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT); 487 }
492 }
493 /* incorrect number of key bytes for non export cipher */ 488 /* incorrect number of key bytes for non export cipher */
494 else if ((!is_export && (i != EVP_CIPHER_key_length(c))) 489 else if ((!is_export && (i != EVP_CIPHER_key_length(c))) ||
495 || (is_export && ((i != ek) || (s->s2->tmp.clear+i != 490 (is_export && ((i != ek) || (s->s2->tmp.clear + i !=
496 EVP_CIPHER_key_length(c))))) 491 EVP_CIPHER_key_length(c))))) {
497 { 492 error = 1;
498 error=1; 493 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_WRONG_NUMBER_OF_KEY_BITS);
499 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS); 494 }
500 } 495 if (error) {
501 if (error) 496 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
502 { 497 return (-1);
503 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 498 }
504 return(-1);
505 }
506#endif 499#endif
507 500
508 if (is_export) i+=s->s2->tmp.clear; 501 if (is_export)
502 i += s->s2->tmp.clear;
509 503
510 if (i > SSL_MAX_MASTER_KEY_LENGTH) 504 if (i > SSL_MAX_MASTER_KEY_LENGTH) {
511 { 505 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
512 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
513 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); 506 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
514 return -1; 507 return -1;
515 }
516 s->session->master_key_length=i;
517 memcpy(s->session->master_key,p,(unsigned int)i);
518 return(1);
519 } 508 }
520 509 s->session->master_key_length = i;
521static int get_client_hello(SSL *s) 510 memcpy(s->session->master_key, p,(unsigned int)i);
522 { 511 return (1);
523 int i,n; 512}
513
514static int
515get_client_hello(SSL *s)
516{
517 int i, n;
524 unsigned long len; 518 unsigned long len;
525 unsigned char *p; 519 unsigned char *p;
526 STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */ 520 STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
@@ -530,58 +524,56 @@ static int get_client_hello(SSL *s)
530 524
531 /* This is a bit of a hack to check for the correct packet 525 /* This is a bit of a hack to check for the correct packet
532 * type the first time round. */ 526 * type the first time round. */
533 if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) 527 if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) {
534 { 528 s->first_packet = 1;
535 s->first_packet=1; 529 s->state = SSL2_ST_GET_CLIENT_HELLO_B;
536 s->state=SSL2_ST_GET_CLIENT_HELLO_B; 530 }
537 }
538 531
539 p=(unsigned char *)s->init_buf->data; 532 p = (unsigned char *)s->init_buf->data;
540 if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) 533 if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) {
541 { 534 i = ssl2_read(s,(char *)&(p[s->init_num]), 9 - s->init_num);
542 i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num); 535 if (i < (9 - s->init_num))
543 if (i < (9-s->init_num)) 536 return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
544 return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
545 s->init_num = 9; 537 s->init_num = 9;
546 538
547 if (*(p++) != SSL2_MT_CLIENT_HELLO) 539 if (*(p++) != SSL2_MT_CLIENT_HELLO) {
548 { 540 if (p[-1] != SSL2_MT_ERROR) {
549 if (p[-1] != SSL2_MT_ERROR) 541 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
550 { 542 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
551 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 543 } else
552 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE); 544 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_PEER_ERROR);
553 } 545 return (-1);
554 else 546 }
555 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); 547 n2s(p, i);
556 return(-1); 548 if (i < s->version)
557 } 549 s->version = i;
558 n2s(p,i); 550 n2s(p, i);
559 if (i < s->version) s->version=i; 551 s->s2->tmp.cipher_spec_length = i;
560 n2s(p,i); s->s2->tmp.cipher_spec_length=i; 552 n2s(p, i);
561 n2s(p,i); s->s2->tmp.session_id_length=i; 553 s->s2->tmp.session_id_length = i;
562 n2s(p,i); s->s2->challenge_length=i; 554 n2s(p, i);
563 if ( (i < SSL2_MIN_CHALLENGE_LENGTH) || 555 s->s2->challenge_length = i;
564 (i > SSL2_MAX_CHALLENGE_LENGTH)) 556 if ((i < SSL2_MIN_CHALLENGE_LENGTH) ||
565 { 557 (i > SSL2_MAX_CHALLENGE_LENGTH)) {
566 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 558 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
567 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH); 559 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_INVALID_CHALLENGE_LENGTH);
568 return(-1); 560 return (-1);
569 }
570 s->state=SSL2_ST_GET_CLIENT_HELLO_C;
571 } 561 }
562 s->state = SSL2_ST_GET_CLIENT_HELLO_C;
563 }
572 564
573 /* SSL2_ST_GET_CLIENT_HELLO_C */ 565 /* SSL2_ST_GET_CLIENT_HELLO_C */
574 p=(unsigned char *)s->init_buf->data; 566 p = (unsigned char *)s->init_buf->data;
575 len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length; 567 len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length;
576 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 568 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
577 { 569 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
578 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 570 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_MESSAGE_TOO_LONG);
579 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_MESSAGE_TOO_LONG);
580 return -1; 571 return -1;
581 } 572 }
582 n = (int)len - s->init_num; 573 n = (int)len - s->init_num;
583 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 574 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
584 if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i)); 575 if (i != n)
576 return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
585 if (s->msg_callback) 577 if (s->msg_callback)
586 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */ 578 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */
587 p += 9; 579 p += 9;
@@ -589,138 +581,120 @@ static int get_client_hello(SSL *s)
589 /* get session-id before cipher stuff so we can get out session 581 /* get session-id before cipher stuff so we can get out session
590 * structure if it is cached */ 582 * structure if it is cached */
591 /* session-id */ 583 /* session-id */
592 if ((s->s2->tmp.session_id_length != 0) && 584 if ((s->s2->tmp.session_id_length != 0) &&
593 (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) 585 (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) {
594 { 586 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
595 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 587 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_BAD_SSL_SESSION_ID_LENGTH);
596 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH); 588 return (-1);
597 return(-1); 589 }
598 }
599 590
600 if (s->s2->tmp.session_id_length == 0) 591 if (s->s2->tmp.session_id_length == 0) {
601 { 592 if (!ssl_get_new_session(s, 1)) {
602 if (!ssl_get_new_session(s,1)) 593 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
603 { 594 return (-1);
604 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
605 return(-1);
606 }
607 } 595 }
608 else 596 } else {
609 { 597 i = ssl_get_prev_session(s, &(p[s->s2->tmp.cipher_spec_length]),
610 i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]), 598 s->s2->tmp.session_id_length, NULL);
611 s->s2->tmp.session_id_length, NULL);
612 if (i == 1) 599 if (i == 1)
613 { /* previous session */ 600 { /* previous session */
614 s->hit=1; 601 s->hit = 1;
602 } else if (i == -1) {
603 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
604 return (-1);
605 } else {
606 if (s->cert == NULL) {
607 ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
608 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CERTIFICATE_SET);
609 return (-1);
615 } 610 }
616 else if (i == -1)
617 {
618 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
619 return(-1);
620 }
621 else
622 {
623 if (s->cert == NULL)
624 {
625 ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
626 SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET);
627 return(-1);
628 }
629 611
630 if (!ssl_get_new_session(s,1)) 612 if (!ssl_get_new_session(s, 1)) {
631 { 613 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
632 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 614 return (-1);
633 return(-1);
634 }
635 } 615 }
636 } 616 }
617 }
637 618
638 if (!s->hit) 619 if (!s->hit) {
639 { 620 cs = ssl_bytes_to_cipher_list(s, p,
640 cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length, 621 s->s2->tmp.cipher_spec_length, &s->session->ciphers);
641 &s->session->ciphers); 622 if (cs == NULL)
642 if (cs == NULL) goto mem_err; 623 goto mem_err;
643 624
644 cl=SSL_get_ciphers(s); 625 cl = SSL_get_ciphers(s);
645 626
646 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) 627 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
647 { 628 prio = sk_SSL_CIPHER_dup(cl);
648 prio=sk_SSL_CIPHER_dup(cl); 629 if (prio == NULL)
649 if (prio == NULL) goto mem_err; 630 goto mem_err;
650 allow = cs; 631 allow = cs;
651 } 632 } else {
652 else 633 prio = cs;
653 { 634 allow = cl;
654 prio = cs; 635 }
655 allow = cl; 636 for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
656 } 637 if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) {
657 for (z=0; z<sk_SSL_CIPHER_num(prio); z++) 638 (void)sk_SSL_CIPHER_delete(prio, z);
658 {
659 if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0)
660 {
661 (void)sk_SSL_CIPHER_delete(prio,z);
662 z--; 639 z--;
663 }
664 } 640 }
665 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) 641 }
666 { 642 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
667 sk_SSL_CIPHER_free(s->session->ciphers); 643 sk_SSL_CIPHER_free(s->session->ciphers);
668 s->session->ciphers = prio; 644 s->session->ciphers = prio;
669 } 645 }
670 /* s->session->ciphers should now have a list of 646 /* s->session->ciphers should now have a list of
671 * ciphers that are on both the client and server. 647 * ciphers that are on both the client and server.
672 * This list is ordered by the order the client sent 648 * This list is ordered by the order the client sent
673 * the ciphers or in the order of the server's preference 649 * the ciphers or in the order of the server's preference
674 * if SSL_OP_CIPHER_SERVER_PREFERENCE was set. 650 * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
675 */ 651 */
676 } 652 }
677 p+=s->s2->tmp.cipher_spec_length; 653 p += s->s2->tmp.cipher_spec_length;
678 /* done cipher selection */ 654 /* done cipher selection */
679 655
680 /* session id extracted already */ 656 /* session id extracted already */
681 p+=s->s2->tmp.session_id_length; 657 p += s->s2->tmp.session_id_length;
682 658
683 /* challenge */ 659 /* challenge */
684 if (s->s2->challenge_length > sizeof s->s2->challenge) 660 if (s->s2->challenge_length > sizeof s->s2->challenge) {
685 { 661 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
686 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
687 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); 662 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
688 return -1; 663 return -1;
689 }
690 memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
691 return(1);
692mem_err:
693 SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
694 return(0);
695 } 664 }
696 665 memcpy(s->s2->challenge, p, (unsigned int)s->s2->challenge_length);
697static int server_hello(SSL *s) 666 return (1);
698 { 667mem_err:
699 unsigned char *p,*d; 668 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_MALLOC_FAILURE);
700 int n,hit; 669 return (0);
701 670}
702 p=(unsigned char *)s->init_buf->data; 671
703 if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) 672static int
704 { 673server_hello(SSL *s)
705 d=p+11; 674{
706 *(p++)=SSL2_MT_SERVER_HELLO; /* type */ 675 unsigned char *p, *d;
707 hit=s->hit; 676 int n, hit;
708 *(p++)=(unsigned char)hit; 677
678 p = (unsigned char *)s->init_buf->data;
679 if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) {
680 d = p + 11;
681 *(p++) = SSL2_MT_SERVER_HELLO;
682 /* type */
683 hit = s->hit;
684 *(p++) = (unsigned char)hit;
709#if 1 685#if 1
710 if (!hit) 686 if (!hit) {
711 {
712 if (s->session->sess_cert != NULL) 687 if (s->session->sess_cert != NULL)
713 /* This can't really happen because get_client_hello 688 /* This can't really happen because get_client_hello
714 * has called ssl_get_new_session, which does not set 689 * has called ssl_get_new_session, which does not set
715 * sess_cert. */ 690 * sess_cert. */
716 ssl_sess_cert_free(s->session->sess_cert); 691 ssl_sess_cert_free(s->session->sess_cert);
717 s->session->sess_cert = ssl_sess_cert_new(); 692 s->session->sess_cert = ssl_sess_cert_new();
718 if (s->session->sess_cert == NULL) 693 if (s->session->sess_cert == NULL) {
719 {
720 SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE); 694 SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
721 return(-1); 695 return (-1);
722 }
723 } 696 }
697 }
724 /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL, 698 /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
725 * depending on whether it survived in the internal cache 699 * depending on whether it survived in the internal cache
726 * or was retrieved from an external cache. 700 * or was retrieved from an external cache.
@@ -730,419 +704,391 @@ static int server_hello(SSL *s)
730 704
731#else /* That's what used to be done when cert_st and sess_cert_st were 705#else /* That's what used to be done when cert_st and sess_cert_st were
732 * the same. */ 706 * the same. */
733 if (!hit) 707 if (!hit) { /* else add cert to session */
734 { /* else add cert to session */ 708 CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
735 CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);
736 if (s->session->sess_cert != NULL) 709 if (s->session->sess_cert != NULL)
737 ssl_cert_free(s->session->sess_cert); 710 ssl_cert_free(s->session->sess_cert);
738 s->session->sess_cert=s->cert; 711 s->session->sess_cert = s->cert;
739 } 712
740 else /* We have a session id-cache hit, if the 713 } else /* We have a session id - cache hit, if the
741 * session-id has no certificate listed against 714 * session - id has no certificate listed against
742 * the 'cert' structure, grab the 'old' one 715 * the 'cert' structure, grab the 'old' one
743 * listed against the SSL connection */ 716 * listed against the SSL connection */
744 { 717 {
745 if (s->session->sess_cert == NULL) 718 if (s->session->sess_cert == NULL) {
746 { 719 CRYPTO_add(&s->cert->references, 1,
747 CRYPTO_add(&s->cert->references,1, 720 CRYPTO_LOCK_SSL_CERT);
748 CRYPTO_LOCK_SSL_CERT); 721 s->session->sess_cert = s->cert;
749 s->session->sess_cert=s->cert;
750 }
751 } 722 }
723 }
752#endif 724#endif
753 725
754 if (s->cert == NULL) 726 if (s->cert == NULL) {
755 { 727 ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
756 ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE); 728 SSLerr(SSL_F_SERVER_HELLO, SSL_R_NO_CERTIFICATE_SPECIFIED);
757 SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED); 729 return (-1);
758 return(-1); 730 }
759 }
760 731
761 if (hit) 732 if (hit) {
762 { 733 *(p++) = 0;
763 *(p++)=0; /* no certificate type */ 734 /* no certificate type */
764 s2n(s->version,p); /* version */ 735 s2n(s->version,p); /* version */
765 s2n(0,p); /* cert len */ 736 s2n(0, p);
766 s2n(0,p); /* ciphers len */ 737 /* cert len */
767 } 738 s2n(0, p);
768 else 739 /* ciphers len */
769 { 740 } else {
770 /* EAY EAY */ 741 /* EAY EAY */
771 /* put certificate type */ 742 /* put certificate type */
772 *(p++)=SSL2_CT_X509_CERTIFICATE; 743 *(p++) = SSL2_CT_X509_CERTIFICATE;
773 s2n(s->version,p); /* version */ 744 s2n(s->version,p); /* version */
774 n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); 745 n = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
775 s2n(n,p); /* certificate length */ 746 s2n(n, p);
776 i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d); 747 /* certificate length */
777 n=0; 748 i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &d);
778 749 n = 0;
750
779 /* lets send out the ciphers we like in the 751 /* lets send out the ciphers we like in the
780 * prefered order */ 752 * prefered order */
781 n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0); 753 n = ssl_cipher_list_to_bytes(s, s->session->ciphers, d, 0);
782 d+=n; 754 d += n;
783 s2n(n,p); /* add cipher length */ 755 s2n(n, p);
784 } 756 /* add cipher length */
757 }
785 758
786 /* make and send conn_id */ 759 /* make and send conn_id */
787 s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */ 760 s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */
788 s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH; 761 s->s2->conn_id_length = SSL2_CONNECTION_ID_LENGTH;
789 if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0) 762 if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0)
790 return -1; 763 return -1;
791 memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH); 764 memcpy(d, s->s2->conn_id, SSL2_CONNECTION_ID_LENGTH);
792 d+=SSL2_CONNECTION_ID_LENGTH; 765 d += SSL2_CONNECTION_ID_LENGTH;
793 766
794 s->state=SSL2_ST_SEND_SERVER_HELLO_B; 767 s->state = SSL2_ST_SEND_SERVER_HELLO_B;
795 s->init_num=d-(unsigned char *)s->init_buf->data; 768 s->init_num = d - (unsigned char *)s->init_buf->data;
796 s->init_off=0; 769 s->init_off = 0;
797 } 770 }
798 /* SSL2_ST_SEND_SERVER_HELLO_B */ 771 /* SSL2_ST_SEND_SERVER_HELLO_B */
799 /* If we are using TCP/IP, the performance is bad if we do 2 772 /* If we are using TCP/IP, the performance is bad if we do 2
800 * writes without a read between them. This occurs when 773 * writes without a read between them. This occurs when
801 * Session-id reuse is used, so I will put in a buffering module 774 * Session-id reuse is used, so I will put in a buffering module
802 */ 775 */
803 if (s->hit) 776 if (s->hit) {
804 { 777 if (!ssl_init_wbio_buffer(s, 1))
805 if (!ssl_init_wbio_buffer(s,1)) return(-1); 778 return (-1);
806 }
807
808 return(ssl2_do_write(s));
809 } 779 }
810 780
811static int get_client_finished(SSL *s) 781 return (ssl2_do_write(s));
812 { 782}
783
784static int
785get_client_finished(SSL *s)
786{
813 unsigned char *p; 787 unsigned char *p;
814 int i, n; 788 int i, n;
815 unsigned long len; 789 unsigned long len;
816 790
817 p=(unsigned char *)s->init_buf->data; 791 p = (unsigned char *)s->init_buf->data;
818 if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) 792 if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) {
819 { 793 i = ssl2_read(s,(char *)&(p[s->init_num]), 1 - s->init_num);
820 i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); 794 if (i < 1 - s->init_num)
821 if (i < 1-s->init_num) 795 return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
822 return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
823 s->init_num += i; 796 s->init_num += i;
824 797
825 if (*p != SSL2_MT_CLIENT_FINISHED) 798 if (*p != SSL2_MT_CLIENT_FINISHED) {
826 { 799 if (*p != SSL2_MT_ERROR) {
827 if (*p != SSL2_MT_ERROR) 800 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
828 { 801 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_READ_WRONG_PACKET_TYPE);
829 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 802 } else {
830 SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE); 803 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_PEER_ERROR);
831 }
832 else
833 {
834 SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
835 /* try to read the error message */ 804 /* try to read the error message */
836 i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); 805 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
837 return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); 806 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
838 }
839 return(-1);
840 } 807 }
841 s->state=SSL2_ST_GET_CLIENT_FINISHED_B; 808 return (-1);
842 } 809 }
810 s->state = SSL2_ST_GET_CLIENT_FINISHED_B;
811 }
843 812
844 /* SSL2_ST_GET_CLIENT_FINISHED_B */ 813 /* SSL2_ST_GET_CLIENT_FINISHED_B */
845 if (s->s2->conn_id_length > sizeof s->s2->conn_id) 814 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
846 { 815 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
847 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
848 SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); 816 SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
849 return -1; 817 return -1;
850 } 818 }
851 len = 1 + (unsigned long)s->s2->conn_id_length; 819 len = 1 + (unsigned long)s->s2->conn_id_length;
852 n = (int)len - s->init_num; 820 n = (int)len - s->init_num;
853 i = ssl2_read(s,(char *)&(p[s->init_num]),n); 821 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
854 if (i < n) 822 if (i < n) {
855 { 823 return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
856 return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i)); 824 }
857 }
858 if (s->msg_callback) 825 if (s->msg_callback)
859 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */ 826 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */
860 p += 1; 827 p += 1;
861 if (memcmp(p,s->s2->conn_id,s->s2->conn_id_length) != 0) 828 if (memcmp(p, s->s2->conn_id, s->s2->conn_id_length) != 0) {
862 { 829 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
863 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); 830 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_CONNECTION_ID_IS_DIFFERENT);
864 SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT); 831 return (-1);
865 return(-1);
866 }
867 return(1);
868 } 832 }
833 return (1);
834}
869 835
870static int server_verify(SSL *s) 836static int
871 { 837server_verify(SSL *s)
838{
872 unsigned char *p; 839 unsigned char *p;
873 840
874 if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) 841 if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
875 { 842 p = (unsigned char *)s->init_buf->data;
876 p=(unsigned char *)s->init_buf->data; 843 *(p++) = SSL2_MT_SERVER_VERIFY;
877 *(p++)=SSL2_MT_SERVER_VERIFY; 844 if (s->s2->challenge_length > sizeof s->s2->challenge) {
878 if (s->s2->challenge_length > sizeof s->s2->challenge)
879 {
880 SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR); 845 SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
881 return -1; 846 return -1;
882 } 847 }
883 memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); 848 memcpy(p, s->s2->challenge,(unsigned int)s->s2->challenge_length);
884 /* p+=s->s2->challenge_length; */ 849 /* p+=s->s2->challenge_length; */
885 850
886 s->state=SSL2_ST_SEND_SERVER_VERIFY_B; 851 s->state = SSL2_ST_SEND_SERVER_VERIFY_B;
887 s->init_num=s->s2->challenge_length+1; 852 s->init_num = s->s2->challenge_length + 1;
888 s->init_off=0; 853 s->init_off = 0;
889 }
890 return(ssl2_do_write(s));
891 } 854 }
855 return (ssl2_do_write(s));
856}
892 857
893static int server_finish(SSL *s) 858static int
894 { 859server_finish(SSL *s)
860{
895 unsigned char *p; 861 unsigned char *p;
896 862
897 if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) 863 if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) {
898 { 864 p = (unsigned char *)s->init_buf->data;
899 p=(unsigned char *)s->init_buf->data; 865 *(p++) = SSL2_MT_SERVER_FINISHED;
900 *(p++)=SSL2_MT_SERVER_FINISHED;
901 866
902 if (s->session->session_id_length > sizeof s->session->session_id) 867 if (s->session->session_id_length > sizeof s->session->session_id) {
903 {
904 SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR); 868 SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
905 return -1; 869 return -1;
906 } 870 }
907 memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length); 871 memcpy(p, s->session->session_id, (unsigned int)s->session->session_id_length);
908 /* p+=s->session->session_id_length; */ 872 /* p+=s->session->session_id_length; */
909 873
910 s->state=SSL2_ST_SEND_SERVER_FINISHED_B; 874 s->state = SSL2_ST_SEND_SERVER_FINISHED_B;
911 s->init_num=s->session->session_id_length+1; 875 s->init_num = s->session->session_id_length + 1;
912 s->init_off=0; 876 s->init_off = 0;
913 } 877 }
914 878
915 /* SSL2_ST_SEND_SERVER_FINISHED_B */ 879 /* SSL2_ST_SEND_SERVER_FINISHED_B */
916 return(ssl2_do_write(s)); 880 return (ssl2_do_write(s));
917 } 881}
918 882
919/* send the request and check the response */ 883/* send the request and check the response */
920static int request_certificate(SSL *s) 884static int
921 { 885request_certificate(SSL *s)
886{
922 const unsigned char *cp; 887 const unsigned char *cp;
923 unsigned char *p,*p2,*buf2; 888 unsigned char *p, *p2, *buf2;
924 unsigned char *ccd; 889 unsigned char *ccd;
925 int i,j,ctype,ret= -1; 890 int i, j, ctype, ret = -1;
926 unsigned long len; 891 unsigned long len;
927 X509 *x509=NULL; 892 X509 *x509 = NULL;
928 STACK_OF(X509) *sk=NULL; 893 STACK_OF(X509) *sk = NULL;
929 894
930 ccd=s->s2->tmp.ccl; 895 ccd = s->s2->tmp.ccl;
931 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) 896 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) {
932 { 897 p = (unsigned char *)s->init_buf->data;
933 p=(unsigned char *)s->init_buf->data; 898 *(p++) = SSL2_MT_REQUEST_CERTIFICATE;
934 *(p++)=SSL2_MT_REQUEST_CERTIFICATE; 899 *(p++) = SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
935 *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION; 900 if (RAND_pseudo_bytes(ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
936 if (RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
937 return -1; 901 return -1;
938 memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); 902 memcpy(p, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH);
939 903
940 s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B; 904 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
941 s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2; 905 s->init_num = SSL2_MIN_CERT_CHALLENGE_LENGTH + 2;
942 s->init_off=0; 906 s->init_off = 0;
943 } 907 }
944 908
945 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) 909 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) {
946 { 910 i = ssl2_do_write(s);
947 i=ssl2_do_write(s); 911 if (i <= 0) {
948 if (i <= 0) 912 ret = i;
949 {
950 ret=i;
951 goto end; 913 goto end;
952 }
953
954 s->init_num=0;
955 s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
956 } 914 }
957 915
958 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) 916 s->init_num = 0;
959 { 917 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
960 p=(unsigned char *)s->init_buf->data; 918 }
961 i=ssl2_read(s,(char *)&(p[s->init_num]),6-s->init_num); /* try to read 6 octets ... */ 919
962 if (i < 3-s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3 920 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) {
921 p = (unsigned char *)s->init_buf->data;
922 i = ssl2_read(s, (char *)&(p[s->init_num]), 6 - s->init_num); /* try to read 6 octets ... */
923 if (i < 3 - s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3
963 * (probably NO-CERTIFICATE-ERROR) */ 924 * (probably NO-CERTIFICATE-ERROR) */
964 { 925 {
965 ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i); 926 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
966 goto end; 927 goto end;
967 } 928 }
968 s->init_num += i; 929 s->init_num += i;
969 930
970 if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) 931 if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) {
971 { 932 n2s(p, i);
972 n2s(p,i); 933 if (i != SSL2_PE_NO_CERTIFICATE) {
973 if (i != SSL2_PE_NO_CERTIFICATE)
974 {
975 /* not the error message we expected -- let ssl2_part_read handle it */ 934 /* not the error message we expected -- let ssl2_part_read handle it */
976 s->init_num -= 3; 935 s->init_num -= 3;
977 ret = ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE, 3); 936 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, 3);
978 goto end; 937 goto end;
979 } 938 }
980 939
981 if (s->msg_callback) 940 if (s->msg_callback)
982 s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */ 941 s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */
983 942
984 /* this is the one place where we can recover from an SSL 2.0 error */ 943 /* this is the one place where we can recover from an SSL 2.0 error */
985 944
986 if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) 945 if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
987 { 946 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
988 ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); 947 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
989 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
990 goto end; 948 goto end;
991 }
992 ret=1;
993 goto end;
994 } 949 }
995 if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) 950 ret = 1;
996 {
997 ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
998 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ);
999 goto end; 951 goto end;
1000 } 952 }
1001 if (s->init_num != 6) 953 if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) {
1002 { 954 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
955 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_SHORT_READ);
956 goto end;
957 }
958 if (s->init_num != 6) {
1003 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR); 959 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
1004 goto end; 960 goto end;
1005 } 961 }
1006 962
1007 /* ok we have a response */ 963 /* ok we have a response */
1008 /* certificate type, there is only one right now. */ 964 /* certificate type, there is only one right now. */
1009 ctype= *(p++); 965 ctype= *(p++);
1010 if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) 966 if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
1011 { 967 ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
1012 ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); 968 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_RESPONSE_ARGUMENT);
1013 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT);
1014 goto end; 969 goto end;
1015 }
1016 n2s(p,i); s->s2->tmp.clen=i;
1017 n2s(p,i); s->s2->tmp.rlen=i;
1018 s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
1019 } 970 }
971 n2s(p, i);
972 s->s2->tmp.clen = i;
973 n2s(p, i);
974 s->s2->tmp.rlen = i;
975 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
976 }
1020 977
1021 /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */ 978 /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
1022 p=(unsigned char *)s->init_buf->data; 979 p = (unsigned char *)s->init_buf->data;
1023 len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen; 980 len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
1024 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 981 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
1025 { 982 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_MESSAGE_TOO_LONG);
1026 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_MESSAGE_TOO_LONG);
1027 goto end; 983 goto end;
1028 } 984 }
1029 j = (int)len - s->init_num; 985 j = (int)len - s->init_num;
1030 i = ssl2_read(s,(char *)&(p[s->init_num]),j); 986 i = ssl2_read(s,(char *)&(p[s->init_num]), j);
1031 if (i < j) 987 if (i < j) {
1032 { 988 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
1033 ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
1034 goto end; 989 goto end;
1035 } 990 }
1036 if (s->msg_callback) 991 if (s->msg_callback)
1037 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */ 992 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */
1038 p += 6; 993 p += 6;
1039 994
1040 cp = p; 995 cp = p;
1041 x509=(X509 *)d2i_X509(NULL,&cp,(long)s->s2->tmp.clen); 996 x509 = (X509 *)d2i_X509(NULL, &cp,(long)s->s2->tmp.clen);
1042 if (x509 == NULL) 997 if (x509 == NULL) {
1043 { 998 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_X509_LIB);
1044 SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB);
1045 goto msg_end; 999 goto msg_end;
1046 } 1000 }
1047 1001
1048 if (((sk=sk_X509_new_null()) == NULL) || (!sk_X509_push(sk,x509))) 1002 if (((sk = sk_X509_new_null()) == NULL) || (!sk_X509_push(sk, x509))) {
1049 { 1003 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1050 SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1051 goto msg_end; 1004 goto msg_end;
1052 } 1005 }
1053 1006
1054 i=ssl_verify_cert_chain(s,sk); 1007 i = ssl_verify_cert_chain(s, sk);
1055 1008
1056 if (i > 0) /* we like the packet, now check the chksum */ 1009 if (i > 0) /* we like the packet, now check the chksum */
1057 { 1010 {
1058 EVP_MD_CTX ctx; 1011 EVP_MD_CTX ctx;
1059 EVP_PKEY *pkey=NULL; 1012 EVP_PKEY *pkey = NULL;
1060 1013
1061 EVP_MD_CTX_init(&ctx); 1014 EVP_MD_CTX_init(&ctx);
1062 if (!EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL) 1015 if (!EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL) ||
1063 || !EVP_VerifyUpdate(&ctx,s->s2->key_material, 1016 !EVP_VerifyUpdate(&ctx, s->s2->key_material,
1064 s->s2->key_material_length) 1017 s->s2->key_material_length) ||
1065 || !EVP_VerifyUpdate(&ctx,ccd, 1018 !EVP_VerifyUpdate(&ctx, ccd,
1066 SSL2_MIN_CERT_CHALLENGE_LENGTH)) 1019 SSL2_MIN_CERT_CHALLENGE_LENGTH))
1067 goto msg_end; 1020 goto msg_end;
1068 1021
1069 i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); 1022 i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
1070 buf2=OPENSSL_malloc((unsigned int)i); 1023 buf2 = OPENSSL_malloc((unsigned int)i);
1071 if (buf2 == NULL) 1024 if (buf2 == NULL) {
1072 { 1025 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1073 SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1074 goto msg_end; 1026 goto msg_end;
1075 } 1027 }
1076 p2=buf2; 1028 p2 = buf2;
1077 i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2); 1029 i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &p2);
1078 if (!EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i)) 1030 if (!EVP_VerifyUpdate(&ctx, buf2,(unsigned int)i)) {
1079 {
1080 OPENSSL_free(buf2); 1031 OPENSSL_free(buf2);
1081 goto msg_end; 1032 goto msg_end;
1082 } 1033 }
1083 OPENSSL_free(buf2); 1034 OPENSSL_free(buf2);
1084 1035
1085 pkey=X509_get_pubkey(x509); 1036 pkey = X509_get_pubkey(x509);
1086 if (pkey == NULL) goto end; 1037 if (pkey == NULL)
1087 i=EVP_VerifyFinal(&ctx,cp,s->s2->tmp.rlen,pkey); 1038 goto end;
1039 i = EVP_VerifyFinal(&ctx, cp, s->s2->tmp.rlen, pkey);
1088 EVP_PKEY_free(pkey); 1040 EVP_PKEY_free(pkey);
1089 EVP_MD_CTX_cleanup(&ctx); 1041 EVP_MD_CTX_cleanup(&ctx);
1090 1042
1091 if (i > 0) 1043 if (i > 0) {
1092 {
1093 if (s->session->peer != NULL) 1044 if (s->session->peer != NULL)
1094 X509_free(s->session->peer); 1045 X509_free(s->session->peer);
1095 s->session->peer=x509; 1046 s->session->peer = x509;
1096 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); 1047 CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
1097 s->session->verify_result = s->verify_result; 1048 s->session->verify_result = s->verify_result;
1098 ret=1; 1049 ret = 1;
1099 goto end; 1050 goto end;
1100 } 1051 } else {
1101 else 1052 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_CHECKSUM);
1102 {
1103 SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM);
1104 goto msg_end; 1053 goto msg_end;
1105 }
1106 } 1054 }
1107 else 1055 } else {
1108 {
1109msg_end: 1056msg_end:
1110 ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); 1057 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
1111 } 1058 }
1112end: 1059end:
1113 sk_X509_free(sk); 1060 sk_X509_free(sk);
1114 X509_free(x509); 1061 X509_free(x509);
1115 return(ret); 1062 return (ret);
1116 } 1063}
1117 1064
1118static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, 1065static int
1119 unsigned char *to, int padding) 1066ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
1120 { 1067 unsigned char *to, int padding)
1068{
1121 RSA *rsa; 1069 RSA *rsa;
1122 int i; 1070 int i;
1123 1071
1124 if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) 1072 if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) {
1125 { 1073 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_NO_PRIVATEKEY);
1126 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY); 1074 return (-1);
1127 return(-1); 1075 }
1128 } 1076 if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) {
1129 if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) 1077 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1130 { 1078 return (-1);
1131 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA); 1079 }
1132 return(-1); 1080 rsa = c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
1133 }
1134 rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
1135 1081
1136 /* we have the public key */ 1082 /* we have the public key */
1137 i=RSA_private_decrypt(len,from,to,rsa,padding); 1083 i = RSA_private_decrypt(len, from, to, rsa, padding);
1138 if (i < 0) 1084 if (i < 0)
1139 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB); 1085 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, ERR_R_RSA_LIB);
1140 return(i); 1086 return (i);
1141 } 1087}
1142#else /* !OPENSSL_NO_SSL2 */ 1088#else /* !OPENSSL_NO_SSL2 */
1143 1089
1144# if PEDANTIC 1090# if PEDANTIC
1145static void *dummy=&dummy; 1091static void *dummy = &dummy;
1146# endif 1092# endif
1147 1093
1148#endif 1094#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 15:39:31 +0000