1 files changed, 59 insertions, 166 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 86356731ea..779e94a35c 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -106,7 +106,7 @@ SSL_METHOD *SSLv23_client_method(void)
 int ssl23_connect(SSL *s)
        {
        BUF_MEM *buf=NULL;
-        unsigned long Time=(unsigned long)time(NULL);
+        unsigned long Time=time(NULL);
        void (*cb)(const SSL *ssl,int type,int val)=NULL;
        int ret= -1;
        int new_state,state;
@@ -220,28 +220,9 @@ static int ssl23_client_hello(SSL *s)
        {
        unsigned char *buf;
        unsigned char *p,*d;
-        int i,j,ch_len;
+        int i,ch_len;
-        unsigned long Time,l;
-        int ssl2_compat;
-        int version = 0, version_major, version_minor;
-        SSL_COMP *comp;
        int ret;
-        ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
-        if (!(s->options & SSL_OP_NO_TLSv1))
-                {
-                version = TLS1_VERSION;
-                }
-        else if (!(s->options & SSL_OP_NO_SSLv3))
-                {
-                version = SSL3_VERSION;
-                }
-        else if (!(s->options & SSL_OP_NO_SSLv2))
-                {
-                version = SSL2_VERSION;
-                }
        buf=(unsigned char *)s->init_buf->data;
        if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
                {
@@ -254,15 +235,19 @@ static int ssl23_client_hello(SSL *s)
 #endif
                p=s->s3->client_random;
-                Time=(unsigned long)time(NULL);                 /* Time */
+                if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
-                l2n(Time,p);
+                    return -1;
-                if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
-                        return -1;
-                if (version == TLS1_VERSION)
+                /* Do the message type and length last */
+                d= &(buf[2]);
+                p=d+9;
+                *(d++)=SSL2_MT_CLIENT_HELLO;
+                if (!(s->options & SSL_OP_NO_TLSv1))
                        {
-                        version_major = TLS1_VERSION_MAJOR;
+                        *(d++)=TLS1_VERSION_MAJOR;
-                        version_minor = TLS1_VERSION_MINOR;
+                        *(d++)=TLS1_VERSION_MINOR;
+                        s->client_version=TLS1_VERSION;
                        }
 #ifdef OPENSSL_FIPS
                else if(FIPS_mode())
@@ -272,15 +257,17 @@ static int ssl23_client_hello(SSL *s)
                        return -1;
                        }
 #endif
-                else if (version == SSL3_VERSION)
+                else if (!(s->options & SSL_OP_NO_SSLv3))
                        {
-                        version_major = SSL3_VERSION_MAJOR;
+                        *(d++)=SSL3_VERSION_MAJOR;
-                        version_minor = SSL3_VERSION_MINOR;
+                        *(d++)=SSL3_VERSION_MINOR;
+                        s->client_version=SSL3_VERSION;
                        }
-                else if (version == SSL2_VERSION)
+                else if (!(s->options & SSL_OP_NO_SSLv2))
                        {
-                        version_major = SSL2_VERSION_MAJOR;
+                        *(d++)=SSL2_VERSION_MAJOR;
-                        version_minor = SSL2_VERSION_MINOR;
+                        *(d++)=SSL2_VERSION_MINOR;
+                        s->client_version=SSL2_VERSION;
                        }
                else
                        {
@@ -288,153 +275,59 @@ static int ssl23_client_hello(SSL *s)
                        return(-1);
                        }
-                s->client_version = version;
+                /* Ciphers supported */
+                i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
-                if (ssl2_compat)
+                if (i == 0)
                        {
-                        /* create SSL 2.0 compatible Client Hello */
+                        /* no ciphers */
+                        SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-                        /* two byte record header will be written last */
+                        return(-1);
-                        d = &(buf[2]);
+                        }
-                        p = d + 9; /* leave space for message type, version, individual length fields */
+                s2n(i,d);
+                p+=i;
-                        *(d++) = SSL2_MT_CLIENT_HELLO;
+                /* put in the session-id, zero since there is no
-                        *(d++) = version_major;
+                 * reuse. */
-                        *(d++) = version_minor;
-                        
-                        /* Ciphers supported */
-                        i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p,0);
-                        if (i == 0)
-                                {
-                                /* no ciphers */
-                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-                                return -1;
-                                }
-                        s2n(i,d);
-                        p+=i;
-                        
-                        /* put in the session-id length (zero since there is no reuse) */
 #if 0
-                        s->session->session_id_length=0;
+                s->session->session_id_length=0;
 #endif
-                        s2n(0,d);
+                s2n(0,d);
-                        if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-                                ch_len=SSL2_CHALLENGE_LENGTH;
-                        else
-                                ch_len=SSL2_MAX_CHALLENGE_LENGTH;
-                        /* write out sslv2 challenge */
-                        if (SSL3_RANDOM_SIZE < ch_len)
-                                i=SSL3_RANDOM_SIZE;
-                        else
-                                i=ch_len;
-                        s2n(i,d);
-                        memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
-                        if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
-                                return -1;
-                        memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-                        p+=i;
-                        i= p- &(buf[2]);
-                        buf[0]=((i>>8)&0xff)|0x80;
-                        buf[1]=(i&0xff);
-                        /* number of bytes to write */
-                        s->init_num=i+2;
-                        s->init_off=0;
-                        ssl3_finish_mac(s,&(buf[2]),i);
-                        }
-                else
-                        {
-                        /* create Client Hello in SSL 3.0/TLS 1.0 format */
-                        /* do the record header (5 bytes) and handshake message header (4 bytes) last */
-                        d = p = &(buf[9]);
-                        
-                        *(p++) = version_major;
-                        *(p++) = version_minor;
-                        /* Random stuff */
-                        memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
-                        p += SSL3_RANDOM_SIZE;
-                        /* Session ID (zero since there is no reuse) */
+                if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-                        *(p++) = 0;
+                        ch_len=SSL2_CHALLENGE_LENGTH;
+                else
-                        /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
+                        ch_len=SSL2_MAX_CHALLENGE_LENGTH;
-                        i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char);
-                        if (i == 0)
-                                {
-                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-                                return -1;
-                                }
-                        s2n(i,p);
-                        p+=i;
-                        /* COMPRESSION */
-                        if (s->ctx->comp_methods == NULL)
-                                j=0;
-                        else
-                                j=sk_SSL_COMP_num(s->ctx->comp_methods);
-                        *(p++)=1+j;
-                        for (i=0; i<j; i++)
-                                {
-                                comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
-                                *(p++)=comp->id;
-                                }
-                        *(p++)=0; /* Add the NULL method */
-                        
-                        l = p-d;
-                        *p = 42;
-                        /* fill in 4-byte handshake header */
+                /* write out sslv2 challenge */
-                        d=&(buf[5]);
+                if (SSL3_RANDOM_SIZE < ch_len)
-                        *(d++)=SSL3_MT_CLIENT_HELLO;
+                        i=SSL3_RANDOM_SIZE;
-                        l2n3(l,d);
+                else
+                        i=ch_len;
+                s2n(i,d);
+                memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
+                if(RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
+                        return -1;
-                        l += 4;
+                memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+                p+=i;
-                        if (l > SSL3_RT_MAX_PLAIN_LENGTH)
+                i= p- &(buf[2]);
-                                {
+                buf[0]=((i>>8)&0xff)|0x80;
-                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
+                buf[1]=(i&0xff);
-                                return -1;
-                                }
-                        
-                        /* fill in 5-byte record header */
-                        d=buf;
-                        *(d++) = SSL3_RT_HANDSHAKE;
-                        *(d++) = version_major;
-                        *(d++) = version_minor; /* arguably we should send the *lowest* suported version here
-                                                 * (indicating, e.g., TLS 1.0 in "SSL 3.0 format") */
-                        s2n((int)l,d);
-                        /* number of bytes to write */
-                        s->init_num=p-buf;
-                        s->init_off=0;
-                        ssl3_finish_mac(s,&(buf[5]), s->init_num - 5);
-                        }
                s->state=SSL23_ST_CW_CLNT_HELLO_B;
+                /* number of bytes to write */
+                s->init_num=i+2;
                s->init_off=0;
+                ssl3_finish_mac(s,&(buf[2]),i);
                }
        /* SSL3_ST_CW_CLNT_HELLO_B */
        ret = ssl23_write_bytes(s);
+        if (ret >= 2)
-        if ((ret >= 2) && s->msg_callback)
+                if (s->msg_callback)
-                {
+                        s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
-                /* Client Hello has been sent; tell msg_callback */
-                if (ssl2_compat)
-                        s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg);
-                else
-                        s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);
-                }
        return ret;
        }

diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index 86356731ea..779e94a35c 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c
@@ -106,7 +106,7 @@ SSL_METHOD *SSLv23_client_method(void)
106	int ssl23_connect(SSL *s)	106	int ssl23_connect(SSL *s)
107	{	107	{
108	BUF_MEM *buf=NULL;	108	BUF_MEM *buf=NULL;
109	unsigned long Time=(unsigned long)time(NULL);	109	unsigned long Time=time(NULL);
110	void (cb)(const SSL ssl,int type,int val)=NULL;	110	void (cb)(const SSL ssl,int type,int val)=NULL;
111	int ret= -1;	111	int ret= -1;
112	int new_state,state;	112	int new_state,state;
@@ -220,28 +220,9 @@ static int ssl23_client_hello(SSL *s)
220	{	220	{
221	unsigned char *buf;	221	unsigned char *buf;
222	unsigned char p,d;	222	unsigned char p,d;
223	int i,j,ch_len;	223	int i,ch_len;
224	unsigned long Time,l;
225	int ssl2_compat;
226	int version = 0, version_major, version_minor;
227	SSL_COMP *comp;
228	int ret;	224	int ret;
229		225
230	ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
231
232	if (!(s->options & SSL_OP_NO_TLSv1))
233	{
234	version = TLS1_VERSION;
235	}
236	else if (!(s->options & SSL_OP_NO_SSLv3))
237	{
238	version = SSL3_VERSION;
239	}
240	else if (!(s->options & SSL_OP_NO_SSLv2))
241	{
242	version = SSL2_VERSION;
243	}
244
245	buf=(unsigned char *)s->init_buf->data;	226	buf=(unsigned char *)s->init_buf->data;
246	if (s->state == SSL23_ST_CW_CLNT_HELLO_A)	227	if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
247	{	228	{
@@ -254,15 +235,19 @@ static int ssl23_client_hello(SSL *s)
254	#endif	235	#endif
255		236
256	p=s->s3->client_random;	237	p=s->s3->client_random;
257	Time=(unsigned long)time(NULL); /* Time */	238	if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
258	l2n(Time,p);	239	return -1;
259	if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
260	return -1;
261		240
262	if (version == TLS1_VERSION)	241	/* Do the message type and length last */
		242	d= &(buf[2]);
		243	p=d+9;
		244
		245	*(d++)=SSL2_MT_CLIENT_HELLO;
		246	if (!(s->options & SSL_OP_NO_TLSv1))
263	{	247	{
264	version_major = TLS1_VERSION_MAJOR;	248	*(d++)=TLS1_VERSION_MAJOR;
265	version_minor = TLS1_VERSION_MINOR;	249	*(d++)=TLS1_VERSION_MINOR;
		250	s->client_version=TLS1_VERSION;
266	}	251	}
267	#ifdef OPENSSL_FIPS	252	#ifdef OPENSSL_FIPS
268	else if(FIPS_mode())	253	else if(FIPS_mode())
@@ -272,15 +257,17 @@ static int ssl23_client_hello(SSL *s)
272	return -1;	257	return -1;
273	}	258	}
274	#endif	259	#endif
275	else if (version == SSL3_VERSION)	260	else if (!(s->options & SSL_OP_NO_SSLv3))
276	{	261	{
277	version_major = SSL3_VERSION_MAJOR;	262	*(d++)=SSL3_VERSION_MAJOR;
278	version_minor = SSL3_VERSION_MINOR;	263	*(d++)=SSL3_VERSION_MINOR;
		264	s->client_version=SSL3_VERSION;
279	}	265	}
280	else if (version == SSL2_VERSION)	266	else if (!(s->options & SSL_OP_NO_SSLv2))
281	{	267	{
282	version_major = SSL2_VERSION_MAJOR;	268	*(d++)=SSL2_VERSION_MAJOR;
283	version_minor = SSL2_VERSION_MINOR;	269	*(d++)=SSL2_VERSION_MINOR;
		270	s->client_version=SSL2_VERSION;
284	}	271	}
285	else	272	else
286	{	273	{
@@ -288,153 +275,59 @@ static int ssl23_client_hello(SSL *s)
288	return(-1);	275	return(-1);
289	}	276	}
290		277
291	s->client_version = version;	278	/* Ciphers supported */
292		279	i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
293	if (ssl2_compat)	280	if (i == 0)
294	{	281	{
295	/* create SSL 2.0 compatible Client Hello */	282	/* no ciphers */
296		283	SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
297	/* two byte record header will be written last */	284	return(-1);
298	d = &(buf[2]);	285	}
299	p = d + 9; /* leave space for message type, version, individual length fields */	286	s2n(i,d);
		287	p+=i;
300		288
301	*(d++) = SSL2_MT_CLIENT_HELLO;	289	/* put in the session-id, zero since there is no
302	*(d++) = version_major;	290	* reuse. */
303	*(d++) = version_minor;
304
305	/* Ciphers supported */
306	i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p,0);
307	if (i == 0)
308	{
309	/* no ciphers */
310	SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
311	return -1;
312	}
313	s2n(i,d);
314	p+=i;
315
316	/* put in the session-id length (zero since there is no reuse) */
317	#if 0	291	#if 0
318	s->session->session_id_length=0;	292	s->session->session_id_length=0;
319	#endif	293	#endif
320	s2n(0,d);	294	s2n(0,d);
321
322	if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
323	ch_len=SSL2_CHALLENGE_LENGTH;
324	else
325	ch_len=SSL2_MAX_CHALLENGE_LENGTH;
326
327	/* write out sslv2 challenge */
328	if (SSL3_RANDOM_SIZE < ch_len)
329	i=SSL3_RANDOM_SIZE;
330	else
331	i=ch_len;
332	s2n(i,d);
333	memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
334	if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
335	return -1;
336
337	memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
338	p+=i;
339
340	i= p- &(buf[2]);
341	buf[0]=((i>>8)&0xff)\|0x80;
342	buf[1]=(i&0xff);
343
344	/* number of bytes to write */
345	s->init_num=i+2;
346	s->init_off=0;
347
348	ssl3_finish_mac(s,&(buf[2]),i);
349	}
350	else
351	{
352	/* create Client Hello in SSL 3.0/TLS 1.0 format */
353
354	/* do the record header (5 bytes) and handshake message header (4 bytes) last */
355	d = p = &(buf[9]);
356
357	*(p++) = version_major;
358	*(p++) = version_minor;
359
360	/* Random stuff */
361	memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
362	p += SSL3_RANDOM_SIZE;
363		295
364	/* Session ID (zero since there is no reuse) */	296	if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
365	*(p++) = 0;	297	ch_len=SSL2_CHALLENGE_LENGTH;
366		298	else
367	/* Ciphers supported (using SSL 3.0/TLS 1.0 format) */	299	ch_len=SSL2_MAX_CHALLENGE_LENGTH;
368	i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char);
369	if (i == 0)
370	{
371	SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
372	return -1;
373	}
374	s2n(i,p);
375	p+=i;
376
377	/* COMPRESSION */
378	if (s->ctx->comp_methods == NULL)
379	j=0;
380	else
381	j=sk_SSL_COMP_num(s->ctx->comp_methods);
382	*(p++)=1+j;
383	for (i=0; i<j; i++)
384	{
385	comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
386	*(p++)=comp->id;
387	}
388	(p++)=0; / Add the NULL method */
389
390	l = p-d;
391	*p = 42;
392		300
393	/* fill in 4-byte handshake header */	301	/* write out sslv2 challenge */
394	d=&(buf[5]);	302	if (SSL3_RANDOM_SIZE < ch_len)
395	*(d++)=SSL3_MT_CLIENT_HELLO;	303	i=SSL3_RANDOM_SIZE;
396	l2n3(l,d);	304	else
		305	i=ch_len;
		306	s2n(i,d);
		307	memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
		308	if(RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
		309	return -1;
397		310
398	l += 4;	311	memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
		312	p+=i;
399		313
400	if (l > SSL3_RT_MAX_PLAIN_LENGTH)	314	i= p- &(buf[2]);
401	{	315	buf[0]=((i>>8)&0xff)\|0x80;
402	SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);	316	buf[1]=(i&0xff);
403	return -1;
404	}
405
406	/* fill in 5-byte record header */
407	d=buf;
408	*(d++) = SSL3_RT_HANDSHAKE;
409	*(d++) = version_major;
410	(d++) = version_minor; / arguably we should send the lowest suported version here
411	* (indicating, e.g., TLS 1.0 in "SSL 3.0 format") */
412	s2n((int)l,d);
413
414	/* number of bytes to write */
415	s->init_num=p-buf;
416	s->init_off=0;
417
418	ssl3_finish_mac(s,&(buf[5]), s->init_num - 5);
419	}
420		317
421	s->state=SSL23_ST_CW_CLNT_HELLO_B;	318	s->state=SSL23_ST_CW_CLNT_HELLO_B;
		319	/* number of bytes to write */
		320	s->init_num=i+2;
422	s->init_off=0;	321	s->init_off=0;
		322
		323	ssl3_finish_mac(s,&(buf[2]),i);
423	}	324	}
424		325
425	/* SSL3_ST_CW_CLNT_HELLO_B */	326	/* SSL3_ST_CW_CLNT_HELLO_B */
426	ret = ssl23_write_bytes(s);	327	ret = ssl23_write_bytes(s);
427		328	if (ret >= 2)
428	if ((ret >= 2) && s->msg_callback)	329	if (s->msg_callback)
429	{	330	s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
430	/* Client Hello has been sent; tell msg_callback */
431
432	if (ssl2_compat)
433	s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg);
434	else
435	s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);
436	}
437
438	return ret;	331	return ret;
439	}	332	}
440		333