summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s23_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/s23_clnt.c')
-rw-r--r--src/lib/libssl/s23_clnt.c63
1 files changed, 23 insertions, 40 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 86356731ea..c45a8e0a04 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -80,28 +80,10 @@ static SSL_METHOD *ssl23_get_client_method(int ver)
80 return(NULL); 80 return(NULL);
81 } 81 }
82 82
83SSL_METHOD *SSLv23_client_method(void) 83IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
84 { 84 ssl_undefined_function,
85 static int init=1; 85 ssl23_connect,
86 static SSL_METHOD SSLv23_client_data; 86 ssl23_get_client_method)
87
88 if (init)
89 {
90 CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
91
92 if (init)
93 {
94 memcpy((char *)&SSLv23_client_data,
95 (char *)sslv23_base_method(),sizeof(SSL_METHOD));
96 SSLv23_client_data.ssl_connect=ssl23_connect;
97 SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
98 init=0;
99 }
100
101 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
102 }
103 return(&SSLv23_client_data);
104 }
105 87
106int ssl23_connect(SSL *s) 88int ssl23_connect(SSL *s)
107 { 89 {
@@ -241,6 +223,17 @@ static int ssl23_client_hello(SSL *s)
241 { 223 {
242 version = SSL2_VERSION; 224 version = SSL2_VERSION;
243 } 225 }
226#ifndef OPENSSL_NO_TLSEXT
227 if (version != SSL2_VERSION)
228 {
229 /* have to disable SSL 2.0 compatibility if we need TLS extensions */
230
231 if (s->tlsext_hostname != NULL)
232 ssl2_compat = 0;
233 if (s->tlsext_status_type != -1)
234 ssl2_compat = 0;
235 }
236#endif
244 237
245 buf=(unsigned char *)s->init_buf->data; 238 buf=(unsigned char *)s->init_buf->data;
246 if (s->state == SSL23_ST_CW_CLNT_HELLO_A) 239 if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
@@ -254,7 +247,7 @@ static int ssl23_client_hello(SSL *s)
254#endif 247#endif
255 248
256 p=s->s3->client_random; 249 p=s->s3->client_random;
257 Time=(unsigned long)time(NULL); /* Time */ 250 Time=(unsigned long)time(NULL); /* Time */
258 l2n(Time,p); 251 l2n(Time,p);
259 if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) 252 if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
260 return -1; 253 return -1;
@@ -264,14 +257,6 @@ static int ssl23_client_hello(SSL *s)
264 version_major = TLS1_VERSION_MAJOR; 257 version_major = TLS1_VERSION_MAJOR;
265 version_minor = TLS1_VERSION_MINOR; 258 version_minor = TLS1_VERSION_MINOR;
266 } 259 }
267#ifdef OPENSSL_FIPS
268 else if(FIPS_mode())
269 {
270 SSLerr(SSL_F_SSL23_CLIENT_HELLO,
271 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
272 return -1;
273 }
274#endif
275 else if (version == SSL3_VERSION) 260 else if (version == SSL3_VERSION)
276 { 261 {
277 version_major = SSL3_VERSION_MAJOR; 262 version_major = SSL3_VERSION_MAJOR;
@@ -386,6 +371,13 @@ static int ssl23_client_hello(SSL *s)
386 *(p++)=comp->id; 371 *(p++)=comp->id;
387 } 372 }
388 *(p++)=0; /* Add the NULL method */ 373 *(p++)=0; /* Add the NULL method */
374#ifndef OPENSSL_NO_TLSEXT
375 if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
376 {
377 SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
378 return -1;
379 }
380#endif
389 381
390 l = p-d; 382 l = p-d;
391 *p = 42; 383 *p = 42;
@@ -544,14 +536,6 @@ static int ssl23_get_server_hello(SSL *s)
544 if ((p[2] == SSL3_VERSION_MINOR) && 536 if ((p[2] == SSL3_VERSION_MINOR) &&
545 !(s->options & SSL_OP_NO_SSLv3)) 537 !(s->options & SSL_OP_NO_SSLv3))
546 { 538 {
547#ifdef OPENSSL_FIPS
548 if(FIPS_mode())
549 {
550 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
551 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
552 goto err;
553 }
554#endif
555 s->version=SSL3_VERSION; 539 s->version=SSL3_VERSION;
556 s->method=SSLv3_client_method(); 540 s->method=SSLv3_client_method();
557 } 541 }
@@ -608,7 +592,6 @@ static int ssl23_get_server_hello(SSL *s)
608 if (!ssl_get_new_session(s,0)) 592 if (!ssl_get_new_session(s,0))
609 goto err; 593 goto err;
610 594
611 s->first_packet=1;
612 return(SSL_connect(s)); 595 return(SSL_connect(s));
613err: 596err:
614 return(-1); 597 return(-1);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 22:44:36 +0000