summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s23_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/s23_clnt.c')
-rw-r--r--src/lib/libssl/s23_clnt.c16
1 files changed, 12 insertions, 4 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 299d2ae5d2..aaedf6a9bb 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -68,8 +68,10 @@ static int ssl23_client_hello(SSL *s);
68static int ssl23_get_server_hello(SSL *s); 68static int ssl23_get_server_hello(SSL *s);
69static SSL_METHOD *ssl23_get_client_method(int ver) 69static SSL_METHOD *ssl23_get_client_method(int ver)
70 { 70 {
71#ifndef NO_SSL2
71 if (ver == SSL2_VERSION) 72 if (ver == SSL2_VERSION)
72 return(SSLv2_client_method()); 73 return(SSLv2_client_method());
74#endif
73 if (ver == SSL3_VERSION) 75 if (ver == SSL3_VERSION)
74 return(SSLv3_client_method()); 76 return(SSLv3_client_method());
75 else if (ver == TLS1_VERSION) 77 else if (ver == TLS1_VERSION)
@@ -102,7 +104,7 @@ int ssl23_connect(SSL *s)
102 int ret= -1; 104 int ret= -1;
103 int new_state,state; 105 int new_state,state;
104 106
105 RAND_seed(&Time,sizeof(Time)); 107 RAND_add(&Time,sizeof(Time),0);
106 ERR_clear_error(); 108 ERR_clear_error();
107 clear_sys_error(); 109 clear_sys_error();
108 110
@@ -222,7 +224,7 @@ static int ssl23_client_hello(SSL *s)
222#endif 224#endif
223 225
224 p=s->s3->client_random; 226 p=s->s3->client_random;
225 RAND_bytes(p,SSL3_RANDOM_SIZE); 227 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
226 228
227 /* Do the message type and length last */ 229 /* Do the message type and length last */
228 d= &(buf[2]); 230 d= &(buf[2]);
@@ -283,7 +285,7 @@ static int ssl23_client_hello(SSL *s)
283 i=ch_len; 285 i=ch_len;
284 s2n(i,d); 286 s2n(i,d);
285 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); 287 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
286 RAND_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); 288 RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
287 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); 289 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
288 p+=i; 290 p+=i;
289 291
@@ -307,7 +309,7 @@ static int ssl23_get_server_hello(SSL *s)
307 { 309 {
308 char buf[8]; 310 char buf[8];
309 unsigned char *p; 311 unsigned char *p;
310 int i,ch_len; 312 int i;
311 int n; 313 int n;
312 314
313 n=ssl23_read_bytes(s,7); 315 n=ssl23_read_bytes(s,7);
@@ -320,9 +322,14 @@ static int ssl23_get_server_hello(SSL *s)
320 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && 322 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
321 (p[5] == 0x00) && (p[6] == 0x02)) 323 (p[5] == 0x00) && (p[6] == 0x02))
322 { 324 {
325#ifdef NO_SSL2
326 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
327 goto err;
328#else
323 /* we are talking sslv2 */ 329 /* we are talking sslv2 */
324 /* we need to clean up the SSLv3 setup and put in the 330 /* we need to clean up the SSLv3 setup and put in the
325 * sslv2 stuff. */ 331 * sslv2 stuff. */
332 int ch_len;
326 333
327 if (s->options & SSL_OP_NO_SSLv2) 334 if (s->options & SSL_OP_NO_SSLv2)
328 { 335 {
@@ -375,6 +382,7 @@ static int ssl23_get_server_hello(SSL *s)
375 382
376 s->method=SSLv2_client_method(); 383 s->method=SSLv2_client_method();
377 s->handshake_func=s->method->ssl_connect; 384 s->handshake_func=s->method->ssl_connect;
385#endif
378 } 386 }
379 else if ((p[0] == SSL3_RT_HANDSHAKE) && 387 else if ((p[0] == SSL3_RT_HANDSHAKE) &&
380 (p[1] == SSL3_VERSION_MAJOR) && 388 (p[1] == SSL3_VERSION_MAJOR) &&
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 17:05:01 +0000