summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s23_srvr.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/s23_srvr.c')
-rw-r--r--src/lib/libssl/s23_srvr.c181
1 files changed, 97 insertions, 84 deletions
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index 050618235f..9e89cc7f9a 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -55,6 +55,59 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
58 111
59#include <stdio.h> 112#include <stdio.h>
60#include <openssl/buffer.h> 113#include <openssl/buffer.h>
@@ -67,7 +120,7 @@ static SSL_METHOD *ssl23_get_server_method(int ver);
67int ssl23_get_client_hello(SSL *s); 120int ssl23_get_client_hello(SSL *s);
68static SSL_METHOD *ssl23_get_server_method(int ver) 121static SSL_METHOD *ssl23_get_server_method(int ver)
69 { 122 {
70#ifndef NO_SSL2 123#ifndef OPENSSL_NO_SSL2
71 if (ver == SSL2_VERSION) 124 if (ver == SSL2_VERSION)
72 return(SSLv2_server_method()); 125 return(SSLv2_server_method());
73#endif 126#endif
@@ -99,7 +152,7 @@ int ssl23_accept(SSL *s)
99 { 152 {
100 BUF_MEM *buf; 153 BUF_MEM *buf;
101 unsigned long Time=time(NULL); 154 unsigned long Time=time(NULL);
102 void (*cb)()=NULL; 155 void (*cb)(const SSL *ssl,int type,int val)=NULL;
103 int ret= -1; 156 int ret= -1;
104 int new_state,state; 157 int new_state,state;
105 158
@@ -112,8 +165,8 @@ int ssl23_accept(SSL *s)
112 else if (s->ctx->info_callback != NULL) 165 else if (s->ctx->info_callback != NULL)
113 cb=s->ctx->info_callback; 166 cb=s->ctx->info_callback;
114 167
115 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
116 s->in_handshake++; 168 s->in_handshake++;
169 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
117 170
118 for (;;) 171 for (;;)
119 { 172 {
@@ -179,9 +232,9 @@ int ssl23_accept(SSL *s)
179 } 232 }
180 } 233 }
181end: 234end:
235 s->in_handshake--;
182 if (cb != NULL) 236 if (cb != NULL)
183 cb(s,SSL_CB_ACCEPT_EXIT,ret); 237 cb(s,SSL_CB_ACCEPT_EXIT,ret);
184 s->in_handshake--;
185 return(ret); 238 return(ret);
186 } 239 }
187 240
@@ -202,13 +255,13 @@ int ssl23_get_client_hello(SSL *s)
202 * 9/10 client_version / 255 * 9/10 client_version /
203 */ 256 */
204 char *buf= &(buf_space[0]); 257 char *buf= &(buf_space[0]);
205 unsigned char *p,*d,*dd; 258 unsigned char *p,*d,*d_len,*dd;
206 unsigned int i; 259 unsigned int i;
207 unsigned int csl,sil,cl; 260 unsigned int csl,sil,cl;
208 int n=0,j; 261 int n=0,j;
209 int type=0; 262 int type=0;
210 int v[2]; 263 int v[2];
211#ifndef NO_RSA 264#ifndef OPENSSL_NO_RSA
212 int use_sslv2_strong=0; 265 int use_sslv2_strong=0;
213#endif 266#endif
214 267
@@ -270,72 +323,6 @@ int ssl23_get_client_hello(SSL *s)
270 else if (!(s->options & SSL_OP_NO_SSLv2)) 323 else if (!(s->options & SSL_OP_NO_SSLv2))
271 type=1; 324 type=1;
272 325
273 if (s->options & SSL_OP_NON_EXPORT_FIRST)
274 /* Not only utterly confusing, but broken
275 * ('fractured programming'?) -- the details
276 * of this block nearly make it work
277 * as intended in this environment, but on one
278 * of the fine points (w.r.t. restarts) it fails.
279 * The obvious fix would be even more devastating
280 * to program structure; if you want the functionality,
281 * throw this away and implement it in a way
282 * that makes sense */
283 {
284#if 0
285 STACK_OF(SSL_CIPHER) *sk;
286 SSL_CIPHER *c;
287 int ne2,ne3;
288
289 j=((p[0]&0x7f)<<8)|p[1];
290 if (j > (1024*4))
291 {
292 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
293 goto err;
294 }
295
296 n=ssl23_read_bytes(s,j+2);
297 if (n <= 0) return(n);
298 p=s->packet;
299
300 if ((buf=OPENSSL_malloc(n)) == NULL)
301 {
302 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
303 goto err;
304 }
305 memcpy(buf,p,n);
306
307 p+=5;
308 n2s(p,csl);
309 p+=4;
310
311 sk=ssl_bytes_to_cipher_list(
312 s,p,csl,NULL);
313 if (sk != NULL)
314 {
315 ne2=ne3=0;
316 for (j=0; j<sk_SSL_CIPHER_num(sk); j++)
317 {
318 c=sk_SSL_CIPHER_value(sk,j);
319 if (!SSL_C_IS_EXPORT(c))
320 {
321 if ((c->id>>24L) == 2L)
322 ne2=1;
323 else
324 ne3=1;
325 }
326 }
327 if (ne2 && !ne3)
328 {
329 type=1;
330 use_sslv2_strong=1;
331 goto next_bit;
332 }
333 }
334#else
335 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_OPTION);
336 goto err;
337#endif
338 }
339 } 326 }
340 } 327 }
341 else if ((p[0] == SSL3_RT_HANDSHAKE) && 328 else if ((p[0] == SSL3_RT_HANDSHAKE) &&
@@ -352,17 +339,22 @@ int ssl23_get_client_hello(SSL *s)
352 /* We must look at client_version inside the Client Hello message 339 /* We must look at client_version inside the Client Hello message
353 * to get the correct minor version. 340 * to get the correct minor version.
354 * However if we have only a pathologically small fragment of the 341 * However if we have only a pathologically small fragment of the
355 * Client Hello message, this would be difficult, we'd have 342 * Client Hello message, this would be difficult, and we'd have
356 * to read at least one additional record to find out. 343 * to read more records to find out.
357 * This doesn't usually happen in real life, so we just complain 344 * No known SSL 3.0 client fragments ClientHello like this,
358 * for now. 345 * so we simply assume TLS 1.0 to avoid protocol version downgrade
359 */ 346 * attacks. */
360 if (p[3] == 0 && p[4] < 6) 347 if (p[3] == 0 && p[4] < 6)
361 { 348 {
349#if 0
362 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL); 350 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
363 goto err; 351 goto err;
352#else
353 v[1] = TLS1_VERSION_MINOR;
354#endif
364 } 355 }
365 v[1]=p[10]; /* minor version according to client_version */ 356 else
357 v[1]=p[10]; /* minor version according to client_version */
366 if (v[1] >= TLS1_VERSION_MINOR) 358 if (v[1] >= TLS1_VERSION_MINOR)
367 { 359 {
368 if (!(s->options & SSL_OP_NO_TLSv1)) 360 if (!(s->options & SSL_OP_NO_TLSv1))
@@ -376,10 +368,21 @@ int ssl23_get_client_hello(SSL *s)
376 type=3; 368 type=3;
377 } 369 }
378 } 370 }
379 else if (!(s->options & SSL_OP_NO_SSLv3)) 371 else
380 { 372 {
381 s->version=SSL3_VERSION; 373 /* client requests SSL 3.0 */
382 type=3; 374 if (!(s->options & SSL_OP_NO_SSLv3))
375 {
376 s->version=SSL3_VERSION;
377 type=3;
378 }
379 else if (!(s->options & SSL_OP_NO_TLSv1))
380 {
381 /* we won't be able to use TLS of course,
382 * but this will send an appropriate alert */
383 s->version=TLS1_VERSION;
384 type=3;
385 }
383 } 386 }
384 } 387 }
385 else if ((strncmp("GET ", (char *)p,4) == 0) || 388 else if ((strncmp("GET ", (char *)p,4) == 0) ||
@@ -417,7 +420,9 @@ int ssl23_get_client_hello(SSL *s)
417 j=ssl23_read_bytes(s,n+2); 420 j=ssl23_read_bytes(s,n+2);
418 if (j <= 0) return(j); 421 if (j <= 0) return(j);
419 422
420 ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2); 423 ssl3_finish_mac(s, s->packet+2, s->packet_length-2);
424 if (s->msg_callback)
425 s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
421 426
422 p=s->packet; 427 p=s->packet;
423 p+=5; 428 p+=5;
@@ -431,6 +436,13 @@ int ssl23_get_client_hello(SSL *s)
431 goto err; 436 goto err;
432 } 437 }
433 438
439 /* record header: msg_type ... */
440 *(d++) = SSL3_MT_CLIENT_HELLO;
441 /* ... and length (actual value will be written later) */
442 d_len = d;
443 d += 3;
444
445 /* client_version */
434 *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */ 446 *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
435 *(d++) = v[1]; 447 *(d++) = v[1];
436 448
@@ -461,7 +473,8 @@ int ssl23_get_client_hello(SSL *s)
461 *(d++)=1; 473 *(d++)=1;
462 *(d++)=0; 474 *(d++)=0;
463 475
464 i=(d-(unsigned char *)s->init_buf->data); 476 i = (d-(unsigned char *)s->init_buf->data) - 4;
477 l2n3((long)i, d_len);
465 478
466 /* get the data reused from the init_buf */ 479 /* get the data reused from the init_buf */
467 s->s3->tmp.reuse_message=1; 480 s->s3->tmp.reuse_message=1;
@@ -474,7 +487,7 @@ int ssl23_get_client_hello(SSL *s)
474 487
475 if (type == 1) 488 if (type == 1)
476 { 489 {
477#ifdef NO_SSL2 490#ifdef OPENSSL_NO_SSL2
478 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); 491 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
479 goto err; 492 goto err;
480#else 493#else
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 13:03:58 +0000