1 files changed, 62 insertions, 253 deletions
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index a6d869df59..2ecfbb77cb 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -160,29 +160,14 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
                p= &(d[4]);
                i=s->method->ssl3_enc->final_finish_mac(s,
+                        &(s->s3->finish_dgst1),
+                        &(s->s3->finish_dgst2),
                        sender,slen,s->s3->tmp.finish_md);
                s->s3->tmp.finish_md_len = i;
                memcpy(p, s->s3->tmp.finish_md, i);
                p+=i;
                l=i;
-                /* Copy the finished so we can use it for
-                   renegotiation checks */
-                if(s->type == SSL_ST_CONNECT)
-                        {
-                         OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
-                         memcpy(s->s3->previous_client_finished, 
-                             s->s3->tmp.finish_md, i);
-                         s->s3->previous_client_finished_len=i;
-                        }
-                else
-                        {
-                        OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
-                        memcpy(s->s3->previous_server_finished, 
-                            s->s3->tmp.finish_md, i);
-                        s->s3->previous_server_finished_len=i;
-                        }
 #ifdef OPENSSL_SYS_WIN16
                /* MSVC 1.5 does not clear the top bytes of the word unless
                 * I do this.
@@ -247,23 +232,6 @@ int ssl3_get_finished(SSL *s, int a, int b)
                goto f_err;
                }
-        /* Copy the finished so we can use it for
-           renegotiation checks */
-        if(s->type == SSL_ST_ACCEPT)
-                {
-                OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
-                memcpy(s->s3->previous_client_finished, 
-                    s->s3->tmp.peer_finish_md, i);
-                s->s3->previous_client_finished_len=i;
-                }
-        else
-                {
-                OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
-                memcpy(s->s3->previous_server_finished, 
-                    s->s3->tmp.peer_finish_md, i);
-                s->s3->previous_server_finished_len=i;
-                }
        return(1);
 f_err:
        ssl3_send_alert(s,SSL3_AL_FATAL,al);
@@ -296,31 +264,15 @@ int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
        return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
        }
-static int ssl3_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
-        {
-        int n;
-        unsigned char *p;
-        n=i2d_X509(x,NULL);
-        if (!BUF_MEM_grow_clean(buf,(int)(n+(*l)+3)))
-                {
-                SSLerr(SSL_F_SSL3_ADD_CERT_TO_BUF,ERR_R_BUF_LIB);
-                return(-1);
-                }
-        p=(unsigned char *)&(buf->data[*l]);
-        l2n3(n,p);
-        i2d_X509(x,&p);
-        *l+=n+3;
-        return(0);
-        }
 unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
        {
        unsigned char *p;
-        int i;
+        int n,i;
        unsigned long l=7;
        BUF_MEM *buf;
+        X509_STORE_CTX xs_ctx;
+        X509_OBJECT obj;
        int no_chain;
        if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
@@ -337,42 +289,58 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
                }
        if (x != NULL)
                {
-                if (no_chain)
+                if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
                        {
-                        if (ssl3_add_cert_to_buf(buf, &l, x))
+                        SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
-                                return(0);
+                        return(0);
                        }
-                else
-                        {
-                        X509_STORE_CTX xs_ctx;
-                        if (!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,x,NULL))
+                for (;;)
+                        {
+                        n=i2d_X509(x,NULL);
+                        if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
                                {
-                                SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
+                                SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
                                return(0);
                                }
-                        X509_verify_cert(&xs_ctx);
+                        p=(unsigned char *)&(buf->data[l]);
-                        /* Don't leave errors in the queue */
+                        l2n3(n,p);
-                        ERR_clear_error();
+                        i2d_X509(x,&p);
-                        for (i=0; i < sk_X509_num(xs_ctx.chain); i++)
+                        l+=n+3;
-                                {
-                                x = sk_X509_value(xs_ctx.chain, i);
+                        if (no_chain)
+                                break;
-                                if (ssl3_add_cert_to_buf(buf, &l, x))
-                                        {
+                        if (X509_NAME_cmp(X509_get_subject_name(x),
-                                        X509_STORE_CTX_cleanup(&xs_ctx);
+                                X509_get_issuer_name(x)) == 0) break;
-                                        return 0;
-                                        }
+                        i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
-                                }
+                                X509_get_issuer_name(x),&obj);
-                        X509_STORE_CTX_cleanup(&xs_ctx);
+                        if (i <= 0) break;
+                        x=obj.data.x509;
+                        /* Count is one too high since the X509_STORE_get uped the
+                         * ref count */
+                        X509_free(x);
                        }
+                if (!no_chain)
+                        X509_STORE_CTX_cleanup(&xs_ctx);
                }
        /* Thawte special :-) */
+        if (s->ctx->extra_certs != NULL)
        for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
                {
                x=sk_X509_value(s->ctx->extra_certs,i);
-                if (ssl3_add_cert_to_buf(buf, &l, x))
+                n=i2d_X509(x,NULL);
+                if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
+                        {
+                        SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
                        return(0);
+                        }
+                p=(unsigned char *)&(buf->data[l]);
+                l2n3(n,p);
+                i2d_X509(x,&p);
+                l+=n+3;
                }
        l-=7;
@@ -550,16 +518,9 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
        else if (i == EVP_PKEY_EC)
                {
                ret = SSL_PKEY_ECC;
-                }       
-#endif
-        else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) 
-                {
-                ret = SSL_PKEY_GOST94;
-                }
-        else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) 
-                {
-                ret = SSL_PKEY_GOST01;
                }
+#endif
 err:
        if(!pkey) EVP_PKEY_free(pk);
        return(ret);
@@ -625,189 +586,37 @@ int ssl_verify_alarm_type(long type)
        return(al);
        }
-#ifndef OPENSSL_NO_BUF_FREELISTS
+int ssl3_setup_buffers(SSL *s)
-/* On some platforms, malloc() performance is bad enough that you can't just
- * free() and malloc() buffers all the time, so we need to use freelists from
- * unused buffers.  Currently, each freelist holds memory chunks of only a
- * given size (list->chunklen); other sized chunks are freed and malloced.
- * This doesn't help much if you're using many different SSL option settings
- * with a given context.  (The options affecting buffer size are
- * max_send_fragment, read buffer vs write buffer,
- * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
- * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.)  Using a separate freelist for every
- * possible size is not an option, since max_send_fragment can take on many
- * different values.
- *
- * If you are on a platform with a slow malloc(), and you're using SSL
- * connections with many different settings for these options, and you need to
- * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
- *    - Link against a faster malloc implementation.
- *    - Use a separate SSL_CTX for each option set.
- *    - Improve this code.
- */
-static void *
-freelist_extract(SSL_CTX *ctx, int for_read, int sz)
-        {
-        SSL3_BUF_FREELIST *list;
-        SSL3_BUF_FREELIST_ENTRY *ent = NULL;
-        void *result = NULL;
-        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-        list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-        if (list != NULL && sz == (int)list->chunklen)
-                ent = list->head;
-        if (ent != NULL)
-                {
-                list->head = ent->next;
-                result = ent;
-                if (--list->len == 0)
-                        list->chunklen = 0;
-                }
-        CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-        if (!result)
-                result = OPENSSL_malloc(sz);
-        return result;
-}
-static void
-freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
-        {
-        SSL3_BUF_FREELIST *list;
-        SSL3_BUF_FREELIST_ENTRY *ent;
-        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-        list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-        if (list != NULL &&
-            (sz == list->chunklen || list->chunklen == 0) &&
-            list->len < ctx->freelist_max_len &&
-            sz >= sizeof(*ent))
-                {
-                list->chunklen = sz;
-                ent = mem;
-                ent->next = list->head;
-                list->head = ent;
-                ++list->len;
-                mem = NULL;
-                }
-        CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-        if (mem)
-                OPENSSL_free(mem);
-        }
-#else
-#define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
-#define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
-#endif
-int ssl3_setup_read_buffer(SSL *s)
        {
        unsigned char *p;
-        size_t len,align=0,headerlen;
+        unsigned int extra;
-        
+        size_t len;
-        if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
-                headerlen = DTLS1_RT_HEADER_LENGTH;
-        else
-                headerlen = SSL3_RT_HEADER_LENGTH;
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
-        align = (-SSL3_RT_HEADER_LENGTH)&(SSL3_ALIGN_PAYLOAD-1);
-#endif
        if (s->s3->rbuf.buf == NULL)
                {
-                len = SSL3_RT_MAX_PLAIN_LENGTH
-                        + SSL3_RT_MAX_ENCRYPTED_OVERHEAD
-                        + headerlen + align;
                if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
-                        {
+                        extra=SSL3_RT_MAX_EXTRA;
-                        s->s3->init_extra = 1;
+                else
-                        len += SSL3_RT_MAX_EXTRA;
+                        extra=0;
-                        }
+                len = SSL3_RT_MAX_PACKET_SIZE + extra;
-#ifndef OPENSSL_NO_COMP
+                if ((p=OPENSSL_malloc(len)) == NULL)
-                if (!(s->options & SSL_OP_NO_COMPRESSION))
-                        len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
-#endif
-                if ((p=freelist_extract(s->ctx, 1, len)) == NULL)
                        goto err;
                s->s3->rbuf.buf = p;
                s->s3->rbuf.len = len;
                }
-        s->packet= &(s->s3->rbuf.buf[0]);
-        return 1;
-err:
-        SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER,ERR_R_MALLOC_FAILURE);
-        return 0;
-        }
-int ssl3_setup_write_buffer(SSL *s)
-        {
-        unsigned char *p;
-        size_t len,align=0,headerlen;
-        if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
-                headerlen = DTLS1_RT_HEADER_LENGTH + 1;
-        else
-                headerlen = SSL3_RT_HEADER_LENGTH;
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
-        align = (-SSL3_RT_HEADER_LENGTH)&(SSL3_ALIGN_PAYLOAD-1);
-#endif
        if (s->s3->wbuf.buf == NULL)
                {
-                len = s->max_send_fragment
+                len = SSL3_RT_MAX_PACKET_SIZE;
-                        + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD
+                len += SSL3_RT_HEADER_LENGTH + 256; /* extra space for empty fragment */
-                        + headerlen + align;
+                if ((p=OPENSSL_malloc(len)) == NULL)
-#ifndef OPENSSL_NO_COMP
-                if (!(s->options & SSL_OP_NO_COMPRESSION))
-                        len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
-#endif
-                if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
-                        len += headerlen + align
-                                + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
-                if ((p=freelist_extract(s->ctx, 0, len)) == NULL)
                        goto err;
                s->s3->wbuf.buf = p;
                s->s3->wbuf.len = len;
                }
+        s->packet= &(s->s3->rbuf.buf[0]);
-        return 1;
+        return(1);
 err:
-        SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER,ERR_R_MALLOC_FAILURE);
+        SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
-        return 0;
+        return(0);
-        }
-int ssl3_setup_buffers(SSL *s)
-        {
-        if (!ssl3_setup_read_buffer(s))
-                return 0;
-        if (!ssl3_setup_write_buffer(s))
-                return 0;
-        return 1;
-        }
-int ssl3_release_write_buffer(SSL *s)
-        {
-        if (s->s3->wbuf.buf != NULL)
-                {
-                freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
-                s->s3->wbuf.buf = NULL;
-                }
-        return 1;
-        }
-int ssl3_release_read_buffer(SSL *s)
-        {
-        if (s->s3->rbuf.buf != NULL)
-                {
-                freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
-                s->s3->rbuf.buf = NULL;
-                }
-        return 1;
        }

diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c index a6d869df59..2ecfbb77cb 100644 --- a/src/lib/libssl/s3_both.c +++ b/src/lib/libssl/s3_both.c
@@ -160,29 +160,14 @@ int ssl3_send_finished(SSL s, int a, int b, const char sender, int slen)
160	p= &(d[4]);	160	p= &(d[4]);
161		161
162	i=s->method->ssl3_enc->final_finish_mac(s,	162	i=s->method->ssl3_enc->final_finish_mac(s,
		163	&(s->s3->finish_dgst1),
		164	&(s->s3->finish_dgst2),
163	sender,slen,s->s3->tmp.finish_md);	165	sender,slen,s->s3->tmp.finish_md);
164	s->s3->tmp.finish_md_len = i;	166	s->s3->tmp.finish_md_len = i;
165	memcpy(p, s->s3->tmp.finish_md, i);	167	memcpy(p, s->s3->tmp.finish_md, i);
166	p+=i;	168	p+=i;
167	l=i;	169	l=i;
168		170
169	/* Copy the finished so we can use it for
170	renegotiation checks */
171	if(s->type == SSL_ST_CONNECT)
172	{
173	OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
174	memcpy(s->s3->previous_client_finished,
175	s->s3->tmp.finish_md, i);
176	s->s3->previous_client_finished_len=i;
177	}
178	else
179	{
180	OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
181	memcpy(s->s3->previous_server_finished,
182	s->s3->tmp.finish_md, i);
183	s->s3->previous_server_finished_len=i;
184	}
185
186	#ifdef OPENSSL_SYS_WIN16	171	#ifdef OPENSSL_SYS_WIN16
187	/* MSVC 1.5 does not clear the top bytes of the word unless	172	/* MSVC 1.5 does not clear the top bytes of the word unless
188	* I do this.	173	* I do this.
@@ -247,23 +232,6 @@ int ssl3_get_finished(SSL *s, int a, int b)
247	goto f_err;	232	goto f_err;
248	}	233	}
249		234
250	/* Copy the finished so we can use it for
251	renegotiation checks */
252	if(s->type == SSL_ST_ACCEPT)
253	{
254	OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
255	memcpy(s->s3->previous_client_finished,
256	s->s3->tmp.peer_finish_md, i);
257	s->s3->previous_client_finished_len=i;
258	}
259	else
260	{
261	OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
262	memcpy(s->s3->previous_server_finished,
263	s->s3->tmp.peer_finish_md, i);
264	s->s3->previous_server_finished_len=i;
265	}
266
267	return(1);	235	return(1);
268	f_err:	236	f_err:
269	ssl3_send_alert(s,SSL3_AL_FATAL,al);	237	ssl3_send_alert(s,SSL3_AL_FATAL,al);
@@ -296,31 +264,15 @@ int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
296	return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));	264	return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
297	}	265	}
298		266
299	static int ssl3_add_cert_to_buf(BUF_MEM buf, unsigned long l, X509 *x)
300	{
301	int n;
302	unsigned char *p;
303
304	n=i2d_X509(x,NULL);
305	if (!BUF_MEM_grow_clean(buf,(int)(n+(*l)+3)))
306	{
307	SSLerr(SSL_F_SSL3_ADD_CERT_TO_BUF,ERR_R_BUF_LIB);
308	return(-1);
309	}
310	p=(unsigned char )&(buf->data[l]);
311	l2n3(n,p);
312	i2d_X509(x,&p);
313	*l+=n+3;
314
315	return(0);
316	}
317
318	unsigned long ssl3_output_cert_chain(SSL s, X509 x)	267	unsigned long ssl3_output_cert_chain(SSL s, X509 x)
319	{	268	{
320	unsigned char *p;	269	unsigned char *p;
321	int i;	270	int n,i;
322	unsigned long l=7;	271	unsigned long l=7;
323	BUF_MEM *buf;	272	BUF_MEM *buf;
		273	X509_STORE_CTX xs_ctx;
		274	X509_OBJECT obj;
		275
324	int no_chain;	276	int no_chain;
325		277
326	if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) \|\| s->ctx->extra_certs)	278	if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) \|\| s->ctx->extra_certs)
@@ -337,42 +289,58 @@ unsigned long ssl3_output_cert_chain(SSL s, X509 x)
337	}	289	}
338	if (x != NULL)	290	if (x != NULL)
339	{	291	{
340	if (no_chain)	292	if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
341	{	293	{
342	if (ssl3_add_cert_to_buf(buf, &l, x))	294	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
343	return(0);	295	return(0);
344	}	296	}
345	else
346	{
347	X509_STORE_CTX xs_ctx;
348		297
349	if (!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,x,NULL))	298	for (;;)
		299	{
		300	n=i2d_X509(x,NULL);
		301	if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
350	{	302	{
351	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);	303	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
352	return(0);	304	return(0);
353	}	305	}
354	X509_verify_cert(&xs_ctx);	306	p=(unsigned char *)&(buf->data[l]);
355	/* Don't leave errors in the queue */	307	l2n3(n,p);
356	ERR_clear_error();	308	i2d_X509(x,&p);
357	for (i=0; i < sk_X509_num(xs_ctx.chain); i++)	309	l+=n+3;
358	{	310
359	x = sk_X509_value(xs_ctx.chain, i);	311	if (no_chain)
360		312	break;
361	if (ssl3_add_cert_to_buf(buf, &l, x))	313
362	{	314	if (X509_NAME_cmp(X509_get_subject_name(x),
363	X509_STORE_CTX_cleanup(&xs_ctx);	315	X509_get_issuer_name(x)) == 0) break;
364	return 0;	316
365	}	317	i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
366	}	318	X509_get_issuer_name(x),&obj);
367	X509_STORE_CTX_cleanup(&xs_ctx);	319	if (i <= 0) break;
		320	x=obj.data.x509;
		321	/* Count is one too high since the X509_STORE_get uped the
		322	* ref count */
		323	X509_free(x);
368	}	324	}
		325	if (!no_chain)
		326	X509_STORE_CTX_cleanup(&xs_ctx);
369	}	327	}
		328
370	/* Thawte special :-) */	329	/* Thawte special :-) */
		330	if (s->ctx->extra_certs != NULL)
371	for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)	331	for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
372	{	332	{
373	x=sk_X509_value(s->ctx->extra_certs,i);	333	x=sk_X509_value(s->ctx->extra_certs,i);
374	if (ssl3_add_cert_to_buf(buf, &l, x))	334	n=i2d_X509(x,NULL);
		335	if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
		336	{
		337	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
375	return(0);	338	return(0);
		339	}
		340	p=(unsigned char *)&(buf->data[l]);
		341	l2n3(n,p);
		342	i2d_X509(x,&p);
		343	l+=n+3;
376	}	344	}
377		345
378	l-=7;	346	l-=7;
@@ -550,16 +518,9 @@ int ssl_cert_type(X509 x, EVP_PKEY pkey)
550	else if (i == EVP_PKEY_EC)	518	else if (i == EVP_PKEY_EC)
551	{	519	{
552	ret = SSL_PKEY_ECC;	520	ret = SSL_PKEY_ECC;
553	}
554	#endif
555	else if (i == NID_id_GostR3410_94 \|\| i == NID_id_GostR3410_94_cc)
556	{
557	ret = SSL_PKEY_GOST94;
558	}
559	else if (i == NID_id_GostR3410_2001 \|\| i == NID_id_GostR3410_2001_cc)
560	{
561	ret = SSL_PKEY_GOST01;
562	}	521	}
		522	#endif
		523
563	err:	524	err:
564	if(!pkey) EVP_PKEY_free(pk);	525	if(!pkey) EVP_PKEY_free(pk);
565	return(ret);	526	return(ret);
@@ -625,189 +586,37 @@ int ssl_verify_alarm_type(long type)
625	return(al);	586	return(al);
626	}	587	}
627		588
628	#ifndef OPENSSL_NO_BUF_FREELISTS	589	int ssl3_setup_buffers(SSL *s)
629	/* On some platforms, malloc() performance is bad enough that you can't just
630	* free() and malloc() buffers all the time, so we need to use freelists from
631	* unused buffers. Currently, each freelist holds memory chunks of only a
632	* given size (list->chunklen); other sized chunks are freed and malloced.
633	* This doesn't help much if you're using many different SSL option settings
634	* with a given context. (The options affecting buffer size are
635	* max_send_fragment, read buffer vs write buffer,
636	* SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
637	* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.) Using a separate freelist for every
638	* possible size is not an option, since max_send_fragment can take on many
639	* different values.
640	*
641	* If you are on a platform with a slow malloc(), and you're using SSL
642	* connections with many different settings for these options, and you need to
643	* use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
644	* - Link against a faster malloc implementation.
645	* - Use a separate SSL_CTX for each option set.
646	* - Improve this code.
647	*/
648	static void *
649	freelist_extract(SSL_CTX *ctx, int for_read, int sz)
650	{
651	SSL3_BUF_FREELIST *list;
652	SSL3_BUF_FREELIST_ENTRY *ent = NULL;
653	void *result = NULL;
654
655	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
656	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
657	if (list != NULL && sz == (int)list->chunklen)
658	ent = list->head;
659	if (ent != NULL)
660	{
661	list->head = ent->next;
662	result = ent;
663	if (--list->len == 0)
664	list->chunklen = 0;
665	}
666	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
667	if (!result)
668	result = OPENSSL_malloc(sz);
669	return result;
670	}
671
672	static void
673	freelist_insert(SSL_CTX ctx, int for_read, size_t sz, void mem)
674	{
675	SSL3_BUF_FREELIST *list;
676	SSL3_BUF_FREELIST_ENTRY *ent;
677
678	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
679	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
680	if (list != NULL &&
681	(sz == list->chunklen \|\| list->chunklen == 0) &&
682	list->len < ctx->freelist_max_len &&
683	sz >= sizeof(*ent))
684	{
685	list->chunklen = sz;
686	ent = mem;
687	ent->next = list->head;
688	list->head = ent;
689	++list->len;
690	mem = NULL;
691	}
692
693	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
694	if (mem)
695	OPENSSL_free(mem);
696	}
697	#else
698	#define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
699	#define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
700	#endif
701
702	int ssl3_setup_read_buffer(SSL *s)
703	{	590	{
704	unsigned char *p;	591	unsigned char *p;
705	size_t len,align=0,headerlen;	592	unsigned int extra;
706		593	size_t len;
707	if (SSL_version(s) == DTLS1_VERSION \|\| SSL_version(s) == DTLS1_BAD_VER)
708	headerlen = DTLS1_RT_HEADER_LENGTH;
709	else
710	headerlen = SSL3_RT_HEADER_LENGTH;
711
712	#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
713	align = (-SSL3_RT_HEADER_LENGTH)&(SSL3_ALIGN_PAYLOAD-1);
714	#endif
715		594
716	if (s->s3->rbuf.buf == NULL)	595	if (s->s3->rbuf.buf == NULL)
717	{	596	{
718	len = SSL3_RT_MAX_PLAIN_LENGTH
719	+ SSL3_RT_MAX_ENCRYPTED_OVERHEAD
720	+ headerlen + align;
721	if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)	597	if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
722	{	598	extra=SSL3_RT_MAX_EXTRA;
723	s->s3->init_extra = 1;	599	else
724	len += SSL3_RT_MAX_EXTRA;	600	extra=0;
725	}	601	len = SSL3_RT_MAX_PACKET_SIZE + extra;
726	#ifndef OPENSSL_NO_COMP	602	if ((p=OPENSSL_malloc(len)) == NULL)
727	if (!(s->options & SSL_OP_NO_COMPRESSION))
728	len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
729	#endif
730	if ((p=freelist_extract(s->ctx, 1, len)) == NULL)
731	goto err;	603	goto err;
732	s->s3->rbuf.buf = p;	604	s->s3->rbuf.buf = p;
733	s->s3->rbuf.len = len;	605	s->s3->rbuf.len = len;
734	}	606	}
735		607
736	s->packet= &(s->s3->rbuf.buf[0]);
737	return 1;
738
739	err:
740	SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER,ERR_R_MALLOC_FAILURE);
741	return 0;
742	}
743
744	int ssl3_setup_write_buffer(SSL *s)
745	{
746	unsigned char *p;
747	size_t len,align=0,headerlen;
748
749	if (SSL_version(s) == DTLS1_VERSION \|\| SSL_version(s) == DTLS1_BAD_VER)
750	headerlen = DTLS1_RT_HEADER_LENGTH + 1;
751	else
752	headerlen = SSL3_RT_HEADER_LENGTH;
753
754	#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
755	align = (-SSL3_RT_HEADER_LENGTH)&(SSL3_ALIGN_PAYLOAD-1);
756	#endif
757
758	if (s->s3->wbuf.buf == NULL)	608	if (s->s3->wbuf.buf == NULL)
759	{	609	{
760	len = s->max_send_fragment	610	len = SSL3_RT_MAX_PACKET_SIZE;
761	+ SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD	611	len += SSL3_RT_HEADER_LENGTH + 256; /* extra space for empty fragment */
762	+ headerlen + align;	612	if ((p=OPENSSL_malloc(len)) == NULL)
763	#ifndef OPENSSL_NO_COMP
764	if (!(s->options & SSL_OP_NO_COMPRESSION))
765	len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
766	#endif
767	if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
768	len += headerlen + align
769	+ SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
770
771	if ((p=freelist_extract(s->ctx, 0, len)) == NULL)
772	goto err;	613	goto err;
773	s->s3->wbuf.buf = p;	614	s->s3->wbuf.buf = p;
774	s->s3->wbuf.len = len;	615	s->s3->wbuf.len = len;
775	}	616	}
776		617	s->packet= &(s->s3->rbuf.buf[0]);
777	return 1;	618	return(1);
778
779	err:	619	err:
780	SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER,ERR_R_MALLOC_FAILURE);	620	SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
781	return 0;	621	return(0);
782	}
783
784
785	int ssl3_setup_buffers(SSL *s)
786	{
787	if (!ssl3_setup_read_buffer(s))
788	return 0;
789	if (!ssl3_setup_write_buffer(s))
790	return 0;
791	return 1;
792	}
793
794	int ssl3_release_write_buffer(SSL *s)
795	{
796	if (s->s3->wbuf.buf != NULL)
797	{
798	freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
799	s->s3->wbuf.buf = NULL;
800	}
801	return 1;
802	}
803
804	int ssl3_release_read_buffer(SSL *s)
805	{
806	if (s->s3->rbuf.buf != NULL)
807	{
808	freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
809	s->s3->rbuf.buf = NULL;
810	}
811	return 1;
812	}	622	}
813