summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/s3_clnt.c26
1 files changed, 18 insertions, 8 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index 0c8f551f73..62040f9f1d 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -69,7 +69,7 @@ static SSL_METHOD *ssl3_get_client_method(int ver);
69static int ssl3_client_hello(SSL *s); 69static int ssl3_client_hello(SSL *s);
70static int ssl3_get_server_hello(SSL *s); 70static int ssl3_get_server_hello(SSL *s);
71static int ssl3_get_certificate_request(SSL *s); 71static int ssl3_get_certificate_request(SSL *s);
72static int ca_dn_cmp(X509_NAME **a,X509_NAME **b); 72static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
73static int ssl3_get_server_done(SSL *s); 73static int ssl3_get_server_done(SSL *s);
74static int ssl3_send_client_verify(SSL *s); 74static int ssl3_send_client_verify(SSL *s);
75static int ssl3_send_client_certificate(SSL *s); 75static int ssl3_send_client_certificate(SSL *s);
@@ -142,7 +142,12 @@ int ssl3_connect(SSL *s)
142 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 142 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
143 143
144 if ((s->version & 0xff00 ) != 0x0300) 144 if ((s->version & 0xff00 ) != 0x0300)
145 abort(); 145 {
146 SSLerr(SSL_F_SSL3_CONNECT, SSL_R_INTERNAL_ERROR);
147 ret = -1;
148 goto end;
149 }
150
146 /* s->version=SSL3_VERSION; */ 151 /* s->version=SSL3_VERSION; */
147 s->type=SSL_ST_CONNECT; 152 s->type=SSL_ST_CONNECT;
148 153
@@ -764,6 +769,7 @@ static int ssl3_get_server_certificate(SSL *s)
764 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED); 769 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
765 goto f_err; 770 goto f_err;
766 } 771 }
772 ERR_clear_error(); /* but we keep s->verify_result */
767 773
768 sc=ssl_sess_cert_new(); 774 sc=ssl_sess_cert_new();
769 if (sc == NULL) goto err; 775 if (sc == NULL) goto err;
@@ -934,10 +940,12 @@ static int ssl3_get_key_exchange(SSL *s)
934 s->session->sess_cert->peer_rsa_tmp=rsa; 940 s->session->sess_cert->peer_rsa_tmp=rsa;
935 rsa=NULL; 941 rsa=NULL;
936 } 942 }
937 else 943#else /* NO_RSA */
944 if (0)
945 ;
938#endif 946#endif
939#ifndef NO_DH 947#ifndef NO_DH
940 if (alg & SSL_kEDH) 948 else if (alg & SSL_kEDH)
941 { 949 {
942 if ((dh=DH_new()) == NULL) 950 if ((dh=DH_new()) == NULL)
943 { 951 {
@@ -993,10 +1001,12 @@ static int ssl3_get_key_exchange(SSL *s)
993#ifndef NO_RSA 1001#ifndef NO_RSA
994 if (alg & SSL_aRSA) 1002 if (alg & SSL_aRSA)
995 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); 1003 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
996 else 1004#else
1005 if (0)
1006 ;
997#endif 1007#endif
998#ifndef NO_DSA 1008#ifndef NO_DSA
999 if (alg & SSL_aDSS) 1009 else if (alg & SSL_aDSS)
1000 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509); 1010 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
1001#endif 1011#endif
1002 /* else anonymous DH, so no certificate or pkey. */ 1012 /* else anonymous DH, so no certificate or pkey. */
@@ -1010,7 +1020,7 @@ static int ssl3_get_key_exchange(SSL *s)
1010 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER); 1020 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
1011 goto f_err; 1021 goto f_err;
1012 } 1022 }
1013#endif 1023#endif /* !NO_DH */
1014 if (alg & SSL_aFZA) 1024 if (alg & SSL_aFZA)
1015 { 1025 {
1016 al=SSL_AD_HANDSHAKE_FAILURE; 1026 al=SSL_AD_HANDSHAKE_FAILURE;
@@ -1274,7 +1284,7 @@ err:
1274 return(ret); 1284 return(ret);
1275 } 1285 }
1276 1286
1277static int ca_dn_cmp(X509_NAME **a, X509_NAME **b) 1287static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
1278 { 1288 {
1279 return(X509_NAME_cmp(*a,*b)); 1289 return(X509_NAME_cmp(*a,*b));
1280 } 1290 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 12:28:47 +0000