summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
-rw-r--r--src/lib/libssl/s3_lib.c280
1 files changed, 181 insertions, 99 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index c79464da55..28a3d51b9e 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -2743,9 +2743,11 @@ SSL3_ENC_METHOD SSLv3_enc_data = {
2743long 2743long
2744ssl3_default_timeout(void) 2744ssl3_default_timeout(void)
2745{ 2745{
2746 /* 2 hours, the 24 hours mentioned in the SSLv3 spec 2746 /*
2747 * is way too long for http, the cache would over fill */ 2747 * 2 hours, the 24 hours mentioned in the SSLv3 spec
2748 return (60*60*2); 2748 * is way too long for http, the cache would over fill
2749 */
2750 return (60 * 60 * 2);
2749} 2751}
2750 2752
2751int 2753int
@@ -2769,13 +2771,14 @@ ssl3_pending(const SSL *s)
2769 if (s->rstate == SSL_ST_READ_BODY) 2771 if (s->rstate == SSL_ST_READ_BODY)
2770 return 0; 2772 return 0;
2771 2773
2772 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 2774 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ?
2775 s->s3->rrec.length : 0;
2773} 2776}
2774 2777
2775int 2778int
2776ssl3_new(SSL *s) 2779ssl3_new(SSL *s)
2777{ 2780{
2778 SSL3_STATE *s3; 2781 SSL3_STATE *s3;
2779 2782
2780 if ((s3 = calloc(1, sizeof *s3)) == NULL) 2783 if ((s3 = calloc(1, sizeof *s3)) == NULL)
2781 goto err; 2784 goto err;
@@ -2840,9 +2843,9 @@ ssl3_free(SSL *s)
2840void 2843void
2841ssl3_clear(SSL *s) 2844ssl3_clear(SSL *s)
2842{ 2845{
2843 unsigned char *rp, *wp; 2846 unsigned char *rp, *wp;
2844 size_t rlen, wlen; 2847 size_t rlen, wlen;
2845 int init_extra; 2848 int init_extra;
2846 2849
2847#ifdef TLSEXT_TYPE_opaque_prf_input 2850#ifdef TLSEXT_TYPE_opaque_prf_input
2848 if (s->s3->client_opaque_prf_input != NULL) 2851 if (s->s3->client_opaque_prf_input != NULL)
@@ -2932,7 +2935,8 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2932 if (cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || 2935 if (cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB ||
2933 cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) { 2936 cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
2934 if (!ssl_cert_inst(&s->cert)) { 2937 if (!ssl_cert_inst(&s->cert)) {
2935 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 2938 SSLerr(SSL_F_SSL3_CTRL,
2939 ERR_R_MALLOC_FAILURE);
2936 return (0); 2940 return (0);
2937 } 2941 }
2938 } 2942 }
@@ -2959,18 +2963,21 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2959 case SSL_CTRL_NEED_TMP_RSA: 2963 case SSL_CTRL_NEED_TMP_RSA:
2960 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 2964 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
2961 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 2965 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
2962 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8)))) 2966 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)
2967 > (512 / 8))))
2963 ret = 1; 2968 ret = 1;
2964 break; 2969 break;
2965 case SSL_CTRL_SET_TMP_RSA: 2970 case SSL_CTRL_SET_TMP_RSA:
2966 { 2971 {
2967 RSA *rsa = (RSA *)parg; 2972 RSA *rsa = (RSA *)parg;
2968 if (rsa == NULL) { 2973 if (rsa == NULL) {
2969 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 2974 SSLerr(SSL_F_SSL3_CTRL,
2975 ERR_R_PASSED_NULL_PARAMETER);
2970 return (ret); 2976 return (ret);
2971 } 2977 }
2972 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) { 2978 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
2973 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); 2979 SSLerr(SSL_F_SSL3_CTRL,
2980 ERR_R_RSA_LIB);
2974 return (ret); 2981 return (ret);
2975 } 2982 }
2976 if (s->cert->rsa_tmp != NULL) 2983 if (s->cert->rsa_tmp != NULL)
@@ -2981,7 +2988,8 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2981 break; 2988 break;
2982 case SSL_CTRL_SET_TMP_RSA_CB: 2989 case SSL_CTRL_SET_TMP_RSA_CB:
2983 { 2990 {
2984 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2991 SSLerr(SSL_F_SSL3_CTRL,
2992 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2985 return (ret); 2993 return (ret);
2986 } 2994 }
2987 break; 2995 break;
@@ -2990,17 +2998,20 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2990 { 2998 {
2991 DH *dh = (DH *)parg; 2999 DH *dh = (DH *)parg;
2992 if (dh == NULL) { 3000 if (dh == NULL) {
2993 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3001 SSLerr(SSL_F_SSL3_CTRL,
3002 ERR_R_PASSED_NULL_PARAMETER);
2994 return (ret); 3003 return (ret);
2995 } 3004 }
2996 if ((dh = DHparams_dup(dh)) == NULL) { 3005 if ((dh = DHparams_dup(dh)) == NULL) {
2997 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3006 SSLerr(SSL_F_SSL3_CTRL,
3007 ERR_R_DH_LIB);
2998 return (ret); 3008 return (ret);
2999 } 3009 }
3000 if (!(s->options & SSL_OP_SINGLE_DH_USE)) { 3010 if (!(s->options & SSL_OP_SINGLE_DH_USE)) {
3001 if (!DH_generate_key(dh)) { 3011 if (!DH_generate_key(dh)) {
3002 DH_free(dh); 3012 DH_free(dh);
3003 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3013 SSLerr(SSL_F_SSL3_CTRL,
3014 ERR_R_DH_LIB);
3004 return (ret); 3015 return (ret);
3005 } 3016 }
3006 } 3017 }
@@ -3012,7 +3023,8 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3012 break; 3023 break;
3013 case SSL_CTRL_SET_TMP_DH_CB: 3024 case SSL_CTRL_SET_TMP_DH_CB:
3014 { 3025 {
3015 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3026 SSLerr(SSL_F_SSL3_CTRL,
3027 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3016 return (ret); 3028 return (ret);
3017 } 3029 }
3018 break; 3030 break;
@@ -3023,18 +3035,21 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3023 EC_KEY *ecdh = NULL; 3035 EC_KEY *ecdh = NULL;
3024 3036
3025 if (parg == NULL) { 3037 if (parg == NULL) {
3026 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3038 SSLerr(SSL_F_SSL3_CTRL,
3039 ERR_R_PASSED_NULL_PARAMETER);
3027 return (ret); 3040 return (ret);
3028 } 3041 }
3029 if (!EC_KEY_up_ref((EC_KEY *)parg)) { 3042 if (!EC_KEY_up_ref((EC_KEY *)parg)) {
3030 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3043 SSLerr(SSL_F_SSL3_CTRL,
3044 ERR_R_ECDH_LIB);
3031 return (ret); 3045 return (ret);
3032 } 3046 }
3033 ecdh = (EC_KEY *)parg; 3047 ecdh = (EC_KEY *)parg;
3034 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) { 3048 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
3035 if (!EC_KEY_generate_key(ecdh)) { 3049 if (!EC_KEY_generate_key(ecdh)) {
3036 EC_KEY_free(ecdh); 3050 EC_KEY_free(ecdh);
3037 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3051 SSLerr(SSL_F_SSL3_CTRL,
3052 ERR_R_ECDH_LIB);
3038 return (ret); 3053 return (ret);
3039 } 3054 }
3040 } 3055 }
@@ -3046,7 +3061,8 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3046 break; 3061 break;
3047 case SSL_CTRL_SET_TMP_ECDH_CB: 3062 case SSL_CTRL_SET_TMP_ECDH_CB:
3048 { 3063 {
3049 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3064 SSLerr(SSL_F_SSL3_CTRL,
3065 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3050 return (ret); 3066 return (ret);
3051 } 3067 }
3052 break; 3068 break;
@@ -3062,15 +3078,19 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3062 if (parg == NULL) 3078 if (parg == NULL)
3063 break; 3079 break;
3064 if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) { 3080 if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
3065 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 3081 SSLerr(SSL_F_SSL3_CTRL,
3082 SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3066 return 0; 3083 return 0;
3067 } 3084 }
3068 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) { 3085 if ((s->tlsext_hostname = BUF_strdup((char *)parg))
3069 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 3086 == NULL) {
3087 SSLerr(SSL_F_SSL3_CTRL,
3088 ERR_R_INTERNAL_ERROR);
3070 return 0; 3089 return 0;
3071 } 3090 }
3072 } else { 3091 } else {
3073 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 3092 SSLerr(SSL_F_SSL3_CTRL,
3093 SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3074 return 0; 3094 return 0;
3075 } 3095 }
3076 break; 3096 break;
@@ -3082,9 +3102,13 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3082#ifdef TLSEXT_TYPE_opaque_prf_input 3102#ifdef TLSEXT_TYPE_opaque_prf_input
3083 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3103 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
3084 if (larg > 12288) { 3104 if (larg > 12288) {
3085 /* actual internal limit is 2^16 for the complete hello message 3105 /*
3086 * (including the cert chain and everything) */ 3106 * Actual internal limit is 2^16 for the complete
3087 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3107 * hello message (including the cert chain and
3108 * everything)
3109 */
3110 SSLerr(SSL_F_SSL3_CTRL,
3111 SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
3088 break; 3112 break;
3089 } 3113 }
3090 if (s->tlsext_opaque_prf_input != NULL) 3114 if (s->tlsext_opaque_prf_input != NULL)
@@ -3148,11 +3172,12 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3148long 3172long
3149ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) 3173ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
3150{ 3174{
3151 int ret = 0; 3175 int ret = 0;
3152 3176
3153 if (cmd == SSL_CTRL_SET_TMP_RSA_CB || cmd == SSL_CTRL_SET_TMP_DH_CB) { 3177 if (cmd == SSL_CTRL_SET_TMP_RSA_CB || cmd == SSL_CTRL_SET_TMP_DH_CB) {
3154 if (!ssl_cert_inst(&s->cert)) { 3178 if (!ssl_cert_inst(&s->cert)) {
3155 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); 3179 SSLerr(SSL_F_SSL3_CALLBACK_CTRL,
3180 ERR_R_MALLOC_FAILURE);
3156 return (0); 3181 return (0);
3157 } 3182 }
3158 } 3183 }
@@ -3173,14 +3198,15 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
3173#ifndef OPENSSL_NO_ECDH 3198#ifndef OPENSSL_NO_ECDH
3174 case SSL_CTRL_SET_TMP_ECDH_CB: 3199 case SSL_CTRL_SET_TMP_ECDH_CB:
3175 { 3200 {
3176 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3201 s->cert->ecdh_tmp_cb =
3202 (EC_KEY *(*)(SSL *, int, int))fp;
3177 } 3203 }
3178 break; 3204 break;
3179#endif 3205#endif
3180#ifndef OPENSSL_NO_TLSEXT 3206#ifndef OPENSSL_NO_TLSEXT
3181 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3207 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3182 s->tlsext_debug_cb = (void (*)(SSL *, int , int, 3208 s->tlsext_debug_cb = (void (*)(SSL *, int , int,
3183 unsigned char *, int, void *))fp; 3209 unsigned char *, int, void *))fp;
3184 break; 3210 break;
3185#endif 3211#endif
3186 default: 3212 default:
@@ -3192,7 +3218,7 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
3192long 3218long
3193ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3219ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3194{ 3220{
3195 CERT *cert; 3221 CERT *cert;
3196 3222
3197 cert = ctx->cert; 3223 cert = ctx->cert;
3198 3224
@@ -3200,7 +3226,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3200 case SSL_CTRL_NEED_TMP_RSA: 3226 case SSL_CTRL_NEED_TMP_RSA:
3201 if ((cert->rsa_tmp == NULL) && 3227 if ((cert->rsa_tmp == NULL) &&
3202 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3228 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3203 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8)))) 3229 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
3230 (512 / 8))))
3204 return (1); 3231 return (1);
3205 else 3232 else
3206 return (0); 3233 return (0);
@@ -3219,7 +3246,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3219 i = 0; 3246 i = 0;
3220 } 3247 }
3221 if (!i) { 3248 if (!i) {
3222 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB); 3249 SSLerr(SSL_F_SSL3_CTX_CTRL,
3250 ERR_R_RSA_LIB);
3223 return (0); 3251 return (0);
3224 } else { 3252 } else {
3225 if (cert->rsa_tmp != NULL) 3253 if (cert->rsa_tmp != NULL)
@@ -3231,7 +3259,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3231 /* break; */ 3259 /* break; */
3232 case SSL_CTRL_SET_TMP_RSA_CB: 3260 case SSL_CTRL_SET_TMP_RSA_CB:
3233 { 3261 {
3234 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3262 SSLerr(SSL_F_SSL3_CTX_CTRL,
3263 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3235 return (0); 3264 return (0);
3236 } 3265 }
3237 break; 3266 break;
@@ -3242,12 +3271,14 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3242 3271
3243 dh = (DH *)parg; 3272 dh = (DH *)parg;
3244 if ((new = DHparams_dup(dh)) == NULL) { 3273 if ((new = DHparams_dup(dh)) == NULL) {
3245 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); 3274 SSLerr(SSL_F_SSL3_CTX_CTRL,
3275 ERR_R_DH_LIB);
3246 return 0; 3276 return 0;
3247 } 3277 }
3248 if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) { 3278 if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
3249 if (!DH_generate_key(new)) { 3279 if (!DH_generate_key(new)) {
3250 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); 3280 SSLerr(SSL_F_SSL3_CTX_CTRL,
3281 ERR_R_DH_LIB);
3251 DH_free(new); 3282 DH_free(new);
3252 return 0; 3283 return 0;
3253 } 3284 }
@@ -3260,7 +3291,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3260 /*break; */ 3291 /*break; */
3261 case SSL_CTRL_SET_TMP_DH_CB: 3292 case SSL_CTRL_SET_TMP_DH_CB:
3262 { 3293 {
3263 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3294 SSLerr(SSL_F_SSL3_CTX_CTRL,
3295 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3264 return (0); 3296 return (0);
3265 } 3297 }
3266 break; 3298 break;
@@ -3271,18 +3303,21 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3271 EC_KEY *ecdh = NULL; 3303 EC_KEY *ecdh = NULL;
3272 3304
3273 if (parg == NULL) { 3305 if (parg == NULL) {
3274 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3306 SSLerr(SSL_F_SSL3_CTX_CTRL,
3307 ERR_R_ECDH_LIB);
3275 return 0; 3308 return 0;
3276 } 3309 }
3277 ecdh = EC_KEY_dup((EC_KEY *)parg); 3310 ecdh = EC_KEY_dup((EC_KEY *)parg);
3278 if (ecdh == NULL) { 3311 if (ecdh == NULL) {
3279 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB); 3312 SSLerr(SSL_F_SSL3_CTX_CTRL,
3313 ERR_R_EC_LIB);
3280 return 0; 3314 return 0;
3281 } 3315 }
3282 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) { 3316 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
3283 if (!EC_KEY_generate_key(ecdh)) { 3317 if (!EC_KEY_generate_key(ecdh)) {
3284 EC_KEY_free(ecdh); 3318 EC_KEY_free(ecdh);
3285 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3319 SSLerr(SSL_F_SSL3_CTX_CTRL,
3320 ERR_R_ECDH_LIB);
3286 return 0; 3321 return 0;
3287 } 3322 }
3288 } 3323 }
@@ -3296,7 +3331,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3296 /* break; */ 3331 /* break; */
3297 case SSL_CTRL_SET_TMP_ECDH_CB: 3332 case SSL_CTRL_SET_TMP_ECDH_CB:
3298 { 3333 {
3299 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3334 SSLerr(SSL_F_SSL3_CTX_CTRL,
3335 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3300 return (0); 3336 return (0);
3301 } 3337 }
3302 break; 3338 break;
@@ -3312,17 +3348,21 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3312 if (!keys) 3348 if (!keys)
3313 return 48; 3349 return 48;
3314 if (larg != 48) { 3350 if (larg != 48) {
3315 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3351 SSLerr(SSL_F_SSL3_CTX_CTRL,
3352 SSL_R_INVALID_TICKET_KEYS_LENGTH);
3316 return 0; 3353 return 0;
3317 } 3354 }
3318 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 3355 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3319 memcpy(ctx->tlsext_tick_key_name, keys, 16); 3356 memcpy(ctx->tlsext_tick_key_name, keys, 16);
3320 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 3357 memcpy(ctx->tlsext_tick_hmac_key,
3358 keys + 16, 16);
3321 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 3359 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
3322 } else { 3360 } else {
3323 memcpy(keys, ctx->tlsext_tick_key_name, 16); 3361 memcpy(keys, ctx->tlsext_tick_key_name, 16);
3324 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 3362 memcpy(keys + 16,
3325 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 3363 ctx->tlsext_tick_hmac_key, 16);
3364 memcpy(keys + 32,
3365 ctx->tlsext_tick_aes_key, 16);
3326 } 3366 }
3327 return 1; 3367 return 1;
3328 } 3368 }
@@ -3346,17 +3386,21 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3346 ctx->srp_ctx.login = NULL; 3386 ctx->srp_ctx.login = NULL;
3347 if (parg == NULL) 3387 if (parg == NULL)
3348 break; 3388 break;
3349 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) { 3389 if (strlen((const char *)parg) > 255 ||
3350 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3390 strlen((const char *)parg) < 1) {
3391 SSLerr(SSL_F_SSL3_CTX_CTRL,
3392 SSL_R_INVALID_SRP_USERNAME);
3351 return 0; 3393 return 0;
3352 } 3394 }
3353 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) { 3395 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
3354 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3396 SSLerr(SSL_F_SSL3_CTX_CTRL,
3397 ERR_R_INTERNAL_ERROR);
3355 return 0; 3398 return 0;
3356 } 3399 }
3357 break; 3400 break;
3358 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3401 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3359 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = srp_password_from_info_cb; 3402 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3403 srp_password_from_info_cb;
3360 ctx->srp_ctx.info = parg; 3404 ctx->srp_ctx.info = parg;
3361 break; 3405 break;
3362 case SSL_CTRL_SET_SRP_ARG: 3406 case SSL_CTRL_SET_SRP_ARG:
@@ -3399,7 +3443,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3399long 3443long
3400ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) 3444ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
3401{ 3445{
3402 CERT *cert; 3446 CERT *cert;
3403 3447
3404 cert = ctx->cert; 3448 cert = ctx->cert;
3405 3449
@@ -3425,12 +3469,14 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
3425#endif 3469#endif
3426#ifndef OPENSSL_NO_TLSEXT 3470#ifndef OPENSSL_NO_TLSEXT
3427 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 3471 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3428 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp; 3472 ctx->tlsext_servername_callback =
3473 (int (*)(SSL *, int *, void *))fp;
3429 break; 3474 break;
3430 3475
3431#ifdef TLSEXT_TYPE_opaque_prf_input 3476#ifdef TLSEXT_TYPE_opaque_prf_input
3432 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB: 3477 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
3433 ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *, void *, size_t, void *))fp; 3478 ctx->tlsext_opaque_prf_input_callback =
3479 (int (*)(SSL *, void *, size_t, void *))fp;
3434 break; 3480 break;
3435#endif 3481#endif
3436 3482
@@ -3472,9 +3518,9 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
3472const SSL_CIPHER * 3518const SSL_CIPHER *
3473ssl3_get_cipher_by_char(const unsigned char *p) 3519ssl3_get_cipher_by_char(const unsigned char *p)
3474{ 3520{
3475 SSL_CIPHER c; 3521 SSL_CIPHER c;
3476 const SSL_CIPHER *cp; 3522 const SSL_CIPHER *cp;
3477 unsigned long id; 3523 unsigned long id;
3478 3524
3479 id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1]; 3525 id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
3480 c.id = id; 3526 c.id = id;
@@ -3492,7 +3538,7 @@ ssl3_get_cipher_by_char(const unsigned char *p)
3492int 3538int
3493ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 3539ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
3494{ 3540{
3495 long l; 3541 long l;
3496 3542
3497 if (p != NULL) { 3543 if (p != NULL) {
3498 l = c->id; 3544 l = c->id;
@@ -3507,9 +3553,9 @@ ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
3507SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 3553SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3508 STACK_OF(SSL_CIPHER) *srvr) 3554 STACK_OF(SSL_CIPHER) *srvr)
3509{ 3555{
3510 SSL_CIPHER *c, *ret = NULL; 3556 SSL_CIPHER *c, *ret = NULL;
3511 STACK_OF(SSL_CIPHER) *prio, *allow; 3557 STACK_OF(SSL_CIPHER) *prio, *allow;
3512 int i, ii, ok; 3558 int i, ii, ok;
3513#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC) 3559#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
3514 unsigned int j; 3560 unsigned int j;
3515 int ec_ok, ec_nid; 3561 int ec_ok, ec_nid;
@@ -3522,7 +3568,8 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3522 cert = s->cert; 3568 cert = s->cert;
3523 3569
3524#if 0 3570#if 0
3525 /* Do not set the compare functions, because this may lead to a 3571 /*
3572 * Do not set the compare functions, because this may lead to a
3526 * reordering by "id". We want to keep the original ordering. 3573 * reordering by "id". We want to keep the original ordering.
3527 * We may pay a price in performance during sk_SSL_CIPHER_find(), 3574 * We may pay a price in performance during sk_SSL_CIPHER_find(),
3528 * but would have to pay with the price of sk_SSL_CIPHER_dup(). 3575 * but would have to pay with the price of sk_SSL_CIPHER_dup().
@@ -3532,12 +3579,14 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3532#endif 3579#endif
3533 3580
3534#ifdef CIPHER_DEBUG 3581#ifdef CIPHER_DEBUG
3535 printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr); 3582 printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
3583 (void *)srvr);
3536 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { 3584 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
3537 c = sk_SSL_CIPHER_value(srvr, i); 3585 c = sk_SSL_CIPHER_value(srvr, i);
3538 printf("%p:%s\n",(void *)c, c->name); 3586 printf("%p:%s\n",(void *)c, c->name);
3539 } 3587 }
3540 printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt); 3588 printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
3589 (void *)clnt);
3541 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { 3590 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
3542 c = sk_SSL_CIPHER_value(clnt, i); 3591 c = sk_SSL_CIPHER_value(clnt, i);
3543 printf("%p:%s\n",(void *)c, c->name); 3592 printf("%p:%s\n",(void *)c, c->name);
@@ -3592,26 +3641,35 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3592 if (SSL_C_IS_EXPORT(c)) { 3641 if (SSL_C_IS_EXPORT(c)) {
3593 ok = (alg_k & emask_k) && (alg_a & emask_a); 3642 ok = (alg_k & emask_k) && (alg_a & emask_a);
3594#ifdef CIPHER_DEBUG 3643#ifdef CIPHER_DEBUG
3595 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n", ok, alg_k, alg_a, emask_k, emask_a, 3644 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",
3596 (void *)c, c->name); 3645 ok, alg_k, alg_a, emask_k, emask_a, (void *)c,
3646 c->name);
3597#endif 3647#endif
3598 } else { 3648 } else {
3599 ok = (alg_k & mask_k) && (alg_a & mask_a); 3649 ok = (alg_k & mask_k) && (alg_a & mask_a);
3600#ifdef CIPHER_DEBUG 3650#ifdef CIPHER_DEBUG
3601 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, alg_a, mask_k, mask_a,(void *)c, 3651 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
3602 c->name); 3652 ok, alg_k, alg_a, mask_k, mask_a,(void *)c,
3653 c->name);
3603#endif 3654#endif
3604 } 3655 }
3605 3656
3606#ifndef OPENSSL_NO_TLSEXT 3657#ifndef OPENSSL_NO_TLSEXT
3607#ifndef OPENSSL_NO_EC 3658#ifndef OPENSSL_NO_EC
3608 if ( 3659 if (
3609 /* if we are considering an ECC cipher suite that uses our certificate */ 3660 /*
3661 * if we are considering an ECC cipher suite that uses our
3662 * certificate
3663 */
3610 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 3664 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3611 /* and we have an ECC certificate */ 3665 /* and we have an ECC certificate */
3612 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 3666 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
3613 /* and the client specified a Supported Point Formats extension */ 3667 /*
3614 && ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL)) 3668 * and the client specified a Supported Point Formats
3669 * extension
3670 */
3671 && ((s->session->tlsext_ecpointformatlist_length > 0) &&
3672 (s->session->tlsext_ecpointformatlist != NULL))
3615 /* and our certificate's point is compressed */ 3673 /* and our certificate's point is compressed */
3616 && ( 3674 && (
3617 (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL) 3675 (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
@@ -3625,8 +3683,11 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3625 ) 3683 )
3626 ) { 3684 ) {
3627 ec_ok = 0; 3685 ec_ok = 0;
3628 /* if our certificate's curve is over a field type that the client does not support 3686 /*
3629 * then do not allow this cipher suite to be negotiated */ 3687 * If our certificate's curve is over a field type
3688 * that the client does not support then do not allow
3689 * this cipher suite to be negotiated
3690 */
3630 if ( 3691 if (
3631 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) 3692 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
3632 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL) 3693 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
@@ -3650,7 +3711,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3650 ok = ok && ec_ok; 3711 ok = ok && ec_ok;
3651 } 3712 }
3652 if ( 3713 if (
3653 /* if we are considering an ECC cipher suite that uses our certificate */ 3714 /*
3715 * If we are considering an ECC cipher suite that uses our
3716 * certificate
3717 */
3654 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 3718 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3655 /* and we have an ECC certificate */ 3719 /* and we have an ECC certificate */
3656 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 3720 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
@@ -3689,7 +3753,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3689 ok = ok && ec_ok; 3753 ok = ok && ec_ok;
3690 } 3754 }
3691 if ( 3755 if (
3692 /* if we are considering an ECC cipher suite that uses an ephemeral EC key */ 3756 /*
3757 * if we are considering an ECC cipher suite that uses an
3758 * ephemeral EC key
3759 */
3693 (alg_k & SSL_kEECDH) 3760 (alg_k & SSL_kEECDH)
3694 /* and we have an ephemeral EC key */ 3761 /* and we have an ephemeral EC key */
3695 && (s->cert->ecdh_tmp != NULL) 3762 && (s->cert->ecdh_tmp != NULL)
@@ -3732,7 +3799,8 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3732 ii = sk_SSL_CIPHER_find(allow, c); 3799 ii = sk_SSL_CIPHER_find(allow, c);
3733 if (ii >= 0) { 3800 if (ii >= 0) {
3734#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) 3801#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
3735 if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) { 3802 if ((alg_k & SSL_kEECDH) &&
3803 (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) {
3736 if (!ret) 3804 if (!ret)
3737 ret = sk_SSL_CIPHER_value(allow, ii); 3805 ret = sk_SSL_CIPHER_value(allow, ii);
3738 continue; 3806 continue;
@@ -3748,8 +3816,8 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3748int 3816int
3749ssl3_get_req_cert_type(SSL *s, unsigned char *p) 3817ssl3_get_req_cert_type(SSL *s, unsigned char *p)
3750{ 3818{
3751 int ret = 0; 3819 int ret = 0;
3752 unsigned long alg_k; 3820 unsigned long alg_k;
3753 3821
3754 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 3822 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
3755 3823
@@ -3784,7 +3852,8 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p)
3784#endif 3852#endif
3785 3853
3786#ifndef OPENSSL_NO_ECDSA 3854#ifndef OPENSSL_NO_ECDSA
3787 /* ECDSA certs can be used with RSA cipher suites as well 3855 /*
3856 * ECDSA certs can be used with RSA cipher suites as well
3788 * so we don't need to check for SSL_kECDH or SSL_kEECDH 3857 * so we don't need to check for SSL_kECDH or SSL_kEECDH
3789 */ 3858 */
3790 if (s->version >= TLS1_VERSION) { 3859 if (s->version >= TLS1_VERSION) {
@@ -3797,10 +3866,12 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p)
3797int 3866int
3798ssl3_shutdown(SSL *s) 3867ssl3_shutdown(SSL *s)
3799{ 3868{
3800 int ret; 3869 int ret;
3801 3870
3802 /* Don't do anything much if we have not done the handshake or 3871 /*
3803 * we don't want to send messages :-) */ 3872 * Don't do anything much if we have not done the handshake or
3873 * we don't want to send messages :-)
3874 */
3804 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) { 3875 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
3805 s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 3876 s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
3806 return (1); 3877 return (1);
@@ -3811,8 +3882,10 @@ ssl3_shutdown(SSL *s)
3811#if 1 3882#if 1
3812 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); 3883 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
3813#endif 3884#endif
3814 /* our shutdown alert has been sent now, and if it still needs 3885 /*
3815 * to be written, s->s3->alert_dispatch will be true */ 3886 * Our shutdown alert has been sent now, and if it still needs
3887 * to be written, s->s3->alert_dispatch will be true
3888 */
3816 if (s->s3->alert_dispatch) 3889 if (s->s3->alert_dispatch)
3817 return(-1); /* return WANT_WRITE */ 3890 return(-1); /* return WANT_WRITE */
3818 } else if (s->s3->alert_dispatch) { 3891 } else if (s->s3->alert_dispatch) {
@@ -3820,10 +3893,12 @@ ssl3_shutdown(SSL *s)
3820#if 1 3893#if 1
3821 ret = s->method->ssl_dispatch_alert(s); 3894 ret = s->method->ssl_dispatch_alert(s);
3822 if (ret == -1) { 3895 if (ret == -1) {
3823 /* we only get to return -1 here the 2nd/Nth 3896 /*
3897 * We only get to return -1 here the 2nd/Nth
3824 * invocation, we must have already signalled 3898 * invocation, we must have already signalled
3825 * return 0 upon a previous invoation, 3899 * return 0 upon a previous invoation,
3826 * return WANT_WRITE */ 3900 * return WANT_WRITE
3901 */
3827 return (ret); 3902 return (ret);
3828 } 3903 }
3829#endif 3904#endif
@@ -3845,7 +3920,7 @@ ssl3_shutdown(SSL *s)
3845int 3920int
3846ssl3_write(SSL *s, const void *buf, int len) 3921ssl3_write(SSL *s, const void *buf, int len)
3847{ 3922{
3848 int ret, n; 3923 int ret, n;
3849 3924
3850#if 0 3925#if 0
3851 if (s->shutdown & SSL_SEND_SHUTDOWN) { 3926 if (s->shutdown & SSL_SEND_SHUTDOWN) {
@@ -3857,16 +3932,18 @@ ssl3_write(SSL *s, const void *buf, int len)
3857 if (s->s3->renegotiate) 3932 if (s->s3->renegotiate)
3858 ssl3_renegotiate_check(s); 3933 ssl3_renegotiate_check(s);
3859 3934
3860 /* This is an experimental flag that sends the 3935 /*
3936 * This is an experimental flag that sends the
3861 * last handshake message in the same packet as the first 3937 * last handshake message in the same packet as the first
3862 * use data - used to see if it helps the TCP protocol during 3938 * use data - used to see if it helps the TCP protocol during
3863 * session-id reuse */ 3939 * session-id reuse
3940 */
3864 /* The second test is because the buffer may have been removed */ 3941 /* The second test is because the buffer may have been removed */
3865 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) { 3942 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) {
3866 /* First time through, we write into the buffer */ 3943 /* First time through, we write into the buffer */
3867 if (s->s3->delay_buf_pop_ret == 0) { 3944 if (s->s3->delay_buf_pop_ret == 0) {
3868 ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, 3945 ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA,
3869 buf, len); 3946 buf, len);
3870 if (ret <= 0) 3947 if (ret <= 0)
3871 return (ret); 3948 return (ret);
3872 3949
@@ -3887,7 +3964,7 @@ ssl3_write(SSL *s, const void *buf, int len)
3887 s->s3->delay_buf_pop_ret = 0; 3964 s->s3->delay_buf_pop_ret = 0;
3888 } else { 3965 } else {
3889 ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, 3966 ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
3890 buf, len); 3967 buf, len);
3891 if (ret <= 0) 3968 if (ret <= 0)
3892 return (ret); 3969 return (ret);
3893 } 3970 }
@@ -3898,21 +3975,25 @@ ssl3_write(SSL *s, const void *buf, int len)
3898static int 3975static int
3899ssl3_read_internal(SSL *s, void *buf, int len, int peek) 3976ssl3_read_internal(SSL *s, void *buf, int len, int peek)
3900{ 3977{
3901 int ret; 3978 int ret;
3902 3979
3903 errno = 0; 3980 errno = 0;
3904 if (s->s3->renegotiate) 3981 if (s->s3->renegotiate)
3905 ssl3_renegotiate_check(s); 3982 ssl3_renegotiate_check(s);
3906 s->s3->in_read_app_data = 1; 3983 s->s3->in_read_app_data = 1;
3907 ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, peek); 3984 ret = s->method->ssl_read_bytes(s,
3985 SSL3_RT_APPLICATION_DATA, buf, len, peek);
3908 if ((ret == -1) && (s->s3->in_read_app_data == 2)) { 3986 if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
3909 /* ssl3_read_bytes decided to call s->handshake_func, which 3987 /*
3988 * ssl3_read_bytes decided to call s->handshake_func, which
3910 * called ssl3_read_bytes to read handshake data. 3989 * called ssl3_read_bytes to read handshake data.
3911 * However, ssl3_read_bytes actually found application data 3990 * However, ssl3_read_bytes actually found application data
3912 * and thinks that application data makes sense here; so disable 3991 * and thinks that application data makes sense here; so disable
3913 * handshake processing and try to read application data again. */ 3992 * handshake processing and try to read application data again.
3993 */
3914 s->in_handshake++; 3994 s->in_handshake++;
3915 ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, peek); 3995 ret = s->method->ssl_read_bytes(s,
3996 SSL3_RT_APPLICATION_DATA, buf, len, peek);
3916 s->in_handshake--; 3997 s->in_handshake--;
3917 } else 3998 } else
3918 s->s3->in_read_app_data = 0; 3999 s->s3->in_read_app_data = 0;
@@ -3948,7 +4029,7 @@ ssl3_renegotiate(SSL *s)
3948int 4029int
3949ssl3_renegotiate_check(SSL *s) 4030ssl3_renegotiate_check(SSL *s)
3950{ 4031{
3951 int ret = 0; 4032 int ret = 0;
3952 4033
3953 if (s->s3->renegotiate) { 4034 if (s->s3->renegotiate) {
3954 if ((s->s3->rbuf.left == 0) && (s->s3->wbuf.left == 0) && 4035 if ((s->s3->rbuf.left == 0) && (s->s3->wbuf.left == 0) &&
@@ -3968,13 +4049,14 @@ ssl3_renegotiate_check(SSL *s)
3968 } 4049 }
3969 return (ret); 4050 return (ret);
3970} 4051}
3971/* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch 4052/*
4053 * If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
3972 * to new SHA256 PRF and handshake macs 4054 * to new SHA256 PRF and handshake macs
3973 */ 4055 */
3974long 4056long
3975ssl_get_algorithm2(SSL *s) 4057ssl_get_algorithm2(SSL *s)
3976{ 4058{
3977 long alg2 = s->s3->tmp.new_cipher->algorithm2; 4059 long alg2 = s->s3->tmp.new_cipher->algorithm2;
3978 4060
3979 if (s->method->version == TLS1_2_VERSION && 4061 if (s->method->version == TLS1_2_VERSION &&
3980 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF)) 4062 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 13:01:27 +0000