summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_clnt.c')
-rw-r--r--src/lib/libssl/ssl_clnt.c202
1 files changed, 101 insertions, 101 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 8b2f209a79..d5791e3ffc 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.154 2022/10/01 16:23:15 jsing Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.155 2022/10/02 16:36:41 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -204,7 +204,7 @@ ssl3_connect(SSL *s)
204 ERR_clear_error(); 204 ERR_clear_error();
205 errno = 0; 205 errno = 0;
206 206
207 s->internal->in_handshake++; 207 s->in_handshake++;
208 if (!SSL_in_init(s) || SSL_in_before(s)) 208 if (!SSL_in_init(s) || SSL_in_before(s))
209 SSL_clear(s); 209 SSL_clear(s);
210 210
@@ -213,9 +213,9 @@ ssl3_connect(SSL *s)
213 213
214 switch (s->s3->hs.state) { 214 switch (s->s3->hs.state) {
215 case SSL_ST_RENEGOTIATE: 215 case SSL_ST_RENEGOTIATE:
216 s->internal->renegotiate = 1; 216 s->renegotiate = 1;
217 s->s3->hs.state = SSL_ST_CONNECT; 217 s->s3->hs.state = SSL_ST_CONNECT;
218 s->ctx->internal->stats.sess_connect_renegotiate++; 218 s->ctx->stats.sess_connect_renegotiate++;
219 /* break */ 219 /* break */
220 case SSL_ST_BEFORE: 220 case SSL_ST_BEFORE:
221 case SSL_ST_CONNECT: 221 case SSL_ST_CONNECT:
@@ -268,21 +268,21 @@ ssl3_connect(SSL *s)
268 } 268 }
269 269
270 s->s3->hs.state = SSL3_ST_CW_CLNT_HELLO_A; 270 s->s3->hs.state = SSL3_ST_CW_CLNT_HELLO_A;
271 s->ctx->internal->stats.sess_connect++; 271 s->ctx->stats.sess_connect++;
272 s->internal->init_num = 0; 272 s->init_num = 0;
273 273
274 if (SSL_is_dtls(s)) { 274 if (SSL_is_dtls(s)) {
275 /* mark client_random uninitialized */ 275 /* mark client_random uninitialized */
276 memset(s->s3->client_random, 0, 276 memset(s->s3->client_random, 0,
277 sizeof(s->s3->client_random)); 277 sizeof(s->s3->client_random));
278 s->d1->send_cookie = 0; 278 s->d1->send_cookie = 0;
279 s->internal->hit = 0; 279 s->hit = 0;
280 } 280 }
281 break; 281 break;
282 282
283 case SSL3_ST_CW_CLNT_HELLO_A: 283 case SSL3_ST_CW_CLNT_HELLO_A:
284 case SSL3_ST_CW_CLNT_HELLO_B: 284 case SSL3_ST_CW_CLNT_HELLO_B:
285 s->internal->shutdown = 0; 285 s->shutdown = 0;
286 286
287 if (SSL_is_dtls(s)) { 287 if (SSL_is_dtls(s)) {
288 /* every DTLS ClientHello resets Finished MAC */ 288 /* every DTLS ClientHello resets Finished MAC */
@@ -301,7 +301,7 @@ ssl3_connect(SSL *s)
301 } else 301 } else
302 s->s3->hs.state = SSL3_ST_CR_SRVR_HELLO_A; 302 s->s3->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
303 303
304 s->internal->init_num = 0; 304 s->init_num = 0;
305 305
306 /* turn on buffering for the next lot of output */ 306 /* turn on buffering for the next lot of output */
307 if (s->bbio != s->wbio) 307 if (s->bbio != s->wbio)
@@ -315,10 +315,10 @@ ssl3_connect(SSL *s)
315 if (ret <= 0) 315 if (ret <= 0)
316 goto end; 316 goto end;
317 317
318 if (s->internal->hit) { 318 if (s->hit) {
319 s->s3->hs.state = SSL3_ST_CR_FINISHED_A; 319 s->s3->hs.state = SSL3_ST_CR_FINISHED_A;
320 if (!SSL_is_dtls(s)) { 320 if (!SSL_is_dtls(s)) {
321 if (s->internal->tlsext_ticket_expected) { 321 if (s->tlsext_ticket_expected) {
322 /* receive renewed session ticket */ 322 /* receive renewed session ticket */
323 s->s3->hs.state = SSL3_ST_CR_SESSION_TICKET_A; 323 s->s3->hs.state = SSL3_ST_CR_SESSION_TICKET_A;
324 } 324 }
@@ -331,7 +331,7 @@ ssl3_connect(SSL *s)
331 } else { 331 } else {
332 s->s3->hs.state = SSL3_ST_CR_CERT_A; 332 s->s3->hs.state = SSL3_ST_CR_CERT_A;
333 } 333 }
334 s->internal->init_num = 0; 334 s->init_num = 0;
335 break; 335 break;
336 336
337 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 337 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
@@ -344,7 +344,7 @@ ssl3_connect(SSL *s)
344 s->s3->hs.state = SSL3_ST_CW_CLNT_HELLO_A; 344 s->s3->hs.state = SSL3_ST_CW_CLNT_HELLO_A;
345 else 345 else
346 s->s3->hs.state = SSL3_ST_CR_CERT_A; 346 s->s3->hs.state = SSL3_ST_CR_CERT_A;
347 s->internal->init_num = 0; 347 s->init_num = 0;
348 break; 348 break;
349 349
350 case SSL3_ST_CR_CERT_A: 350 case SSL3_ST_CR_CERT_A:
@@ -353,12 +353,12 @@ ssl3_connect(SSL *s)
353 if (ret <= 0) 353 if (ret <= 0)
354 goto end; 354 goto end;
355 if (ret == 2) { 355 if (ret == 2) {
356 s->internal->hit = 1; 356 s->hit = 1;
357 if (s->internal->tlsext_ticket_expected) 357 if (s->tlsext_ticket_expected)
358 s->s3->hs.state = SSL3_ST_CR_SESSION_TICKET_A; 358 s->s3->hs.state = SSL3_ST_CR_SESSION_TICKET_A;
359 else 359 else
360 s->s3->hs.state = SSL3_ST_CR_FINISHED_A; 360 s->s3->hs.state = SSL3_ST_CR_FINISHED_A;
361 s->internal->init_num = 0; 361 s->init_num = 0;
362 break; 362 break;
363 } 363 }
364 /* Check if it is anon DH/ECDH. */ 364 /* Check if it is anon DH/ECDH. */
@@ -367,7 +367,7 @@ ssl3_connect(SSL *s)
367 ret = ssl3_get_server_certificate(s); 367 ret = ssl3_get_server_certificate(s);
368 if (ret <= 0) 368 if (ret <= 0)
369 goto end; 369 goto end;
370 if (s->internal->tlsext_status_expected) 370 if (s->tlsext_status_expected)
371 s->s3->hs.state = SSL3_ST_CR_CERT_STATUS_A; 371 s->s3->hs.state = SSL3_ST_CR_CERT_STATUS_A;
372 else 372 else
373 s->s3->hs.state = SSL3_ST_CR_KEY_EXCH_A; 373 s->s3->hs.state = SSL3_ST_CR_KEY_EXCH_A;
@@ -375,7 +375,7 @@ ssl3_connect(SSL *s)
375 skip = 1; 375 skip = 1;
376 s->s3->hs.state = SSL3_ST_CR_KEY_EXCH_A; 376 s->s3->hs.state = SSL3_ST_CR_KEY_EXCH_A;
377 } 377 }
378 s->internal->init_num = 0; 378 s->init_num = 0;
379 break; 379 break;
380 380
381 case SSL3_ST_CR_KEY_EXCH_A: 381 case SSL3_ST_CR_KEY_EXCH_A:
@@ -384,7 +384,7 @@ ssl3_connect(SSL *s)
384 if (ret <= 0) 384 if (ret <= 0)
385 goto end; 385 goto end;
386 s->s3->hs.state = SSL3_ST_CR_CERT_REQ_A; 386 s->s3->hs.state = SSL3_ST_CR_CERT_REQ_A;
387 s->internal->init_num = 0; 387 s->init_num = 0;
388 388
389 /* 389 /*
390 * At this point we check that we have the 390 * At this point we check that we have the
@@ -402,7 +402,7 @@ ssl3_connect(SSL *s)
402 if (ret <= 0) 402 if (ret <= 0)
403 goto end; 403 goto end;
404 s->s3->hs.state = SSL3_ST_CR_SRVR_DONE_A; 404 s->s3->hs.state = SSL3_ST_CR_SRVR_DONE_A;
405 s->internal->init_num = 0; 405 s->init_num = 0;
406 break; 406 break;
407 407
408 case SSL3_ST_CR_SRVR_DONE_A: 408 case SSL3_ST_CR_SRVR_DONE_A:
@@ -416,7 +416,7 @@ ssl3_connect(SSL *s)
416 s->s3->hs.state = SSL3_ST_CW_CERT_A; 416 s->s3->hs.state = SSL3_ST_CW_CERT_A;
417 else 417 else
418 s->s3->hs.state = SSL3_ST_CW_KEY_EXCH_A; 418 s->s3->hs.state = SSL3_ST_CW_KEY_EXCH_A;
419 s->internal->init_num = 0; 419 s->init_num = 0;
420 420
421 break; 421 break;
422 422
@@ -430,7 +430,7 @@ ssl3_connect(SSL *s)
430 if (ret <= 0) 430 if (ret <= 0)
431 goto end; 431 goto end;
432 s->s3->hs.state = SSL3_ST_CW_KEY_EXCH_A; 432 s->s3->hs.state = SSL3_ST_CW_KEY_EXCH_A;
433 s->internal->init_num = 0; 433 s->init_num = 0;
434 break; 434 break;
435 435
436 case SSL3_ST_CW_KEY_EXCH_A: 436 case SSL3_ST_CW_KEY_EXCH_A:
@@ -469,7 +469,7 @@ ssl3_connect(SSL *s)
469 } 469 }
470 } 470 }
471 471
472 s->internal->init_num = 0; 472 s->init_num = 0;
473 break; 473 break;
474 474
475 case SSL3_ST_CW_CERT_VRFY_A: 475 case SSL3_ST_CW_CERT_VRFY_A:
@@ -480,20 +480,20 @@ ssl3_connect(SSL *s)
480 if (ret <= 0) 480 if (ret <= 0)
481 goto end; 481 goto end;
482 s->s3->hs.state = SSL3_ST_CW_CHANGE_A; 482 s->s3->hs.state = SSL3_ST_CW_CHANGE_A;
483 s->internal->init_num = 0; 483 s->init_num = 0;
484 s->s3->change_cipher_spec = 0; 484 s->s3->change_cipher_spec = 0;
485 break; 485 break;
486 486
487 case SSL3_ST_CW_CHANGE_A: 487 case SSL3_ST_CW_CHANGE_A:
488 case SSL3_ST_CW_CHANGE_B: 488 case SSL3_ST_CW_CHANGE_B:
489 if (SSL_is_dtls(s) && !s->internal->hit) 489 if (SSL_is_dtls(s) && !s->hit)
490 dtls1_start_timer(s); 490 dtls1_start_timer(s);
491 ret = ssl3_send_client_change_cipher_spec(s); 491 ret = ssl3_send_client_change_cipher_spec(s);
492 if (ret <= 0) 492 if (ret <= 0)
493 goto end; 493 goto end;
494 494
495 s->s3->hs.state = SSL3_ST_CW_FINISHED_A; 495 s->s3->hs.state = SSL3_ST_CW_FINISHED_A;
496 s->internal->init_num = 0; 496 s->init_num = 0;
497 s->session->cipher = s->s3->hs.cipher; 497 s->session->cipher = s->s3->hs.cipher;
498 498
499 if (!tls1_setup_key_block(s)) { 499 if (!tls1_setup_key_block(s)) {
@@ -508,7 +508,7 @@ ssl3_connect(SSL *s)
508 508
509 case SSL3_ST_CW_FINISHED_A: 509 case SSL3_ST_CW_FINISHED_A:
510 case SSL3_ST_CW_FINISHED_B: 510 case SSL3_ST_CW_FINISHED_B:
511 if (SSL_is_dtls(s) && !s->internal->hit) 511 if (SSL_is_dtls(s) && !s->hit)
512 dtls1_start_timer(s); 512 dtls1_start_timer(s);
513 ret = ssl3_send_client_finished(s); 513 ret = ssl3_send_client_finished(s);
514 if (ret <= 0) 514 if (ret <= 0)
@@ -518,18 +518,18 @@ ssl3_connect(SSL *s)
518 s->s3->hs.state = SSL3_ST_CW_FLUSH; 518 s->s3->hs.state = SSL3_ST_CW_FLUSH;
519 519
520 /* clear flags */ 520 /* clear flags */
521 if (s->internal->hit) { 521 if (s->hit) {
522 s->s3->hs.tls12.next_state = SSL_ST_OK; 522 s->s3->hs.tls12.next_state = SSL_ST_OK;
523 } else { 523 } else {
524 /* Allow NewSessionTicket if ticket expected */ 524 /* Allow NewSessionTicket if ticket expected */
525 if (s->internal->tlsext_ticket_expected) 525 if (s->tlsext_ticket_expected)
526 s->s3->hs.tls12.next_state = 526 s->s3->hs.tls12.next_state =
527 SSL3_ST_CR_SESSION_TICKET_A; 527 SSL3_ST_CR_SESSION_TICKET_A;
528 else 528 else
529 s->s3->hs.tls12.next_state = 529 s->s3->hs.tls12.next_state =
530 SSL3_ST_CR_FINISHED_A; 530 SSL3_ST_CR_FINISHED_A;
531 } 531 }
532 s->internal->init_num = 0; 532 s->init_num = 0;
533 break; 533 break;
534 534
535 case SSL3_ST_CR_SESSION_TICKET_A: 535 case SSL3_ST_CR_SESSION_TICKET_A:
@@ -538,7 +538,7 @@ ssl3_connect(SSL *s)
538 if (ret <= 0) 538 if (ret <= 0)
539 goto end; 539 goto end;
540 s->s3->hs.state = SSL3_ST_CR_FINISHED_A; 540 s->s3->hs.state = SSL3_ST_CR_FINISHED_A;
541 s->internal->init_num = 0; 541 s->init_num = 0;
542 break; 542 break;
543 543
544 case SSL3_ST_CR_CERT_STATUS_A: 544 case SSL3_ST_CR_CERT_STATUS_A:
@@ -547,7 +547,7 @@ ssl3_connect(SSL *s)
547 if (ret <= 0) 547 if (ret <= 0)
548 goto end; 548 goto end;
549 s->s3->hs.state = SSL3_ST_CR_KEY_EXCH_A; 549 s->s3->hs.state = SSL3_ST_CR_KEY_EXCH_A;
550 s->internal->init_num = 0; 550 s->init_num = 0;
551 break; 551 break;
552 552
553 case SSL3_ST_CR_FINISHED_A: 553 case SSL3_ST_CR_FINISHED_A:
@@ -562,27 +562,27 @@ ssl3_connect(SSL *s)
562 if (SSL_is_dtls(s)) 562 if (SSL_is_dtls(s))
563 dtls1_stop_timer(s); 563 dtls1_stop_timer(s);
564 564
565 if (s->internal->hit) 565 if (s->hit)
566 s->s3->hs.state = SSL3_ST_CW_CHANGE_A; 566 s->s3->hs.state = SSL3_ST_CW_CHANGE_A;
567 else 567 else
568 s->s3->hs.state = SSL_ST_OK; 568 s->s3->hs.state = SSL_ST_OK;
569 s->internal->init_num = 0; 569 s->init_num = 0;
570 break; 570 break;
571 571
572 case SSL3_ST_CW_FLUSH: 572 case SSL3_ST_CW_FLUSH:
573 s->internal->rwstate = SSL_WRITING; 573 s->rwstate = SSL_WRITING;
574 if (BIO_flush(s->wbio) <= 0) { 574 if (BIO_flush(s->wbio) <= 0) {
575 if (SSL_is_dtls(s)) { 575 if (SSL_is_dtls(s)) {
576 /* If the write error was fatal, stop trying */ 576 /* If the write error was fatal, stop trying */
577 if (!BIO_should_retry(s->wbio)) { 577 if (!BIO_should_retry(s->wbio)) {
578 s->internal->rwstate = SSL_NOTHING; 578 s->rwstate = SSL_NOTHING;
579 s->s3->hs.state = s->s3->hs.tls12.next_state; 579 s->s3->hs.state = s->s3->hs.tls12.next_state;
580 } 580 }
581 } 581 }
582 ret = -1; 582 ret = -1;
583 goto end; 583 goto end;
584 } 584 }
585 s->internal->rwstate = SSL_NOTHING; 585 s->rwstate = SSL_NOTHING;
586 s->s3->hs.state = s->s3->hs.tls12.next_state; 586 s->s3->hs.state = s->s3->hs.tls12.next_state;
587 break; 587 break;
588 588
@@ -601,18 +601,18 @@ ssl3_connect(SSL *s)
601 601
602 ssl_free_wbio_buffer(s); 602 ssl_free_wbio_buffer(s);
603 603
604 s->internal->init_num = 0; 604 s->init_num = 0;
605 s->internal->renegotiate = 0; 605 s->renegotiate = 0;
606 s->internal->new_session = 0; 606 s->new_session = 0;
607 607
608 ssl_update_cache(s, SSL_SESS_CACHE_CLIENT); 608 ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
609 if (s->internal->hit) 609 if (s->hit)
610 s->ctx->internal->stats.sess_hit++; 610 s->ctx->stats.sess_hit++;
611 611
612 ret = 1; 612 ret = 1;
613 /* s->server=0; */ 613 /* s->server=0; */
614 s->internal->handshake_func = ssl3_connect; 614 s->handshake_func = ssl3_connect;
615 s->ctx->internal->stats.sess_connect_good++; 615 s->ctx->stats.sess_connect_good++;
616 616
617 ssl_info_callback(s, SSL_CB_HANDSHAKE_DONE, 1); 617 ssl_info_callback(s, SSL_CB_HANDSHAKE_DONE, 1);
618 618
@@ -634,7 +634,7 @@ ssl3_connect(SSL *s)
634 634
635 /* did we do anything */ 635 /* did we do anything */
636 if (!s->s3->hs.tls12.reuse_message && !skip) { 636 if (!s->s3->hs.tls12.reuse_message && !skip) {
637 if (s->internal->debug) { 637 if (s->debug) {
638 if ((ret = BIO_flush(s->wbio)) <= 0) 638 if ((ret = BIO_flush(s->wbio)) <= 0)
639 goto end; 639 goto end;
640 } 640 }
@@ -650,7 +650,7 @@ ssl3_connect(SSL *s)
650 } 650 }
651 651
652 end: 652 end:
653 s->internal->in_handshake--; 653 s->in_handshake--;
654 ssl_info_callback(s, SSL_CB_CONNECT_EXIT, ret); 654 ssl_info_callback(s, SSL_CB_CONNECT_EXIT, ret);
655 655
656 return (ret); 656 return (ret);
@@ -706,7 +706,7 @@ ssl3_send_client_hello(SSL *s)
706 /* Session ID */ 706 /* Session ID */
707 if (!CBB_add_u8_length_prefixed(&client_hello, &session_id)) 707 if (!CBB_add_u8_length_prefixed(&client_hello, &session_id))
708 goto err; 708 goto err;
709 if (!s->internal->new_session && 709 if (!s->new_session &&
710 s->session->session_id_length > 0) { 710 s->session->session_id_length > 0) {
711 sl = s->session->session_id_length; 711 sl = s->session->session_id_length;
712 if (sl > sizeof(s->session->session_id)) { 712 if (sl > sizeof(s->session->session_id)) {
@@ -777,7 +777,7 @@ ssl3_get_dtls_hello_verify(SSL *s)
777 int al, ret; 777 int al, ret;
778 778
779 if ((ret = ssl3_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A, 779 if ((ret = ssl3_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
780 DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list)) <= 0) 780 DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->max_cert_list)) <= 0)
781 return ret; 781 return ret;
782 782
783 if (s->s3->hs.tls12.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) { 783 if (s->s3->hs.tls12.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
@@ -786,11 +786,11 @@ ssl3_get_dtls_hello_verify(SSL *s)
786 return (1); 786 return (1);
787 } 787 }
788 788
789 if (s->internal->init_num < 0) 789 if (s->init_num < 0)
790 goto decode_err; 790 goto decode_err;
791 791
792 CBS_init(&hello_verify_request, s->internal->init_msg, 792 CBS_init(&hello_verify_request, s->init_msg,
793 s->internal->init_num); 793 s->init_num);
794 794
795 if (!CBS_get_u16(&hello_verify_request, &ssl_version)) 795 if (!CBS_get_u16(&hello_verify_request, &ssl_version))
796 goto decode_err; 796 goto decode_err;
@@ -840,16 +840,16 @@ ssl3_get_server_hello(SSL *s)
840 unsigned long alg_k; 840 unsigned long alg_k;
841 int al, ret; 841 int al, ret;
842 842
843 s->internal->first_packet = 1; 843 s->first_packet = 1;
844 if ((ret = ssl3_get_message(s, SSL3_ST_CR_SRVR_HELLO_A, 844 if ((ret = ssl3_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
845 SSL3_ST_CR_SRVR_HELLO_B, -1, 20000 /* ?? */)) <= 0) 845 SSL3_ST_CR_SRVR_HELLO_B, -1, 20000 /* ?? */)) <= 0)
846 return ret; 846 return ret;
847 s->internal->first_packet = 0; 847 s->first_packet = 0;
848 848
849 if (s->internal->init_num < 0) 849 if (s->init_num < 0)
850 goto decode_err; 850 goto decode_err;
851 851
852 CBS_init(&cbs, s->internal->init_msg, s->internal->init_num); 852 CBS_init(&cbs, s->init_msg, s->init_num);
853 853
854 if (SSL_is_dtls(s)) { 854 if (SSL_is_dtls(s)) {
855 if (s->s3->hs.tls12.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) { 855 if (s->s3->hs.tls12.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
@@ -944,13 +944,13 @@ ssl3_get_server_hello(SSL *s)
944 * Check if we want to resume the session based on external 944 * Check if we want to resume the session based on external
945 * pre-shared secret. 945 * pre-shared secret.
946 */ 946 */
947 if (s->internal->tls_session_secret_cb != NULL) { 947 if (s->tls_session_secret_cb != NULL) {
948 SSL_CIPHER *pref_cipher = NULL; 948 SSL_CIPHER *pref_cipher = NULL;
949 int master_key_length = sizeof(s->session->master_key); 949 int master_key_length = sizeof(s->session->master_key);
950 950
951 if (!s->internal->tls_session_secret_cb(s, 951 if (!s->tls_session_secret_cb(s,
952 s->session->master_key, &master_key_length, NULL, 952 s->session->master_key, &master_key_length, NULL,
953 &pref_cipher, s->internal->tls_session_secret_cb_arg)) { 953 &pref_cipher, s->tls_session_secret_cb_arg)) {
954 SSLerror(s, ERR_R_INTERNAL_ERROR); 954 SSLerror(s, ERR_R_INTERNAL_ERROR);
955 goto err; 955 goto err;
956 } 956 }
@@ -978,13 +978,13 @@ ssl3_get_server_hello(SSL *s)
978 goto fatal_err; 978 goto fatal_err;
979 } 979 }
980 s->s3->flags |= SSL3_FLAGS_CCS_OK; 980 s->s3->flags |= SSL3_FLAGS_CCS_OK;
981 s->internal->hit = 1; 981 s->hit = 1;
982 } else { 982 } else {
983 /* a miss or crap from the other end */ 983 /* a miss or crap from the other end */
984 984
985 /* If we were trying for session-id reuse, make a new 985 /* If we were trying for session-id reuse, make a new
986 * SSL_SESSION so we don't stuff up other people */ 986 * SSL_SESSION so we don't stuff up other people */
987 s->internal->hit = 0; 987 s->hit = 0;
988 if (s->session->session_id_length > 0) { 988 if (s->session->session_id_length > 0) {
989 if (!ssl_get_new_session(s, 0)) { 989 if (!ssl_get_new_session(s, 0)) {
990 al = SSL_AD_INTERNAL_ERROR; 990 al = SSL_AD_INTERNAL_ERROR;
@@ -1032,7 +1032,7 @@ ssl3_get_server_hello(SSL *s)
1032 */ 1032 */
1033 if (s->session->cipher) 1033 if (s->session->cipher)
1034 s->session->cipher_id = s->session->cipher->id; 1034 s->session->cipher_id = s->session->cipher->id;
1035 if (s->internal->hit && (s->session->cipher_id != cipher->id)) { 1035 if (s->hit && (s->session->cipher_id != cipher->id)) {
1036 al = SSL_AD_ILLEGAL_PARAMETER; 1036 al = SSL_AD_ILLEGAL_PARAMETER;
1037 SSLerror(s, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); 1037 SSLerror(s, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
1038 goto fatal_err; 1038 goto fatal_err;
@@ -1076,7 +1076,7 @@ ssl3_get_server_hello(SSL *s)
1076 * absence on initial connect only. 1076 * absence on initial connect only.
1077 */ 1077 */
1078 if (!s->s3->renegotiate_seen && 1078 if (!s->s3->renegotiate_seen &&
1079 !(s->internal->options & SSL_OP_LEGACY_SERVER_CONNECT)) { 1079 !(s->options & SSL_OP_LEGACY_SERVER_CONNECT)) {
1080 al = SSL_AD_HANDSHAKE_FAILURE; 1080 al = SSL_AD_HANDSHAKE_FAILURE;
1081 SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); 1081 SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
1082 goto fatal_err; 1082 goto fatal_err;
@@ -1109,7 +1109,7 @@ ssl3_get_server_certificate(SSL *s)
1109 int al, ret; 1109 int al, ret;
1110 1110
1111 if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A, 1111 if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
1112 SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list)) <= 0) 1112 SSL3_ST_CR_CERT_B, -1, s->max_cert_list)) <= 0)
1113 return ret; 1113 return ret;
1114 1114
1115 ret = -1; 1115 ret = -1;
@@ -1130,10 +1130,10 @@ ssl3_get_server_certificate(SSL *s)
1130 goto err; 1130 goto err;
1131 } 1131 }
1132 1132
1133 if (s->internal->init_num < 0) 1133 if (s->init_num < 0)
1134 goto decode_err; 1134 goto decode_err;
1135 1135
1136 CBS_init(&cbs, s->internal->init_msg, s->internal->init_num); 1136 CBS_init(&cbs, s->init_msg, s->init_num);
1137 1137
1138 if (!CBS_get_u24_length_prefixed(&cbs, &cert_list)) 1138 if (!CBS_get_u24_length_prefixed(&cbs, &cert_list))
1139 goto decode_err; 1139 goto decode_err;
@@ -1314,16 +1314,16 @@ ssl3_get_server_key_exchange(SSL *s)
1314 * as ServerKeyExchange message may be skipped. 1314 * as ServerKeyExchange message may be skipped.
1315 */ 1315 */
1316 if ((ret = ssl3_get_message(s, SSL3_ST_CR_KEY_EXCH_A, 1316 if ((ret = ssl3_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
1317 SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list)) <= 0) 1317 SSL3_ST_CR_KEY_EXCH_B, -1, s->max_cert_list)) <= 0)
1318 return ret; 1318 return ret;
1319 1319
1320 if ((md_ctx = EVP_MD_CTX_new()) == NULL) 1320 if ((md_ctx = EVP_MD_CTX_new()) == NULL)
1321 goto err; 1321 goto err;
1322 1322
1323 if (s->internal->init_num < 0) 1323 if (s->init_num < 0)
1324 goto err; 1324 goto err;
1325 1325
1326 CBS_init(&cbs, s->internal->init_msg, s->internal->init_num); 1326 CBS_init(&cbs, s->init_msg, s->init_num);
1327 1327
1328 if (s->s3->hs.tls12.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) { 1328 if (s->s3->hs.tls12.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
1329 /* 1329 /*
@@ -1454,7 +1454,7 @@ ssl3_get_certificate_request(SSL *s)
1454 int ret; 1454 int ret;
1455 1455
1456 if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_REQ_A, 1456 if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_REQ_A,
1457 SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list)) <= 0) 1457 SSL3_ST_CR_CERT_REQ_B, -1, s->max_cert_list)) <= 0)
1458 return ret; 1458 return ret;
1459 1459
1460 ret = 0; 1460 ret = 0;
@@ -1484,9 +1484,9 @@ ssl3_get_certificate_request(SSL *s)
1484 goto err; 1484 goto err;
1485 } 1485 }
1486 1486
1487 if (s->internal->init_num < 0) 1487 if (s->init_num < 0)
1488 goto decode_err; 1488 goto decode_err;
1489 CBS_init(&cert_request, s->internal->init_msg, s->internal->init_num); 1489 CBS_init(&cert_request, s->init_msg, s->init_num);
1490 1490
1491 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) { 1491 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
1492 SSLerror(s, ERR_R_MALLOC_FAILURE); 1492 SSLerror(s, ERR_R_MALLOC_FAILURE);
@@ -1610,13 +1610,13 @@ ssl3_get_new_session_ticket(SSL *s)
1610 goto fatal_err; 1610 goto fatal_err;
1611 } 1611 }
1612 1612
1613 if (s->internal->init_num < 0) { 1613 if (s->init_num < 0) {
1614 al = SSL_AD_DECODE_ERROR; 1614 al = SSL_AD_DECODE_ERROR;
1615 SSLerror(s, SSL_R_LENGTH_MISMATCH); 1615 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1616 goto fatal_err; 1616 goto fatal_err;
1617 } 1617 }
1618 1618
1619 CBS_init(&cbs, s->internal->init_msg, s->internal->init_num); 1619 CBS_init(&cbs, s->init_msg, s->init_num);
1620 if (!CBS_get_u32(&cbs, &lifetime_hint) || 1620 if (!CBS_get_u32(&cbs, &lifetime_hint) ||
1621 !CBS_get_u16_length_prefixed(&cbs, &session_ticket) || 1621 !CBS_get_u16_length_prefixed(&cbs, &session_ticket) ||
1622 CBS_len(&cbs) != 0) { 1622 CBS_len(&cbs) != 0) {
@@ -1679,13 +1679,13 @@ ssl3_get_cert_status(SSL *s)
1679 * Tell the callback the server did not send us an OSCP 1679 * Tell the callback the server did not send us an OSCP
1680 * response, and has decided to head directly to key exchange. 1680 * response, and has decided to head directly to key exchange.
1681 */ 1681 */
1682 if (s->ctx->internal->tlsext_status_cb) { 1682 if (s->ctx->tlsext_status_cb) {
1683 free(s->internal->tlsext_ocsp_resp); 1683 free(s->tlsext_ocsp_resp);
1684 s->internal->tlsext_ocsp_resp = NULL; 1684 s->tlsext_ocsp_resp = NULL;
1685 s->internal->tlsext_ocsp_resp_len = 0; 1685 s->tlsext_ocsp_resp_len = 0;
1686 1686
1687 ret = s->ctx->internal->tlsext_status_cb(s, 1687 ret = s->ctx->tlsext_status_cb(s,
1688 s->ctx->internal->tlsext_status_arg); 1688 s->ctx->tlsext_status_arg);
1689 if (ret == 0) { 1689 if (ret == 0) {
1690 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; 1690 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
1691 SSLerror(s, SSL_R_INVALID_STATUS_RESPONSE); 1691 SSLerror(s, SSL_R_INVALID_STATUS_RESPONSE);
@@ -1708,14 +1708,14 @@ ssl3_get_cert_status(SSL *s)
1708 goto fatal_err; 1708 goto fatal_err;
1709 } 1709 }
1710 1710
1711 if (s->internal->init_num < 0) { 1711 if (s->init_num < 0) {
1712 /* need at least status type + length */ 1712 /* need at least status type + length */
1713 al = SSL_AD_DECODE_ERROR; 1713 al = SSL_AD_DECODE_ERROR;
1714 SSLerror(s, SSL_R_LENGTH_MISMATCH); 1714 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1715 goto fatal_err; 1715 goto fatal_err;
1716 } 1716 }
1717 1717
1718 CBS_init(&cert_status, s->internal->init_msg, s->internal->init_num); 1718 CBS_init(&cert_status, s->init_msg, s->init_num);
1719 if (!CBS_get_u8(&cert_status, &status_type) || 1719 if (!CBS_get_u8(&cert_status, &status_type) ||
1720 CBS_len(&cert_status) < 3) { 1720 CBS_len(&cert_status) < 3) {
1721 /* need at least status type + length */ 1721 /* need at least status type + length */
@@ -1737,16 +1737,16 @@ ssl3_get_cert_status(SSL *s)
1737 goto fatal_err; 1737 goto fatal_err;
1738 } 1738 }
1739 1739
1740 if (!CBS_stow(&response, &s->internal->tlsext_ocsp_resp, 1740 if (!CBS_stow(&response, &s->tlsext_ocsp_resp,
1741 &s->internal->tlsext_ocsp_resp_len)) { 1741 &s->tlsext_ocsp_resp_len)) {
1742 al = SSL_AD_INTERNAL_ERROR; 1742 al = SSL_AD_INTERNAL_ERROR;
1743 SSLerror(s, ERR_R_MALLOC_FAILURE); 1743 SSLerror(s, ERR_R_MALLOC_FAILURE);
1744 goto fatal_err; 1744 goto fatal_err;
1745 } 1745 }
1746 1746
1747 if (s->ctx->internal->tlsext_status_cb) { 1747 if (s->ctx->tlsext_status_cb) {
1748 ret = s->ctx->internal->tlsext_status_cb(s, 1748 ret = s->ctx->tlsext_status_cb(s,
1749 s->ctx->internal->tlsext_status_arg); 1749 s->ctx->tlsext_status_arg);
1750 if (ret == 0) { 1750 if (ret == 0) {
1751 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; 1751 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
1752 SSLerror(s, SSL_R_INVALID_STATUS_RESPONSE); 1752 SSLerror(s, SSL_R_INVALID_STATUS_RESPONSE);
@@ -1774,7 +1774,7 @@ ssl3_get_server_done(SSL *s)
1774 30 /* should be very small, like 0 :-) */)) <= 0) 1774 30 /* should be very small, like 0 :-) */)) <= 0)
1775 return ret; 1775 return ret;
1776 1776
1777 if (s->internal->init_num != 0) { 1777 if (s->init_num != 0) {
1778 /* should contain no data */ 1778 /* should contain no data */
1779 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1779 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1780 SSLerror(s, SSL_R_LENGTH_MISMATCH); 1780 SSLerror(s, SSL_R_LENGTH_MISMATCH);
@@ -2383,15 +2383,15 @@ ssl3_send_client_certificate(SSL *s)
2383 if (s->s3->hs.state == SSL3_ST_CW_CERT_B) { 2383 if (s->s3->hs.state == SSL3_ST_CW_CERT_B) {
2384 /* 2384 /*
2385 * If we get an error, we need to 2385 * If we get an error, we need to
2386 * ssl->internal->rwstate = SSL_X509_LOOKUP; return(-1); 2386 * ssl->rwstate = SSL_X509_LOOKUP; return(-1);
2387 * We then get retried later. 2387 * We then get retried later.
2388 */ 2388 */
2389 i = ssl_do_client_cert_cb(s, &x509, &pkey); 2389 i = ssl_do_client_cert_cb(s, &x509, &pkey);
2390 if (i < 0) { 2390 if (i < 0) {
2391 s->internal->rwstate = SSL_X509_LOOKUP; 2391 s->rwstate = SSL_X509_LOOKUP;
2392 return (-1); 2392 return (-1);
2393 } 2393 }
2394 s->internal->rwstate = SSL_NOTHING; 2394 s->rwstate = SSL_NOTHING;
2395 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) { 2395 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
2396 s->s3->hs.state = SSL3_ST_CW_CERT_B; 2396 s->s3->hs.state = SSL3_ST_CW_CERT_B;
2397 if (!SSL_use_certificate(s, x509) || 2397 if (!SSL_use_certificate(s, x509) ||
@@ -2508,7 +2508,7 @@ ssl3_check_finished(SSL *s)
2508 /* this function is called when we really expect a Certificate 2508 /* this function is called when we really expect a Certificate
2509 * message, so permit appropriate message length */ 2509 * message, so permit appropriate message length */
2510 if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A, 2510 if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
2511 SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list)) <= 0) 2511 SSL3_ST_CR_CERT_B, -1, s->max_cert_list)) <= 0)
2512 return ret; 2512 return ret;
2513 2513
2514 s->s3->hs.tls12.reuse_message = 1; 2514 s->s3->hs.tls12.reuse_message = 1;
@@ -2525,16 +2525,16 @@ ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
2525 int i = 0; 2525 int i = 0;
2526 2526
2527#ifndef OPENSSL_NO_ENGINE 2527#ifndef OPENSSL_NO_ENGINE
2528 if (s->ctx->internal->client_cert_engine) { 2528 if (s->ctx->client_cert_engine) {
2529 i = ENGINE_load_ssl_client_cert( 2529 i = ENGINE_load_ssl_client_cert(
2530 s->ctx->internal->client_cert_engine, s, 2530 s->ctx->client_cert_engine, s,
2531 SSL_get_client_CA_list(s), px509, ppkey, NULL, NULL, NULL); 2531 SSL_get_client_CA_list(s), px509, ppkey, NULL, NULL, NULL);
2532 if (i != 0) 2532 if (i != 0)
2533 return (i); 2533 return (i);
2534 } 2534 }
2535#endif 2535#endif
2536 if (s->ctx->internal->client_cert_cb) 2536 if (s->ctx->client_cert_cb)
2537 i = s->ctx->internal->client_cert_cb(s, px509, ppkey); 2537 i = s->ctx->client_cert_cb(s, px509, ppkey);
2538 return (i); 2538 return (i);
2539} 2539}
2540 2540
@@ -2547,8 +2547,8 @@ ssl3_send_client_change_cipher_spec(SSL *s)
2547 memset(&cbb, 0, sizeof(cbb)); 2547 memset(&cbb, 0, sizeof(cbb));
2548 2548
2549 if (s->s3->hs.state == SSL3_ST_CW_CHANGE_A) { 2549 if (s->s3->hs.state == SSL3_ST_CW_CHANGE_A) {
2550 if (!CBB_init_fixed(&cbb, s->internal->init_buf->data, 2550 if (!CBB_init_fixed(&cbb, s->init_buf->data,
2551 s->internal->init_buf->length)) 2551 s->init_buf->length))
2552 goto err; 2552 goto err;
2553 if (!CBB_add_u8(&cbb, SSL3_MT_CCS)) 2553 if (!CBB_add_u8(&cbb, SSL3_MT_CCS))
2554 goto err; 2554 goto err;
@@ -2558,8 +2558,8 @@ ssl3_send_client_change_cipher_spec(SSL *s)
2558 if (outlen > INT_MAX) 2558 if (outlen > INT_MAX)
2559 goto err; 2559 goto err;
2560 2560
2561 s->internal->init_num = (int)outlen; 2561 s->init_num = (int)outlen;
2562 s->internal->init_off = 0; 2562 s->init_off = 0;
2563 2563
2564 if (SSL_is_dtls(s)) { 2564 if (SSL_is_dtls(s)) {
2565 s->d1->handshake_write_seq = 2565 s->d1->handshake_write_seq =
@@ -2639,13 +2639,13 @@ ssl3_get_server_finished(SSL *s)
2639 2639
2640 md_len = TLS1_FINISH_MAC_LENGTH; 2640 md_len = TLS1_FINISH_MAC_LENGTH;
2641 2641
2642 if (s->internal->init_num < 0) { 2642 if (s->init_num < 0) {
2643 al = SSL_AD_DECODE_ERROR; 2643 al = SSL_AD_DECODE_ERROR;
2644 SSLerror(s, SSL_R_BAD_DIGEST_LENGTH); 2644 SSLerror(s, SSL_R_BAD_DIGEST_LENGTH);
2645 goto fatal_err; 2645 goto fatal_err;
2646 } 2646 }
2647 2647
2648 CBS_init(&cbs, s->internal->init_msg, s->internal->init_num); 2648 CBS_init(&cbs, s->init_msg, s->init_num);
2649 2649
2650 if (s->s3->hs.peer_finished_len != md_len || 2650 if (s->s3->hs.peer_finished_len != md_len ||
2651 CBS_len(&cbs) != md_len) { 2651 CBS_len(&cbs) != md_len) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-26 17:01:10 +0000