summaryrefslogtreecommitdiff
path: root/src/lib/libssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl')
-rw-r--r--src/lib/libssl/LICENSE127
-rw-r--r--src/lib/libssl/bio_ssl.c598
-rw-r--r--src/lib/libssl/doc/openssl.cnf255
-rw-r--r--src/lib/libssl/doc/openssl.txt1235
-rw-r--r--src/lib/libssl/doc/standards.txt257
-rw-r--r--src/lib/libssl/s23_clnt.c490
-rw-r--r--src/lib/libssl/s23_lib.c236
-rw-r--r--src/lib/libssl/s23_pkt.c117
-rw-r--r--src/lib/libssl/s23_srvr.c596
-rw-r--r--src/lib/libssl/s3_both.c635
-rw-r--r--src/lib/libssl/s3_clnt.c1980
-rw-r--r--src/lib/libssl/s3_lib.c1799
-rw-r--r--src/lib/libssl/s3_pkt.c1310
-rw-r--r--src/lib/libssl/s3_srvr.c2077
-rw-r--r--src/lib/libssl/shlib_version2
-rw-r--r--src/lib/libssl/ssl.h1854
-rw-r--r--src/lib/libssl/ssl2.h268
-rw-r--r--src/lib/libssl/ssl23.h83
-rw-r--r--src/lib/libssl/ssl3.h526
-rw-r--r--src/lib/libssl/ssl_algs.c111
-rw-r--r--src/lib/libssl/ssl_asn1.c398
-rw-r--r--src/lib/libssl/ssl_cert.c860
-rw-r--r--src/lib/libssl/ssl_ciph.c1145
-rw-r--r--src/lib/libssl/ssl_err.c461
-rw-r--r--src/lib/libssl/ssl_err2.c70
-rw-r--r--src/lib/libssl/ssl_lib.c2319
-rw-r--r--src/lib/libssl/ssl_locl.h620
-rw-r--r--src/lib/libssl/ssl_rsa.c817
-rw-r--r--src/lib/libssl/ssl_sess.c754
-rw-r--r--src/lib/libssl/ssl_stat.c502
-rw-r--r--src/lib/libssl/ssl_txt.c186
-rw-r--r--src/lib/libssl/t1_clnt.c97
-rw-r--r--src/lib/libssl/t1_enc.c814
-rw-r--r--src/lib/libssl/t1_lib.c149
-rw-r--r--src/lib/libssl/t1_meth.c96
-rw-r--r--src/lib/libssl/t1_srvr.c98
-rw-r--r--src/lib/libssl/test/CAss.cnf25
-rw-r--r--src/lib/libssl/test/CAssdh.cnf24
-rw-r--r--src/lib/libssl/test/CAssdsa.cnf23
-rw-r--r--src/lib/libssl/test/CAssrsa.cnf24
-rw-r--r--src/lib/libssl/test/Sssdsa.cnf27
-rw-r--r--src/lib/libssl/test/Sssrsa.cnf26
-rw-r--r--src/lib/libssl/test/Uss.cnf28
-rw-r--r--src/lib/libssl/test/VMSca-response.11
-rw-r--r--src/lib/libssl/test/VMSca-response.22
-rw-r--r--src/lib/libssl/test/bctest111
-rw-r--r--src/lib/libssl/test/methtest.c105
-rw-r--r--src/lib/libssl/test/pkcs7-1.pem15
-rw-r--r--src/lib/libssl/test/pkcs7.pem54
-rw-r--r--src/lib/libssl/test/r160test.c57
-rw-r--r--src/lib/libssl/test/tcrl85
-rw-r--r--src/lib/libssl/test/test.cnf88
-rw-r--r--src/lib/libssl/test/testca48
-rw-r--r--src/lib/libssl/test/testcrl.pem16
-rw-r--r--src/lib/libssl/test/testenc54
-rw-r--r--src/lib/libssl/test/testgen44
-rw-r--r--src/lib/libssl/test/testp7.pem46
-rw-r--r--src/lib/libssl/test/testreq2.pem7
-rw-r--r--src/lib/libssl/test/testrsa.pem9
-rw-r--r--src/lib/libssl/test/testsid.pem12
-rw-r--r--src/lib/libssl/test/testss99
-rw-r--r--src/lib/libssl/test/testssl145
-rw-r--r--src/lib/libssl/test/testx509.pem10
-rw-r--r--src/lib/libssl/test/times113
-rw-r--r--src/lib/libssl/test/tpkcs755
-rw-r--r--src/lib/libssl/test/tpkcs7d48
-rw-r--r--src/lib/libssl/test/treq90
-rw-r--r--src/lib/libssl/test/trsa90
-rw-r--r--src/lib/libssl/test/tsid85
-rw-r--r--src/lib/libssl/test/tx50985
-rw-r--r--src/lib/libssl/test/v3-cert1.pem16
-rw-r--r--src/lib/libssl/test/v3-cert2.pem16
-rw-r--r--src/lib/libssl/tls1.h195
73 files changed, 0 insertions, 25920 deletions
diff --git a/src/lib/libssl/LICENSE b/src/lib/libssl/LICENSE
deleted file mode 100644
index dddb07842b..0000000000
--- a/src/lib/libssl/LICENSE
+++ /dev/null
@@ -1,127 +0,0 @@
1
2 LICENSE ISSUES
3 ==============
4
5 The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
6 the OpenSSL License and the original SSLeay license apply to the toolkit.
7 See below for the actual license texts. Actually both licenses are BSD-style
8 Open Source licenses. In case of any license issues related to OpenSSL
9 please contact openssl-core@openssl.org.
10
11 OpenSSL License
12 ---------------
13
14/* ====================================================================
15 * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions
19 * are met:
20 *
21 * 1. Redistributions of source code must retain the above copyright
22 * notice, this list of conditions and the following disclaimer.
23 *
24 * 2. Redistributions in binary form must reproduce the above copyright
25 * notice, this list of conditions and the following disclaimer in
26 * the documentation and/or other materials provided with the
27 * distribution.
28 *
29 * 3. All advertising materials mentioning features or use of this
30 * software must display the following acknowledgment:
31 * "This product includes software developed by the OpenSSL Project
32 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
33 *
34 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
35 * endorse or promote products derived from this software without
36 * prior written permission. For written permission, please contact
37 * openssl-core@openssl.org.
38 *
39 * 5. Products derived from this software may not be called "OpenSSL"
40 * nor may "OpenSSL" appear in their names without prior written
41 * permission of the OpenSSL Project.
42 *
43 * 6. Redistributions of any form whatsoever must retain the following
44 * acknowledgment:
45 * "This product includes software developed by the OpenSSL Project
46 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
49 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
51 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
52 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
53 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
54 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
55 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
57 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
58 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
59 * OF THE POSSIBILITY OF SUCH DAMAGE.
60 * ====================================================================
61 *
62 * This product includes cryptographic software written by Eric Young
63 * (eay@cryptsoft.com). This product includes software written by Tim
64 * Hudson (tjh@cryptsoft.com).
65 *
66 */
67
68 Original SSLeay License
69 -----------------------
70
71/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
72 * All rights reserved.
73 *
74 * This package is an SSL implementation written
75 * by Eric Young (eay@cryptsoft.com).
76 * The implementation was written so as to conform with Netscapes SSL.
77 *
78 * This library is free for commercial and non-commercial use as long as
79 * the following conditions are aheared to. The following conditions
80 * apply to all code found in this distribution, be it the RC4, RSA,
81 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
82 * included with this distribution is covered by the same copyright terms
83 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
84 *
85 * Copyright remains Eric Young's, and as such any Copyright notices in
86 * the code are not to be removed.
87 * If this package is used in a product, Eric Young should be given attribution
88 * as the author of the parts of the library used.
89 * This can be in the form of a textual message at program startup or
90 * in documentation (online or textual) provided with the package.
91 *
92 * Redistribution and use in source and binary forms, with or without
93 * modification, are permitted provided that the following conditions
94 * are met:
95 * 1. Redistributions of source code must retain the copyright
96 * notice, this list of conditions and the following disclaimer.
97 * 2. Redistributions in binary form must reproduce the above copyright
98 * notice, this list of conditions and the following disclaimer in the
99 * documentation and/or other materials provided with the distribution.
100 * 3. All advertising materials mentioning features or use of this software
101 * must display the following acknowledgement:
102 * "This product includes cryptographic software written by
103 * Eric Young (eay@cryptsoft.com)"
104 * The word 'cryptographic' can be left out if the rouines from the library
105 * being used are not cryptographic related :-).
106 * 4. If you include any Windows specific code (or a derivative thereof) from
107 * the apps directory (application code) you must include an acknowledgement:
108 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
109 *
110 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
111 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
112 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
113 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
114 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
115 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
116 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
117 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
118 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
119 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
120 * SUCH DAMAGE.
121 *
122 * The licence and distribution terms for any publically available version or
123 * derivative of this code cannot be changed. i.e. this code cannot simply be
124 * copied and put under another distribution licence
125 * [including the GNU Public Licence.]
126 */
127
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c
deleted file mode 100644
index d683ee43e1..0000000000
--- a/src/lib/libssl/bio_ssl.c
+++ /dev/null
@@ -1,598 +0,0 @@
1/* ssl/bio_ssl.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include <errno.h>
63#include <openssl/crypto.h>
64#include <openssl/bio.h>
65#include <openssl/err.h>
66#include <openssl/ssl.h>
67
68static int ssl_write(BIO *h, const char *buf, int num);
69static int ssl_read(BIO *h, char *buf, int size);
70static int ssl_puts(BIO *h, const char *str);
71static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
72static int ssl_new(BIO *h);
73static int ssl_free(BIO *data);
74static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
75typedef struct bio_ssl_st
76 {
77 SSL *ssl; /* The ssl handle :-) */
78 /* re-negotiate every time the total number of bytes is this size */
79 int num_renegotiates;
80 unsigned long renegotiate_count;
81 unsigned long byte_count;
82 unsigned long renegotiate_timeout;
83 unsigned long last_time;
84 } BIO_SSL;
85
86static BIO_METHOD methods_sslp=
87 {
88 BIO_TYPE_SSL,"ssl",
89 ssl_write,
90 ssl_read,
91 ssl_puts,
92 NULL, /* ssl_gets, */
93 ssl_ctrl,
94 ssl_new,
95 ssl_free,
96 ssl_callback_ctrl,
97 };
98
99BIO_METHOD *BIO_f_ssl(void)
100 {
101 return(&methods_sslp);
102 }
103
104static int ssl_new(BIO *bi)
105 {
106 BIO_SSL *bs;
107
108 bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
109 if (bs == NULL)
110 {
111 BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
112 return(0);
113 }
114 memset(bs,0,sizeof(BIO_SSL));
115 bi->init=0;
116 bi->ptr=(char *)bs;
117 bi->flags=0;
118 return(1);
119 }
120
121static int ssl_free(BIO *a)
122 {
123 BIO_SSL *bs;
124
125 if (a == NULL) return(0);
126 bs=(BIO_SSL *)a->ptr;
127 if (bs->ssl != NULL) SSL_shutdown(bs->ssl);
128 if (a->shutdown)
129 {
130 if (a->init && (bs->ssl != NULL))
131 SSL_free(bs->ssl);
132 a->init=0;
133 a->flags=0;
134 }
135 if (a->ptr != NULL)
136 OPENSSL_free(a->ptr);
137 return(1);
138 }
139
140static int ssl_read(BIO *b, char *out, int outl)
141 {
142 int ret=1;
143 BIO_SSL *sb;
144 SSL *ssl;
145 int retry_reason=0;
146 int r=0;
147
148 if (out == NULL) return(0);
149 sb=(BIO_SSL *)b->ptr;
150 ssl=sb->ssl;
151
152 BIO_clear_retry_flags(b);
153
154#if 0
155 if (!SSL_is_init_finished(ssl))
156 {
157/* ret=SSL_do_handshake(ssl); */
158 if (ret > 0)
159 {
160
161 outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
162 ret= -1;
163 goto end;
164 }
165 }
166#endif
167/* if (ret > 0) */
168 ret=SSL_read(ssl,out,outl);
169
170 switch (SSL_get_error(ssl,ret))
171 {
172 case SSL_ERROR_NONE:
173 if (ret <= 0) break;
174 if (sb->renegotiate_count > 0)
175 {
176 sb->byte_count+=ret;
177 if (sb->byte_count > sb->renegotiate_count)
178 {
179 sb->byte_count=0;
180 sb->num_renegotiates++;
181 SSL_renegotiate(ssl);
182 r=1;
183 }
184 }
185 if ((sb->renegotiate_timeout > 0) && (!r))
186 {
187 unsigned long tm;
188
189 tm=(unsigned long)time(NULL);
190 if (tm > sb->last_time+sb->renegotiate_timeout)
191 {
192 sb->last_time=tm;
193 sb->num_renegotiates++;
194 SSL_renegotiate(ssl);
195 }
196 }
197
198 break;
199 case SSL_ERROR_WANT_READ:
200 BIO_set_retry_read(b);
201 break;
202 case SSL_ERROR_WANT_WRITE:
203 BIO_set_retry_write(b);
204 break;
205 case SSL_ERROR_WANT_X509_LOOKUP:
206 BIO_set_retry_special(b);
207 retry_reason=BIO_RR_SSL_X509_LOOKUP;
208 break;
209 case SSL_ERROR_WANT_ACCEPT:
210 BIO_set_retry_special(b);
211 retry_reason=BIO_RR_ACCEPT;
212 break;
213 case SSL_ERROR_WANT_CONNECT:
214 BIO_set_retry_special(b);
215 retry_reason=BIO_RR_CONNECT;
216 break;
217 case SSL_ERROR_SYSCALL:
218 case SSL_ERROR_SSL:
219 case SSL_ERROR_ZERO_RETURN:
220 default:
221 break;
222 }
223
224 b->retry_reason=retry_reason;
225 return(ret);
226 }
227
228static int ssl_write(BIO *b, const char *out, int outl)
229 {
230 int ret,r=0;
231 int retry_reason=0;
232 SSL *ssl;
233 BIO_SSL *bs;
234
235 if (out == NULL) return(0);
236 bs=(BIO_SSL *)b->ptr;
237 ssl=bs->ssl;
238
239 BIO_clear_retry_flags(b);
240
241/* ret=SSL_do_handshake(ssl);
242 if (ret > 0) */
243 ret=SSL_write(ssl,out,outl);
244
245 switch (SSL_get_error(ssl,ret))
246 {
247 case SSL_ERROR_NONE:
248 if (ret <= 0) break;
249 if (bs->renegotiate_count > 0)
250 {
251 bs->byte_count+=ret;
252 if (bs->byte_count > bs->renegotiate_count)
253 {
254 bs->byte_count=0;
255 bs->num_renegotiates++;
256 SSL_renegotiate(ssl);
257 r=1;
258 }
259 }
260 if ((bs->renegotiate_timeout > 0) && (!r))
261 {
262 unsigned long tm;
263
264 tm=(unsigned long)time(NULL);
265 if (tm > bs->last_time+bs->renegotiate_timeout)
266 {
267 bs->last_time=tm;
268 bs->num_renegotiates++;
269 SSL_renegotiate(ssl);
270 }
271 }
272 break;
273 case SSL_ERROR_WANT_WRITE:
274 BIO_set_retry_write(b);
275 break;
276 case SSL_ERROR_WANT_READ:
277 BIO_set_retry_read(b);
278 break;
279 case SSL_ERROR_WANT_X509_LOOKUP:
280 BIO_set_retry_special(b);
281 retry_reason=BIO_RR_SSL_X509_LOOKUP;
282 break;
283 case SSL_ERROR_WANT_CONNECT:
284 BIO_set_retry_special(b);
285 retry_reason=BIO_RR_CONNECT;
286 case SSL_ERROR_SYSCALL:
287 case SSL_ERROR_SSL:
288 default:
289 break;
290 }
291
292 b->retry_reason=retry_reason;
293 return(ret);
294 }
295
296static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
297 {
298 SSL **sslp,*ssl;
299 BIO_SSL *bs;
300 BIO *dbio,*bio;
301 long ret=1;
302
303 bs=(BIO_SSL *)b->ptr;
304 ssl=bs->ssl;
305 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL))
306 return(0);
307 switch (cmd)
308 {
309 case BIO_CTRL_RESET:
310 SSL_shutdown(ssl);
311
312 if (ssl->handshake_func == ssl->method->ssl_connect)
313 SSL_set_connect_state(ssl);
314 else if (ssl->handshake_func == ssl->method->ssl_accept)
315 SSL_set_accept_state(ssl);
316
317 SSL_clear(ssl);
318
319 if (b->next_bio != NULL)
320 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
321 else if (ssl->rbio != NULL)
322 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
323 else
324 ret=1;
325 break;
326 case BIO_CTRL_INFO:
327 ret=0;
328 break;
329 case BIO_C_SSL_MODE:
330 if (num) /* client mode */
331 SSL_set_connect_state(ssl);
332 else
333 SSL_set_accept_state(ssl);
334 break;
335 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
336 ret=bs->renegotiate_timeout;
337 if (num < 60) num=5;
338 bs->renegotiate_timeout=(unsigned long)num;
339 bs->last_time=(unsigned long)time(NULL);
340 break;
341 case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
342 ret=bs->renegotiate_count;
343 if ((long)num >=512)
344 bs->renegotiate_count=(unsigned long)num;
345 break;
346 case BIO_C_GET_SSL_NUM_RENEGOTIATES:
347 ret=bs->num_renegotiates;
348 break;
349 case BIO_C_SET_SSL:
350 if (ssl != NULL)
351 ssl_free(b);
352 b->shutdown=(int)num;
353 ssl=(SSL *)ptr;
354 ((BIO_SSL *)b->ptr)->ssl=ssl;
355 bio=SSL_get_rbio(ssl);
356 if (bio != NULL)
357 {
358 if (b->next_bio != NULL)
359 BIO_push(bio,b->next_bio);
360 b->next_bio=bio;
361 CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);
362 }
363 b->init=1;
364 break;
365 case BIO_C_GET_SSL:
366 if (ptr != NULL)
367 {
368 sslp=(SSL **)ptr;
369 *sslp=ssl;
370 }
371 else
372 ret=0;
373 break;
374 case BIO_CTRL_GET_CLOSE:
375 ret=b->shutdown;
376 break;
377 case BIO_CTRL_SET_CLOSE:
378 b->shutdown=(int)num;
379 break;
380 case BIO_CTRL_WPENDING:
381 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
382 break;
383 case BIO_CTRL_PENDING:
384 ret=SSL_pending(ssl);
385 if (ret == 0)
386 ret=BIO_pending(ssl->rbio);
387 break;
388 case BIO_CTRL_FLUSH:
389 BIO_clear_retry_flags(b);
390 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
391 BIO_copy_next_retry(b);
392 break;
393 case BIO_CTRL_PUSH:
394 if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
395 {
396 SSL_set_bio(ssl,b->next_bio,b->next_bio);
397 CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
398 }
399 break;
400 case BIO_CTRL_POP:
401 /* ugly bit of a hack */
402 if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
403 {
404 BIO_free_all(ssl->wbio);
405 }
406 if (b->next_bio != NULL)
407 {
408 CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
409 }
410 ssl->wbio=NULL;
411 ssl->rbio=NULL;
412 break;
413 case BIO_C_DO_STATE_MACHINE:
414 BIO_clear_retry_flags(b);
415
416 b->retry_reason=0;
417 ret=(int)SSL_do_handshake(ssl);
418
419 switch (SSL_get_error(ssl,(int)ret))
420 {
421 case SSL_ERROR_WANT_READ:
422 BIO_set_flags(b,
423 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
424 break;
425 case SSL_ERROR_WANT_WRITE:
426 BIO_set_flags(b,
427 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
428 break;
429 case SSL_ERROR_WANT_CONNECT:
430 BIO_set_flags(b,
431 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
432 b->retry_reason=b->next_bio->retry_reason;
433 break;
434 default:
435 break;
436 }
437 break;
438 case BIO_CTRL_DUP:
439 dbio=(BIO *)ptr;
440 if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
441 SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
442 ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl);
443 ((BIO_SSL *)dbio->ptr)->renegotiate_count=
444 ((BIO_SSL *)b->ptr)->renegotiate_count;
445 ((BIO_SSL *)dbio->ptr)->byte_count=
446 ((BIO_SSL *)b->ptr)->byte_count;
447 ((BIO_SSL *)dbio->ptr)->renegotiate_timeout=
448 ((BIO_SSL *)b->ptr)->renegotiate_timeout;
449 ((BIO_SSL *)dbio->ptr)->last_time=
450 ((BIO_SSL *)b->ptr)->last_time;
451 ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL);
452 break;
453 case BIO_C_GET_FD:
454 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
455 break;
456 case BIO_CTRL_SET_CALLBACK:
457 {
458#if 0 /* FIXME: Should this be used? -- Richard Levitte */
459 BIOerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
460 ret = -1;
461#else
462 ret=0;
463#endif
464 }
465 break;
466 case BIO_CTRL_GET_CALLBACK:
467 {
468 void (**fptr)();
469
470 fptr=(void (**)())ptr;
471 *fptr=SSL_get_info_callback(ssl);
472 }
473 break;
474 default:
475 ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
476 break;
477 }
478 return(ret);
479 }
480
481static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
482 {
483 SSL *ssl;
484 BIO_SSL *bs;
485 long ret=1;
486
487 bs=(BIO_SSL *)b->ptr;
488 ssl=bs->ssl;
489 switch (cmd)
490 {
491 case BIO_CTRL_SET_CALLBACK:
492 {
493 /* FIXME: setting this via a completely different prototype
494 seems like a crap idea */
495 SSL_set_info_callback(ssl,(void (*)(const SSL *,int,int))fp);
496 }
497 break;
498 default:
499 ret=BIO_callback_ctrl(ssl->rbio,cmd,fp);
500 break;
501 }
502 return(ret);
503 }
504
505static int ssl_puts(BIO *bp, const char *str)
506 {
507 int n,ret;
508
509 n=strlen(str);
510 ret=BIO_write(bp,str,n);
511 return(ret);
512 }
513
514BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
515 {
516#ifndef OPENSSL_NO_SOCK
517 BIO *ret=NULL,*buf=NULL,*ssl=NULL;
518
519 if ((buf=BIO_new(BIO_f_buffer())) == NULL)
520 return(NULL);
521 if ((ssl=BIO_new_ssl_connect(ctx)) == NULL)
522 goto err;
523 if ((ret=BIO_push(buf,ssl)) == NULL)
524 goto err;
525 return(ret);
526err:
527 if (buf != NULL) BIO_free(buf);
528 if (ssl != NULL) BIO_free(ssl);
529#endif
530 return(NULL);
531 }
532
533BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
534 {
535 BIO *ret=NULL,*con=NULL,*ssl=NULL;
536
537 if ((con=BIO_new(BIO_s_connect())) == NULL)
538 return(NULL);
539 if ((ssl=BIO_new_ssl(ctx,1)) == NULL)
540 goto err;
541 if ((ret=BIO_push(ssl,con)) == NULL)
542 goto err;
543 return(ret);
544err:
545 if (con != NULL) BIO_free(con);
546 if (ret != NULL) BIO_free(ret);
547 return(NULL);
548 }
549
550BIO *BIO_new_ssl(SSL_CTX *ctx, int client)
551 {
552 BIO *ret;
553 SSL *ssl;
554
555 if ((ret=BIO_new(BIO_f_ssl())) == NULL)
556 return(NULL);
557 if ((ssl=SSL_new(ctx)) == NULL)
558 {
559 BIO_free(ret);
560 return(NULL);
561 }
562 if (client)
563 SSL_set_connect_state(ssl);
564 else
565 SSL_set_accept_state(ssl);
566
567 BIO_set_ssl(ret,ssl,BIO_CLOSE);
568 return(ret);
569 }
570
571int BIO_ssl_copy_session_id(BIO *t, BIO *f)
572 {
573 t=BIO_find_type(t,BIO_TYPE_SSL);
574 f=BIO_find_type(f,BIO_TYPE_SSL);
575 if ((t == NULL) || (f == NULL))
576 return(0);
577 if ( (((BIO_SSL *)t->ptr)->ssl == NULL) ||
578 (((BIO_SSL *)f->ptr)->ssl == NULL))
579 return(0);
580 SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl);
581 return(1);
582 }
583
584void BIO_ssl_shutdown(BIO *b)
585 {
586 SSL *s;
587
588 while (b != NULL)
589 {
590 if (b->method->type == BIO_TYPE_SSL)
591 {
592 s=((BIO_SSL *)b->ptr)->ssl;
593 SSL_shutdown(s);
594 break;
595 }
596 b=b->next_bio;
597 }
598 }
diff --git a/src/lib/libssl/doc/openssl.cnf b/src/lib/libssl/doc/openssl.cnf
deleted file mode 100644
index eca51c3322..0000000000
--- a/src/lib/libssl/doc/openssl.cnf
+++ /dev/null
@@ -1,255 +0,0 @@
1#
2# OpenSSL example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6# This definition stops the following lines choking if HOME isn't
7# defined.
8HOME = .
9RANDFILE = $ENV::HOME/.rnd
10
11# Extra OBJECT IDENTIFIER info:
12#oid_file = $ENV::HOME/.oid
13oid_section = new_oids
14
15# To use this configuration file with the "-extfile" option of the
16# "openssl x509" utility, name here the section containing the
17# X.509v3 extensions to use:
18# extensions =
19# (Alternatively, use a configuration file that has only
20# X.509v3 extensions in its main [= default] section.)
21
22[ new_oids ]
23
24# We can add new OIDs in here for use by 'ca' and 'req'.
25# Add a simple OID like this:
26# testoid1=1.2.3.4
27# Or use config file substitution like this:
28# testoid2=${testoid1}.5.6
29
30####################################################################
31[ ca ]
32default_ca = CA_default # The default ca section
33
34####################################################################
35[ CA_default ]
36
37dir = ./demoCA # Where everything is kept
38certs = $dir/certs # Where the issued certs are kept
39crl_dir = $dir/crl # Where the issued crl are kept
40database = $dir/index.txt # database index file.
41new_certs_dir = $dir/newcerts # default place for new certs.
42
43certificate = $dir/cacert.pem # The CA certificate
44serial = $dir/serial # The current serial number
45crl = $dir/crl.pem # The current CRL
46private_key = $dir/private/cakey.pem# The private key
47RANDFILE = $dir/private/.rand # private random number file
48
49x509_extensions = usr_cert # The extentions to add to the cert
50
51# Comment out the following two lines for the "traditional"
52# (and highly broken) format.
53name_opt = ca_default # Subject Name options
54cert_opt = ca_default # Certificate field options
55
56# Extension copying option: use with caution.
57# copy_extensions = copy
58
59# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
60# so this is commented out by default to leave a V1 CRL.
61# crl_extensions = crl_ext
62
63default_days = 365 # how long to certify for
64default_crl_days= 30 # how long before next CRL
65default_md = md5 # which md to use.
66preserve = no # keep passed DN ordering
67
68# A few difference way of specifying how similar the request should look
69# For type CA, the listed attributes must be the same, and the optional
70# and supplied fields are just that :-)
71policy = policy_match
72
73# For the CA policy
74[ policy_match ]
75countryName = match
76stateOrProvinceName = match
77organizationName = match
78organizationalUnitName = optional
79commonName = supplied
80emailAddress = optional
81
82# For the 'anything' policy
83# At this point in time, you must list all acceptable 'object'
84# types.
85[ policy_anything ]
86countryName = optional
87stateOrProvinceName = optional
88localityName = optional
89organizationName = optional
90organizationalUnitName = optional
91commonName = supplied
92emailAddress = optional
93
94####################################################################
95[ req ]
96default_bits = 1024
97default_keyfile = privkey.pem
98distinguished_name = req_distinguished_name
99attributes = req_attributes
100x509_extensions = v3_ca # The extentions to add to the self signed cert
101
102# Passwords for private keys if not present they will be prompted for
103# input_password = secret
104# output_password = secret
105
106# This sets a mask for permitted string types. There are several options.
107# default: PrintableString, T61String, BMPString.
108# pkix : PrintableString, BMPString.
109# utf8only: only UTF8Strings.
110# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
111# MASK:XXXX a literal mask value.
112# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
113# so use this option with caution!
114string_mask = nombstr
115
116# req_extensions = v3_req # The extensions to add to a certificate request
117
118[ req_distinguished_name ]
119countryName = Country Name (2 letter code)
120countryName_default = AU
121countryName_min = 2
122countryName_max = 2
123
124stateOrProvinceName = State or Province Name (full name)
125stateOrProvinceName_default = Some-State
126
127localityName = Locality Name (eg, city)
128
1290.organizationName = Organization Name (eg, company)
1300.organizationName_default = Internet Widgits Pty Ltd
131
132# we can do this but it is not needed normally :-)
133#1.organizationName = Second Organization Name (eg, company)
134#1.organizationName_default = World Wide Web Pty Ltd
135
136organizationalUnitName = Organizational Unit Name (eg, section)
137#organizationalUnitName_default =
138
139commonName = Common Name (eg, YOUR name)
140commonName_max = 64
141
142emailAddress = Email Address
143emailAddress_max = 64
144
145# SET-ex3 = SET extension number 3
146
147[ req_attributes ]
148challengePassword = A challenge password
149challengePassword_min = 4
150challengePassword_max = 20
151
152unstructuredName = An optional company name
153
154[ usr_cert ]
155
156# These extensions are added when 'ca' signs a request.
157
158# This goes against PKIX guidelines but some CAs do it and some software
159# requires this to avoid interpreting an end user certificate as a CA.
160
161basicConstraints=CA:FALSE
162
163# Here are some examples of the usage of nsCertType. If it is omitted
164# the certificate can be used for anything *except* object signing.
165
166# This is OK for an SSL server.
167# nsCertType = server
168
169# For an object signing certificate this would be used.
170# nsCertType = objsign
171
172# For normal client use this is typical
173# nsCertType = client, email
174
175# and for everything including object signing:
176# nsCertType = client, email, objsign
177
178# This is typical in keyUsage for a client certificate.
179# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
180
181# This will be displayed in Netscape's comment listbox.
182nsComment = "OpenSSL Generated Certificate"
183
184# PKIX recommendations harmless if included in all certificates.
185subjectKeyIdentifier=hash
186authorityKeyIdentifier=keyid,issuer:always
187
188# This stuff is for subjectAltName and issuerAltname.
189# Import the email address.
190# subjectAltName=email:copy
191# An alternative to produce certificates that aren't
192# deprecated according to PKIX.
193# subjectAltName=email:move
194
195# Copy subject details
196# issuerAltName=issuer:copy
197
198#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
199#nsBaseUrl
200#nsRevocationUrl
201#nsRenewalUrl
202#nsCaPolicyUrl
203#nsSslServerName
204
205[ v3_req ]
206
207# Extensions to add to a certificate request
208
209basicConstraints = CA:FALSE
210keyUsage = nonRepudiation, digitalSignature, keyEncipherment
211
212[ v3_ca ]
213
214
215# Extensions for a typical CA
216
217
218# PKIX recommendation.
219
220subjectKeyIdentifier=hash
221
222authorityKeyIdentifier=keyid:always,issuer:always
223
224# This is what PKIX recommends but some broken software chokes on critical
225# extensions.
226#basicConstraints = critical,CA:true
227# So we do this instead.
228basicConstraints = CA:true
229
230# Key usage: this is typical for a CA certificate. However since it will
231# prevent it being used as an test self-signed certificate it is best
232# left out by default.
233# keyUsage = cRLSign, keyCertSign
234
235# Some might want this also
236# nsCertType = sslCA, emailCA
237
238# Include email address in subject alt name: another PKIX recommendation
239# subjectAltName=email:copy
240# Copy issuer details
241# issuerAltName=issuer:copy
242
243# DER hex encoding of an extension: beware experts only!
244# obj=DER:02:03
245# Where 'obj' is a standard or added object
246# You can even override a supported extension:
247# basicConstraints= critical, DER:30:03:01:01:FF
248
249[ crl_ext ]
250
251# CRL extensions.
252# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
253
254# issuerAltName=issuer:copy
255authorityKeyIdentifier=keyid:always,issuer:always
diff --git a/src/lib/libssl/doc/openssl.txt b/src/lib/libssl/doc/openssl.txt
deleted file mode 100644
index 432a17b66c..0000000000
--- a/src/lib/libssl/doc/openssl.txt
+++ /dev/null
@@ -1,1235 +0,0 @@
1
2This is some preliminary documentation for OpenSSL.
3
4Contents:
5
6 OpenSSL X509V3 extension configuration
7 X509V3 Extension code: programmers guide
8 PKCS#12 Library
9
10
11==============================================================================
12 OpenSSL X509V3 extension configuration
13==============================================================================
14
15OpenSSL X509V3 extension configuration: preliminary documentation.
16
17INTRODUCTION.
18
19For OpenSSL 0.9.2 the extension code has be considerably enhanced. It is now
20possible to add and print out common X509 V3 certificate and CRL extensions.
21
22BEGINNERS NOTE
23
24For most simple applications you don't need to know too much about extensions:
25the default openssl.cnf values will usually do sensible things.
26
27If you want to know more you can initially quickly look through the sections
28describing how the standard OpenSSL utilities display and add extensions and
29then the list of supported extensions.
30
31For more technical information about the meaning of extensions see:
32
33http://www.imc.org/ietf-pkix/
34http://home.netscape.com/eng/security/certs.html
35
36PRINTING EXTENSIONS.
37
38Extension values are automatically printed out for supported extensions.
39
40openssl x509 -in cert.pem -text
41openssl crl -in crl.pem -text
42
43will give information in the extension printout, for example:
44
45 X509v3 extensions:
46 X509v3 Basic Constraints:
47 CA:TRUE
48 X509v3 Subject Key Identifier:
49 73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15
50 X509v3 Authority Key Identifier:
51 keyid:73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15, DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/Email=email@1.address/Email=email@2.address, serial:00
52 X509v3 Key Usage:
53 Certificate Sign, CRL Sign
54 X509v3 Subject Alternative Name:
55 email:email@1.address, email:email@2.address
56
57CONFIGURATION FILES.
58
59The OpenSSL utilities 'ca' and 'req' can now have extension sections listing
60which certificate extensions to include. In each case a line:
61
62x509_extensions = extension_section
63
64indicates which section contains the extensions. In the case of 'req' the
65extension section is used when the -x509 option is present to create a
66self signed root certificate.
67
68The 'x509' utility also supports extensions when it signs a certificate.
69The -extfile option is used to set the configuration file containing the
70extensions. In this case a line with:
71
72extensions = extension_section
73
74in the nameless (default) section is used. If no such line is included then
75it uses the default section.
76
77You can also add extensions to CRLs: a line
78
79crl_extensions = crl_extension_section
80
81will include extensions when the -gencrl option is used with the 'ca' utility.
82You can add any extension to a CRL but of the supported extensions only
83issuerAltName and authorityKeyIdentifier make any real sense. Note: these are
84CRL extensions NOT CRL *entry* extensions which cannot currently be generated.
85CRL entry extensions can be displayed.
86
87NB. At this time Netscape Communicator rejects V2 CRLs: to get an old V1 CRL
88you should not include a crl_extensions line in the configuration file.
89
90As with all configuration files you can use the inbuilt environment expansion
91to allow the values to be passed in the environment. Therefore if you have
92several extension sections used for different purposes you can have a line:
93
94x509_extensions = $ENV::ENV_EXT
95
96and set the ENV_EXT environment variable before calling the relevant utility.
97
98EXTENSION SYNTAX.
99
100Extensions have the basic form:
101
102extension_name=[critical,] extension_options
103
104the use of the critical option makes the extension critical. Extreme caution
105should be made when using the critical flag. If an extension is marked
106as critical then any client that does not understand the extension should
107reject it as invalid. Some broken software will reject certificates which
108have *any* critical extensions (these violates PKIX but we have to live
109with it).
110
111There are three main types of extension: string extensions, multi-valued
112extensions, and raw extensions.
113
114String extensions simply have a string which contains either the value itself
115or how it is obtained.
116
117For example:
118
119nsComment="This is a Comment"
120
121Multi-valued extensions have a short form and a long form. The short form
122is a list of names and values:
123
124basicConstraints=critical,CA:true,pathlen:1
125
126The long form allows the values to be placed in a separate section:
127
128basicConstraints=critical,@bs_section
129
130[bs_section]
131
132CA=true
133pathlen=1
134
135Both forms are equivalent. However it should be noted that in some cases the
136same name can appear multiple times, for example,
137
138subjectAltName=email:steve@here,email:steve@there
139
140in this case an equivalent long form is:
141
142subjectAltName=@alt_section
143
144[alt_section]
145
146email.1=steve@here
147email.2=steve@there
148
149This is because the configuration file code cannot handle the same name
150occurring twice in the same section.
151
152The syntax of raw extensions is governed by the extension code: it can
153for example contain data in multiple sections. The correct syntax to
154use is defined by the extension code itself: check out the certificate
155policies extension for an example.
156
157In addition it is also possible to use the word DER to include arbitrary
158data in any extension.
159
1601.2.3.4=critical,DER:01:02:03:04
1611.2.3.4=DER:01020304
162
163The value following DER is a hex dump of the DER encoding of the extension
164Any extension can be placed in this form to override the default behaviour.
165For example:
166
167basicConstraints=critical,DER:00:01:02:03
168
169WARNING: DER should be used with caution. It is possible to create totally
170invalid extensions unless care is taken.
171
172CURRENTLY SUPPORTED EXTENSIONS.
173
174If you aren't sure about extensions then they can be largely ignored: its only
175when you want to do things like restrict certificate usage when you need to
176worry about them.
177
178The only extension that a beginner might want to look at is Basic Constraints.
179If in addition you want to try Netscape object signing the you should also
180look at Netscape Certificate Type.
181
182Literal String extensions.
183
184In each case the 'value' of the extension is placed directly in the
185extension. Currently supported extensions in this category are: nsBaseUrl,
186nsRevocationUrl, nsCaRevocationUrl, nsRenewalUrl, nsCaPolicyUrl,
187nsSslServerName and nsComment.
188
189For example:
190
191nsComment="This is a test comment"
192
193Bit Strings.
194
195Bit string extensions just consist of a list of supported bits, currently
196two extensions are in this category: PKIX keyUsage and the Netscape specific
197nsCertType.
198
199nsCertType (netscape certificate type) takes the flags: client, server, email,
200objsign, reserved, sslCA, emailCA, objCA.
201
202keyUsage (PKIX key usage) takes the flags: digitalSignature, nonRepudiation,
203keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign,
204encipherOnly, decipherOnly.
205
206For example:
207
208nsCertType=server
209
210keyUsage=digitalSignature, nonRepudiation
211
212Hints on Netscape Certificate Type.
213
214Other than Basic Constraints this is the only extension a beginner might
215want to use, if you want to try Netscape object signing, otherwise it can
216be ignored.
217
218If you want a certificate that can be used just for object signing then:
219
220nsCertType=objsign
221
222will do the job. If you want to use it as a normal end user and server
223certificate as well then
224
225nsCertType=objsign,email,server
226
227is more appropriate. You cannot use a self signed certificate for object
228signing (well Netscape signtool can but it cheats!) so you need to create
229a CA certificate and sign an end user certificate with it.
230
231Side note: If you want to conform to the Netscape specifications then you
232should really also set:
233
234nsCertType=objCA
235
236in the *CA* certificate for just an object signing CA and
237
238nsCertType=objCA,emailCA,sslCA
239
240for everything. Current Netscape software doesn't enforce this so it can
241be omitted.
242
243Basic Constraints.
244
245This is generally the only extension you need to worry about for simple
246applications. If you want your certificate to be usable as a CA certificate
247(in addition to an end user certificate) then you set this to:
248
249basicConstraints=CA:TRUE
250
251if you want to be certain the certificate cannot be used as a CA then do:
252
253basicConstraints=CA:FALSE
254
255The rest of this section describes more advanced usage.
256
257Basic constraints is a multi-valued extension that supports a CA and an
258optional pathlen option. The CA option takes the values true and false and
259pathlen takes an integer. Note if the CA option is false the pathlen option
260should be omitted.
261
262The pathlen parameter indicates the maximum number of CAs that can appear
263below this one in a chain. So if you have a CA with a pathlen of zero it can
264only be used to sign end user certificates and not further CAs. This all
265assumes that the software correctly interprets this extension of course.
266
267Examples:
268
269basicConstraints=CA:TRUE
270basicConstraints=critical,CA:TRUE, pathlen:0
271
272NOTE: for a CA to be considered valid it must have the CA option set to
273TRUE. An end user certificate MUST NOT have the CA value set to true.
274According to PKIX recommendations it should exclude the extension entirely,
275however some software may require CA set to FALSE for end entity certificates.
276
277Extended Key Usage.
278
279This extensions consists of a list of usages.
280
281These can either be object short names of the dotted numerical form of OIDs.
282While any OID can be used only certain values make sense. In particular the
283following PKIX, NS and MS values are meaningful:
284
285Value Meaning
286----- -------
287serverAuth SSL/TLS Web Server Authentication.
288clientAuth SSL/TLS Web Client Authentication.
289codeSigning Code signing.
290emailProtection E-mail Protection (S/MIME).
291timeStamping Trusted Timestamping
292msCodeInd Microsoft Individual Code Signing (authenticode)
293msCodeCom Microsoft Commercial Code Signing (authenticode)
294msCTLSign Microsoft Trust List Signing
295msSGC Microsoft Server Gated Crypto
296msEFS Microsoft Encrypted File System
297nsSGC Netscape Server Gated Crypto
298
299For example, under IE5 a CA can be used for any purpose: by including a list
300of the above usages the CA can be restricted to only authorised uses.
301
302Note: software packages may place additional interpretations on certificate
303use, in particular some usages may only work for selected CAs. Don't for example
304expect just including msSGC or nsSGC will automatically mean that a certificate
305can be used for SGC ("step up" encryption) otherwise anyone could use it.
306
307Examples:
308
309extendedKeyUsage=critical,codeSigning,1.2.3.4
310extendedKeyUsage=nsSGC,msSGC
311
312Subject Key Identifier.
313
314This is really a string extension and can take two possible values. Either
315a hex string giving details of the extension value to include or the word
316'hash' which then automatically follow PKIX guidelines in selecting and
317appropriate key identifier. The use of the hex string is strongly discouraged.
318
319Example: subjectKeyIdentifier=hash
320
321Authority Key Identifier.
322
323The authority key identifier extension permits two options. keyid and issuer:
324both can take the optional value "always".
325
326If the keyid option is present an attempt is made to copy the subject key
327identifier from the parent certificate. If the value "always" is present
328then an error is returned if the option fails.
329
330The issuer option copies the issuer and serial number from the issuer
331certificate. Normally this will only be done if the keyid option fails or
332is not included: the "always" flag will always include the value.
333
334Subject Alternative Name.
335
336The subject alternative name extension allows various literal values to be
337included in the configuration file. These include "email" (an email address)
338"URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a
339registered ID: OBJECT IDENTIFIER) and IP (and IP address).
340
341Also the email option include a special 'copy' value. This will automatically
342include and email addresses contained in the certificate subject name in
343the extension.
344
345Examples:
346
347subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/
348subjectAltName=email:my@other.address,RID:1.2.3.4
349
350Issuer Alternative Name.
351
352The issuer alternative name option supports all the literal options of
353subject alternative name. It does *not* support the email:copy option because
354that would not make sense. It does support an additional issuer:copy option
355that will copy all the subject alternative name values from the issuer
356certificate (if possible).
357
358Example:
359
360issuserAltName = issuer:copy
361
362Authority Info Access.
363
364The authority information access extension gives details about how to access
365certain information relating to the CA. Its syntax is accessOID;location
366where 'location' has the same syntax as subject alternative name (except
367that email:copy is not supported). accessOID can be any valid OID but only
368certain values are meaningful for example OCSP and caIssuers. OCSP gives the
369location of an OCSP responder: this is used by Netscape PSM and other software.
370
371Example:
372
373authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
374authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
375
376CRL distribution points.
377
378This is a multi-valued extension that supports all the literal options of
379subject alternative name. Of the few software packages that currently interpret
380this extension most only interpret the URI option.
381
382Currently each option will set a new DistributionPoint with the fullName
383field set to the given value.
384
385Other fields like cRLissuer and reasons cannot currently be set or displayed:
386at this time no examples were available that used these fields.
387
388If you see this extension with <UNSUPPORTED> when you attempt to print it out
389or it doesn't appear to display correctly then let me know, including the
390certificate (mail me at steve@openssl.org) .
391
392Examples:
393
394crlDistributionPoints=URI:http://www.myhost.com/myca.crl
395crlDistributionPoints=URI:http://www.my.com/my.crl,URI:http://www.oth.com/my.crl
396
397Certificate Policies.
398
399This is a RAW extension. It attempts to display the contents of this extension:
400unfortunately this extension is often improperly encoded.
401
402The certificate policies extension will rarely be used in practice: few
403software packages interpret it correctly or at all. IE5 does partially
404support this extension: but it needs the 'ia5org' option because it will
405only correctly support a broken encoding. Of the options below only the
406policy OID, explicitText and CPS options are displayed with IE5.
407
408All the fields of this extension can be set by using the appropriate syntax.
409
410If you follow the PKIX recommendations of not including any qualifiers and just
411using only one OID then you just include the value of that OID. Multiple OIDs
412can be set separated by commas, for example:
413
414certificatePolicies= 1.2.4.5, 1.1.3.4
415
416If you wish to include qualifiers then the policy OID and qualifiers need to
417be specified in a separate section: this is done by using the @section syntax
418instead of a literal OID value.
419
420The section referred to must include the policy OID using the name
421policyIdentifier, cPSuri qualifiers can be included using the syntax:
422
423CPS.nnn=value
424
425userNotice qualifiers can be set using the syntax:
426
427userNotice.nnn=@notice
428
429The value of the userNotice qualifier is specified in the relevant section.
430This section can include explicitText, organization and noticeNumbers
431options. explicitText and organization are text strings, noticeNumbers is a
432comma separated list of numbers. The organization and noticeNumbers options
433(if included) must BOTH be present. If you use the userNotice option with IE5
434then you need the 'ia5org' option at the top level to modify the encoding:
435otherwise it will not be interpreted properly.
436
437Example:
438
439certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
440
441[polsect]
442
443policyIdentifier = 1.3.5.8
444CPS.1="http://my.host.name/"
445CPS.2="http://my.your.name/"
446userNotice.1=@notice
447
448[notice]
449
450explicitText="Explicit Text Here"
451organization="Organisation Name"
452noticeNumbers=1,2,3,4
453
454TECHNICAL NOTE: the ia5org option changes the type of the 'organization' field,
455according to PKIX it should be of type DisplayText but Verisign uses an
456IA5STRING and IE5 needs this too.
457
458Display only extensions.
459
460Some extensions are only partially supported and currently are only displayed
461but cannot be set. These include private key usage period, CRL number, and
462CRL reason.
463
464==============================================================================
465 X509V3 Extension code: programmers guide
466==============================================================================
467
468The purpose of the extension code is twofold. It allows an extension to be
469created from a string or structure describing its contents and it prints out an
470extension in a human or machine readable form.
471
4721. Initialisation and cleanup.
473
474No special initialisation is needed before calling the extension functions.
475You used to have to call X509V3_add_standard_extensions(); but this is no longer
476required and this function no longer does anything.
477
478void X509V3_EXT_cleanup(void);
479
480This function should be called to cleanup the extension code if any custom
481extensions have been added. If no custom extensions have been added then this
482call does nothing. After this call all custom extension code is freed up but
483you can still use the standard extensions.
484
4852. Printing and parsing extensions.
486
487The simplest way to print out extensions is via the standard X509 printing
488routines: if you use the standard X509_print() function, the supported
489extensions will be printed out automatically.
490
491The following functions allow finer control over extension display:
492
493int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
494int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
495
496These two functions print out an individual extension to a BIO or FILE pointer.
497Currently the flag argument is unused and should be set to 0. The 'indent'
498argument is the number of spaces to indent each line.
499
500void *X509V3_EXT_d2i(X509_EXTENSION *ext);
501
502This function parses an extension and returns its internal structure. The
503precise structure you get back depends on the extension being parsed. If the
504extension if basicConstraints you will get back a pointer to a
505BASIC_CONSTRAINTS structure. Check out the source in crypto/x509v3 for more
506details about the structures returned. The returned structure should be freed
507after use using the relevant free function, BASIC_CONSTRAINTS_free() for
508example.
509
510void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
511void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
512void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
513void * X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
514
515These functions combine the operations of searching for extensions and
516parsing them. They search a certificate, a CRL a CRL entry or a stack
517of extensions respectively for extension whose NID is 'nid' and return
518the parsed result of NULL if an error occurred. For example:
519
520BASIC_CONSTRAINTS *bs;
521bs = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL);
522
523This will search for the basicConstraints extension and either return
524it value or NULL. NULL can mean either the extension was not found, it
525occurred more than once or it could not be parsed.
526
527If 'idx' is NULL then an extension is only parsed if it occurs precisely
528once. This is standard behaviour because extensions normally cannot occur
529more than once. If however more than one extension of the same type can
530occur it can be used to parse successive extensions for example:
531
532int i;
533void *ext;
534
535i = -1;
536for(;;) {
537 ext = X509_get_ext_d2i(x, nid, crit, &idx);
538 if(ext == NULL) break;
539 /* Do something with ext */
540}
541
542If 'crit' is not NULL and the extension was found then the int it points to
543is set to 1 for critical extensions and 0 for non critical. Therefore if the
544function returns NULL but 'crit' is set to 0 or 1 then the extension was
545found but it could not be parsed.
546
547The int pointed to by crit will be set to -1 if the extension was not found
548and -2 if the extension occurred more than once (this will only happen if
549idx is NULL). In both cases the function will return NULL.
550
5513. Generating extensions.
552
553An extension will typically be generated from a configuration file, or some
554other kind of configuration database.
555
556int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
557 X509 *cert);
558int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
559 X509_CRL *crl);
560
561These functions add all the extensions in the given section to the given
562certificate or CRL. They will normally be called just before the certificate
563or CRL is due to be signed. Both return 0 on error on non zero for success.
564
565In each case 'conf' is the LHASH pointer of the configuration file to use
566and 'section' is the section containing the extension details.
567
568See the 'context functions' section for a description of the ctx parameter.
569
570
571X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
572 char *value);
573
574This function returns an extension based on a name and value pair, if the
575pair will not need to access other sections in a config file (or there is no
576config file) then the 'conf' parameter can be set to NULL.
577
578X509_EXTENSION *X509V3_EXT_conf_nid(char *conf, X509V3_CTX *ctx, int nid,
579 char *value);
580
581This function creates an extension in the same way as X509V3_EXT_conf() but
582takes the NID of the extension rather than its name.
583
584For example to produce basicConstraints with the CA flag and a path length of
58510:
586
587x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10");
588
589
590X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
591
592This function sets up an extension from its internal structure. The ext_nid
593parameter is the NID of the extension and 'crit' is the critical flag.
594
5954. Context functions.
596
597The following functions set and manipulate an extension context structure.
598The purpose of the extension context is to allow the extension code to
599access various structures relating to the "environment" of the certificate:
600for example the issuers certificate or the certificate request.
601
602void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
603 X509_REQ *req, X509_CRL *crl, int flags);
604
605This function sets up an X509V3_CTX structure with details of the certificate
606environment: specifically the issuers certificate, the subject certificate,
607the certificate request and the CRL: if these are not relevant or not
608available then they can be set to NULL. The 'flags' parameter should be set
609to zero.
610
611X509V3_set_ctx_test(ctx)
612
613This macro is used to set the 'ctx' structure to a 'test' value: this is to
614allow the syntax of an extension (or configuration file) to be tested.
615
616X509V3_set_ctx_nodb(ctx)
617
618This macro is used when no configuration database is present.
619
620void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
621
622This function is used to set the configuration database when it is an LHASH
623structure: typically a configuration file.
624
625The following functions are used to access a configuration database: they
626should only be used in RAW extensions.
627
628char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
629
630This function returns the value of the parameter "name" in "section", or NULL
631if there has been an error.
632
633void X509V3_string_free(X509V3_CTX *ctx, char *str);
634
635This function frees up the string returned by the above function.
636
637STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
638
639This function returns a whole section as a STACK_OF(CONF_VALUE) .
640
641void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
642
643This function frees up the STACK returned by the above function.
644
645Note: it is possible to use the extension code with a custom configuration
646database. To do this the "db_meth" element of the X509V3_CTX structure should
647be set to an X509V3_CTX_METHOD structure. This structure contains the following
648function pointers:
649
650char * (*get_string)(void *db, char *section, char *value);
651STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
652void (*free_string)(void *db, char * string);
653void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
654
655these will be called and passed the 'db' element in the X509V3_CTX structure
656to access the database. If a given function is not implemented or not required
657it can be set to NULL.
658
6595. String helper functions.
660
661There are several "i2s" and "s2i" functions that convert structures to and
662from ASCII strings. In all the "i2s" cases the returned string should be
663freed using Free() after use. Since some of these are part of other extension
664code they may take a 'method' parameter. Unless otherwise stated it can be
665safely set to NULL.
666
667char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct);
668
669This returns a hex string from an ASN1_OCTET_STRING.
670
671char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
672char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
673
674These return a string decimal representations of an ASN1_INTEGER and an
675ASN1_ENUMERATED type, respectively.
676
677ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
678 X509V3_CTX *ctx, char *str);
679
680This converts an ASCII hex string to an ASN1_OCTET_STRING.
681
682ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
683
684This converts a decimal ASCII string into an ASN1_INTEGER.
685
6866. Multi valued extension helper functions.
687
688The following functions can be used to manipulate STACKs of CONF_VALUE
689structures, as used by multi valued extensions.
690
691int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
692
693This function expects a boolean value in 'value' and sets 'asn1_bool' to
694it. That is it sets it to 0 for FALSE or 0xff for TRUE. The following
695strings are acceptable: "TRUE", "true", "Y", "y", "YES", "yes", "FALSE"
696"false", "N", "n", "NO" or "no".
697
698int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
699
700This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
701
702int X509V3_add_value(const char *name, const char *value,
703 STACK_OF(CONF_VALUE) **extlist);
704
705This simply adds a string name and value pair.
706
707int X509V3_add_value_uchar(const char *name, const unsigned char *value,
708 STACK_OF(CONF_VALUE) **extlist);
709
710The same as above but for an unsigned character value.
711
712int X509V3_add_value_bool(const char *name, int asn1_bool,
713 STACK_OF(CONF_VALUE) **extlist);
714
715This adds either "TRUE" or "FALSE" depending on the value of 'asn1_bool'
716
717int X509V3_add_value_bool_nf(char *name, int asn1_bool,
718 STACK_OF(CONF_VALUE) **extlist);
719
720This is the same as above except it adds nothing if asn1_bool is FALSE.
721
722int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
723 STACK_OF(CONF_VALUE) **extlist);
724
725This function adds the value of the ASN1_INTEGER in decimal form.
726
7277. Other helper functions.
728
729<to be added>
730
731ADDING CUSTOM EXTENSIONS.
732
733Currently there are three types of supported extensions.
734
735String extensions are simple strings where the value is placed directly in the
736extensions, and the string returned is printed out.
737
738Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
739or return a STACK_OF(CONF_VALUE).
740
741Raw extensions are just passed a BIO or a value and it is the extensions
742responsibility to handle all the necessary printing.
743
744There are two ways to add an extension. One is simply as an alias to an already
745existing extension. An alias is an extension that is identical in ASN1 structure
746to an existing extension but has a different OBJECT IDENTIFIER. This can be
747done by calling:
748
749int X509V3_EXT_add_alias(int nid_to, int nid_from);
750
751'nid_to' is the new extension NID and 'nid_from' is the already existing
752extension NID.
753
754Alternatively an extension can be written from scratch. This involves writing
755the ASN1 code to encode and decode the extension and functions to print out and
756generate the extension from strings. The relevant functions are then placed in
757a X509V3_EXT_METHOD structure and int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
758called.
759
760The X509V3_EXT_METHOD structure is described below.
761
762strut {
763int ext_nid;
764int ext_flags;
765X509V3_EXT_NEW ext_new;
766X509V3_EXT_FREE ext_free;
767X509V3_EXT_D2I d2i;
768X509V3_EXT_I2D i2d;
769X509V3_EXT_I2S i2s;
770X509V3_EXT_S2I s2i;
771X509V3_EXT_I2V i2v;
772X509V3_EXT_V2I v2i;
773X509V3_EXT_R2I r2i;
774X509V3_EXT_I2R i2r;
775
776void *usr_data;
777};
778
779The elements have the following meanings.
780
781ext_nid is the NID of the object identifier of the extension.
782
783ext_flags is set of flags. Currently the only external flag is
784 X509V3_EXT_MULTILINE which means a multi valued extensions
785 should be printed on separate lines.
786
787usr_data is an extension specific pointer to any relevant data. This
788 allows extensions to share identical code but have different
789 uses. An example of this is the bit string extension which uses
790 usr_data to contain a list of the bit names.
791
792All the remaining elements are function pointers.
793
794ext_new is a pointer to a function that allocates memory for the
795 extension ASN1 structure: for example ASN1_OBJECT_new().
796
797ext_free is a pointer to a function that free up memory of the extension
798 ASN1 structure: for example ASN1_OBJECT_free().
799
800d2i is the standard ASN1 function that converts a DER buffer into
801 the internal ASN1 structure: for example d2i_ASN1_IA5STRING().
802
803i2d is the standard ASN1 function that converts the internal
804 structure into the DER representation: for example
805 i2d_ASN1_IA5STRING().
806
807The remaining functions are depend on the type of extension. One i2X and
808one X2i should be set and the rest set to NULL. The types set do not need
809to match up, for example the extension could be set using the multi valued
810v2i function and printed out using the raw i2r.
811
812All functions have the X509V3_EXT_METHOD passed to them in the 'method'
813parameter and an X509V3_CTX structure. Extension code can then access the
814parent structure via the 'method' parameter to for example make use of the value
815of usr_data. If the code needs to use detail relating to the request it can
816use the 'ctx' parameter.
817
818A note should be given here about the 'flags' member of the 'ctx' parameter.
819If it has the value CTX_TEST then the configuration syntax is being checked
820and no actual certificate or CRL exists. Therefore any attempt in the config
821file to access such information should silently succeed. If the syntax is OK
822then it should simply return a (possibly bogus) extension, otherwise it
823should return NULL.
824
825char *i2s(struct v3_ext_method *method, void *ext);
826
827This function takes the internal structure in the ext parameter and returns
828a Malloc'ed string representing its value.
829
830void * s2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
831
832This function takes the string representation in the ext parameter and returns
833an allocated internal structure: ext_free() will be used on this internal
834structure after use.
835
836i2v and v2i handle a STACK_OF(CONF_VALUE):
837
838typedef struct
839{
840 char *section;
841 char *name;
842 char *value;
843} CONF_VALUE;
844
845Only the name and value members are currently used.
846
847STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
848
849This function is passed the internal structure in the ext parameter and
850returns a STACK of CONF_VALUE structures. The values of name, value,
851section and the structure itself will be freed up with Free after use.
852Several helper functions are available to add values to this STACK.
853
854void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
855 STACK_OF(CONF_VALUE) *values);
856
857This function takes a STACK_OF(CONF_VALUE) structures and should set the
858values of the external structure. This typically uses the name element to
859determine which structure element to set and the value element to determine
860what to set it to. Several helper functions are available for this
861purpose (see above).
862
863int i2r(struct v3_ext_method *method, void *ext, BIO *out, int indent);
864
865This function is passed the internal extension structure in the ext parameter
866and sends out a human readable version of the extension to out. The 'indent'
867parameter should be noted to determine the necessary amount of indentation
868needed on the output.
869
870void * r2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
871
872This is just passed the string representation of the extension. It is intended
873to be used for more elaborate extensions where the standard single and multi
874valued options are insufficient. They can use the 'ctx' parameter to parse the
875configuration database themselves. See the context functions section for details
876of how to do this.
877
878Note: although this type takes the same parameters as the "r2s" function there
879is a subtle difference. Whereas an "r2i" function can access a configuration
880database an "s2i" function MUST NOT. This is so the internal code can safely
881assume that an "s2i" function will work without a configuration database.
882
883==============================================================================
884 PKCS#12 Library
885==============================================================================
886
887This section describes the internal PKCS#12 support. There are very few
888differences between the old external library and the new internal code at
889present. This may well change because the external library will not be updated
890much in future.
891
892This version now includes a couple of high level PKCS#12 functions which
893generally "do the right thing" and should make it much easier to handle PKCS#12
894structures.
895
896HIGH LEVEL FUNCTIONS.
897
898For most applications you only need concern yourself with the high level
899functions. They can parse and generate simple PKCS#12 files as produced by
900Netscape and MSIE or indeed any compliant PKCS#12 file containing a single
901private key and certificate pair.
902
9031. Initialisation and cleanup.
904
905No special initialisation is needed for the internal PKCS#12 library: the
906standard SSLeay_add_all_algorithms() is sufficient. If you do not wish to
907add all algorithms (you should at least add SHA1 though) then you can manually
908initialise the PKCS#12 library with:
909
910PKCS12_PBE_add();
911
912The memory allocated by the PKCS#12 library is freed up when EVP_cleanup() is
913called or it can be directly freed with:
914
915EVP_PBE_cleanup();
916
917after this call (or EVP_cleanup() ) no more PKCS#12 library functions should
918be called.
919
9202. I/O functions.
921
922i2d_PKCS12_bio(bp, p12)
923
924This writes out a PKCS12 structure to a BIO.
925
926i2d_PKCS12_fp(fp, p12)
927
928This is the same but for a FILE pointer.
929
930d2i_PKCS12_bio(bp, p12)
931
932This reads in a PKCS12 structure from a BIO.
933
934d2i_PKCS12_fp(fp, p12)
935
936This is the same but for a FILE pointer.
937
9383. High level functions.
939
9403.1 Parsing with PKCS12_parse().
941
942int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert,
943 STACK **ca);
944
945This function takes a PKCS12 structure and a password (ASCII, null terminated)
946and returns the private key, the corresponding certificate and any CA
947certificates. If any of these is not required it can be passed as a NULL.
948The 'ca' parameter should be either NULL, a pointer to NULL or a valid STACK
949structure. Typically to read in a PKCS#12 file you might do:
950
951p12 = d2i_PKCS12_fp(fp, NULL);
952PKCS12_parse(p12, password, &pkey, &cert, NULL); /* CAs not wanted */
953PKCS12_free(p12);
954
9553.2 PKCS#12 creation with PKCS12_create().
956
957PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
958 STACK *ca, int nid_key, int nid_cert, int iter,
959 int mac_iter, int keytype);
960
961This function will create a PKCS12 structure from a given password, name,
962private key, certificate and optional STACK of CA certificates. The remaining
9635 parameters can be set to 0 and sensible defaults will be used.
964
965The parameters nid_key and nid_cert are the key and certificate encryption
966algorithms, iter is the encryption iteration count, mac_iter is the MAC
967iteration count and keytype is the type of private key. If you really want
968to know what these last 5 parameters do then read the low level section.
969
970Typically to create a PKCS#12 file the following could be used:
971
972p12 = PKCS12_create(pass, "My Certificate", pkey, cert, NULL, 0,0,0,0,0);
973i2d_PKCS12_fp(fp, p12);
974PKCS12_free(p12);
975
9763.3 Changing a PKCS#12 structure password.
977
978int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
979
980This changes the password of an already existing PKCS#12 structure. oldpass
981is the old password and newpass is the new one. An error occurs if the old
982password is incorrect.
983
984LOW LEVEL FUNCTIONS.
985
986In some cases the high level functions do not provide the necessary
987functionality. For example if you want to generate or parse more complex
988PKCS#12 files. The sample pkcs12 application uses the low level functions
989to display details about the internal structure of a PKCS#12 file.
990
991Introduction.
992
993This is a brief description of how a PKCS#12 file is represented internally:
994some knowledge of PKCS#12 is assumed.
995
996A PKCS#12 object contains several levels.
997
998At the lowest level is a PKCS12_SAFEBAG. This can contain a certificate, a
999CRL, a private key, encrypted or unencrypted, a set of safebags (so the
1000structure can be nested) or other secrets (not documented at present).
1001A safebag can optionally have attributes, currently these are: a unicode
1002friendlyName (a Unicode string) or a localKeyID (a string of bytes).
1003
1004At the next level is an authSafe which is a set of safebags collected into
1005a PKCS#7 ContentInfo. This can be just plain data, or encrypted itself.
1006
1007At the top level is the PKCS12 structure itself which contains a set of
1008authSafes in an embedded PKCS#7 Contentinfo of type data. In addition it
1009contains a MAC which is a kind of password protected digest to preserve
1010integrity (so any unencrypted stuff below can't be tampered with).
1011
1012The reason for these levels is so various objects can be encrypted in various
1013ways. For example you might want to encrypt a set of private keys with
1014triple-DES and then include the related certificates either unencrypted or
1015with lower encryption. Yes it's the dreaded crypto laws at work again which
1016allow strong encryption on private keys and only weak encryption on other
1017stuff.
1018
1019To build one of these things you turn all certificates and keys into safebags
1020(with optional attributes). You collect the safebags into (one or more) STACKS
1021and convert these into authsafes (encrypted or unencrypted). The authsafes
1022are collected into a STACK and added to a PKCS12 structure. Finally a MAC
1023inserted.
1024
1025Pulling one apart is basically the reverse process. The MAC is verified against
1026the given password. The authsafes are extracted and each authsafe split into
1027a set of safebags (possibly involving decryption). Finally the safebags are
1028decomposed into the original keys and certificates and the attributes used to
1029match up private key and certificate pairs.
1030
1031Anyway here are the functions that do the dirty work.
1032
10331. Construction functions.
1034
10351.1 Safebag functions.
1036
1037M_PKCS12_x5092certbag(x509)
1038
1039This macro takes an X509 structure and returns a certificate bag. The
1040X509 structure can be freed up after calling this function.
1041
1042M_PKCS12_x509crl2certbag(crl)
1043
1044As above but for a CRL.
1045
1046PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey)
1047
1048Take a private key and convert it into a PKCS#8 PrivateKeyInfo structure.
1049Works for both RSA and DSA private keys. NB since the PKCS#8 PrivateKeyInfo
1050structure contains a private key data in plain text form it should be free'd
1051up as soon as it has been encrypted for security reasons (freeing up the
1052structure zeros out the sensitive data). This can be done with
1053PKCS8_PRIV_KEY_INFO_free().
1054
1055PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
1056
1057This sets the key type when a key is imported into MSIE or Outlook 98. Two
1058values are currently supported: KEY_EX and KEY_SIG. KEY_EX is an exchange type
1059key that can also be used for signing but its size is limited in the export
1060versions of MS software to 512 bits, it is also the default. KEY_SIG is a
1061signing only key but the keysize is unlimited (well 16K is supposed to work).
1062If you are using the domestic version of MSIE then you can ignore this because
1063KEY_EX is not limited and can be used for both.
1064
1065PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
1066
1067Convert a PKCS8 private key structure into a keybag. This routine embeds the
1068p8 structure in the keybag so p8 should not be freed up or used after it is
1069called. The p8 structure will be freed up when the safebag is freed.
1070
1071PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)
1072
1073Convert a PKCS#8 structure into a shrouded key bag (encrypted). p8 is not
1074embedded and can be freed up after use.
1075
1076int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
1077int PKCS12_add_friendlyname(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
1078
1079Add a local key id or a friendlyname to a safebag.
1080
10811.2 Authsafe functions.
1082
1083PKCS7 *PKCS12_pack_p7data(STACK *sk)
1084Take a stack of safebags and convert them into an unencrypted authsafe. The
1085stack of safebags can be freed up after calling this function.
1086
1087PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK *bags);
1088
1089As above but encrypted.
1090
10911.3 PKCS12 functions.
1092
1093PKCS12 *PKCS12_init(int mode)
1094
1095Initialise a PKCS12 structure (currently mode should be NID_pkcs7_data).
1096
1097M_PKCS12_pack_authsafes(p12, safes)
1098
1099This macro takes a STACK of authsafes and adds them to a PKCS#12 structure.
1100
1101int PKCS12_set_mac(PKCS12 *p12, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type);
1102
1103Add a MAC to a PKCS12 structure. If EVP_MD is NULL use SHA-1, the spec suggests
1104that SHA-1 should be used.
1105
11062. Extraction Functions.
1107
11082.1 Safebags.
1109
1110M_PKCS12_bag_type(bag)
1111
1112Return the type of "bag". Returns one of the following
1113
1114NID_keyBag
1115NID_pkcs8ShroudedKeyBag 7
1116NID_certBag 8
1117NID_crlBag 9
1118NID_secretBag 10
1119NID_safeContentsBag 11
1120
1121M_PKCS12_cert_bag_type(bag)
1122
1123Returns type of certificate bag, following are understood.
1124
1125NID_x509Certificate 14
1126NID_sdsiCertificate 15
1127
1128M_PKCS12_crl_bag_type(bag)
1129
1130Returns crl bag type, currently only NID_crlBag is recognised.
1131
1132M_PKCS12_certbag2x509(bag)
1133
1134This macro extracts an X509 certificate from a certificate bag.
1135
1136M_PKCS12_certbag2x509crl(bag)
1137
1138As above but for a CRL.
1139
1140EVP_PKEY * PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
1141
1142Extract a private key from a PKCS8 private key info structure.
1143
1144M_PKCS12_decrypt_skey(bag, pass, passlen)
1145
1146Decrypt a shrouded key bag and return a PKCS8 private key info structure.
1147Works with both RSA and DSA keys
1148
1149char *PKCS12_get_friendlyname(bag)
1150
1151Returns the friendlyName of a bag if present or NULL if none. The returned
1152string is a null terminated ASCII string allocated with Malloc(). It should
1153thus be freed up with Free() after use.
1154
11552.2 AuthSafe functions.
1156
1157M_PKCS12_unpack_p7data(p7)
1158
1159Extract a STACK of safe bags from a PKCS#7 data ContentInfo.
1160
1161#define M_PKCS12_unpack_p7encdata(p7, pass, passlen)
1162
1163As above but for an encrypted content info.
1164
11652.3 PKCS12 functions.
1166
1167M_PKCS12_unpack_authsafes(p12)
1168
1169Extract a STACK of authsafes from a PKCS12 structure.
1170
1171M_PKCS12_mac_present(p12)
1172
1173Check to see if a MAC is present.
1174
1175int PKCS12_verify_mac(PKCS12 *p12, unsigned char *pass, int passlen)
1176
1177Verify a MAC on a PKCS12 structure. Returns an error if MAC not present.
1178
1179
1180Notes.
1181
11821. All the function return 0 or NULL on error.
11832. Encryption based functions take a common set of parameters. These are
1184described below.
1185
1186pass, passlen
1187ASCII password and length. The password on the MAC is called the "integrity
1188password" the encryption password is called the "privacy password" in the
1189PKCS#12 documentation. The passwords do not have to be the same. If -1 is
1190passed for the length it is worked out by the function itself (currently
1191this is sometimes done whatever is passed as the length but that may change).
1192
1193salt, saltlen
1194A 'salt' if salt is NULL a random salt is used. If saltlen is also zero a
1195default length is used.
1196
1197iter
1198Iteration count. This is a measure of how many times an internal function is
1199called to encrypt the data. The larger this value is the longer it takes, it
1200makes dictionary attacks on passwords harder. NOTE: Some implementations do
1201not support an iteration count on the MAC. If the password for the MAC and
1202encryption is the same then there is no point in having a high iteration
1203count for encryption if the MAC has no count. The MAC could be attacked
1204and the password used for the main decryption.
1205
1206pbe_nid
1207This is the NID of the password based encryption method used. The following are
1208supported.
1209NID_pbe_WithSHA1And128BitRC4
1210NID_pbe_WithSHA1And40BitRC4
1211NID_pbe_WithSHA1And3_Key_TripleDES_CBC
1212NID_pbe_WithSHA1And2_Key_TripleDES_CBC
1213NID_pbe_WithSHA1And128BitRC2_CBC
1214NID_pbe_WithSHA1And40BitRC2_CBC
1215
1216Which you use depends on the implementation you are exporting to. "Export
1217grade" (i.e. cryptographically challenged) products cannot support all
1218algorithms. Typically you may be able to use any encryption on shrouded key
1219bags but they must then be placed in an unencrypted authsafe. Other authsafes
1220may only support 40bit encryption. Of course if you are using SSLeay
1221throughout you can strongly encrypt everything and have high iteration counts
1222on everything.
1223
12243. For decryption routines only the password and length are needed.
1225
12264. Unlike the external version the nid's of objects are the values of the
1227constants: that is NID_certBag is the real nid, therefore there is no
1228PKCS12_obj_offset() function. Note the object constants are not the same as
1229those of the external version. If you use these constants then you will need
1230to recompile your code.
1231
12325. With the exception of PKCS12_MAKE_KEYBAG(), after calling any function or
1233macro of the form PKCS12_MAKE_SOMETHING(other) the "other" structure can be
1234reused or freed up safely.
1235
diff --git a/src/lib/libssl/doc/standards.txt b/src/lib/libssl/doc/standards.txt
deleted file mode 100644
index edbe2f3a57..0000000000
--- a/src/lib/libssl/doc/standards.txt
+++ /dev/null
@@ -1,257 +0,0 @@
1Standards related to OpenSSL
2============================
3
4[Please, this is currently a draft. I made a first try at finding
5 documents that describe parts of what OpenSSL implements. There are
6 big gaps, and I've most certainly done something wrong. Please
7 correct whatever is... Also, this note should be removed when this
8 file is reaching a somewhat correct state. -- Richard Levitte]
9
10
11All pointers in here will be either URL's or blobs of text borrowed
12from miscellaneous indexes, like rfc-index.txt (index of RFCs),
131id-index.txt (index of Internet drafts) and the like.
14
15To find the latest possible RFCs, it's recommended to either browse
16ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and
17use the search mechanism found there.
18To find the latest possible Internet drafts, it's recommended to
19browse ftp://ftp.isi.edu/internet-drafts/.
20To find the latest possible PKCS, it's recommended to browse
21http://www.rsasecurity.com/rsalabs/pkcs/.
22
23
24Implemented:
25------------
26
27These are documents that describe things that are implemented (in
28whole or at least great parts) in OpenSSL.
29
301319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
31 (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
32
331320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
34 TXT=32407 bytes) (Status: INFORMATIONAL)
35
361321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
37 TXT=35222 bytes) (Status: INFORMATIONAL)
38
392246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.
40 (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD)
41
422268 A Description of the RC2(r) Encryption Algorithm. R. Rivest.
43 January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL)
44
452315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski.
46 March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL)
47
48PKCS#8: Private-Key Information Syntax Standard
49
50PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
51
522560 X.509 Internet Public Key Infrastructure Online Certificate
53 Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin,
54 C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED
55 STANDARD)
56
572712 Addition of Kerberos Cipher Suites to Transport Layer Security
58 (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
59 (Status: PROPOSED STANDARD)
60
612898 PKCS #5: Password-Based Cryptography Specification Version 2.0.
62 B. Kaliski. September 2000. (Format: TXT=68692 bytes) (Status:
63 INFORMATIONAL)
64
652986 PKCS #10: Certification Request Syntax Specification Version 1.7.
66 M. Nystrom, B. Kaliski. November 2000. (Format: TXT=27794 bytes)
67 (Obsoletes RFC2314) (Status: INFORMATIONAL)
68
693174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones.
70 September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL)
71
723268 Advanced Encryption Standard (AES) Ciphersuites for Transport
73 Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes)
74 (Status: PROPOSED STANDARD)
75
763279 Algorithms and Identifiers for the Internet X.509 Public Key
77 Infrastructure Certificate and Certificate Revocation List (CRL)
78 Profile. L. Bassham, W. Polk, R. Housley. April 2002. (Format:
79 TXT=53833 bytes) (Status: PROPOSED STANDARD)
80
813280 Internet X.509 Public Key Infrastructure Certificate and
82 Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W.
83 Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes
84 RFC2459) (Status: PROPOSED STANDARD)
85
863447 Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography
87 Specifications Version 2.1. J. Jonsson, B. Kaliski. February 2003.
88 (Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status:
89 INFORMATIONAL)
90
91
92Related:
93--------
94
95These are documents that are close to OpenSSL, for example the
96STARTTLS documents.
97
981421 Privacy Enhancement for Internet Electronic Mail: Part I: Message
99 Encryption and Authentication Procedures. J. Linn. February 1993.
100 (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED
101 STANDARD)
102
1031422 Privacy Enhancement for Internet Electronic Mail: Part II:
104 Certificate-Based Key Management. S. Kent. February 1993. (Format:
105 TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD)
106
1071423 Privacy Enhancement for Internet Electronic Mail: Part III:
108 Algorithms, Modes, and Identifiers. D. Balenson. February 1993.
109 (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED
110 STANDARD)
111
1121424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key
113 Certification and Related Services. B. Kaliski. February 1993.
114 (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD)
115
1162025 The Simple Public-Key GSS-API Mechanism (SPKM). C. Adams. October
117 1996. (Format: TXT=101692 bytes) (Status: PROPOSED STANDARD)
118
1192510 Internet X.509 Public Key Infrastructure Certificate Management
120 Protocols. C. Adams, S. Farrell. March 1999. (Format: TXT=158178
121 bytes) (Status: PROPOSED STANDARD)
122
1232511 Internet X.509 Certificate Request Message Format. M. Myers, C.
124 Adams, D. Solo, D. Kemp. March 1999. (Format: TXT=48278 bytes)
125 (Status: PROPOSED STANDARD)
126
1272527 Internet X.509 Public Key Infrastructure Certificate Policy and
128 Certification Practices Framework. S. Chokhani, W. Ford. March 1999.
129 (Format: TXT=91860 bytes) (Status: INFORMATIONAL)
130
1312538 Storing Certificates in the Domain Name System (DNS). D. Eastlake
132 3rd, O. Gudmundsson. March 1999. (Format: TXT=19857 bytes) (Status:
133 PROPOSED STANDARD)
134
1352539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS).
136 D. Eastlake 3rd. March 1999. (Format: TXT=21049 bytes) (Status:
137 PROPOSED STANDARD)
138
1392559 Internet X.509 Public Key Infrastructure Operational Protocols -
140 LDAPv2. S. Boeyen, T. Howes, P. Richard. April 1999. (Format:
141 TXT=22889 bytes) (Updates RFC1778) (Status: PROPOSED STANDARD)
142
1432585 Internet X.509 Public Key Infrastructure Operational Protocols:
144 FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813
145 bytes) (Status: PROPOSED STANDARD)
146
1472587 Internet X.509 Public Key Infrastructure LDAPv2 Schema. S.
148 Boeyen, T. Howes, P. Richard. June 1999. (Format: TXT=15102 bytes)
149 (Status: PROPOSED STANDARD)
150
1512595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
152 (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
153
1542631 Diffie-Hellman Key Agreement Method. E. Rescorla. June 1999.
155 (Format: TXT=25932 bytes) (Status: PROPOSED STANDARD)
156
1572632 S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June
158 1999. (Format: TXT=27925 bytes) (Status: PROPOSED STANDARD)
159
1602716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October
161 1999. (Format: TXT=50108 bytes) (Status: EXPERIMENTAL)
162
1632773 Encryption using KEA and SKIPJACK. R. Housley, P. Yee, W. Nace.
164 February 2000. (Format: TXT=20008 bytes) (Updates RFC0959) (Status:
165 EXPERIMENTAL)
166
1672797 Certificate Management Messages over CMS. M. Myers, X. Liu, J.
168 Schaad, J. Weinstein. April 2000. (Format: TXT=103357 bytes) (Status:
169 PROPOSED STANDARD)
170
1712817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May
172 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED
173 STANDARD)
174
1752818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes)
176 (Status: INFORMATIONAL)
177
1782876 Use of the KEA and SKIPJACK Algorithms in CMS. J. Pawling. July
179 2000. (Format: TXT=29265 bytes) (Status: INFORMATIONAL)
180
1812984 Use of the CAST-128 Encryption Algorithm in CMS. C. Adams.
182 October 2000. (Format: TXT=11591 bytes) (Status: PROPOSED STANDARD)
183
1842985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0.
185 M. Nystrom, B. Kaliski. November 2000. (Format: TXT=70703 bytes)
186 (Status: INFORMATIONAL)
187
1883029 Internet X.509 Public Key Infrastructure Data Validation and
189 Certification Server Protocols. C. Adams, P. Sylvester, M. Zolotarev,
190 R. Zuccherato. February 2001. (Format: TXT=107347 bytes) (Status:
191 EXPERIMENTAL)
192
1933039 Internet X.509 Public Key Infrastructure Qualified Certificates
194 Profile. S. Santesson, W. Polk, P. Barzin, M. Nystrom. January 2001.
195 (Format: TXT=67619 bytes) (Status: PROPOSED STANDARD)
196
1973058 Use of the IDEA Encryption Algorithm in CMS. S. Teiwes, P.
198 Hartmann, D. Kuenzi. February 2001. (Format: TXT=17257 bytes)
199 (Status: INFORMATIONAL)
200
2013161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol
202 (TSP). C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001.
203 (Format: TXT=54585 bytes) (Status: PROPOSED STANDARD)
204
2053185 Reuse of CMS Content Encryption Keys. S. Farrell, S. Turner.
206 October 2001. (Format: TXT=20404 bytes) (Status: PROPOSED STANDARD)
207
2083207 SMTP Service Extension for Secure SMTP over Transport Layer
209 Security. P. Hoffman. February 2002. (Format: TXT=18679 bytes)
210 (Obsoletes RFC2487) (Status: PROPOSED STANDARD)
211
2123217 Triple-DES and RC2 Key Wrapping. R. Housley. December 2001.
213 (Format: TXT=19855 bytes) (Status: INFORMATIONAL)
214
2153274 Compressed Data Content Type for Cryptographic Message Syntax
216 (CMS). P. Gutmann. June 2002. (Format: TXT=11276 bytes) (Status:
217 PROPOSED STANDARD)
218
2193278 Use of Elliptic Curve Cryptography (ECC) Algorithms in
220 Cryptographic Message Syntax (CMS). S. Blake-Wilson, D. Brown, P.
221 Lambert. April 2002. (Format: TXT=33779 bytes) (Status:
222 INFORMATIONAL)
223
2243281 An Internet Attribute Certificate Profile for Authorization. S.
225 Farrell, R. Housley. April 2002. (Format: TXT=90580 bytes) (Status:
226 PROPOSED STANDARD)
227
2283369 Cryptographic Message Syntax (CMS). R. Housley. August 2002.
229 (Format: TXT=113975 bytes) (Obsoletes RFC2630, RFC3211) (Status:
230 PROPOSED STANDARD)
231
2323370 Cryptographic Message Syntax (CMS) Algorithms. R. Housley. August
233 2002. (Format: TXT=51001 bytes) (Obsoletes RFC2630, RFC3211) (Status:
234 PROPOSED STANDARD)
235
2363377 Lightweight Directory Access Protocol (v3): Technical
237 Specification. J. Hodges, R. Morgan. September 2002. (Format:
238 TXT=9981 bytes) (Updates RFC2251, RFC2252, RFC2253, RFC2254, RFC2255,
239 RFC2256, RFC2829, RFC2830) (Status: PROPOSED STANDARD)
240
2413394 Advanced Encryption Standard (AES) Key Wrap Algorithm. J. Schaad,
242 R. Housley. September 2002. (Format: TXT=73072 bytes) (Status:
243 INFORMATIONAL)
244
2453436 Transport Layer Security over Stream Control Transmission
246 Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002.
247 (Format: TXT=16333 bytes) (Status: PROPOSED STANDARD)
248
249 "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>
250
251
252To be implemented:
253------------------
254
255These are documents that describe things that are planed to be
256implemented in the hopefully short future.
257
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
deleted file mode 100644
index 64ee4269ec..0000000000
--- a/src/lib/libssl/s23_clnt.c
+++ /dev/null
@@ -1,490 +0,0 @@
1/* ssl/s23_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "ssl_locl.h"
61#include <openssl/buffer.h>
62#include <openssl/rand.h>
63#include <openssl/objects.h>
64#include <openssl/evp.h>
65
66static SSL_METHOD *ssl23_get_client_method(int ver);
67static int ssl23_client_hello(SSL *s);
68static int ssl23_get_server_hello(SSL *s);
69static SSL_METHOD *ssl23_get_client_method(int ver)
70 {
71#ifndef OPENSSL_NO_SSL2
72 if (ver == SSL2_VERSION)
73 return(SSLv2_client_method());
74#endif
75 if (ver == SSL3_VERSION)
76 return(SSLv3_client_method());
77 else if (ver == TLS1_VERSION)
78 return(TLSv1_client_method());
79 else
80 return(NULL);
81 }
82
83SSL_METHOD *SSLv23_client_method(void)
84 {
85 static int init=1;
86 static SSL_METHOD SSLv23_client_data;
87
88 if (init)
89 {
90 CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
91
92 if (init)
93 {
94 memcpy((char *)&SSLv23_client_data,
95 (char *)sslv23_base_method(),sizeof(SSL_METHOD));
96 SSLv23_client_data.ssl_connect=ssl23_connect;
97 SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
98 init=0;
99 }
100
101 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
102 }
103 return(&SSLv23_client_data);
104 }
105
106int ssl23_connect(SSL *s)
107 {
108 BUF_MEM *buf=NULL;
109 unsigned long Time=time(NULL);
110 void (*cb)(const SSL *ssl,int type,int val)=NULL;
111 int ret= -1;
112 int new_state,state;
113
114 RAND_add(&Time,sizeof(Time),0);
115 ERR_clear_error();
116 clear_sys_error();
117
118 if (s->info_callback != NULL)
119 cb=s->info_callback;
120 else if (s->ctx->info_callback != NULL)
121 cb=s->ctx->info_callback;
122
123 s->in_handshake++;
124 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
125
126 for (;;)
127 {
128 state=s->state;
129
130 switch(s->state)
131 {
132 case SSL_ST_BEFORE:
133 case SSL_ST_CONNECT:
134 case SSL_ST_BEFORE|SSL_ST_CONNECT:
135 case SSL_ST_OK|SSL_ST_CONNECT:
136
137 if (s->session != NULL)
138 {
139 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE);
140 ret= -1;
141 goto end;
142 }
143 s->server=0;
144 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
145
146 /* s->version=TLS1_VERSION; */
147 s->type=SSL_ST_CONNECT;
148
149 if (s->init_buf == NULL)
150 {
151 if ((buf=BUF_MEM_new()) == NULL)
152 {
153 ret= -1;
154 goto end;
155 }
156 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
157 {
158 ret= -1;
159 goto end;
160 }
161 s->init_buf=buf;
162 buf=NULL;
163 }
164
165 if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
166
167 ssl3_init_finished_mac(s);
168
169 s->state=SSL23_ST_CW_CLNT_HELLO_A;
170 s->ctx->stats.sess_connect++;
171 s->init_num=0;
172 break;
173
174 case SSL23_ST_CW_CLNT_HELLO_A:
175 case SSL23_ST_CW_CLNT_HELLO_B:
176
177 s->shutdown=0;
178 ret=ssl23_client_hello(s);
179 if (ret <= 0) goto end;
180 s->state=SSL23_ST_CR_SRVR_HELLO_A;
181 s->init_num=0;
182
183 break;
184
185 case SSL23_ST_CR_SRVR_HELLO_A:
186 case SSL23_ST_CR_SRVR_HELLO_B:
187 ret=ssl23_get_server_hello(s);
188 if (ret >= 0) cb=NULL;
189 goto end;
190 /* break; */
191
192 default:
193 SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE);
194 ret= -1;
195 goto end;
196 /* break; */
197 }
198
199 if (s->debug) { (void)BIO_flush(s->wbio); }
200
201 if ((cb != NULL) && (s->state != state))
202 {
203 new_state=s->state;
204 s->state=state;
205 cb(s,SSL_CB_CONNECT_LOOP,1);
206 s->state=new_state;
207 }
208 }
209end:
210 s->in_handshake--;
211 if (buf != NULL)
212 BUF_MEM_free(buf);
213 if (cb != NULL)
214 cb(s,SSL_CB_CONNECT_EXIT,ret);
215 return(ret);
216 }
217
218
219static int ssl23_client_hello(SSL *s)
220 {
221 unsigned char *buf;
222 unsigned char *p,*d;
223 int i,ch_len;
224 int ret;
225
226 buf=(unsigned char *)s->init_buf->data;
227 if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
228 {
229#if 0
230 /* don't reuse session-id's */
231 if (!ssl_get_new_session(s,0))
232 {
233 return(-1);
234 }
235#endif
236
237 p=s->s3->client_random;
238 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
239
240 /* Do the message type and length last */
241 d= &(buf[2]);
242 p=d+9;
243
244 *(d++)=SSL2_MT_CLIENT_HELLO;
245 if (!(s->options & SSL_OP_NO_TLSv1))
246 {
247 *(d++)=TLS1_VERSION_MAJOR;
248 *(d++)=TLS1_VERSION_MINOR;
249 s->client_version=TLS1_VERSION;
250 }
251 else if (!(s->options & SSL_OP_NO_SSLv3))
252 {
253 *(d++)=SSL3_VERSION_MAJOR;
254 *(d++)=SSL3_VERSION_MINOR;
255 s->client_version=SSL3_VERSION;
256 }
257 else if (!(s->options & SSL_OP_NO_SSLv2))
258 {
259 *(d++)=SSL2_VERSION_MAJOR;
260 *(d++)=SSL2_VERSION_MINOR;
261 s->client_version=SSL2_VERSION;
262 }
263 else
264 {
265 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
266 return(-1);
267 }
268
269 /* Ciphers supported */
270 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
271 if (i == 0)
272 {
273 /* no ciphers */
274 SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
275 return(-1);
276 }
277 s2n(i,d);
278 p+=i;
279
280 /* put in the session-id, zero since there is no
281 * reuse. */
282#if 0
283 s->session->session_id_length=0;
284#endif
285 s2n(0,d);
286
287 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
288 ch_len=SSL2_CHALLENGE_LENGTH;
289 else
290 ch_len=SSL2_MAX_CHALLENGE_LENGTH;
291
292 /* write out sslv2 challenge */
293 if (SSL3_RANDOM_SIZE < ch_len)
294 i=SSL3_RANDOM_SIZE;
295 else
296 i=ch_len;
297 s2n(i,d);
298 memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
299 RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
300 memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
301 p+=i;
302
303 i= p- &(buf[2]);
304 buf[0]=((i>>8)&0xff)|0x80;
305 buf[1]=(i&0xff);
306
307 s->state=SSL23_ST_CW_CLNT_HELLO_B;
308 /* number of bytes to write */
309 s->init_num=i+2;
310 s->init_off=0;
311
312 ssl3_finish_mac(s,&(buf[2]),i);
313 }
314
315 /* SSL3_ST_CW_CLNT_HELLO_B */
316 ret = ssl23_write_bytes(s);
317 if (ret >= 2)
318 if (s->msg_callback)
319 s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
320 return ret;
321 }
322
323static int ssl23_get_server_hello(SSL *s)
324 {
325 char buf[8];
326 unsigned char *p;
327 int i;
328 int n;
329
330 n=ssl23_read_bytes(s,7);
331
332 if (n != 7) return(n);
333 p=s->packet;
334
335 memcpy(buf,p,n);
336
337 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
338 (p[5] == 0x00) && (p[6] == 0x02))
339 {
340#ifdef OPENSSL_NO_SSL2
341 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
342 goto err;
343#else
344 /* we are talking sslv2 */
345 /* we need to clean up the SSLv3 setup and put in the
346 * sslv2 stuff. */
347 int ch_len;
348
349 if (s->options & SSL_OP_NO_SSLv2)
350 {
351 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
352 goto err;
353 }
354 if (s->s2 == NULL)
355 {
356 if (!ssl2_new(s))
357 goto err;
358 }
359 else
360 ssl2_clear(s);
361
362 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
363 ch_len=SSL2_CHALLENGE_LENGTH;
364 else
365 ch_len=SSL2_MAX_CHALLENGE_LENGTH;
366
367 /* write out sslv2 challenge */
368 i=(SSL3_RANDOM_SIZE < ch_len)
369 ?SSL3_RANDOM_SIZE:ch_len;
370 s->s2->challenge_length=i;
371 memcpy(s->s2->challenge,
372 &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
373
374 if (s->s3 != NULL) ssl3_free(s);
375
376 if (!BUF_MEM_grow_clean(s->init_buf,
377 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
378 {
379 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
380 goto err;
381 }
382
383 s->state=SSL2_ST_GET_SERVER_HELLO_A;
384 if (!(s->client_version == SSL2_VERSION))
385 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
386 s->s2->ssl2_rollback=1;
387
388 /* setup the 5 bytes we have read so we get them from
389 * the sslv2 buffer */
390 s->rstate=SSL_ST_READ_HEADER;
391 s->packet_length=n;
392 s->packet= &(s->s2->rbuf[0]);
393 memcpy(s->packet,buf,n);
394 s->s2->rbuf_left=n;
395 s->s2->rbuf_offs=0;
396
397 /* we have already written one */
398 s->s2->write_sequence=1;
399
400 s->method=SSLv2_client_method();
401 s->handshake_func=s->method->ssl_connect;
402#endif
403 }
404 else if ((p[0] == SSL3_RT_HANDSHAKE) &&
405 (p[1] == SSL3_VERSION_MAJOR) &&
406 ((p[2] == SSL3_VERSION_MINOR) ||
407 (p[2] == TLS1_VERSION_MINOR)) &&
408 (p[5] == SSL3_MT_SERVER_HELLO))
409 {
410 /* we have sslv3 or tls1 */
411
412 if (!ssl_init_wbio_buffer(s,1)) goto err;
413
414 /* we are in this state */
415 s->state=SSL3_ST_CR_SRVR_HELLO_A;
416
417 /* put the 5 bytes we have read into the input buffer
418 * for SSLv3 */
419 s->rstate=SSL_ST_READ_HEADER;
420 s->packet_length=n;
421 s->packet= &(s->s3->rbuf.buf[0]);
422 memcpy(s->packet,buf,n);
423 s->s3->rbuf.left=n;
424 s->s3->rbuf.offset=0;
425
426 if ((p[2] == SSL3_VERSION_MINOR) &&
427 !(s->options & SSL_OP_NO_SSLv3))
428 {
429 s->version=SSL3_VERSION;
430 s->method=SSLv3_client_method();
431 }
432 else if ((p[2] == TLS1_VERSION_MINOR) &&
433 !(s->options & SSL_OP_NO_TLSv1))
434 {
435 s->version=TLS1_VERSION;
436 s->method=TLSv1_client_method();
437 }
438 else
439 {
440 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
441 goto err;
442 }
443
444 s->handshake_func=s->method->ssl_connect;
445 }
446 else if ((p[0] == SSL3_RT_ALERT) &&
447 (p[1] == SSL3_VERSION_MAJOR) &&
448 ((p[2] == SSL3_VERSION_MINOR) ||
449 (p[2] == TLS1_VERSION_MINOR)) &&
450 (p[3] == 0) &&
451 (p[4] == 2))
452 {
453 void (*cb)(const SSL *ssl,int type,int val)=NULL;
454 int j;
455
456 /* An alert */
457 if (s->info_callback != NULL)
458 cb=s->info_callback;
459 else if (s->ctx->info_callback != NULL)
460 cb=s->ctx->info_callback;
461
462 i=p[5];
463 if (cb != NULL)
464 {
465 j=(i<<8)|p[6];
466 cb(s,SSL_CB_READ_ALERT,j);
467 }
468
469 s->rwstate=SSL_NOTHING;
470 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);
471 goto err;
472 }
473 else
474 {
475 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
476 goto err;
477 }
478 s->init_num=0;
479
480 /* Since, if we are sending a ssl23 client hello, we are not
481 * reusing a session-id */
482 if (!ssl_get_new_session(s,0))
483 goto err;
484
485 s->first_packet=1;
486 return(SSL_connect(s));
487err:
488 return(-1);
489 }
490
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
deleted file mode 100644
index b70002a647..0000000000
--- a/src/lib/libssl/s23_lib.c
+++ /dev/null
@@ -1,236 +0,0 @@
1/* ssl/s23_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include "ssl_locl.h"
62
63static int ssl23_num_ciphers(void );
64static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
65static int ssl23_read(SSL *s, void *buf, int len);
66static int ssl23_peek(SSL *s, void *buf, int len);
67static int ssl23_write(SSL *s, const void *buf, int len);
68static long ssl23_default_timeout(void );
69static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
70static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
71const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT;
72
73static SSL_METHOD SSLv23_data= {
74 TLS1_VERSION,
75 tls1_new,
76 tls1_clear,
77 tls1_free,
78 ssl_undefined_function,
79 ssl_undefined_function,
80 ssl23_read,
81 ssl23_peek,
82 ssl23_write,
83 ssl_undefined_function,
84 ssl_undefined_function,
85 ssl_ok,
86 ssl3_ctrl,
87 ssl3_ctx_ctrl,
88 ssl23_get_cipher_by_char,
89 ssl23_put_cipher_by_char,
90 ssl_undefined_function,
91 ssl23_num_ciphers,
92 ssl23_get_cipher,
93 ssl_bad_method,
94 ssl23_default_timeout,
95 &ssl3_undef_enc_method,
96 ssl_undefined_function,
97 ssl3_callback_ctrl,
98 ssl3_ctx_callback_ctrl,
99 };
100
101static long ssl23_default_timeout(void)
102 {
103 return(300);
104 }
105
106SSL_METHOD *sslv23_base_method(void)
107 {
108 return(&SSLv23_data);
109 }
110
111static int ssl23_num_ciphers(void)
112 {
113 return(ssl3_num_ciphers()
114#ifndef OPENSSL_NO_SSL2
115 + ssl2_num_ciphers()
116#endif
117 );
118 }
119
120static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
121 {
122 unsigned int uu=ssl3_num_ciphers();
123
124 if (u < uu)
125 return(ssl3_get_cipher(u));
126 else
127#ifndef OPENSSL_NO_SSL2
128 return(ssl2_get_cipher(u-uu));
129#else
130 return(NULL);
131#endif
132 }
133
134/* This function needs to check if the ciphers required are actually
135 * available */
136static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
137 {
138 SSL_CIPHER c,*cp;
139 unsigned long id;
140 int n;
141
142 n=ssl3_num_ciphers();
143 id=0x03000000|((unsigned long)p[0]<<16L)|
144 ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
145 c.id=id;
146 cp=ssl3_get_cipher_by_char(p);
147#ifndef OPENSSL_NO_SSL2
148 if (cp == NULL)
149 cp=ssl2_get_cipher_by_char(p);
150#endif
151 return(cp);
152 }
153
154static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
155 {
156 long l;
157
158 /* We can write SSLv2 and SSLv3 ciphers */
159 if (p != NULL)
160 {
161 l=c->id;
162 p[0]=((unsigned char)(l>>16L))&0xFF;
163 p[1]=((unsigned char)(l>> 8L))&0xFF;
164 p[2]=((unsigned char)(l ))&0xFF;
165 }
166 return(3);
167 }
168
169static int ssl23_read(SSL *s, void *buf, int len)
170 {
171 int n;
172
173 clear_sys_error();
174 if (SSL_in_init(s) && (!s->in_handshake))
175 {
176 n=s->handshake_func(s);
177 if (n < 0) return(n);
178 if (n == 0)
179 {
180 SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
181 return(-1);
182 }
183 return(SSL_read(s,buf,len));
184 }
185 else
186 {
187 ssl_undefined_function(s);
188 return(-1);
189 }
190 }
191
192static int ssl23_peek(SSL *s, void *buf, int len)
193 {
194 int n;
195
196 clear_sys_error();
197 if (SSL_in_init(s) && (!s->in_handshake))
198 {
199 n=s->handshake_func(s);
200 if (n < 0) return(n);
201 if (n == 0)
202 {
203 SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE);
204 return(-1);
205 }
206 return(SSL_peek(s,buf,len));
207 }
208 else
209 {
210 ssl_undefined_function(s);
211 return(-1);
212 }
213 }
214
215static int ssl23_write(SSL *s, const void *buf, int len)
216 {
217 int n;
218
219 clear_sys_error();
220 if (SSL_in_init(s) && (!s->in_handshake))
221 {
222 n=s->handshake_func(s);
223 if (n < 0) return(n);
224 if (n == 0)
225 {
226 SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
227 return(-1);
228 }
229 return(SSL_write(s,buf,len));
230 }
231 else
232 {
233 ssl_undefined_function(s);
234 return(-1);
235 }
236 }
diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c
deleted file mode 100644
index 4ca6a1b258..0000000000
--- a/src/lib/libssl/s23_pkt.c
+++ /dev/null
@@ -1,117 +0,0 @@
1/* ssl/s23_pkt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <errno.h>
61#define USE_SOCKETS
62#include "ssl_locl.h"
63#include <openssl/evp.h>
64#include <openssl/buffer.h>
65
66int ssl23_write_bytes(SSL *s)
67 {
68 int i,num,tot;
69 char *buf;
70
71 buf=s->init_buf->data;
72 tot=s->init_off;
73 num=s->init_num;
74 for (;;)
75 {
76 s->rwstate=SSL_WRITING;
77 i=BIO_write(s->wbio,&(buf[tot]),num);
78 if (i <= 0)
79 {
80 s->init_off=tot;
81 s->init_num=num;
82 return(i);
83 }
84 s->rwstate=SSL_NOTHING;
85 if (i == num) return(tot+i);
86
87 num-=i;
88 tot+=i;
89 }
90 }
91
92/* return regularly only when we have read (at least) 'n' bytes */
93int ssl23_read_bytes(SSL *s, int n)
94 {
95 unsigned char *p;
96 int j;
97
98 if (s->packet_length < (unsigned int)n)
99 {
100 p=s->packet;
101
102 for (;;)
103 {
104 s->rwstate=SSL_READING;
105 j=BIO_read(s->rbio,(char *)&(p[s->packet_length]),
106 n-s->packet_length);
107 if (j <= 0)
108 return(j);
109 s->rwstate=SSL_NOTHING;
110 s->packet_length+=j;
111 if (s->packet_length >= (unsigned int)n)
112 return(s->packet_length);
113 }
114 }
115 return(n);
116 }
117
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
deleted file mode 100644
index c5404ca0bc..0000000000
--- a/src/lib/libssl/s23_srvr.c
+++ /dev/null
@@ -1,596 +0,0 @@
1/* ssl/s23_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include "ssl_locl.h"
114#include <openssl/buffer.h>
115#include <openssl/rand.h>
116#include <openssl/objects.h>
117#include <openssl/evp.h>
118
119static SSL_METHOD *ssl23_get_server_method(int ver);
120int ssl23_get_client_hello(SSL *s);
121static SSL_METHOD *ssl23_get_server_method(int ver)
122 {
123#ifndef OPENSSL_NO_SSL2
124 if (ver == SSL2_VERSION)
125 return(SSLv2_server_method());
126#endif
127 if (ver == SSL3_VERSION)
128 return(SSLv3_server_method());
129 else if (ver == TLS1_VERSION)
130 return(TLSv1_server_method());
131 else
132 return(NULL);
133 }
134
135SSL_METHOD *SSLv23_server_method(void)
136 {
137 static int init=1;
138 static SSL_METHOD SSLv23_server_data;
139
140 if (init)
141 {
142 CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
143
144 if (init)
145 {
146 memcpy((char *)&SSLv23_server_data,
147 (char *)sslv23_base_method(),sizeof(SSL_METHOD));
148 SSLv23_server_data.ssl_accept=ssl23_accept;
149 SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
150 init=0;
151 }
152
153 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
154 }
155 return(&SSLv23_server_data);
156 }
157
158int ssl23_accept(SSL *s)
159 {
160 BUF_MEM *buf;
161 unsigned long Time=time(NULL);
162 void (*cb)(const SSL *ssl,int type,int val)=NULL;
163 int ret= -1;
164 int new_state,state;
165
166 RAND_add(&Time,sizeof(Time),0);
167 ERR_clear_error();
168 clear_sys_error();
169
170 if (s->info_callback != NULL)
171 cb=s->info_callback;
172 else if (s->ctx->info_callback != NULL)
173 cb=s->ctx->info_callback;
174
175 s->in_handshake++;
176 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
177
178 for (;;)
179 {
180 state=s->state;
181
182 switch(s->state)
183 {
184 case SSL_ST_BEFORE:
185 case SSL_ST_ACCEPT:
186 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
187 case SSL_ST_OK|SSL_ST_ACCEPT:
188
189 s->server=1;
190 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
191
192 /* s->version=SSL3_VERSION; */
193 s->type=SSL_ST_ACCEPT;
194
195 if (s->init_buf == NULL)
196 {
197 if ((buf=BUF_MEM_new()) == NULL)
198 {
199 ret= -1;
200 goto end;
201 }
202 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
203 {
204 ret= -1;
205 goto end;
206 }
207 s->init_buf=buf;
208 }
209
210 ssl3_init_finished_mac(s);
211
212 s->state=SSL23_ST_SR_CLNT_HELLO_A;
213 s->ctx->stats.sess_accept++;
214 s->init_num=0;
215 break;
216
217 case SSL23_ST_SR_CLNT_HELLO_A:
218 case SSL23_ST_SR_CLNT_HELLO_B:
219
220 s->shutdown=0;
221 ret=ssl23_get_client_hello(s);
222 if (ret >= 0) cb=NULL;
223 goto end;
224 /* break; */
225
226 default:
227 SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);
228 ret= -1;
229 goto end;
230 /* break; */
231 }
232
233 if ((cb != NULL) && (s->state != state))
234 {
235 new_state=s->state;
236 s->state=state;
237 cb(s,SSL_CB_ACCEPT_LOOP,1);
238 s->state=new_state;
239 }
240 }
241end:
242 s->in_handshake--;
243 if (cb != NULL)
244 cb(s,SSL_CB_ACCEPT_EXIT,ret);
245 return(ret);
246 }
247
248
249int ssl23_get_client_hello(SSL *s)
250 {
251 char buf_space[11]; /* Request this many bytes in initial read.
252 * We can detect SSL 3.0/TLS 1.0 Client Hellos
253 * ('type == 3') correctly only when the following
254 * is in a single record, which is not guaranteed by
255 * the protocol specification:
256 * Byte Content
257 * 0 type \
258 * 1/2 version > record header
259 * 3/4 length /
260 * 5 msg_type \
261 * 6-8 length > Client Hello message
262 * 9/10 client_version /
263 */
264 char *buf= &(buf_space[0]);
265 unsigned char *p,*d,*d_len,*dd;
266 unsigned int i;
267 unsigned int csl,sil,cl;
268 int n=0,j;
269 int type=0;
270 int v[2];
271#ifndef OPENSSL_NO_RSA
272 int use_sslv2_strong=0;
273#endif
274
275 if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
276 {
277 /* read the initial header */
278 v[0]=v[1]=0;
279
280 if (!ssl3_setup_buffers(s)) goto err;
281
282 n=ssl23_read_bytes(s, sizeof buf_space);
283 if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */
284
285 p=s->packet;
286
287 memcpy(buf,p,n);
288
289 if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO))
290 {
291 /*
292 * SSLv2 header
293 */
294 if ((p[3] == 0x00) && (p[4] == 0x02))
295 {
296 v[0]=p[3]; v[1]=p[4];
297 /* SSLv2 */
298 if (!(s->options & SSL_OP_NO_SSLv2))
299 type=1;
300 }
301 else if (p[3] == SSL3_VERSION_MAJOR)
302 {
303 v[0]=p[3]; v[1]=p[4];
304 /* SSLv3/TLSv1 */
305 if (p[4] >= TLS1_VERSION_MINOR)
306 {
307 if (!(s->options & SSL_OP_NO_TLSv1))
308 {
309 s->version=TLS1_VERSION;
310 /* type=2; */ /* done later to survive restarts */
311 s->state=SSL23_ST_SR_CLNT_HELLO_B;
312 }
313 else if (!(s->options & SSL_OP_NO_SSLv3))
314 {
315 s->version=SSL3_VERSION;
316 /* type=2; */
317 s->state=SSL23_ST_SR_CLNT_HELLO_B;
318 }
319 else if (!(s->options & SSL_OP_NO_SSLv2))
320 {
321 type=1;
322 }
323 }
324 else if (!(s->options & SSL_OP_NO_SSLv3))
325 {
326 s->version=SSL3_VERSION;
327 /* type=2; */
328 s->state=SSL23_ST_SR_CLNT_HELLO_B;
329 }
330 else if (!(s->options & SSL_OP_NO_SSLv2))
331 type=1;
332
333 }
334 }
335 else if ((p[0] == SSL3_RT_HANDSHAKE) &&
336 (p[1] == SSL3_VERSION_MAJOR) &&
337 (p[5] == SSL3_MT_CLIENT_HELLO) &&
338 ((p[3] == 0 && p[4] < 5 /* silly record length? */)
339 || (p[9] == p[1])))
340 {
341 /*
342 * SSLv3 or tls1 header
343 */
344
345 v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */
346 /* We must look at client_version inside the Client Hello message
347 * to get the correct minor version.
348 * However if we have only a pathologically small fragment of the
349 * Client Hello message, this would be difficult, and we'd have
350 * to read more records to find out.
351 * No known SSL 3.0 client fragments ClientHello like this,
352 * so we simply assume TLS 1.0 to avoid protocol version downgrade
353 * attacks. */
354 if (p[3] == 0 && p[4] < 6)
355 {
356#if 0
357 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
358 goto err;
359#else
360 v[1] = TLS1_VERSION_MINOR;
361#endif
362 }
363 else
364 v[1]=p[10]; /* minor version according to client_version */
365 if (v[1] >= TLS1_VERSION_MINOR)
366 {
367 if (!(s->options & SSL_OP_NO_TLSv1))
368 {
369 s->version=TLS1_VERSION;
370 type=3;
371 }
372 else if (!(s->options & SSL_OP_NO_SSLv3))
373 {
374 s->version=SSL3_VERSION;
375 type=3;
376 }
377 }
378 else
379 {
380 /* client requests SSL 3.0 */
381 if (!(s->options & SSL_OP_NO_SSLv3))
382 {
383 s->version=SSL3_VERSION;
384 type=3;
385 }
386 else if (!(s->options & SSL_OP_NO_TLSv1))
387 {
388 /* we won't be able to use TLS of course,
389 * but this will send an appropriate alert */
390 s->version=TLS1_VERSION;
391 type=3;
392 }
393 }
394 }
395 else if ((strncmp("GET ", (char *)p,4) == 0) ||
396 (strncmp("POST ",(char *)p,5) == 0) ||
397 (strncmp("HEAD ",(char *)p,5) == 0) ||
398 (strncmp("PUT ", (char *)p,4) == 0))
399 {
400 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST);
401 goto err;
402 }
403 else if (strncmp("CONNECT",(char *)p,7) == 0)
404 {
405 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
406 goto err;
407 }
408 }
409
410 if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
411 {
412 /* we have SSLv3/TLSv1 in an SSLv2 header
413 * (other cases skip this state) */
414
415 type=2;
416 p=s->packet;
417 v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
418 v[1] = p[4];
419
420 n=((p[0]&0x7f)<<8)|p[1];
421 if (n > (1024*4))
422 {
423 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
424 goto err;
425 }
426
427 j=ssl23_read_bytes(s,n+2);
428 if (j <= 0) return(j);
429
430 ssl3_finish_mac(s, s->packet+2, s->packet_length-2);
431 if (s->msg_callback)
432 s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
433
434 p=s->packet;
435 p+=5;
436 n2s(p,csl);
437 n2s(p,sil);
438 n2s(p,cl);
439 d=(unsigned char *)s->init_buf->data;
440 if ((csl+sil+cl+11) != s->packet_length)
441 {
442 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
443 goto err;
444 }
445
446 /* record header: msg_type ... */
447 *(d++) = SSL3_MT_CLIENT_HELLO;
448 /* ... and length (actual value will be written later) */
449 d_len = d;
450 d += 3;
451
452 /* client_version */
453 *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
454 *(d++) = v[1];
455
456 /* lets populate the random area */
457 /* get the challenge_length */
458 i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
459 memset(d,0,SSL3_RANDOM_SIZE);
460 memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
461 d+=SSL3_RANDOM_SIZE;
462
463 /* no session-id reuse */
464 *(d++)=0;
465
466 /* ciphers */
467 j=0;
468 dd=d;
469 d+=2;
470 for (i=0; i<csl; i+=3)
471 {
472 if (p[i] != 0) continue;
473 *(d++)=p[i+1];
474 *(d++)=p[i+2];
475 j+=2;
476 }
477 s2n(j,dd);
478
479 /* COMPRESSION */
480 *(d++)=1;
481 *(d++)=0;
482
483 i = (d-(unsigned char *)s->init_buf->data) - 4;
484 l2n3((long)i, d_len);
485
486 /* get the data reused from the init_buf */
487 s->s3->tmp.reuse_message=1;
488 s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO;
489 s->s3->tmp.message_size=i;
490 }
491
492 /* imaginary new state (for program structure): */
493 /* s->state = SSL23_SR_CLNT_HELLO_C */
494
495 if (type == 1)
496 {
497#ifdef OPENSSL_NO_SSL2
498 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
499 goto err;
500#else
501 /* we are talking sslv2 */
502 /* we need to clean up the SSLv3/TLSv1 setup and put in the
503 * sslv2 stuff. */
504
505 if (s->s2 == NULL)
506 {
507 if (!ssl2_new(s))
508 goto err;
509 }
510 else
511 ssl2_clear(s);
512
513 if (s->s3 != NULL) ssl3_free(s);
514
515 if (!BUF_MEM_grow_clean(s->init_buf,
516 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
517 {
518 goto err;
519 }
520
521 s->state=SSL2_ST_GET_CLIENT_HELLO_A;
522 if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
523 use_sslv2_strong ||
524 (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
525 s->s2->ssl2_rollback=0;
526 else
527 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
528 * (SSL 3.0 draft/RFC 2246, App. E.2) */
529 s->s2->ssl2_rollback=1;
530
531 /* setup the n bytes we have read so we get them from
532 * the sslv2 buffer */
533 s->rstate=SSL_ST_READ_HEADER;
534 s->packet_length=n;
535 s->packet= &(s->s2->rbuf[0]);
536 memcpy(s->packet,buf,n);
537 s->s2->rbuf_left=n;
538 s->s2->rbuf_offs=0;
539
540 s->method=SSLv2_server_method();
541 s->handshake_func=s->method->ssl_accept;
542#endif
543 }
544
545 if ((type == 2) || (type == 3))
546 {
547 /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
548
549 if (!ssl_init_wbio_buffer(s,1)) goto err;
550
551 /* we are in this state */
552 s->state=SSL3_ST_SR_CLNT_HELLO_A;
553
554 if (type == 3)
555 {
556 /* put the 'n' bytes we have read into the input buffer
557 * for SSLv3 */
558 s->rstate=SSL_ST_READ_HEADER;
559 s->packet_length=n;
560 s->packet= &(s->s3->rbuf.buf[0]);
561 memcpy(s->packet,buf,n);
562 s->s3->rbuf.left=n;
563 s->s3->rbuf.offset=0;
564 }
565 else
566 {
567 s->packet_length=0;
568 s->s3->rbuf.left=0;
569 s->s3->rbuf.offset=0;
570 }
571
572 if (s->version == TLS1_VERSION)
573 s->method = TLSv1_server_method();
574 else
575 s->method = SSLv3_server_method();
576#if 0 /* ssl3_get_client_hello does this */
577 s->client_version=(v[0]<<8)|v[1];
578#endif
579 s->handshake_func=s->method->ssl_accept;
580 }
581
582 if ((type < 1) || (type > 3))
583 {
584 /* bad, very bad */
585 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
586 goto err;
587 }
588 s->init_num=0;
589
590 if (buf != buf_space) OPENSSL_free(buf);
591 s->first_packet=1;
592 return(SSL_accept(s));
593err:
594 if (buf != buf_space) OPENSSL_free(buf);
595 return(-1);
596 }
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
deleted file mode 100644
index 64d317b7ac..0000000000
--- a/src/lib/libssl/s3_both.c
+++ /dev/null
@@ -1,635 +0,0 @@
1/* ssl/s3_both.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <limits.h>
113#include <string.h>
114#include <stdio.h>
115#include "ssl_locl.h"
116#include <openssl/buffer.h>
117#include <openssl/rand.h>
118#include <openssl/objects.h>
119#include <openssl/evp.h>
120#include <openssl/x509.h>
121
122/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
123int ssl3_do_write(SSL *s, int type)
124 {
125 int ret;
126
127 ret=ssl3_write_bytes(s,type,&s->init_buf->data[s->init_off],
128 s->init_num);
129 if (ret < 0) return(-1);
130 if (type == SSL3_RT_HANDSHAKE)
131 /* should not be done for 'Hello Request's, but in that case
132 * we'll ignore the result anyway */
133 ssl3_finish_mac(s,(unsigned char *)&s->init_buf->data[s->init_off],ret);
134
135 if (ret == s->init_num)
136 {
137 if (s->msg_callback)
138 s->msg_callback(1, s->version, type, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
139 return(1);
140 }
141 s->init_off+=ret;
142 s->init_num-=ret;
143 return(0);
144 }
145
146int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
147 {
148 unsigned char *p,*d;
149 int i;
150 unsigned long l;
151
152 if (s->state == a)
153 {
154 d=(unsigned char *)s->init_buf->data;
155 p= &(d[4]);
156
157 i=s->method->ssl3_enc->final_finish_mac(s,
158 &(s->s3->finish_dgst1),
159 &(s->s3->finish_dgst2),
160 sender,slen,s->s3->tmp.finish_md);
161 s->s3->tmp.finish_md_len = i;
162 memcpy(p, s->s3->tmp.finish_md, i);
163 p+=i;
164 l=i;
165
166#ifdef OPENSSL_SYS_WIN16
167 /* MSVC 1.5 does not clear the top bytes of the word unless
168 * I do this.
169 */
170 l&=0xffff;
171#endif
172
173 *(d++)=SSL3_MT_FINISHED;
174 l2n3(l,d);
175 s->init_num=(int)l+4;
176 s->init_off=0;
177
178 s->state=b;
179 }
180
181 /* SSL3_ST_SEND_xxxxxx_HELLO_B */
182 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
183 }
184
185int ssl3_get_finished(SSL *s, int a, int b)
186 {
187 int al,i,ok;
188 long n;
189 unsigned char *p;
190
191 /* the mac has already been generated when we received the
192 * change cipher spec message and is in s->s3->tmp.peer_finish_md
193 */
194
195 n=ssl3_get_message(s,
196 a,
197 b,
198 SSL3_MT_FINISHED,
199 64, /* should actually be 36+4 :-) */
200 &ok);
201
202 if (!ok) return((int)n);
203
204 /* If this occurs, we have missed a message */
205 if (!s->s3->change_cipher_spec)
206 {
207 al=SSL_AD_UNEXPECTED_MESSAGE;
208 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS);
209 goto f_err;
210 }
211 s->s3->change_cipher_spec=0;
212
213 p = (unsigned char *)s->init_msg;
214 i = s->s3->tmp.peer_finish_md_len;
215
216 if (i != n)
217 {
218 al=SSL_AD_DECODE_ERROR;
219 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH);
220 goto f_err;
221 }
222
223 if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
224 {
225 al=SSL_AD_DECRYPT_ERROR;
226 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
227 goto f_err;
228 }
229
230 return(1);
231f_err:
232 ssl3_send_alert(s,SSL3_AL_FATAL,al);
233 return(0);
234 }
235
236/* for these 2 messages, we need to
237 * ssl->enc_read_ctx re-init
238 * ssl->s3->read_sequence zero
239 * ssl->s3->read_mac_secret re-init
240 * ssl->session->read_sym_enc assign
241 * ssl->session->read_compression assign
242 * ssl->session->read_hash assign
243 */
244int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
245 {
246 unsigned char *p;
247
248 if (s->state == a)
249 {
250 p=(unsigned char *)s->init_buf->data;
251 *p=SSL3_MT_CCS;
252 s->init_num=1;
253 s->init_off=0;
254
255 s->state=b;
256 }
257
258 /* SSL3_ST_CW_CHANGE_B */
259 return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
260 }
261
262unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
263 {
264 unsigned char *p;
265 int n,i;
266 unsigned long l=7;
267 BUF_MEM *buf;
268 X509_STORE_CTX xs_ctx;
269 X509_OBJECT obj;
270
271 int no_chain;
272
273 if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
274 no_chain = 1;
275 else
276 no_chain = 0;
277
278 /* TLSv1 sends a chain with nothing in it, instead of an alert */
279 buf=s->init_buf;
280 if (!BUF_MEM_grow_clean(buf,10))
281 {
282 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
283 return(0);
284 }
285 if (x != NULL)
286 {
287 if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
288 {
289 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
290 return(0);
291 }
292
293 for (;;)
294 {
295 n=i2d_X509(x,NULL);
296 if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
297 {
298 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
299 return(0);
300 }
301 p=(unsigned char *)&(buf->data[l]);
302 l2n3(n,p);
303 i2d_X509(x,&p);
304 l+=n+3;
305
306 if (no_chain)
307 break;
308
309 if (X509_NAME_cmp(X509_get_subject_name(x),
310 X509_get_issuer_name(x)) == 0) break;
311
312 i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
313 X509_get_issuer_name(x),&obj);
314 if (i <= 0) break;
315 x=obj.data.x509;
316 /* Count is one too high since the X509_STORE_get uped the
317 * ref count */
318 X509_free(x);
319 }
320 if (!no_chain)
321 X509_STORE_CTX_cleanup(&xs_ctx);
322 }
323
324 /* Thawte special :-) */
325 if (s->ctx->extra_certs != NULL)
326 for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
327 {
328 x=sk_X509_value(s->ctx->extra_certs,i);
329 n=i2d_X509(x,NULL);
330 if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
331 {
332 SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
333 return(0);
334 }
335 p=(unsigned char *)&(buf->data[l]);
336 l2n3(n,p);
337 i2d_X509(x,&p);
338 l+=n+3;
339 }
340
341 l-=7;
342 p=(unsigned char *)&(buf->data[4]);
343 l2n3(l,p);
344 l+=3;
345 p=(unsigned char *)&(buf->data[0]);
346 *(p++)=SSL3_MT_CERTIFICATE;
347 l2n3(l,p);
348 l+=4;
349 return(l);
350 }
351
352/* Obtain handshake message of message type 'mt' (any if mt == -1),
353 * maximum acceptable body length 'max'.
354 * The first four bytes (msg_type and length) are read in state 'st1',
355 * the body is read in state 'stn'.
356 */
357long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
358 {
359 unsigned char *p;
360 unsigned long l;
361 long n;
362 int i,al;
363
364 if (s->s3->tmp.reuse_message)
365 {
366 s->s3->tmp.reuse_message=0;
367 if ((mt >= 0) && (s->s3->tmp.message_type != mt))
368 {
369 al=SSL_AD_UNEXPECTED_MESSAGE;
370 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
371 goto f_err;
372 }
373 *ok=1;
374 s->init_msg = s->init_buf->data + 4;
375 s->init_num = (int)s->s3->tmp.message_size;
376 return s->init_num;
377 }
378
379 p=(unsigned char *)s->init_buf->data;
380
381 if (s->state == st1) /* s->init_num < 4 */
382 {
383 int skip_message;
384
385 do
386 {
387 while (s->init_num < 4)
388 {
389 i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],
390 4 - s->init_num, 0);
391 if (i <= 0)
392 {
393 s->rwstate=SSL_READING;
394 *ok = 0;
395 return i;
396 }
397 s->init_num+=i;
398 }
399
400 skip_message = 0;
401 if (!s->server)
402 if (p[0] == SSL3_MT_HELLO_REQUEST)
403 /* The server may always send 'Hello Request' messages --
404 * we are doing a handshake anyway now, so ignore them
405 * if their format is correct. Does not count for
406 * 'Finished' MAC. */
407 if (p[1] == 0 && p[2] == 0 &&p[3] == 0)
408 {
409 s->init_num = 0;
410 skip_message = 1;
411
412 if (s->msg_callback)
413 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, 4, s, s->msg_callback_arg);
414 }
415 }
416 while (skip_message);
417
418 /* s->init_num == 4 */
419
420 if ((mt >= 0) && (*p != mt))
421 {
422 al=SSL_AD_UNEXPECTED_MESSAGE;
423 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
424 goto f_err;
425 }
426 if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
427 (st1 == SSL3_ST_SR_CERT_A) &&
428 (stn == SSL3_ST_SR_CERT_B))
429 {
430 /* At this point we have got an MS SGC second client
431 * hello (maybe we should always allow the client to
432 * start a new handshake?). We need to restart the mac.
433 * Don't increment {num,total}_renegotiations because
434 * we have not completed the handshake. */
435 ssl3_init_finished_mac(s);
436 }
437
438 s->s3->tmp.message_type= *(p++);
439
440 n2l3(p,l);
441 if (l > (unsigned long)max)
442 {
443 al=SSL_AD_ILLEGAL_PARAMETER;
444 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
445 goto f_err;
446 }
447 if (l > (INT_MAX-4)) /* BUF_MEM_grow takes an 'int' parameter */
448 {
449 al=SSL_AD_ILLEGAL_PARAMETER;
450 SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
451 goto f_err;
452 }
453 if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l+4))
454 {
455 SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
456 goto err;
457 }
458 s->s3->tmp.message_size=l;
459 s->state=stn;
460
461 s->init_msg = s->init_buf->data + 4;
462 s->init_num = 0;
463 }
464
465 /* next state (stn) */
466 p = s->init_msg;
467 n = s->s3->tmp.message_size - s->init_num;
468 while (n > 0)
469 {
470 i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0);
471 if (i <= 0)
472 {
473 s->rwstate=SSL_READING;
474 *ok = 0;
475 return i;
476 }
477 s->init_num += i;
478 n -= i;
479 }
480 ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
481 if (s->msg_callback)
482 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg);
483 *ok=1;
484 return s->init_num;
485f_err:
486 ssl3_send_alert(s,SSL3_AL_FATAL,al);
487err:
488 *ok=0;
489 return(-1);
490 }
491
492int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
493 {
494 EVP_PKEY *pk;
495 int ret= -1,i,j;
496
497 if (pkey == NULL)
498 pk=X509_get_pubkey(x);
499 else
500 pk=pkey;
501 if (pk == NULL) goto err;
502
503 i=pk->type;
504 if (i == EVP_PKEY_RSA)
505 {
506 ret=SSL_PKEY_RSA_ENC;
507 if (x != NULL)
508 {
509 j=X509_get_ext_count(x);
510 /* check to see if this is a signing only certificate */
511 /* EAY EAY EAY EAY */
512 }
513 }
514 else if (i == EVP_PKEY_DSA)
515 {
516 ret=SSL_PKEY_DSA_SIGN;
517 }
518 else if (i == EVP_PKEY_DH)
519 {
520 /* if we just have a key, we needs to be guess */
521
522 if (x == NULL)
523 ret=SSL_PKEY_DH_DSA;
524 else
525 {
526 j=X509_get_signature_type(x);
527 if (j == EVP_PKEY_RSA)
528 ret=SSL_PKEY_DH_RSA;
529 else if (j== EVP_PKEY_DSA)
530 ret=SSL_PKEY_DH_DSA;
531 else ret= -1;
532 }
533 }
534 else
535 ret= -1;
536
537err:
538 if(!pkey) EVP_PKEY_free(pk);
539 return(ret);
540 }
541
542int ssl_verify_alarm_type(long type)
543 {
544 int al;
545
546 switch(type)
547 {
548 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
549 case X509_V_ERR_UNABLE_TO_GET_CRL:
550 case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
551 al=SSL_AD_UNKNOWN_CA;
552 break;
553 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
554 case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
555 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
556 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
557 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
558 case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
559 case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
560 case X509_V_ERR_CERT_NOT_YET_VALID:
561 case X509_V_ERR_CRL_NOT_YET_VALID:
562 case X509_V_ERR_CERT_UNTRUSTED:
563 case X509_V_ERR_CERT_REJECTED:
564 al=SSL_AD_BAD_CERTIFICATE;
565 break;
566 case X509_V_ERR_CERT_SIGNATURE_FAILURE:
567 case X509_V_ERR_CRL_SIGNATURE_FAILURE:
568 al=SSL_AD_DECRYPT_ERROR;
569 break;
570 case X509_V_ERR_CERT_HAS_EXPIRED:
571 case X509_V_ERR_CRL_HAS_EXPIRED:
572 al=SSL_AD_CERTIFICATE_EXPIRED;
573 break;
574 case X509_V_ERR_CERT_REVOKED:
575 al=SSL_AD_CERTIFICATE_REVOKED;
576 break;
577 case X509_V_ERR_OUT_OF_MEM:
578 al=SSL_AD_INTERNAL_ERROR;
579 break;
580 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
581 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
582 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
583 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
584 case X509_V_ERR_CERT_CHAIN_TOO_LONG:
585 case X509_V_ERR_PATH_LENGTH_EXCEEDED:
586 case X509_V_ERR_INVALID_CA:
587 al=SSL_AD_UNKNOWN_CA;
588 break;
589 case X509_V_ERR_APPLICATION_VERIFICATION:
590 al=SSL_AD_HANDSHAKE_FAILURE;
591 break;
592 case X509_V_ERR_INVALID_PURPOSE:
593 al=SSL_AD_UNSUPPORTED_CERTIFICATE;
594 break;
595 default:
596 al=SSL_AD_CERTIFICATE_UNKNOWN;
597 break;
598 }
599 return(al);
600 }
601
602int ssl3_setup_buffers(SSL *s)
603 {
604 unsigned char *p;
605 unsigned int extra;
606 size_t len;
607
608 if (s->s3->rbuf.buf == NULL)
609 {
610 if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
611 extra=SSL3_RT_MAX_EXTRA;
612 else
613 extra=0;
614 len = SSL3_RT_MAX_PACKET_SIZE + extra;
615 if ((p=OPENSSL_malloc(len)) == NULL)
616 goto err;
617 s->s3->rbuf.buf = p;
618 s->s3->rbuf.len = len;
619 }
620
621 if (s->s3->wbuf.buf == NULL)
622 {
623 len = SSL3_RT_MAX_PACKET_SIZE;
624 len += SSL3_RT_HEADER_LENGTH + 256; /* extra space for empty fragment */
625 if ((p=OPENSSL_malloc(len)) == NULL)
626 goto err;
627 s->s3->wbuf.buf = p;
628 s->s3->wbuf.len = len;
629 }
630 s->packet= &(s->s3->rbuf.buf[0]);
631 return(1);
632err:
633 SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
634 return(0);
635 }
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
deleted file mode 100644
index d51b60e343..0000000000
--- a/src/lib/libssl/s3_clnt.c
+++ /dev/null
@@ -1,1980 +0,0 @@
1/* ssl/s3_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include "ssl_locl.h"
114#include "kssl_lcl.h"
115#include <openssl/buffer.h>
116#include <openssl/rand.h>
117#include <openssl/objects.h>
118#include <openssl/evp.h>
119#include <openssl/md5.h>
120
121static SSL_METHOD *ssl3_get_client_method(int ver);
122static int ssl3_client_hello(SSL *s);
123static int ssl3_get_server_hello(SSL *s);
124static int ssl3_get_certificate_request(SSL *s);
125static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
126static int ssl3_get_server_done(SSL *s);
127static int ssl3_send_client_verify(SSL *s);
128static int ssl3_send_client_certificate(SSL *s);
129static int ssl3_send_client_key_exchange(SSL *s);
130static int ssl3_get_key_exchange(SSL *s);
131static int ssl3_get_server_certificate(SSL *s);
132static int ssl3_check_cert_and_algorithm(SSL *s);
133static SSL_METHOD *ssl3_get_client_method(int ver)
134 {
135 if (ver == SSL3_VERSION)
136 return(SSLv3_client_method());
137 else
138 return(NULL);
139 }
140
141SSL_METHOD *SSLv3_client_method(void)
142 {
143 static int init=1;
144 static SSL_METHOD SSLv3_client_data;
145
146 if (init)
147 {
148 CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
149
150 if (init)
151 {
152 memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
153 sizeof(SSL_METHOD));
154 SSLv3_client_data.ssl_connect=ssl3_connect;
155 SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
156 init=0;
157 }
158
159 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
160 }
161 return(&SSLv3_client_data);
162 }
163
164int ssl3_connect(SSL *s)
165 {
166 BUF_MEM *buf=NULL;
167 unsigned long Time=time(NULL),l;
168 long num1;
169 void (*cb)(const SSL *ssl,int type,int val)=NULL;
170 int ret= -1;
171 int new_state,state,skip=0;
172
173 RAND_add(&Time,sizeof(Time),0);
174 ERR_clear_error();
175 clear_sys_error();
176
177 if (s->info_callback != NULL)
178 cb=s->info_callback;
179 else if (s->ctx->info_callback != NULL)
180 cb=s->ctx->info_callback;
181
182 s->in_handshake++;
183 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
184
185 for (;;)
186 {
187 state=s->state;
188
189 switch(s->state)
190 {
191 case SSL_ST_RENEGOTIATE:
192 s->new_session=1;
193 s->state=SSL_ST_CONNECT;
194 s->ctx->stats.sess_connect_renegotiate++;
195 /* break */
196 case SSL_ST_BEFORE:
197 case SSL_ST_CONNECT:
198 case SSL_ST_BEFORE|SSL_ST_CONNECT:
199 case SSL_ST_OK|SSL_ST_CONNECT:
200
201 s->server=0;
202 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
203
204 if ((s->version & 0xff00 ) != 0x0300)
205 {
206 SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
207 ret = -1;
208 goto end;
209 }
210
211 /* s->version=SSL3_VERSION; */
212 s->type=SSL_ST_CONNECT;
213
214 if (s->init_buf == NULL)
215 {
216 if ((buf=BUF_MEM_new()) == NULL)
217 {
218 ret= -1;
219 goto end;
220 }
221 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
222 {
223 ret= -1;
224 goto end;
225 }
226 s->init_buf=buf;
227 buf=NULL;
228 }
229
230 if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
231
232 /* setup buffing BIO */
233 if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
234
235 /* don't push the buffering BIO quite yet */
236
237 ssl3_init_finished_mac(s);
238
239 s->state=SSL3_ST_CW_CLNT_HELLO_A;
240 s->ctx->stats.sess_connect++;
241 s->init_num=0;
242 break;
243
244 case SSL3_ST_CW_CLNT_HELLO_A:
245 case SSL3_ST_CW_CLNT_HELLO_B:
246
247 s->shutdown=0;
248 ret=ssl3_client_hello(s);
249 if (ret <= 0) goto end;
250 s->state=SSL3_ST_CR_SRVR_HELLO_A;
251 s->init_num=0;
252
253 /* turn on buffering for the next lot of output */
254 if (s->bbio != s->wbio)
255 s->wbio=BIO_push(s->bbio,s->wbio);
256
257 break;
258
259 case SSL3_ST_CR_SRVR_HELLO_A:
260 case SSL3_ST_CR_SRVR_HELLO_B:
261 ret=ssl3_get_server_hello(s);
262 if (ret <= 0) goto end;
263 if (s->hit)
264 s->state=SSL3_ST_CR_FINISHED_A;
265 else
266 s->state=SSL3_ST_CR_CERT_A;
267 s->init_num=0;
268 break;
269
270 case SSL3_ST_CR_CERT_A:
271 case SSL3_ST_CR_CERT_B:
272 /* Check if it is anon DH */
273 if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
274 {
275 ret=ssl3_get_server_certificate(s);
276 if (ret <= 0) goto end;
277 }
278 else
279 skip=1;
280 s->state=SSL3_ST_CR_KEY_EXCH_A;
281 s->init_num=0;
282 break;
283
284 case SSL3_ST_CR_KEY_EXCH_A:
285 case SSL3_ST_CR_KEY_EXCH_B:
286 ret=ssl3_get_key_exchange(s);
287 if (ret <= 0) goto end;
288 s->state=SSL3_ST_CR_CERT_REQ_A;
289 s->init_num=0;
290
291 /* at this point we check that we have the
292 * required stuff from the server */
293 if (!ssl3_check_cert_and_algorithm(s))
294 {
295 ret= -1;
296 goto end;
297 }
298 break;
299
300 case SSL3_ST_CR_CERT_REQ_A:
301 case SSL3_ST_CR_CERT_REQ_B:
302 ret=ssl3_get_certificate_request(s);
303 if (ret <= 0) goto end;
304 s->state=SSL3_ST_CR_SRVR_DONE_A;
305 s->init_num=0;
306 break;
307
308 case SSL3_ST_CR_SRVR_DONE_A:
309 case SSL3_ST_CR_SRVR_DONE_B:
310 ret=ssl3_get_server_done(s);
311 if (ret <= 0) goto end;
312 if (s->s3->tmp.cert_req)
313 s->state=SSL3_ST_CW_CERT_A;
314 else
315 s->state=SSL3_ST_CW_KEY_EXCH_A;
316 s->init_num=0;
317
318 break;
319
320 case SSL3_ST_CW_CERT_A:
321 case SSL3_ST_CW_CERT_B:
322 case SSL3_ST_CW_CERT_C:
323 case SSL3_ST_CW_CERT_D:
324 ret=ssl3_send_client_certificate(s);
325 if (ret <= 0) goto end;
326 s->state=SSL3_ST_CW_KEY_EXCH_A;
327 s->init_num=0;
328 break;
329
330 case SSL3_ST_CW_KEY_EXCH_A:
331 case SSL3_ST_CW_KEY_EXCH_B:
332 ret=ssl3_send_client_key_exchange(s);
333 if (ret <= 0) goto end;
334 l=s->s3->tmp.new_cipher->algorithms;
335 /* EAY EAY EAY need to check for DH fix cert
336 * sent back */
337 /* For TLS, cert_req is set to 2, so a cert chain
338 * of nothing is sent, but no verify packet is sent */
339 if (s->s3->tmp.cert_req == 1)
340 {
341 s->state=SSL3_ST_CW_CERT_VRFY_A;
342 }
343 else
344 {
345 s->state=SSL3_ST_CW_CHANGE_A;
346 s->s3->change_cipher_spec=0;
347 }
348
349 s->init_num=0;
350 break;
351
352 case SSL3_ST_CW_CERT_VRFY_A:
353 case SSL3_ST_CW_CERT_VRFY_B:
354 ret=ssl3_send_client_verify(s);
355 if (ret <= 0) goto end;
356 s->state=SSL3_ST_CW_CHANGE_A;
357 s->init_num=0;
358 s->s3->change_cipher_spec=0;
359 break;
360
361 case SSL3_ST_CW_CHANGE_A:
362 case SSL3_ST_CW_CHANGE_B:
363 ret=ssl3_send_change_cipher_spec(s,
364 SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
365 if (ret <= 0) goto end;
366 s->state=SSL3_ST_CW_FINISHED_A;
367 s->init_num=0;
368
369 s->session->cipher=s->s3->tmp.new_cipher;
370 if (s->s3->tmp.new_compression == NULL)
371 s->session->compress_meth=0;
372 else
373 s->session->compress_meth=
374 s->s3->tmp.new_compression->id;
375 if (!s->method->ssl3_enc->setup_key_block(s))
376 {
377 ret= -1;
378 goto end;
379 }
380
381 if (!s->method->ssl3_enc->change_cipher_state(s,
382 SSL3_CHANGE_CIPHER_CLIENT_WRITE))
383 {
384 ret= -1;
385 goto end;
386 }
387
388 break;
389
390 case SSL3_ST_CW_FINISHED_A:
391 case SSL3_ST_CW_FINISHED_B:
392 ret=ssl3_send_finished(s,
393 SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
394 s->method->ssl3_enc->client_finished_label,
395 s->method->ssl3_enc->client_finished_label_len);
396 if (ret <= 0) goto end;
397 s->state=SSL3_ST_CW_FLUSH;
398
399 /* clear flags */
400 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
401 if (s->hit)
402 {
403 s->s3->tmp.next_state=SSL_ST_OK;
404 if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
405 {
406 s->state=SSL_ST_OK;
407 s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
408 s->s3->delay_buf_pop_ret=0;
409 }
410 }
411 else
412 {
413 s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
414 }
415 s->init_num=0;
416 break;
417
418 case SSL3_ST_CR_FINISHED_A:
419 case SSL3_ST_CR_FINISHED_B:
420
421 ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
422 SSL3_ST_CR_FINISHED_B);
423 if (ret <= 0) goto end;
424
425 if (s->hit)
426 s->state=SSL3_ST_CW_CHANGE_A;
427 else
428 s->state=SSL_ST_OK;
429 s->init_num=0;
430 break;
431
432 case SSL3_ST_CW_FLUSH:
433 /* number of bytes to be flushed */
434 num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
435 if (num1 > 0)
436 {
437 s->rwstate=SSL_WRITING;
438 num1=BIO_flush(s->wbio);
439 if (num1 <= 0) { ret= -1; goto end; }
440 s->rwstate=SSL_NOTHING;
441 }
442
443 s->state=s->s3->tmp.next_state;
444 break;
445
446 case SSL_ST_OK:
447 /* clean a few things up */
448 ssl3_cleanup_key_block(s);
449
450 if (s->init_buf != NULL)
451 {
452 BUF_MEM_free(s->init_buf);
453 s->init_buf=NULL;
454 }
455
456 /* If we are not 'joining' the last two packets,
457 * remove the buffering now */
458 if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
459 ssl_free_wbio_buffer(s);
460 /* else do it later in ssl3_write */
461
462 s->init_num=0;
463 s->new_session=0;
464
465 ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
466 if (s->hit) s->ctx->stats.sess_hit++;
467
468 ret=1;
469 /* s->server=0; */
470 s->handshake_func=ssl3_connect;
471 s->ctx->stats.sess_connect_good++;
472
473 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
474
475 goto end;
476 /* break; */
477
478 default:
479 SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
480 ret= -1;
481 goto end;
482 /* break; */
483 }
484
485 /* did we do anything */
486 if (!s->s3->tmp.reuse_message && !skip)
487 {
488 if (s->debug)
489 {
490 if ((ret=BIO_flush(s->wbio)) <= 0)
491 goto end;
492 }
493
494 if ((cb != NULL) && (s->state != state))
495 {
496 new_state=s->state;
497 s->state=state;
498 cb(s,SSL_CB_CONNECT_LOOP,1);
499 s->state=new_state;
500 }
501 }
502 skip=0;
503 }
504end:
505 s->in_handshake--;
506 if (buf != NULL)
507 BUF_MEM_free(buf);
508 if (cb != NULL)
509 cb(s,SSL_CB_CONNECT_EXIT,ret);
510 return(ret);
511 }
512
513
514static int ssl3_client_hello(SSL *s)
515 {
516 unsigned char *buf;
517 unsigned char *p,*d;
518 int i,j;
519 unsigned long Time,l;
520 SSL_COMP *comp;
521
522 buf=(unsigned char *)s->init_buf->data;
523 if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
524 {
525 if ((s->session == NULL) ||
526 (s->session->ssl_version != s->version) ||
527 (s->session->not_resumable))
528 {
529 if (!ssl_get_new_session(s,0))
530 goto err;
531 }
532 /* else use the pre-loaded session */
533
534 p=s->s3->client_random;
535 Time=time(NULL); /* Time */
536 l2n(Time,p);
537 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
538
539 /* Do the message type and length last */
540 d=p= &(buf[4]);
541
542 *(p++)=s->version>>8;
543 *(p++)=s->version&0xff;
544 s->client_version=s->version;
545
546 /* Random stuff */
547 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
548 p+=SSL3_RANDOM_SIZE;
549
550 /* Session ID */
551 if (s->new_session)
552 i=0;
553 else
554 i=s->session->session_id_length;
555 *(p++)=i;
556 if (i != 0)
557 {
558 if (i > sizeof s->session->session_id)
559 {
560 SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
561 goto err;
562 }
563 memcpy(p,s->session->session_id,i);
564 p+=i;
565 }
566
567 /* Ciphers supported */
568 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
569 if (i == 0)
570 {
571 SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
572 goto err;
573 }
574 s2n(i,p);
575 p+=i;
576
577 /* COMPRESSION */
578 if (s->ctx->comp_methods == NULL)
579 j=0;
580 else
581 j=sk_SSL_COMP_num(s->ctx->comp_methods);
582 *(p++)=1+j;
583 for (i=0; i<j; i++)
584 {
585 comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
586 *(p++)=comp->id;
587 }
588 *(p++)=0; /* Add the NULL method */
589
590 l=(p-d);
591 d=buf;
592 *(d++)=SSL3_MT_CLIENT_HELLO;
593 l2n3(l,d);
594
595 s->state=SSL3_ST_CW_CLNT_HELLO_B;
596 /* number of bytes to write */
597 s->init_num=p-buf;
598 s->init_off=0;
599 }
600
601 /* SSL3_ST_CW_CLNT_HELLO_B */
602 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
603err:
604 return(-1);
605 }
606
607static int ssl3_get_server_hello(SSL *s)
608 {
609 STACK_OF(SSL_CIPHER) *sk;
610 SSL_CIPHER *c;
611 unsigned char *p,*d;
612 int i,al,ok;
613 unsigned int j;
614 long n;
615 SSL_COMP *comp;
616
617 n=ssl3_get_message(s,
618 SSL3_ST_CR_SRVR_HELLO_A,
619 SSL3_ST_CR_SRVR_HELLO_B,
620 SSL3_MT_SERVER_HELLO,
621 300, /* ?? */
622 &ok);
623
624 if (!ok) return((int)n);
625 d=p=(unsigned char *)s->init_msg;
626
627 if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
628 {
629 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
630 s->version=(s->version&0xff00)|p[1];
631 al=SSL_AD_PROTOCOL_VERSION;
632 goto f_err;
633 }
634 p+=2;
635
636 /* load the server hello data */
637 /* load the server random */
638 memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE);
639 p+=SSL3_RANDOM_SIZE;
640
641 /* get the session-id */
642 j= *(p++);
643
644 if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE))
645 {
646 al=SSL_AD_ILLEGAL_PARAMETER;
647 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);
648 goto f_err;
649 }
650
651 if (j != 0 && j == s->session->session_id_length
652 && memcmp(p,s->session->session_id,j) == 0)
653 {
654 if(s->sid_ctx_length != s->session->sid_ctx_length
655 || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
656 {
657 /* actually a client application bug */
658 al=SSL_AD_ILLEGAL_PARAMETER;
659 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
660 goto f_err;
661 }
662 s->hit=1;
663 }
664 else /* a miss or crap from the other end */
665 {
666 /* If we were trying for session-id reuse, make a new
667 * SSL_SESSION so we don't stuff up other people */
668 s->hit=0;
669 if (s->session->session_id_length > 0)
670 {
671 if (!ssl_get_new_session(s,0))
672 {
673 al=SSL_AD_INTERNAL_ERROR;
674 goto f_err;
675 }
676 }
677 s->session->session_id_length=j;
678 memcpy(s->session->session_id,p,j); /* j could be 0 */
679 }
680 p+=j;
681 c=ssl_get_cipher_by_char(s,p);
682 if (c == NULL)
683 {
684 /* unknown cipher */
685 al=SSL_AD_ILLEGAL_PARAMETER;
686 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
687 goto f_err;
688 }
689 p+=ssl_put_cipher_by_char(s,NULL,NULL);
690
691 sk=ssl_get_ciphers_by_id(s);
692 i=sk_SSL_CIPHER_find(sk,c);
693 if (i < 0)
694 {
695 /* we did not say we would use this cipher */
696 al=SSL_AD_ILLEGAL_PARAMETER;
697 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
698 goto f_err;
699 }
700
701 /* Depending on the session caching (internal/external), the cipher
702 and/or cipher_id values may not be set. Make sure that
703 cipher_id is set and use it for comparison. */
704 if (s->session->cipher)
705 s->session->cipher_id = s->session->cipher->id;
706 if (s->hit && (s->session->cipher_id != c->id))
707 {
708 if (!(s->options &
709 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
710 {
711 al=SSL_AD_ILLEGAL_PARAMETER;
712 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
713 goto f_err;
714 }
715 }
716 s->s3->tmp.new_cipher=c;
717
718 /* lets get the compression algorithm */
719 /* COMPRESSION */
720 j= *(p++);
721 if (j == 0)
722 comp=NULL;
723 else
724 comp=ssl3_comp_find(s->ctx->comp_methods,j);
725
726 if ((j != 0) && (comp == NULL))
727 {
728 al=SSL_AD_ILLEGAL_PARAMETER;
729 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
730 goto f_err;
731 }
732 else
733 {
734 s->s3->tmp.new_compression=comp;
735 }
736
737 if (p != (d+n))
738 {
739 /* wrong packet length */
740 al=SSL_AD_DECODE_ERROR;
741 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
742 goto err;
743 }
744
745 return(1);
746f_err:
747 ssl3_send_alert(s,SSL3_AL_FATAL,al);
748err:
749 return(-1);
750 }
751
752static int ssl3_get_server_certificate(SSL *s)
753 {
754 int al,i,ok,ret= -1;
755 unsigned long n,nc,llen,l;
756 X509 *x=NULL;
757 unsigned char *p,*d,*q;
758 STACK_OF(X509) *sk=NULL;
759 SESS_CERT *sc;
760 EVP_PKEY *pkey=NULL;
761 int need_cert = 1; /* VRS: 0=> will allow null cert if auth == KRB5 */
762
763 n=ssl3_get_message(s,
764 SSL3_ST_CR_CERT_A,
765 SSL3_ST_CR_CERT_B,
766 -1,
767 s->max_cert_list,
768 &ok);
769
770 if (!ok) return((int)n);
771
772 if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
773 {
774 s->s3->tmp.reuse_message=1;
775 return(1);
776 }
777
778 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
779 {
780 al=SSL_AD_UNEXPECTED_MESSAGE;
781 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
782 goto f_err;
783 }
784 d=p=(unsigned char *)s->init_msg;
785
786 if ((sk=sk_X509_new_null()) == NULL)
787 {
788 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
789 goto err;
790 }
791
792 n2l3(p,llen);
793 if (llen+3 != n)
794 {
795 al=SSL_AD_DECODE_ERROR;
796 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
797 goto f_err;
798 }
799 for (nc=0; nc<llen; )
800 {
801 n2l3(p,l);
802 if ((l+nc+3) > llen)
803 {
804 al=SSL_AD_DECODE_ERROR;
805 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
806 goto f_err;
807 }
808
809 q=p;
810 x=d2i_X509(NULL,&q,l);
811 if (x == NULL)
812 {
813 al=SSL_AD_BAD_CERTIFICATE;
814 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
815 goto f_err;
816 }
817 if (q != (p+l))
818 {
819 al=SSL_AD_DECODE_ERROR;
820 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
821 goto f_err;
822 }
823 if (!sk_X509_push(sk,x))
824 {
825 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
826 goto err;
827 }
828 x=NULL;
829 nc+=l+3;
830 p=q;
831 }
832
833 i=ssl_verify_cert_chain(s,sk);
834 if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)
835#ifndef OPENSSL_NO_KRB5
836 && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK))
837 != (SSL_aKRB5|SSL_kKRB5)
838#endif /* OPENSSL_NO_KRB5 */
839 )
840 {
841 al=ssl_verify_alarm_type(s->verify_result);
842 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
843 goto f_err;
844 }
845 ERR_clear_error(); /* but we keep s->verify_result */
846
847 sc=ssl_sess_cert_new();
848 if (sc == NULL) goto err;
849
850 if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert);
851 s->session->sess_cert=sc;
852
853 sc->cert_chain=sk;
854 /* Inconsistency alert: cert_chain does include the peer's
855 * certificate, which we don't include in s3_srvr.c */
856 x=sk_X509_value(sk,0);
857 sk=NULL;
858 /* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/
859
860 pkey=X509_get_pubkey(x);
861
862 /* VRS: allow null cert if auth == KRB5 */
863 need_cert = ((s->s3->tmp.new_cipher->algorithms
864 & (SSL_MKEY_MASK|SSL_AUTH_MASK))
865 == (SSL_aKRB5|SSL_kKRB5))? 0: 1;
866
867#ifdef KSSL_DEBUG
868 printf("pkey,x = %p, %p\n", pkey,x);
869 printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
870 printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name,
871 s->s3->tmp.new_cipher->algorithms, need_cert);
872#endif /* KSSL_DEBUG */
873
874 if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)))
875 {
876 x=NULL;
877 al=SSL3_AL_FATAL;
878 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
879 SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
880 goto f_err;
881 }
882
883 i=ssl_cert_type(x,pkey);
884 if (need_cert && i < 0)
885 {
886 x=NULL;
887 al=SSL3_AL_FATAL;
888 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
889 SSL_R_UNKNOWN_CERTIFICATE_TYPE);
890 goto f_err;
891 }
892
893 if (need_cert)
894 {
895 sc->peer_cert_type=i;
896 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
897 /* Why would the following ever happen?
898 * We just created sc a couple of lines ago. */
899 if (sc->peer_pkeys[i].x509 != NULL)
900 X509_free(sc->peer_pkeys[i].x509);
901 sc->peer_pkeys[i].x509=x;
902 sc->peer_key= &(sc->peer_pkeys[i]);
903
904 if (s->session->peer != NULL)
905 X509_free(s->session->peer);
906 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
907 s->session->peer=x;
908 }
909 else
910 {
911 sc->peer_cert_type=i;
912 sc->peer_key= NULL;
913
914 if (s->session->peer != NULL)
915 X509_free(s->session->peer);
916 s->session->peer=NULL;
917 }
918 s->session->verify_result = s->verify_result;
919
920 x=NULL;
921 ret=1;
922
923 if (0)
924 {
925f_err:
926 ssl3_send_alert(s,SSL3_AL_FATAL,al);
927 }
928err:
929 EVP_PKEY_free(pkey);
930 X509_free(x);
931 sk_X509_pop_free(sk,X509_free);
932 return(ret);
933 }
934
935static int ssl3_get_key_exchange(SSL *s)
936 {
937#ifndef OPENSSL_NO_RSA
938 unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
939#endif
940 EVP_MD_CTX md_ctx;
941 unsigned char *param,*p;
942 int al,i,j,param_len,ok;
943 long n,alg;
944 EVP_PKEY *pkey=NULL;
945#ifndef OPENSSL_NO_RSA
946 RSA *rsa=NULL;
947#endif
948#ifndef OPENSSL_NO_DH
949 DH *dh=NULL;
950#endif
951
952 /* use same message size as in ssl3_get_certificate_request()
953 * as ServerKeyExchange message may be skipped */
954 n=ssl3_get_message(s,
955 SSL3_ST_CR_KEY_EXCH_A,
956 SSL3_ST_CR_KEY_EXCH_B,
957 -1,
958 s->max_cert_list,
959 &ok);
960
961 if (!ok) return((int)n);
962
963 if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
964 {
965 s->s3->tmp.reuse_message=1;
966 return(1);
967 }
968
969 param=p=(unsigned char *)s->init_msg;
970
971 if (s->session->sess_cert != NULL)
972 {
973#ifndef OPENSSL_NO_RSA
974 if (s->session->sess_cert->peer_rsa_tmp != NULL)
975 {
976 RSA_free(s->session->sess_cert->peer_rsa_tmp);
977 s->session->sess_cert->peer_rsa_tmp=NULL;
978 }
979#endif
980#ifndef OPENSSL_NO_DH
981 if (s->session->sess_cert->peer_dh_tmp)
982 {
983 DH_free(s->session->sess_cert->peer_dh_tmp);
984 s->session->sess_cert->peer_dh_tmp=NULL;
985 }
986#endif
987 }
988 else
989 {
990 s->session->sess_cert=ssl_sess_cert_new();
991 }
992
993 param_len=0;
994 alg=s->s3->tmp.new_cipher->algorithms;
995 EVP_MD_CTX_init(&md_ctx);
996
997#ifndef OPENSSL_NO_RSA
998 if (alg & SSL_kRSA)
999 {
1000 if ((rsa=RSA_new()) == NULL)
1001 {
1002 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
1003 goto err;
1004 }
1005 n2s(p,i);
1006 param_len=i+2;
1007 if (param_len > n)
1008 {
1009 al=SSL_AD_DECODE_ERROR;
1010 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
1011 goto f_err;
1012 }
1013 if (!(rsa->n=BN_bin2bn(p,i,rsa->n)))
1014 {
1015 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1016 goto err;
1017 }
1018 p+=i;
1019
1020 n2s(p,i);
1021 param_len+=i+2;
1022 if (param_len > n)
1023 {
1024 al=SSL_AD_DECODE_ERROR;
1025 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
1026 goto f_err;
1027 }
1028 if (!(rsa->e=BN_bin2bn(p,i,rsa->e)))
1029 {
1030 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1031 goto err;
1032 }
1033 p+=i;
1034 n-=param_len;
1035
1036 /* this should be because we are using an export cipher */
1037 if (alg & SSL_aRSA)
1038 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1039 else
1040 {
1041 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1042 goto err;
1043 }
1044 s->session->sess_cert->peer_rsa_tmp=rsa;
1045 rsa=NULL;
1046 }
1047#else /* OPENSSL_NO_RSA */
1048 if (0)
1049 ;
1050#endif
1051#ifndef OPENSSL_NO_DH
1052 else if (alg & SSL_kEDH)
1053 {
1054 if ((dh=DH_new()) == NULL)
1055 {
1056 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB);
1057 goto err;
1058 }
1059 n2s(p,i);
1060 param_len=i+2;
1061 if (param_len > n)
1062 {
1063 al=SSL_AD_DECODE_ERROR;
1064 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
1065 goto f_err;
1066 }
1067 if (!(dh->p=BN_bin2bn(p,i,NULL)))
1068 {
1069 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1070 goto err;
1071 }
1072 p+=i;
1073
1074 n2s(p,i);
1075 param_len+=i+2;
1076 if (param_len > n)
1077 {
1078 al=SSL_AD_DECODE_ERROR;
1079 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
1080 goto f_err;
1081 }
1082 if (!(dh->g=BN_bin2bn(p,i,NULL)))
1083 {
1084 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1085 goto err;
1086 }
1087 p+=i;
1088
1089 n2s(p,i);
1090 param_len+=i+2;
1091 if (param_len > n)
1092 {
1093 al=SSL_AD_DECODE_ERROR;
1094 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
1095 goto f_err;
1096 }
1097 if (!(dh->pub_key=BN_bin2bn(p,i,NULL)))
1098 {
1099 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1100 goto err;
1101 }
1102 p+=i;
1103 n-=param_len;
1104
1105#ifndef OPENSSL_NO_RSA
1106 if (alg & SSL_aRSA)
1107 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1108#else
1109 if (0)
1110 ;
1111#endif
1112#ifndef OPENSSL_NO_DSA
1113 else if (alg & SSL_aDSS)
1114 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
1115#endif
1116 /* else anonymous DH, so no certificate or pkey. */
1117
1118 s->session->sess_cert->peer_dh_tmp=dh;
1119 dh=NULL;
1120 }
1121 else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
1122 {
1123 al=SSL_AD_ILLEGAL_PARAMETER;
1124 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
1125 goto f_err;
1126 }
1127#endif /* !OPENSSL_NO_DH */
1128 if (alg & SSL_aFZA)
1129 {
1130 al=SSL_AD_HANDSHAKE_FAILURE;
1131 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
1132 goto f_err;
1133 }
1134
1135
1136 /* p points to the next byte, there are 'n' bytes left */
1137
1138
1139 /* if it was signed, check the signature */
1140 if (pkey != NULL)
1141 {
1142 n2s(p,i);
1143 n-=2;
1144 j=EVP_PKEY_size(pkey);
1145
1146 if ((i != n) || (n > j) || (n <= 0))
1147 {
1148 /* wrong packet length */
1149 al=SSL_AD_DECODE_ERROR;
1150 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
1151 goto f_err;
1152 }
1153
1154#ifndef OPENSSL_NO_RSA
1155 if (pkey->type == EVP_PKEY_RSA)
1156 {
1157 int num;
1158
1159 j=0;
1160 q=md_buf;
1161 for (num=2; num > 0; num--)
1162 {
1163 EVP_DigestInit_ex(&md_ctx,(num == 2)
1164 ?s->ctx->md5:s->ctx->sha1, NULL);
1165 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1166 EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1167 EVP_DigestUpdate(&md_ctx,param,param_len);
1168 EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i);
1169 q+=i;
1170 j+=i;
1171 }
1172 i=RSA_verify(NID_md5_sha1, md_buf, j, p, n,
1173 pkey->pkey.rsa);
1174 if (i < 0)
1175 {
1176 al=SSL_AD_DECRYPT_ERROR;
1177 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
1178 goto f_err;
1179 }
1180 if (i == 0)
1181 {
1182 /* bad signature */
1183 al=SSL_AD_DECRYPT_ERROR;
1184 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
1185 goto f_err;
1186 }
1187 }
1188 else
1189#endif
1190#ifndef OPENSSL_NO_DSA
1191 if (pkey->type == EVP_PKEY_DSA)
1192 {
1193 /* lets do DSS */
1194 EVP_VerifyInit_ex(&md_ctx,EVP_dss1(), NULL);
1195 EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1196 EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1197 EVP_VerifyUpdate(&md_ctx,param,param_len);
1198 if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
1199 {
1200 /* bad signature */
1201 al=SSL_AD_DECRYPT_ERROR;
1202 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
1203 goto f_err;
1204 }
1205 }
1206 else
1207#endif
1208 {
1209 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1210 goto err;
1211 }
1212 }
1213 else
1214 {
1215 /* still data left over */
1216 if (!(alg & SSL_aNULL))
1217 {
1218 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1219 goto err;
1220 }
1221 if (n != 0)
1222 {
1223 al=SSL_AD_DECODE_ERROR;
1224 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
1225 goto f_err;
1226 }
1227 }
1228 EVP_PKEY_free(pkey);
1229 EVP_MD_CTX_cleanup(&md_ctx);
1230 return(1);
1231f_err:
1232 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1233err:
1234 EVP_PKEY_free(pkey);
1235#ifndef OPENSSL_NO_RSA
1236 if (rsa != NULL)
1237 RSA_free(rsa);
1238#endif
1239#ifndef OPENSSL_NO_DH
1240 if (dh != NULL)
1241 DH_free(dh);
1242#endif
1243 EVP_MD_CTX_cleanup(&md_ctx);
1244 return(-1);
1245 }
1246
1247static int ssl3_get_certificate_request(SSL *s)
1248 {
1249 int ok,ret=0;
1250 unsigned long n,nc,l;
1251 unsigned int llen,ctype_num,i;
1252 X509_NAME *xn=NULL;
1253 unsigned char *p,*d,*q;
1254 STACK_OF(X509_NAME) *ca_sk=NULL;
1255
1256 n=ssl3_get_message(s,
1257 SSL3_ST_CR_CERT_REQ_A,
1258 SSL3_ST_CR_CERT_REQ_B,
1259 -1,
1260 s->max_cert_list,
1261 &ok);
1262
1263 if (!ok) return((int)n);
1264
1265 s->s3->tmp.cert_req=0;
1266
1267 if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
1268 {
1269 s->s3->tmp.reuse_message=1;
1270 return(1);
1271 }
1272
1273 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
1274 {
1275 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
1276 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
1277 goto err;
1278 }
1279
1280 /* TLS does not like anon-DH with client cert */
1281 if (s->version > SSL3_VERSION)
1282 {
1283 l=s->s3->tmp.new_cipher->algorithms;
1284 if (l & SSL_aNULL)
1285 {
1286 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
1287 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
1288 goto err;
1289 }
1290 }
1291
1292 d=p=(unsigned char *)s->init_msg;
1293
1294 if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL)
1295 {
1296 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
1297 goto err;
1298 }
1299
1300 /* get the certificate types */
1301 ctype_num= *(p++);
1302 if (ctype_num > SSL3_CT_NUMBER)
1303 ctype_num=SSL3_CT_NUMBER;
1304 for (i=0; i<ctype_num; i++)
1305 s->s3->tmp.ctype[i]= p[i];
1306 p+=ctype_num;
1307
1308 /* get the CA RDNs */
1309 n2s(p,llen);
1310#if 0
1311{
1312FILE *out;
1313out=fopen("/tmp/vsign.der","w");
1314fwrite(p,1,llen,out);
1315fclose(out);
1316}
1317#endif
1318
1319 if ((llen+ctype_num+2+1) != n)
1320 {
1321 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1322 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
1323 goto err;
1324 }
1325
1326 for (nc=0; nc<llen; )
1327 {
1328 n2s(p,l);
1329 if ((l+nc+2) > llen)
1330 {
1331 if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
1332 goto cont; /* netscape bugs */
1333 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1334 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
1335 goto err;
1336 }
1337
1338 q=p;
1339
1340 if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
1341 {
1342 /* If netscape tolerance is on, ignore errors */
1343 if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
1344 goto cont;
1345 else
1346 {
1347 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1348 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
1349 goto err;
1350 }
1351 }
1352
1353 if (q != (p+l))
1354 {
1355 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1356 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
1357 goto err;
1358 }
1359 if (!sk_X509_NAME_push(ca_sk,xn))
1360 {
1361 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
1362 goto err;
1363 }
1364
1365 p+=l;
1366 nc+=l+2;
1367 }
1368
1369 if (0)
1370 {
1371cont:
1372 ERR_clear_error();
1373 }
1374
1375 /* we should setup a certificate to return.... */
1376 s->s3->tmp.cert_req=1;
1377 s->s3->tmp.ctype_num=ctype_num;
1378 if (s->s3->tmp.ca_names != NULL)
1379 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1380 s->s3->tmp.ca_names=ca_sk;
1381 ca_sk=NULL;
1382
1383 ret=1;
1384err:
1385 if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk,X509_NAME_free);
1386 return(ret);
1387 }
1388
1389static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
1390 {
1391 return(X509_NAME_cmp(*a,*b));
1392 }
1393
1394static int ssl3_get_server_done(SSL *s)
1395 {
1396 int ok,ret=0;
1397 long n;
1398
1399 n=ssl3_get_message(s,
1400 SSL3_ST_CR_SRVR_DONE_A,
1401 SSL3_ST_CR_SRVR_DONE_B,
1402 SSL3_MT_SERVER_DONE,
1403 30, /* should be very small, like 0 :-) */
1404 &ok);
1405
1406 if (!ok) return((int)n);
1407 if (n > 0)
1408 {
1409 /* should contain no data */
1410 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1411 SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
1412 return -1;
1413 }
1414 ret=1;
1415 return(ret);
1416 }
1417
1418static int ssl3_send_client_key_exchange(SSL *s)
1419 {
1420 unsigned char *p,*d;
1421 int n;
1422 unsigned long l;
1423#ifndef OPENSSL_NO_RSA
1424 unsigned char *q;
1425 EVP_PKEY *pkey=NULL;
1426#endif
1427#ifndef OPENSSL_NO_KRB5
1428 KSSL_ERR kssl_err;
1429#endif /* OPENSSL_NO_KRB5 */
1430
1431 if (s->state == SSL3_ST_CW_KEY_EXCH_A)
1432 {
1433 d=(unsigned char *)s->init_buf->data;
1434 p= &(d[4]);
1435
1436 l=s->s3->tmp.new_cipher->algorithms;
1437
1438 /* Fool emacs indentation */
1439 if (0) {}
1440#ifndef OPENSSL_NO_RSA
1441 else if (l & SSL_kRSA)
1442 {
1443 RSA *rsa;
1444 unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
1445
1446 if (s->session->sess_cert->peer_rsa_tmp != NULL)
1447 rsa=s->session->sess_cert->peer_rsa_tmp;
1448 else
1449 {
1450 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1451 if ((pkey == NULL) ||
1452 (pkey->type != EVP_PKEY_RSA) ||
1453 (pkey->pkey.rsa == NULL))
1454 {
1455 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1456 goto err;
1457 }
1458 rsa=pkey->pkey.rsa;
1459 EVP_PKEY_free(pkey);
1460 }
1461
1462 tmp_buf[0]=s->client_version>>8;
1463 tmp_buf[1]=s->client_version&0xff;
1464 if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
1465 goto err;
1466
1467 s->session->master_key_length=sizeof tmp_buf;
1468
1469 q=p;
1470 /* Fix buf for TLS and beyond */
1471 if (s->version > SSL3_VERSION)
1472 p+=2;
1473 n=RSA_public_encrypt(sizeof tmp_buf,
1474 tmp_buf,p,rsa,RSA_PKCS1_PADDING);
1475#ifdef PKCS1_CHECK
1476 if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
1477 if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70;
1478#endif
1479 if (n <= 0)
1480 {
1481 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
1482 goto err;
1483 }
1484
1485 /* Fix buf for TLS and beyond */
1486 if (s->version > SSL3_VERSION)
1487 {
1488 s2n(n,q);
1489 n+=2;
1490 }
1491
1492 s->session->master_key_length=
1493 s->method->ssl3_enc->generate_master_secret(s,
1494 s->session->master_key,
1495 tmp_buf,sizeof tmp_buf);
1496 OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);
1497 }
1498#endif
1499#ifndef OPENSSL_NO_KRB5
1500 else if (l & SSL_kKRB5)
1501 {
1502 krb5_error_code krb5rc;
1503 KSSL_CTX *kssl_ctx = s->kssl_ctx;
1504 /* krb5_data krb5_ap_req; */
1505 krb5_data *enc_ticket;
1506 krb5_data authenticator, *authp = NULL;
1507 EVP_CIPHER_CTX ciph_ctx;
1508 EVP_CIPHER *enc = NULL;
1509 unsigned char iv[EVP_MAX_IV_LENGTH];
1510 unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
1511 unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH
1512 + EVP_MAX_IV_LENGTH];
1513 int padl, outl = sizeof(epms);
1514
1515 EVP_CIPHER_CTX_init(&ciph_ctx);
1516
1517#ifdef KSSL_DEBUG
1518 printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
1519 l, SSL_kKRB5);
1520#endif /* KSSL_DEBUG */
1521
1522 authp = NULL;
1523#ifdef KRB5SENDAUTH
1524 if (KRB5SENDAUTH) authp = &authenticator;
1525#endif /* KRB5SENDAUTH */
1526
1527 krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp,
1528 &kssl_err);
1529 enc = kssl_map_enc(kssl_ctx->enctype);
1530 if (enc == NULL)
1531 goto err;
1532#ifdef KSSL_DEBUG
1533 {
1534 printf("kssl_cget_tkt rtn %d\n", krb5rc);
1535 if (krb5rc && kssl_err.text)
1536 printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
1537 }
1538#endif /* KSSL_DEBUG */
1539
1540 if (krb5rc)
1541 {
1542 ssl3_send_alert(s,SSL3_AL_FATAL,
1543 SSL_AD_HANDSHAKE_FAILURE);
1544 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
1545 kssl_err.reason);
1546 goto err;
1547 }
1548
1549 /* 20010406 VRS - Earlier versions used KRB5 AP_REQ
1550 ** in place of RFC 2712 KerberosWrapper, as in:
1551 **
1552 ** Send ticket (copy to *p, set n = length)
1553 ** n = krb5_ap_req.length;
1554 ** memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
1555 ** if (krb5_ap_req.data)
1556 ** kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
1557 **
1558 ** Now using real RFC 2712 KerberosWrapper
1559 ** (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
1560 ** Note: 2712 "opaque" types are here replaced
1561 ** with a 2-byte length followed by the value.
1562 ** Example:
1563 ** KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
1564 ** Where "xx xx" = length bytes. Shown here with
1565 ** optional authenticator omitted.
1566 */
1567
1568 /* KerberosWrapper.Ticket */
1569 s2n(enc_ticket->length,p);
1570 memcpy(p, enc_ticket->data, enc_ticket->length);
1571 p+= enc_ticket->length;
1572 n = enc_ticket->length + 2;
1573
1574 /* KerberosWrapper.Authenticator */
1575 if (authp && authp->length)
1576 {
1577 s2n(authp->length,p);
1578 memcpy(p, authp->data, authp->length);
1579 p+= authp->length;
1580 n+= authp->length + 2;
1581
1582 free(authp->data);
1583 authp->data = NULL;
1584 authp->length = 0;
1585 }
1586 else
1587 {
1588 s2n(0,p);/* null authenticator length */
1589 n+=2;
1590 }
1591
1592 if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0)
1593 goto err;
1594
1595 /* 20010420 VRS. Tried it this way; failed.
1596 ** EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
1597 ** EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
1598 ** kssl_ctx->length);
1599 ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
1600 */
1601
1602 memset(iv, 0, sizeof iv); /* per RFC 1510 */
1603 EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
1604 kssl_ctx->key,iv);
1605 EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
1606 sizeof tmp_buf);
1607 EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
1608 outl += padl;
1609 if (outl > sizeof epms)
1610 {
1611 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
1612 goto err;
1613 }
1614 EVP_CIPHER_CTX_cleanup(&ciph_ctx);
1615
1616 /* KerberosWrapper.EncryptedPreMasterSecret */
1617 s2n(outl,p);
1618 memcpy(p, epms, outl);
1619 p+=outl;
1620 n+=outl + 2;
1621
1622 s->session->master_key_length=
1623 s->method->ssl3_enc->generate_master_secret(s,
1624 s->session->master_key,
1625 tmp_buf, sizeof tmp_buf);
1626
1627 OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
1628 OPENSSL_cleanse(epms, outl);
1629 }
1630#endif
1631#ifndef OPENSSL_NO_DH
1632 else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
1633 {
1634 DH *dh_srvr,*dh_clnt;
1635
1636 if (s->session->sess_cert->peer_dh_tmp != NULL)
1637 dh_srvr=s->session->sess_cert->peer_dh_tmp;
1638 else
1639 {
1640 /* we get them from the cert */
1641 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1642 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
1643 goto err;
1644 }
1645
1646 /* generate a new random key */
1647 if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
1648 {
1649 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1650 goto err;
1651 }
1652 if (!DH_generate_key(dh_clnt))
1653 {
1654 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1655 goto err;
1656 }
1657
1658 /* use the 'p' output buffer for the DH key, but
1659 * make sure to clear it out afterwards */
1660
1661 n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
1662
1663 if (n <= 0)
1664 {
1665 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1666 goto err;
1667 }
1668
1669 /* generate master key from the result */
1670 s->session->master_key_length=
1671 s->method->ssl3_enc->generate_master_secret(s,
1672 s->session->master_key,p,n);
1673 /* clean up */
1674 memset(p,0,n);
1675
1676 /* send off the data */
1677 n=BN_num_bytes(dh_clnt->pub_key);
1678 s2n(n,p);
1679 BN_bn2bin(dh_clnt->pub_key,p);
1680 n+=2;
1681
1682 DH_free(dh_clnt);
1683
1684 /* perhaps clean things up a bit EAY EAY EAY EAY*/
1685 }
1686#endif
1687 else
1688 {
1689 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1690 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1691 goto err;
1692 }
1693
1694 *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
1695 l2n3(n,d);
1696
1697 s->state=SSL3_ST_CW_KEY_EXCH_B;
1698 /* number of bytes to write */
1699 s->init_num=n+4;
1700 s->init_off=0;
1701 }
1702
1703 /* SSL3_ST_CW_KEY_EXCH_B */
1704 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1705err:
1706 return(-1);
1707 }
1708
1709static int ssl3_send_client_verify(SSL *s)
1710 {
1711 unsigned char *p,*d;
1712 unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
1713 EVP_PKEY *pkey;
1714#ifndef OPENSSL_NO_RSA
1715 unsigned u=0;
1716#endif
1717 unsigned long n;
1718#ifndef OPENSSL_NO_DSA
1719 int j;
1720#endif
1721
1722 if (s->state == SSL3_ST_CW_CERT_VRFY_A)
1723 {
1724 d=(unsigned char *)s->init_buf->data;
1725 p= &(d[4]);
1726 pkey=s->cert->key->privatekey;
1727
1728 s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
1729 &(data[MD5_DIGEST_LENGTH]));
1730
1731#ifndef OPENSSL_NO_RSA
1732 if (pkey->type == EVP_PKEY_RSA)
1733 {
1734 s->method->ssl3_enc->cert_verify_mac(s,
1735 &(s->s3->finish_dgst1),&(data[0]));
1736 if (RSA_sign(NID_md5_sha1, data,
1737 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
1738 &(p[2]), &u, pkey->pkey.rsa) <= 0 )
1739 {
1740 SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
1741 goto err;
1742 }
1743 s2n(u,p);
1744 n=u+2;
1745 }
1746 else
1747#endif
1748#ifndef OPENSSL_NO_DSA
1749 if (pkey->type == EVP_PKEY_DSA)
1750 {
1751 if (!DSA_sign(pkey->save_type,
1752 &(data[MD5_DIGEST_LENGTH]),
1753 SHA_DIGEST_LENGTH,&(p[2]),
1754 (unsigned int *)&j,pkey->pkey.dsa))
1755 {
1756 SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
1757 goto err;
1758 }
1759 s2n(j,p);
1760 n=j+2;
1761 }
1762 else
1763#endif
1764 {
1765 SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_INTERNAL_ERROR);
1766 goto err;
1767 }
1768 *(d++)=SSL3_MT_CERTIFICATE_VERIFY;
1769 l2n3(n,d);
1770
1771 s->state=SSL3_ST_CW_CERT_VRFY_B;
1772 s->init_num=(int)n+4;
1773 s->init_off=0;
1774 }
1775 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1776err:
1777 return(-1);
1778 }
1779
1780static int ssl3_send_client_certificate(SSL *s)
1781 {
1782 X509 *x509=NULL;
1783 EVP_PKEY *pkey=NULL;
1784 int i;
1785 unsigned long l;
1786
1787 if (s->state == SSL3_ST_CW_CERT_A)
1788 {
1789 if ((s->cert == NULL) ||
1790 (s->cert->key->x509 == NULL) ||
1791 (s->cert->key->privatekey == NULL))
1792 s->state=SSL3_ST_CW_CERT_B;
1793 else
1794 s->state=SSL3_ST_CW_CERT_C;
1795 }
1796
1797 /* We need to get a client cert */
1798 if (s->state == SSL3_ST_CW_CERT_B)
1799 {
1800 /* If we get an error, we need to
1801 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
1802 * We then get retied later */
1803 i=0;
1804 if (s->ctx->client_cert_cb != NULL)
1805 i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
1806 if (i < 0)
1807 {
1808 s->rwstate=SSL_X509_LOOKUP;
1809 return(-1);
1810 }
1811 s->rwstate=SSL_NOTHING;
1812 if ((i == 1) && (pkey != NULL) && (x509 != NULL))
1813 {
1814 s->state=SSL3_ST_CW_CERT_B;
1815 if ( !SSL_use_certificate(s,x509) ||
1816 !SSL_use_PrivateKey(s,pkey))
1817 i=0;
1818 }
1819 else if (i == 1)
1820 {
1821 i=0;
1822 SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
1823 }
1824
1825 if (x509 != NULL) X509_free(x509);
1826 if (pkey != NULL) EVP_PKEY_free(pkey);
1827 if (i == 0)
1828 {
1829 if (s->version == SSL3_VERSION)
1830 {
1831 s->s3->tmp.cert_req=0;
1832 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
1833 return(1);
1834 }
1835 else
1836 {
1837 s->s3->tmp.cert_req=2;
1838 }
1839 }
1840
1841 /* Ok, we have a cert */
1842 s->state=SSL3_ST_CW_CERT_C;
1843 }
1844
1845 if (s->state == SSL3_ST_CW_CERT_C)
1846 {
1847 s->state=SSL3_ST_CW_CERT_D;
1848 l=ssl3_output_cert_chain(s,
1849 (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
1850 s->init_num=(int)l;
1851 s->init_off=0;
1852 }
1853 /* SSL3_ST_CW_CERT_D */
1854 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1855 }
1856
1857#define has_bits(i,m) (((i)&(m)) == (m))
1858
1859static int ssl3_check_cert_and_algorithm(SSL *s)
1860 {
1861 int i,idx;
1862 long algs;
1863 EVP_PKEY *pkey=NULL;
1864 SESS_CERT *sc;
1865#ifndef OPENSSL_NO_RSA
1866 RSA *rsa;
1867#endif
1868#ifndef OPENSSL_NO_DH
1869 DH *dh;
1870#endif
1871
1872 sc=s->session->sess_cert;
1873
1874 if (sc == NULL)
1875 {
1876 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
1877 goto err;
1878 }
1879
1880 algs=s->s3->tmp.new_cipher->algorithms;
1881
1882 /* we don't have a certificate */
1883 if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5))
1884 return(1);
1885
1886#ifndef OPENSSL_NO_RSA
1887 rsa=s->session->sess_cert->peer_rsa_tmp;
1888#endif
1889#ifndef OPENSSL_NO_DH
1890 dh=s->session->sess_cert->peer_dh_tmp;
1891#endif
1892
1893 /* This is the passed certificate */
1894
1895 idx=sc->peer_cert_type;
1896 pkey=X509_get_pubkey(sc->peer_pkeys[idx].x509);
1897 i=X509_certificate_type(sc->peer_pkeys[idx].x509,pkey);
1898 EVP_PKEY_free(pkey);
1899
1900
1901 /* Check that we have a certificate if we require one */
1902 if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
1903 {
1904 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
1905 goto f_err;
1906 }
1907#ifndef OPENSSL_NO_DSA
1908 else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
1909 {
1910 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
1911 goto f_err;
1912 }
1913#endif
1914#ifndef OPENSSL_NO_RSA
1915 if ((algs & SSL_kRSA) &&
1916 !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
1917 {
1918 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
1919 goto f_err;
1920 }
1921#endif
1922#ifndef OPENSSL_NO_DH
1923 if ((algs & SSL_kEDH) &&
1924 !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
1925 {
1926 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
1927 goto f_err;
1928 }
1929 else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
1930 {
1931 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
1932 goto f_err;
1933 }
1934#ifndef OPENSSL_NO_DSA
1935 else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
1936 {
1937 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
1938 goto f_err;
1939 }
1940#endif
1941#endif
1942
1943 if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
1944 {
1945#ifndef OPENSSL_NO_RSA
1946 if (algs & SSL_kRSA)
1947 {
1948 if (rsa == NULL
1949 || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
1950 {
1951 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
1952 goto f_err;
1953 }
1954 }
1955 else
1956#endif
1957#ifndef OPENSSL_NO_DH
1958 if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
1959 {
1960 if (dh == NULL
1961 || DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
1962 {
1963 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
1964 goto f_err;
1965 }
1966 }
1967 else
1968#endif
1969 {
1970 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1971 goto f_err;
1972 }
1973 }
1974 return(1);
1975f_err:
1976 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
1977err:
1978 return(0);
1979 }
1980
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
deleted file mode 100644
index d04096016c..0000000000
--- a/src/lib/libssl/s3_lib.c
+++ /dev/null
@@ -1,1799 +0,0 @@
1/* ssl/s3_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <openssl/objects.h>
114#include "ssl_locl.h"
115#include "kssl_lcl.h"
116#include <openssl/md5.h>
117
118const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
119
120#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
121
122static long ssl3_default_timeout(void );
123
124OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
125/* The RSA ciphers */
126/* Cipher 01 */
127 {
128 1,
129 SSL3_TXT_RSA_NULL_MD5,
130 SSL3_CK_RSA_NULL_MD5,
131 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
132 SSL_NOT_EXP|SSL_STRONG_NONE,
133 0,
134 0,
135 0,
136 SSL_ALL_CIPHERS,
137 SSL_ALL_STRENGTHS,
138 },
139/* Cipher 02 */
140 {
141 1,
142 SSL3_TXT_RSA_NULL_SHA,
143 SSL3_CK_RSA_NULL_SHA,
144 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
145 SSL_NOT_EXP|SSL_STRONG_NONE,
146 0,
147 0,
148 0,
149 SSL_ALL_CIPHERS,
150 SSL_ALL_STRENGTHS,
151 },
152
153/* anon DH */
154/* Cipher 17 */
155 {
156 1,
157 SSL3_TXT_ADH_RC4_40_MD5,
158 SSL3_CK_ADH_RC4_40_MD5,
159 SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
160 SSL_EXPORT|SSL_EXP40,
161 0,
162 40,
163 128,
164 SSL_ALL_CIPHERS,
165 SSL_ALL_STRENGTHS,
166 },
167/* Cipher 18 */
168 {
169 1,
170 SSL3_TXT_ADH_RC4_128_MD5,
171 SSL3_CK_ADH_RC4_128_MD5,
172 SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
173 SSL_NOT_EXP|SSL_MEDIUM,
174 0,
175 128,
176 128,
177 SSL_ALL_CIPHERS,
178 SSL_ALL_STRENGTHS,
179 },
180/* Cipher 19 */
181 {
182 1,
183 SSL3_TXT_ADH_DES_40_CBC_SHA,
184 SSL3_CK_ADH_DES_40_CBC_SHA,
185 SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
186 SSL_EXPORT|SSL_EXP40,
187 0,
188 40,
189 128,
190 SSL_ALL_CIPHERS,
191 SSL_ALL_STRENGTHS,
192 },
193/* Cipher 1A */
194 {
195 1,
196 SSL3_TXT_ADH_DES_64_CBC_SHA,
197 SSL3_CK_ADH_DES_64_CBC_SHA,
198 SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3,
199 SSL_NOT_EXP|SSL_LOW,
200 0,
201 56,
202 56,
203 SSL_ALL_CIPHERS,
204 SSL_ALL_STRENGTHS,
205 },
206/* Cipher 1B */
207 {
208 1,
209 SSL3_TXT_ADH_DES_192_CBC_SHA,
210 SSL3_CK_ADH_DES_192_CBC_SHA,
211 SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
212 SSL_NOT_EXP|SSL_HIGH,
213 0,
214 168,
215 168,
216 SSL_ALL_CIPHERS,
217 SSL_ALL_STRENGTHS,
218 },
219
220/* RSA again */
221/* Cipher 03 */
222 {
223 1,
224 SSL3_TXT_RSA_RC4_40_MD5,
225 SSL3_CK_RSA_RC4_40_MD5,
226 SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
227 SSL_EXPORT|SSL_EXP40,
228 0,
229 40,
230 128,
231 SSL_ALL_CIPHERS,
232 SSL_ALL_STRENGTHS,
233 },
234/* Cipher 04 */
235 {
236 1,
237 SSL3_TXT_RSA_RC4_128_MD5,
238 SSL3_CK_RSA_RC4_128_MD5,
239 SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_SSLV3,
240 SSL_NOT_EXP|SSL_MEDIUM,
241 0,
242 128,
243 128,
244 SSL_ALL_CIPHERS,
245 SSL_ALL_STRENGTHS,
246 },
247/* Cipher 05 */
248 {
249 1,
250 SSL3_TXT_RSA_RC4_128_SHA,
251 SSL3_CK_RSA_RC4_128_SHA,
252 SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_SSLV3,
253 SSL_NOT_EXP|SSL_MEDIUM,
254 0,
255 128,
256 128,
257 SSL_ALL_CIPHERS,
258 SSL_ALL_STRENGTHS,
259 },
260/* Cipher 06 */
261 {
262 1,
263 SSL3_TXT_RSA_RC2_40_MD5,
264 SSL3_CK_RSA_RC2_40_MD5,
265 SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_SSLV3,
266 SSL_EXPORT|SSL_EXP40,
267 0,
268 40,
269 128,
270 SSL_ALL_CIPHERS,
271 SSL_ALL_STRENGTHS,
272 },
273/* Cipher 07 */
274#ifndef OPENSSL_NO_IDEA
275 {
276 1,
277 SSL3_TXT_RSA_IDEA_128_SHA,
278 SSL3_CK_RSA_IDEA_128_SHA,
279 SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
280 SSL_NOT_EXP|SSL_MEDIUM,
281 0,
282 128,
283 128,
284 SSL_ALL_CIPHERS,
285 SSL_ALL_STRENGTHS,
286 },
287#endif
288/* Cipher 08 */
289 {
290 1,
291 SSL3_TXT_RSA_DES_40_CBC_SHA,
292 SSL3_CK_RSA_DES_40_CBC_SHA,
293 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
294 SSL_EXPORT|SSL_EXP40,
295 0,
296 40,
297 56,
298 SSL_ALL_CIPHERS,
299 SSL_ALL_STRENGTHS,
300 },
301/* Cipher 09 */
302 {
303 1,
304 SSL3_TXT_RSA_DES_64_CBC_SHA,
305 SSL3_CK_RSA_DES_64_CBC_SHA,
306 SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
307 SSL_NOT_EXP|SSL_LOW,
308 0,
309 56,
310 56,
311 SSL_ALL_CIPHERS,
312 SSL_ALL_STRENGTHS,
313 },
314/* Cipher 0A */
315 {
316 1,
317 SSL3_TXT_RSA_DES_192_CBC3_SHA,
318 SSL3_CK_RSA_DES_192_CBC3_SHA,
319 SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
320 SSL_NOT_EXP|SSL_HIGH,
321 0,
322 168,
323 168,
324 SSL_ALL_CIPHERS,
325 SSL_ALL_STRENGTHS,
326 },
327
328/* The DH ciphers */
329/* Cipher 0B */
330 {
331 0,
332 SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
333 SSL3_CK_DH_DSS_DES_40_CBC_SHA,
334 SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
335 SSL_EXPORT|SSL_EXP40,
336 0,
337 40,
338 56,
339 SSL_ALL_CIPHERS,
340 SSL_ALL_STRENGTHS,
341 },
342/* Cipher 0C */
343 {
344 0,
345 SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
346 SSL3_CK_DH_DSS_DES_64_CBC_SHA,
347 SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
348 SSL_NOT_EXP|SSL_LOW,
349 0,
350 56,
351 56,
352 SSL_ALL_CIPHERS,
353 SSL_ALL_STRENGTHS,
354 },
355/* Cipher 0D */
356 {
357 0,
358 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
359 SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
360 SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
361 SSL_NOT_EXP|SSL_HIGH,
362 0,
363 168,
364 168,
365 SSL_ALL_CIPHERS,
366 SSL_ALL_STRENGTHS,
367 },
368/* Cipher 0E */
369 {
370 0,
371 SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
372 SSL3_CK_DH_RSA_DES_40_CBC_SHA,
373 SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
374 SSL_EXPORT|SSL_EXP40,
375 0,
376 40,
377 56,
378 SSL_ALL_CIPHERS,
379 SSL_ALL_STRENGTHS,
380 },
381/* Cipher 0F */
382 {
383 0,
384 SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
385 SSL3_CK_DH_RSA_DES_64_CBC_SHA,
386 SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
387 SSL_NOT_EXP|SSL_LOW,
388 0,
389 56,
390 56,
391 SSL_ALL_CIPHERS,
392 SSL_ALL_STRENGTHS,
393 },
394/* Cipher 10 */
395 {
396 0,
397 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
398 SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
399 SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
400 SSL_NOT_EXP|SSL_HIGH,
401 0,
402 168,
403 168,
404 SSL_ALL_CIPHERS,
405 SSL_ALL_STRENGTHS,
406 },
407
408/* The Ephemeral DH ciphers */
409/* Cipher 11 */
410 {
411 1,
412 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
413 SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
414 SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
415 SSL_EXPORT|SSL_EXP40,
416 0,
417 40,
418 56,
419 SSL_ALL_CIPHERS,
420 SSL_ALL_STRENGTHS,
421 },
422/* Cipher 12 */
423 {
424 1,
425 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
426 SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
427 SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_SSLV3,
428 SSL_NOT_EXP|SSL_LOW,
429 0,
430 56,
431 56,
432 SSL_ALL_CIPHERS,
433 SSL_ALL_STRENGTHS,
434 },
435/* Cipher 13 */
436 {
437 1,
438 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
439 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
440 SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
441 SSL_NOT_EXP|SSL_HIGH,
442 0,
443 168,
444 168,
445 SSL_ALL_CIPHERS,
446 SSL_ALL_STRENGTHS,
447 },
448/* Cipher 14 */
449 {
450 1,
451 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
452 SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
453 SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
454 SSL_EXPORT|SSL_EXP40,
455 0,
456 40,
457 56,
458 SSL_ALL_CIPHERS,
459 SSL_ALL_STRENGTHS,
460 },
461/* Cipher 15 */
462 {
463 1,
464 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
465 SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
466 SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
467 SSL_NOT_EXP|SSL_LOW,
468 0,
469 56,
470 56,
471 SSL_ALL_CIPHERS,
472 SSL_ALL_STRENGTHS,
473 },
474/* Cipher 16 */
475 {
476 1,
477 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
478 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
479 SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
480 SSL_NOT_EXP|SSL_HIGH,
481 0,
482 168,
483 168,
484 SSL_ALL_CIPHERS,
485 SSL_ALL_STRENGTHS,
486 },
487
488/* Fortezza */
489/* Cipher 1C */
490 {
491 0,
492 SSL3_TXT_FZA_DMS_NULL_SHA,
493 SSL3_CK_FZA_DMS_NULL_SHA,
494 SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
495 SSL_NOT_EXP|SSL_STRONG_NONE,
496 0,
497 0,
498 0,
499 SSL_ALL_CIPHERS,
500 SSL_ALL_STRENGTHS,
501 },
502
503/* Cipher 1D */
504 {
505 0,
506 SSL3_TXT_FZA_DMS_FZA_SHA,
507 SSL3_CK_FZA_DMS_FZA_SHA,
508 SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
509 SSL_NOT_EXP|SSL_STRONG_NONE,
510 0,
511 0,
512 0,
513 SSL_ALL_CIPHERS,
514 SSL_ALL_STRENGTHS,
515 },
516
517#if 0
518/* Cipher 1E */
519 {
520 0,
521 SSL3_TXT_FZA_DMS_RC4_SHA,
522 SSL3_CK_FZA_DMS_RC4_SHA,
523 SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_SSLV3,
524 SSL_NOT_EXP|SSL_MEDIUM,
525 0,
526 128,
527 128,
528 SSL_ALL_CIPHERS,
529 SSL_ALL_STRENGTHS,
530 },
531#endif
532
533#ifndef OPENSSL_NO_KRB5
534/* The Kerberos ciphers
535** 20000107 VRS: And the first shall be last,
536** in hopes of avoiding the lynx ssl renegotiation problem.
537*/
538/* Cipher 1E VRS */
539 {
540 1,
541 SSL3_TXT_KRB5_DES_64_CBC_SHA,
542 SSL3_CK_KRB5_DES_64_CBC_SHA,
543 SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3,
544 SSL_NOT_EXP|SSL_LOW,
545 0,
546 56,
547 56,
548 SSL_ALL_CIPHERS,
549 SSL_ALL_STRENGTHS,
550 },
551
552/* Cipher 1F VRS */
553 {
554 1,
555 SSL3_TXT_KRB5_DES_192_CBC3_SHA,
556 SSL3_CK_KRB5_DES_192_CBC3_SHA,
557 SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3,
558 SSL_NOT_EXP|SSL_HIGH,
559 0,
560 112,
561 168,
562 SSL_ALL_CIPHERS,
563 SSL_ALL_STRENGTHS,
564 },
565
566/* Cipher 20 VRS */
567 {
568 1,
569 SSL3_TXT_KRB5_RC4_128_SHA,
570 SSL3_CK_KRB5_RC4_128_SHA,
571 SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3,
572 SSL_NOT_EXP|SSL_MEDIUM,
573 0,
574 128,
575 128,
576 SSL_ALL_CIPHERS,
577 SSL_ALL_STRENGTHS,
578 },
579
580/* Cipher 21 VRS */
581 {
582 1,
583 SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
584 SSL3_CK_KRB5_IDEA_128_CBC_SHA,
585 SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_SHA1 |SSL_SSLV3,
586 SSL_NOT_EXP|SSL_MEDIUM,
587 0,
588 128,
589 128,
590 SSL_ALL_CIPHERS,
591 SSL_ALL_STRENGTHS,
592 },
593
594/* Cipher 22 VRS */
595 {
596 1,
597 SSL3_TXT_KRB5_DES_64_CBC_MD5,
598 SSL3_CK_KRB5_DES_64_CBC_MD5,
599 SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3,
600 SSL_NOT_EXP|SSL_LOW,
601 0,
602 56,
603 56,
604 SSL_ALL_CIPHERS,
605 SSL_ALL_STRENGTHS,
606 },
607
608/* Cipher 23 VRS */
609 {
610 1,
611 SSL3_TXT_KRB5_DES_192_CBC3_MD5,
612 SSL3_CK_KRB5_DES_192_CBC3_MD5,
613 SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3,
614 SSL_NOT_EXP|SSL_HIGH,
615 0,
616 112,
617 168,
618 SSL_ALL_CIPHERS,
619 SSL_ALL_STRENGTHS,
620 },
621
622/* Cipher 24 VRS */
623 {
624 1,
625 SSL3_TXT_KRB5_RC4_128_MD5,
626 SSL3_CK_KRB5_RC4_128_MD5,
627 SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3,
628 SSL_NOT_EXP|SSL_MEDIUM,
629 0,
630 128,
631 128,
632 SSL_ALL_CIPHERS,
633 SSL_ALL_STRENGTHS,
634 },
635
636/* Cipher 25 VRS */
637 {
638 1,
639 SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
640 SSL3_CK_KRB5_IDEA_128_CBC_MD5,
641 SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_MD5 |SSL_SSLV3,
642 SSL_NOT_EXP|SSL_MEDIUM,
643 0,
644 128,
645 128,
646 SSL_ALL_CIPHERS,
647 SSL_ALL_STRENGTHS,
648 },
649
650/* Cipher 26 VRS */
651 {
652 1,
653 SSL3_TXT_KRB5_DES_40_CBC_SHA,
654 SSL3_CK_KRB5_DES_40_CBC_SHA,
655 SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3,
656 SSL_EXPORT|SSL_EXP40,
657 0,
658 40,
659 56,
660 SSL_ALL_CIPHERS,
661 SSL_ALL_STRENGTHS,
662 },
663
664/* Cipher 27 VRS */
665 {
666 1,
667 SSL3_TXT_KRB5_RC2_40_CBC_SHA,
668 SSL3_CK_KRB5_RC2_40_CBC_SHA,
669 SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_SHA1 |SSL_SSLV3,
670 SSL_EXPORT|SSL_EXP40,
671 0,
672 40,
673 128,
674 SSL_ALL_CIPHERS,
675 SSL_ALL_STRENGTHS,
676 },
677
678/* Cipher 28 VRS */
679 {
680 1,
681 SSL3_TXT_KRB5_RC4_40_SHA,
682 SSL3_CK_KRB5_RC4_40_SHA,
683 SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3,
684 SSL_EXPORT|SSL_EXP40,
685 0,
686 128,
687 128,
688 SSL_ALL_CIPHERS,
689 SSL_ALL_STRENGTHS,
690 },
691
692/* Cipher 29 VRS */
693 {
694 1,
695 SSL3_TXT_KRB5_DES_40_CBC_MD5,
696 SSL3_CK_KRB5_DES_40_CBC_MD5,
697 SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3,
698 SSL_EXPORT|SSL_EXP40,
699 0,
700 40,
701 56,
702 SSL_ALL_CIPHERS,
703 SSL_ALL_STRENGTHS,
704 },
705
706/* Cipher 2A VRS */
707 {
708 1,
709 SSL3_TXT_KRB5_RC2_40_CBC_MD5,
710 SSL3_CK_KRB5_RC2_40_CBC_MD5,
711 SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_MD5 |SSL_SSLV3,
712 SSL_EXPORT|SSL_EXP40,
713 0,
714 40,
715 128,
716 SSL_ALL_CIPHERS,
717 SSL_ALL_STRENGTHS,
718 },
719
720/* Cipher 2B VRS */
721 {
722 1,
723 SSL3_TXT_KRB5_RC4_40_MD5,
724 SSL3_CK_KRB5_RC4_40_MD5,
725 SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3,
726 SSL_EXPORT|SSL_EXP40,
727 0,
728 128,
729 128,
730 SSL_ALL_CIPHERS,
731 SSL_ALL_STRENGTHS,
732 },
733#endif /* OPENSSL_NO_KRB5 */
734
735
736#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
737 /* New TLS Export CipherSuites */
738 /* Cipher 60 */
739 {
740 1,
741 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
742 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
743 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
744 SSL_EXPORT|SSL_EXP56,
745 0,
746 56,
747 128,
748 SSL_ALL_CIPHERS,
749 SSL_ALL_STRENGTHS,
750 },
751 /* Cipher 61 */
752 {
753 1,
754 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
755 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
756 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
757 SSL_EXPORT|SSL_EXP56,
758 0,
759 56,
760 128,
761 SSL_ALL_CIPHERS,
762 SSL_ALL_STRENGTHS,
763 },
764 /* Cipher 62 */
765 {
766 1,
767 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
768 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
769 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
770 SSL_EXPORT|SSL_EXP56,
771 0,
772 56,
773 56,
774 SSL_ALL_CIPHERS,
775 SSL_ALL_STRENGTHS,
776 },
777 /* Cipher 63 */
778 {
779 1,
780 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
781 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
782 SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
783 SSL_EXPORT|SSL_EXP56,
784 0,
785 56,
786 56,
787 SSL_ALL_CIPHERS,
788 SSL_ALL_STRENGTHS,
789 },
790 /* Cipher 64 */
791 {
792 1,
793 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
794 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
795 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
796 SSL_EXPORT|SSL_EXP56,
797 0,
798 56,
799 128,
800 SSL_ALL_CIPHERS,
801 SSL_ALL_STRENGTHS,
802 },
803 /* Cipher 65 */
804 {
805 1,
806 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
807 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
808 SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
809 SSL_EXPORT|SSL_EXP56,
810 0,
811 56,
812 128,
813 SSL_ALL_CIPHERS,
814 SSL_ALL_STRENGTHS,
815 },
816 /* Cipher 66 */
817 {
818 1,
819 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
820 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
821 SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
822 SSL_NOT_EXP|SSL_MEDIUM,
823 0,
824 128,
825 128,
826 SSL_ALL_CIPHERS,
827 SSL_ALL_STRENGTHS
828 },
829#endif
830 /* New AES ciphersuites */
831
832 /* Cipher 2F */
833 {
834 1,
835 TLS1_TXT_RSA_WITH_AES_128_SHA,
836 TLS1_CK_RSA_WITH_AES_128_SHA,
837 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
838 SSL_NOT_EXP|SSL_MEDIUM,
839 0,
840 128,
841 128,
842 SSL_ALL_CIPHERS,
843 SSL_ALL_STRENGTHS,
844 },
845 /* Cipher 30 */
846 {
847 0,
848 TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
849 TLS1_CK_DH_DSS_WITH_AES_128_SHA,
850 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
851 SSL_NOT_EXP|SSL_MEDIUM,
852 0,
853 128,
854 128,
855 SSL_ALL_CIPHERS,
856 SSL_ALL_STRENGTHS,
857 },
858 /* Cipher 31 */
859 {
860 0,
861 TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
862 TLS1_CK_DH_RSA_WITH_AES_128_SHA,
863 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
864 SSL_NOT_EXP|SSL_MEDIUM,
865 0,
866 128,
867 128,
868 SSL_ALL_CIPHERS,
869 SSL_ALL_STRENGTHS,
870 },
871 /* Cipher 32 */
872 {
873 1,
874 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
875 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
876 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
877 SSL_NOT_EXP|SSL_MEDIUM,
878 0,
879 128,
880 128,
881 SSL_ALL_CIPHERS,
882 SSL_ALL_STRENGTHS,
883 },
884 /* Cipher 33 */
885 {
886 1,
887 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
888 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
889 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
890 SSL_NOT_EXP|SSL_MEDIUM,
891 0,
892 128,
893 128,
894 SSL_ALL_CIPHERS,
895 SSL_ALL_STRENGTHS,
896 },
897 /* Cipher 34 */
898 {
899 1,
900 TLS1_TXT_ADH_WITH_AES_128_SHA,
901 TLS1_CK_ADH_WITH_AES_128_SHA,
902 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
903 SSL_NOT_EXP|SSL_MEDIUM,
904 0,
905 128,
906 128,
907 SSL_ALL_CIPHERS,
908 SSL_ALL_STRENGTHS,
909 },
910
911 /* Cipher 35 */
912 {
913 1,
914 TLS1_TXT_RSA_WITH_AES_256_SHA,
915 TLS1_CK_RSA_WITH_AES_256_SHA,
916 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
917 SSL_NOT_EXP|SSL_HIGH,
918 0,
919 256,
920 256,
921 SSL_ALL_CIPHERS,
922 SSL_ALL_STRENGTHS,
923 },
924 /* Cipher 36 */
925 {
926 0,
927 TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
928 TLS1_CK_DH_DSS_WITH_AES_256_SHA,
929 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
930 SSL_NOT_EXP|SSL_HIGH,
931 0,
932 256,
933 256,
934 SSL_ALL_CIPHERS,
935 SSL_ALL_STRENGTHS,
936 },
937 /* Cipher 37 */
938 {
939 0,
940 TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
941 TLS1_CK_DH_RSA_WITH_AES_256_SHA,
942 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
943 SSL_NOT_EXP|SSL_HIGH,
944 0,
945 256,
946 256,
947 SSL_ALL_CIPHERS,
948 SSL_ALL_STRENGTHS,
949 },
950 /* Cipher 38 */
951 {
952 1,
953 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
954 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
955 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
956 SSL_NOT_EXP|SSL_HIGH,
957 0,
958 256,
959 256,
960 SSL_ALL_CIPHERS,
961 SSL_ALL_STRENGTHS,
962 },
963 /* Cipher 39 */
964 {
965 1,
966 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
967 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
968 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
969 SSL_NOT_EXP|SSL_HIGH,
970 0,
971 256,
972 256,
973 SSL_ALL_CIPHERS,
974 SSL_ALL_STRENGTHS,
975 },
976 /* Cipher 3A */
977 {
978 1,
979 TLS1_TXT_ADH_WITH_AES_256_SHA,
980 TLS1_CK_ADH_WITH_AES_256_SHA,
981 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
982 SSL_NOT_EXP|SSL_HIGH,
983 0,
984 256,
985 256,
986 SSL_ALL_CIPHERS,
987 SSL_ALL_STRENGTHS,
988 },
989
990/* end of list */
991 };
992
993static SSL3_ENC_METHOD SSLv3_enc_data={
994 ssl3_enc,
995 ssl3_mac,
996 ssl3_setup_key_block,
997 ssl3_generate_master_secret,
998 ssl3_change_cipher_state,
999 ssl3_final_finish_mac,
1000 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
1001 ssl3_cert_verify_mac,
1002 SSL3_MD_CLIENT_FINISHED_CONST,4,
1003 SSL3_MD_SERVER_FINISHED_CONST,4,
1004 ssl3_alert_code,
1005 };
1006
1007static SSL_METHOD SSLv3_data= {
1008 SSL3_VERSION,
1009 ssl3_new,
1010 ssl3_clear,
1011 ssl3_free,
1012 ssl_undefined_function,
1013 ssl_undefined_function,
1014 ssl3_read,
1015 ssl3_peek,
1016 ssl3_write,
1017 ssl3_shutdown,
1018 ssl3_renegotiate,
1019 ssl3_renegotiate_check,
1020 ssl3_ctrl,
1021 ssl3_ctx_ctrl,
1022 ssl3_get_cipher_by_char,
1023 ssl3_put_cipher_by_char,
1024 ssl3_pending,
1025 ssl3_num_ciphers,
1026 ssl3_get_cipher,
1027 ssl_bad_method,
1028 ssl3_default_timeout,
1029 &SSLv3_enc_data,
1030 ssl_undefined_function,
1031 ssl3_callback_ctrl,
1032 ssl3_ctx_callback_ctrl,
1033 };
1034
1035static long ssl3_default_timeout(void)
1036 {
1037 /* 2 hours, the 24 hours mentioned in the SSLv3 spec
1038 * is way too long for http, the cache would over fill */
1039 return(60*60*2);
1040 }
1041
1042SSL_METHOD *sslv3_base_method(void)
1043 {
1044 return(&SSLv3_data);
1045 }
1046
1047int ssl3_num_ciphers(void)
1048 {
1049 return(SSL3_NUM_CIPHERS);
1050 }
1051
1052SSL_CIPHER *ssl3_get_cipher(unsigned int u)
1053 {
1054 if (u < SSL3_NUM_CIPHERS)
1055 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
1056 else
1057 return(NULL);
1058 }
1059
1060int ssl3_pending(SSL *s)
1061 {
1062 if (s->rstate == SSL_ST_READ_BODY)
1063 return 0;
1064
1065 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
1066 }
1067
1068int ssl3_new(SSL *s)
1069 {
1070 SSL3_STATE *s3;
1071
1072 if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
1073 memset(s3,0,sizeof *s3);
1074 EVP_MD_CTX_init(&s3->finish_dgst1);
1075 EVP_MD_CTX_init(&s3->finish_dgst2);
1076
1077 s->s3=s3;
1078
1079 s->method->ssl_clear(s);
1080 return(1);
1081err:
1082 return(0);
1083 }
1084
1085void ssl3_free(SSL *s)
1086 {
1087 if(s == NULL)
1088 return;
1089
1090 ssl3_cleanup_key_block(s);
1091 if (s->s3->rbuf.buf != NULL)
1092 OPENSSL_free(s->s3->rbuf.buf);
1093 if (s->s3->wbuf.buf != NULL)
1094 OPENSSL_free(s->s3->wbuf.buf);
1095 if (s->s3->rrec.comp != NULL)
1096 OPENSSL_free(s->s3->rrec.comp);
1097#ifndef OPENSSL_NO_DH
1098 if (s->s3->tmp.dh != NULL)
1099 DH_free(s->s3->tmp.dh);
1100#endif
1101 if (s->s3->tmp.ca_names != NULL)
1102 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1103 EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1104 EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1105 OPENSSL_cleanse(s->s3,sizeof *s->s3);
1106 OPENSSL_free(s->s3);
1107 s->s3=NULL;
1108 }
1109
1110void ssl3_clear(SSL *s)
1111 {
1112 unsigned char *rp,*wp;
1113 size_t rlen, wlen;
1114
1115 ssl3_cleanup_key_block(s);
1116 if (s->s3->tmp.ca_names != NULL)
1117 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1118
1119 if (s->s3->rrec.comp != NULL)
1120 {
1121 OPENSSL_free(s->s3->rrec.comp);
1122 s->s3->rrec.comp=NULL;
1123 }
1124#ifndef OPENSSL_NO_DH
1125 if (s->s3->tmp.dh != NULL)
1126 DH_free(s->s3->tmp.dh);
1127#endif
1128
1129 rp = s->s3->rbuf.buf;
1130 wp = s->s3->wbuf.buf;
1131 rlen = s->s3->rbuf.len;
1132 wlen = s->s3->wbuf.len;
1133
1134 EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1135 EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1136
1137 memset(s->s3,0,sizeof *s->s3);
1138 s->s3->rbuf.buf = rp;
1139 s->s3->wbuf.buf = wp;
1140 s->s3->rbuf.len = rlen;
1141 s->s3->wbuf.len = wlen;
1142
1143 ssl_free_wbio_buffer(s);
1144
1145 s->packet_length=0;
1146 s->s3->renegotiate=0;
1147 s->s3->total_renegotiations=0;
1148 s->s3->num_renegotiations=0;
1149 s->s3->in_read_app_data=0;
1150 s->version=SSL3_VERSION;
1151 }
1152
1153long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1154 {
1155 int ret=0;
1156
1157#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1158 if (
1159#ifndef OPENSSL_NO_RSA
1160 cmd == SSL_CTRL_SET_TMP_RSA ||
1161 cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1162#endif
1163#ifndef OPENSSL_NO_DSA
1164 cmd == SSL_CTRL_SET_TMP_DH ||
1165 cmd == SSL_CTRL_SET_TMP_DH_CB ||
1166#endif
1167 0)
1168 {
1169 if (!ssl_cert_inst(&s->cert))
1170 {
1171 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
1172 return(0);
1173 }
1174 }
1175#endif
1176
1177 switch (cmd)
1178 {
1179 case SSL_CTRL_GET_SESSION_REUSED:
1180 ret=s->hit;
1181 break;
1182 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
1183 break;
1184 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
1185 ret=s->s3->num_renegotiations;
1186 break;
1187 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
1188 ret=s->s3->num_renegotiations;
1189 s->s3->num_renegotiations=0;
1190 break;
1191 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
1192 ret=s->s3->total_renegotiations;
1193 break;
1194 case SSL_CTRL_GET_FLAGS:
1195 ret=(int)(s->s3->flags);
1196 break;
1197#ifndef OPENSSL_NO_RSA
1198 case SSL_CTRL_NEED_TMP_RSA:
1199 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
1200 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1201 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
1202 ret = 1;
1203 break;
1204 case SSL_CTRL_SET_TMP_RSA:
1205 {
1206 RSA *rsa = (RSA *)parg;
1207 if (rsa == NULL)
1208 {
1209 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1210 return(ret);
1211 }
1212 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
1213 {
1214 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
1215 return(ret);
1216 }
1217 if (s->cert->rsa_tmp != NULL)
1218 RSA_free(s->cert->rsa_tmp);
1219 s->cert->rsa_tmp = rsa;
1220 ret = 1;
1221 }
1222 break;
1223 case SSL_CTRL_SET_TMP_RSA_CB:
1224 {
1225 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1226 return(ret);
1227 }
1228 break;
1229#endif
1230#ifndef OPENSSL_NO_DH
1231 case SSL_CTRL_SET_TMP_DH:
1232 {
1233 DH *dh = (DH *)parg;
1234 if (dh == NULL)
1235 {
1236 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1237 return(ret);
1238 }
1239 if ((dh = DHparams_dup(dh)) == NULL)
1240 {
1241 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1242 return(ret);
1243 }
1244 if (!(s->options & SSL_OP_SINGLE_DH_USE))
1245 {
1246 if (!DH_generate_key(dh))
1247 {
1248 DH_free(dh);
1249 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1250 return(ret);
1251 }
1252 }
1253 if (s->cert->dh_tmp != NULL)
1254 DH_free(s->cert->dh_tmp);
1255 s->cert->dh_tmp = dh;
1256 ret = 1;
1257 }
1258 break;
1259 case SSL_CTRL_SET_TMP_DH_CB:
1260 {
1261 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1262 return(ret);
1263 }
1264 break;
1265#endif
1266 default:
1267 break;
1268 }
1269 return(ret);
1270 }
1271
1272long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
1273 {
1274 int ret=0;
1275
1276#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1277 if (
1278#ifndef OPENSSL_NO_RSA
1279 cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1280#endif
1281#ifndef OPENSSL_NO_DSA
1282 cmd == SSL_CTRL_SET_TMP_DH_CB ||
1283#endif
1284 0)
1285 {
1286 if (!ssl_cert_inst(&s->cert))
1287 {
1288 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
1289 return(0);
1290 }
1291 }
1292#endif
1293
1294 switch (cmd)
1295 {
1296#ifndef OPENSSL_NO_RSA
1297 case SSL_CTRL_SET_TMP_RSA_CB:
1298 {
1299 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1300 }
1301 break;
1302#endif
1303#ifndef OPENSSL_NO_DH
1304 case SSL_CTRL_SET_TMP_DH_CB:
1305 {
1306 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1307 }
1308 break;
1309#endif
1310 default:
1311 break;
1312 }
1313 return(ret);
1314 }
1315
1316long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1317 {
1318 CERT *cert;
1319
1320 cert=ctx->cert;
1321
1322 switch (cmd)
1323 {
1324#ifndef OPENSSL_NO_RSA
1325 case SSL_CTRL_NEED_TMP_RSA:
1326 if ( (cert->rsa_tmp == NULL) &&
1327 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1328 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
1329 )
1330 return(1);
1331 else
1332 return(0);
1333 /* break; */
1334 case SSL_CTRL_SET_TMP_RSA:
1335 {
1336 RSA *rsa;
1337 int i;
1338
1339 rsa=(RSA *)parg;
1340 i=1;
1341 if (rsa == NULL)
1342 i=0;
1343 else
1344 {
1345 if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
1346 i=0;
1347 }
1348 if (!i)
1349 {
1350 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
1351 return(0);
1352 }
1353 else
1354 {
1355 if (cert->rsa_tmp != NULL)
1356 RSA_free(cert->rsa_tmp);
1357 cert->rsa_tmp=rsa;
1358 return(1);
1359 }
1360 }
1361 /* break; */
1362 case SSL_CTRL_SET_TMP_RSA_CB:
1363 {
1364 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1365 return(0);
1366 }
1367 break;
1368#endif
1369#ifndef OPENSSL_NO_DH
1370 case SSL_CTRL_SET_TMP_DH:
1371 {
1372 DH *new=NULL,*dh;
1373
1374 dh=(DH *)parg;
1375 if ((new=DHparams_dup(dh)) == NULL)
1376 {
1377 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1378 return 0;
1379 }
1380 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1381 {
1382 if (!DH_generate_key(new))
1383 {
1384 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1385 DH_free(new);
1386 return 0;
1387 }
1388 }
1389 if (cert->dh_tmp != NULL)
1390 DH_free(cert->dh_tmp);
1391 cert->dh_tmp=new;
1392 return 1;
1393 }
1394 /*break; */
1395 case SSL_CTRL_SET_TMP_DH_CB:
1396 {
1397 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1398 return(0);
1399 }
1400 break;
1401#endif
1402 /* A Thawte special :-) */
1403 case SSL_CTRL_EXTRA_CHAIN_CERT:
1404 if (ctx->extra_certs == NULL)
1405 {
1406 if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1407 return(0);
1408 }
1409 sk_X509_push(ctx->extra_certs,(X509 *)parg);
1410 break;
1411
1412 default:
1413 return(0);
1414 }
1415 return(1);
1416 }
1417
1418long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
1419 {
1420 CERT *cert;
1421
1422 cert=ctx->cert;
1423
1424 switch (cmd)
1425 {
1426#ifndef OPENSSL_NO_RSA
1427 case SSL_CTRL_SET_TMP_RSA_CB:
1428 {
1429 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1430 }
1431 break;
1432#endif
1433#ifndef OPENSSL_NO_DH
1434 case SSL_CTRL_SET_TMP_DH_CB:
1435 {
1436 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1437 }
1438 break;
1439#endif
1440 default:
1441 return(0);
1442 }
1443 return(1);
1444 }
1445
1446/* This function needs to check if the ciphers required are actually
1447 * available */
1448SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
1449 {
1450 static int init=1;
1451 static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
1452 SSL_CIPHER c,*cp= &c,**cpp;
1453 unsigned long id;
1454 int i;
1455
1456 if (init)
1457 {
1458 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
1459
1460 if (init)
1461 {
1462 for (i=0; i<SSL3_NUM_CIPHERS; i++)
1463 sorted[i]= &(ssl3_ciphers[i]);
1464
1465 qsort(sorted,
1466 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1467 FP_ICC ssl_cipher_ptr_id_cmp);
1468
1469 init=0;
1470 }
1471
1472 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
1473 }
1474
1475 id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
1476 c.id=id;
1477 cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
1478 (char *)sorted,
1479 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1480 FP_ICC ssl_cipher_ptr_id_cmp);
1481 if ((cpp == NULL) || !(*cpp)->valid)
1482 return(NULL);
1483 else
1484 return(*cpp);
1485 }
1486
1487int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
1488 {
1489 long l;
1490
1491 if (p != NULL)
1492 {
1493 l=c->id;
1494 if ((l & 0xff000000) != 0x03000000) return(0);
1495 p[0]=((unsigned char)(l>> 8L))&0xFF;
1496 p[1]=((unsigned char)(l ))&0xFF;
1497 }
1498 return(2);
1499 }
1500
1501SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
1502 STACK_OF(SSL_CIPHER) *srvr)
1503 {
1504 SSL_CIPHER *c,*ret=NULL;
1505 STACK_OF(SSL_CIPHER) *prio, *allow;
1506 int i,j,ok;
1507 CERT *cert;
1508 unsigned long alg,mask,emask;
1509
1510 /* Let's see which ciphers we can support */
1511 cert=s->cert;
1512
1513#if 0
1514 /* Do not set the compare functions, because this may lead to a
1515 * reordering by "id". We want to keep the original ordering.
1516 * We may pay a price in performance during sk_SSL_CIPHER_find(),
1517 * but would have to pay with the price of sk_SSL_CIPHER_dup().
1518 */
1519 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
1520 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
1521#endif
1522
1523#ifdef CIPHER_DEBUG
1524 printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
1525 for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
1526 {
1527 c=sk_SSL_CIPHER_value(srvr,i);
1528 printf("%p:%s\n",c,c->name);
1529 }
1530 printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
1531 for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
1532 {
1533 c=sk_SSL_CIPHER_value(clnt,i);
1534 printf("%p:%s\n",c,c->name);
1535 }
1536#endif
1537
1538 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
1539 {
1540 prio = srvr;
1541 allow = clnt;
1542 }
1543 else
1544 {
1545 prio = clnt;
1546 allow = srvr;
1547 }
1548
1549 for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
1550 {
1551 c=sk_SSL_CIPHER_value(prio,i);
1552
1553 ssl_set_cert_masks(cert,c);
1554 mask=cert->mask;
1555 emask=cert->export_mask;
1556
1557#ifdef KSSL_DEBUG
1558 printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
1559#endif /* KSSL_DEBUG */
1560
1561 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1562#ifndef OPENSSL_NO_KRB5
1563 if (alg & SSL_KRB5)
1564 {
1565 if ( !kssl_keytab_is_available(s->kssl_ctx) )
1566 continue;
1567 }
1568#endif /* OPENSSL_NO_KRB5 */
1569 if (SSL_C_IS_EXPORT(c))
1570 {
1571 ok=((alg & emask) == alg)?1:0;
1572#ifdef CIPHER_DEBUG
1573 printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
1574 c,c->name);
1575#endif
1576 }
1577 else
1578 {
1579 ok=((alg & mask) == alg)?1:0;
1580#ifdef CIPHER_DEBUG
1581 printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
1582 c->name);
1583#endif
1584 }
1585
1586 if (!ok) continue;
1587
1588 j=sk_SSL_CIPHER_find(allow,c);
1589 if (j >= 0)
1590 {
1591 ret=sk_SSL_CIPHER_value(allow,j);
1592 break;
1593 }
1594 }
1595 return(ret);
1596 }
1597
1598int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
1599 {
1600 int ret=0;
1601 unsigned long alg;
1602
1603 alg=s->s3->tmp.new_cipher->algorithms;
1604
1605#ifndef OPENSSL_NO_DH
1606 if (alg & (SSL_kDHr|SSL_kEDH))
1607 {
1608# ifndef OPENSSL_NO_RSA
1609 p[ret++]=SSL3_CT_RSA_FIXED_DH;
1610# endif
1611# ifndef OPENSSL_NO_DSA
1612 p[ret++]=SSL3_CT_DSS_FIXED_DH;
1613# endif
1614 }
1615 if ((s->version == SSL3_VERSION) &&
1616 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
1617 {
1618# ifndef OPENSSL_NO_RSA
1619 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
1620# endif
1621# ifndef OPENSSL_NO_DSA
1622 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
1623# endif
1624 }
1625#endif /* !OPENSSL_NO_DH */
1626#ifndef OPENSSL_NO_RSA
1627 p[ret++]=SSL3_CT_RSA_SIGN;
1628#endif
1629#ifndef OPENSSL_NO_DSA
1630 p[ret++]=SSL3_CT_DSS_SIGN;
1631#endif
1632 return(ret);
1633 }
1634
1635int ssl3_shutdown(SSL *s)
1636 {
1637
1638 /* Don't do anything much if we have not done the handshake or
1639 * we don't want to send messages :-) */
1640 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
1641 {
1642 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
1643 return(1);
1644 }
1645
1646 if (!(s->shutdown & SSL_SENT_SHUTDOWN))
1647 {
1648 s->shutdown|=SSL_SENT_SHUTDOWN;
1649#if 1
1650 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
1651#endif
1652 /* our shutdown alert has been sent now, and if it still needs
1653 * to be written, s->s3->alert_dispatch will be true */
1654 }
1655 else if (s->s3->alert_dispatch)
1656 {
1657 /* resend it if not sent */
1658#if 1
1659 ssl3_dispatch_alert(s);
1660#endif
1661 }
1662 else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
1663 {
1664 /* If we are waiting for a close from our peer, we are closed */
1665 ssl3_read_bytes(s,0,NULL,0,0);
1666 }
1667
1668 if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
1669 !s->s3->alert_dispatch)
1670 return(1);
1671 else
1672 return(0);
1673 }
1674
1675int ssl3_write(SSL *s, const void *buf, int len)
1676 {
1677 int ret,n;
1678
1679#if 0
1680 if (s->shutdown & SSL_SEND_SHUTDOWN)
1681 {
1682 s->rwstate=SSL_NOTHING;
1683 return(0);
1684 }
1685#endif
1686 clear_sys_error();
1687 if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1688
1689 /* This is an experimental flag that sends the
1690 * last handshake message in the same packet as the first
1691 * use data - used to see if it helps the TCP protocol during
1692 * session-id reuse */
1693 /* The second test is because the buffer may have been removed */
1694 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
1695 {
1696 /* First time through, we write into the buffer */
1697 if (s->s3->delay_buf_pop_ret == 0)
1698 {
1699 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1700 buf,len);
1701 if (ret <= 0) return(ret);
1702
1703 s->s3->delay_buf_pop_ret=ret;
1704 }
1705
1706 s->rwstate=SSL_WRITING;
1707 n=BIO_flush(s->wbio);
1708 if (n <= 0) return(n);
1709 s->rwstate=SSL_NOTHING;
1710
1711 /* We have flushed the buffer, so remove it */
1712 ssl_free_wbio_buffer(s);
1713 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
1714
1715 ret=s->s3->delay_buf_pop_ret;
1716 s->s3->delay_buf_pop_ret=0;
1717 }
1718 else
1719 {
1720 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1721 buf,len);
1722 if (ret <= 0) return(ret);
1723 }
1724
1725 return(ret);
1726 }
1727
1728static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
1729 {
1730 int ret;
1731
1732 clear_sys_error();
1733 if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1734 s->s3->in_read_app_data=1;
1735 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1736 if ((ret == -1) && (s->s3->in_read_app_data == 2))
1737 {
1738 /* ssl3_read_bytes decided to call s->handshake_func, which
1739 * called ssl3_read_bytes to read handshake data.
1740 * However, ssl3_read_bytes actually found application data
1741 * and thinks that application data makes sense here; so disable
1742 * handshake processing and try to read application data again. */
1743 s->in_handshake++;
1744 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1745 s->in_handshake--;
1746 }
1747 else
1748 s->s3->in_read_app_data=0;
1749
1750 return(ret);
1751 }
1752
1753int ssl3_read(SSL *s, void *buf, int len)
1754 {
1755 return ssl3_read_internal(s, buf, len, 0);
1756 }
1757
1758int ssl3_peek(SSL *s, void *buf, int len)
1759 {
1760 return ssl3_read_internal(s, buf, len, 1);
1761 }
1762
1763int ssl3_renegotiate(SSL *s)
1764 {
1765 if (s->handshake_func == NULL)
1766 return(1);
1767
1768 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
1769 return(0);
1770
1771 s->s3->renegotiate=1;
1772 return(1);
1773 }
1774
1775int ssl3_renegotiate_check(SSL *s)
1776 {
1777 int ret=0;
1778
1779 if (s->s3->renegotiate)
1780 {
1781 if ( (s->s3->rbuf.left == 0) &&
1782 (s->s3->wbuf.left == 0) &&
1783 !SSL_in_init(s))
1784 {
1785/*
1786if we are the server, and we have sent a 'RENEGOTIATE' message, we
1787need to go to SSL_ST_ACCEPT.
1788*/
1789 /* SSL_ST_ACCEPT */
1790 s->state=SSL_ST_RENEGOTIATE;
1791 s->s3->renegotiate=0;
1792 s->s3->num_renegotiations++;
1793 s->s3->total_renegotiations++;
1794 ret=1;
1795 }
1796 }
1797 return(ret);
1798 }
1799
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
deleted file mode 100644
index 9f3e5139ad..0000000000
--- a/src/lib/libssl/s3_pkt.c
+++ /dev/null
@@ -1,1310 +0,0 @@
1/* ssl/s3_pkt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include <errno.h>
114#define USE_SOCKETS
115#include "ssl_locl.h"
116#include <openssl/evp.h>
117#include <openssl/buffer.h>
118
119static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
120 unsigned int len, int create_empty_fragment);
121static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
122 unsigned int len);
123static int ssl3_get_record(SSL *s);
124static int do_compress(SSL *ssl);
125static int do_uncompress(SSL *ssl);
126static int do_change_cipher_spec(SSL *ssl);
127
128/* used only by ssl3_get_record */
129static int ssl3_read_n(SSL *s, int n, int max, int extend)
130 {
131 /* If extend == 0, obtain new n-byte packet; if extend == 1, increase
132 * packet by another n bytes.
133 * The packet will be in the sub-array of s->s3->rbuf.buf specified
134 * by s->packet and s->packet_length.
135 * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
136 * [plus s->packet_length bytes if extend == 1].)
137 */
138 int i,off,newb;
139
140 if (!extend)
141 {
142 /* start with empty packet ... */
143 if (s->s3->rbuf.left == 0)
144 s->s3->rbuf.offset = 0;
145 s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset;
146 s->packet_length = 0;
147 /* ... now we can act as if 'extend' was set */
148 }
149
150 /* if there is enough in the buffer from a previous read, take some */
151 if (s->s3->rbuf.left >= (int)n)
152 {
153 s->packet_length+=n;
154 s->s3->rbuf.left-=n;
155 s->s3->rbuf.offset+=n;
156 return(n);
157 }
158
159 /* else we need to read more data */
160 if (!s->read_ahead)
161 max=n;
162
163 {
164 /* avoid buffer overflow */
165 int max_max = s->s3->rbuf.len - s->packet_length;
166 if (max > max_max)
167 max = max_max;
168 }
169 if (n > max) /* does not happen */
170 {
171 SSLerr(SSL_F_SSL3_READ_N,ERR_R_INTERNAL_ERROR);
172 return -1;
173 }
174
175 off = s->packet_length;
176 newb = s->s3->rbuf.left;
177 /* Move any available bytes to front of buffer:
178 * 'off' bytes already pointed to by 'packet',
179 * 'newb' extra ones at the end */
180 if (s->packet != s->s3->rbuf.buf)
181 {
182 /* off > 0 */
183 memmove(s->s3->rbuf.buf, s->packet, off+newb);
184 s->packet = s->s3->rbuf.buf;
185 }
186
187 while (newb < n)
188 {
189 /* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need
190 * to read in more until we have off+n (up to off+max if possible) */
191
192 clear_sys_error();
193 if (s->rbio != NULL)
194 {
195 s->rwstate=SSL_READING;
196 i=BIO_read(s->rbio, &(s->s3->rbuf.buf[off+newb]), max-newb);
197 }
198 else
199 {
200 SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET);
201 i = -1;
202 }
203
204 if (i <= 0)
205 {
206 s->s3->rbuf.left = newb;
207 return(i);
208 }
209 newb+=i;
210 }
211
212 /* done reading, now the book-keeping */
213 s->s3->rbuf.offset = off + n;
214 s->s3->rbuf.left = newb - n;
215 s->packet_length += n;
216 s->rwstate=SSL_NOTHING;
217 return(n);
218 }
219
220/* Call this to get a new input record.
221 * It will return <= 0 if more data is needed, normally due to an error
222 * or non-blocking IO.
223 * When it finishes, one packet has been decoded and can be found in
224 * ssl->s3->rrec.type - is the type of record
225 * ssl->s3->rrec.data, - data
226 * ssl->s3->rrec.length, - number of bytes
227 */
228/* used only by ssl3_read_bytes */
229static int ssl3_get_record(SSL *s)
230 {
231 int ssl_major,ssl_minor,al;
232 int enc_err,n,i,ret= -1;
233 SSL3_RECORD *rr;
234 SSL_SESSION *sess;
235 unsigned char *p;
236 unsigned char md[EVP_MAX_MD_SIZE];
237 short version;
238 unsigned int mac_size;
239 int clear=0;
240 size_t extra;
241 int decryption_failed_or_bad_record_mac = 0;
242 unsigned char *mac = NULL;
243
244 rr= &(s->s3->rrec);
245 sess=s->session;
246
247 if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
248 extra=SSL3_RT_MAX_EXTRA;
249 else
250 extra=0;
251 if (extra != s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE)
252 {
253 /* actually likely an application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
254 * set after ssl3_setup_buffers() was done */
255 SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);
256 return -1;
257 }
258
259again:
260 /* check if we have the header */
261 if ( (s->rstate != SSL_ST_READ_BODY) ||
262 (s->packet_length < SSL3_RT_HEADER_LENGTH))
263 {
264 n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
265 if (n <= 0) return(n); /* error or non-blocking */
266 s->rstate=SSL_ST_READ_BODY;
267
268 p=s->packet;
269
270 /* Pull apart the header into the SSL3_RECORD */
271 rr->type= *(p++);
272 ssl_major= *(p++);
273 ssl_minor= *(p++);
274 version=(ssl_major<<8)|ssl_minor;
275 n2s(p,rr->length);
276
277 /* Lets check version */
278 if (s->first_packet)
279 {
280 s->first_packet=0;
281 }
282 else
283 {
284 if (version != s->version)
285 {
286 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
287 /* Send back error using their
288 * version number :-) */
289 s->version=version;
290 al=SSL_AD_PROTOCOL_VERSION;
291 goto f_err;
292 }
293 }
294
295 if ((version>>8) != SSL3_VERSION_MAJOR)
296 {
297 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
298 goto err;
299 }
300
301 if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
302 {
303 al=SSL_AD_RECORD_OVERFLOW;
304 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
305 goto f_err;
306 }
307
308 /* now s->rstate == SSL_ST_READ_BODY */
309 }
310
311 /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
312
313 if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH)
314 {
315 /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
316 i=rr->length;
317 n=ssl3_read_n(s,i,i,1);
318 if (n <= 0) return(n); /* error or non-blocking io */
319 /* now n == rr->length,
320 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
321 }
322
323 s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
324
325 /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
326 * and we have that many bytes in s->packet
327 */
328 rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);
329
330 /* ok, we can now read from 's->packet' data into 'rr'
331 * rr->input points at rr->length bytes, which
332 * need to be copied into rr->data by either
333 * the decryption or by the decompression
334 * When the data is 'copied' into the rr->data buffer,
335 * rr->input will be pointed at the new buffer */
336
337 /* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
338 * rr->length bytes of encrypted compressed stuff. */
339
340 /* check is not needed I believe */
341 if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
342 {
343 al=SSL_AD_RECORD_OVERFLOW;
344 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
345 goto f_err;
346 }
347
348 /* decrypt in place in 'rr->input' */
349 rr->data=rr->input;
350
351 enc_err = s->method->ssl3_enc->enc(s,0);
352 if (enc_err <= 0)
353 {
354 if (enc_err == 0)
355 /* SSLerr() and ssl3_send_alert() have been called */
356 goto err;
357
358 /* Otherwise enc_err == -1, which indicates bad padding
359 * (rec->length has not been changed in this case).
360 * To minimize information leaked via timing, we will perform
361 * the MAC computation anyway. */
362 decryption_failed_or_bad_record_mac = 1;
363 }
364
365#ifdef TLS_DEBUG
366printf("dec %d\n",rr->length);
367{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
368printf("\n");
369#endif
370
371 /* r->length is now the compressed data plus mac */
372 if ( (sess == NULL) ||
373 (s->enc_read_ctx == NULL) ||
374 (s->read_hash == NULL))
375 clear=1;
376
377 if (!clear)
378 {
379 mac_size=EVP_MD_size(s->read_hash);
380
381 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
382 {
383#if 0 /* OK only for stream ciphers (then rr->length is visible from ciphertext anyway) */
384 al=SSL_AD_RECORD_OVERFLOW;
385 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
386 goto f_err;
387#else
388 decryption_failed_or_bad_record_mac = 1;
389#endif
390 }
391 /* check the MAC for rr->input (it's in mac_size bytes at the tail) */
392 if (rr->length >= mac_size)
393 {
394 rr->length -= mac_size;
395 mac = &rr->data[rr->length];
396 }
397 else
398 {
399 /* record (minus padding) is too short to contain a MAC */
400#if 0 /* OK only for stream ciphers */
401 al=SSL_AD_DECODE_ERROR;
402 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
403 goto f_err;
404#else
405 decryption_failed_or_bad_record_mac = 1;
406 rr->length = 0;
407#endif
408 }
409 i=s->method->ssl3_enc->mac(s,md,0);
410 if (mac == NULL || memcmp(md, mac, mac_size) != 0)
411 {
412 decryption_failed_or_bad_record_mac = 1;
413 }
414 }
415
416 if (decryption_failed_or_bad_record_mac)
417 {
418 /* A separate 'decryption_failed' alert was introduced with TLS 1.0,
419 * SSL 3.0 only has 'bad_record_mac'. But unless a decryption
420 * failure is directly visible from the ciphertext anyway,
421 * we should not reveal which kind of error occured -- this
422 * might become visible to an attacker (e.g. via a logfile) */
423 al=SSL_AD_BAD_RECORD_MAC;
424 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
425 goto f_err;
426 }
427
428 /* r->length is now just compressed */
429 if (s->expand != NULL)
430 {
431 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
432 {
433 al=SSL_AD_RECORD_OVERFLOW;
434 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
435 goto f_err;
436 }
437 if (!do_uncompress(s))
438 {
439 al=SSL_AD_DECOMPRESSION_FAILURE;
440 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
441 goto f_err;
442 }
443 }
444
445 if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra)
446 {
447 al=SSL_AD_RECORD_OVERFLOW;
448 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
449 goto f_err;
450 }
451
452 rr->off=0;
453 /* So at this point the following is true
454 * ssl->s3->rrec.type is the type of record
455 * ssl->s3->rrec.length == number of bytes in record
456 * ssl->s3->rrec.off == offset to first valid byte
457 * ssl->s3->rrec.data == where to take bytes from, increment
458 * after use :-).
459 */
460
461 /* we have pulled in a full packet so zero things */
462 s->packet_length=0;
463
464 /* just read a 0 length packet */
465 if (rr->length == 0) goto again;
466
467 return(1);
468
469f_err:
470 ssl3_send_alert(s,SSL3_AL_FATAL,al);
471err:
472 return(ret);
473 }
474
475static int do_uncompress(SSL *ssl)
476 {
477 int i;
478 SSL3_RECORD *rr;
479
480 rr= &(ssl->s3->rrec);
481 i=COMP_expand_block(ssl->expand,rr->comp,
482 SSL3_RT_MAX_PLAIN_LENGTH,rr->data,(int)rr->length);
483 if (i < 0)
484 return(0);
485 else
486 rr->length=i;
487 rr->data=rr->comp;
488
489 return(1);
490 }
491
492static int do_compress(SSL *ssl)
493 {
494 int i;
495 SSL3_RECORD *wr;
496
497 wr= &(ssl->s3->wrec);
498 i=COMP_compress_block(ssl->compress,wr->data,
499 SSL3_RT_MAX_COMPRESSED_LENGTH,
500 wr->input,(int)wr->length);
501 if (i < 0)
502 return(0);
503 else
504 wr->length=i;
505
506 wr->input=wr->data;
507 return(1);
508 }
509
510/* Call this to write data in records of type 'type'
511 * It will return <= 0 if not all data has been sent or non-blocking IO.
512 */
513int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
514 {
515 const unsigned char *buf=buf_;
516 unsigned int tot,n,nw;
517 int i;
518
519 s->rwstate=SSL_NOTHING;
520 tot=s->s3->wnum;
521 s->s3->wnum=0;
522
523 if (SSL_in_init(s) && !s->in_handshake)
524 {
525 i=s->handshake_func(s);
526 if (i < 0) return(i);
527 if (i == 0)
528 {
529 SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
530 return -1;
531 }
532 }
533
534 n=(len-tot);
535 for (;;)
536 {
537 if (n > SSL3_RT_MAX_PLAIN_LENGTH)
538 nw=SSL3_RT_MAX_PLAIN_LENGTH;
539 else
540 nw=n;
541
542 i=do_ssl3_write(s, type, &(buf[tot]), nw, 0);
543 if (i <= 0)
544 {
545 s->s3->wnum=tot;
546 return i;
547 }
548
549 if ((i == (int)n) ||
550 (type == SSL3_RT_APPLICATION_DATA &&
551 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)))
552 {
553 /* next chunk of data should get another prepended empty fragment
554 * in ciphersuites with known-IV weakness: */
555 s->s3->empty_fragment_done = 0;
556
557 return tot+i;
558 }
559
560 n-=i;
561 tot+=i;
562 }
563 }
564
565static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
566 unsigned int len, int create_empty_fragment)
567 {
568 unsigned char *p,*plen;
569 int i,mac_size,clear=0;
570 int prefix_len = 0;
571 SSL3_RECORD *wr;
572 SSL3_BUFFER *wb;
573 SSL_SESSION *sess;
574
575 /* first check if there is a SSL3_BUFFER still being written
576 * out. This will happen with non blocking IO */
577 if (s->s3->wbuf.left != 0)
578 return(ssl3_write_pending(s,type,buf,len));
579
580 /* If we have an alert to send, lets send it */
581 if (s->s3->alert_dispatch)
582 {
583 i=ssl3_dispatch_alert(s);
584 if (i <= 0)
585 return(i);
586 /* if it went, fall through and send more stuff */
587 }
588
589 if (len == 0 && !create_empty_fragment)
590 return 0;
591
592 wr= &(s->s3->wrec);
593 wb= &(s->s3->wbuf);
594 sess=s->session;
595
596 if ( (sess == NULL) ||
597 (s->enc_write_ctx == NULL) ||
598 (s->write_hash == NULL))
599 clear=1;
600
601 if (clear)
602 mac_size=0;
603 else
604 mac_size=EVP_MD_size(s->write_hash);
605
606 /* 'create_empty_fragment' is true only when this function calls itself */
607 if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done)
608 {
609 /* countermeasure against known-IV weakness in CBC ciphersuites
610 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
611
612 if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA)
613 {
614 /* recursive function call with 'create_empty_fragment' set;
615 * this prepares and buffers the data for an empty fragment
616 * (these 'prefix_len' bytes are sent out later
617 * together with the actual payload) */
618 prefix_len = do_ssl3_write(s, type, buf, 0, 1);
619 if (prefix_len <= 0)
620 goto err;
621
622 if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE)
623 {
624 /* insufficient space */
625 SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);
626 goto err;
627 }
628 }
629
630 s->s3->empty_fragment_done = 1;
631 }
632
633 p = wb->buf + prefix_len;
634
635 /* write the header */
636
637 *(p++)=type&0xff;
638 wr->type=type;
639
640 *(p++)=(s->version>>8);
641 *(p++)=s->version&0xff;
642
643 /* field where we are to write out packet length */
644 plen=p;
645 p+=2;
646
647 /* lets setup the record stuff. */
648 wr->data=p;
649 wr->length=(int)len;
650 wr->input=(unsigned char *)buf;
651
652 /* we now 'read' from wr->input, wr->length bytes into
653 * wr->data */
654
655 /* first we compress */
656 if (s->compress != NULL)
657 {
658 if (!do_compress(s))
659 {
660 SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);
661 goto err;
662 }
663 }
664 else
665 {
666 memcpy(wr->data,wr->input,wr->length);
667 wr->input=wr->data;
668 }
669
670 /* we should still have the output to wr->data and the input
671 * from wr->input. Length should be wr->length.
672 * wr->data still points in the wb->buf */
673
674 if (mac_size != 0)
675 {
676 s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
677 wr->length+=mac_size;
678 wr->input=p;
679 wr->data=p;
680 }
681
682 /* ssl3_enc can only have an error on read */
683 s->method->ssl3_enc->enc(s,1);
684
685 /* record length after mac and block padding */
686 s2n(wr->length,plen);
687
688 /* we should now have
689 * wr->data pointing to the encrypted data, which is
690 * wr->length long */
691 wr->type=type; /* not needed but helps for debugging */
692 wr->length+=SSL3_RT_HEADER_LENGTH;
693
694 if (create_empty_fragment)
695 {
696 /* we are in a recursive call;
697 * just return the length, don't write out anything here
698 */
699 return wr->length;
700 }
701
702 /* now let's set up wb */
703 wb->left = prefix_len + wr->length;
704 wb->offset = 0;
705
706 /* memorize arguments so that ssl3_write_pending can detect bad write retries later */
707 s->s3->wpend_tot=len;
708 s->s3->wpend_buf=buf;
709 s->s3->wpend_type=type;
710 s->s3->wpend_ret=len;
711
712 /* we now just need to write the buffer */
713 return ssl3_write_pending(s,type,buf,len);
714err:
715 return -1;
716 }
717
718/* if s->s3->wbuf.left != 0, we need to call this */
719static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
720 unsigned int len)
721 {
722 int i;
723
724/* XXXX */
725 if ((s->s3->wpend_tot > (int)len)
726 || ((s->s3->wpend_buf != buf) &&
727 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
728 || (s->s3->wpend_type != type))
729 {
730 SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
731 return(-1);
732 }
733
734 for (;;)
735 {
736 clear_sys_error();
737 if (s->wbio != NULL)
738 {
739 s->rwstate=SSL_WRITING;
740 i=BIO_write(s->wbio,
741 (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
742 (unsigned int)s->s3->wbuf.left);
743 }
744 else
745 {
746 SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET);
747 i= -1;
748 }
749 if (i == s->s3->wbuf.left)
750 {
751 s->s3->wbuf.left=0;
752 s->rwstate=SSL_NOTHING;
753 return(s->s3->wpend_ret);
754 }
755 else if (i <= 0)
756 return(i);
757 s->s3->wbuf.offset+=i;
758 s->s3->wbuf.left-=i;
759 }
760 }
761
762/* Return up to 'len' payload bytes received in 'type' records.
763 * 'type' is one of the following:
764 *
765 * - SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
766 * - SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
767 * - 0 (during a shutdown, no data has to be returned)
768 *
769 * If we don't have stored data to work from, read a SSL/TLS record first
770 * (possibly multiple records if we still don't have anything to return).
771 *
772 * This function must handle any surprises the peer may have for us, such as
773 * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
774 * a surprise, but handled as if it were), or renegotiation requests.
775 * Also if record payloads contain fragments too small to process, we store
776 * them until there is enough for the respective protocol (the record protocol
777 * may use arbitrary fragmentation and even interleaving):
778 * Change cipher spec protocol
779 * just 1 byte needed, no need for keeping anything stored
780 * Alert protocol
781 * 2 bytes needed (AlertLevel, AlertDescription)
782 * Handshake protocol
783 * 4 bytes needed (HandshakeType, uint24 length) -- we just have
784 * to detect unexpected Client Hello and Hello Request messages
785 * here, anything else is handled by higher layers
786 * Application data protocol
787 * none of our business
788 */
789int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
790 {
791 int al,i,j,ret;
792 unsigned int n;
793 SSL3_RECORD *rr;
794 void (*cb)(const SSL *ssl,int type2,int val)=NULL;
795
796 if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
797 if (!ssl3_setup_buffers(s))
798 return(-1);
799
800 if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) ||
801 (peek && (type != SSL3_RT_APPLICATION_DATA)))
802 {
803 SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
804 return -1;
805 }
806
807 if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0))
808 /* (partially) satisfy request from storage */
809 {
810 unsigned char *src = s->s3->handshake_fragment;
811 unsigned char *dst = buf;
812 unsigned int k;
813
814 /* peek == 0 */
815 n = 0;
816 while ((len > 0) && (s->s3->handshake_fragment_len > 0))
817 {
818 *dst++ = *src++;
819 len--; s->s3->handshake_fragment_len--;
820 n++;
821 }
822 /* move any remaining fragment bytes: */
823 for (k = 0; k < s->s3->handshake_fragment_len; k++)
824 s->s3->handshake_fragment[k] = *src++;
825 return n;
826 }
827
828 /* Now s->s3->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */
829
830 if (!s->in_handshake && SSL_in_init(s))
831 {
832 /* type == SSL3_RT_APPLICATION_DATA */
833 i=s->handshake_func(s);
834 if (i < 0) return(i);
835 if (i == 0)
836 {
837 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
838 return(-1);
839 }
840 }
841start:
842 s->rwstate=SSL_NOTHING;
843
844 /* s->s3->rrec.type - is the type of record
845 * s->s3->rrec.data, - data
846 * s->s3->rrec.off, - offset into 'data' for next read
847 * s->s3->rrec.length, - number of bytes. */
848 rr = &(s->s3->rrec);
849
850 /* get new packet if necessary */
851 if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
852 {
853 ret=ssl3_get_record(s);
854 if (ret <= 0) return(ret);
855 }
856
857 /* we now have a packet which can be read and processed */
858
859 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
860 * reset by ssl3_get_finished */
861 && (rr->type != SSL3_RT_HANDSHAKE))
862 {
863 al=SSL_AD_UNEXPECTED_MESSAGE;
864 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
865 goto err;
866 }
867
868 /* If the other end has shut down, throw anything we read away
869 * (even in 'peek' mode) */
870 if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
871 {
872 rr->length=0;
873 s->rwstate=SSL_NOTHING;
874 return(0);
875 }
876
877
878 if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
879 {
880 /* make sure that we are not getting application data when we
881 * are doing a handshake for the first time */
882 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
883 (s->enc_read_ctx == NULL))
884 {
885 al=SSL_AD_UNEXPECTED_MESSAGE;
886 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
887 goto f_err;
888 }
889
890 if (len <= 0) return(len);
891
892 if ((unsigned int)len > rr->length)
893 n = rr->length;
894 else
895 n = (unsigned int)len;
896
897 memcpy(buf,&(rr->data[rr->off]),n);
898 if (!peek)
899 {
900 rr->length-=n;
901 rr->off+=n;
902 if (rr->length == 0)
903 {
904 s->rstate=SSL_ST_READ_HEADER;
905 rr->off=0;
906 }
907 }
908 return(n);
909 }
910
911
912 /* If we get here, then type != rr->type; if we have a handshake
913 * message, then it was unexpected (Hello Request or Client Hello). */
914
915 /* In case of record types for which we have 'fragment' storage,
916 * fill that so that we can process the data at a fixed place.
917 */
918 {
919 unsigned int dest_maxlen = 0;
920 unsigned char *dest = NULL;
921 unsigned int *dest_len = NULL;
922
923 if (rr->type == SSL3_RT_HANDSHAKE)
924 {
925 dest_maxlen = sizeof s->s3->handshake_fragment;
926 dest = s->s3->handshake_fragment;
927 dest_len = &s->s3->handshake_fragment_len;
928 }
929 else if (rr->type == SSL3_RT_ALERT)
930 {
931 dest_maxlen = sizeof s->s3->alert_fragment;
932 dest = s->s3->alert_fragment;
933 dest_len = &s->s3->alert_fragment_len;
934 }
935
936 if (dest_maxlen > 0)
937 {
938 n = dest_maxlen - *dest_len; /* available space in 'dest' */
939 if (rr->length < n)
940 n = rr->length; /* available bytes */
941
942 /* now move 'n' bytes: */
943 while (n-- > 0)
944 {
945 dest[(*dest_len)++] = rr->data[rr->off++];
946 rr->length--;
947 }
948
949 if (*dest_len < dest_maxlen)
950 goto start; /* fragment was too small */
951 }
952 }
953
954 /* s->s3->handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE;
955 * s->s3->alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT.
956 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
957
958 /* If we are a client, check for an incoming 'Hello Request': */
959 if ((!s->server) &&
960 (s->s3->handshake_fragment_len >= 4) &&
961 (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
962 (s->session != NULL) && (s->session->cipher != NULL))
963 {
964 s->s3->handshake_fragment_len = 0;
965
966 if ((s->s3->handshake_fragment[1] != 0) ||
967 (s->s3->handshake_fragment[2] != 0) ||
968 (s->s3->handshake_fragment[3] != 0))
969 {
970 al=SSL_AD_DECODE_ERROR;
971 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
972 goto err;
973 }
974
975 if (s->msg_callback)
976 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg);
977
978 if (SSL_is_init_finished(s) &&
979 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
980 !s->s3->renegotiate)
981 {
982 ssl3_renegotiate(s);
983 if (ssl3_renegotiate_check(s))
984 {
985 i=s->handshake_func(s);
986 if (i < 0) return(i);
987 if (i == 0)
988 {
989 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
990 return(-1);
991 }
992
993 if (!(s->mode & SSL_MODE_AUTO_RETRY))
994 {
995 if (s->s3->rbuf.left == 0) /* no read-ahead left? */
996 {
997 BIO *bio;
998 /* In the case where we try to read application data,
999 * but we trigger an SSL handshake, we return -1 with
1000 * the retry option set. Otherwise renegotiation may
1001 * cause nasty problems in the blocking world */
1002 s->rwstate=SSL_READING;
1003 bio=SSL_get_rbio(s);
1004 BIO_clear_retry_flags(bio);
1005 BIO_set_retry_read(bio);
1006 return(-1);
1007 }
1008 }
1009 }
1010 }
1011 /* we either finished a handshake or ignored the request,
1012 * now try again to obtain the (application) data we were asked for */
1013 goto start;
1014 }
1015
1016 if (s->s3->alert_fragment_len >= 2)
1017 {
1018 int alert_level = s->s3->alert_fragment[0];
1019 int alert_descr = s->s3->alert_fragment[1];
1020
1021 s->s3->alert_fragment_len = 0;
1022
1023 if (s->msg_callback)
1024 s->msg_callback(0, s->version, SSL3_RT_ALERT, s->s3->alert_fragment, 2, s, s->msg_callback_arg);
1025
1026 if (s->info_callback != NULL)
1027 cb=s->info_callback;
1028 else if (s->ctx->info_callback != NULL)
1029 cb=s->ctx->info_callback;
1030
1031 if (cb != NULL)
1032 {
1033 j = (alert_level << 8) | alert_descr;
1034 cb(s, SSL_CB_READ_ALERT, j);
1035 }
1036
1037 if (alert_level == 1) /* warning */
1038 {
1039 s->s3->warn_alert = alert_descr;
1040 if (alert_descr == SSL_AD_CLOSE_NOTIFY)
1041 {
1042 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
1043 return(0);
1044 }
1045 }
1046 else if (alert_level == 2) /* fatal */
1047 {
1048 char tmp[16];
1049
1050 s->rwstate=SSL_NOTHING;
1051 s->s3->fatal_alert = alert_descr;
1052 SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
1053 BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);
1054 ERR_add_error_data(2,"SSL alert number ",tmp);
1055 s->shutdown|=SSL_RECEIVED_SHUTDOWN;
1056 SSL_CTX_remove_session(s->ctx,s->session);
1057 return(0);
1058 }
1059 else
1060 {
1061 al=SSL_AD_ILLEGAL_PARAMETER;
1062 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
1063 goto f_err;
1064 }
1065
1066 goto start;
1067 }
1068
1069 if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */
1070 {
1071 s->rwstate=SSL_NOTHING;
1072 rr->length=0;
1073 return(0);
1074 }
1075
1076 if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
1077 {
1078 /* 'Change Cipher Spec' is just a single byte, so we know
1079 * exactly what the record payload has to look like */
1080 if ( (rr->length != 1) || (rr->off != 0) ||
1081 (rr->data[0] != SSL3_MT_CCS))
1082 {
1083 i=SSL_AD_ILLEGAL_PARAMETER;
1084 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
1085 goto err;
1086 }
1087
1088 /* Check we have a cipher to change to */
1089 if (s->s3->tmp.new_cipher == NULL)
1090 {
1091 i=SSL_AD_UNEXPECTED_MESSAGE;
1092 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
1093 goto err;
1094 }
1095
1096 rr->length=0;
1097
1098 if (s->msg_callback)
1099 s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s, s->msg_callback_arg);
1100
1101 s->s3->change_cipher_spec=1;
1102 if (!do_change_cipher_spec(s))
1103 goto err;
1104 else
1105 goto start;
1106 }
1107
1108 /* Unexpected handshake message (Client Hello, or protocol violation) */
1109 if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake)
1110 {
1111 if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
1112 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
1113 {
1114#if 0 /* worked only because C operator preferences are not as expected (and
1115 * because this is not really needed for clients except for detecting
1116 * protocol violations): */
1117 s->state=SSL_ST_BEFORE|(s->server)
1118 ?SSL_ST_ACCEPT
1119 :SSL_ST_CONNECT;
1120#else
1121 s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
1122#endif
1123 s->new_session=1;
1124 }
1125 i=s->handshake_func(s);
1126 if (i < 0) return(i);
1127 if (i == 0)
1128 {
1129 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
1130 return(-1);
1131 }
1132
1133 if (!(s->mode & SSL_MODE_AUTO_RETRY))
1134 {
1135 if (s->s3->rbuf.left == 0) /* no read-ahead left? */
1136 {
1137 BIO *bio;
1138 /* In the case where we try to read application data,
1139 * but we trigger an SSL handshake, we return -1 with
1140 * the retry option set. Otherwise renegotiation may
1141 * cause nasty problems in the blocking world */
1142 s->rwstate=SSL_READING;
1143 bio=SSL_get_rbio(s);
1144 BIO_clear_retry_flags(bio);
1145 BIO_set_retry_read(bio);
1146 return(-1);
1147 }
1148 }
1149 goto start;
1150 }
1151
1152 switch (rr->type)
1153 {
1154 default:
1155#ifndef OPENSSL_NO_TLS
1156 /* TLS just ignores unknown message types */
1157 if (s->version == TLS1_VERSION)
1158 {
1159 rr->length = 0;
1160 goto start;
1161 }
1162#endif
1163 al=SSL_AD_UNEXPECTED_MESSAGE;
1164 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
1165 goto f_err;
1166 case SSL3_RT_CHANGE_CIPHER_SPEC:
1167 case SSL3_RT_ALERT:
1168 case SSL3_RT_HANDSHAKE:
1169 /* we already handled all of these, with the possible exception
1170 * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that
1171 * should not happen when type != rr->type */
1172 al=SSL_AD_UNEXPECTED_MESSAGE;
1173 SSLerr(SSL_F_SSL3_READ_BYTES,ERR_R_INTERNAL_ERROR);
1174 goto f_err;
1175 case SSL3_RT_APPLICATION_DATA:
1176 /* At this point, we were expecting handshake data,
1177 * but have application data. If the library was
1178 * running inside ssl3_read() (i.e. in_read_app_data
1179 * is set) and it makes sense to read application data
1180 * at this point (session renegotiation not yet started),
1181 * we will indulge it.
1182 */
1183 if (s->s3->in_read_app_data &&
1184 (s->s3->total_renegotiations != 0) &&
1185 ((
1186 (s->state & SSL_ST_CONNECT) &&
1187 (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
1188 (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
1189 ) || (
1190 (s->state & SSL_ST_ACCEPT) &&
1191 (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
1192 (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
1193 )
1194 ))
1195 {
1196 s->s3->in_read_app_data=2;
1197 return(-1);
1198 }
1199 else
1200 {
1201 al=SSL_AD_UNEXPECTED_MESSAGE;
1202 SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
1203 goto f_err;
1204 }
1205 }
1206 /* not reached */
1207
1208f_err:
1209 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1210err:
1211 return(-1);
1212 }
1213
1214static int do_change_cipher_spec(SSL *s)
1215 {
1216 int i;
1217 const char *sender;
1218 int slen;
1219
1220 if (s->state & SSL_ST_ACCEPT)
1221 i=SSL3_CHANGE_CIPHER_SERVER_READ;
1222 else
1223 i=SSL3_CHANGE_CIPHER_CLIENT_READ;
1224
1225 if (s->s3->tmp.key_block == NULL)
1226 {
1227 s->session->cipher=s->s3->tmp.new_cipher;
1228 if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
1229 }
1230
1231 if (!s->method->ssl3_enc->change_cipher_state(s,i))
1232 return(0);
1233
1234 /* we have to record the message digest at
1235 * this point so we can get it before we read
1236 * the finished message */
1237 if (s->state & SSL_ST_CONNECT)
1238 {
1239 sender=s->method->ssl3_enc->server_finished_label;
1240 slen=s->method->ssl3_enc->server_finished_label_len;
1241 }
1242 else
1243 {
1244 sender=s->method->ssl3_enc->client_finished_label;
1245 slen=s->method->ssl3_enc->client_finished_label_len;
1246 }
1247
1248 s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
1249 &(s->s3->finish_dgst1),
1250 &(s->s3->finish_dgst2),
1251 sender,slen,s->s3->tmp.peer_finish_md);
1252
1253 return(1);
1254 }
1255
1256void ssl3_send_alert(SSL *s, int level, int desc)
1257 {
1258 /* Map tls/ssl alert value to correct one */
1259 desc=s->method->ssl3_enc->alert_value(desc);
1260 if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
1261 desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have protocol_version alerts */
1262 if (desc < 0) return;
1263 /* If a fatal one, remove from cache */
1264 if ((level == 2) && (s->session != NULL))
1265 SSL_CTX_remove_session(s->ctx,s->session);
1266
1267 s->s3->alert_dispatch=1;
1268 s->s3->send_alert[0]=level;
1269 s->s3->send_alert[1]=desc;
1270 if (s->s3->wbuf.left == 0) /* data still being written out? */
1271 ssl3_dispatch_alert(s);
1272 /* else data is still being written out, we will get written
1273 * some time in the future */
1274 }
1275
1276int ssl3_dispatch_alert(SSL *s)
1277 {
1278 int i,j;
1279 void (*cb)(const SSL *ssl,int type,int val)=NULL;
1280
1281 s->s3->alert_dispatch=0;
1282 i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], 2, 0);
1283 if (i <= 0)
1284 {
1285 s->s3->alert_dispatch=1;
1286 }
1287 else
1288 {
1289 /* Alert sent to BIO. If it is important, flush it now.
1290 * If the message does not get sent due to non-blocking IO,
1291 * we will not worry too much. */
1292 if (s->s3->send_alert[0] == SSL3_AL_FATAL)
1293 (void)BIO_flush(s->wbio);
1294
1295 if (s->msg_callback)
1296 s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, 2, s, s->msg_callback_arg);
1297
1298 if (s->info_callback != NULL)
1299 cb=s->info_callback;
1300 else if (s->ctx->info_callback != NULL)
1301 cb=s->ctx->info_callback;
1302
1303 if (cb != NULL)
1304 {
1305 j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
1306 cb(s,SSL_CB_WRITE_ALERT,j);
1307 }
1308 }
1309 return(i);
1310 }
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
deleted file mode 100644
index deb3cffabe..0000000000
--- a/src/lib/libssl/s3_srvr.c
+++ /dev/null
@@ -1,2077 +0,0 @@
1/* ssl/s3_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#define REUSE_CIPHER_BUG
113#define NETSCAPE_HANG_BUG
114
115
116#include <stdio.h>
117#include "ssl_locl.h"
118#include "kssl_lcl.h"
119#include <openssl/buffer.h>
120#include <openssl/rand.h>
121#include <openssl/objects.h>
122#include <openssl/evp.h>
123#include <openssl/x509.h>
124#ifndef OPENSSL_NO_KRB5
125#include <openssl/krb5_asn.h>
126#endif
127#include <openssl/md5.h>
128
129static SSL_METHOD *ssl3_get_server_method(int ver);
130static int ssl3_get_client_hello(SSL *s);
131static int ssl3_check_client_hello(SSL *s);
132static int ssl3_send_server_hello(SSL *s);
133static int ssl3_send_server_key_exchange(SSL *s);
134static int ssl3_send_certificate_request(SSL *s);
135static int ssl3_send_server_done(SSL *s);
136static int ssl3_get_client_key_exchange(SSL *s);
137static int ssl3_get_client_certificate(SSL *s);
138static int ssl3_get_cert_verify(SSL *s);
139static int ssl3_send_hello_request(SSL *s);
140
141static SSL_METHOD *ssl3_get_server_method(int ver)
142 {
143 if (ver == SSL3_VERSION)
144 return(SSLv3_server_method());
145 else
146 return(NULL);
147 }
148
149SSL_METHOD *SSLv3_server_method(void)
150 {
151 static int init=1;
152 static SSL_METHOD SSLv3_server_data;
153
154 if (init)
155 {
156 CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
157
158 if (init)
159 {
160 memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
161 sizeof(SSL_METHOD));
162 SSLv3_server_data.ssl_accept=ssl3_accept;
163 SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
164 init=0;
165 }
166
167 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
168 }
169 return(&SSLv3_server_data);
170 }
171
172int ssl3_accept(SSL *s)
173 {
174 BUF_MEM *buf;
175 unsigned long l,Time=time(NULL);
176 void (*cb)(const SSL *ssl,int type,int val)=NULL;
177 long num1;
178 int ret= -1;
179 int new_state,state,skip=0;
180
181 RAND_add(&Time,sizeof(Time),0);
182 ERR_clear_error();
183 clear_sys_error();
184
185 if (s->info_callback != NULL)
186 cb=s->info_callback;
187 else if (s->ctx->info_callback != NULL)
188 cb=s->ctx->info_callback;
189
190 /* init things to blank */
191 s->in_handshake++;
192 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
193
194 if (s->cert == NULL)
195 {
196 SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
197 return(-1);
198 }
199
200 for (;;)
201 {
202 state=s->state;
203
204 switch (s->state)
205 {
206 case SSL_ST_RENEGOTIATE:
207 s->new_session=1;
208 /* s->state=SSL_ST_ACCEPT; */
209
210 case SSL_ST_BEFORE:
211 case SSL_ST_ACCEPT:
212 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
213 case SSL_ST_OK|SSL_ST_ACCEPT:
214
215 s->server=1;
216 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
217
218 if ((s->version>>8) != 3)
219 {
220 SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
221 return -1;
222 }
223 s->type=SSL_ST_ACCEPT;
224
225 if (s->init_buf == NULL)
226 {
227 if ((buf=BUF_MEM_new()) == NULL)
228 {
229 ret= -1;
230 goto end;
231 }
232 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
233 {
234 ret= -1;
235 goto end;
236 }
237 s->init_buf=buf;
238 }
239
240 if (!ssl3_setup_buffers(s))
241 {
242 ret= -1;
243 goto end;
244 }
245
246 s->init_num=0;
247
248 if (s->state != SSL_ST_RENEGOTIATE)
249 {
250 /* Ok, we now need to push on a buffering BIO so that
251 * the output is sent in a way that TCP likes :-)
252 */
253 if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
254
255 ssl3_init_finished_mac(s);
256 s->state=SSL3_ST_SR_CLNT_HELLO_A;
257 s->ctx->stats.sess_accept++;
258 }
259 else
260 {
261 /* s->state == SSL_ST_RENEGOTIATE,
262 * we will just send a HelloRequest */
263 s->ctx->stats.sess_accept_renegotiate++;
264 s->state=SSL3_ST_SW_HELLO_REQ_A;
265 }
266 break;
267
268 case SSL3_ST_SW_HELLO_REQ_A:
269 case SSL3_ST_SW_HELLO_REQ_B:
270
271 s->shutdown=0;
272 ret=ssl3_send_hello_request(s);
273 if (ret <= 0) goto end;
274 s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
275 s->state=SSL3_ST_SW_FLUSH;
276 s->init_num=0;
277
278 ssl3_init_finished_mac(s);
279 break;
280
281 case SSL3_ST_SW_HELLO_REQ_C:
282 s->state=SSL_ST_OK;
283 break;
284
285 case SSL3_ST_SR_CLNT_HELLO_A:
286 case SSL3_ST_SR_CLNT_HELLO_B:
287 case SSL3_ST_SR_CLNT_HELLO_C:
288
289 s->shutdown=0;
290 ret=ssl3_get_client_hello(s);
291 if (ret <= 0) goto end;
292 s->new_session = 2;
293 s->state=SSL3_ST_SW_SRVR_HELLO_A;
294 s->init_num=0;
295 break;
296
297 case SSL3_ST_SW_SRVR_HELLO_A:
298 case SSL3_ST_SW_SRVR_HELLO_B:
299 ret=ssl3_send_server_hello(s);
300 if (ret <= 0) goto end;
301
302 if (s->hit)
303 s->state=SSL3_ST_SW_CHANGE_A;
304 else
305 s->state=SSL3_ST_SW_CERT_A;
306 s->init_num=0;
307 break;
308
309 case SSL3_ST_SW_CERT_A:
310 case SSL3_ST_SW_CERT_B:
311 /* Check if it is anon DH */
312 if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
313 {
314 ret=ssl3_send_server_certificate(s);
315 if (ret <= 0) goto end;
316 }
317 else
318 skip=1;
319 s->state=SSL3_ST_SW_KEY_EXCH_A;
320 s->init_num=0;
321 break;
322
323 case SSL3_ST_SW_KEY_EXCH_A:
324 case SSL3_ST_SW_KEY_EXCH_B:
325 l=s->s3->tmp.new_cipher->algorithms;
326
327 /* clear this, it may get reset by
328 * send_server_key_exchange */
329 if ((s->options & SSL_OP_EPHEMERAL_RSA)
330#ifndef OPENSSL_NO_KRB5
331 && !(l & SSL_KRB5)
332#endif /* OPENSSL_NO_KRB5 */
333 )
334 /* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
335 * even when forbidden by protocol specs
336 * (handshake may fail as clients are not required to
337 * be able to handle this) */
338 s->s3->tmp.use_rsa_tmp=1;
339 else
340 s->s3->tmp.use_rsa_tmp=0;
341
342 /* only send if a DH key exchange, fortezza or
343 * RSA but we have a sign only certificate */
344 if (s->s3->tmp.use_rsa_tmp
345 || (l & (SSL_DH|SSL_kFZA))
346 || ((l & SSL_kRSA)
347 && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
348 || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
349 && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
350 )
351 )
352 )
353 )
354 {
355 ret=ssl3_send_server_key_exchange(s);
356 if (ret <= 0) goto end;
357 }
358 else
359 skip=1;
360
361 s->state=SSL3_ST_SW_CERT_REQ_A;
362 s->init_num=0;
363 break;
364
365 case SSL3_ST_SW_CERT_REQ_A:
366 case SSL3_ST_SW_CERT_REQ_B:
367 if (/* don't request cert unless asked for it: */
368 !(s->verify_mode & SSL_VERIFY_PEER) ||
369 /* if SSL_VERIFY_CLIENT_ONCE is set,
370 * don't request cert during re-negotiation: */
371 ((s->session->peer != NULL) &&
372 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
373 /* never request cert in anonymous ciphersuites
374 * (see section "Certificate request" in SSL 3 drafts
375 * and in RFC 2246): */
376 ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
377 /* ... except when the application insists on verification
378 * (against the specs, but s3_clnt.c accepts this for SSL 3) */
379 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
380 /* never request cert in Kerberos ciphersuites */
381 (s->s3->tmp.new_cipher->algorithms & SSL_aKRB5))
382 {
383 /* no cert request */
384 skip=1;
385 s->s3->tmp.cert_request=0;
386 s->state=SSL3_ST_SW_SRVR_DONE_A;
387 }
388 else
389 {
390 s->s3->tmp.cert_request=1;
391 ret=ssl3_send_certificate_request(s);
392 if (ret <= 0) goto end;
393#ifndef NETSCAPE_HANG_BUG
394 s->state=SSL3_ST_SW_SRVR_DONE_A;
395#else
396 s->state=SSL3_ST_SW_FLUSH;
397 s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
398#endif
399 s->init_num=0;
400 }
401 break;
402
403 case SSL3_ST_SW_SRVR_DONE_A:
404 case SSL3_ST_SW_SRVR_DONE_B:
405 ret=ssl3_send_server_done(s);
406 if (ret <= 0) goto end;
407 s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
408 s->state=SSL3_ST_SW_FLUSH;
409 s->init_num=0;
410 break;
411
412 case SSL3_ST_SW_FLUSH:
413 /* number of bytes to be flushed */
414 num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
415 if (num1 > 0)
416 {
417 s->rwstate=SSL_WRITING;
418 num1=BIO_flush(s->wbio);
419 if (num1 <= 0) { ret= -1; goto end; }
420 s->rwstate=SSL_NOTHING;
421 }
422
423 s->state=s->s3->tmp.next_state;
424 break;
425
426 case SSL3_ST_SR_CERT_A:
427 case SSL3_ST_SR_CERT_B:
428 /* Check for second client hello (MS SGC) */
429 ret = ssl3_check_client_hello(s);
430 if (ret <= 0)
431 goto end;
432 if (ret == 2)
433 s->state = SSL3_ST_SR_CLNT_HELLO_C;
434 else {
435 if (s->s3->tmp.cert_request)
436 {
437 ret=ssl3_get_client_certificate(s);
438 if (ret <= 0) goto end;
439 }
440 s->init_num=0;
441 s->state=SSL3_ST_SR_KEY_EXCH_A;
442 }
443 break;
444
445 case SSL3_ST_SR_KEY_EXCH_A:
446 case SSL3_ST_SR_KEY_EXCH_B:
447 ret=ssl3_get_client_key_exchange(s);
448 if (ret <= 0) goto end;
449 s->state=SSL3_ST_SR_CERT_VRFY_A;
450 s->init_num=0;
451
452 /* We need to get hashes here so if there is
453 * a client cert, it can be verified */
454 s->method->ssl3_enc->cert_verify_mac(s,
455 &(s->s3->finish_dgst1),
456 &(s->s3->tmp.cert_verify_md[0]));
457 s->method->ssl3_enc->cert_verify_mac(s,
458 &(s->s3->finish_dgst2),
459 &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
460
461 break;
462
463 case SSL3_ST_SR_CERT_VRFY_A:
464 case SSL3_ST_SR_CERT_VRFY_B:
465
466 /* we should decide if we expected this one */
467 ret=ssl3_get_cert_verify(s);
468 if (ret <= 0) goto end;
469
470 s->state=SSL3_ST_SR_FINISHED_A;
471 s->init_num=0;
472 break;
473
474 case SSL3_ST_SR_FINISHED_A:
475 case SSL3_ST_SR_FINISHED_B:
476 ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
477 SSL3_ST_SR_FINISHED_B);
478 if (ret <= 0) goto end;
479 if (s->hit)
480 s->state=SSL_ST_OK;
481 else
482 s->state=SSL3_ST_SW_CHANGE_A;
483 s->init_num=0;
484 break;
485
486 case SSL3_ST_SW_CHANGE_A:
487 case SSL3_ST_SW_CHANGE_B:
488
489 s->session->cipher=s->s3->tmp.new_cipher;
490 if (!s->method->ssl3_enc->setup_key_block(s))
491 { ret= -1; goto end; }
492
493 ret=ssl3_send_change_cipher_spec(s,
494 SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
495
496 if (ret <= 0) goto end;
497 s->state=SSL3_ST_SW_FINISHED_A;
498 s->init_num=0;
499
500 if (!s->method->ssl3_enc->change_cipher_state(s,
501 SSL3_CHANGE_CIPHER_SERVER_WRITE))
502 {
503 ret= -1;
504 goto end;
505 }
506
507 break;
508
509 case SSL3_ST_SW_FINISHED_A:
510 case SSL3_ST_SW_FINISHED_B:
511 ret=ssl3_send_finished(s,
512 SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
513 s->method->ssl3_enc->server_finished_label,
514 s->method->ssl3_enc->server_finished_label_len);
515 if (ret <= 0) goto end;
516 s->state=SSL3_ST_SW_FLUSH;
517 if (s->hit)
518 s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
519 else
520 s->s3->tmp.next_state=SSL_ST_OK;
521 s->init_num=0;
522 break;
523
524 case SSL_ST_OK:
525 /* clean a few things up */
526 ssl3_cleanup_key_block(s);
527
528 BUF_MEM_free(s->init_buf);
529 s->init_buf=NULL;
530
531 /* remove buffering on output */
532 ssl_free_wbio_buffer(s);
533
534 s->init_num=0;
535
536 if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
537 {
538 /* actually not necessarily a 'new' session unless
539 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
540
541 s->new_session=0;
542
543 ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
544
545 s->ctx->stats.sess_accept_good++;
546 /* s->server=1; */
547 s->handshake_func=ssl3_accept;
548
549 if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
550 }
551
552 ret = 1;
553 goto end;
554 /* break; */
555
556 default:
557 SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
558 ret= -1;
559 goto end;
560 /* break; */
561 }
562
563 if (!s->s3->tmp.reuse_message && !skip)
564 {
565 if (s->debug)
566 {
567 if ((ret=BIO_flush(s->wbio)) <= 0)
568 goto end;
569 }
570
571
572 if ((cb != NULL) && (s->state != state))
573 {
574 new_state=s->state;
575 s->state=state;
576 cb(s,SSL_CB_ACCEPT_LOOP,1);
577 s->state=new_state;
578 }
579 }
580 skip=0;
581 }
582end:
583 /* BIO_flush(s->wbio); */
584
585 s->in_handshake--;
586 if (cb != NULL)
587 cb(s,SSL_CB_ACCEPT_EXIT,ret);
588 return(ret);
589 }
590
591static int ssl3_send_hello_request(SSL *s)
592 {
593 unsigned char *p;
594
595 if (s->state == SSL3_ST_SW_HELLO_REQ_A)
596 {
597 p=(unsigned char *)s->init_buf->data;
598 *(p++)=SSL3_MT_HELLO_REQUEST;
599 *(p++)=0;
600 *(p++)=0;
601 *(p++)=0;
602
603 s->state=SSL3_ST_SW_HELLO_REQ_B;
604 /* number of bytes to write */
605 s->init_num=4;
606 s->init_off=0;
607 }
608
609 /* SSL3_ST_SW_HELLO_REQ_B */
610 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
611 }
612
613static int ssl3_check_client_hello(SSL *s)
614 {
615 int ok;
616 long n;
617
618 /* this function is called when we really expect a Certificate message,
619 * so permit appropriate message length */
620 n=ssl3_get_message(s,
621 SSL3_ST_SR_CERT_A,
622 SSL3_ST_SR_CERT_B,
623 -1,
624 s->max_cert_list,
625 &ok);
626 if (!ok) return((int)n);
627 s->s3->tmp.reuse_message = 1;
628 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
629 {
630 /* Throw away what we have done so far in the current handshake,
631 * which will now be aborted. (A full SSL_clear would be too much.)
632 * I hope that tmp.dh is the only thing that may need to be cleared
633 * when a handshake is not completed ... */
634#ifndef OPENSSL_NO_DH
635 if (s->s3->tmp.dh != NULL)
636 {
637 DH_free(s->s3->tmp.dh);
638 s->s3->tmp.dh = NULL;
639 }
640#endif
641 return 2;
642 }
643 return 1;
644}
645
646static int ssl3_get_client_hello(SSL *s)
647 {
648 int i,j,ok,al,ret= -1;
649 long n;
650 unsigned long id;
651 unsigned char *p,*d,*q;
652 SSL_CIPHER *c;
653 SSL_COMP *comp=NULL;
654 STACK_OF(SSL_CIPHER) *ciphers=NULL;
655
656 /* We do this so that we will respond with our native type.
657 * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
658 * This down switching should be handled by a different method.
659 * If we are SSLv3, we will respond with SSLv3, even if prompted with
660 * TLSv1.
661 */
662 if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
663 {
664 s->first_packet=1;
665 s->state=SSL3_ST_SR_CLNT_HELLO_B;
666 }
667 n=ssl3_get_message(s,
668 SSL3_ST_SR_CLNT_HELLO_B,
669 SSL3_ST_SR_CLNT_HELLO_C,
670 SSL3_MT_CLIENT_HELLO,
671 SSL3_RT_MAX_PLAIN_LENGTH,
672 &ok);
673
674 if (!ok) return((int)n);
675 d=p=(unsigned char *)s->init_msg;
676
677 /* use version from inside client hello, not from record header
678 * (may differ: see RFC 2246, Appendix E, second paragraph) */
679 s->client_version=(((int)p[0])<<8)|(int)p[1];
680 p+=2;
681
682 if (s->client_version < s->version)
683 {
684 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
685 if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
686 {
687 /* similar to ssl3_get_record, send alert using remote version number */
688 s->version = s->client_version;
689 }
690 al = SSL_AD_PROTOCOL_VERSION;
691 goto f_err;
692 }
693
694 /* load the client random */
695 memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
696 p+=SSL3_RANDOM_SIZE;
697
698 /* get the session-id */
699 j= *(p++);
700
701 s->hit=0;
702 /* Versions before 0.9.7 always allow session reuse during renegotiation
703 * (i.e. when s->new_session is true), option
704 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is new with 0.9.7.
705 * Maybe this optional behaviour should always have been the default,
706 * but we cannot safely change the default behaviour (or new applications
707 * might be written that become totally unsecure when compiled with
708 * an earlier library version)
709 */
710 if (j == 0 || (s->new_session && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)))
711 {
712 if (!ssl_get_new_session(s,1))
713 goto err;
714 }
715 else
716 {
717 i=ssl_get_prev_session(s,p,j);
718 if (i == 1)
719 { /* previous session */
720 s->hit=1;
721 }
722 else if (i == -1)
723 goto err;
724 else /* i == 0 */
725 {
726 if (!ssl_get_new_session(s,1))
727 goto err;
728 }
729 }
730
731 p+=j;
732 n2s(p,i);
733 if ((i == 0) && (j != 0))
734 {
735 /* we need a cipher if we are not resuming a session */
736 al=SSL_AD_ILLEGAL_PARAMETER;
737 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
738 goto f_err;
739 }
740 if ((p+i) >= (d+n))
741 {
742 /* not enough data */
743 al=SSL_AD_DECODE_ERROR;
744 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
745 goto f_err;
746 }
747 if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers))
748 == NULL))
749 {
750 goto err;
751 }
752 p+=i;
753
754 /* If it is a hit, check that the cipher is in the list */
755 if ((s->hit) && (i > 0))
756 {
757 j=0;
758 id=s->session->cipher->id;
759
760#ifdef CIPHER_DEBUG
761 printf("client sent %d ciphers\n",sk_num(ciphers));
762#endif
763 for (i=0; i<sk_SSL_CIPHER_num(ciphers); i++)
764 {
765 c=sk_SSL_CIPHER_value(ciphers,i);
766#ifdef CIPHER_DEBUG
767 printf("client [%2d of %2d]:%s\n",
768 i,sk_num(ciphers),SSL_CIPHER_get_name(c));
769#endif
770 if (c->id == id)
771 {
772 j=1;
773 break;
774 }
775 }
776 if (j == 0)
777 {
778 if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
779 {
780 /* Very bad for multi-threading.... */
781 s->session->cipher=sk_SSL_CIPHER_value(ciphers,
782 0);
783 }
784 else
785 {
786 /* we need to have the cipher in the cipher
787 * list if we are asked to reuse it */
788 al=SSL_AD_ILLEGAL_PARAMETER;
789 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
790 goto f_err;
791 }
792 }
793 }
794
795 /* compression */
796 i= *(p++);
797 if ((p+i) > (d+n))
798 {
799 /* not enough data */
800 al=SSL_AD_DECODE_ERROR;
801 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
802 goto f_err;
803 }
804 q=p;
805 for (j=0; j<i; j++)
806 {
807 if (p[j] == 0) break;
808 }
809
810 p+=i;
811 if (j >= i)
812 {
813 /* no compress */
814 al=SSL_AD_DECODE_ERROR;
815 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED);
816 goto f_err;
817 }
818
819 /* Worst case, we will use the NULL compression, but if we have other
820 * options, we will now look for them. We have i-1 compression
821 * algorithms from the client, starting at q. */
822 s->s3->tmp.new_compression=NULL;
823 if (s->ctx->comp_methods != NULL)
824 { /* See if we have a match */
825 int m,nn,o,v,done=0;
826
827 nn=sk_SSL_COMP_num(s->ctx->comp_methods);
828 for (m=0; m<nn; m++)
829 {
830 comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
831 v=comp->id;
832 for (o=0; o<i; o++)
833 {
834 if (v == q[o])
835 {
836 done=1;
837 break;
838 }
839 }
840 if (done) break;
841 }
842 if (done)
843 s->s3->tmp.new_compression=comp;
844 else
845 comp=NULL;
846 }
847
848 /* TLS does not mind if there is extra stuff */
849#if 0 /* SSL 3.0 does not mind either, so we should disable this test
850 * (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
851 * in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
852 if (s->version == SSL3_VERSION)
853 {
854 if (p < (d+n))
855 {
856 /* wrong number of bytes,
857 * there could be more to follow */
858 al=SSL_AD_DECODE_ERROR;
859 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
860 goto f_err;
861 }
862 }
863#endif
864
865 /* Given s->session->ciphers and SSL_get_ciphers, we must
866 * pick a cipher */
867
868 if (!s->hit)
869 {
870 s->session->compress_meth=(comp == NULL)?0:comp->id;
871 if (s->session->ciphers != NULL)
872 sk_SSL_CIPHER_free(s->session->ciphers);
873 s->session->ciphers=ciphers;
874 if (ciphers == NULL)
875 {
876 al=SSL_AD_ILLEGAL_PARAMETER;
877 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED);
878 goto f_err;
879 }
880 ciphers=NULL;
881 c=ssl3_choose_cipher(s,s->session->ciphers,
882 SSL_get_ciphers(s));
883
884 if (c == NULL)
885 {
886 al=SSL_AD_HANDSHAKE_FAILURE;
887 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
888 goto f_err;
889 }
890 s->s3->tmp.new_cipher=c;
891 }
892 else
893 {
894 /* Session-id reuse */
895#ifdef REUSE_CIPHER_BUG
896 STACK_OF(SSL_CIPHER) *sk;
897 SSL_CIPHER *nc=NULL;
898 SSL_CIPHER *ec=NULL;
899
900 if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
901 {
902 sk=s->session->ciphers;
903 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
904 {
905 c=sk_SSL_CIPHER_value(sk,i);
906 if (c->algorithms & SSL_eNULL)
907 nc=c;
908 if (SSL_C_IS_EXPORT(c))
909 ec=c;
910 }
911 if (nc != NULL)
912 s->s3->tmp.new_cipher=nc;
913 else if (ec != NULL)
914 s->s3->tmp.new_cipher=ec;
915 else
916 s->s3->tmp.new_cipher=s->session->cipher;
917 }
918 else
919#endif
920 s->s3->tmp.new_cipher=s->session->cipher;
921 }
922
923 /* we now have the following setup.
924 * client_random
925 * cipher_list - our prefered list of ciphers
926 * ciphers - the clients prefered list of ciphers
927 * compression - basically ignored right now
928 * ssl version is set - sslv3
929 * s->session - The ssl session has been setup.
930 * s->hit - session reuse flag
931 * s->tmp.new_cipher - the new cipher to use.
932 */
933
934 ret=1;
935 if (0)
936 {
937f_err:
938 ssl3_send_alert(s,SSL3_AL_FATAL,al);
939 }
940err:
941 if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
942 return(ret);
943 }
944
945static int ssl3_send_server_hello(SSL *s)
946 {
947 unsigned char *buf;
948 unsigned char *p,*d;
949 int i,sl;
950 unsigned long l,Time;
951
952 if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
953 {
954 buf=(unsigned char *)s->init_buf->data;
955 p=s->s3->server_random;
956 Time=time(NULL); /* Time */
957 l2n(Time,p);
958 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
959 /* Do the message type and length last */
960 d=p= &(buf[4]);
961
962 *(p++)=s->version>>8;
963 *(p++)=s->version&0xff;
964
965 /* Random stuff */
966 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
967 p+=SSL3_RANDOM_SIZE;
968
969 /* now in theory we have 3 options to sending back the
970 * session id. If it is a re-use, we send back the
971 * old session-id, if it is a new session, we send
972 * back the new session-id or we send back a 0 length
973 * session-id if we want it to be single use.
974 * Currently I will not implement the '0' length session-id
975 * 12-Jan-98 - I'll now support the '0' length stuff.
976 */
977 if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
978 s->session->session_id_length=0;
979
980 sl=s->session->session_id_length;
981 if (sl > sizeof s->session->session_id)
982 {
983 SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
984 return -1;
985 }
986 *(p++)=sl;
987 memcpy(p,s->session->session_id,sl);
988 p+=sl;
989
990 /* put the cipher */
991 i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
992 p+=i;
993
994 /* put the compression method */
995 if (s->s3->tmp.new_compression == NULL)
996 *(p++)=0;
997 else
998 *(p++)=s->s3->tmp.new_compression->id;
999
1000 /* do the header */
1001 l=(p-d);
1002 d=buf;
1003 *(d++)=SSL3_MT_SERVER_HELLO;
1004 l2n3(l,d);
1005
1006 s->state=SSL3_ST_CW_CLNT_HELLO_B;
1007 /* number of bytes to write */
1008 s->init_num=p-buf;
1009 s->init_off=0;
1010 }
1011
1012 /* SSL3_ST_CW_CLNT_HELLO_B */
1013 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1014 }
1015
1016static int ssl3_send_server_done(SSL *s)
1017 {
1018 unsigned char *p;
1019
1020 if (s->state == SSL3_ST_SW_SRVR_DONE_A)
1021 {
1022 p=(unsigned char *)s->init_buf->data;
1023
1024 /* do the header */
1025 *(p++)=SSL3_MT_SERVER_DONE;
1026 *(p++)=0;
1027 *(p++)=0;
1028 *(p++)=0;
1029
1030 s->state=SSL3_ST_SW_SRVR_DONE_B;
1031 /* number of bytes to write */
1032 s->init_num=4;
1033 s->init_off=0;
1034 }
1035
1036 /* SSL3_ST_CW_CLNT_HELLO_B */
1037 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1038 }
1039
1040static int ssl3_send_server_key_exchange(SSL *s)
1041 {
1042#ifndef OPENSSL_NO_RSA
1043 unsigned char *q;
1044 int j,num;
1045 RSA *rsa;
1046 unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
1047 unsigned int u;
1048#endif
1049#ifndef OPENSSL_NO_DH
1050 DH *dh=NULL,*dhp;
1051#endif
1052 EVP_PKEY *pkey;
1053 unsigned char *p,*d;
1054 int al,i;
1055 unsigned long type;
1056 int n;
1057 CERT *cert;
1058 BIGNUM *r[4];
1059 int nr[4],kn;
1060 BUF_MEM *buf;
1061 EVP_MD_CTX md_ctx;
1062
1063 EVP_MD_CTX_init(&md_ctx);
1064 if (s->state == SSL3_ST_SW_KEY_EXCH_A)
1065 {
1066 type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
1067 cert=s->cert;
1068
1069 buf=s->init_buf;
1070
1071 r[0]=r[1]=r[2]=r[3]=NULL;
1072 n=0;
1073#ifndef OPENSSL_NO_RSA
1074 if (type & SSL_kRSA)
1075 {
1076 rsa=cert->rsa_tmp;
1077 if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL))
1078 {
1079 rsa=s->cert->rsa_tmp_cb(s,
1080 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
1081 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
1082 if(rsa == NULL)
1083 {
1084 al=SSL_AD_HANDSHAKE_FAILURE;
1085 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
1086 goto f_err;
1087 }
1088 RSA_up_ref(rsa);
1089 cert->rsa_tmp=rsa;
1090 }
1091 if (rsa == NULL)
1092 {
1093 al=SSL_AD_HANDSHAKE_FAILURE;
1094 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
1095 goto f_err;
1096 }
1097 r[0]=rsa->n;
1098 r[1]=rsa->e;
1099 s->s3->tmp.use_rsa_tmp=1;
1100 }
1101 else
1102#endif
1103#ifndef OPENSSL_NO_DH
1104 if (type & SSL_kEDH)
1105 {
1106 dhp=cert->dh_tmp;
1107 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
1108 dhp=s->cert->dh_tmp_cb(s,
1109 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
1110 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
1111 if (dhp == NULL)
1112 {
1113 al=SSL_AD_HANDSHAKE_FAILURE;
1114 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
1115 goto f_err;
1116 }
1117
1118 if (s->s3->tmp.dh != NULL)
1119 {
1120 DH_free(dh);
1121 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
1122 goto err;
1123 }
1124
1125 if ((dh=DHparams_dup(dhp)) == NULL)
1126 {
1127 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
1128 goto err;
1129 }
1130
1131 s->s3->tmp.dh=dh;
1132 if ((dhp->pub_key == NULL ||
1133 dhp->priv_key == NULL ||
1134 (s->options & SSL_OP_SINGLE_DH_USE)))
1135 {
1136 if(!DH_generate_key(dh))
1137 {
1138 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1139 ERR_R_DH_LIB);
1140 goto err;
1141 }
1142 }
1143 else
1144 {
1145 dh->pub_key=BN_dup(dhp->pub_key);
1146 dh->priv_key=BN_dup(dhp->priv_key);
1147 if ((dh->pub_key == NULL) ||
1148 (dh->priv_key == NULL))
1149 {
1150 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
1151 goto err;
1152 }
1153 }
1154 r[0]=dh->p;
1155 r[1]=dh->g;
1156 r[2]=dh->pub_key;
1157 }
1158 else
1159#endif
1160 {
1161 al=SSL_AD_HANDSHAKE_FAILURE;
1162 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1163 goto f_err;
1164 }
1165 for (i=0; r[i] != NULL; i++)
1166 {
1167 nr[i]=BN_num_bytes(r[i]);
1168 n+=2+nr[i];
1169 }
1170
1171 if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
1172 {
1173 if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
1174 == NULL)
1175 {
1176 al=SSL_AD_DECODE_ERROR;
1177 goto f_err;
1178 }
1179 kn=EVP_PKEY_size(pkey);
1180 }
1181 else
1182 {
1183 pkey=NULL;
1184 kn=0;
1185 }
1186
1187 if (!BUF_MEM_grow_clean(buf,n+4+kn))
1188 {
1189 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
1190 goto err;
1191 }
1192 d=(unsigned char *)s->init_buf->data;
1193 p= &(d[4]);
1194
1195 for (i=0; r[i] != NULL; i++)
1196 {
1197 s2n(nr[i],p);
1198 BN_bn2bin(r[i],p);
1199 p+=nr[i];
1200 }
1201
1202 /* not anonymous */
1203 if (pkey != NULL)
1204 {
1205 /* n is the length of the params, they start at &(d[4])
1206 * and p points to the space at the end. */
1207#ifndef OPENSSL_NO_RSA
1208 if (pkey->type == EVP_PKEY_RSA)
1209 {
1210 q=md_buf;
1211 j=0;
1212 for (num=2; num > 0; num--)
1213 {
1214 EVP_DigestInit_ex(&md_ctx,(num == 2)
1215 ?s->ctx->md5:s->ctx->sha1, NULL);
1216 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1217 EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1218 EVP_DigestUpdate(&md_ctx,&(d[4]),n);
1219 EVP_DigestFinal_ex(&md_ctx,q,
1220 (unsigned int *)&i);
1221 q+=i;
1222 j+=i;
1223 }
1224 if (RSA_sign(NID_md5_sha1, md_buf, j,
1225 &(p[2]), &u, pkey->pkey.rsa) <= 0)
1226 {
1227 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
1228 goto err;
1229 }
1230 s2n(u,p);
1231 n+=u+2;
1232 }
1233 else
1234#endif
1235#if !defined(OPENSSL_NO_DSA)
1236 if (pkey->type == EVP_PKEY_DSA)
1237 {
1238 /* lets do DSS */
1239 EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL);
1240 EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1241 EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1242 EVP_SignUpdate(&md_ctx,&(d[4]),n);
1243 if (!EVP_SignFinal(&md_ctx,&(p[2]),
1244 (unsigned int *)&i,pkey))
1245 {
1246 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
1247 goto err;
1248 }
1249 s2n(i,p);
1250 n+=i+2;
1251 }
1252 else
1253#endif
1254 {
1255 /* Is this error check actually needed? */
1256 al=SSL_AD_HANDSHAKE_FAILURE;
1257 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
1258 goto f_err;
1259 }
1260 }
1261
1262 *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE;
1263 l2n3(n,d);
1264
1265 /* we should now have things packed up, so lets send
1266 * it off */
1267 s->init_num=n+4;
1268 s->init_off=0;
1269 }
1270
1271 s->state = SSL3_ST_SW_KEY_EXCH_B;
1272 EVP_MD_CTX_cleanup(&md_ctx);
1273 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1274f_err:
1275 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1276err:
1277 EVP_MD_CTX_cleanup(&md_ctx);
1278 return(-1);
1279 }
1280
1281static int ssl3_send_certificate_request(SSL *s)
1282 {
1283 unsigned char *p,*d;
1284 int i,j,nl,off,n;
1285 STACK_OF(X509_NAME) *sk=NULL;
1286 X509_NAME *name;
1287 BUF_MEM *buf;
1288
1289 if (s->state == SSL3_ST_SW_CERT_REQ_A)
1290 {
1291 buf=s->init_buf;
1292
1293 d=p=(unsigned char *)&(buf->data[4]);
1294
1295 /* get the list of acceptable cert types */
1296 p++;
1297 n=ssl3_get_req_cert_type(s,p);
1298 d[0]=n;
1299 p+=n;
1300 n++;
1301
1302 off=n;
1303 p+=2;
1304 n+=2;
1305
1306 sk=SSL_get_client_CA_list(s);
1307 nl=0;
1308 if (sk != NULL)
1309 {
1310 for (i=0; i<sk_X509_NAME_num(sk); i++)
1311 {
1312 name=sk_X509_NAME_value(sk,i);
1313 j=i2d_X509_NAME(name,NULL);
1314 if (!BUF_MEM_grow_clean(buf,4+n+j+2))
1315 {
1316 SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
1317 goto err;
1318 }
1319 p=(unsigned char *)&(buf->data[4+n]);
1320 if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
1321 {
1322 s2n(j,p);
1323 i2d_X509_NAME(name,&p);
1324 n+=2+j;
1325 nl+=2+j;
1326 }
1327 else
1328 {
1329 d=p;
1330 i2d_X509_NAME(name,&p);
1331 j-=2; s2n(j,d); j+=2;
1332 n+=j;
1333 nl+=j;
1334 }
1335 }
1336 }
1337 /* else no CA names */
1338 p=(unsigned char *)&(buf->data[4+off]);
1339 s2n(nl,p);
1340
1341 d=(unsigned char *)buf->data;
1342 *(d++)=SSL3_MT_CERTIFICATE_REQUEST;
1343 l2n3(n,d);
1344
1345 /* we should now have things packed up, so lets send
1346 * it off */
1347
1348 s->init_num=n+4;
1349 s->init_off=0;
1350#ifdef NETSCAPE_HANG_BUG
1351 p=(unsigned char *)s->init_buf->data + s->init_num;
1352
1353 /* do the header */
1354 *(p++)=SSL3_MT_SERVER_DONE;
1355 *(p++)=0;
1356 *(p++)=0;
1357 *(p++)=0;
1358 s->init_num += 4;
1359#endif
1360
1361 s->state = SSL3_ST_SW_CERT_REQ_B;
1362 }
1363
1364 /* SSL3_ST_SW_CERT_REQ_B */
1365 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1366err:
1367 return(-1);
1368 }
1369
1370static int ssl3_get_client_key_exchange(SSL *s)
1371 {
1372 int i,al,ok;
1373 long n;
1374 unsigned long l;
1375 unsigned char *p;
1376#ifndef OPENSSL_NO_RSA
1377 RSA *rsa=NULL;
1378 EVP_PKEY *pkey=NULL;
1379#endif
1380#ifndef OPENSSL_NO_DH
1381 BIGNUM *pub=NULL;
1382 DH *dh_srvr;
1383#endif
1384#ifndef OPENSSL_NO_KRB5
1385 KSSL_ERR kssl_err;
1386#endif /* OPENSSL_NO_KRB5 */
1387
1388 n=ssl3_get_message(s,
1389 SSL3_ST_SR_KEY_EXCH_A,
1390 SSL3_ST_SR_KEY_EXCH_B,
1391 SSL3_MT_CLIENT_KEY_EXCHANGE,
1392 2048, /* ??? */
1393 &ok);
1394
1395 if (!ok) return((int)n);
1396 p=(unsigned char *)s->init_msg;
1397
1398 l=s->s3->tmp.new_cipher->algorithms;
1399
1400#ifndef OPENSSL_NO_RSA
1401 if (l & SSL_kRSA)
1402 {
1403 /* FIX THIS UP EAY EAY EAY EAY */
1404 if (s->s3->tmp.use_rsa_tmp)
1405 {
1406 if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
1407 rsa=s->cert->rsa_tmp;
1408 /* Don't do a callback because rsa_tmp should
1409 * be sent already */
1410 if (rsa == NULL)
1411 {
1412 al=SSL_AD_HANDSHAKE_FAILURE;
1413 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);
1414 goto f_err;
1415
1416 }
1417 }
1418 else
1419 {
1420 pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
1421 if ( (pkey == NULL) ||
1422 (pkey->type != EVP_PKEY_RSA) ||
1423 (pkey->pkey.rsa == NULL))
1424 {
1425 al=SSL_AD_HANDSHAKE_FAILURE;
1426 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
1427 goto f_err;
1428 }
1429 rsa=pkey->pkey.rsa;
1430 }
1431
1432 /* TLS */
1433 if (s->version > SSL3_VERSION)
1434 {
1435 n2s(p,i);
1436 if (n != i+2)
1437 {
1438 if (!(s->options & SSL_OP_TLS_D5_BUG))
1439 {
1440 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
1441 goto err;
1442 }
1443 else
1444 p-=2;
1445 }
1446 else
1447 n=i;
1448 }
1449
1450 i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
1451
1452 al = -1;
1453
1454 if (i != SSL_MAX_MASTER_KEY_LENGTH)
1455 {
1456 al=SSL_AD_DECODE_ERROR;
1457 /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */
1458 }
1459
1460 if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
1461 {
1462 /* The premaster secret must contain the same version number as the
1463 * ClientHello to detect version rollback attacks (strangely, the
1464 * protocol does not offer such protection for DH ciphersuites).
1465 * However, buggy clients exist that send the negotiated protocol
1466 * version instead if the server does not support the requested
1467 * protocol version.
1468 * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */
1469 if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
1470 (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
1471 {
1472 al=SSL_AD_DECODE_ERROR;
1473 /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */
1474
1475 /* The Klima-Pokorny-Rosa extension of Bleichenbacher's attack
1476 * (http://eprint.iacr.org/2003/052/) exploits the version
1477 * number check as a "bad version oracle" -- an alert would
1478 * reveal that the plaintext corresponding to some ciphertext
1479 * made up by the adversary is properly formatted except
1480 * that the version number is wrong. To avoid such attacks,
1481 * we should treat this just like any other decryption error. */
1482 }
1483 }
1484
1485 if (al != -1)
1486 {
1487 /* Some decryption failure -- use random value instead as countermeasure
1488 * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding
1489 * (see RFC 2246, section 7.4.7.1). */
1490 ERR_clear_error();
1491 i = SSL_MAX_MASTER_KEY_LENGTH;
1492 p[0] = s->client_version >> 8;
1493 p[1] = s->client_version & 0xff;
1494 RAND_pseudo_bytes(p+2, i-2); /* should be RAND_bytes, but we cannot work around a failure */
1495 }
1496
1497 s->session->master_key_length=
1498 s->method->ssl3_enc->generate_master_secret(s,
1499 s->session->master_key,
1500 p,i);
1501 OPENSSL_cleanse(p,i);
1502 }
1503 else
1504#endif
1505#ifndef OPENSSL_NO_DH
1506 if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
1507 {
1508 n2s(p,i);
1509 if (n != i+2)
1510 {
1511 if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
1512 {
1513 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
1514 goto err;
1515 }
1516 else
1517 {
1518 p-=2;
1519 i=(int)n;
1520 }
1521 }
1522
1523 if (n == 0L) /* the parameters are in the cert */
1524 {
1525 al=SSL_AD_HANDSHAKE_FAILURE;
1526 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);
1527 goto f_err;
1528 }
1529 else
1530 {
1531 if (s->s3->tmp.dh == NULL)
1532 {
1533 al=SSL_AD_HANDSHAKE_FAILURE;
1534 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
1535 goto f_err;
1536 }
1537 else
1538 dh_srvr=s->s3->tmp.dh;
1539 }
1540
1541 pub=BN_bin2bn(p,i,NULL);
1542 if (pub == NULL)
1543 {
1544 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);
1545 goto err;
1546 }
1547
1548 i=DH_compute_key(p,pub,dh_srvr);
1549
1550 if (i <= 0)
1551 {
1552 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
1553 goto err;
1554 }
1555
1556 DH_free(s->s3->tmp.dh);
1557 s->s3->tmp.dh=NULL;
1558
1559 BN_clear_free(pub);
1560 pub=NULL;
1561 s->session->master_key_length=
1562 s->method->ssl3_enc->generate_master_secret(s,
1563 s->session->master_key,p,i);
1564 OPENSSL_cleanse(p,i);
1565 }
1566 else
1567#endif
1568#ifndef OPENSSL_NO_KRB5
1569 if (l & SSL_kKRB5)
1570 {
1571 krb5_error_code krb5rc;
1572 krb5_data enc_ticket;
1573 krb5_data authenticator;
1574 krb5_data enc_pms;
1575 KSSL_CTX *kssl_ctx = s->kssl_ctx;
1576 EVP_CIPHER_CTX ciph_ctx;
1577 EVP_CIPHER *enc = NULL;
1578 unsigned char iv[EVP_MAX_IV_LENGTH];
1579 unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH
1580 + EVP_MAX_BLOCK_LENGTH];
1581 int padl, outl;
1582 krb5_timestamp authtime = 0;
1583 krb5_ticket_times ttimes;
1584
1585 EVP_CIPHER_CTX_init(&ciph_ctx);
1586
1587 if (!kssl_ctx) kssl_ctx = kssl_ctx_new();
1588
1589 n2s(p,i);
1590 enc_ticket.length = i;
1591
1592 if (n < enc_ticket.length + 6)
1593 {
1594 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1595 SSL_R_DATA_LENGTH_TOO_LONG);
1596 goto err;
1597 }
1598
1599 enc_ticket.data = (char *)p;
1600 p+=enc_ticket.length;
1601
1602 n2s(p,i);
1603 authenticator.length = i;
1604
1605 if (n < enc_ticket.length + authenticator.length + 6)
1606 {
1607 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1608 SSL_R_DATA_LENGTH_TOO_LONG);
1609 goto err;
1610 }
1611
1612 authenticator.data = (char *)p;
1613 p+=authenticator.length;
1614
1615 n2s(p,i);
1616 enc_pms.length = i;
1617 enc_pms.data = (char *)p;
1618 p+=enc_pms.length;
1619
1620 /* Note that the length is checked again below,
1621 ** after decryption
1622 */
1623 if(enc_pms.length > sizeof pms)
1624 {
1625 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1626 SSL_R_DATA_LENGTH_TOO_LONG);
1627 goto err;
1628 }
1629
1630 if (n != enc_ticket.length + authenticator.length +
1631 enc_pms.length + 6)
1632 {
1633 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1634 SSL_R_DATA_LENGTH_TOO_LONG);
1635 goto err;
1636 }
1637
1638 if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
1639 &kssl_err)) != 0)
1640 {
1641#ifdef KSSL_DEBUG
1642 printf("kssl_sget_tkt rtn %d [%d]\n",
1643 krb5rc, kssl_err.reason);
1644 if (kssl_err.text)
1645 printf("kssl_err text= %s\n", kssl_err.text);
1646#endif /* KSSL_DEBUG */
1647 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
1648 kssl_err.reason);
1649 goto err;
1650 }
1651
1652 /* Note: no authenticator is not considered an error,
1653 ** but will return authtime == 0.
1654 */
1655 if ((krb5rc = kssl_check_authent(kssl_ctx, &authenticator,
1656 &authtime, &kssl_err)) != 0)
1657 {
1658#ifdef KSSL_DEBUG
1659 printf("kssl_check_authent rtn %d [%d]\n",
1660 krb5rc, kssl_err.reason);
1661 if (kssl_err.text)
1662 printf("kssl_err text= %s\n", kssl_err.text);
1663#endif /* KSSL_DEBUG */
1664 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
1665 kssl_err.reason);
1666 goto err;
1667 }
1668
1669 if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0)
1670 {
1671 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, krb5rc);
1672 goto err;
1673 }
1674
1675#ifdef KSSL_DEBUG
1676 kssl_ctx_show(kssl_ctx);
1677#endif /* KSSL_DEBUG */
1678
1679 enc = kssl_map_enc(kssl_ctx->enctype);
1680 if (enc == NULL)
1681 goto err;
1682
1683 memset(iv, 0, sizeof iv); /* per RFC 1510 */
1684
1685 if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv))
1686 {
1687 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1688 SSL_R_DECRYPTION_FAILED);
1689 goto err;
1690 }
1691 if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl,
1692 (unsigned char *)enc_pms.data, enc_pms.length))
1693 {
1694 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1695 SSL_R_DECRYPTION_FAILED);
1696 goto err;
1697 }
1698 if (outl > SSL_MAX_MASTER_KEY_LENGTH)
1699 {
1700 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1701 SSL_R_DATA_LENGTH_TOO_LONG);
1702 goto err;
1703 }
1704 if (!EVP_DecryptFinal_ex(&ciph_ctx,&(pms[outl]),&padl))
1705 {
1706 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1707 SSL_R_DECRYPTION_FAILED);
1708 goto err;
1709 }
1710 outl += padl;
1711 if (outl > SSL_MAX_MASTER_KEY_LENGTH)
1712 {
1713 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1714 SSL_R_DATA_LENGTH_TOO_LONG);
1715 goto err;
1716 }
1717 EVP_CIPHER_CTX_cleanup(&ciph_ctx);
1718
1719 s->session->master_key_length=
1720 s->method->ssl3_enc->generate_master_secret(s,
1721 s->session->master_key, pms, outl);
1722
1723 if (kssl_ctx->client_princ)
1724 {
1725 int len = strlen(kssl_ctx->client_princ);
1726 if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH )
1727 {
1728 s->session->krb5_client_princ_len = len;
1729 memcpy(s->session->krb5_client_princ,kssl_ctx->client_princ,len);
1730 }
1731 }
1732
1733
1734 /* Was doing kssl_ctx_free() here,
1735 ** but it caused problems for apache.
1736 ** kssl_ctx = kssl_ctx_free(kssl_ctx);
1737 ** if (s->kssl_ctx) s->kssl_ctx = NULL;
1738 */
1739 }
1740 else
1741#endif /* OPENSSL_NO_KRB5 */
1742 {
1743 al=SSL_AD_HANDSHAKE_FAILURE;
1744 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1745 SSL_R_UNKNOWN_CIPHER_TYPE);
1746 goto f_err;
1747 }
1748
1749 return(1);
1750f_err:
1751 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1752#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA)
1753err:
1754#endif
1755 return(-1);
1756 }
1757
1758static int ssl3_get_cert_verify(SSL *s)
1759 {
1760 EVP_PKEY *pkey=NULL;
1761 unsigned char *p;
1762 int al,ok,ret=0;
1763 long n;
1764 int type=0,i,j;
1765 X509 *peer;
1766
1767 n=ssl3_get_message(s,
1768 SSL3_ST_SR_CERT_VRFY_A,
1769 SSL3_ST_SR_CERT_VRFY_B,
1770 -1,
1771 514, /* 514? */
1772 &ok);
1773
1774 if (!ok) return((int)n);
1775
1776 if (s->session->peer != NULL)
1777 {
1778 peer=s->session->peer;
1779 pkey=X509_get_pubkey(peer);
1780 type=X509_certificate_type(peer,pkey);
1781 }
1782 else
1783 {
1784 peer=NULL;
1785 pkey=NULL;
1786 }
1787
1788 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
1789 {
1790 s->s3->tmp.reuse_message=1;
1791 if ((peer != NULL) && (type | EVP_PKT_SIGN))
1792 {
1793 al=SSL_AD_UNEXPECTED_MESSAGE;
1794 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
1795 goto f_err;
1796 }
1797 ret=1;
1798 goto end;
1799 }
1800
1801 if (peer == NULL)
1802 {
1803 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);
1804 al=SSL_AD_UNEXPECTED_MESSAGE;
1805 goto f_err;
1806 }
1807
1808 if (!(type & EVP_PKT_SIGN))
1809 {
1810 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
1811 al=SSL_AD_ILLEGAL_PARAMETER;
1812 goto f_err;
1813 }
1814
1815 if (s->s3->change_cipher_spec)
1816 {
1817 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
1818 al=SSL_AD_UNEXPECTED_MESSAGE;
1819 goto f_err;
1820 }
1821
1822 /* we now have a signature that we need to verify */
1823 p=(unsigned char *)s->init_msg;
1824 n2s(p,i);
1825 n-=2;
1826 if (i > n)
1827 {
1828 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
1829 al=SSL_AD_DECODE_ERROR;
1830 goto f_err;
1831 }
1832
1833 j=EVP_PKEY_size(pkey);
1834 if ((i > j) || (n > j) || (n <= 0))
1835 {
1836 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);
1837 al=SSL_AD_DECODE_ERROR;
1838 goto f_err;
1839 }
1840
1841#ifndef OPENSSL_NO_RSA
1842 if (pkey->type == EVP_PKEY_RSA)
1843 {
1844 i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
1845 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i,
1846 pkey->pkey.rsa);
1847 if (i < 0)
1848 {
1849 al=SSL_AD_DECRYPT_ERROR;
1850 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);
1851 goto f_err;
1852 }
1853 if (i == 0)
1854 {
1855 al=SSL_AD_DECRYPT_ERROR;
1856 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);
1857 goto f_err;
1858 }
1859 }
1860 else
1861#endif
1862#ifndef OPENSSL_NO_DSA
1863 if (pkey->type == EVP_PKEY_DSA)
1864 {
1865 j=DSA_verify(pkey->save_type,
1866 &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
1867 SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
1868 if (j <= 0)
1869 {
1870 /* bad signature */
1871 al=SSL_AD_DECRYPT_ERROR;
1872 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
1873 goto f_err;
1874 }
1875 }
1876 else
1877#endif
1878 {
1879 SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_INTERNAL_ERROR);
1880 al=SSL_AD_UNSUPPORTED_CERTIFICATE;
1881 goto f_err;
1882 }
1883
1884
1885 ret=1;
1886 if (0)
1887 {
1888f_err:
1889 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1890 }
1891end:
1892 EVP_PKEY_free(pkey);
1893 return(ret);
1894 }
1895
1896static int ssl3_get_client_certificate(SSL *s)
1897 {
1898 int i,ok,al,ret= -1;
1899 X509 *x=NULL;
1900 unsigned long l,nc,llen,n;
1901 unsigned char *p,*d,*q;
1902 STACK_OF(X509) *sk=NULL;
1903
1904 n=ssl3_get_message(s,
1905 SSL3_ST_SR_CERT_A,
1906 SSL3_ST_SR_CERT_B,
1907 -1,
1908 s->max_cert_list,
1909 &ok);
1910
1911 if (!ok) return((int)n);
1912
1913 if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)
1914 {
1915 if ( (s->verify_mode & SSL_VERIFY_PEER) &&
1916 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
1917 {
1918 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
1919 al=SSL_AD_HANDSHAKE_FAILURE;
1920 goto f_err;
1921 }
1922 /* If tls asked for a client cert, the client must return a 0 list */
1923 if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
1924 {
1925 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
1926 al=SSL_AD_UNEXPECTED_MESSAGE;
1927 goto f_err;
1928 }
1929 s->s3->tmp.reuse_message=1;
1930 return(1);
1931 }
1932
1933 if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
1934 {
1935 al=SSL_AD_UNEXPECTED_MESSAGE;
1936 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
1937 goto f_err;
1938 }
1939 d=p=(unsigned char *)s->init_msg;
1940
1941 if ((sk=sk_X509_new_null()) == NULL)
1942 {
1943 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1944 goto err;
1945 }
1946
1947 n2l3(p,llen);
1948 if (llen+3 != n)
1949 {
1950 al=SSL_AD_DECODE_ERROR;
1951 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
1952 goto f_err;
1953 }
1954 for (nc=0; nc<llen; )
1955 {
1956 n2l3(p,l);
1957 if ((l+nc+3) > llen)
1958 {
1959 al=SSL_AD_DECODE_ERROR;
1960 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
1961 goto f_err;
1962 }
1963
1964 q=p;
1965 x=d2i_X509(NULL,&p,l);
1966 if (x == NULL)
1967 {
1968 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB);
1969 goto err;
1970 }
1971 if (p != (q+l))
1972 {
1973 al=SSL_AD_DECODE_ERROR;
1974 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
1975 goto f_err;
1976 }
1977 if (!sk_X509_push(sk,x))
1978 {
1979 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1980 goto err;
1981 }
1982 x=NULL;
1983 nc+=l+3;
1984 }
1985
1986 if (sk_X509_num(sk) <= 0)
1987 {
1988 /* TLS does not mind 0 certs returned */
1989 if (s->version == SSL3_VERSION)
1990 {
1991 al=SSL_AD_HANDSHAKE_FAILURE;
1992 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED);
1993 goto f_err;
1994 }
1995 /* Fail for TLS only if we required a certificate */
1996 else if ((s->verify_mode & SSL_VERIFY_PEER) &&
1997 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
1998 {
1999 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
2000 al=SSL_AD_HANDSHAKE_FAILURE;
2001 goto f_err;
2002 }
2003 }
2004 else
2005 {
2006 i=ssl_verify_cert_chain(s,sk);
2007 if (!i)
2008 {
2009 al=ssl_verify_alarm_type(s->verify_result);
2010 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
2011 goto f_err;
2012 }
2013 }
2014
2015 if (s->session->peer != NULL) /* This should not be needed */
2016 X509_free(s->session->peer);
2017 s->session->peer=sk_X509_shift(sk);
2018 s->session->verify_result = s->verify_result;
2019
2020 /* With the current implementation, sess_cert will always be NULL
2021 * when we arrive here. */
2022 if (s->session->sess_cert == NULL)
2023 {
2024 s->session->sess_cert = ssl_sess_cert_new();
2025 if (s->session->sess_cert == NULL)
2026 {
2027 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
2028 goto err;
2029 }
2030 }
2031 if (s->session->sess_cert->cert_chain != NULL)
2032 sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
2033 s->session->sess_cert->cert_chain=sk;
2034 /* Inconsistency alert: cert_chain does *not* include the
2035 * peer's own certificate, while we do include it in s3_clnt.c */
2036
2037 sk=NULL;
2038
2039 ret=1;
2040 if (0)
2041 {
2042f_err:
2043 ssl3_send_alert(s,SSL3_AL_FATAL,al);
2044 }
2045err:
2046 if (x != NULL) X509_free(x);
2047 if (sk != NULL) sk_X509_pop_free(sk,X509_free);
2048 return(ret);
2049 }
2050
2051int ssl3_send_server_certificate(SSL *s)
2052 {
2053 unsigned long l;
2054 X509 *x;
2055
2056 if (s->state == SSL3_ST_SW_CERT_A)
2057 {
2058 x=ssl_get_server_send_cert(s);
2059 if (x == NULL &&
2060 /* VRS: allow null cert if auth == KRB5 */
2061 (s->s3->tmp.new_cipher->algorithms
2062 & (SSL_MKEY_MASK|SSL_AUTH_MASK))
2063 != (SSL_aKRB5|SSL_kKRB5))
2064 {
2065 SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
2066 return(0);
2067 }
2068
2069 l=ssl3_output_cert_chain(s,x);
2070 s->state=SSL3_ST_SW_CERT_B;
2071 s->init_num=(int)l;
2072 s->init_off=0;
2073 }
2074
2075 /* SSL3_ST_SW_CERT_B */
2076 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
2077 }
diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version
deleted file mode 100644
index d0f0988b41..0000000000
--- a/src/lib/libssl/shlib_version
+++ /dev/null
@@ -1,2 +0,0 @@
1major=8
2minor=0
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
deleted file mode 100644
index 4ae8458259..0000000000
--- a/src/lib/libssl/ssl.h
+++ /dev/null
@@ -1,1854 +0,0 @@
1/* ssl/ssl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
113 *
114 * Redistribution and use in source and binary forms, with or without
115 * modification, are permitted provided that the following conditions
116 * are met:
117 *
118 * 1. Redistributions of source code must retain the above copyright
119 * notice, this list of conditions and the following disclaimer.
120 *
121 * 2. Redistributions in binary form must reproduce the above copyright
122 * notice, this list of conditions and the following disclaimer in
123 * the documentation and/or other materials provided with the
124 * distribution.
125 *
126 * 3. All advertising materials mentioning features or use of this
127 * software must display the following acknowledgment:
128 * "This product includes software developed by the OpenSSL Project
129 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
130 *
131 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
132 * endorse or promote products derived from this software without
133 * prior written permission. For written permission, please contact
134 * openssl-core@openssl.org.
135 *
136 * 5. Products derived from this software may not be called "OpenSSL"
137 * nor may "OpenSSL" appear in their names without prior written
138 * permission of the OpenSSL Project.
139 *
140 * 6. Redistributions of any form whatsoever must retain the following
141 * acknowledgment:
142 * "This product includes software developed by the OpenSSL Project
143 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
144 *
145 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
146 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
147 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
148 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
149 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
150 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
151 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
152 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
153 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
154 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
155 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
156 * OF THE POSSIBILITY OF SUCH DAMAGE.
157 * ====================================================================
158 *
159 * This product includes cryptographic software written by Eric Young
160 * (eay@cryptsoft.com). This product includes software written by Tim
161 * Hudson (tjh@cryptsoft.com).
162 *
163 */
164
165#ifndef HEADER_SSL_H
166#define HEADER_SSL_H
167
168#include <openssl/e_os2.h>
169
170#ifndef OPENSSL_NO_COMP
171#include <openssl/comp.h>
172#endif
173#ifndef OPENSSL_NO_BIO
174#include <openssl/bio.h>
175#endif
176#ifndef OPENSSL_NO_X509
177#include <openssl/x509.h>
178#endif
179#include <openssl/kssl.h>
180#include <openssl/safestack.h>
181#include <openssl/symhacks.h>
182
183#ifdef __cplusplus
184extern "C" {
185#endif
186
187/* SSLeay version number for ASN.1 encoding of the session information */
188/* Version 0 - initial version
189 * Version 1 - added the optional peer certificate
190 */
191#define SSL_SESSION_ASN1_VERSION 0x0001
192
193/* text strings for the ciphers */
194#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
195#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
196#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
197#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
198#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
199#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
200#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
201#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
202#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
203#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
204
205/* VRS Additional Kerberos5 entries
206 */
207#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
208#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
209#define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA
210#define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
211#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
212#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
213#define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5
214#define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
215
216#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
217#define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA
218#define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA
219#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
220#define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5
221#define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5
222
223#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA
224#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5
225#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA
226#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5
227#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
228#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
229#define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256
230
231#define SSL_MAX_SSL_SESSION_ID_LENGTH 32
232#define SSL_MAX_SID_CTX_LENGTH 32
233
234#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
235#define SSL_MAX_KEY_ARG_LENGTH 8
236#define SSL_MAX_MASTER_KEY_LENGTH 48
237
238/* These are used to specify which ciphers to use and not to use */
239#define SSL_TXT_LOW "LOW"
240#define SSL_TXT_MEDIUM "MEDIUM"
241#define SSL_TXT_HIGH "HIGH"
242#define SSL_TXT_kFZA "kFZA"
243#define SSL_TXT_aFZA "aFZA"
244#define SSL_TXT_eFZA "eFZA"
245#define SSL_TXT_FZA "FZA"
246
247#define SSL_TXT_aNULL "aNULL"
248#define SSL_TXT_eNULL "eNULL"
249#define SSL_TXT_NULL "NULL"
250
251#define SSL_TXT_kKRB5 "kKRB5"
252#define SSL_TXT_aKRB5 "aKRB5"
253#define SSL_TXT_KRB5 "KRB5"
254
255#define SSL_TXT_kRSA "kRSA"
256#define SSL_TXT_kDHr "kDHr"
257#define SSL_TXT_kDHd "kDHd"
258#define SSL_TXT_kEDH "kEDH"
259#define SSL_TXT_aRSA "aRSA"
260#define SSL_TXT_aDSS "aDSS"
261#define SSL_TXT_aDH "aDH"
262#define SSL_TXT_DSS "DSS"
263#define SSL_TXT_DH "DH"
264#define SSL_TXT_EDH "EDH"
265#define SSL_TXT_ADH "ADH"
266#define SSL_TXT_RSA "RSA"
267#define SSL_TXT_DES "DES"
268#define SSL_TXT_3DES "3DES"
269#define SSL_TXT_RC4 "RC4"
270#define SSL_TXT_RC2 "RC2"
271#define SSL_TXT_IDEA "IDEA"
272#define SSL_TXT_AES "AES"
273#define SSL_TXT_MD5 "MD5"
274#define SSL_TXT_SHA1 "SHA1"
275#define SSL_TXT_SHA "SHA"
276#define SSL_TXT_EXP "EXP"
277#define SSL_TXT_EXPORT "EXPORT"
278#define SSL_TXT_EXP40 "EXPORT40"
279#define SSL_TXT_EXP56 "EXPORT56"
280#define SSL_TXT_SSLV2 "SSLv2"
281#define SSL_TXT_SSLV3 "SSLv3"
282#define SSL_TXT_TLSV1 "TLSv1"
283#define SSL_TXT_ALL "ALL"
284
285/*
286 * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
287 * ciphers normally not being used.
288 * Example: "RC4" will activate all ciphers using RC4 including ciphers
289 * without authentication, which would normally disabled by DEFAULT (due
290 * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
291 * will make sure that it is also disabled in the specific selection.
292 * COMPLEMENTOF* identifiers are portable between version, as adjustments
293 * to the default cipher setup will also be included here.
294 *
295 * COMPLEMENTOFDEFAULT does not experience the same special treatment that
296 * DEFAULT gets, as only selection is being done and no sorting as needed
297 * for DEFAULT.
298 */
299#define SSL_TXT_CMPALL "COMPLEMENTOFALL"
300#define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
301
302/* The following cipher list is used by default.
303 * It also is substituted when an application-defined cipher list string
304 * starts with 'DEFAULT'. */
305#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
306
307/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
308#define SSL_SENT_SHUTDOWN 1
309#define SSL_RECEIVED_SHUTDOWN 2
310
311#ifdef __cplusplus
312}
313#endif
314
315#include <openssl/crypto.h>
316#include <openssl/lhash.h>
317#include <openssl/buffer.h>
318#include <openssl/pem.h>
319
320#ifdef __cplusplus
321extern "C" {
322#endif
323
324#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
325#define OPENSSL_NO_SSL2
326#endif
327
328#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
329#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
330
331/* This is needed to stop compilers complaining about the
332 * 'struct ssl_st *' function parameters used to prototype callbacks
333 * in SSL_CTX. */
334typedef struct ssl_st *ssl_crock_st;
335
336/* used to hold info on the particular ciphers used */
337typedef struct ssl_cipher_st
338 {
339 int valid;
340 const char *name; /* text name */
341 unsigned long id; /* id, 4 bytes, first is version */
342 unsigned long algorithms; /* what ciphers are used */
343 unsigned long algo_strength; /* strength and export flags */
344 unsigned long algorithm2; /* Extra flags */
345 int strength_bits; /* Number of bits really used */
346 int alg_bits; /* Number of bits for algorithm */
347 unsigned long mask; /* used for matching */
348 unsigned long mask_strength; /* also used for matching */
349 } SSL_CIPHER;
350
351DECLARE_STACK_OF(SSL_CIPHER)
352
353typedef struct ssl_st SSL;
354typedef struct ssl_ctx_st SSL_CTX;
355
356/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
357typedef struct ssl_method_st
358 {
359 int version;
360 int (*ssl_new)(SSL *s);
361 void (*ssl_clear)(SSL *s);
362 void (*ssl_free)(SSL *s);
363 int (*ssl_accept)(SSL *s);
364 int (*ssl_connect)(SSL *s);
365 int (*ssl_read)(SSL *s,void *buf,int len);
366 int (*ssl_peek)(SSL *s,void *buf,int len);
367 int (*ssl_write)(SSL *s,const void *buf,int len);
368 int (*ssl_shutdown)(SSL *s);
369 int (*ssl_renegotiate)(SSL *s);
370 int (*ssl_renegotiate_check)(SSL *s);
371 long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg);
372 long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg);
373 SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
374 int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
375 int (*ssl_pending)(SSL *s);
376 int (*num_ciphers)(void);
377 SSL_CIPHER *(*get_cipher)(unsigned ncipher);
378 struct ssl_method_st *(*get_ssl_method)(int version);
379 long (*get_timeout)(void);
380 struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
381 int (*ssl_version)();
382 long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)());
383 long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)());
384 } SSL_METHOD;
385
386/* Lets make this into an ASN.1 type structure as follows
387 * SSL_SESSION_ID ::= SEQUENCE {
388 * version INTEGER, -- structure version number
389 * SSLversion INTEGER, -- SSL version number
390 * Cipher OCTET_STRING, -- the 3 byte cipher ID
391 * Session_ID OCTET_STRING, -- the Session ID
392 * Master_key OCTET_STRING, -- the master key
393 * KRB5_principal OCTET_STRING -- optional Kerberos principal
394 * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument
395 * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
396 * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
397 * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
398 * Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context
399 * Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer'
400 * Compression [6] IMPLICIT ASN1_OBJECT -- compression OID XXXXX
401 * }
402 * Look in ssl/ssl_asn1.c for more details
403 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
404 */
405typedef struct ssl_session_st
406 {
407 int ssl_version; /* what ssl version session info is
408 * being kept in here? */
409
410 /* only really used in SSLv2 */
411 unsigned int key_arg_length;
412 unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
413 int master_key_length;
414 unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
415 /* session_id - valid? */
416 unsigned int session_id_length;
417 unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
418 /* this is used to determine whether the session is being reused in
419 * the appropriate context. It is up to the application to set this,
420 * via SSL_new */
421 unsigned int sid_ctx_length;
422 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
423
424#ifndef OPENSSL_NO_KRB5
425 unsigned int krb5_client_princ_len;
426 unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
427#endif /* OPENSSL_NO_KRB5 */
428
429 int not_resumable;
430
431 /* The cert is the certificate used to establish this connection */
432 struct sess_cert_st /* SESS_CERT */ *sess_cert;
433
434 /* This is the cert for the other end.
435 * On clients, it will be the same as sess_cert->peer_key->x509
436 * (the latter is not enough as sess_cert is not retained
437 * in the external representation of sessions, see ssl_asn1.c). */
438 X509 *peer;
439 /* when app_verify_callback accepts a session where the peer's certificate
440 * is not ok, we must remember the error for session reuse: */
441 long verify_result; /* only for servers */
442
443 int references;
444 long timeout;
445 long time;
446
447 int compress_meth; /* Need to lookup the method */
448
449 SSL_CIPHER *cipher;
450 unsigned long cipher_id; /* when ASN.1 loaded, this
451 * needs to be used to load
452 * the 'cipher' structure */
453
454 STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
455
456 CRYPTO_EX_DATA ex_data; /* application specific data */
457
458 /* These are used to make removal of session-ids more
459 * efficient and to implement a maximum cache size. */
460 struct ssl_session_st *prev,*next;
461 } SSL_SESSION;
462
463
464#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
465#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
466#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
467#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
468#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
469#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L
470#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
471#define SSL_OP_TLS_D5_BUG 0x00000100L
472#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
473
474/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
475 * in OpenSSL 0.9.6d. Usually (depending on the application protocol)
476 * the workaround is not needed. Unfortunately some broken SSL/TLS
477 * implementations cannot handle it at all, which is why we include
478 * it in SSL_OP_ALL. */
479#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L /* added in 0.9.6e */
480
481/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
482 * This used to be 0x000FFFFFL before 0.9.7. */
483#define SSL_OP_ALL 0x00000FFFL
484
485/* As server, disallow session resumption on renegotiation */
486#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
487/* If set, always create a new key when using tmp_dh parameters */
488#define SSL_OP_SINGLE_DH_USE 0x00100000L
489/* Set to always use the tmp_rsa key when doing RSA operations,
490 * even when this violates protocol specs */
491#define SSL_OP_EPHEMERAL_RSA 0x00200000L
492/* Set on servers to choose the cipher according to the server's
493 * preferences */
494#define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
495/* If set, a server will allow a client to issue a SSLv3.0 version number
496 * as latest version supported in the premaster secret, even when TLSv1.0
497 * (version 3.1) was announced in the client hello. Normally this is
498 * forbidden to prevent version rollback attacks. */
499#define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L
500
501#define SSL_OP_NO_SSLv2 0x01000000L
502#define SSL_OP_NO_SSLv3 0x02000000L
503#define SSL_OP_NO_TLSv1 0x04000000L
504
505/* The next flag deliberately changes the ciphertest, this is a check
506 * for the PKCS#1 attack */
507#define SSL_OP_PKCS1_CHECK_1 0x08000000L
508#define SSL_OP_PKCS1_CHECK_2 0x10000000L
509#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
510#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
511
512
513/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
514 * when just a single record has been written): */
515#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L
516/* Make it possible to retry SSL_write() with changed buffer location
517 * (buffer contents must stay the same!); this is not the default to avoid
518 * the misconception that non-blocking SSL_write() behaves like
519 * non-blocking write(): */
520#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
521/* Never bother the application with retries if the transport
522 * is blocking: */
523#define SSL_MODE_AUTO_RETRY 0x00000004L
524/* Don't attempt to automatically build certificate chain */
525#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
526
527
528/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
529 * they cannot be used to clear bits. */
530
531#define SSL_CTX_set_options(ctx,op) \
532 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
533#define SSL_CTX_get_options(ctx) \
534 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
535#define SSL_set_options(ssl,op) \
536 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
537#define SSL_get_options(ssl) \
538 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
539
540#define SSL_CTX_set_mode(ctx,op) \
541 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
542#define SSL_CTX_get_mode(ctx) \
543 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
544#define SSL_set_mode(ssl,op) \
545 SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
546#define SSL_get_mode(ssl) \
547 SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
548
549
550void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
551void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
552#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
553#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
554
555
556
557#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
558#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */
559#else
560#define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */
561#endif
562
563#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
564
565/* This callback type is used inside SSL_CTX, SSL, and in the functions that set
566 * them. It is used to override the generation of SSL/TLS session IDs in a
567 * server. Return value should be zero on an error, non-zero to proceed. Also,
568 * callbacks should themselves check if the id they generate is unique otherwise
569 * the SSL handshake will fail with an error - callbacks can do this using the
570 * 'ssl' value they're passed by;
571 * SSL_has_matching_session_id(ssl, id, *id_len)
572 * The length value passed in is set at the maximum size the session ID can be.
573 * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
574 * can alter this length to be less if desired, but under SSLv2 session IDs are
575 * supposed to be fixed at 16 bytes so the id will be padded after the callback
576 * returns in this case. It is also an error for the callback to set the size to
577 * zero. */
578typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
579 unsigned int *id_len);
580
581typedef struct ssl_comp_st
582 {
583 int id;
584 char *name;
585#ifndef OPENSSL_NO_COMP
586 COMP_METHOD *method;
587#else
588 char *method;
589#endif
590 } SSL_COMP;
591
592DECLARE_STACK_OF(SSL_COMP)
593
594struct ssl_ctx_st
595 {
596 SSL_METHOD *method;
597
598 STACK_OF(SSL_CIPHER) *cipher_list;
599 /* same as above but sorted for lookup */
600 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
601
602 struct x509_store_st /* X509_STORE */ *cert_store;
603 struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSIONs */
604 /* Most session-ids that will be cached, default is
605 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
606 unsigned long session_cache_size;
607 struct ssl_session_st *session_cache_head;
608 struct ssl_session_st *session_cache_tail;
609
610 /* This can have one of 2 values, ored together,
611 * SSL_SESS_CACHE_CLIENT,
612 * SSL_SESS_CACHE_SERVER,
613 * Default is SSL_SESSION_CACHE_SERVER, which means only
614 * SSL_accept which cache SSL_SESSIONS. */
615 int session_cache_mode;
616
617 /* If timeout is not 0, it is the default timeout value set
618 * when SSL_new() is called. This has been put in to make
619 * life easier to set things up */
620 long session_timeout;
621
622 /* If this callback is not null, it will be called each
623 * time a session id is added to the cache. If this function
624 * returns 1, it means that the callback will do a
625 * SSL_SESSION_free() when it has finished using it. Otherwise,
626 * on 0, it means the callback has finished with it.
627 * If remove_session_cb is not null, it will be called when
628 * a session-id is removed from the cache. After the call,
629 * OpenSSL will SSL_SESSION_free() it. */
630 int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
631 void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
632 SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
633 unsigned char *data,int len,int *copy);
634
635 struct
636 {
637 int sess_connect; /* SSL new conn - started */
638 int sess_connect_renegotiate;/* SSL reneg - requested */
639 int sess_connect_good; /* SSL new conne/reneg - finished */
640 int sess_accept; /* SSL new accept - started */
641 int sess_accept_renegotiate;/* SSL reneg - requested */
642 int sess_accept_good; /* SSL accept/reneg - finished */
643 int sess_miss; /* session lookup misses */
644 int sess_timeout; /* reuse attempt on timeouted session */
645 int sess_cache_full; /* session removed due to full cache */
646 int sess_hit; /* session reuse actually done */
647 int sess_cb_hit; /* session-id that was not
648 * in the cache was
649 * passed back via the callback. This
650 * indicates that the application is
651 * supplying session-id's from other
652 * processes - spooky :-) */
653 } stats;
654
655 int references;
656
657 /* if defined, these override the X509_verify_cert() calls */
658 int (*app_verify_callback)(X509_STORE_CTX *, void *);
659 void *app_verify_arg;
660 /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored
661 * ('app_verify_callback' was called with just one argument) */
662
663 /* Default password callback. */
664 pem_password_cb *default_passwd_callback;
665
666 /* Default password callback user data. */
667 void *default_passwd_callback_userdata;
668
669 /* get client cert callback */
670 int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
671
672 CRYPTO_EX_DATA ex_data;
673
674 const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
675 const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
676 const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
677
678 STACK_OF(X509) *extra_certs;
679 STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
680
681
682 /* Default values used when no per-SSL value is defined follow */
683
684 void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */
685
686 /* what we put in client cert requests */
687 STACK_OF(X509_NAME) *client_CA;
688
689
690 /* Default values to use in SSL structures follow (these are copied by SSL_new) */
691
692 unsigned long options;
693 unsigned long mode;
694 long max_cert_list;
695
696 struct cert_st /* CERT */ *cert;
697 int read_ahead;
698
699 /* callback that allows applications to peek at protocol messages */
700 void (*msg_callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
701 void *msg_callback_arg;
702
703 int verify_mode;
704 int verify_depth;
705 unsigned int sid_ctx_length;
706 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
707 int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
708
709 /* Default generate session ID callback. */
710 GEN_SESSION_CB generate_session_id;
711
712 int purpose; /* Purpose setting */
713 int trust; /* Trust setting */
714
715 int quiet_shutdown;
716 };
717
718#define SSL_SESS_CACHE_OFF 0x0000
719#define SSL_SESS_CACHE_CLIENT 0x0001
720#define SSL_SESS_CACHE_SERVER 0x0002
721#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
722#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
723/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
724#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
725#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
726#define SSL_SESS_CACHE_NO_INTERNAL \
727 (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
728
729 struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
730#define SSL_CTX_sess_number(ctx) \
731 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
732#define SSL_CTX_sess_connect(ctx) \
733 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
734#define SSL_CTX_sess_connect_good(ctx) \
735 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
736#define SSL_CTX_sess_connect_renegotiate(ctx) \
737 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
738#define SSL_CTX_sess_accept(ctx) \
739 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
740#define SSL_CTX_sess_accept_renegotiate(ctx) \
741 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
742#define SSL_CTX_sess_accept_good(ctx) \
743 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
744#define SSL_CTX_sess_hits(ctx) \
745 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
746#define SSL_CTX_sess_cb_hits(ctx) \
747 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
748#define SSL_CTX_sess_misses(ctx) \
749 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
750#define SSL_CTX_sess_timeouts(ctx) \
751 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
752#define SSL_CTX_sess_cache_full(ctx) \
753 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
754
755#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))
756#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb)
757#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb))
758#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)
759#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))
760#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb)
761#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb))
762#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback)
763#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb))
764#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb)
765
766#define SSL_NOTHING 1
767#define SSL_WRITING 2
768#define SSL_READING 3
769#define SSL_X509_LOOKUP 4
770
771/* These will only be used when doing non-blocking IO */
772#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
773#define SSL_want_read(s) (SSL_want(s) == SSL_READING)
774#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
775#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
776
777struct ssl_st
778 {
779 /* protocol version
780 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION)
781 */
782 int version;
783 int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
784
785 SSL_METHOD *method; /* SSLv3 */
786
787 /* There are 2 BIO's even though they are normally both the
788 * same. This is so data can be read and written to different
789 * handlers */
790
791#ifndef OPENSSL_NO_BIO
792 BIO *rbio; /* used by SSL_read */
793 BIO *wbio; /* used by SSL_write */
794 BIO *bbio; /* used during session-id reuse to concatenate
795 * messages */
796#else
797 char *rbio; /* used by SSL_read */
798 char *wbio; /* used by SSL_write */
799 char *bbio;
800#endif
801 /* This holds a variable that indicates what we were doing
802 * when a 0 or -1 is returned. This is needed for
803 * non-blocking IO so we know what request needs re-doing when
804 * in SSL_accept or SSL_connect */
805 int rwstate;
806
807 /* true when we are actually in SSL_accept() or SSL_connect() */
808 int in_handshake;
809 int (*handshake_func)();
810
811 /* Imagine that here's a boolean member "init" that is
812 * switched as soon as SSL_set_{accept/connect}_state
813 * is called for the first time, so that "state" and
814 * "handshake_func" are properly initialized. But as
815 * handshake_func is == 0 until then, we use this
816 * test instead of an "init" member.
817 */
818
819 int server; /* are we the server side? - mostly used by SSL_clear*/
820
821 int new_session;/* 1 if we are to use a new session.
822 * 2 if we are a server and are inside a handshake
823 * (i.e. not just sending a HelloRequest)
824 * NB: For servers, the 'new' session may actually be a previously
825 * cached session or even the previous session unless
826 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
827 int quiet_shutdown;/* don't send shutdown packets */
828 int shutdown; /* we have shut things down, 0x01 sent, 0x02
829 * for received */
830 int state; /* where we are */
831 int rstate; /* where we are when reading */
832
833 BUF_MEM *init_buf; /* buffer used during init */
834 void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */
835 int init_num; /* amount read/written */
836 int init_off; /* amount read/written */
837
838 /* used internally to point at a raw packet */
839 unsigned char *packet;
840 unsigned int packet_length;
841
842 struct ssl2_state_st *s2; /* SSLv2 variables */
843 struct ssl3_state_st *s3; /* SSLv3 variables */
844
845 int read_ahead; /* Read as many input bytes as possible
846 * (for non-blocking reads) */
847
848 /* callback that allows applications to peek at protocol messages */
849 void (*msg_callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
850 void *msg_callback_arg;
851
852 int hit; /* reusing a previous session */
853
854 int purpose; /* Purpose setting */
855 int trust; /* Trust setting */
856
857 /* crypto */
858 STACK_OF(SSL_CIPHER) *cipher_list;
859 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
860
861 /* These are the ones being used, the ones in SSL_SESSION are
862 * the ones to be 'copied' into these ones */
863
864 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
865 const EVP_MD *read_hash; /* used for mac generation */
866#ifndef OPENSSL_NO_COMP
867 COMP_CTX *expand; /* uncompress */
868#else
869 char *expand;
870#endif
871
872 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
873 const EVP_MD *write_hash; /* used for mac generation */
874#ifndef OPENSSL_NO_COMP
875 COMP_CTX *compress; /* compression */
876#else
877 char *compress;
878#endif
879
880 /* session info */
881
882 /* client cert? */
883 /* This is used to hold the server certificate used */
884 struct cert_st /* CERT */ *cert;
885
886 /* the session_id_context is used to ensure sessions are only reused
887 * in the appropriate context */
888 unsigned int sid_ctx_length;
889 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
890
891 /* This can also be in the session once a session is established */
892 SSL_SESSION *session;
893
894 /* Default generate session ID callback. */
895 GEN_SESSION_CB generate_session_id;
896
897 /* Used in SSL2 and SSL3 */
898 int verify_mode; /* 0 don't care about verify failure.
899 * 1 fail if verify fails */
900 int verify_depth;
901 int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
902
903 void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
904
905 int error; /* error bytes to be written */
906 int error_code; /* actual code */
907
908#ifndef OPENSSL_NO_KRB5
909 KSSL_CTX *kssl_ctx; /* Kerberos 5 context */
910#endif /* OPENSSL_NO_KRB5 */
911
912 SSL_CTX *ctx;
913 /* set this flag to 1 and a sleep(1) is put into all SSL_read()
914 * and SSL_write() calls, good for nbio debuging :-) */
915 int debug;
916
917 /* extra application data */
918 long verify_result;
919 CRYPTO_EX_DATA ex_data;
920
921 /* for server side, keep the list of CA_dn we can use */
922 STACK_OF(X509_NAME) *client_CA;
923
924 int references;
925 unsigned long options; /* protocol behaviour */
926 unsigned long mode; /* API behaviour */
927 long max_cert_list;
928 int first_packet;
929 int client_version; /* what was passed, used for
930 * SSLv3/TLS rollback check */
931 };
932
933#ifdef __cplusplus
934}
935#endif
936
937#include <openssl/ssl2.h>
938#include <openssl/ssl3.h>
939#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
940#include <openssl/ssl23.h>
941
942#ifdef __cplusplus
943extern "C" {
944#endif
945
946/* compatibility */
947#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
948#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
949#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
950#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
951#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
952#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
953
954/* The following are the possible values for ssl->state are are
955 * used to indicate where we are up to in the SSL connection establishment.
956 * The macros that follow are about the only things you should need to use
957 * and even then, only when using non-blocking IO.
958 * It can also be useful to work out where you were when the connection
959 * failed */
960
961#define SSL_ST_CONNECT 0x1000
962#define SSL_ST_ACCEPT 0x2000
963#define SSL_ST_MASK 0x0FFF
964#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
965#define SSL_ST_BEFORE 0x4000
966#define SSL_ST_OK 0x03
967#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
968
969#define SSL_CB_LOOP 0x01
970#define SSL_CB_EXIT 0x02
971#define SSL_CB_READ 0x04
972#define SSL_CB_WRITE 0x08
973#define SSL_CB_ALERT 0x4000 /* used in callback */
974#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
975#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
976#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
977#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
978#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
979#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
980#define SSL_CB_HANDSHAKE_START 0x10
981#define SSL_CB_HANDSHAKE_DONE 0x20
982
983/* Is the SSL_connection established? */
984#define SSL_get_state(a) SSL_state(a)
985#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
986#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
987#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
988#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
989#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
990
991/* The following 2 states are kept in ssl->rstate when reads fail,
992 * you should not need these */
993#define SSL_ST_READ_HEADER 0xF0
994#define SSL_ST_READ_BODY 0xF1
995#define SSL_ST_READ_DONE 0xF2
996
997/* Obtain latest Finished message
998 * -- that we sent (SSL_get_finished)
999 * -- that we expected from peer (SSL_get_peer_finished).
1000 * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
1001size_t SSL_get_finished(SSL *s, void *buf, size_t count);
1002size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
1003
1004/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
1005 * are 'ored' with SSL_VERIFY_PEER if they are desired */
1006#define SSL_VERIFY_NONE 0x00
1007#define SSL_VERIFY_PEER 0x01
1008#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
1009#define SSL_VERIFY_CLIENT_ONCE 0x04
1010
1011#define OpenSSL_add_ssl_algorithms() SSL_library_init()
1012#define SSLeay_add_ssl_algorithms() SSL_library_init()
1013
1014/* this is for backward compatibility */
1015#if 0 /* NEW_SSLEAY */
1016#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
1017#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)
1018#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b))
1019#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))
1020#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))
1021#endif
1022/* More backward compatibility */
1023#define SSL_get_cipher(s) \
1024 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
1025#define SSL_get_cipher_bits(s,np) \
1026 SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
1027#define SSL_get_cipher_version(s) \
1028 SSL_CIPHER_get_version(SSL_get_current_cipher(s))
1029#define SSL_get_cipher_name(s) \
1030 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
1031#define SSL_get_time(a) SSL_SESSION_get_time(a)
1032#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
1033#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
1034#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
1035
1036#if 1 /*SSLEAY_MACROS*/
1037#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \
1038 (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \
1039 (bp),(unsigned char **)(s_id))
1040#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \
1041 bp,(unsigned char *)s_id)
1042#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
1043 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
1044#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
1045 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
1046#define PEM_write_SSL_SESSION(fp,x) \
1047 PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
1048 PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
1049#define PEM_write_bio_SSL_SESSION(bp,x) \
1050 PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
1051 PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
1052#endif
1053
1054#define SSL_AD_REASON_OFFSET 1000
1055/* These alert types are for SSLv3 and TLSv1 */
1056#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
1057#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
1058#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
1059#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
1060#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
1061#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
1062#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */
1063#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
1064#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
1065#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
1066#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
1067#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
1068#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
1069#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
1070#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
1071#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
1072#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
1073#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
1074#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */
1075#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
1076#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
1077#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
1078#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
1079#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
1080
1081#define SSL_ERROR_NONE 0
1082#define SSL_ERROR_SSL 1
1083#define SSL_ERROR_WANT_READ 2
1084#define SSL_ERROR_WANT_WRITE 3
1085#define SSL_ERROR_WANT_X509_LOOKUP 4
1086#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */
1087#define SSL_ERROR_ZERO_RETURN 6
1088#define SSL_ERROR_WANT_CONNECT 7
1089#define SSL_ERROR_WANT_ACCEPT 8
1090
1091#define SSL_CTRL_NEED_TMP_RSA 1
1092#define SSL_CTRL_SET_TMP_RSA 2
1093#define SSL_CTRL_SET_TMP_DH 3
1094#define SSL_CTRL_SET_TMP_RSA_CB 4
1095#define SSL_CTRL_SET_TMP_DH_CB 5
1096
1097#define SSL_CTRL_GET_SESSION_REUSED 6
1098#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 7
1099#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 8
1100#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9
1101#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10
1102#define SSL_CTRL_GET_FLAGS 11
1103#define SSL_CTRL_EXTRA_CHAIN_CERT 12
1104
1105#define SSL_CTRL_SET_MSG_CALLBACK 13
1106#define SSL_CTRL_SET_MSG_CALLBACK_ARG 14
1107
1108/* Stats */
1109#define SSL_CTRL_SESS_NUMBER 20
1110#define SSL_CTRL_SESS_CONNECT 21
1111#define SSL_CTRL_SESS_CONNECT_GOOD 22
1112#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
1113#define SSL_CTRL_SESS_ACCEPT 24
1114#define SSL_CTRL_SESS_ACCEPT_GOOD 25
1115#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
1116#define SSL_CTRL_SESS_HIT 27
1117#define SSL_CTRL_SESS_CB_HIT 28
1118#define SSL_CTRL_SESS_MISSES 29
1119#define SSL_CTRL_SESS_TIMEOUTS 30
1120#define SSL_CTRL_SESS_CACHE_FULL 31
1121#define SSL_CTRL_OPTIONS 32
1122#define SSL_CTRL_MODE 33
1123
1124#define SSL_CTRL_GET_READ_AHEAD 40
1125#define SSL_CTRL_SET_READ_AHEAD 41
1126#define SSL_CTRL_SET_SESS_CACHE_SIZE 42
1127#define SSL_CTRL_GET_SESS_CACHE_SIZE 43
1128#define SSL_CTRL_SET_SESS_CACHE_MODE 44
1129#define SSL_CTRL_GET_SESS_CACHE_MODE 45
1130
1131#define SSL_CTRL_GET_MAX_CERT_LIST 50
1132#define SSL_CTRL_SET_MAX_CERT_LIST 51
1133
1134#define SSL_session_reused(ssl) \
1135 SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
1136#define SSL_num_renegotiations(ssl) \
1137 SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
1138#define SSL_clear_num_renegotiations(ssl) \
1139 SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
1140#define SSL_total_renegotiations(ssl) \
1141 SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
1142
1143#define SSL_CTX_need_tmp_RSA(ctx) \
1144 SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
1145#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
1146 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
1147#define SSL_CTX_set_tmp_dh(ctx,dh) \
1148 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1149
1150#define SSL_need_tmp_RSA(ssl) \
1151 SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
1152#define SSL_set_tmp_rsa(ssl,rsa) \
1153 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
1154#define SSL_set_tmp_dh(ssl,dh) \
1155 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1156
1157#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
1158 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
1159
1160#ifndef OPENSSL_NO_BIO
1161BIO_METHOD *BIO_f_ssl(void);
1162BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
1163BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
1164BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
1165int BIO_ssl_copy_session_id(BIO *to,BIO *from);
1166void BIO_ssl_shutdown(BIO *ssl_bio);
1167
1168#endif
1169
1170int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
1171SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
1172void SSL_CTX_free(SSL_CTX *);
1173long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
1174long SSL_CTX_get_timeout(SSL_CTX *ctx);
1175X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *);
1176void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *);
1177int SSL_want(SSL *s);
1178int SSL_clear(SSL *s);
1179
1180void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
1181
1182SSL_CIPHER *SSL_get_current_cipher(SSL *s);
1183int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
1184char * SSL_CIPHER_get_version(SSL_CIPHER *c);
1185const char * SSL_CIPHER_get_name(SSL_CIPHER *c);
1186
1187int SSL_get_fd(SSL *s);
1188int SSL_get_rfd(SSL *s);
1189int SSL_get_wfd(SSL *s);
1190const char * SSL_get_cipher_list(SSL *s,int n);
1191char * SSL_get_shared_ciphers(SSL *s, char *buf, int len);
1192int SSL_get_read_ahead(SSL * s);
1193int SSL_pending(SSL *s);
1194#ifndef OPENSSL_NO_SOCK
1195int SSL_set_fd(SSL *s, int fd);
1196int SSL_set_rfd(SSL *s, int fd);
1197int SSL_set_wfd(SSL *s, int fd);
1198#endif
1199#ifndef OPENSSL_NO_BIO
1200void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
1201BIO * SSL_get_rbio(SSL *s);
1202BIO * SSL_get_wbio(SSL *s);
1203#endif
1204int SSL_set_cipher_list(SSL *s, const char *str);
1205void SSL_set_read_ahead(SSL *s, int yes);
1206int SSL_get_verify_mode(SSL *s);
1207int SSL_get_verify_depth(SSL *s);
1208int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *);
1209void SSL_set_verify(SSL *s, int mode,
1210 int (*callback)(int ok,X509_STORE_CTX *ctx));
1211void SSL_set_verify_depth(SSL *s, int depth);
1212#ifndef OPENSSL_NO_RSA
1213int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
1214#endif
1215int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
1216int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
1217int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
1218int SSL_use_certificate(SSL *ssl, X509 *x);
1219int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
1220
1221#ifndef OPENSSL_NO_STDIO
1222int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
1223int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
1224int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
1225int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
1226int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
1227int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
1228int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
1229STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
1230int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
1231 const char *file);
1232#ifndef OPENSSL_SYS_VMS
1233#ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */
1234int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
1235 const char *dir);
1236#endif
1237#endif
1238
1239#endif
1240
1241void SSL_load_error_strings(void );
1242const char *SSL_state_string(const SSL *s);
1243const char *SSL_rstate_string(const SSL *s);
1244const char *SSL_state_string_long(const SSL *s);
1245const char *SSL_rstate_string_long(const SSL *s);
1246long SSL_SESSION_get_time(SSL_SESSION *s);
1247long SSL_SESSION_set_time(SSL_SESSION *s, long t);
1248long SSL_SESSION_get_timeout(SSL_SESSION *s);
1249long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
1250void SSL_copy_session_id(SSL *to,SSL *from);
1251
1252SSL_SESSION *SSL_SESSION_new(void);
1253unsigned long SSL_SESSION_hash(SSL_SESSION *a);
1254int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);
1255#ifndef OPENSSL_NO_FP_API
1256int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
1257#endif
1258#ifndef OPENSSL_NO_BIO
1259int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
1260#endif
1261void SSL_SESSION_free(SSL_SESSION *ses);
1262int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
1263int SSL_set_session(SSL *to, SSL_SESSION *session);
1264int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
1265int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
1266int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
1267int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
1268int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
1269 unsigned int id_len);
1270SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
1271
1272#ifdef HEADER_X509_H
1273X509 * SSL_get_peer_certificate(SSL *s);
1274#endif
1275
1276STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
1277
1278int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
1279int SSL_CTX_get_verify_depth(SSL_CTX *ctx);
1280int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);
1281void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
1282 int (*callback)(int, X509_STORE_CTX *));
1283void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
1284void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg);
1285#ifndef OPENSSL_NO_RSA
1286int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
1287#endif
1288int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
1289int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
1290int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
1291 unsigned char *d, long len);
1292int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
1293int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
1294
1295void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
1296void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
1297
1298int SSL_CTX_check_private_key(SSL_CTX *ctx);
1299int SSL_check_private_key(SSL *ctx);
1300
1301int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
1302 unsigned int sid_ctx_len);
1303
1304SSL * SSL_new(SSL_CTX *ctx);
1305int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
1306 unsigned int sid_ctx_len);
1307
1308int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
1309int SSL_set_purpose(SSL *s, int purpose);
1310int SSL_CTX_set_trust(SSL_CTX *s, int trust);
1311int SSL_set_trust(SSL *s, int trust);
1312
1313void SSL_free(SSL *ssl);
1314int SSL_accept(SSL *ssl);
1315int SSL_connect(SSL *ssl);
1316int SSL_read(SSL *ssl,void *buf,int num);
1317int SSL_peek(SSL *ssl,void *buf,int num);
1318int SSL_write(SSL *ssl,const void *buf,int num);
1319long SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg);
1320long SSL_callback_ctrl(SSL *, int, void (*)());
1321long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, void *parg);
1322long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)());
1323
1324int SSL_get_error(SSL *s,int ret_code);
1325const char *SSL_get_version(SSL *s);
1326
1327/* This sets the 'default' SSL version that SSL_new() will create */
1328int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
1329
1330SSL_METHOD *SSLv2_method(void); /* SSLv2 */
1331SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
1332SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
1333
1334SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1335SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1336SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
1337
1338SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */
1339SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
1340SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
1341
1342SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
1343SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
1344SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
1345
1346STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s);
1347
1348int SSL_do_handshake(SSL *s);
1349int SSL_renegotiate(SSL *s);
1350int SSL_renegotiate_pending(SSL *s);
1351int SSL_shutdown(SSL *s);
1352
1353SSL_METHOD *SSL_get_ssl_method(SSL *s);
1354int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
1355const char *SSL_alert_type_string_long(int value);
1356const char *SSL_alert_type_string(int value);
1357const char *SSL_alert_desc_string_long(int value);
1358const char *SSL_alert_desc_string(int value);
1359
1360void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
1361void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
1362STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);
1363STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s);
1364int SSL_add_client_CA(SSL *ssl,X509 *x);
1365int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
1366
1367void SSL_set_connect_state(SSL *s);
1368void SSL_set_accept_state(SSL *s);
1369
1370long SSL_get_default_timeout(SSL *s);
1371
1372int SSL_library_init(void );
1373
1374char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
1375STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
1376
1377SSL *SSL_dup(SSL *ssl);
1378
1379X509 *SSL_get_certificate(SSL *ssl);
1380/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
1381
1382void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
1383int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
1384void SSL_set_quiet_shutdown(SSL *ssl,int mode);
1385int SSL_get_quiet_shutdown(SSL *ssl);
1386void SSL_set_shutdown(SSL *ssl,int mode);
1387int SSL_get_shutdown(SSL *ssl);
1388int SSL_version(SSL *ssl);
1389int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
1390int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
1391 const char *CApath);
1392#define SSL_get0_session SSL_get_session /* just peek at pointer */
1393SSL_SESSION *SSL_get_session(SSL *ssl);
1394SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
1395SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
1396void SSL_set_info_callback(SSL *ssl,
1397 void (*cb)(const SSL *ssl,int type,int val));
1398void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val);
1399int SSL_state(SSL *ssl);
1400
1401void SSL_set_verify_result(SSL *ssl,long v);
1402long SSL_get_verify_result(SSL *ssl);
1403
1404int SSL_set_ex_data(SSL *ssl,int idx,void *data);
1405void *SSL_get_ex_data(SSL *ssl,int idx);
1406int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1407 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1408
1409int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,void *data);
1410void *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx);
1411int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1412 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1413
1414int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,void *data);
1415void *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx);
1416int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1417 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
1418
1419int SSL_get_ex_data_X509_STORE_CTX_idx(void );
1420
1421#define SSL_CTX_sess_set_cache_size(ctx,t) \
1422 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
1423#define SSL_CTX_sess_get_cache_size(ctx) \
1424 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
1425#define SSL_CTX_set_session_cache_mode(ctx,m) \
1426 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
1427#define SSL_CTX_get_session_cache_mode(ctx) \
1428 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
1429
1430#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
1431#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
1432#define SSL_CTX_get_read_ahead(ctx) \
1433 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
1434#define SSL_CTX_set_read_ahead(ctx,m) \
1435 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
1436#define SSL_CTX_get_max_cert_list(ctx) \
1437 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
1438#define SSL_CTX_set_max_cert_list(ctx,m) \
1439 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
1440#define SSL_get_max_cert_list(ssl) \
1441 SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
1442#define SSL_set_max_cert_list(ssl,m) \
1443 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
1444
1445 /* NB: the keylength is only applicable when is_export is true */
1446#ifndef OPENSSL_NO_RSA
1447void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
1448 RSA *(*cb)(SSL *ssl,int is_export,
1449 int keylength));
1450
1451void SSL_set_tmp_rsa_callback(SSL *ssl,
1452 RSA *(*cb)(SSL *ssl,int is_export,
1453 int keylength));
1454#endif
1455#ifndef OPENSSL_NO_DH
1456void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
1457 DH *(*dh)(SSL *ssl,int is_export,
1458 int keylength));
1459void SSL_set_tmp_dh_callback(SSL *ssl,
1460 DH *(*dh)(SSL *ssl,int is_export,
1461 int keylength));
1462#endif
1463
1464#ifndef OPENSSL_NO_COMP
1465int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
1466#else
1467int SSL_COMP_add_compression_method(int id,char *cm);
1468#endif
1469
1470/* BEGIN ERROR CODES */
1471/* The following lines are auto generated by the script mkerr.pl. Any changes
1472 * made after this point may be overwritten when the script is next run.
1473 */
1474void ERR_load_SSL_strings(void);
1475
1476/* Error codes for the SSL functions. */
1477
1478/* Function codes. */
1479#define SSL_F_CLIENT_CERTIFICATE 100
1480#define SSL_F_CLIENT_FINISHED 238
1481#define SSL_F_CLIENT_HELLO 101
1482#define SSL_F_CLIENT_MASTER_KEY 102
1483#define SSL_F_D2I_SSL_SESSION 103
1484#define SSL_F_DO_SSL3_WRITE 104
1485#define SSL_F_GET_CLIENT_FINISHED 105
1486#define SSL_F_GET_CLIENT_HELLO 106
1487#define SSL_F_GET_CLIENT_MASTER_KEY 107
1488#define SSL_F_GET_SERVER_FINISHED 108
1489#define SSL_F_GET_SERVER_HELLO 109
1490#define SSL_F_GET_SERVER_VERIFY 110
1491#define SSL_F_I2D_SSL_SESSION 111
1492#define SSL_F_READ_N 112
1493#define SSL_F_REQUEST_CERTIFICATE 113
1494#define SSL_F_SERVER_FINISH 239
1495#define SSL_F_SERVER_HELLO 114
1496#define SSL_F_SERVER_VERIFY 240
1497#define SSL_F_SSL23_ACCEPT 115
1498#define SSL_F_SSL23_CLIENT_HELLO 116
1499#define SSL_F_SSL23_CONNECT 117
1500#define SSL_F_SSL23_GET_CLIENT_HELLO 118
1501#define SSL_F_SSL23_GET_SERVER_HELLO 119
1502#define SSL_F_SSL23_PEEK 237
1503#define SSL_F_SSL23_READ 120
1504#define SSL_F_SSL23_WRITE 121
1505#define SSL_F_SSL2_ACCEPT 122
1506#define SSL_F_SSL2_CONNECT 123
1507#define SSL_F_SSL2_ENC_INIT 124
1508#define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241
1509#define SSL_F_SSL2_PEEK 234
1510#define SSL_F_SSL2_READ 125
1511#define SSL_F_SSL2_READ_INTERNAL 236
1512#define SSL_F_SSL2_SET_CERTIFICATE 126
1513#define SSL_F_SSL2_WRITE 127
1514#define SSL_F_SSL3_ACCEPT 128
1515#define SSL_F_SSL3_CALLBACK_CTRL 233
1516#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
1517#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
1518#define SSL_F_SSL3_CLIENT_HELLO 131
1519#define SSL_F_SSL3_CONNECT 132
1520#define SSL_F_SSL3_CTRL 213
1521#define SSL_F_SSL3_CTX_CTRL 133
1522#define SSL_F_SSL3_ENC 134
1523#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
1524#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
1525#define SSL_F_SSL3_GET_CERT_VERIFY 136
1526#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
1527#define SSL_F_SSL3_GET_CLIENT_HELLO 138
1528#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
1529#define SSL_F_SSL3_GET_FINISHED 140
1530#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
1531#define SSL_F_SSL3_GET_MESSAGE 142
1532#define SSL_F_SSL3_GET_RECORD 143
1533#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
1534#define SSL_F_SSL3_GET_SERVER_DONE 145
1535#define SSL_F_SSL3_GET_SERVER_HELLO 146
1536#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
1537#define SSL_F_SSL3_PEEK 235
1538#define SSL_F_SSL3_READ_BYTES 148
1539#define SSL_F_SSL3_READ_N 149
1540#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
1541#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
1542#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
1543#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
1544#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
1545#define SSL_F_SSL3_SEND_SERVER_HELLO 242
1546#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
1547#define SSL_F_SSL3_SETUP_BUFFERS 156
1548#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
1549#define SSL_F_SSL3_WRITE_BYTES 158
1550#define SSL_F_SSL3_WRITE_PENDING 159
1551#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
1552#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
1553#define SSL_F_SSL_BAD_METHOD 160
1554#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
1555#define SSL_F_SSL_CERT_DUP 221
1556#define SSL_F_SSL_CERT_INST 222
1557#define SSL_F_SSL_CERT_INSTANTIATE 214
1558#define SSL_F_SSL_CERT_NEW 162
1559#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
1560#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
1561#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
1562#define SSL_F_SSL_CLEAR 164
1563#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
1564#define SSL_F_SSL_CREATE_CIPHER_LIST 166
1565#define SSL_F_SSL_CTRL 232
1566#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
1567#define SSL_F_SSL_CTX_NEW 169
1568#define SSL_F_SSL_CTX_SET_PURPOSE 226
1569#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
1570#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
1571#define SSL_F_SSL_CTX_SET_TRUST 229
1572#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
1573#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
1574#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
1575#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
1576#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
1577#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
1578#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
1579#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
1580#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
1581#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
1582#define SSL_F_SSL_DO_HANDSHAKE 180
1583#define SSL_F_SSL_GET_NEW_SESSION 181
1584#define SSL_F_SSL_GET_PREV_SESSION 217
1585#define SSL_F_SSL_GET_SERVER_SEND_CERT 182
1586#define SSL_F_SSL_GET_SIGN_PKEY 183
1587#define SSL_F_SSL_INIT_WBIO_BUFFER 184
1588#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
1589#define SSL_F_SSL_NEW 186
1590#define SSL_F_SSL_READ 223
1591#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
1592#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
1593#define SSL_F_SSL_SESSION_NEW 189
1594#define SSL_F_SSL_SESSION_PRINT_FP 190
1595#define SSL_F_SSL_SESS_CERT_NEW 225
1596#define SSL_F_SSL_SET_CERT 191
1597#define SSL_F_SSL_SET_FD 192
1598#define SSL_F_SSL_SET_PKEY 193
1599#define SSL_F_SSL_SET_PURPOSE 227
1600#define SSL_F_SSL_SET_RFD 194
1601#define SSL_F_SSL_SET_SESSION 195
1602#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
1603#define SSL_F_SSL_SET_TRUST 228
1604#define SSL_F_SSL_SET_WFD 196
1605#define SSL_F_SSL_SHUTDOWN 224
1606#define SSL_F_SSL_UNDEFINED_FUNCTION 197
1607#define SSL_F_SSL_USE_CERTIFICATE 198
1608#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
1609#define SSL_F_SSL_USE_CERTIFICATE_FILE 200
1610#define SSL_F_SSL_USE_PRIVATEKEY 201
1611#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
1612#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
1613#define SSL_F_SSL_USE_RSAPRIVATEKEY 204
1614#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
1615#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
1616#define SSL_F_SSL_VERIFY_CERT_CHAIN 207
1617#define SSL_F_SSL_WRITE 208
1618#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
1619#define SSL_F_TLS1_ENC 210
1620#define SSL_F_TLS1_SETUP_KEY_BLOCK 211
1621#define SSL_F_WRITE_PENDING 212
1622
1623/* Reason codes. */
1624#define SSL_R_APP_DATA_IN_HANDSHAKE 100
1625#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
1626#define SSL_R_BAD_ALERT_RECORD 101
1627#define SSL_R_BAD_AUTHENTICATION_TYPE 102
1628#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
1629#define SSL_R_BAD_CHECKSUM 104
1630#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
1631#define SSL_R_BAD_DECOMPRESSION 107
1632#define SSL_R_BAD_DH_G_LENGTH 108
1633#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
1634#define SSL_R_BAD_DH_P_LENGTH 110
1635#define SSL_R_BAD_DIGEST_LENGTH 111
1636#define SSL_R_BAD_DSA_SIGNATURE 112
1637#define SSL_R_BAD_HELLO_REQUEST 105
1638#define SSL_R_BAD_LENGTH 271
1639#define SSL_R_BAD_MAC_DECODE 113
1640#define SSL_R_BAD_MESSAGE_TYPE 114
1641#define SSL_R_BAD_PACKET_LENGTH 115
1642#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
1643#define SSL_R_BAD_RESPONSE_ARGUMENT 117
1644#define SSL_R_BAD_RSA_DECRYPT 118
1645#define SSL_R_BAD_RSA_ENCRYPT 119
1646#define SSL_R_BAD_RSA_E_LENGTH 120
1647#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
1648#define SSL_R_BAD_RSA_SIGNATURE 122
1649#define SSL_R_BAD_SIGNATURE 123
1650#define SSL_R_BAD_SSL_FILETYPE 124
1651#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
1652#define SSL_R_BAD_STATE 126
1653#define SSL_R_BAD_WRITE_RETRY 127
1654#define SSL_R_BIO_NOT_SET 128
1655#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
1656#define SSL_R_BN_LIB 130
1657#define SSL_R_CA_DN_LENGTH_MISMATCH 131
1658#define SSL_R_CA_DN_TOO_LONG 132
1659#define SSL_R_CCS_RECEIVED_EARLY 133
1660#define SSL_R_CERTIFICATE_VERIFY_FAILED 134
1661#define SSL_R_CERT_LENGTH_MISMATCH 135
1662#define SSL_R_CHALLENGE_IS_DIFFERENT 136
1663#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
1664#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
1665#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
1666#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
1667#define SSL_R_COMPRESSION_FAILURE 141
1668#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
1669#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143
1670#define SSL_R_CONNECTION_TYPE_NOT_SET 144
1671#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
1672#define SSL_R_DATA_LENGTH_TOO_LONG 146
1673#define SSL_R_DECRYPTION_FAILED 147
1674#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 1109
1675#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
1676#define SSL_R_DIGEST_CHECK_FAILED 149
1677#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
1678#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092
1679#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
1680#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
1681#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
1682#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
1683#define SSL_R_HTTPS_PROXY_REQUEST 155
1684#define SSL_R_HTTP_REQUEST 156
1685#define SSL_R_ILLEGAL_PADDING 1110
1686#define SSL_R_INVALID_CHALLENGE_LENGTH 158
1687#define SSL_R_INVALID_COMMAND 280
1688#define SSL_R_INVALID_PURPOSE 278
1689#define SSL_R_INVALID_TRUST 279
1690#define SSL_R_KEY_ARG_TOO_LONG 1112
1691#define SSL_R_KRB5 1104
1692#define SSL_R_KRB5_C_CC_PRINC 1094
1693#define SSL_R_KRB5_C_GET_CRED 1095
1694#define SSL_R_KRB5_C_INIT 1096
1695#define SSL_R_KRB5_C_MK_REQ 1097
1696#define SSL_R_KRB5_S_BAD_TICKET 1098
1697#define SSL_R_KRB5_S_INIT 1099
1698#define SSL_R_KRB5_S_RD_REQ 1108
1699#define SSL_R_KRB5_S_TKT_EXPIRED 1105
1700#define SSL_R_KRB5_S_TKT_NYV 1106
1701#define SSL_R_KRB5_S_TKT_SKEW 1107
1702#define SSL_R_LENGTH_MISMATCH 159
1703#define SSL_R_LENGTH_TOO_SHORT 160
1704#define SSL_R_LIBRARY_BUG 274
1705#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
1706#define SSL_R_MASTER_KEY_TOO_LONG 1112
1707#define SSL_R_MESSAGE_TOO_LONG 1111
1708#define SSL_R_MISSING_DH_DSA_CERT 162
1709#define SSL_R_MISSING_DH_KEY 163
1710#define SSL_R_MISSING_DH_RSA_CERT 164
1711#define SSL_R_MISSING_DSA_SIGNING_CERT 165
1712#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166
1713#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167
1714#define SSL_R_MISSING_RSA_CERTIFICATE 168
1715#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
1716#define SSL_R_MISSING_RSA_SIGNING_CERT 170
1717#define SSL_R_MISSING_TMP_DH_KEY 171
1718#define SSL_R_MISSING_TMP_RSA_KEY 172
1719#define SSL_R_MISSING_TMP_RSA_PKEY 173
1720#define SSL_R_MISSING_VERIFY_MESSAGE 174
1721#define SSL_R_NON_SSLV2_INITIAL_PACKET 175
1722#define SSL_R_NO_CERTIFICATES_RETURNED 176
1723#define SSL_R_NO_CERTIFICATE_ASSIGNED 177
1724#define SSL_R_NO_CERTIFICATE_RETURNED 178
1725#define SSL_R_NO_CERTIFICATE_SET 179
1726#define SSL_R_NO_CERTIFICATE_SPECIFIED 180
1727#define SSL_R_NO_CIPHERS_AVAILABLE 181
1728#define SSL_R_NO_CIPHERS_PASSED 182
1729#define SSL_R_NO_CIPHERS_SPECIFIED 183
1730#define SSL_R_NO_CIPHER_LIST 184
1731#define SSL_R_NO_CIPHER_MATCH 185
1732#define SSL_R_NO_CLIENT_CERT_RECEIVED 186
1733#define SSL_R_NO_COMPRESSION_SPECIFIED 187
1734#define SSL_R_NO_METHOD_SPECIFIED 188
1735#define SSL_R_NO_PRIVATEKEY 189
1736#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
1737#define SSL_R_NO_PROTOCOLS_AVAILABLE 191
1738#define SSL_R_NO_PUBLICKEY 192
1739#define SSL_R_NO_SHARED_CIPHER 193
1740#define SSL_R_NO_VERIFY_CALLBACK 194
1741#define SSL_R_NULL_SSL_CTX 195
1742#define SSL_R_NULL_SSL_METHOD_PASSED 196
1743#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
1744#define SSL_R_PACKET_LENGTH_TOO_LONG 198
1745#define SSL_R_PATH_TOO_LONG 270
1746#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
1747#define SSL_R_PEER_ERROR 200
1748#define SSL_R_PEER_ERROR_CERTIFICATE 201
1749#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202
1750#define SSL_R_PEER_ERROR_NO_CIPHER 203
1751#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204
1752#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
1753#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
1754#define SSL_R_PROTOCOL_IS_SHUTDOWN 207
1755#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
1756#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
1757#define SSL_R_PUBLIC_KEY_NOT_RSA 210
1758#define SSL_R_READ_BIO_NOT_SET 211
1759#define SSL_R_READ_WRONG_PACKET_TYPE 212
1760#define SSL_R_RECORD_LENGTH_MISMATCH 213
1761#define SSL_R_RECORD_TOO_LARGE 214
1762#define SSL_R_RECORD_TOO_SMALL 1093
1763#define SSL_R_REQUIRED_CIPHER_MISSING 215
1764#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
1765#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
1766#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
1767#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
1768#define SSL_R_SHORT_READ 219
1769#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
1770#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
1771#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 1114
1772#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113
1773#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
1774#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
1775#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
1776#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
1777#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
1778#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
1779#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
1780#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
1781#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
1782#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
1783#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 223
1784#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 224
1785#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 225
1786#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226
1787#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
1788#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 227
1789#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
1790#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
1791#define SSL_R_SSL_HANDSHAKE_FAILURE 229
1792#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
1793#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 1102
1794#define SSL_R_SSL_SESSION_ID_CONFLICT 1103
1795#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
1796#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 1101
1797#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231
1798#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
1799#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
1800#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
1801#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
1802#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
1803#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
1804#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
1805#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
1806#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
1807#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
1808#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
1809#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
1810#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
1811#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
1812#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
1813#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
1814#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
1815#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237
1816#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
1817#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
1818#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
1819#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241
1820#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
1821#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
1822#define SSL_R_UNEXPECTED_MESSAGE 244
1823#define SSL_R_UNEXPECTED_RECORD 245
1824#define SSL_R_UNINITIALIZED 276
1825#define SSL_R_UNKNOWN_ALERT_TYPE 246
1826#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
1827#define SSL_R_UNKNOWN_CIPHER_RETURNED 248
1828#define SSL_R_UNKNOWN_CIPHER_TYPE 249
1829#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
1830#define SSL_R_UNKNOWN_PKEY_TYPE 251
1831#define SSL_R_UNKNOWN_PROTOCOL 252
1832#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
1833#define SSL_R_UNKNOWN_SSL_VERSION 254
1834#define SSL_R_UNKNOWN_STATE 255
1835#define SSL_R_UNSUPPORTED_CIPHER 256
1836#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
1837#define SSL_R_UNSUPPORTED_OPTION 1091
1838#define SSL_R_UNSUPPORTED_PROTOCOL 258
1839#define SSL_R_UNSUPPORTED_SSL_VERSION 259
1840#define SSL_R_WRITE_BIO_NOT_SET 260
1841#define SSL_R_WRONG_CIPHER_RETURNED 261
1842#define SSL_R_WRONG_MESSAGE_TYPE 262
1843#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
1844#define SSL_R_WRONG_SIGNATURE_LENGTH 264
1845#define SSL_R_WRONG_SIGNATURE_SIZE 265
1846#define SSL_R_WRONG_SSL_VERSION 266
1847#define SSL_R_WRONG_VERSION_NUMBER 267
1848#define SSL_R_X509_LIB 268
1849#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
1850
1851#ifdef __cplusplus
1852}
1853#endif
1854#endif
diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h
deleted file mode 100644
index 99a52ea0dd..0000000000
--- a/src/lib/libssl/ssl2.h
+++ /dev/null
@@ -1,268 +0,0 @@
1/* ssl/ssl2.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL2_H
60#define HEADER_SSL2_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/* Protocol Version Codes */
67#define SSL2_VERSION 0x0002
68#define SSL2_VERSION_MAJOR 0x00
69#define SSL2_VERSION_MINOR 0x02
70/* #define SSL2_CLIENT_VERSION 0x0002 */
71/* #define SSL2_SERVER_VERSION 0x0002 */
72
73/* Protocol Message Codes */
74#define SSL2_MT_ERROR 0
75#define SSL2_MT_CLIENT_HELLO 1
76#define SSL2_MT_CLIENT_MASTER_KEY 2
77#define SSL2_MT_CLIENT_FINISHED 3
78#define SSL2_MT_SERVER_HELLO 4
79#define SSL2_MT_SERVER_VERIFY 5
80#define SSL2_MT_SERVER_FINISHED 6
81#define SSL2_MT_REQUEST_CERTIFICATE 7
82#define SSL2_MT_CLIENT_CERTIFICATE 8
83
84/* Error Message Codes */
85#define SSL2_PE_UNDEFINED_ERROR 0x0000
86#define SSL2_PE_NO_CIPHER 0x0001
87#define SSL2_PE_NO_CERTIFICATE 0x0002
88#define SSL2_PE_BAD_CERTIFICATE 0x0004
89#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
90
91/* Cipher Kind Values */
92#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
93#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
94#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
95#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
96#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
97#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
98#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
99#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
100#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
101#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
102#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
103
104#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
105#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
106
107#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
108#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
109#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
110#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
111#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
112#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
113#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
114#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
115#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
116#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
117#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
118#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
119
120#define SSL2_TXT_NULL "NULL"
121
122/* Flags for the SSL_CIPHER.algorithm2 field */
123#define SSL2_CF_5_BYTE_ENC 0x01
124#define SSL2_CF_8_BYTE_ENC 0x02
125
126/* Certificate Type Codes */
127#define SSL2_CT_X509_CERTIFICATE 0x01
128
129/* Authentication Type Code */
130#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
131
132#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
133
134/* Upper/Lower Bounds */
135#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
136#ifdef OPENSSL_SYS_MPE
137#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
138#else
139#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
140#endif
141#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
142
143#define SSL2_CHALLENGE_LENGTH 16
144/*#define SSL2_CHALLENGE_LENGTH 32 */
145#define SSL2_MIN_CHALLENGE_LENGTH 16
146#define SSL2_MAX_CHALLENGE_LENGTH 32
147#define SSL2_CONNECTION_ID_LENGTH 16
148#define SSL2_MAX_CONNECTION_ID_LENGTH 16
149#define SSL2_SSL_SESSION_ID_LENGTH 16
150#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
151#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
152#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
153
154#ifndef HEADER_SSL_LOCL_H
155#define CERT char
156#endif
157
158typedef struct ssl2_state_st
159 {
160 int three_byte_header;
161 int clear_text; /* clear text */
162 int escape; /* not used in SSLv2 */
163 int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
164
165 /* non-blocking io info, used to make sure the same
166 * args were passwd */
167 unsigned int wnum; /* number of bytes sent so far */
168 int wpend_tot;
169 const unsigned char *wpend_buf;
170
171 int wpend_off; /* offset to data to write */
172 int wpend_len; /* number of bytes passwd to write */
173 int wpend_ret; /* number of bytes to return to caller */
174
175 /* buffer raw data */
176 int rbuf_left;
177 int rbuf_offs;
178 unsigned char *rbuf;
179 unsigned char *wbuf;
180
181 unsigned char *write_ptr;/* used to point to the start due to
182 * 2/3 byte header. */
183
184 unsigned int padding;
185 unsigned int rlength; /* passed to ssl2_enc */
186 int ract_data_length; /* Set when things are encrypted. */
187 unsigned int wlength; /* passed to ssl2_enc */
188 int wact_data_length; /* Set when things are decrypted. */
189 unsigned char *ract_data;
190 unsigned char *wact_data;
191 unsigned char *mac_data;
192
193 unsigned char *read_key;
194 unsigned char *write_key;
195
196 /* Stuff specifically to do with this SSL session */
197 unsigned int challenge_length;
198 unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
199 unsigned int conn_id_length;
200 unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
201 unsigned int key_material_length;
202 unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
203
204 unsigned long read_sequence;
205 unsigned long write_sequence;
206
207 struct {
208 unsigned int conn_id_length;
209 unsigned int cert_type;
210 unsigned int cert_length;
211 unsigned int csl;
212 unsigned int clear;
213 unsigned int enc;
214 unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
215 unsigned int cipher_spec_length;
216 unsigned int session_id_length;
217 unsigned int clen;
218 unsigned int rlen;
219 } tmp;
220 } SSL2_STATE;
221
222/* SSLv2 */
223/* client */
224#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
225#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT)
226#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT)
227#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT)
228#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT)
229#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT)
230#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT)
231#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT)
232#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
233#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
234#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
235#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
236#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT)
237#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT)
238#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT)
239#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT)
240#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT)
241#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT)
242/* server */
243#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT)
244#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT)
245#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT)
246#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT)
247#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT)
248#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT)
249#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT)
250#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT)
251#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT)
252#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT)
253#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT)
254#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT)
255#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT)
256#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT)
257#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT)
258#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT)
259#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT)
260#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT)
261#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT)
262#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT)
263
264#ifdef __cplusplus
265}
266#endif
267#endif
268
diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h
deleted file mode 100644
index d3228983c7..0000000000
--- a/src/lib/libssl/ssl23.h
+++ /dev/null
@@ -1,83 +0,0 @@
1/* ssl/ssl23.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_SSL23_H
60#define HEADER_SSL23_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66/*client */
67/* write to server */
68#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
69#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
70/* read from server */
71#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
72#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
73
74/* server */
75/* read from client */
76#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
77#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
78
79#ifdef __cplusplus
80}
81#endif
82#endif
83
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
deleted file mode 100644
index 1153aeda74..0000000000
--- a/src/lib/libssl/ssl3.h
+++ /dev/null
@@ -1,526 +0,0 @@
1/* ssl/ssl3.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifndef HEADER_SSL3_H
113#define HEADER_SSL3_H
114
115#ifndef OPENSSL_NO_COMP
116#include <openssl/comp.h>
117#endif
118#include <openssl/buffer.h>
119#include <openssl/evp.h>
120#include <openssl/ssl.h>
121
122#ifdef __cplusplus
123extern "C" {
124#endif
125
126#define SSL3_CK_RSA_NULL_MD5 0x03000001
127#define SSL3_CK_RSA_NULL_SHA 0x03000002
128#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
129#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
130#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
131#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
132#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
133#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
134#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
135#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
136
137#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
138#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
139#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
140#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
141#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
142#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
143
144#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
145#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
146#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
147#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
148#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
149#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
150
151#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
152#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
153#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
154#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
155#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
156
157#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
158#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
159#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
160 to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
161 of the ietf-tls list */
162#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
163#endif
164
165/* VRS Additional Kerberos5 entries
166 */
167#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
168#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
169#define SSL3_CK_KRB5_RC4_128_SHA 0x03000020
170#define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021
171#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022
172#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023
173#define SSL3_CK_KRB5_RC4_128_MD5 0x03000024
174#define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025
175
176#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026
177#define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027
178#define SSL3_CK_KRB5_RC4_40_SHA 0x03000028
179#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029
180#define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A
181#define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B
182
183#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
184#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
185#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
186#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
187#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
188#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
189#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
190#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
191#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
192#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
193
194#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
195#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
196#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
197#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
198#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
199#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
200
201#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
202#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
203#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
204#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
205#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
206#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
207
208#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
209#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
210#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
211#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
212#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
213
214#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
215#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
216#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
217
218#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
219#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
220#define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA"
221#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA"
222#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
223#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
224#define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5"
225#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5"
226
227#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
228#define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA"
229#define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA"
230#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
231#define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5"
232#define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5"
233
234#define SSL3_SSL_SESSION_ID_LENGTH 32
235#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
236
237#define SSL3_MASTER_SECRET_SIZE 48
238#define SSL3_RANDOM_SIZE 32
239#define SSL3_SESSION_ID_SIZE 32
240#define SSL3_RT_HEADER_LENGTH 5
241
242/* Due to MS stuffing up, this can change.... */
243#if defined(OPENSSL_SYS_WIN16) || \
244 (defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32))
245#define SSL3_RT_MAX_EXTRA (14000)
246#else
247#define SSL3_RT_MAX_EXTRA (16384)
248#endif
249
250#define SSL3_RT_MAX_PLAIN_LENGTH 16384
251#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
252#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
253#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
254#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
255
256#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
257#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
258
259#define SSL3_VERSION 0x0300
260#define SSL3_VERSION_MAJOR 0x03
261#define SSL3_VERSION_MINOR 0x00
262
263#define SSL3_RT_CHANGE_CIPHER_SPEC 20
264#define SSL3_RT_ALERT 21
265#define SSL3_RT_HANDSHAKE 22
266#define SSL3_RT_APPLICATION_DATA 23
267
268#define SSL3_AL_WARNING 1
269#define SSL3_AL_FATAL 2
270
271#define SSL3_AD_CLOSE_NOTIFY 0
272#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */
273#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */
274#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
275#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */
276#define SSL3_AD_NO_CERTIFICATE 41
277#define SSL3_AD_BAD_CERTIFICATE 42
278#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
279#define SSL3_AD_CERTIFICATE_REVOKED 44
280#define SSL3_AD_CERTIFICATE_EXPIRED 45
281#define SSL3_AD_CERTIFICATE_UNKNOWN 46
282#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
283
284typedef struct ssl3_record_st
285 {
286/*r */ int type; /* type of record */
287/*rw*/ unsigned int length; /* How many bytes available */
288/*r */ unsigned int off; /* read/write offset into 'buf' */
289/*rw*/ unsigned char *data; /* pointer to the record data */
290/*rw*/ unsigned char *input; /* where the decode bytes are */
291/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
292 } SSL3_RECORD;
293
294typedef struct ssl3_buffer_st
295 {
296 unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
297 * see ssl3_setup_buffers() */
298 size_t len; /* buffer size */
299 int offset; /* where to 'copy from' */
300 int left; /* how many bytes left */
301 } SSL3_BUFFER;
302
303#define SSL3_CT_RSA_SIGN 1
304#define SSL3_CT_DSS_SIGN 2
305#define SSL3_CT_RSA_FIXED_DH 3
306#define SSL3_CT_DSS_FIXED_DH 4
307#define SSL3_CT_RSA_EPHEMERAL_DH 5
308#define SSL3_CT_DSS_EPHEMERAL_DH 6
309#define SSL3_CT_FORTEZZA_DMS 20
310#define SSL3_CT_NUMBER 7
311
312#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
313#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
314#define SSL3_FLAGS_POP_BUFFER 0x0004
315#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
316
317typedef struct ssl3_state_st
318 {
319 long flags;
320 int delay_buf_pop_ret;
321
322 unsigned char read_sequence[8];
323 unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
324 unsigned char write_sequence[8];
325 unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
326
327 unsigned char server_random[SSL3_RANDOM_SIZE];
328 unsigned char client_random[SSL3_RANDOM_SIZE];
329
330 /* flags for countermeasure against known-IV weakness */
331 int need_empty_fragments;
332 int empty_fragment_done;
333
334 SSL3_BUFFER rbuf; /* read IO goes into here */
335 SSL3_BUFFER wbuf; /* write IO goes into here */
336
337 SSL3_RECORD rrec; /* each decoded record goes in here */
338 SSL3_RECORD wrec; /* goes out from here */
339
340 /* storage for Alert/Handshake protocol data received but not
341 * yet processed by ssl3_read_bytes: */
342 unsigned char alert_fragment[2];
343 unsigned int alert_fragment_len;
344 unsigned char handshake_fragment[4];
345 unsigned int handshake_fragment_len;
346
347 /* partial write - check the numbers match */
348 unsigned int wnum; /* number of bytes sent so far */
349 int wpend_tot; /* number bytes written */
350 int wpend_type;
351 int wpend_ret; /* number of bytes submitted */
352 const unsigned char *wpend_buf;
353
354 /* used during startup, digest all incoming/outgoing packets */
355 EVP_MD_CTX finish_dgst1;
356 EVP_MD_CTX finish_dgst2;
357
358 /* this is set whenerver we see a change_cipher_spec message
359 * come in when we are not looking for one */
360 int change_cipher_spec;
361
362 int warn_alert;
363 int fatal_alert;
364 /* we allow one fatal and one warning alert to be outstanding,
365 * send close alert via the warning alert */
366 int alert_dispatch;
367 unsigned char send_alert[2];
368
369 /* This flag is set when we should renegotiate ASAP, basically when
370 * there is no more data in the read or write buffers */
371 int renegotiate;
372 int total_renegotiations;
373 int num_renegotiations;
374
375 int in_read_app_data;
376
377 struct {
378 /* actually only needs to be 16+20 */
379 unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
380
381 /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
382 unsigned char finish_md[EVP_MAX_MD_SIZE*2];
383 int finish_md_len;
384 unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
385 int peer_finish_md_len;
386
387 unsigned long message_size;
388 int message_type;
389
390 /* used to hold the new cipher we are going to use */
391 SSL_CIPHER *new_cipher;
392#ifndef OPENSSL_NO_DH
393 DH *dh;
394#endif
395 /* used when SSL_ST_FLUSH_DATA is entered */
396 int next_state;
397
398 int reuse_message;
399
400 /* used for certificate requests */
401 int cert_req;
402 int ctype_num;
403 char ctype[SSL3_CT_NUMBER];
404 STACK_OF(X509_NAME) *ca_names;
405
406 int use_rsa_tmp;
407
408 int key_block_length;
409 unsigned char *key_block;
410
411 const EVP_CIPHER *new_sym_enc;
412 const EVP_MD *new_hash;
413#ifndef OPENSSL_NO_COMP
414 const SSL_COMP *new_compression;
415#else
416 char *new_compression;
417#endif
418 int cert_request;
419 } tmp;
420
421 } SSL3_STATE;
422
423/* SSLv3 */
424/*client */
425/* extra state */
426#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
427/* write to server */
428#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
429#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
430/* read from server */
431#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
432#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
433#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
434#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
435#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
436#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
437#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
438#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
439#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
440#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
441/* write to server */
442#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
443#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
444#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
445#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
446#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
447#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
448#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
449#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
450#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
451#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
452#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
453#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
454/* read from server */
455#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
456#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
457#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
458#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
459
460/* server */
461/* extra state */
462#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
463/* read from client */
464/* Do not change the number values, they do matter */
465#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
466#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
467#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
468/* write to client */
469#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
470#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
471#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
472#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
473#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
474#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
475#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
476#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
477#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
478#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
479#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
480#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
481#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
482/* read from client */
483#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
484#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
485#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
486#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
487#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
488#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
489#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
490#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
491#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
492#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
493/* write to client */
494#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
495#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
496#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
497#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
498
499#define SSL3_MT_HELLO_REQUEST 0
500#define SSL3_MT_CLIENT_HELLO 1
501#define SSL3_MT_SERVER_HELLO 2
502#define SSL3_MT_CERTIFICATE 11
503#define SSL3_MT_SERVER_KEY_EXCHANGE 12
504#define SSL3_MT_CERTIFICATE_REQUEST 13
505#define SSL3_MT_SERVER_DONE 14
506#define SSL3_MT_CERTIFICATE_VERIFY 15
507#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
508#define SSL3_MT_FINISHED 20
509
510#define SSL3_MT_CCS 1
511
512/* These are used when changing over to a new cipher */
513#define SSL3_CC_READ 0x01
514#define SSL3_CC_WRITE 0x02
515#define SSL3_CC_CLIENT 0x10
516#define SSL3_CC_SERVER 0x20
517#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
518#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
519#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
520#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
521
522#ifdef __cplusplus
523}
524#endif
525#endif
526
diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c
deleted file mode 100644
index 3d1299ee7b..0000000000
--- a/src/lib/libssl/ssl_algs.c
+++ /dev/null
@@ -1,111 +0,0 @@
1/* ssl/ssl_algs.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include <openssl/lhash.h>
62#include "ssl_locl.h"
63
64int SSL_library_init(void)
65 {
66
67#ifndef OPENSSL_NO_DES
68 EVP_add_cipher(EVP_des_cbc());
69 EVP_add_cipher(EVP_des_ede3_cbc());
70#endif
71#ifndef OPENSSL_NO_IDEA
72 EVP_add_cipher(EVP_idea_cbc());
73#endif
74#ifndef OPENSSL_NO_RC4
75 EVP_add_cipher(EVP_rc4());
76#endif
77#ifndef OPENSSL_NO_RC2
78 EVP_add_cipher(EVP_rc2_cbc());
79#endif
80#ifndef OPENSSL_NO_AES
81 EVP_add_cipher(EVP_aes_128_cbc());
82 EVP_add_cipher(EVP_aes_192_cbc());
83 EVP_add_cipher(EVP_aes_256_cbc());
84#endif
85#ifndef OPENSSL_NO_MD2
86 EVP_add_digest(EVP_md2());
87#endif
88#ifndef OPENSSL_NO_MD5
89 EVP_add_digest(EVP_md5());
90 EVP_add_digest_alias(SN_md5,"ssl2-md5");
91 EVP_add_digest_alias(SN_md5,"ssl3-md5");
92#endif
93#ifndef OPENSSL_NO_SHA
94 EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
95 EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
96 EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
97#endif
98#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
99 EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
100 EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
101 EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
102 EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
103#endif
104 /* If you want support for phased out ciphers, add the following */
105#if 0
106 EVP_add_digest(EVP_sha());
107 EVP_add_digest(EVP_dss());
108#endif
109 return(1);
110 }
111
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
deleted file mode 100644
index d8ff8fc4a3..0000000000
--- a/src/lib/libssl/ssl_asn1.c
+++ /dev/null
@@ -1,398 +0,0 @@
1/* ssl/ssl_asn1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include "ssl_locl.h"
62#include <openssl/asn1_mac.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66typedef struct ssl_session_asn1_st
67 {
68 ASN1_INTEGER version;
69 ASN1_INTEGER ssl_version;
70 ASN1_OCTET_STRING cipher;
71 ASN1_OCTET_STRING master_key;
72 ASN1_OCTET_STRING session_id;
73 ASN1_OCTET_STRING session_id_context;
74 ASN1_OCTET_STRING key_arg;
75#ifndef OPENSSL_NO_KRB5
76 ASN1_OCTET_STRING krb5_princ;
77#endif /* OPENSSL_NO_KRB5 */
78 ASN1_INTEGER time;
79 ASN1_INTEGER timeout;
80 ASN1_INTEGER verify_result;
81 } SSL_SESSION_ASN1;
82
83int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
84 {
85#define LSIZE2 (sizeof(long)*2)
86 int v1=0,v2=0,v3=0,v4=0,v5=0;
87 unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
88 unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2],ibuf5[LSIZE2];
89 long l;
90 SSL_SESSION_ASN1 a;
91 M_ASN1_I2D_vars(in);
92
93 if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
94 return(0);
95
96 /* Note that I cheat in the following 2 assignments. I know
97 * that if the ASN1_INTEGER passed to ASN1_INTEGER_set
98 * is > sizeof(long)+1, the buffer will not be re-OPENSSL_malloc()ed.
99 * This is a bit evil but makes things simple, no dynamic allocation
100 * to clean up :-) */
101 a.version.length=LSIZE2;
102 a.version.type=V_ASN1_INTEGER;
103 a.version.data=ibuf1;
104 ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
105
106 a.ssl_version.length=LSIZE2;
107 a.ssl_version.type=V_ASN1_INTEGER;
108 a.ssl_version.data=ibuf2;
109 ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
110
111 a.cipher.type=V_ASN1_OCTET_STRING;
112 a.cipher.data=buf;
113
114 if (in->cipher == NULL)
115 l=in->cipher_id;
116 else
117 l=in->cipher->id;
118 if (in->ssl_version == SSL2_VERSION)
119 {
120 a.cipher.length=3;
121 buf[0]=((unsigned char)(l>>16L))&0xff;
122 buf[1]=((unsigned char)(l>> 8L))&0xff;
123 buf[2]=((unsigned char)(l ))&0xff;
124 }
125 else
126 {
127 a.cipher.length=2;
128 buf[0]=((unsigned char)(l>>8L))&0xff;
129 buf[1]=((unsigned char)(l ))&0xff;
130 }
131
132 a.master_key.length=in->master_key_length;
133 a.master_key.type=V_ASN1_OCTET_STRING;
134 a.master_key.data=in->master_key;
135
136 a.session_id.length=in->session_id_length;
137 a.session_id.type=V_ASN1_OCTET_STRING;
138 a.session_id.data=in->session_id;
139
140 a.session_id_context.length=in->sid_ctx_length;
141 a.session_id_context.type=V_ASN1_OCTET_STRING;
142 a.session_id_context.data=in->sid_ctx;
143
144 a.key_arg.length=in->key_arg_length;
145 a.key_arg.type=V_ASN1_OCTET_STRING;
146 a.key_arg.data=in->key_arg;
147
148#ifndef OPENSSL_NO_KRB5
149 if (in->krb5_client_princ_len)
150 {
151 a.krb5_princ.length=in->krb5_client_princ_len;
152 a.krb5_princ.type=V_ASN1_OCTET_STRING;
153 a.krb5_princ.data=in->krb5_client_princ;
154 }
155#endif /* OPENSSL_NO_KRB5 */
156
157 if (in->time != 0L)
158 {
159 a.time.length=LSIZE2;
160 a.time.type=V_ASN1_INTEGER;
161 a.time.data=ibuf3;
162 ASN1_INTEGER_set(&(a.time),in->time);
163 }
164
165 if (in->timeout != 0L)
166 {
167 a.timeout.length=LSIZE2;
168 a.timeout.type=V_ASN1_INTEGER;
169 a.timeout.data=ibuf4;
170 ASN1_INTEGER_set(&(a.timeout),in->timeout);
171 }
172
173 if (in->verify_result != X509_V_OK)
174 {
175 a.verify_result.length=LSIZE2;
176 a.verify_result.type=V_ASN1_INTEGER;
177 a.verify_result.data=ibuf5;
178 ASN1_INTEGER_set(&a.verify_result,in->verify_result);
179 }
180
181
182 M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
183 M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
184 M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
185 M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING);
186 M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING);
187#ifndef OPENSSL_NO_KRB5
188 if (in->krb5_client_princ_len)
189 M_ASN1_I2D_len(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
190#endif /* OPENSSL_NO_KRB5 */
191 if (in->key_arg_length > 0)
192 M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
193 if (in->time != 0L)
194 M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
195 if (in->timeout != 0L)
196 M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
197 if (in->peer != NULL)
198 M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
199 M_ASN1_I2D_len_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,v4);
200 if (in->verify_result != X509_V_OK)
201 M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5);
202
203 M_ASN1_I2D_seq_total();
204
205 M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
206 M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER);
207 M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING);
208 M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING);
209 M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING);
210#ifndef OPENSSL_NO_KRB5
211 if (in->krb5_client_princ_len)
212 M_ASN1_I2D_put(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
213#endif /* OPENSSL_NO_KRB5 */
214 if (in->key_arg_length > 0)
215 M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
216 if (in->time != 0L)
217 M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
218 if (in->timeout != 0L)
219 M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
220 if (in->peer != NULL)
221 M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
222 M_ASN1_I2D_put_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,
223 v4);
224 if (in->verify_result != X509_V_OK)
225 M_ASN1_I2D_put_EXP_opt(&a.verify_result,i2d_ASN1_INTEGER,5,v5);
226 M_ASN1_I2D_finish();
227 }
228
229SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
230 long length)
231 {
232 int version,ssl_version=0,i;
233 long id;
234 ASN1_INTEGER ai,*aip;
235 ASN1_OCTET_STRING os,*osp;
236 M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
237
238 aip= &ai;
239 osp= &os;
240
241 M_ASN1_D2I_Init();
242 M_ASN1_D2I_start_sequence();
243
244 ai.data=NULL; ai.length=0;
245 M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
246 version=(int)ASN1_INTEGER_get(aip);
247 if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
248
249 /* we don't care about the version right now :-) */
250 M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
251 ssl_version=(int)ASN1_INTEGER_get(aip);
252 ret->ssl_version=ssl_version;
253 if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
254
255 os.data=NULL; os.length=0;
256 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
257 if (ssl_version == SSL2_VERSION)
258 {
259 if (os.length != 3)
260 {
261 c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
262 goto err;
263 }
264 id=0x02000000L|
265 ((unsigned long)os.data[0]<<16L)|
266 ((unsigned long)os.data[1]<< 8L)|
267 (unsigned long)os.data[2];
268 }
269 else if ((ssl_version>>8) == 3)
270 {
271 if (os.length != 2)
272 {
273 c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
274 goto err;
275 }
276 id=0x03000000L|
277 ((unsigned long)os.data[0]<<8L)|
278 (unsigned long)os.data[1];
279 }
280 else
281 {
282 SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
283 return(NULL);
284 }
285
286 ret->cipher=NULL;
287 ret->cipher_id=id;
288
289 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
290 if ((ssl_version>>8) == SSL3_VERSION)
291 i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
292 else /* if (ssl_version == SSL2_VERSION) */
293 i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
294
295 if (os.length > i)
296 os.length = i;
297 if (os.length > sizeof ret->session_id) /* can't happen */
298 os.length = sizeof ret->session_id;
299
300 ret->session_id_length=os.length;
301 OPENSSL_assert(os.length <= sizeof ret->session_id);
302 memcpy(ret->session_id,os.data,os.length);
303
304 M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
305 if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
306 ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
307 else
308 ret->master_key_length=os.length;
309 memcpy(ret->master_key,os.data,ret->master_key_length);
310
311 os.length=0;
312
313#ifndef OPENSSL_NO_KRB5
314 os.length=0;
315 M_ASN1_D2I_get_opt(osp,d2i_ASN1_OCTET_STRING,V_ASN1_OCTET_STRING);
316 if (os.data)
317 {
318 if (os.length > SSL_MAX_KRB5_PRINCIPAL_LENGTH)
319 ret->krb5_client_princ_len=0;
320 else
321 ret->krb5_client_princ_len=os.length;
322 memcpy(ret->krb5_client_princ,os.data,ret->krb5_client_princ_len);
323 OPENSSL_free(os.data);
324 os.data = NULL;
325 os.length = 0;
326 }
327 else
328 ret->krb5_client_princ_len=0;
329#endif /* OPENSSL_NO_KRB5 */
330
331 M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
332 if (os.length > SSL_MAX_KEY_ARG_LENGTH)
333 ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
334 else
335 ret->key_arg_length=os.length;
336 memcpy(ret->key_arg,os.data,ret->key_arg_length);
337 if (os.data != NULL) OPENSSL_free(os.data);
338
339 ai.length=0;
340 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
341 if (ai.data != NULL)
342 {
343 ret->time=ASN1_INTEGER_get(aip);
344 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
345 }
346 else
347 ret->time=time(NULL);
348
349 ai.length=0;
350 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
351 if (ai.data != NULL)
352 {
353 ret->timeout=ASN1_INTEGER_get(aip);
354 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
355 }
356 else
357 ret->timeout=3;
358
359 if (ret->peer != NULL)
360 {
361 X509_free(ret->peer);
362 ret->peer=NULL;
363 }
364 M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
365
366 os.length=0;
367 os.data=NULL;
368 M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,4);
369
370 if(os.data != NULL)
371 {
372 if (os.length > SSL_MAX_SID_CTX_LENGTH)
373 {
374 ret->sid_ctx_length=os.length;
375 SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
376 }
377 else
378 {
379 ret->sid_ctx_length=os.length;
380 memcpy(ret->sid_ctx,os.data,os.length);
381 }
382 OPENSSL_free(os.data); os.data=NULL; os.length=0;
383 }
384 else
385 ret->sid_ctx_length=0;
386
387 ai.length=0;
388 M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,5);
389 if (ai.data != NULL)
390 {
391 ret->verify_result=ASN1_INTEGER_get(aip);
392 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
393 }
394 else
395 ret->verify_result=X509_V_OK;
396
397 M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
398 }
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
deleted file mode 100644
index da90078a37..0000000000
--- a/src/lib/libssl/ssl_cert.c
+++ /dev/null
@@ -1,860 +0,0 @@
1/*! \file ssl/ssl_cert.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@OpenSSL.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 */
106
107#include <stdio.h>
108
109#include "e_os.h"
110#ifndef NO_SYS_TYPES_H
111# include <sys/types.h>
112#endif
113
114#if !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) && !defined(NeXT) && !defined(MAC_OS_pre_X)
115#include <dirent.h>
116#endif
117
118#if defined(WIN32)
119#include <windows.h>
120#endif
121
122#ifdef NeXT
123#include <sys/dir.h>
124#define dirent direct
125#endif
126
127#include <openssl/objects.h>
128#include <openssl/bio.h>
129#include <openssl/pem.h>
130#include <openssl/x509v3.h>
131#include "ssl_locl.h"
132
133int SSL_get_ex_data_X509_STORE_CTX_idx(void)
134 {
135 static volatile int ssl_x509_store_ctx_idx= -1;
136
137 if (ssl_x509_store_ctx_idx < 0)
138 {
139 /* any write lock will do; usually this branch
140 * will only be taken once anyway */
141 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
142
143 if (ssl_x509_store_ctx_idx < 0)
144 {
145 ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index(
146 0,"SSL for verify callback",NULL,NULL,NULL);
147 }
148
149 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
150 }
151 return ssl_x509_store_ctx_idx;
152 }
153
154CERT *ssl_cert_new(void)
155 {
156 CERT *ret;
157
158 ret=(CERT *)OPENSSL_malloc(sizeof(CERT));
159 if (ret == NULL)
160 {
161 SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE);
162 return(NULL);
163 }
164 memset(ret,0,sizeof(CERT));
165
166 ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]);
167 ret->references=1;
168
169 return(ret);
170 }
171
172CERT *ssl_cert_dup(CERT *cert)
173 {
174 CERT *ret;
175 int i;
176
177 ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
178 if (ret == NULL)
179 {
180 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
181 return(NULL);
182 }
183
184 memset(ret, 0, sizeof(CERT));
185
186 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
187 /* or ret->key = ret->pkeys + (cert->key - cert->pkeys),
188 * if you find that more readable */
189
190 ret->valid = cert->valid;
191 ret->mask = cert->mask;
192 ret->export_mask = cert->export_mask;
193
194#ifndef OPENSSL_NO_RSA
195 if (cert->rsa_tmp != NULL)
196 {
197 RSA_up_ref(cert->rsa_tmp);
198 ret->rsa_tmp = cert->rsa_tmp;
199 }
200 ret->rsa_tmp_cb = cert->rsa_tmp_cb;
201#endif
202
203#ifndef OPENSSL_NO_DH
204 if (cert->dh_tmp != NULL)
205 {
206 /* DH parameters don't have a reference count */
207 ret->dh_tmp = DHparams_dup(cert->dh_tmp);
208 if (ret->dh_tmp == NULL)
209 {
210 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
211 goto err;
212 }
213 if (cert->dh_tmp->priv_key)
214 {
215 BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
216 if (!b)
217 {
218 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
219 goto err;
220 }
221 ret->dh_tmp->priv_key = b;
222 }
223 if (cert->dh_tmp->pub_key)
224 {
225 BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
226 if (!b)
227 {
228 SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
229 goto err;
230 }
231 ret->dh_tmp->pub_key = b;
232 }
233 }
234 ret->dh_tmp_cb = cert->dh_tmp_cb;
235#endif
236
237 for (i = 0; i < SSL_PKEY_NUM; i++)
238 {
239 if (cert->pkeys[i].x509 != NULL)
240 {
241 ret->pkeys[i].x509 = cert->pkeys[i].x509;
242 CRYPTO_add(&ret->pkeys[i].x509->references, 1,
243 CRYPTO_LOCK_X509);
244 }
245
246 if (cert->pkeys[i].privatekey != NULL)
247 {
248 ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
249 CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
250 CRYPTO_LOCK_EVP_PKEY);
251
252 switch(i)
253 {
254 /* If there was anything special to do for
255 * certain types of keys, we'd do it here.
256 * (Nothing at the moment, I think.) */
257
258 case SSL_PKEY_RSA_ENC:
259 case SSL_PKEY_RSA_SIGN:
260 /* We have an RSA key. */
261 break;
262
263 case SSL_PKEY_DSA_SIGN:
264 /* We have a DSA key. */
265 break;
266
267 case SSL_PKEY_DH_RSA:
268 case SSL_PKEY_DH_DSA:
269 /* We have a DH key. */
270 break;
271
272 default:
273 /* Can't happen. */
274 SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
275 }
276 }
277 }
278
279 /* ret->extra_certs *should* exist, but currently the own certificate
280 * chain is held inside SSL_CTX */
281
282 ret->references=1;
283
284 return(ret);
285
286#ifndef OPENSSL_NO_DH /* avoid 'unreferenced label' warning if OPENSSL_NO_DH is defined */
287err:
288#endif
289#ifndef OPENSSL_NO_RSA
290 if (ret->rsa_tmp != NULL)
291 RSA_free(ret->rsa_tmp);
292#endif
293#ifndef OPENSSL_NO_DH
294 if (ret->dh_tmp != NULL)
295 DH_free(ret->dh_tmp);
296#endif
297
298 for (i = 0; i < SSL_PKEY_NUM; i++)
299 {
300 if (ret->pkeys[i].x509 != NULL)
301 X509_free(ret->pkeys[i].x509);
302 if (ret->pkeys[i].privatekey != NULL)
303 EVP_PKEY_free(ret->pkeys[i].privatekey);
304 }
305
306 return NULL;
307 }
308
309
310void ssl_cert_free(CERT *c)
311 {
312 int i;
313
314 if(c == NULL)
315 return;
316
317 i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT);
318#ifdef REF_PRINT
319 REF_PRINT("CERT",c);
320#endif
321 if (i > 0) return;
322#ifdef REF_CHECK
323 if (i < 0)
324 {
325 fprintf(stderr,"ssl_cert_free, bad reference count\n");
326 abort(); /* ok */
327 }
328#endif
329
330#ifndef OPENSSL_NO_RSA
331 if (c->rsa_tmp) RSA_free(c->rsa_tmp);
332#endif
333#ifndef OPENSSL_NO_DH
334 if (c->dh_tmp) DH_free(c->dh_tmp);
335#endif
336
337 for (i=0; i<SSL_PKEY_NUM; i++)
338 {
339 if (c->pkeys[i].x509 != NULL)
340 X509_free(c->pkeys[i].x509);
341 if (c->pkeys[i].privatekey != NULL)
342 EVP_PKEY_free(c->pkeys[i].privatekey);
343#if 0
344 if (c->pkeys[i].publickey != NULL)
345 EVP_PKEY_free(c->pkeys[i].publickey);
346#endif
347 }
348 OPENSSL_free(c);
349 }
350
351int ssl_cert_inst(CERT **o)
352 {
353 /* Create a CERT if there isn't already one
354 * (which cannot really happen, as it is initially created in
355 * SSL_CTX_new; but the earlier code usually allows for that one
356 * being non-existant, so we follow that behaviour, as it might
357 * turn out that there actually is a reason for it -- but I'm
358 * not sure that *all* of the existing code could cope with
359 * s->cert being NULL, otherwise we could do without the
360 * initialization in SSL_CTX_new).
361 */
362
363 if (o == NULL)
364 {
365 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
366 return(0);
367 }
368 if (*o == NULL)
369 {
370 if ((*o = ssl_cert_new()) == NULL)
371 {
372 SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
373 return(0);
374 }
375 }
376 return(1);
377 }
378
379
380SESS_CERT *ssl_sess_cert_new(void)
381 {
382 SESS_CERT *ret;
383
384 ret = OPENSSL_malloc(sizeof *ret);
385 if (ret == NULL)
386 {
387 SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
388 return NULL;
389 }
390
391 memset(ret, 0 ,sizeof *ret);
392 ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
393 ret->references = 1;
394
395 return ret;
396 }
397
398void ssl_sess_cert_free(SESS_CERT *sc)
399 {
400 int i;
401
402 if (sc == NULL)
403 return;
404
405 i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
406#ifdef REF_PRINT
407 REF_PRINT("SESS_CERT", sc);
408#endif
409 if (i > 0)
410 return;
411#ifdef REF_CHECK
412 if (i < 0)
413 {
414 fprintf(stderr,"ssl_sess_cert_free, bad reference count\n");
415 abort(); /* ok */
416 }
417#endif
418
419 /* i == 0 */
420 if (sc->cert_chain != NULL)
421 sk_X509_pop_free(sc->cert_chain, X509_free);
422 for (i = 0; i < SSL_PKEY_NUM; i++)
423 {
424 if (sc->peer_pkeys[i].x509 != NULL)
425 X509_free(sc->peer_pkeys[i].x509);
426#if 0 /* We don't have the peer's private key. These lines are just
427 * here as a reminder that we're still using a not-quite-appropriate
428 * data structure. */
429 if (sc->peer_pkeys[i].privatekey != NULL)
430 EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
431#endif
432 }
433
434#ifndef OPENSSL_NO_RSA
435 if (sc->peer_rsa_tmp != NULL)
436 RSA_free(sc->peer_rsa_tmp);
437#endif
438#ifndef OPENSSL_NO_DH
439 if (sc->peer_dh_tmp != NULL)
440 DH_free(sc->peer_dh_tmp);
441#endif
442
443 OPENSSL_free(sc);
444 }
445
446int ssl_set_peer_cert_type(SESS_CERT *sc,int type)
447 {
448 sc->peer_cert_type = type;
449 return(1);
450 }
451
452int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
453 {
454 X509 *x;
455 int i;
456 X509_STORE_CTX ctx;
457
458 if ((sk == NULL) || (sk_X509_num(sk) == 0))
459 return(0);
460
461 x=sk_X509_value(sk,0);
462 if(!X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk))
463 {
464 SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,ERR_R_X509_LIB);
465 return(0);
466 }
467 if (SSL_get_verify_depth(s) >= 0)
468 X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
469 X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),s);
470
471 /* We need to set the verify purpose. The purpose can be determined by
472 * the context: if its a server it will verify SSL client certificates
473 * or vice versa.
474 */
475 if (s->server)
476 i = X509_PURPOSE_SSL_CLIENT;
477 else
478 i = X509_PURPOSE_SSL_SERVER;
479
480 X509_STORE_CTX_purpose_inherit(&ctx, i, s->purpose, s->trust);
481
482 if (s->verify_callback)
483 X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
484
485 if (s->ctx->app_verify_callback != NULL)
486#if 1 /* new with OpenSSL 0.9.7 */
487 i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg);
488#else
489 i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
490#endif
491 else
492 {
493#ifndef OPENSSL_NO_X509_VERIFY
494 i=X509_verify_cert(&ctx);
495#else
496 i=0;
497 ctx.error=X509_V_ERR_APPLICATION_VERIFICATION;
498 SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,SSL_R_NO_VERIFY_CALLBACK);
499#endif
500 }
501
502 s->verify_result=ctx.error;
503 X509_STORE_CTX_cleanup(&ctx);
504
505 return(i);
506 }
507
508static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *list)
509 {
510 if (*ca_list != NULL)
511 sk_X509_NAME_pop_free(*ca_list,X509_NAME_free);
512
513 *ca_list=list;
514 }
515
516STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
517 {
518 int i;
519 STACK_OF(X509_NAME) *ret;
520 X509_NAME *name;
521
522 ret=sk_X509_NAME_new_null();
523 for (i=0; i<sk_X509_NAME_num(sk); i++)
524 {
525 name=X509_NAME_dup(sk_X509_NAME_value(sk,i));
526 if ((name == NULL) || !sk_X509_NAME_push(ret,name))
527 {
528 sk_X509_NAME_pop_free(ret,X509_NAME_free);
529 return(NULL);
530 }
531 }
532 return(ret);
533 }
534
535void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *list)
536 {
537 set_client_CA_list(&(s->client_CA),list);
538 }
539
540void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *list)
541 {
542 set_client_CA_list(&(ctx->client_CA),list);
543 }
544
545STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx)
546 {
547 return(ctx->client_CA);
548 }
549
550STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s)
551 {
552 if (s->type == SSL_ST_CONNECT)
553 { /* we are in the client */
554 if (((s->version>>8) == SSL3_VERSION_MAJOR) &&
555 (s->s3 != NULL))
556 return(s->s3->tmp.ca_names);
557 else
558 return(NULL);
559 }
560 else
561 {
562 if (s->client_CA != NULL)
563 return(s->client_CA);
564 else
565 return(s->ctx->client_CA);
566 }
567 }
568
569static int add_client_CA(STACK_OF(X509_NAME) **sk,X509 *x)
570 {
571 X509_NAME *name;
572
573 if (x == NULL) return(0);
574 if ((*sk == NULL) && ((*sk=sk_X509_NAME_new_null()) == NULL))
575 return(0);
576
577 if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL)
578 return(0);
579
580 if (!sk_X509_NAME_push(*sk,name))
581 {
582 X509_NAME_free(name);
583 return(0);
584 }
585 return(1);
586 }
587
588int SSL_add_client_CA(SSL *ssl,X509 *x)
589 {
590 return(add_client_CA(&(ssl->client_CA),x));
591 }
592
593int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x)
594 {
595 return(add_client_CA(&(ctx->client_CA),x));
596 }
597
598static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
599 {
600 return(X509_NAME_cmp(*a,*b));
601 }
602
603#ifndef OPENSSL_NO_STDIO
604/*!
605 * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
606 * it doesn't really have anything to do with clients (except that a common use
607 * for a stack of CAs is to send it to the client). Actually, it doesn't have
608 * much to do with CAs, either, since it will load any old cert.
609 * \param file the file containing one or more certs.
610 * \return a ::STACK containing the certs.
611 */
612STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
613 {
614 BIO *in;
615 X509 *x=NULL;
616 X509_NAME *xn=NULL;
617 STACK_OF(X509_NAME) *ret,*sk;
618
619 ret=sk_X509_NAME_new_null();
620 sk=sk_X509_NAME_new(xname_cmp);
621
622 in=BIO_new(BIO_s_file_internal());
623
624 if ((ret == NULL) || (sk == NULL) || (in == NULL))
625 {
626 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
627 goto err;
628 }
629
630 if (!BIO_read_filename(in,file))
631 goto err;
632
633 for (;;)
634 {
635 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
636 break;
637 if ((xn=X509_get_subject_name(x)) == NULL) goto err;
638 /* check for duplicates */
639 xn=X509_NAME_dup(xn);
640 if (xn == NULL) goto err;
641 if (sk_X509_NAME_find(sk,xn) >= 0)
642 X509_NAME_free(xn);
643 else
644 {
645 sk_X509_NAME_push(sk,xn);
646 sk_X509_NAME_push(ret,xn);
647 }
648 }
649
650 if (0)
651 {
652err:
653 if (ret != NULL) sk_X509_NAME_pop_free(ret,X509_NAME_free);
654 ret=NULL;
655 }
656 if (sk != NULL) sk_X509_NAME_free(sk);
657 if (in != NULL) BIO_free(in);
658 if (x != NULL) X509_free(x);
659 return(ret);
660 }
661#endif
662
663/*!
664 * Add a file of certs to a stack.
665 * \param stack the stack to add to.
666 * \param file the file to add from. All certs in this file that are not
667 * already in the stack will be added.
668 * \return 1 for success, 0 for failure. Note that in the case of failure some
669 * certs may have been added to \c stack.
670 */
671
672int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
673 const char *file)
674 {
675 BIO *in;
676 X509 *x=NULL;
677 X509_NAME *xn=NULL;
678 int ret=1;
679 int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b);
680
681 oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp);
682
683 in=BIO_new(BIO_s_file_internal());
684
685 if (in == NULL)
686 {
687 SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE);
688 goto err;
689 }
690
691 if (!BIO_read_filename(in,file))
692 goto err;
693
694 for (;;)
695 {
696 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
697 break;
698 if ((xn=X509_get_subject_name(x)) == NULL) goto err;
699 xn=X509_NAME_dup(xn);
700 if (xn == NULL) goto err;
701 if (sk_X509_NAME_find(stack,xn) >= 0)
702 X509_NAME_free(xn);
703 else
704 sk_X509_NAME_push(stack,xn);
705 }
706
707 if (0)
708 {
709err:
710 ret=0;
711 }
712 if(in != NULL)
713 BIO_free(in);
714 if(x != NULL)
715 X509_free(x);
716
717 sk_X509_NAME_set_cmp_func(stack,oldcmp);
718
719 return ret;
720 }
721
722/*!
723 * Add a directory of certs to a stack.
724 * \param stack the stack to append to.
725 * \param dir the directory to append from. All files in this directory will be
726 * examined as potential certs. Any that are acceptable to
727 * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be
728 * included.
729 * \return 1 for success, 0 for failure. Note that in the case of failure some
730 * certs may have been added to \c stack.
731 */
732
733#ifndef OPENSSL_SYS_WIN32
734#ifndef OPENSSL_SYS_VMS /* XXXX This may be fixed in the future */
735#ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! */
736
737int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
738 const char *dir)
739 {
740 DIR *d;
741 struct dirent *dstruct;
742 int ret = 0;
743
744 CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
745 d = opendir(dir);
746
747 /* Note that a side effect is that the CAs will be sorted by name */
748 if(!d)
749 {
750 SYSerr(SYS_F_OPENDIR, get_last_sys_error());
751 ERR_add_error_data(3, "opendir('", dir, "')");
752 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
753 goto err;
754 }
755
756 while((dstruct=readdir(d)))
757 {
758 char buf[1024];
759 int r;
760
761 if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf)
762 {
763 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
764 goto err;
765 }
766
767 r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,dstruct->d_name);
768 if (r <= 0 || r >= sizeof buf)
769 goto err;
770 if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
771 goto err;
772 }
773 ret = 1;
774
775err:
776 if (d) closedir(d);
777 CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
778 return ret;
779 }
780
781#endif
782#endif
783
784#else /* OPENSSL_SYS_WIN32 */
785
786int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
787 const char *dir)
788 {
789 WIN32_FIND_DATA FindFileData;
790 HANDLE hFind;
791 int ret = 0;
792#ifdef OPENSSL_SYS_WINCE
793 WCHAR* wdir = NULL;
794#endif
795
796 CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
797
798#ifdef OPENSSL_SYS_WINCE
799 /* convert strings to UNICODE */
800 {
801 BOOL result = FALSE;
802 int i;
803 wdir = malloc((strlen(dir)+1)*2);
804 if (wdir == NULL)
805 goto err_noclose;
806 for (i=0; i<(int)strlen(dir)+1; i++)
807 wdir[i] = (short)dir[i];
808 }
809#endif
810
811#ifdef OPENSSL_SYS_WINCE
812 hFind = FindFirstFile(wdir, &FindFileData);
813#else
814 hFind = FindFirstFile(dir, &FindFileData);
815#endif
816 /* Note that a side effect is that the CAs will be sorted by name */
817 if(hFind == INVALID_HANDLE_VALUE)
818 {
819 SYSerr(SYS_F_OPENDIR, get_last_sys_error());
820 ERR_add_error_data(3, "opendir('", dir, "')");
821 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
822 goto err_noclose;
823 }
824
825 do
826 {
827 char buf[1024];
828 int r;
829
830#ifdef OPENSSL_SYS_WINCE
831 if(strlen(dir)+_tcslen(FindFileData.cFileName)+2 > sizeof buf)
832#else
833 if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf)
834#endif
835 {
836 SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
837 goto err;
838 }
839
840 r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,FindFileData.cFileName);
841 if (r <= 0 || r >= sizeof buf)
842 goto err;
843 if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
844 goto err;
845 }
846 while (FindNextFile(hFind, &FindFileData) != FALSE);
847 ret = 1;
848
849err:
850 FindClose(hFind);
851err_noclose:
852#ifdef OPENSSL_SYS_WINCE
853 if (wdir != NULL)
854 free(wdir);
855#endif
856 CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
857 return ret;
858 }
859
860#endif
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
deleted file mode 100644
index 532fb4e80d..0000000000
--- a/src/lib/libssl/ssl_ciph.c
+++ /dev/null
@@ -1,1145 +0,0 @@
1/* ssl/ssl_ciph.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include <openssl/comp.h>
62#include "ssl_locl.h"
63
64#define SSL_ENC_DES_IDX 0
65#define SSL_ENC_3DES_IDX 1
66#define SSL_ENC_RC4_IDX 2
67#define SSL_ENC_RC2_IDX 3
68#define SSL_ENC_IDEA_IDX 4
69#define SSL_ENC_eFZA_IDX 5
70#define SSL_ENC_NULL_IDX 6
71#define SSL_ENC_AES128_IDX 7
72#define SSL_ENC_AES256_IDX 8
73#define SSL_ENC_NUM_IDX 9
74
75static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
76 NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL
77 };
78
79static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
80
81#define SSL_MD_MD5_IDX 0
82#define SSL_MD_SHA1_IDX 1
83#define SSL_MD_NUM_IDX 2
84static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
85 NULL,NULL,
86 };
87
88#define CIPHER_ADD 1
89#define CIPHER_KILL 2
90#define CIPHER_DEL 3
91#define CIPHER_ORD 4
92#define CIPHER_SPECIAL 5
93
94typedef struct cipher_order_st
95 {
96 SSL_CIPHER *cipher;
97 int active;
98 int dead;
99 struct cipher_order_st *next,*prev;
100 } CIPHER_ORDER;
101
102static const SSL_CIPHER cipher_aliases[]={
103 /* Don't include eNULL unless specifically enabled. */
104 {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
105 {0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, /* COMPLEMENT OF ALL */
106 {0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0},
107 {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */
108 {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0},
109 {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0},
110 {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0},
111 {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0},
112 {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0},
113 {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0},
114 {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
115
116 {0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0}, /* VRS Kerberos5 */
117 {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0},
118 {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0},
119 {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0},
120 {0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0},
121 {0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0},
122 {0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0},
123
124 {0,SSL_TXT_DES, 0,SSL_DES, 0,0,0,0,SSL_ENC_MASK,0},
125 {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0},
126 {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0},
127 {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0},
128#ifndef OPENSSL_NO_IDEA
129 {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
130#endif
131 {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
132 {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
133 {0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0},
134
135 {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
136 {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
137 {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0},
138
139 {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0},
140 {0,SSL_TXT_KRB5,0,SSL_KRB5, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
141 {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
142 {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
143 {0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0},
144
145 {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0},
146 {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0},
147 {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0},
148
149 {0,SSL_TXT_EXP ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
150 {0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
151 {0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK},
152 {0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK},
153 {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
154 {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
155 {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
156 };
157
158static int init_ciphers=1;
159
160static void load_ciphers(void)
161 {
162 init_ciphers=0;
163 ssl_cipher_methods[SSL_ENC_DES_IDX]=
164 EVP_get_cipherbyname(SN_des_cbc);
165 ssl_cipher_methods[SSL_ENC_3DES_IDX]=
166 EVP_get_cipherbyname(SN_des_ede3_cbc);
167 ssl_cipher_methods[SSL_ENC_RC4_IDX]=
168 EVP_get_cipherbyname(SN_rc4);
169 ssl_cipher_methods[SSL_ENC_RC2_IDX]=
170 EVP_get_cipherbyname(SN_rc2_cbc);
171#ifndef OPENSSL_NO_IDEA
172 ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
173 EVP_get_cipherbyname(SN_idea_cbc);
174#else
175 ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL;
176#endif
177 ssl_cipher_methods[SSL_ENC_AES128_IDX]=
178 EVP_get_cipherbyname(SN_aes_128_cbc);
179 ssl_cipher_methods[SSL_ENC_AES256_IDX]=
180 EVP_get_cipherbyname(SN_aes_256_cbc);
181
182 ssl_digest_methods[SSL_MD_MD5_IDX]=
183 EVP_get_digestbyname(SN_md5);
184 ssl_digest_methods[SSL_MD_SHA1_IDX]=
185 EVP_get_digestbyname(SN_sha1);
186 }
187
188int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
189 const EVP_MD **md, SSL_COMP **comp)
190 {
191 int i;
192 SSL_CIPHER *c;
193
194 c=s->cipher;
195 if (c == NULL) return(0);
196 if (comp != NULL)
197 {
198 SSL_COMP ctmp;
199
200 if (s->compress_meth == 0)
201 *comp=NULL;
202 else if (ssl_comp_methods == NULL)
203 {
204 /* bad */
205 *comp=NULL;
206 }
207 else
208 {
209
210 ctmp.id=s->compress_meth;
211 i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
212 if (i >= 0)
213 *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
214 else
215 *comp=NULL;
216 }
217 }
218
219 if ((enc == NULL) || (md == NULL)) return(0);
220
221 switch (c->algorithms & SSL_ENC_MASK)
222 {
223 case SSL_DES:
224 i=SSL_ENC_DES_IDX;
225 break;
226 case SSL_3DES:
227 i=SSL_ENC_3DES_IDX;
228 break;
229 case SSL_RC4:
230 i=SSL_ENC_RC4_IDX;
231 break;
232 case SSL_RC2:
233 i=SSL_ENC_RC2_IDX;
234 break;
235 case SSL_IDEA:
236 i=SSL_ENC_IDEA_IDX;
237 break;
238 case SSL_eNULL:
239 i=SSL_ENC_NULL_IDX;
240 break;
241 case SSL_AES:
242 switch(c->alg_bits)
243 {
244 case 128: i=SSL_ENC_AES128_IDX; break;
245 case 256: i=SSL_ENC_AES256_IDX; break;
246 default: i=-1; break;
247 }
248 break;
249 default:
250 i= -1;
251 break;
252 }
253
254 if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
255 *enc=NULL;
256 else
257 {
258 if (i == SSL_ENC_NULL_IDX)
259 *enc=EVP_enc_null();
260 else
261 *enc=ssl_cipher_methods[i];
262 }
263
264 switch (c->algorithms & SSL_MAC_MASK)
265 {
266 case SSL_MD5:
267 i=SSL_MD_MD5_IDX;
268 break;
269 case SSL_SHA1:
270 i=SSL_MD_SHA1_IDX;
271 break;
272 default:
273 i= -1;
274 break;
275 }
276 if ((i < 0) || (i >= SSL_MD_NUM_IDX))
277 *md=NULL;
278 else
279 *md=ssl_digest_methods[i];
280
281 if ((*enc != NULL) && (*md != NULL))
282 return(1);
283 else
284 return(0);
285 }
286
287#define ITEM_SEP(a) \
288 (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
289
290static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
291 CIPHER_ORDER **tail)
292 {
293 if (curr == *tail) return;
294 if (curr == *head)
295 *head=curr->next;
296 if (curr->prev != NULL)
297 curr->prev->next=curr->next;
298 if (curr->next != NULL) /* should always be true */
299 curr->next->prev=curr->prev;
300 (*tail)->next=curr;
301 curr->prev= *tail;
302 curr->next=NULL;
303 *tail=curr;
304 }
305
306static unsigned long ssl_cipher_get_disabled(void)
307 {
308 unsigned long mask;
309
310 mask = SSL_kFZA;
311#ifdef OPENSSL_NO_RSA
312 mask |= SSL_aRSA|SSL_kRSA;
313#endif
314#ifdef OPENSSL_NO_DSA
315 mask |= SSL_aDSS;
316#endif
317#ifdef OPENSSL_NO_DH
318 mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
319#endif
320#ifdef OPENSSL_NO_KRB5
321 mask |= SSL_kKRB5|SSL_aKRB5;
322#endif
323
324#ifdef SSL_FORBID_ENULL
325 mask |= SSL_eNULL;
326#endif
327
328 mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
329 mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
330 mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
331 mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
332 mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
333 mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
334 mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
335
336 mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
337 mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
338
339 return(mask);
340 }
341
342static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
343 int num_of_ciphers, unsigned long mask, CIPHER_ORDER *list,
344 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
345 {
346 int i, list_num;
347 SSL_CIPHER *c;
348
349 /*
350 * We have num_of_ciphers descriptions compiled in, depending on the
351 * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
352 * These will later be sorted in a linked list with at most num
353 * entries.
354 */
355
356 /* Get the initial list of ciphers */
357 list_num = 0; /* actual count of ciphers */
358 for (i = 0; i < num_of_ciphers; i++)
359 {
360 c = ssl_method->get_cipher(i);
361 /* drop those that use any of that is not available */
362 if ((c != NULL) && c->valid && !(c->algorithms & mask))
363 {
364 list[list_num].cipher = c;
365 list[list_num].next = NULL;
366 list[list_num].prev = NULL;
367 list[list_num].active = 0;
368 list_num++;
369#ifdef KSSL_DEBUG
370 printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms);
371#endif /* KSSL_DEBUG */
372 /*
373 if (!sk_push(ca_list,(char *)c)) goto err;
374 */
375 }
376 }
377
378 /*
379 * Prepare linked list from list entries
380 */
381 for (i = 1; i < list_num - 1; i++)
382 {
383 list[i].prev = &(list[i-1]);
384 list[i].next = &(list[i+1]);
385 }
386 if (list_num > 0)
387 {
388 (*head_p) = &(list[0]);
389 (*head_p)->prev = NULL;
390 (*head_p)->next = &(list[1]);
391 (*tail_p) = &(list[list_num - 1]);
392 (*tail_p)->prev = &(list[list_num - 2]);
393 (*tail_p)->next = NULL;
394 }
395 }
396
397static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
398 int num_of_group_aliases, unsigned long mask,
399 CIPHER_ORDER *head)
400 {
401 CIPHER_ORDER *ciph_curr;
402 SSL_CIPHER **ca_curr;
403 int i;
404
405 /*
406 * First, add the real ciphers as already collected
407 */
408 ciph_curr = head;
409 ca_curr = ca_list;
410 while (ciph_curr != NULL)
411 {
412 *ca_curr = ciph_curr->cipher;
413 ca_curr++;
414 ciph_curr = ciph_curr->next;
415 }
416
417 /*
418 * Now we add the available ones from the cipher_aliases[] table.
419 * They represent either an algorithm, that must be fully
420 * supported (not match any bit in mask) or represent a cipher
421 * strength value (will be added in any case because algorithms=0).
422 */
423 for (i = 0; i < num_of_group_aliases; i++)
424 {
425 if ((i == 0) || /* always fetch "ALL" */
426 !(cipher_aliases[i].algorithms & mask))
427 {
428 *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
429 ca_curr++;
430 }
431 }
432
433 *ca_curr = NULL; /* end of list */
434 }
435
436static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
437 unsigned long algo_strength, unsigned long mask_strength,
438 int rule, int strength_bits, CIPHER_ORDER *list,
439 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
440 {
441 CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2;
442 SSL_CIPHER *cp;
443 unsigned long ma, ma_s;
444
445#ifdef CIPHER_DEBUG
446 printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n",
447 rule, algorithms, mask, algo_strength, mask_strength,
448 strength_bits);
449#endif
450
451 curr = head = *head_p;
452 curr2 = head;
453 tail2 = tail = *tail_p;
454 for (;;)
455 {
456 if ((curr == NULL) || (curr == tail2)) break;
457 curr = curr2;
458 curr2 = curr->next;
459
460 cp = curr->cipher;
461
462 /*
463 * Selection criteria is either the number of strength_bits
464 * or the algorithm used.
465 */
466 if (strength_bits == -1)
467 {
468 ma = mask & cp->algorithms;
469 ma_s = mask_strength & cp->algo_strength;
470
471#ifdef CIPHER_DEBUG
472 printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength);
473 printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength);
474#endif
475 /*
476 * Select: if none of the mask bit was met from the
477 * cipher or not all of the bits were met, the
478 * selection does not apply.
479 */
480 if (((ma == 0) && (ma_s == 0)) ||
481 ((ma & algorithms) != ma) ||
482 ((ma_s & algo_strength) != ma_s))
483 continue; /* does not apply */
484 }
485 else if (strength_bits != cp->strength_bits)
486 continue; /* does not apply */
487
488#ifdef CIPHER_DEBUG
489 printf("Action = %d\n", rule);
490#endif
491
492 /* add the cipher if it has not been added yet. */
493 if (rule == CIPHER_ADD)
494 {
495 if (!curr->active)
496 {
497 ll_append_tail(&head, curr, &tail);
498 curr->active = 1;
499 }
500 }
501 /* Move the added cipher to this location */
502 else if (rule == CIPHER_ORD)
503 {
504 if (curr->active)
505 {
506 ll_append_tail(&head, curr, &tail);
507 }
508 }
509 else if (rule == CIPHER_DEL)
510 curr->active = 0;
511 else if (rule == CIPHER_KILL)
512 {
513 if (head == curr)
514 head = curr->next;
515 else
516 curr->prev->next = curr->next;
517 if (tail == curr)
518 tail = curr->prev;
519 curr->active = 0;
520 if (curr->next != NULL)
521 curr->next->prev = curr->prev;
522 if (curr->prev != NULL)
523 curr->prev->next = curr->next;
524 curr->next = NULL;
525 curr->prev = NULL;
526 }
527 }
528
529 *head_p = head;
530 *tail_p = tail;
531 }
532
533static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p,
534 CIPHER_ORDER **tail_p)
535 {
536 int max_strength_bits, i, *number_uses;
537 CIPHER_ORDER *curr;
538
539 /*
540 * This routine sorts the ciphers with descending strength. The sorting
541 * must keep the pre-sorted sequence, so we apply the normal sorting
542 * routine as '+' movement to the end of the list.
543 */
544 max_strength_bits = 0;
545 curr = *head_p;
546 while (curr != NULL)
547 {
548 if (curr->active &&
549 (curr->cipher->strength_bits > max_strength_bits))
550 max_strength_bits = curr->cipher->strength_bits;
551 curr = curr->next;
552 }
553
554 number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
555 if (!number_uses)
556 {
557 SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE);
558 return(0);
559 }
560 memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
561
562 /*
563 * Now find the strength_bits values actually used
564 */
565 curr = *head_p;
566 while (curr != NULL)
567 {
568 if (curr->active)
569 number_uses[curr->cipher->strength_bits]++;
570 curr = curr->next;
571 }
572 /*
573 * Go through the list of used strength_bits values in descending
574 * order.
575 */
576 for (i = max_strength_bits; i >= 0; i--)
577 if (number_uses[i] > 0)
578 ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i,
579 list, head_p, tail_p);
580
581 OPENSSL_free(number_uses);
582 return(1);
583 }
584
585static int ssl_cipher_process_rulestr(const char *rule_str,
586 CIPHER_ORDER *list, CIPHER_ORDER **head_p,
587 CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
588 {
589 unsigned long algorithms, mask, algo_strength, mask_strength;
590 const char *l, *start, *buf;
591 int j, multi, found, rule, retval, ok, buflen;
592 char ch;
593
594 retval = 1;
595 l = rule_str;
596 for (;;)
597 {
598 ch = *l;
599
600 if (ch == '\0')
601 break; /* done */
602 if (ch == '-')
603 { rule = CIPHER_DEL; l++; }
604 else if (ch == '+')
605 { rule = CIPHER_ORD; l++; }
606 else if (ch == '!')
607 { rule = CIPHER_KILL; l++; }
608 else if (ch == '@')
609 { rule = CIPHER_SPECIAL; l++; }
610 else
611 { rule = CIPHER_ADD; }
612
613 if (ITEM_SEP(ch))
614 {
615 l++;
616 continue;
617 }
618
619 algorithms = mask = algo_strength = mask_strength = 0;
620
621 start=l;
622 for (;;)
623 {
624 ch = *l;
625 buf = l;
626 buflen = 0;
627#ifndef CHARSET_EBCDIC
628 while ( ((ch >= 'A') && (ch <= 'Z')) ||
629 ((ch >= '0') && (ch <= '9')) ||
630 ((ch >= 'a') && (ch <= 'z')) ||
631 (ch == '-'))
632#else
633 while ( isalnum(ch) || (ch == '-'))
634#endif
635 {
636 ch = *(++l);
637 buflen++;
638 }
639
640 if (buflen == 0)
641 {
642 /*
643 * We hit something we cannot deal with,
644 * it is no command or separator nor
645 * alphanumeric, so we call this an error.
646 */
647 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
648 SSL_R_INVALID_COMMAND);
649 retval = found = 0;
650 l++;
651 break;
652 }
653
654 if (rule == CIPHER_SPECIAL)
655 {
656 found = 0; /* unused -- avoid compiler warning */
657 break; /* special treatment */
658 }
659
660 /* check for multi-part specification */
661 if (ch == '+')
662 {
663 multi=1;
664 l++;
665 }
666 else
667 multi=0;
668
669 /*
670 * Now search for the cipher alias in the ca_list. Be careful
671 * with the strncmp, because the "buflen" limitation
672 * will make the rule "ADH:SOME" and the cipher
673 * "ADH-MY-CIPHER" look like a match for buflen=3.
674 * So additionally check whether the cipher name found
675 * has the correct length. We can save a strlen() call:
676 * just checking for the '\0' at the right place is
677 * sufficient, we have to strncmp() anyway. (We cannot
678 * use strcmp(), because buf is not '\0' terminated.)
679 */
680 j = found = 0;
681 while (ca_list[j])
682 {
683 if (!strncmp(buf, ca_list[j]->name, buflen) &&
684 (ca_list[j]->name[buflen] == '\0'))
685 {
686 found = 1;
687 break;
688 }
689 else
690 j++;
691 }
692 if (!found)
693 break; /* ignore this entry */
694
695 algorithms |= ca_list[j]->algorithms;
696 mask |= ca_list[j]->mask;
697 algo_strength |= ca_list[j]->algo_strength;
698 mask_strength |= ca_list[j]->mask_strength;
699
700 if (!multi) break;
701 }
702
703 /*
704 * Ok, we have the rule, now apply it
705 */
706 if (rule == CIPHER_SPECIAL)
707 { /* special command */
708 ok = 0;
709 if ((buflen == 8) &&
710 !strncmp(buf, "STRENGTH", 8))
711 ok = ssl_cipher_strength_sort(list,
712 head_p, tail_p);
713 else
714 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
715 SSL_R_INVALID_COMMAND);
716 if (ok == 0)
717 retval = 0;
718 /*
719 * We do not support any "multi" options
720 * together with "@", so throw away the
721 * rest of the command, if any left, until
722 * end or ':' is found.
723 */
724 while ((*l != '\0') && ITEM_SEP(*l))
725 l++;
726 }
727 else if (found)
728 {
729 ssl_cipher_apply_rule(algorithms, mask,
730 algo_strength, mask_strength, rule, -1,
731 list, head_p, tail_p);
732 }
733 else
734 {
735 while ((*l != '\0') && ITEM_SEP(*l))
736 l++;
737 }
738 if (*l == '\0') break; /* done */
739 }
740
741 return(retval);
742 }
743
744STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
745 STACK_OF(SSL_CIPHER) **cipher_list,
746 STACK_OF(SSL_CIPHER) **cipher_list_by_id,
747 const char *rule_str)
748 {
749 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
750 unsigned long disabled_mask;
751 STACK_OF(SSL_CIPHER) *cipherstack;
752 const char *rule_p;
753 CIPHER_ORDER *list = NULL, *head = NULL, *tail = NULL, *curr;
754 SSL_CIPHER **ca_list = NULL;
755
756 /*
757 * Return with error if nothing to do.
758 */
759 if (rule_str == NULL) return(NULL);
760
761 if (init_ciphers)
762 {
763 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
764 if (init_ciphers) load_ciphers();
765 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
766 }
767
768 /*
769 * To reduce the work to do we only want to process the compiled
770 * in algorithms, so we first get the mask of disabled ciphers.
771 */
772 disabled_mask = ssl_cipher_get_disabled();
773
774 /*
775 * Now we have to collect the available ciphers from the compiled
776 * in ciphers. We cannot get more than the number compiled in, so
777 * it is used for allocation.
778 */
779 num_of_ciphers = ssl_method->num_ciphers();
780#ifdef KSSL_DEBUG
781 printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers);
782#endif /* KSSL_DEBUG */
783 list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
784 if (list == NULL)
785 {
786 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
787 return(NULL); /* Failure */
788 }
789
790 ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
791 list, &head, &tail);
792
793 /*
794 * We also need cipher aliases for selecting based on the rule_str.
795 * There might be two types of entries in the rule_str: 1) names
796 * of ciphers themselves 2) aliases for groups of ciphers.
797 * For 1) we need the available ciphers and for 2) the cipher
798 * groups of cipher_aliases added together in one list (otherwise
799 * we would be happy with just the cipher_aliases table).
800 */
801 num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
802 num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
803 ca_list =
804 (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
805 if (ca_list == NULL)
806 {
807 OPENSSL_free(list);
808 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
809 return(NULL); /* Failure */
810 }
811 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask,
812 head);
813
814 /*
815 * If the rule_string begins with DEFAULT, apply the default rule
816 * before using the (possibly available) additional rules.
817 */
818 ok = 1;
819 rule_p = rule_str;
820 if (strncmp(rule_str,"DEFAULT",7) == 0)
821 {
822 ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
823 list, &head, &tail, ca_list);
824 rule_p += 7;
825 if (*rule_p == ':')
826 rule_p++;
827 }
828
829 if (ok && (strlen(rule_p) > 0))
830 ok = ssl_cipher_process_rulestr(rule_p, list, &head, &tail,
831 ca_list);
832
833 OPENSSL_free(ca_list); /* Not needed anymore */
834
835 if (!ok)
836 { /* Rule processing failure */
837 OPENSSL_free(list);
838 return(NULL);
839 }
840 /*
841 * Allocate new "cipherstack" for the result, return with error
842 * if we cannot get one.
843 */
844 if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
845 {
846 OPENSSL_free(list);
847 return(NULL);
848 }
849
850 /*
851 * The cipher selection for the list is done. The ciphers are added
852 * to the resulting precedence to the STACK_OF(SSL_CIPHER).
853 */
854 for (curr = head; curr != NULL; curr = curr->next)
855 {
856 if (curr->active)
857 {
858 sk_SSL_CIPHER_push(cipherstack, curr->cipher);
859#ifdef CIPHER_DEBUG
860 printf("<%s>\n",curr->cipher->name);
861#endif
862 }
863 }
864 OPENSSL_free(list); /* Not needed any longer */
865
866 /*
867 * The following passage is a little bit odd. If pointer variables
868 * were supplied to hold STACK_OF(SSL_CIPHER) return information,
869 * the old memory pointed to is free()ed. Then, however, the
870 * cipher_list entry will be assigned just a copy of the returned
871 * cipher stack. For cipher_list_by_id a copy of the cipher stack
872 * will be created. See next comment...
873 */
874 if (cipher_list != NULL)
875 {
876 if (*cipher_list != NULL)
877 sk_SSL_CIPHER_free(*cipher_list);
878 *cipher_list = cipherstack;
879 }
880
881 if (cipher_list_by_id != NULL)
882 {
883 if (*cipher_list_by_id != NULL)
884 sk_SSL_CIPHER_free(*cipher_list_by_id);
885 *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
886 }
887
888 /*
889 * Now it is getting really strange. If something failed during
890 * the previous pointer assignment or if one of the pointers was
891 * not requested, the error condition is met. That might be
892 * discussable. The strange thing is however that in this case
893 * the memory "ret" pointed to is "free()ed" and hence the pointer
894 * cipher_list becomes wild. The memory reserved for
895 * cipher_list_by_id however is not "free()ed" and stays intact.
896 */
897 if ( (cipher_list_by_id == NULL) ||
898 (*cipher_list_by_id == NULL) ||
899 (cipher_list == NULL) ||
900 (*cipher_list == NULL))
901 {
902 sk_SSL_CIPHER_free(cipherstack);
903 return(NULL);
904 }
905
906 sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
907
908 return(cipherstack);
909 }
910
911char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
912 {
913 int is_export,pkl,kl;
914 char *ver,*exp;
915 char *kx,*au,*enc,*mac;
916 unsigned long alg,alg2,alg_s;
917#ifdef KSSL_DEBUG
918 static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n";
919#else
920 static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
921#endif /* KSSL_DEBUG */
922
923 alg=cipher->algorithms;
924 alg_s=cipher->algo_strength;
925 alg2=cipher->algorithm2;
926
927 is_export=SSL_C_IS_EXPORT(cipher);
928 pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
929 kl=SSL_C_EXPORT_KEYLENGTH(cipher);
930 exp=is_export?" export":"";
931
932 if (alg & SSL_SSLV2)
933 ver="SSLv2";
934 else if (alg & SSL_SSLV3)
935 ver="SSLv3";
936 else
937 ver="unknown";
938
939 switch (alg&SSL_MKEY_MASK)
940 {
941 case SSL_kRSA:
942 kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";
943 break;
944 case SSL_kDHr:
945 kx="DH/RSA";
946 break;
947 case SSL_kDHd:
948 kx="DH/DSS";
949 break;
950 case SSL_kKRB5: /* VRS */
951 case SSL_KRB5: /* VRS */
952 kx="KRB5";
953 break;
954 case SSL_kFZA:
955 kx="Fortezza";
956 break;
957 case SSL_kEDH:
958 kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
959 break;
960 default:
961 kx="unknown";
962 }
963
964 switch (alg&SSL_AUTH_MASK)
965 {
966 case SSL_aRSA:
967 au="RSA";
968 break;
969 case SSL_aDSS:
970 au="DSS";
971 break;
972 case SSL_aDH:
973 au="DH";
974 break;
975 case SSL_aKRB5: /* VRS */
976 case SSL_KRB5: /* VRS */
977 au="KRB5";
978 break;
979 case SSL_aFZA:
980 case SSL_aNULL:
981 au="None";
982 break;
983 default:
984 au="unknown";
985 break;
986 }
987
988 switch (alg&SSL_ENC_MASK)
989 {
990 case SSL_DES:
991 enc=(is_export && kl == 5)?"DES(40)":"DES(56)";
992 break;
993 case SSL_3DES:
994 enc="3DES(168)";
995 break;
996 case SSL_RC4:
997 enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)")
998 :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
999 break;
1000 case SSL_RC2:
1001 enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)";
1002 break;
1003 case SSL_IDEA:
1004 enc="IDEA(128)";
1005 break;
1006 case SSL_eFZA:
1007 enc="Fortezza";
1008 break;
1009 case SSL_eNULL:
1010 enc="None";
1011 break;
1012 case SSL_AES:
1013 switch(cipher->strength_bits)
1014 {
1015 case 128: enc="AES(128)"; break;
1016 case 192: enc="AES(192)"; break;
1017 case 256: enc="AES(256)"; break;
1018 default: enc="AES(?""?""?)"; break;
1019 }
1020 break;
1021 default:
1022 enc="unknown";
1023 break;
1024 }
1025
1026 switch (alg&SSL_MAC_MASK)
1027 {
1028 case SSL_MD5:
1029 mac="MD5";
1030 break;
1031 case SSL_SHA1:
1032 mac="SHA1";
1033 break;
1034 default:
1035 mac="unknown";
1036 break;
1037 }
1038
1039 if (buf == NULL)
1040 {
1041 len=128;
1042 buf=OPENSSL_malloc(len);
1043 if (buf == NULL) return("OPENSSL_malloc Error");
1044 }
1045 else if (len < 128)
1046 return("Buffer too small");
1047
1048#ifdef KSSL_DEBUG
1049 BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp,alg);
1050#else
1051 BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp);
1052#endif /* KSSL_DEBUG */
1053 return(buf);
1054 }
1055
1056char *SSL_CIPHER_get_version(SSL_CIPHER *c)
1057 {
1058 int i;
1059
1060 if (c == NULL) return("(NONE)");
1061 i=(int)(c->id>>24L);
1062 if (i == 3)
1063 return("TLSv1/SSLv3");
1064 else if (i == 2)
1065 return("SSLv2");
1066 else
1067 return("unknown");
1068 }
1069
1070/* return the actual cipher being used */
1071const char *SSL_CIPHER_get_name(SSL_CIPHER *c)
1072 {
1073 if (c != NULL)
1074 return(c->name);
1075 return("(NONE)");
1076 }
1077
1078/* number of bits for symmetric cipher */
1079int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits)
1080 {
1081 int ret=0;
1082
1083 if (c != NULL)
1084 {
1085 if (alg_bits != NULL) *alg_bits = c->alg_bits;
1086 ret = c->strength_bits;
1087 }
1088 return(ret);
1089 }
1090
1091SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
1092 {
1093 SSL_COMP *ctmp;
1094 int i,nn;
1095
1096 if ((n == 0) || (sk == NULL)) return(NULL);
1097 nn=sk_SSL_COMP_num(sk);
1098 for (i=0; i<nn; i++)
1099 {
1100 ctmp=sk_SSL_COMP_value(sk,i);
1101 if (ctmp->id == n)
1102 return(ctmp);
1103 }
1104 return(NULL);
1105 }
1106
1107static int sk_comp_cmp(const SSL_COMP * const *a,
1108 const SSL_COMP * const *b)
1109 {
1110 return((*a)->id-(*b)->id);
1111 }
1112
1113STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
1114 {
1115 return(ssl_comp_methods);
1116 }
1117
1118int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
1119 {
1120 SSL_COMP *comp;
1121 STACK_OF(SSL_COMP) *sk;
1122
1123 if (cm == NULL || cm->type == NID_undef)
1124 return 1;
1125
1126 MemCheck_off();
1127 comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
1128 comp->id=id;
1129 comp->method=cm;
1130 if (ssl_comp_methods == NULL)
1131 sk=ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
1132 else
1133 sk=ssl_comp_methods;
1134 if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp))
1135 {
1136 MemCheck_on();
1137 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
1138 return(0);
1139 }
1140 else
1141 {
1142 MemCheck_on();
1143 return(1);
1144 }
1145 }
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
deleted file mode 100644
index d2cb181503..0000000000
--- a/src/lib/libssl/ssl_err.c
+++ /dev/null
@@ -1,461 +0,0 @@
1/* ssl/ssl_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/ssl.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67static ERR_STRING_DATA SSL_str_functs[]=
68 {
69{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"},
70{ERR_PACK(0,SSL_F_CLIENT_FINISHED,0), "CLIENT_FINISHED"},
71{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"},
72{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"},
73{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"},
74{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"},
75{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"},
76{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"},
77{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"},
78{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"},
79{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"},
80{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"},
81{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"},
82{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"},
83{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"},
84{ERR_PACK(0,SSL_F_SERVER_FINISH,0), "SERVER_FINISH"},
85{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"},
86{ERR_PACK(0,SSL_F_SERVER_VERIFY,0), "SERVER_VERIFY"},
87{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"},
88{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"},
89{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"},
90{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"},
91{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"},
92{ERR_PACK(0,SSL_F_SSL23_PEEK,0), "SSL23_PEEK"},
93{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"},
94{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"},
95{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"},
96{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"},
97{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"},
98{ERR_PACK(0,SSL_F_SSL2_GENERATE_KEY_MATERIAL,0), "SSL2_GENERATE_KEY_MATERIAL"},
99{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"},
100{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"},
101{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0), "SSL2_READ_INTERNAL"},
102{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"},
103{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"},
104{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"},
105{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0), "SSL3_CALLBACK_CTRL"},
106{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"},
107{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"},
108{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"},
109{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"},
110{ERR_PACK(0,SSL_F_SSL3_CTRL,0), "SSL3_CTRL"},
111{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"},
112{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"},
113{ERR_PACK(0,SSL_F_SSL3_GENERATE_KEY_BLOCK,0), "SSL3_GENERATE_KEY_BLOCK"},
114{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"},
115{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"},
116{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"},
117{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"},
118{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"},
119{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"},
120{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"},
121{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"},
122{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"},
123{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"},
124{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"},
125{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"},
126{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"},
127{ERR_PACK(0,SSL_F_SSL3_PEEK,0), "SSL3_PEEK"},
128{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"},
129{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"},
130{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"},
131{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"},
132{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
133{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"},
134{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"},
135{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_HELLO,0), "SSL3_SEND_SERVER_HELLO"},
136{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
137{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"},
138{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"},
139{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"},
140{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"},
141{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0), "SSL_add_dir_cert_subjects_to_stack"},
142{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0), "SSL_add_file_cert_subjects_to_stack"},
143{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"},
144{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"},
145{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0), "SSL_CERT_DUP"},
146{ERR_PACK(0,SSL_F_SSL_CERT_INST,0), "SSL_CERT_INST"},
147{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0), "SSL_CERT_INSTANTIATE"},
148{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"},
149{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"},
150{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0), "SSL_CIPHER_PROCESS_RULESTR"},
151{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0), "SSL_CIPHER_STRENGTH_SORT"},
152{ERR_PACK(0,SSL_F_SSL_CLEAR,0), "SSL_clear"},
153{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0), "SSL_COMP_add_compression_method"},
154{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"},
155{ERR_PACK(0,SSL_F_SSL_CTRL,0), "SSL_ctrl"},
156{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
157{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"},
158{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0), "SSL_CTX_set_purpose"},
159{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0), "SSL_CTX_set_session_id_context"},
160{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"},
161{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0), "SSL_CTX_set_trust"},
162{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"},
163{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"},
164{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0), "SSL_CTX_use_certificate_chain_file"},
165{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"},
166{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"},
167{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"},
168{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"},
169{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"},
170{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"},
171{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"},
172{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"},
173{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"},
174{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0), "SSL_GET_PREV_SESSION"},
175{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"},
176{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"},
177{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0), "SSL_INIT_WBIO_BUFFER"},
178{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"},
179{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"},
180{ERR_PACK(0,SSL_F_SSL_READ,0), "SSL_read"},
181{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"},
182{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"},
183{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"},
184{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"},
185{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0), "SSL_SESS_CERT_NEW"},
186{ERR_PACK(0,SSL_F_SSL_SET_CERT,0), "SSL_SET_CERT"},
187{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"},
188{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"},
189{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0), "SSL_set_purpose"},
190{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"},
191{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"},
192{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0), "SSL_set_session_id_context"},
193{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0), "SSL_set_trust"},
194{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"},
195{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0), "SSL_shutdown"},
196{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"},
197{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"},
198{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"},
199{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"},
200{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"},
201{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"},
202{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"},
203{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"},
204{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"},
205{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"},
206{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0), "SSL_VERIFY_CERT_CHAIN"},
207{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"},
208{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0), "TLS1_CHANGE_CIPHER_STATE"},
209{ERR_PACK(0,SSL_F_TLS1_ENC,0), "TLS1_ENC"},
210{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0), "TLS1_SETUP_KEY_BLOCK"},
211{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"},
212{0,NULL}
213 };
214
215static ERR_STRING_DATA SSL_str_reasons[]=
216 {
217{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"},
218{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"},
219{SSL_R_BAD_ALERT_RECORD ,"bad alert record"},
220{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"},
221{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"},
222{SSL_R_BAD_CHECKSUM ,"bad checksum"},
223{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"},
224{SSL_R_BAD_DECOMPRESSION ,"bad decompression"},
225{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"},
226{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"},
227{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"},
228{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"},
229{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"},
230{SSL_R_BAD_HELLO_REQUEST ,"bad hello request"},
231{SSL_R_BAD_LENGTH ,"bad length"},
232{SSL_R_BAD_MAC_DECODE ,"bad mac decode"},
233{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"},
234{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"},
235{SSL_R_BAD_PROTOCOL_VERSION_NUMBER ,"bad protocol version number"},
236{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"},
237{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"},
238{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"},
239{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"},
240{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"},
241{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"},
242{SSL_R_BAD_SIGNATURE ,"bad signature"},
243{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"},
244{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"},
245{SSL_R_BAD_STATE ,"bad state"},
246{SSL_R_BAD_WRITE_RETRY ,"bad write retry"},
247{SSL_R_BIO_NOT_SET ,"bio not set"},
248{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"},
249{SSL_R_BN_LIB ,"bn lib"},
250{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"},
251{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"},
252{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"},
253{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"},
254{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"},
255{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"},
256{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"},
257{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"},
258{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"},
259{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"},
260{SSL_R_COMPRESSION_FAILURE ,"compression failure"},
261{SSL_R_COMPRESSION_LIBRARY_ERROR ,"compression library error"},
262{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"},
263{SSL_R_CONNECTION_TYPE_NOT_SET ,"connection type not set"},
264{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"},
265{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"},
266{SSL_R_DECRYPTION_FAILED ,"decryption failed"},
267{SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC,"decryption failed or bad record mac"},
268{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"},
269{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"},
270{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"},
271{SSL_R_ERROR_GENERATING_TMP_RSA_KEY ,"error generating tmp rsa key"},
272{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"},
273{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"},
274{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"},
275{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"},
276{SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"},
277{SSL_R_HTTP_REQUEST ,"http request"},
278{SSL_R_ILLEGAL_PADDING ,"illegal padding"},
279{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"},
280{SSL_R_INVALID_COMMAND ,"invalid command"},
281{SSL_R_INVALID_PURPOSE ,"invalid purpose"},
282{SSL_R_INVALID_TRUST ,"invalid trust"},
283{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"},
284{SSL_R_KRB5 ,"krb5"},
285{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"},
286{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"},
287{SSL_R_KRB5_C_INIT ,"krb5 client init"},
288{SSL_R_KRB5_C_MK_REQ ,"krb5 client mk_req (expired tkt?)"},
289{SSL_R_KRB5_S_BAD_TICKET ,"krb5 server bad ticket"},
290{SSL_R_KRB5_S_INIT ,"krb5 server init"},
291{SSL_R_KRB5_S_RD_REQ ,"krb5 server rd_req (keytab perms?)"},
292{SSL_R_KRB5_S_TKT_EXPIRED ,"krb5 server tkt expired"},
293{SSL_R_KRB5_S_TKT_NYV ,"krb5 server tkt not yet valid"},
294{SSL_R_KRB5_S_TKT_SKEW ,"krb5 server tkt skew"},
295{SSL_R_LENGTH_MISMATCH ,"length mismatch"},
296{SSL_R_LENGTH_TOO_SHORT ,"length too short"},
297{SSL_R_LIBRARY_BUG ,"library bug"},
298{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"},
299{SSL_R_MASTER_KEY_TOO_LONG ,"master key too long"},
300{SSL_R_MESSAGE_TOO_LONG ,"message too long"},
301{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"},
302{SSL_R_MISSING_DH_KEY ,"missing dh key"},
303{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"},
304{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"},
305{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"},
306{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"},
307{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"},
308{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"},
309{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"},
310{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"},
311{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"},
312{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"},
313{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"},
314{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"},
315{SSL_R_NO_CERTIFICATES_RETURNED ,"no certificates returned"},
316{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"},
317{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"},
318{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"},
319{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"},
320{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"},
321{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"},
322{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"},
323{SSL_R_NO_CIPHER_LIST ,"no cipher list"},
324{SSL_R_NO_CIPHER_MATCH ,"no cipher match"},
325{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"},
326{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"},
327{SSL_R_NO_METHOD_SPECIFIED ,"no method specified"},
328{SSL_R_NO_PRIVATEKEY ,"no privatekey"},
329{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"},
330{SSL_R_NO_PROTOCOLS_AVAILABLE ,"no protocols available"},
331{SSL_R_NO_PUBLICKEY ,"no publickey"},
332{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"},
333{SSL_R_NO_VERIFY_CALLBACK ,"no verify callback"},
334{SSL_R_NULL_SSL_CTX ,"null ssl ctx"},
335{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"},
336{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"},
337{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"},
338{SSL_R_PATH_TOO_LONG ,"path too long"},
339{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
340{SSL_R_PEER_ERROR ,"peer error"},
341{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"},
342{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"},
343{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"},
344{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
345{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"},
346{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
347{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"},
348{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"},
349{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"},
350{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
351{SSL_R_READ_BIO_NOT_SET ,"read bio not set"},
352{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"},
353{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"},
354{SSL_R_RECORD_TOO_LARGE ,"record too large"},
355{SSL_R_RECORD_TOO_SMALL ,"record too small"},
356{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"},
357{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"},
358{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"},
359{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"},
360{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ,"session id context uninitialized"},
361{SSL_R_SHORT_READ ,"short read"},
362{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
363{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"},
364{SSL_R_SSL2_CONNECTION_ID_TOO_LONG ,"ssl2 connection id too long"},
365{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"},
366{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},
367{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},
368{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"},
369{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"},
370{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"},
371{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"},
372{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
373{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"},
374{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"},
375{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"},
376{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
377{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
378{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"},
379{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
380{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"},
381{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
382{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
383{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
384{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"},
385{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"},
386{SSL_R_SSL_SESSION_ID_CALLBACK_FAILED ,"ssl session id callback failed"},
387{SSL_R_SSL_SESSION_ID_CONFLICT ,"ssl session id conflict"},
388{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG ,"ssl session id context too long"},
389{SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH ,"ssl session id has bad length"},
390{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"},
391{SSL_R_TLSV1_ALERT_ACCESS_DENIED ,"tlsv1 alert access denied"},
392{SSL_R_TLSV1_ALERT_DECODE_ERROR ,"tlsv1 alert decode error"},
393{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ,"tlsv1 alert decryption failed"},
394{SSL_R_TLSV1_ALERT_DECRYPT_ERROR ,"tlsv1 alert decrypt error"},
395{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION ,"tlsv1 alert export restriction"},
396{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"},
397{SSL_R_TLSV1_ALERT_INTERNAL_ERROR ,"tlsv1 alert internal error"},
398{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ,"tlsv1 alert no renegotiation"},
399{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ,"tlsv1 alert protocol version"},
400{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ,"tlsv1 alert record overflow"},
401{SSL_R_TLSV1_ALERT_UNKNOWN_CA ,"tlsv1 alert unknown ca"},
402{SSL_R_TLSV1_ALERT_USER_CANCELLED ,"tlsv1 alert user cancelled"},
403{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
404{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
405{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
406{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"},
407{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"},
408{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"},
409{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"},
410{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
411{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"},
412{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES ,"unable to load ssl2 md5 routines"},
413{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ,"unable to load ssl3 md5 routines"},
414{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
415{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"},
416{SSL_R_UNEXPECTED_RECORD ,"unexpected record"},
417{SSL_R_UNINITIALIZED ,"uninitialized"},
418{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"},
419{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"},
420{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"},
421{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"},
422{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"},
423{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"},
424{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"},
425{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"},
426{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"},
427{SSL_R_UNKNOWN_STATE ,"unknown state"},
428{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
429{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
430{SSL_R_UNSUPPORTED_OPTION ,"unsupported option"},
431{SSL_R_UNSUPPORTED_PROTOCOL ,"unsupported protocol"},
432{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"},
433{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"},
434{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"},
435{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"},
436{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"},
437{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
438{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"},
439{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"},
440{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"},
441{SSL_R_X509_LIB ,"x509 lib"},
442{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS ,"x509 verification setup problems"},
443{0,NULL}
444 };
445
446#endif
447
448void ERR_load_SSL_strings(void)
449 {
450 static int init=1;
451
452 if (init)
453 {
454 init=0;
455#ifndef OPENSSL_NO_ERR
456 ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
457 ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
458#endif
459
460 }
461 }
diff --git a/src/lib/libssl/ssl_err2.c b/src/lib/libssl/ssl_err2.c
deleted file mode 100644
index ea95a5f983..0000000000
--- a/src/lib/libssl/ssl_err2.c
+++ /dev/null
@@ -1,70 +0,0 @@
1/* ssl/ssl_err2.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/err.h>
61#include <openssl/ssl.h>
62
63void SSL_load_error_strings(void)
64 {
65#ifndef OPENSSL_NO_ERR
66 ERR_load_crypto_strings();
67 ERR_load_SSL_strings();
68#endif
69 }
70
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
deleted file mode 100644
index ee9a82d586..0000000000
--- a/src/lib/libssl/ssl_lib.c
+++ /dev/null
@@ -1,2319 +0,0 @@
1/*! \file ssl/ssl_lib.c
2 * \brief Version independent SSL functions.
3 */
4/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * All rights reserved.
6 *
7 * This package is an SSL implementation written
8 * by Eric Young (eay@cryptsoft.com).
9 * The implementation was written so as to conform with Netscapes SSL.
10 *
11 * This library is free for commercial and non-commercial use as long as
12 * the following conditions are aheared to. The following conditions
13 * apply to all code found in this distribution, be it the RC4, RSA,
14 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
15 * included with this distribution is covered by the same copyright terms
16 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
17 *
18 * Copyright remains Eric Young's, and as such any Copyright notices in
19 * the code are not to be removed.
20 * If this package is used in a product, Eric Young should be given attribution
21 * as the author of the parts of the library used.
22 * This can be in the form of a textual message at program startup or
23 * in documentation (online or textual) provided with the package.
24 *
25 * Redistribution and use in source and binary forms, with or without
26 * modification, are permitted provided that the following conditions
27 * are met:
28 * 1. Redistributions of source code must retain the copyright
29 * notice, this list of conditions and the following disclaimer.
30 * 2. Redistributions in binary form must reproduce the above copyright
31 * notice, this list of conditions and the following disclaimer in the
32 * documentation and/or other materials provided with the distribution.
33 * 3. All advertising materials mentioning features or use of this software
34 * must display the following acknowledgement:
35 * "This product includes cryptographic software written by
36 * Eric Young (eay@cryptsoft.com)"
37 * The word 'cryptographic' can be left out if the rouines from the library
38 * being used are not cryptographic related :-).
39 * 4. If you include any Windows specific code (or a derivative thereof) from
40 * the apps directory (application code) you must include an acknowledgement:
41 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
42 *
43 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
44 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
45 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
46 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
47 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
48 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
49 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
50 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
51 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
52 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * SUCH DAMAGE.
54 *
55 * The licence and distribution terms for any publically available version or
56 * derivative of this code cannot be changed. i.e. this code cannot simply be
57 * copied and put under another distribution licence
58 * [including the GNU Public Licence.]
59 */
60/* ====================================================================
61 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
62 *
63 * Redistribution and use in source and binary forms, with or without
64 * modification, are permitted provided that the following conditions
65 * are met:
66 *
67 * 1. Redistributions of source code must retain the above copyright
68 * notice, this list of conditions and the following disclaimer.
69 *
70 * 2. Redistributions in binary form must reproduce the above copyright
71 * notice, this list of conditions and the following disclaimer in
72 * the documentation and/or other materials provided with the
73 * distribution.
74 *
75 * 3. All advertising materials mentioning features or use of this
76 * software must display the following acknowledgment:
77 * "This product includes software developed by the OpenSSL Project
78 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
79 *
80 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
81 * endorse or promote products derived from this software without
82 * prior written permission. For written permission, please contact
83 * openssl-core@openssl.org.
84 *
85 * 5. Products derived from this software may not be called "OpenSSL"
86 * nor may "OpenSSL" appear in their names without prior written
87 * permission of the OpenSSL Project.
88 *
89 * 6. Redistributions of any form whatsoever must retain the following
90 * acknowledgment:
91 * "This product includes software developed by the OpenSSL Project
92 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
93 *
94 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
95 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
97 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
98 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
99 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
100 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
101 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
102 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
103 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
104 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
105 * OF THE POSSIBILITY OF SUCH DAMAGE.
106 * ====================================================================
107 *
108 * This product includes cryptographic software written by Eric Young
109 * (eay@cryptsoft.com). This product includes software written by Tim
110 * Hudson (tjh@cryptsoft.com).
111 *
112 */
113
114
115#ifdef REF_CHECK
116# include <assert.h>
117#endif
118#include <stdio.h>
119#include "ssl_locl.h"
120#include "kssl_lcl.h"
121#include <openssl/objects.h>
122#include <openssl/lhash.h>
123#include <openssl/x509v3.h>
124
125const char *SSL_version_str=OPENSSL_VERSION_TEXT;
126
127OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
128 /* evil casts, but these functions are only called if there's a library bug */
129 (int (*)(SSL *,int))ssl_undefined_function,
130 (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
131 ssl_undefined_function,
132 (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
133 (int (*)(SSL*, int))ssl_undefined_function,
134 (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
135 };
136
137int SSL_clear(SSL *s)
138 {
139
140 if (s->method == NULL)
141 {
142 SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED);
143 return(0);
144 }
145
146 if (ssl_clear_bad_session(s))
147 {
148 SSL_SESSION_free(s->session);
149 s->session=NULL;
150 }
151
152 s->error=0;
153 s->hit=0;
154 s->shutdown=0;
155
156#if 0 /* Disabled since version 1.10 of this file (early return not
157 * needed because SSL_clear is not called when doing renegotiation) */
158 /* This is set if we are doing dynamic renegotiation so keep
159 * the old cipher. It is sort of a SSL_clear_lite :-) */
160 if (s->new_session) return(1);
161#else
162 if (s->new_session)
163 {
164 SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
165 return 0;
166 }
167#endif
168
169 s->type=0;
170
171 s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
172
173 s->version=s->method->version;
174 s->client_version=s->version;
175 s->rwstate=SSL_NOTHING;
176 s->rstate=SSL_ST_READ_HEADER;
177#if 0
178 s->read_ahead=s->ctx->read_ahead;
179#endif
180
181 if (s->init_buf != NULL)
182 {
183 BUF_MEM_free(s->init_buf);
184 s->init_buf=NULL;
185 }
186
187 ssl_clear_cipher_ctx(s);
188
189 s->first_packet=0;
190
191#if 1
192 /* Check to see if we were changed into a different method, if
193 * so, revert back if we are not doing session-id reuse. */
194 if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method))
195 {
196 s->method->ssl_free(s);
197 s->method=s->ctx->method;
198 if (!s->method->ssl_new(s))
199 return(0);
200 }
201 else
202#endif
203 s->method->ssl_clear(s);
204 return(1);
205 }
206
207/** Used to change an SSL_CTXs default SSL method type */
208int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth)
209 {
210 STACK_OF(SSL_CIPHER) *sk;
211
212 ctx->method=meth;
213
214 sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
215 &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
216 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
217 {
218 SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
219 return(0);
220 }
221 return(1);
222 }
223
224SSL *SSL_new(SSL_CTX *ctx)
225 {
226 SSL *s;
227
228 if (ctx == NULL)
229 {
230 SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
231 return(NULL);
232 }
233 if (ctx->method == NULL)
234 {
235 SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
236 return(NULL);
237 }
238
239 s=(SSL *)OPENSSL_malloc(sizeof(SSL));
240 if (s == NULL) goto err;
241 memset(s,0,sizeof(SSL));
242
243#ifndef OPENSSL_NO_KRB5
244 s->kssl_ctx = kssl_ctx_new();
245#endif /* OPENSSL_NO_KRB5 */
246
247 s->options=ctx->options;
248 s->mode=ctx->mode;
249 s->max_cert_list=ctx->max_cert_list;
250
251 if (ctx->cert != NULL)
252 {
253 /* Earlier library versions used to copy the pointer to
254 * the CERT, not its contents; only when setting new
255 * parameters for the per-SSL copy, ssl_cert_new would be
256 * called (and the direct reference to the per-SSL_CTX
257 * settings would be lost, but those still were indirectly
258 * accessed for various purposes, and for that reason they
259 * used to be known as s->ctx->default_cert).
260 * Now we don't look at the SSL_CTX's CERT after having
261 * duplicated it once. */
262
263 s->cert = ssl_cert_dup(ctx->cert);
264 if (s->cert == NULL)
265 goto err;
266 }
267 else
268 s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
269
270 s->read_ahead=ctx->read_ahead;
271 s->msg_callback=ctx->msg_callback;
272 s->msg_callback_arg=ctx->msg_callback_arg;
273 s->verify_mode=ctx->verify_mode;
274 s->verify_depth=ctx->verify_depth;
275 s->sid_ctx_length=ctx->sid_ctx_length;
276 OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
277 memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
278 s->verify_callback=ctx->default_verify_callback;
279 s->generate_session_id=ctx->generate_session_id;
280 s->purpose = ctx->purpose;
281 s->trust = ctx->trust;
282 s->quiet_shutdown=ctx->quiet_shutdown;
283
284 CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
285 s->ctx=ctx;
286
287 s->verify_result=X509_V_OK;
288
289 s->method=ctx->method;
290
291 if (!s->method->ssl_new(s))
292 goto err;
293
294 s->references=1;
295 s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
296
297 SSL_clear(s);
298
299 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
300
301 return(s);
302err:
303 if (s != NULL)
304 {
305 if (s->cert != NULL)
306 ssl_cert_free(s->cert);
307 if (s->ctx != NULL)
308 SSL_CTX_free(s->ctx); /* decrement reference count */
309 OPENSSL_free(s);
310 }
311 SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
312 return(NULL);
313 }
314
315int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
316 unsigned int sid_ctx_len)
317 {
318 if(sid_ctx_len > sizeof ctx->sid_ctx)
319 {
320 SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
321 return 0;
322 }
323 ctx->sid_ctx_length=sid_ctx_len;
324 memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
325
326 return 1;
327 }
328
329int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
330 unsigned int sid_ctx_len)
331 {
332 if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
333 {
334 SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
335 return 0;
336 }
337 ssl->sid_ctx_length=sid_ctx_len;
338 memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len);
339
340 return 1;
341 }
342
343int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
344 {
345 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
346 ctx->generate_session_id = cb;
347 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
348 return 1;
349 }
350
351int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
352 {
353 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
354 ssl->generate_session_id = cb;
355 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
356 return 1;
357 }
358
359int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
360 unsigned int id_len)
361 {
362 /* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
363 * we can "construct" a session to give us the desired check - ie. to
364 * find if there's a session in the hash table that would conflict with
365 * any new session built out of this id/id_len and the ssl_version in
366 * use by this SSL. */
367 SSL_SESSION r, *p;
368
369 if(id_len > sizeof r.session_id)
370 return 0;
371
372 r.ssl_version = ssl->version;
373 r.session_id_length = id_len;
374 memcpy(r.session_id, id, id_len);
375 /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
376 * callback is calling us to check the uniqueness of a shorter ID, it
377 * must be compared as a padded-out ID because that is what it will be
378 * converted to when the callback has finished choosing it. */
379 if((r.ssl_version == SSL2_VERSION) &&
380 (id_len < SSL2_SSL_SESSION_ID_LENGTH))
381 {
382 memset(r.session_id + id_len, 0,
383 SSL2_SSL_SESSION_ID_LENGTH - id_len);
384 r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
385 }
386
387 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
388 p = (SSL_SESSION *)lh_retrieve(ssl->ctx->sessions, &r);
389 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
390 return (p != NULL);
391 }
392
393int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
394 {
395 return X509_PURPOSE_set(&s->purpose, purpose);
396 }
397
398int SSL_set_purpose(SSL *s, int purpose)
399 {
400 return X509_PURPOSE_set(&s->purpose, purpose);
401 }
402
403int SSL_CTX_set_trust(SSL_CTX *s, int trust)
404 {
405 return X509_TRUST_set(&s->trust, trust);
406 }
407
408int SSL_set_trust(SSL *s, int trust)
409 {
410 return X509_TRUST_set(&s->trust, trust);
411 }
412
413void SSL_free(SSL *s)
414 {
415 int i;
416
417 if(s == NULL)
418 return;
419
420 i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
421#ifdef REF_PRINT
422 REF_PRINT("SSL",s);
423#endif
424 if (i > 0) return;
425#ifdef REF_CHECK
426 if (i < 0)
427 {
428 fprintf(stderr,"SSL_free, bad reference count\n");
429 abort(); /* ok */
430 }
431#endif
432
433 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
434
435 if (s->bbio != NULL)
436 {
437 /* If the buffering BIO is in place, pop it off */
438 if (s->bbio == s->wbio)
439 {
440 s->wbio=BIO_pop(s->wbio);
441 }
442 BIO_free(s->bbio);
443 s->bbio=NULL;
444 }
445 if (s->rbio != NULL)
446 BIO_free_all(s->rbio);
447 if ((s->wbio != NULL) && (s->wbio != s->rbio))
448 BIO_free_all(s->wbio);
449
450 if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
451
452 /* add extra stuff */
453 if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
454 if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
455
456 /* Make the next call work :-) */
457 if (s->session != NULL)
458 {
459 ssl_clear_bad_session(s);
460 SSL_SESSION_free(s->session);
461 }
462
463 ssl_clear_cipher_ctx(s);
464
465 if (s->cert != NULL) ssl_cert_free(s->cert);
466 /* Free up if allocated */
467
468 if (s->ctx) SSL_CTX_free(s->ctx);
469
470 if (s->client_CA != NULL)
471 sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
472
473 if (s->method != NULL) s->method->ssl_free(s);
474
475#ifndef OPENSSL_NO_KRB5
476 if (s->kssl_ctx != NULL)
477 kssl_ctx_free(s->kssl_ctx);
478#endif /* OPENSSL_NO_KRB5 */
479
480 OPENSSL_free(s);
481 }
482
483void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
484 {
485 /* If the output buffering BIO is still in place, remove it
486 */
487 if (s->bbio != NULL)
488 {
489 if (s->wbio == s->bbio)
490 {
491 s->wbio=s->wbio->next_bio;
492 s->bbio->next_bio=NULL;
493 }
494 }
495 if ((s->rbio != NULL) && (s->rbio != rbio))
496 BIO_free_all(s->rbio);
497 if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
498 BIO_free_all(s->wbio);
499 s->rbio=rbio;
500 s->wbio=wbio;
501 }
502
503BIO *SSL_get_rbio(SSL *s)
504 { return(s->rbio); }
505
506BIO *SSL_get_wbio(SSL *s)
507 { return(s->wbio); }
508
509int SSL_get_fd(SSL *s)
510 {
511 return(SSL_get_rfd(s));
512 }
513
514int SSL_get_rfd(SSL *s)
515 {
516 int ret= -1;
517 BIO *b,*r;
518
519 b=SSL_get_rbio(s);
520 r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
521 if (r != NULL)
522 BIO_get_fd(r,&ret);
523 return(ret);
524 }
525
526int SSL_get_wfd(SSL *s)
527 {
528 int ret= -1;
529 BIO *b,*r;
530
531 b=SSL_get_wbio(s);
532 r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
533 if (r != NULL)
534 BIO_get_fd(r,&ret);
535 return(ret);
536 }
537
538#ifndef OPENSSL_NO_SOCK
539int SSL_set_fd(SSL *s,int fd)
540 {
541 int ret=0;
542 BIO *bio=NULL;
543
544 bio=BIO_new(BIO_s_socket());
545
546 if (bio == NULL)
547 {
548 SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
549 goto err;
550 }
551 BIO_set_fd(bio,fd,BIO_NOCLOSE);
552 SSL_set_bio(s,bio,bio);
553 ret=1;
554err:
555 return(ret);
556 }
557
558int SSL_set_wfd(SSL *s,int fd)
559 {
560 int ret=0;
561 BIO *bio=NULL;
562
563 if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
564 || ((int)BIO_get_fd(s->rbio,NULL) != fd))
565 {
566 bio=BIO_new(BIO_s_socket());
567
568 if (bio == NULL)
569 { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
570 BIO_set_fd(bio,fd,BIO_NOCLOSE);
571 SSL_set_bio(s,SSL_get_rbio(s),bio);
572 }
573 else
574 SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
575 ret=1;
576err:
577 return(ret);
578 }
579
580int SSL_set_rfd(SSL *s,int fd)
581 {
582 int ret=0;
583 BIO *bio=NULL;
584
585 if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
586 || ((int)BIO_get_fd(s->wbio,NULL) != fd))
587 {
588 bio=BIO_new(BIO_s_socket());
589
590 if (bio == NULL)
591 {
592 SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
593 goto err;
594 }
595 BIO_set_fd(bio,fd,BIO_NOCLOSE);
596 SSL_set_bio(s,bio,SSL_get_wbio(s));
597 }
598 else
599 SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
600 ret=1;
601err:
602 return(ret);
603 }
604#endif
605
606
607/* return length of latest Finished message we sent, copy to 'buf' */
608size_t SSL_get_finished(SSL *s, void *buf, size_t count)
609 {
610 size_t ret = 0;
611
612 if (s->s3 != NULL)
613 {
614 ret = s->s3->tmp.finish_md_len;
615 if (count > ret)
616 count = ret;
617 memcpy(buf, s->s3->tmp.finish_md, count);
618 }
619 return ret;
620 }
621
622/* return length of latest Finished message we expected, copy to 'buf' */
623size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
624 {
625 size_t ret = 0;
626
627 if (s->s3 != NULL)
628 {
629 ret = s->s3->tmp.peer_finish_md_len;
630 if (count > ret)
631 count = ret;
632 memcpy(buf, s->s3->tmp.peer_finish_md, count);
633 }
634 return ret;
635 }
636
637
638int SSL_get_verify_mode(SSL *s)
639 {
640 return(s->verify_mode);
641 }
642
643int SSL_get_verify_depth(SSL *s)
644 {
645 return(s->verify_depth);
646 }
647
648int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *)
649 {
650 return(s->verify_callback);
651 }
652
653int SSL_CTX_get_verify_mode(SSL_CTX *ctx)
654 {
655 return(ctx->verify_mode);
656 }
657
658int SSL_CTX_get_verify_depth(SSL_CTX *ctx)
659 {
660 return(ctx->verify_depth);
661 }
662
663int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *)
664 {
665 return(ctx->default_verify_callback);
666 }
667
668void SSL_set_verify(SSL *s,int mode,
669 int (*callback)(int ok,X509_STORE_CTX *ctx))
670 {
671 s->verify_mode=mode;
672 if (callback != NULL)
673 s->verify_callback=callback;
674 }
675
676void SSL_set_verify_depth(SSL *s,int depth)
677 {
678 s->verify_depth=depth;
679 }
680
681void SSL_set_read_ahead(SSL *s,int yes)
682 {
683 s->read_ahead=yes;
684 }
685
686int SSL_get_read_ahead(SSL *s)
687 {
688 return(s->read_ahead);
689 }
690
691int SSL_pending(SSL *s)
692 {
693 /* SSL_pending cannot work properly if read-ahead is enabled
694 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
695 * and it is impossible to fix since SSL_pending cannot report
696 * errors that may be observed while scanning the new data.
697 * (Note that SSL_pending() is often used as a boolean value,
698 * so we'd better not return -1.)
699 */
700 return(s->method->ssl_pending(s));
701 }
702
703X509 *SSL_get_peer_certificate(SSL *s)
704 {
705 X509 *r;
706
707 if ((s == NULL) || (s->session == NULL))
708 r=NULL;
709 else
710 r=s->session->peer;
711
712 if (r == NULL) return(r);
713
714 CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
715
716 return(r);
717 }
718
719STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
720 {
721 STACK_OF(X509) *r;
722
723 if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
724 r=NULL;
725 else
726 r=s->session->sess_cert->cert_chain;
727
728 /* If we are a client, cert_chain includes the peer's own
729 * certificate; if we are a server, it does not. */
730
731 return(r);
732 }
733
734/* Now in theory, since the calling process own 't' it should be safe to
735 * modify. We need to be able to read f without being hassled */
736void SSL_copy_session_id(SSL *t,SSL *f)
737 {
738 CERT *tmp;
739
740 /* Do we need to to SSL locking? */
741 SSL_set_session(t,SSL_get_session(f));
742
743 /* what if we are setup as SSLv2 but want to talk SSLv3 or
744 * vice-versa */
745 if (t->method != f->method)
746 {
747 t->method->ssl_free(t); /* cleanup current */
748 t->method=f->method; /* change method */
749 t->method->ssl_new(t); /* setup new */
750 }
751
752 tmp=t->cert;
753 if (f->cert != NULL)
754 {
755 CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
756 t->cert=f->cert;
757 }
758 else
759 t->cert=NULL;
760 if (tmp != NULL) ssl_cert_free(tmp);
761 SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length);
762 }
763
764/* Fix this so it checks all the valid key/cert options */
765int SSL_CTX_check_private_key(SSL_CTX *ctx)
766 {
767 if ( (ctx == NULL) ||
768 (ctx->cert == NULL) ||
769 (ctx->cert->key->x509 == NULL))
770 {
771 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
772 return(0);
773 }
774 if (ctx->cert->key->privatekey == NULL)
775 {
776 SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
777 return(0);
778 }
779 return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
780 }
781
782/* Fix this function so that it takes an optional type parameter */
783int SSL_check_private_key(SSL *ssl)
784 {
785 if (ssl == NULL)
786 {
787 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
788 return(0);
789 }
790 if (ssl->cert == NULL)
791 {
792 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
793 return 0;
794 }
795 if (ssl->cert->key->x509 == NULL)
796 {
797 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
798 return(0);
799 }
800 if (ssl->cert->key->privatekey == NULL)
801 {
802 SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
803 return(0);
804 }
805 return(X509_check_private_key(ssl->cert->key->x509,
806 ssl->cert->key->privatekey));
807 }
808
809int SSL_accept(SSL *s)
810 {
811 if (s->handshake_func == 0)
812 /* Not properly initialized yet */
813 SSL_set_accept_state(s);
814
815 return(s->method->ssl_accept(s));
816 }
817
818int SSL_connect(SSL *s)
819 {
820 if (s->handshake_func == 0)
821 /* Not properly initialized yet */
822 SSL_set_connect_state(s);
823
824 return(s->method->ssl_connect(s));
825 }
826
827long SSL_get_default_timeout(SSL *s)
828 {
829 return(s->method->get_timeout());
830 }
831
832int SSL_read(SSL *s,void *buf,int num)
833 {
834 if (s->handshake_func == 0)
835 {
836 SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
837 return -1;
838 }
839
840 if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
841 {
842 s->rwstate=SSL_NOTHING;
843 return(0);
844 }
845 return(s->method->ssl_read(s,buf,num));
846 }
847
848int SSL_peek(SSL *s,void *buf,int num)
849 {
850 if (s->handshake_func == 0)
851 {
852 SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
853 return -1;
854 }
855
856 if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
857 {
858 return(0);
859 }
860 return(s->method->ssl_peek(s,buf,num));
861 }
862
863int SSL_write(SSL *s,const void *buf,int num)
864 {
865 if (s->handshake_func == 0)
866 {
867 SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
868 return -1;
869 }
870
871 if (s->shutdown & SSL_SENT_SHUTDOWN)
872 {
873 s->rwstate=SSL_NOTHING;
874 SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
875 return(-1);
876 }
877 return(s->method->ssl_write(s,buf,num));
878 }
879
880int SSL_shutdown(SSL *s)
881 {
882 /* Note that this function behaves differently from what one might
883 * expect. Return values are 0 for no success (yet),
884 * 1 for success; but calling it once is usually not enough,
885 * even if blocking I/O is used (see ssl3_shutdown).
886 */
887
888 if (s->handshake_func == 0)
889 {
890 SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
891 return -1;
892 }
893
894 if ((s != NULL) && !SSL_in_init(s))
895 return(s->method->ssl_shutdown(s));
896 else
897 return(1);
898 }
899
900int SSL_renegotiate(SSL *s)
901 {
902 if (s->new_session == 0)
903 {
904 s->new_session=1;
905 }
906 return(s->method->ssl_renegotiate(s));
907 }
908
909int SSL_renegotiate_pending(SSL *s)
910 {
911 /* becomes true when negotiation is requested;
912 * false again once a handshake has finished */
913 return (s->new_session != 0);
914 }
915
916long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
917 {
918 long l;
919
920 switch (cmd)
921 {
922 case SSL_CTRL_GET_READ_AHEAD:
923 return(s->read_ahead);
924 case SSL_CTRL_SET_READ_AHEAD:
925 l=s->read_ahead;
926 s->read_ahead=larg;
927 return(l);
928
929 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
930 s->msg_callback_arg = parg;
931 return 1;
932
933 case SSL_CTRL_OPTIONS:
934 return(s->options|=larg);
935 case SSL_CTRL_MODE:
936 return(s->mode|=larg);
937 case SSL_CTRL_GET_MAX_CERT_LIST:
938 return(s->max_cert_list);
939 case SSL_CTRL_SET_MAX_CERT_LIST:
940 l=s->max_cert_list;
941 s->max_cert_list=larg;
942 return(l);
943 default:
944 return(s->method->ssl_ctrl(s,cmd,larg,parg));
945 }
946 }
947
948long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
949 {
950 switch(cmd)
951 {
952 case SSL_CTRL_SET_MSG_CALLBACK:
953 s->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
954 return 1;
955
956 default:
957 return(s->method->ssl_callback_ctrl(s,cmd,fp));
958 }
959 }
960
961struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
962 {
963 return ctx->sessions;
964 }
965
966long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
967 {
968 long l;
969
970 switch (cmd)
971 {
972 case SSL_CTRL_GET_READ_AHEAD:
973 return(ctx->read_ahead);
974 case SSL_CTRL_SET_READ_AHEAD:
975 l=ctx->read_ahead;
976 ctx->read_ahead=larg;
977 return(l);
978
979 case SSL_CTRL_SET_MSG_CALLBACK_ARG:
980 ctx->msg_callback_arg = parg;
981 return 1;
982
983 case SSL_CTRL_GET_MAX_CERT_LIST:
984 return(ctx->max_cert_list);
985 case SSL_CTRL_SET_MAX_CERT_LIST:
986 l=ctx->max_cert_list;
987 ctx->max_cert_list=larg;
988 return(l);
989
990 case SSL_CTRL_SET_SESS_CACHE_SIZE:
991 l=ctx->session_cache_size;
992 ctx->session_cache_size=larg;
993 return(l);
994 case SSL_CTRL_GET_SESS_CACHE_SIZE:
995 return(ctx->session_cache_size);
996 case SSL_CTRL_SET_SESS_CACHE_MODE:
997 l=ctx->session_cache_mode;
998 ctx->session_cache_mode=larg;
999 return(l);
1000 case SSL_CTRL_GET_SESS_CACHE_MODE:
1001 return(ctx->session_cache_mode);
1002
1003 case SSL_CTRL_SESS_NUMBER:
1004 return(ctx->sessions->num_items);
1005 case SSL_CTRL_SESS_CONNECT:
1006 return(ctx->stats.sess_connect);
1007 case SSL_CTRL_SESS_CONNECT_GOOD:
1008 return(ctx->stats.sess_connect_good);
1009 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
1010 return(ctx->stats.sess_connect_renegotiate);
1011 case SSL_CTRL_SESS_ACCEPT:
1012 return(ctx->stats.sess_accept);
1013 case SSL_CTRL_SESS_ACCEPT_GOOD:
1014 return(ctx->stats.sess_accept_good);
1015 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
1016 return(ctx->stats.sess_accept_renegotiate);
1017 case SSL_CTRL_SESS_HIT:
1018 return(ctx->stats.sess_hit);
1019 case SSL_CTRL_SESS_CB_HIT:
1020 return(ctx->stats.sess_cb_hit);
1021 case SSL_CTRL_SESS_MISSES:
1022 return(ctx->stats.sess_miss);
1023 case SSL_CTRL_SESS_TIMEOUTS:
1024 return(ctx->stats.sess_timeout);
1025 case SSL_CTRL_SESS_CACHE_FULL:
1026 return(ctx->stats.sess_cache_full);
1027 case SSL_CTRL_OPTIONS:
1028 return(ctx->options|=larg);
1029 case SSL_CTRL_MODE:
1030 return(ctx->mode|=larg);
1031 default:
1032 return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
1033 }
1034 }
1035
1036long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
1037 {
1038 switch(cmd)
1039 {
1040 case SSL_CTRL_SET_MSG_CALLBACK:
1041 ctx->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
1042 return 1;
1043
1044 default:
1045 return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
1046 }
1047 }
1048
1049int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
1050 {
1051 long l;
1052
1053 l=a->id-b->id;
1054 if (l == 0L)
1055 return(0);
1056 else
1057 return((l > 0)?1:-1);
1058 }
1059
1060int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
1061 const SSL_CIPHER * const *bp)
1062 {
1063 long l;
1064
1065 l=(*ap)->id-(*bp)->id;
1066 if (l == 0L)
1067 return(0);
1068 else
1069 return((l > 0)?1:-1);
1070 }
1071
1072/** return a STACK of the ciphers available for the SSL and in order of
1073 * preference */
1074STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s)
1075 {
1076 if (s != NULL)
1077 {
1078 if (s->cipher_list != NULL)
1079 {
1080 return(s->cipher_list);
1081 }
1082 else if ((s->ctx != NULL) &&
1083 (s->ctx->cipher_list != NULL))
1084 {
1085 return(s->ctx->cipher_list);
1086 }
1087 }
1088 return(NULL);
1089 }
1090
1091/** return a STACK of the ciphers available for the SSL and in order of
1092 * algorithm id */
1093STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
1094 {
1095 if (s != NULL)
1096 {
1097 if (s->cipher_list_by_id != NULL)
1098 {
1099 return(s->cipher_list_by_id);
1100 }
1101 else if ((s->ctx != NULL) &&
1102 (s->ctx->cipher_list_by_id != NULL))
1103 {
1104 return(s->ctx->cipher_list_by_id);
1105 }
1106 }
1107 return(NULL);
1108 }
1109
1110/** The old interface to get the same thing as SSL_get_ciphers() */
1111const char *SSL_get_cipher_list(SSL *s,int n)
1112 {
1113 SSL_CIPHER *c;
1114 STACK_OF(SSL_CIPHER) *sk;
1115
1116 if (s == NULL) return(NULL);
1117 sk=SSL_get_ciphers(s);
1118 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
1119 return(NULL);
1120 c=sk_SSL_CIPHER_value(sk,n);
1121 if (c == NULL) return(NULL);
1122 return(c->name);
1123 }
1124
1125/** specify the ciphers to be used by default by the SSL_CTX */
1126int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1127 {
1128 STACK_OF(SSL_CIPHER) *sk;
1129
1130 sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
1131 &ctx->cipher_list_by_id,str);
1132/* XXXX */
1133 return((sk == NULL)?0:1);
1134 }
1135
1136/** specify the ciphers to be used by the SSL */
1137int SSL_set_cipher_list(SSL *s,const char *str)
1138 {
1139 STACK_OF(SSL_CIPHER) *sk;
1140
1141 sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
1142 &s->cipher_list_by_id,str);
1143/* XXXX */
1144 return((sk == NULL)?0:1);
1145 }
1146
1147/* works well for SSLv2, not so good for SSLv3 */
1148char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
1149 {
1150 char *p;
1151 const char *cp;
1152 STACK_OF(SSL_CIPHER) *sk;
1153 SSL_CIPHER *c;
1154 int i;
1155
1156 if ((s->session == NULL) || (s->session->ciphers == NULL) ||
1157 (len < 2))
1158 return(NULL);
1159
1160 p=buf;
1161 sk=s->session->ciphers;
1162 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
1163 {
1164 /* Decrement for either the ':' or a '\0' */
1165 len--;
1166 c=sk_SSL_CIPHER_value(sk,i);
1167 for (cp=c->name; *cp; )
1168 {
1169 if (len-- == 0)
1170 {
1171 *p='\0';
1172 return(buf);
1173 }
1174 else
1175 *(p++)= *(cp++);
1176 }
1177 *(p++)=':';
1178 }
1179 p[-1]='\0';
1180 return(buf);
1181 }
1182
1183int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
1184 {
1185 int i,j=0;
1186 SSL_CIPHER *c;
1187 unsigned char *q;
1188#ifndef OPENSSL_NO_KRB5
1189 int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
1190#endif /* OPENSSL_NO_KRB5 */
1191
1192 if (sk == NULL) return(0);
1193 q=p;
1194
1195 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
1196 {
1197 c=sk_SSL_CIPHER_value(sk,i);
1198#ifndef OPENSSL_NO_KRB5
1199 if ((c->algorithms & SSL_KRB5) && nokrb5)
1200 continue;
1201#endif /* OPENSSL_NO_KRB5 */
1202 j=ssl_put_cipher_by_char(s,c,p);
1203 p+=j;
1204 }
1205 return(p-q);
1206 }
1207
1208STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
1209 STACK_OF(SSL_CIPHER) **skp)
1210 {
1211 SSL_CIPHER *c;
1212 STACK_OF(SSL_CIPHER) *sk;
1213 int i,n;
1214
1215 n=ssl_put_cipher_by_char(s,NULL,NULL);
1216 if ((num%n) != 0)
1217 {
1218 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1219 return(NULL);
1220 }
1221 if ((skp == NULL) || (*skp == NULL))
1222 sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
1223 else
1224 {
1225 sk= *skp;
1226 sk_SSL_CIPHER_zero(sk);
1227 }
1228
1229 for (i=0; i<num; i+=n)
1230 {
1231 c=ssl_get_cipher_by_char(s,p);
1232 p+=n;
1233 if (c != NULL)
1234 {
1235 if (!sk_SSL_CIPHER_push(sk,c))
1236 {
1237 SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
1238 goto err;
1239 }
1240 }
1241 }
1242
1243 if (skp != NULL)
1244 *skp=sk;
1245 return(sk);
1246err:
1247 if ((skp == NULL) || (*skp == NULL))
1248 sk_SSL_CIPHER_free(sk);
1249 return(NULL);
1250 }
1251
1252unsigned long SSL_SESSION_hash(SSL_SESSION *a)
1253 {
1254 unsigned long l;
1255
1256 l=(unsigned long)
1257 ((unsigned int) a->session_id[0] )|
1258 ((unsigned int) a->session_id[1]<< 8L)|
1259 ((unsigned long)a->session_id[2]<<16L)|
1260 ((unsigned long)a->session_id[3]<<24L);
1261 return(l);
1262 }
1263
1264/* NB: If this function (or indeed the hash function which uses a sort of
1265 * coarser function than this one) is changed, ensure
1266 * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
1267 * able to construct an SSL_SESSION that will collide with any existing session
1268 * with a matching session ID. */
1269int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b)
1270 {
1271 if (a->ssl_version != b->ssl_version)
1272 return(1);
1273 if (a->session_id_length != b->session_id_length)
1274 return(1);
1275 return(memcmp(a->session_id,b->session_id,a->session_id_length));
1276 }
1277
1278/* These wrapper functions should remain rather than redeclaring
1279 * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
1280 * variable. The reason is that the functions aren't static, they're exposed via
1281 * ssl.h. */
1282static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *)
1283static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *)
1284
1285SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
1286 {
1287 SSL_CTX *ret=NULL;
1288
1289 if (meth == NULL)
1290 {
1291 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
1292 return(NULL);
1293 }
1294
1295 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
1296 {
1297 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1298 goto err;
1299 }
1300 ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
1301 if (ret == NULL)
1302 goto err;
1303
1304 memset(ret,0,sizeof(SSL_CTX));
1305
1306 ret->method=meth;
1307
1308 ret->cert_store=NULL;
1309 ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
1310 ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
1311 ret->session_cache_head=NULL;
1312 ret->session_cache_tail=NULL;
1313
1314 /* We take the system default */
1315 ret->session_timeout=meth->get_timeout();
1316
1317 ret->new_session_cb=0;
1318 ret->remove_session_cb=0;
1319 ret->get_session_cb=0;
1320 ret->generate_session_id=0;
1321
1322 memset((char *)&ret->stats,0,sizeof(ret->stats));
1323
1324 ret->references=1;
1325 ret->quiet_shutdown=0;
1326
1327/* ret->cipher=NULL;*/
1328/* ret->s2->challenge=NULL;
1329 ret->master_key=NULL;
1330 ret->key_arg=NULL;
1331 ret->s2->conn_id=NULL; */
1332
1333 ret->info_callback=NULL;
1334
1335 ret->app_verify_callback=0;
1336 ret->app_verify_arg=NULL;
1337
1338 ret->max_cert_list=SSL_MAX_CERT_LIST_DEFAULT;
1339 ret->read_ahead=0;
1340 ret->msg_callback=0;
1341 ret->msg_callback_arg=NULL;
1342 ret->verify_mode=SSL_VERIFY_NONE;
1343 ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
1344 ret->sid_ctx_length=0;
1345 ret->default_verify_callback=NULL;
1346 if ((ret->cert=ssl_cert_new()) == NULL)
1347 goto err;
1348
1349 ret->default_passwd_callback=0;
1350 ret->default_passwd_callback_userdata=NULL;
1351 ret->client_cert_cb=0;
1352
1353 ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash),
1354 LHASH_COMP_FN(SSL_SESSION_cmp));
1355 if (ret->sessions == NULL) goto err;
1356 ret->cert_store=X509_STORE_new();
1357 if (ret->cert_store == NULL) goto err;
1358
1359 ssl_create_cipher_list(ret->method,
1360 &ret->cipher_list,&ret->cipher_list_by_id,
1361 SSL_DEFAULT_CIPHER_LIST);
1362 if (ret->cipher_list == NULL
1363 || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
1364 {
1365 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
1366 goto err2;
1367 }
1368
1369 if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
1370 {
1371 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
1372 goto err2;
1373 }
1374 if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
1375 {
1376 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1377 goto err2;
1378 }
1379 if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
1380 {
1381 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1382 goto err2;
1383 }
1384
1385 if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
1386 goto err;
1387
1388 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
1389
1390 ret->extra_certs=NULL;
1391 ret->comp_methods=SSL_COMP_get_compression_methods();
1392
1393 return(ret);
1394err:
1395 SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
1396err2:
1397 if (ret != NULL) SSL_CTX_free(ret);
1398 return(NULL);
1399 }
1400
1401#if 0
1402static void SSL_COMP_free(SSL_COMP *comp)
1403 { OPENSSL_free(comp); }
1404#endif
1405
1406void SSL_CTX_free(SSL_CTX *a)
1407 {
1408 int i;
1409
1410 if (a == NULL) return;
1411
1412 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
1413#ifdef REF_PRINT
1414 REF_PRINT("SSL_CTX",a);
1415#endif
1416 if (i > 0) return;
1417#ifdef REF_CHECK
1418 if (i < 0)
1419 {
1420 fprintf(stderr,"SSL_CTX_free, bad reference count\n");
1421 abort(); /* ok */
1422 }
1423#endif
1424
1425 /*
1426 * Free internal session cache. However: the remove_cb() may reference
1427 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
1428 * after the sessions were flushed.
1429 * As the ex_data handling routines might also touch the session cache,
1430 * the most secure solution seems to be: empty (flush) the cache, then
1431 * free ex_data, then finally free the cache.
1432 * (See ticket [openssl.org #212].)
1433 */
1434 if (a->sessions != NULL)
1435 SSL_CTX_flush_sessions(a,0);
1436
1437 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
1438
1439 if (a->sessions != NULL)
1440 lh_free(a->sessions);
1441
1442 if (a->cert_store != NULL)
1443 X509_STORE_free(a->cert_store);
1444 if (a->cipher_list != NULL)
1445 sk_SSL_CIPHER_free(a->cipher_list);
1446 if (a->cipher_list_by_id != NULL)
1447 sk_SSL_CIPHER_free(a->cipher_list_by_id);
1448 if (a->cert != NULL)
1449 ssl_cert_free(a->cert);
1450 if (a->client_CA != NULL)
1451 sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
1452 if (a->extra_certs != NULL)
1453 sk_X509_pop_free(a->extra_certs,X509_free);
1454#if 0 /* This should never be done, since it removes a global database */
1455 if (a->comp_methods != NULL)
1456 sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
1457#else
1458 a->comp_methods = NULL;
1459#endif
1460 OPENSSL_free(a);
1461 }
1462
1463void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
1464 {
1465 ctx->default_passwd_callback=cb;
1466 }
1467
1468void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
1469 {
1470 ctx->default_passwd_callback_userdata=u;
1471 }
1472
1473void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg)
1474 {
1475 ctx->app_verify_callback=cb;
1476 ctx->app_verify_arg=arg;
1477 }
1478
1479void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
1480 {
1481 ctx->verify_mode=mode;
1482 ctx->default_verify_callback=cb;
1483 }
1484
1485void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
1486 {
1487 ctx->verify_depth=depth;
1488 }
1489
1490void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
1491 {
1492 CERT_PKEY *cpk;
1493 int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
1494 int rsa_enc_export,dh_rsa_export,dh_dsa_export;
1495 int rsa_tmp_export,dh_tmp_export,kl;
1496 unsigned long mask,emask;
1497
1498 if (c == NULL) return;
1499
1500 kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
1501
1502#ifndef OPENSSL_NO_RSA
1503 rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
1504 rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
1505 (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
1506#else
1507 rsa_tmp=rsa_tmp_export=0;
1508#endif
1509#ifndef OPENSSL_NO_DH
1510 dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
1511 dh_tmp_export=(c->dh_tmp_cb != NULL ||
1512 (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
1513#else
1514 dh_tmp=dh_tmp_export=0;
1515#endif
1516
1517 cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
1518 rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
1519 rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1520 cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
1521 rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
1522 cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
1523 dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
1524 cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
1525 dh_rsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
1526 dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1527 cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
1528/* FIX THIS EAY EAY EAY */
1529 dh_dsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
1530 dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
1531
1532 mask=0;
1533 emask=0;
1534
1535#ifdef CIPHER_DEBUG
1536 printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
1537 rsa_tmp,rsa_tmp_export,dh_tmp,
1538 rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
1539#endif
1540
1541 if (rsa_enc || (rsa_tmp && rsa_sign))
1542 mask|=SSL_kRSA;
1543 if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
1544 emask|=SSL_kRSA;
1545
1546#if 0
1547 /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
1548 if ( (dh_tmp || dh_rsa || dh_dsa) &&
1549 (rsa_enc || rsa_sign || dsa_sign))
1550 mask|=SSL_kEDH;
1551 if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
1552 (rsa_enc || rsa_sign || dsa_sign))
1553 emask|=SSL_kEDH;
1554#endif
1555
1556 if (dh_tmp_export)
1557 emask|=SSL_kEDH;
1558
1559 if (dh_tmp)
1560 mask|=SSL_kEDH;
1561
1562 if (dh_rsa) mask|=SSL_kDHr;
1563 if (dh_rsa_export) emask|=SSL_kDHr;
1564
1565 if (dh_dsa) mask|=SSL_kDHd;
1566 if (dh_dsa_export) emask|=SSL_kDHd;
1567
1568 if (rsa_enc || rsa_sign)
1569 {
1570 mask|=SSL_aRSA;
1571 emask|=SSL_aRSA;
1572 }
1573
1574 if (dsa_sign)
1575 {
1576 mask|=SSL_aDSS;
1577 emask|=SSL_aDSS;
1578 }
1579
1580 mask|=SSL_aNULL;
1581 emask|=SSL_aNULL;
1582
1583#ifndef OPENSSL_NO_KRB5
1584 mask|=SSL_kKRB5|SSL_aKRB5;
1585 emask|=SSL_kKRB5|SSL_aKRB5;
1586#endif
1587
1588 c->mask=mask;
1589 c->export_mask=emask;
1590 c->valid=1;
1591 }
1592
1593/* THIS NEEDS CLEANING UP */
1594X509 *ssl_get_server_send_cert(SSL *s)
1595 {
1596 unsigned long alg,mask,kalg;
1597 CERT *c;
1598 int i,is_export;
1599
1600 c=s->cert;
1601 ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
1602 alg=s->s3->tmp.new_cipher->algorithms;
1603 is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
1604 mask=is_export?c->export_mask:c->mask;
1605 kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1606
1607 if (kalg & SSL_kDHr)
1608 i=SSL_PKEY_DH_RSA;
1609 else if (kalg & SSL_kDHd)
1610 i=SSL_PKEY_DH_DSA;
1611 else if (kalg & SSL_aDSS)
1612 i=SSL_PKEY_DSA_SIGN;
1613 else if (kalg & SSL_aRSA)
1614 {
1615 if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
1616 i=SSL_PKEY_RSA_SIGN;
1617 else
1618 i=SSL_PKEY_RSA_ENC;
1619 }
1620 else if (kalg & SSL_aKRB5)
1621 {
1622 /* VRS something else here? */
1623 return(NULL);
1624 }
1625 else /* if (kalg & SSL_aNULL) */
1626 {
1627 SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
1628 return(NULL);
1629 }
1630 if (c->pkeys[i].x509 == NULL) return(NULL);
1631 return(c->pkeys[i].x509);
1632 }
1633
1634EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
1635 {
1636 unsigned long alg;
1637 CERT *c;
1638
1639 alg=cipher->algorithms;
1640 c=s->cert;
1641
1642 if ((alg & SSL_aDSS) &&
1643 (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
1644 return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
1645 else if (alg & SSL_aRSA)
1646 {
1647 if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
1648 return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
1649 else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
1650 return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
1651 else
1652 return(NULL);
1653 }
1654 else /* if (alg & SSL_aNULL) */
1655 {
1656 SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
1657 return(NULL);
1658 }
1659 }
1660
1661void ssl_update_cache(SSL *s,int mode)
1662 {
1663 int i;
1664
1665 /* If the session_id_length is 0, we are not supposed to cache it,
1666 * and it would be rather hard to do anyway :-) */
1667 if (s->session->session_id_length == 0) return;
1668
1669 i=s->ctx->session_cache_mode;
1670 if ((i & mode) && (!s->hit)
1671 && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
1672 || SSL_CTX_add_session(s->ctx,s->session))
1673 && (s->ctx->new_session_cb != NULL))
1674 {
1675 CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
1676 if (!s->ctx->new_session_cb(s,s->session))
1677 SSL_SESSION_free(s->session);
1678 }
1679
1680 /* auto flush every 255 connections */
1681 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
1682 ((i & mode) == mode))
1683 {
1684 if ( (((mode & SSL_SESS_CACHE_CLIENT)
1685 ?s->ctx->stats.sess_connect_good
1686 :s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
1687 {
1688 SSL_CTX_flush_sessions(s->ctx,time(NULL));
1689 }
1690 }
1691 }
1692
1693SSL_METHOD *SSL_get_ssl_method(SSL *s)
1694 {
1695 return(s->method);
1696 }
1697
1698int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
1699 {
1700 int conn= -1;
1701 int ret=1;
1702
1703 if (s->method != meth)
1704 {
1705 if (s->handshake_func != NULL)
1706 conn=(s->handshake_func == s->method->ssl_connect);
1707
1708 if (s->method->version == meth->version)
1709 s->method=meth;
1710 else
1711 {
1712 s->method->ssl_free(s);
1713 s->method=meth;
1714 ret=s->method->ssl_new(s);
1715 }
1716
1717 if (conn == 1)
1718 s->handshake_func=meth->ssl_connect;
1719 else if (conn == 0)
1720 s->handshake_func=meth->ssl_accept;
1721 }
1722 return(ret);
1723 }
1724
1725int SSL_get_error(SSL *s,int i)
1726 {
1727 int reason;
1728 unsigned long l;
1729 BIO *bio;
1730
1731 if (i > 0) return(SSL_ERROR_NONE);
1732
1733 /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
1734 * etc, where we do encode the error */
1735 if ((l=ERR_peek_error()) != 0)
1736 {
1737 if (ERR_GET_LIB(l) == ERR_LIB_SYS)
1738 return(SSL_ERROR_SYSCALL);
1739 else
1740 return(SSL_ERROR_SSL);
1741 }
1742
1743 if ((i < 0) && SSL_want_read(s))
1744 {
1745 bio=SSL_get_rbio(s);
1746 if (BIO_should_read(bio))
1747 return(SSL_ERROR_WANT_READ);
1748 else if (BIO_should_write(bio))
1749 /* This one doesn't make too much sense ... We never try
1750 * to write to the rbio, and an application program where
1751 * rbio and wbio are separate couldn't even know what it
1752 * should wait for.
1753 * However if we ever set s->rwstate incorrectly
1754 * (so that we have SSL_want_read(s) instead of
1755 * SSL_want_write(s)) and rbio and wbio *are* the same,
1756 * this test works around that bug; so it might be safer
1757 * to keep it. */
1758 return(SSL_ERROR_WANT_WRITE);
1759 else if (BIO_should_io_special(bio))
1760 {
1761 reason=BIO_get_retry_reason(bio);
1762 if (reason == BIO_RR_CONNECT)
1763 return(SSL_ERROR_WANT_CONNECT);
1764 else if (reason == BIO_RR_ACCEPT)
1765 return(SSL_ERROR_WANT_ACCEPT);
1766 else
1767 return(SSL_ERROR_SYSCALL); /* unknown */
1768 }
1769 }
1770
1771 if ((i < 0) && SSL_want_write(s))
1772 {
1773 bio=SSL_get_wbio(s);
1774 if (BIO_should_write(bio))
1775 return(SSL_ERROR_WANT_WRITE);
1776 else if (BIO_should_read(bio))
1777 /* See above (SSL_want_read(s) with BIO_should_write(bio)) */
1778 return(SSL_ERROR_WANT_READ);
1779 else if (BIO_should_io_special(bio))
1780 {
1781 reason=BIO_get_retry_reason(bio);
1782 if (reason == BIO_RR_CONNECT)
1783 return(SSL_ERROR_WANT_CONNECT);
1784 else if (reason == BIO_RR_ACCEPT)
1785 return(SSL_ERROR_WANT_ACCEPT);
1786 else
1787 return(SSL_ERROR_SYSCALL);
1788 }
1789 }
1790 if ((i < 0) && SSL_want_x509_lookup(s))
1791 {
1792 return(SSL_ERROR_WANT_X509_LOOKUP);
1793 }
1794
1795 if (i == 0)
1796 {
1797 if (s->version == SSL2_VERSION)
1798 {
1799 /* assume it is the socket being closed */
1800 return(SSL_ERROR_ZERO_RETURN);
1801 }
1802 else
1803 {
1804 if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
1805 (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
1806 return(SSL_ERROR_ZERO_RETURN);
1807 }
1808 }
1809 return(SSL_ERROR_SYSCALL);
1810 }
1811
1812int SSL_do_handshake(SSL *s)
1813 {
1814 int ret=1;
1815
1816 if (s->handshake_func == NULL)
1817 {
1818 SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
1819 return(-1);
1820 }
1821
1822 s->method->ssl_renegotiate_check(s);
1823
1824 if (SSL_in_init(s) || SSL_in_before(s))
1825 {
1826 ret=s->handshake_func(s);
1827 }
1828 return(ret);
1829 }
1830
1831/* For the next 2 functions, SSL_clear() sets shutdown and so
1832 * one of these calls will reset it */
1833void SSL_set_accept_state(SSL *s)
1834 {
1835 s->server=1;
1836 s->shutdown=0;
1837 s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
1838 s->handshake_func=s->method->ssl_accept;
1839 /* clear the current cipher */
1840 ssl_clear_cipher_ctx(s);
1841 }
1842
1843void SSL_set_connect_state(SSL *s)
1844 {
1845 s->server=0;
1846 s->shutdown=0;
1847 s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
1848 s->handshake_func=s->method->ssl_connect;
1849 /* clear the current cipher */
1850 ssl_clear_cipher_ctx(s);
1851 }
1852
1853int ssl_undefined_function(SSL *s)
1854 {
1855 SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1856 return(0);
1857 }
1858
1859SSL_METHOD *ssl_bad_method(int ver)
1860 {
1861 SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1862 return(NULL);
1863 }
1864
1865const char *SSL_get_version(SSL *s)
1866 {
1867 if (s->version == TLS1_VERSION)
1868 return("TLSv1");
1869 else if (s->version == SSL3_VERSION)
1870 return("SSLv3");
1871 else if (s->version == SSL2_VERSION)
1872 return("SSLv2");
1873 else
1874 return("unknown");
1875 }
1876
1877SSL *SSL_dup(SSL *s)
1878 {
1879 STACK_OF(X509_NAME) *sk;
1880 X509_NAME *xn;
1881 SSL *ret;
1882 int i;
1883
1884 if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
1885 return(NULL);
1886
1887 ret->version = s->version;
1888 ret->type = s->type;
1889 ret->method = s->method;
1890
1891 if (s->session != NULL)
1892 {
1893 /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
1894 SSL_copy_session_id(ret,s);
1895 }
1896 else
1897 {
1898 /* No session has been established yet, so we have to expect
1899 * that s->cert or ret->cert will be changed later --
1900 * they should not both point to the same object,
1901 * and thus we can't use SSL_copy_session_id. */
1902
1903 ret->method->ssl_free(ret);
1904 ret->method = s->method;
1905 ret->method->ssl_new(ret);
1906
1907 if (s->cert != NULL)
1908 {
1909 if (ret->cert != NULL)
1910 {
1911 ssl_cert_free(ret->cert);
1912 }
1913 ret->cert = ssl_cert_dup(s->cert);
1914 if (ret->cert == NULL)
1915 goto err;
1916 }
1917
1918 SSL_set_session_id_context(ret,
1919 s->sid_ctx, s->sid_ctx_length);
1920 }
1921
1922 ret->options=s->options;
1923 ret->mode=s->mode;
1924 SSL_set_max_cert_list(ret,SSL_get_max_cert_list(s));
1925 SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
1926 ret->msg_callback = s->msg_callback;
1927 ret->msg_callback_arg = s->msg_callback_arg;
1928 SSL_set_verify(ret,SSL_get_verify_mode(s),
1929 SSL_get_verify_callback(s));
1930 SSL_set_verify_depth(ret,SSL_get_verify_depth(s));
1931 ret->generate_session_id = s->generate_session_id;
1932
1933 SSL_set_info_callback(ret,SSL_get_info_callback(s));
1934
1935 ret->debug=s->debug;
1936
1937 /* copy app data, a little dangerous perhaps */
1938 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
1939 goto err;
1940
1941 /* setup rbio, and wbio */
1942 if (s->rbio != NULL)
1943 {
1944 if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
1945 goto err;
1946 }
1947 if (s->wbio != NULL)
1948 {
1949 if (s->wbio != s->rbio)
1950 {
1951 if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
1952 goto err;
1953 }
1954 else
1955 ret->wbio=ret->rbio;
1956 }
1957 ret->rwstate = s->rwstate;
1958 ret->in_handshake = s->in_handshake;
1959 ret->handshake_func = s->handshake_func;
1960 ret->server = s->server;
1961 ret->new_session = s->new_session;
1962 ret->quiet_shutdown = s->quiet_shutdown;
1963 ret->shutdown=s->shutdown;
1964 ret->state=s->state; /* SSL_dup does not really work at any state, though */
1965 ret->rstate=s->rstate;
1966 ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
1967 ret->hit=s->hit;
1968 ret->purpose=s->purpose;
1969 ret->trust=s->trust;
1970
1971 /* dup the cipher_list and cipher_list_by_id stacks */
1972 if (s->cipher_list != NULL)
1973 {
1974 if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
1975 goto err;
1976 }
1977 if (s->cipher_list_by_id != NULL)
1978 if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
1979 == NULL)
1980 goto err;
1981
1982 /* Dup the client_CA list */
1983 if (s->client_CA != NULL)
1984 {
1985 if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
1986 ret->client_CA=sk;
1987 for (i=0; i<sk_X509_NAME_num(sk); i++)
1988 {
1989 xn=sk_X509_NAME_value(sk,i);
1990 if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
1991 {
1992 X509_NAME_free(xn);
1993 goto err;
1994 }
1995 }
1996 }
1997
1998 if (0)
1999 {
2000err:
2001 if (ret != NULL) SSL_free(ret);
2002 ret=NULL;
2003 }
2004 return(ret);
2005 }
2006
2007void ssl_clear_cipher_ctx(SSL *s)
2008 {
2009 if (s->enc_read_ctx != NULL)
2010 {
2011 EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
2012 OPENSSL_free(s->enc_read_ctx);
2013 s->enc_read_ctx=NULL;
2014 }
2015 if (s->enc_write_ctx != NULL)
2016 {
2017 EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
2018 OPENSSL_free(s->enc_write_ctx);
2019 s->enc_write_ctx=NULL;
2020 }
2021 if (s->expand != NULL)
2022 {
2023 COMP_CTX_free(s->expand);
2024 s->expand=NULL;
2025 }
2026 if (s->compress != NULL)
2027 {
2028 COMP_CTX_free(s->compress);
2029 s->compress=NULL;
2030 }
2031 }
2032
2033/* Fix this function so that it takes an optional type parameter */
2034X509 *SSL_get_certificate(SSL *s)
2035 {
2036 if (s->cert != NULL)
2037 return(s->cert->key->x509);
2038 else
2039 return(NULL);
2040 }
2041
2042/* Fix this function so that it takes an optional type parameter */
2043EVP_PKEY *SSL_get_privatekey(SSL *s)
2044 {
2045 if (s->cert != NULL)
2046 return(s->cert->key->privatekey);
2047 else
2048 return(NULL);
2049 }
2050
2051SSL_CIPHER *SSL_get_current_cipher(SSL *s)
2052 {
2053 if ((s->session != NULL) && (s->session->cipher != NULL))
2054 return(s->session->cipher);
2055 return(NULL);
2056 }
2057
2058int ssl_init_wbio_buffer(SSL *s,int push)
2059 {
2060 BIO *bbio;
2061
2062 if (s->bbio == NULL)
2063 {
2064 bbio=BIO_new(BIO_f_buffer());
2065 if (bbio == NULL) return(0);
2066 s->bbio=bbio;
2067 }
2068 else
2069 {
2070 bbio=s->bbio;
2071 if (s->bbio == s->wbio)
2072 s->wbio=BIO_pop(s->wbio);
2073 }
2074 (void)BIO_reset(bbio);
2075/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2076 if (!BIO_set_read_buffer_size(bbio,1))
2077 {
2078 SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
2079 return(0);
2080 }
2081 if (push)
2082 {
2083 if (s->wbio != bbio)
2084 s->wbio=BIO_push(bbio,s->wbio);
2085 }
2086 else
2087 {
2088 if (s->wbio == bbio)
2089 s->wbio=BIO_pop(bbio);
2090 }
2091 return(1);
2092 }
2093
2094void ssl_free_wbio_buffer(SSL *s)
2095 {
2096 if (s->bbio == NULL) return;
2097
2098 if (s->bbio == s->wbio)
2099 {
2100 /* remove buffering */
2101 s->wbio=BIO_pop(s->wbio);
2102#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
2103 assert(s->wbio != NULL);
2104#endif
2105 }
2106 BIO_free(s->bbio);
2107 s->bbio=NULL;
2108 }
2109
2110void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
2111 {
2112 ctx->quiet_shutdown=mode;
2113 }
2114
2115int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx)
2116 {
2117 return(ctx->quiet_shutdown);
2118 }
2119
2120void SSL_set_quiet_shutdown(SSL *s,int mode)
2121 {
2122 s->quiet_shutdown=mode;
2123 }
2124
2125int SSL_get_quiet_shutdown(SSL *s)
2126 {
2127 return(s->quiet_shutdown);
2128 }
2129
2130void SSL_set_shutdown(SSL *s,int mode)
2131 {
2132 s->shutdown=mode;
2133 }
2134
2135int SSL_get_shutdown(SSL *s)
2136 {
2137 return(s->shutdown);
2138 }
2139
2140int SSL_version(SSL *s)
2141 {
2142 return(s->version);
2143 }
2144
2145SSL_CTX *SSL_get_SSL_CTX(SSL *ssl)
2146 {
2147 return(ssl->ctx);
2148 }
2149
2150#ifndef OPENSSL_NO_STDIO
2151int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
2152 {
2153 return(X509_STORE_set_default_paths(ctx->cert_store));
2154 }
2155
2156int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
2157 const char *CApath)
2158 {
2159 return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
2160 }
2161#endif
2162
2163void SSL_set_info_callback(SSL *ssl,
2164 void (*cb)(const SSL *ssl,int type,int val))
2165 {
2166 ssl->info_callback=cb;
2167 }
2168
2169void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val)
2170 {
2171 return ssl->info_callback;
2172 }
2173
2174int SSL_state(SSL *ssl)
2175 {
2176 return(ssl->state);
2177 }
2178
2179void SSL_set_verify_result(SSL *ssl,long arg)
2180 {
2181 ssl->verify_result=arg;
2182 }
2183
2184long SSL_get_verify_result(SSL *ssl)
2185 {
2186 return(ssl->verify_result);
2187 }
2188
2189int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
2190 CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
2191 {
2192 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
2193 new_func, dup_func, free_func);
2194 }
2195
2196int SSL_set_ex_data(SSL *s,int idx,void *arg)
2197 {
2198 return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
2199 }
2200
2201void *SSL_get_ex_data(SSL *s,int idx)
2202 {
2203 return(CRYPTO_get_ex_data(&s->ex_data,idx));
2204 }
2205
2206int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
2207 CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
2208 {
2209 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
2210 new_func, dup_func, free_func);
2211 }
2212
2213int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
2214 {
2215 return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
2216 }
2217
2218void *SSL_CTX_get_ex_data(SSL_CTX *s,int idx)
2219 {
2220 return(CRYPTO_get_ex_data(&s->ex_data,idx));
2221 }
2222
2223int ssl_ok(SSL *s)
2224 {
2225 return(1);
2226 }
2227
2228X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx)
2229 {
2230 return(ctx->cert_store);
2231 }
2232
2233void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
2234 {
2235 if (ctx->cert_store != NULL)
2236 X509_STORE_free(ctx->cert_store);
2237 ctx->cert_store=store;
2238 }
2239
2240int SSL_want(SSL *s)
2241 {
2242 return(s->rwstate);
2243 }
2244
2245/*!
2246 * \brief Set the callback for generating temporary RSA keys.
2247 * \param ctx the SSL context.
2248 * \param cb the callback
2249 */
2250
2251#ifndef OPENSSL_NO_RSA
2252void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
2253 int is_export,
2254 int keylength))
2255 {
2256 SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
2257 }
2258
2259void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
2260 int is_export,
2261 int keylength))
2262 {
2263 SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
2264 }
2265#endif
2266
2267#ifdef DOXYGEN
2268/*!
2269 * \brief The RSA temporary key callback function.
2270 * \param ssl the SSL session.
2271 * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
2272 * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
2273 * of the required key in bits.
2274 * \return the temporary RSA key.
2275 * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
2276 */
2277
2278RSA *cb(SSL *ssl,int is_export,int keylength)
2279 {}
2280#endif
2281
2282/*!
2283 * \brief Set the callback for generating temporary DH keys.
2284 * \param ctx the SSL context.
2285 * \param dh the callback
2286 */
2287
2288#ifndef OPENSSL_NO_DH
2289void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
2290 int keylength))
2291 {
2292 SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
2293 }
2294
2295void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
2296 int keylength))
2297 {
2298 SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
2299 }
2300#endif
2301
2302
2303void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
2304 {
2305 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
2306 }
2307void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
2308 {
2309 SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
2310 }
2311
2312
2313
2314#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
2315#include "../crypto/bio/bss_file.c"
2316#endif
2317
2318IMPLEMENT_STACK_OF(SSL_CIPHER)
2319IMPLEMENT_STACK_OF(SSL_COMP)
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
deleted file mode 100644
index dd6c7a7323..0000000000
--- a/src/lib/libssl/ssl_locl.h
+++ /dev/null
@@ -1,620 +0,0 @@
1/* ssl/ssl_locl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifndef HEADER_SSL_LOCL_H
113#define HEADER_SSL_LOCL_H
114#include <stdlib.h>
115#include <time.h>
116#include <string.h>
117#include <errno.h>
118
119#include "e_os.h"
120
121#include <openssl/buffer.h>
122#include <openssl/comp.h>
123#include <openssl/bio.h>
124#include <openssl/crypto.h>
125#include <openssl/evp.h>
126#include <openssl/stack.h>
127#include <openssl/x509.h>
128#include <openssl/err.h>
129#include <openssl/ssl.h>
130#include <openssl/symhacks.h>
131
132#ifdef OPENSSL_BUILD_SHLIBSSL
133# undef OPENSSL_EXTERN
134# define OPENSSL_EXTERN OPENSSL_EXPORT
135#endif
136
137#define PKCS1_CHECK
138
139#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
140 l|=(((unsigned long)(*((c)++)))<< 8), \
141 l|=(((unsigned long)(*((c)++)))<<16), \
142 l|=(((unsigned long)(*((c)++)))<<24))
143
144/* NOTE - c is not incremented as per c2l */
145#define c2ln(c,l1,l2,n) { \
146 c+=n; \
147 l1=l2=0; \
148 switch (n) { \
149 case 8: l2 =((unsigned long)(*(--(c))))<<24; \
150 case 7: l2|=((unsigned long)(*(--(c))))<<16; \
151 case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
152 case 5: l2|=((unsigned long)(*(--(c)))); \
153 case 4: l1 =((unsigned long)(*(--(c))))<<24; \
154 case 3: l1|=((unsigned long)(*(--(c))))<<16; \
155 case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
156 case 1: l1|=((unsigned long)(*(--(c)))); \
157 } \
158 }
159
160#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
161 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
162 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
163 *((c)++)=(unsigned char)(((l)>>24)&0xff))
164
165#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
166 l|=((unsigned long)(*((c)++)))<<16, \
167 l|=((unsigned long)(*((c)++)))<< 8, \
168 l|=((unsigned long)(*((c)++))))
169
170#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
171 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
172 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
173 *((c)++)=(unsigned char)(((l) )&0xff))
174
175/* NOTE - c is not incremented as per l2c */
176#define l2cn(l1,l2,c,n) { \
177 c+=n; \
178 switch (n) { \
179 case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
180 case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
181 case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
182 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
183 case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
184 case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
185 case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
186 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
187 } \
188 }
189
190#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \
191 (((unsigned int)(c[1])) )),c+=2)
192#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
193 c[1]=(unsigned char)(((s) )&0xff)),c+=2)
194
195#define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \
196 (((unsigned long)(c[1]))<< 8)| \
197 (((unsigned long)(c[2])) )),c+=3)
198
199#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \
200 c[1]=(unsigned char)(((l)>> 8)&0xff), \
201 c[2]=(unsigned char)(((l) )&0xff)),c+=3)
202
203/* LOCAL STUFF */
204
205#define SSL_DECRYPT 0
206#define SSL_ENCRYPT 1
207
208#define TWO_BYTE_BIT 0x80
209#define SEC_ESC_BIT 0x40
210#define TWO_BYTE_MASK 0x7fff
211#define THREE_BYTE_MASK 0x3fff
212
213#define INC32(a) ((a)=((a)+1)&0xffffffffL)
214#define DEC32(a) ((a)=((a)-1)&0xffffffffL)
215#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */
216
217/*
218 * Define the Bitmasks for SSL_CIPHER.algorithms.
219 * This bits are used packed as dense as possible. If new methods/ciphers
220 * etc will be added, the bits a likely to change, so this information
221 * is for internal library use only, even though SSL_CIPHER.algorithms
222 * can be publicly accessed.
223 * Use the according functions for cipher management instead.
224 *
225 * The bit mask handling in the selection and sorting scheme in
226 * ssl_create_cipher_list() has only limited capabilities, reflecting
227 * that the different entities within are mutually exclusive:
228 * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
229 */
230#define SSL_MKEY_MASK 0x0000003FL
231#define SSL_kRSA 0x00000001L /* RSA key exchange */
232#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
233#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */
234#define SSL_kFZA 0x00000008L
235#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */
236#define SSL_kKRB5 0x00000020L /* Kerberos5 key exchange */
237#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
238
239#define SSL_AUTH_MASK 0x00000FC0L
240#define SSL_aRSA 0x00000040L /* Authenticate with RSA */
241#define SSL_aDSS 0x00000080L /* Authenticate with DSS */
242#define SSL_DSS SSL_aDSS
243#define SSL_aFZA 0x00000100L
244#define SSL_aNULL 0x00000200L /* no Authenticate, ADH */
245#define SSL_aDH 0x00000400L /* no Authenticate, ADH */
246#define SSL_aKRB5 0x00000800L /* Authenticate with KRB5 */
247
248#define SSL_NULL (SSL_eNULL)
249#define SSL_ADH (SSL_kEDH|SSL_aNULL)
250#define SSL_RSA (SSL_kRSA|SSL_aRSA)
251#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
252#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
253#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
254
255#define SSL_ENC_MASK 0x0087F000L
256#define SSL_DES 0x00001000L
257#define SSL_3DES 0x00002000L
258#define SSL_RC4 0x00004000L
259#define SSL_RC2 0x00008000L
260#define SSL_IDEA 0x00010000L
261#define SSL_eFZA 0x00020000L
262#define SSL_eNULL 0x00040000L
263#define SSL_AES 0x00800000L
264
265#define SSL_MAC_MASK 0x00180000L
266#define SSL_MD5 0x00080000L
267#define SSL_SHA1 0x00100000L
268#define SSL_SHA (SSL_SHA1)
269
270#define SSL_SSL_MASK 0x00600000L
271#define SSL_SSLV2 0x00200000L
272#define SSL_SSLV3 0x00400000L
273#define SSL_TLSV1 SSL_SSLV3 /* for now */
274
275/* we have used 007fffff - 9 bits left to go */
276
277/*
278 * Export and cipher strength information. For each cipher we have to decide
279 * whether it is exportable or not. This information is likely to change
280 * over time, since the export control rules are no static technical issue.
281 *
282 * Independent of the export flag the cipher strength is sorted into classes.
283 * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
284 * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
285 * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
286 * since SSL_EXP64 could be similar to SSL_LOW.
287 * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
288 * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
289 * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
290 * be possible.
291 */
292#define SSL_EXP_MASK 0x00000003L
293#define SSL_NOT_EXP 0x00000001L
294#define SSL_EXPORT 0x00000002L
295
296#define SSL_STRONG_MASK 0x000000fcL
297#define SSL_STRONG_NONE 0x00000004L
298#define SSL_EXP40 0x00000008L
299#define SSL_MICRO (SSL_EXP40)
300#define SSL_EXP56 0x00000010L
301#define SSL_MINI (SSL_EXP56)
302#define SSL_LOW 0x00000020L
303#define SSL_MEDIUM 0x00000040L
304#define SSL_HIGH 0x00000080L
305
306/* we have used 000000ff - 24 bits left to go */
307
308/*
309 * Macros to check the export status and cipher strength for export ciphers.
310 * Even though the macros for EXPORT and EXPORT40/56 have similar names,
311 * their meaning is different:
312 * *_EXPORT macros check the 'exportable' status.
313 * *_EXPORT40/56 macros are used to check whether a certain cipher strength
314 * is given.
315 * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
316 * algorithm structure element to be passed (algorithms, algo_strength) and no
317 * typechecking can be done as they are all of type unsigned long, their
318 * direct usage is discouraged.
319 * Use the SSL_C_* macros instead.
320 */
321#define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT)
322#define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56)
323#define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40)
324#define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength)
325#define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength)
326#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
327
328#define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
329 ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
330#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
331#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms, \
332 (c)->algo_strength)
333#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
334
335
336#define SSL_ALL 0xffffffffL
337#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
338 SSL_MAC_MASK)
339#define SSL_ALL_STRENGTHS (SSL_EXP_MASK|SSL_STRONG_MASK)
340
341/* Mostly for SSLv3 */
342#define SSL_PKEY_RSA_ENC 0
343#define SSL_PKEY_RSA_SIGN 1
344#define SSL_PKEY_DSA_SIGN 2
345#define SSL_PKEY_DH_RSA 3
346#define SSL_PKEY_DH_DSA 4
347#define SSL_PKEY_NUM 5
348
349/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
350 * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
351 * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
352 * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
353 * SSL_aRSA <- RSA_ENC | RSA_SIGN
354 * SSL_aDSS <- DSA_SIGN
355 */
356
357/*
358#define CERT_INVALID 0
359#define CERT_PUBLIC_KEY 1
360#define CERT_PRIVATE_KEY 2
361*/
362
363typedef struct cert_pkey_st
364 {
365 X509 *x509;
366 EVP_PKEY *privatekey;
367 } CERT_PKEY;
368
369typedef struct cert_st
370 {
371 /* Current active set */
372 CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
373 * Probably it would make more sense to store
374 * an index, not a pointer. */
375
376 /* The following masks are for the key and auth
377 * algorithms that are supported by the certs below */
378 int valid;
379 unsigned long mask;
380 unsigned long export_mask;
381#ifndef OPENSSL_NO_RSA
382 RSA *rsa_tmp;
383 RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
384#endif
385#ifndef OPENSSL_NO_DH
386 DH *dh_tmp;
387 DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize);
388#endif
389
390 CERT_PKEY pkeys[SSL_PKEY_NUM];
391
392 int references; /* >1 only if SSL_copy_session_id is used */
393 } CERT;
394
395
396typedef struct sess_cert_st
397 {
398 STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
399
400 /* The 'peer_...' members are used only by clients. */
401 int peer_cert_type;
402
403 CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
404 CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
405 /* Obviously we don't have the private keys of these,
406 * so maybe we shouldn't even use the CERT_PKEY type here. */
407
408#ifndef OPENSSL_NO_RSA
409 RSA *peer_rsa_tmp; /* not used for SSL 2 */
410#endif
411#ifndef OPENSSL_NO_DH
412 DH *peer_dh_tmp; /* not used for SSL 2 */
413#endif
414
415 int references; /* actually always 1 at the moment */
416 } SESS_CERT;
417
418
419/*#define MAC_DEBUG */
420
421/*#define ERR_DEBUG */
422/*#define ABORT_DEBUG */
423/*#define PKT_DEBUG 1 */
424/*#define DES_DEBUG */
425/*#define DES_OFB_DEBUG */
426/*#define SSL_DEBUG */
427/*#define RSA_DEBUG */
428/*#define IDEA_DEBUG */
429
430#define FP_ICC (int (*)(const void *,const void *))
431#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
432 ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
433#define ssl_get_cipher_by_char(ssl,ptr) \
434 ((ssl)->method->get_cipher_by_char(ptr))
435
436/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
437 * It is a bit of a mess of functions, but hell, think of it as
438 * an opaque structure :-) */
439typedef struct ssl3_enc_method
440 {
441 int (*enc)(SSL *, int);
442 int (*mac)(SSL *, unsigned char *, int);
443 int (*setup_key_block)(SSL *);
444 int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int);
445 int (*change_cipher_state)(SSL *, int);
446 int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *);
447 int finish_mac_length;
448 int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *);
449 const char *client_finished_label;
450 int client_finished_label_len;
451 const char *server_finished_label;
452 int server_finished_label_len;
453 int (*alert_value)(int);
454 } SSL3_ENC_METHOD;
455
456/* Used for holding the relevant compression methods loaded into SSL_CTX */
457typedef struct ssl3_comp_st
458 {
459 int comp_id; /* The identifier byte for this compression type */
460 char *name; /* Text name used for the compression type */
461 COMP_METHOD *method; /* The method :-) */
462 } SSL3_COMP;
463
464OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method;
465OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
466OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
467
468#ifdef OPENSSL_SYS_VMS
469#undef SSL_COMP_get_compression_methods
470#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
471#endif
472
473
474SSL_METHOD *ssl_bad_method(int ver);
475SSL_METHOD *sslv2_base_method(void);
476SSL_METHOD *sslv23_base_method(void);
477SSL_METHOD *sslv3_base_method(void);
478
479void ssl_clear_cipher_ctx(SSL *s);
480int ssl_clear_bad_session(SSL *s);
481CERT *ssl_cert_new(void);
482CERT *ssl_cert_dup(CERT *cert);
483int ssl_cert_inst(CERT **o);
484void ssl_cert_free(CERT *c);
485SESS_CERT *ssl_sess_cert_new(void);
486void ssl_sess_cert_free(SESS_CERT *sc);
487int ssl_set_peer_cert_type(SESS_CERT *c, int type);
488int ssl_get_new_session(SSL *s, int session);
489int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
490int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b);
491int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
492 const SSL_CIPHER * const *bp);
493STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
494 STACK_OF(SSL_CIPHER) **skp);
495int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
496STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
497 STACK_OF(SSL_CIPHER) **pref,
498 STACK_OF(SSL_CIPHER) **sorted,
499 const char *rule_str);
500void ssl_update_cache(SSL *s, int mode);
501int ssl_cipher_get_evp(SSL_SESSION *s,const EVP_CIPHER **enc,const EVP_MD **md,
502 SSL_COMP **comp);
503int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
504int ssl_undefined_function(SSL *s);
505X509 *ssl_get_server_send_cert(SSL *);
506EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
507int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
508void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher);
509STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
510int ssl_verify_alarm_type(long type);
511
512int ssl2_enc_init(SSL *s, int client);
513int ssl2_generate_key_material(SSL *s);
514void ssl2_enc(SSL *s,int send_data);
515void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
516SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
517int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
518int ssl2_part_read(SSL *s, unsigned long f, int i);
519int ssl2_do_write(SSL *s);
520int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data);
521void ssl2_return_error(SSL *s,int reason);
522void ssl2_write_error(SSL *s);
523int ssl2_num_ciphers(void);
524SSL_CIPHER *ssl2_get_cipher(unsigned int u);
525int ssl2_new(SSL *s);
526void ssl2_free(SSL *s);
527int ssl2_accept(SSL *s);
528int ssl2_connect(SSL *s);
529int ssl2_read(SSL *s, void *buf, int len);
530int ssl2_peek(SSL *s, void *buf, int len);
531int ssl2_write(SSL *s, const void *buf, int len);
532int ssl2_shutdown(SSL *s);
533void ssl2_clear(SSL *s);
534long ssl2_ctrl(SSL *s,int cmd, long larg, void *parg);
535long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
536long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)());
537long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
538int ssl2_pending(SSL *s);
539
540SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
541int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
542void ssl3_init_finished_mac(SSL *s);
543int ssl3_send_server_certificate(SSL *s);
544int ssl3_get_finished(SSL *s,int state_a,int state_b);
545int ssl3_setup_key_block(SSL *s);
546int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
547int ssl3_change_cipher_state(SSL *s,int which);
548void ssl3_cleanup_key_block(SSL *s);
549int ssl3_do_write(SSL *s,int type);
550void ssl3_send_alert(SSL *s,int level, int desc);
551int ssl3_generate_master_secret(SSL *s, unsigned char *out,
552 unsigned char *p, int len);
553int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
554long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
555int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen);
556int ssl3_num_ciphers(void);
557SSL_CIPHER *ssl3_get_cipher(unsigned int u);
558int ssl3_renegotiate(SSL *ssl);
559int ssl3_renegotiate_check(SSL *ssl);
560int ssl3_dispatch_alert(SSL *s);
561int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
562int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
563int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
564 const char *sender, int slen,unsigned char *p);
565int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
566void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
567int ssl3_enc(SSL *s, int send_data);
568int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
569unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
570SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *clnt,
571 STACK_OF(SSL_CIPHER) *srvr);
572int ssl3_setup_buffers(SSL *s);
573int ssl3_new(SSL *s);
574void ssl3_free(SSL *s);
575int ssl3_accept(SSL *s);
576int ssl3_connect(SSL *s);
577int ssl3_read(SSL *s, void *buf, int len);
578int ssl3_peek(SSL *s, void *buf, int len);
579int ssl3_write(SSL *s, const void *buf, int len);
580int ssl3_shutdown(SSL *s);
581void ssl3_clear(SSL *s);
582long ssl3_ctrl(SSL *s,int cmd, long larg, void *parg);
583long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
584long ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)());
585long ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
586int ssl3_pending(SSL *s);
587
588int ssl23_accept(SSL *s);
589int ssl23_connect(SSL *s);
590int ssl23_read_bytes(SSL *s, int n);
591int ssl23_write_bytes(SSL *s);
592
593int tls1_new(SSL *s);
594void tls1_free(SSL *s);
595void tls1_clear(SSL *s);
596long tls1_ctrl(SSL *s,int cmd, long larg, void *parg);
597long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)());
598SSL_METHOD *tlsv1_base_method(void );
599
600int ssl_init_wbio_buffer(SSL *s, int push);
601void ssl_free_wbio_buffer(SSL *s);
602
603int tls1_change_cipher_state(SSL *s, int which);
604int tls1_setup_key_block(SSL *s);
605int tls1_enc(SSL *s, int snd);
606int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
607 const char *str, int slen, unsigned char *p);
608int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
609int tls1_mac(SSL *ssl, unsigned char *md, int snd);
610int tls1_generate_master_secret(SSL *s, unsigned char *out,
611 unsigned char *p, int len);
612int tls1_alert_code(int code);
613int ssl3_alert_code(int code);
614int ssl_ok(SSL *s);
615
616SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
617STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
618
619
620#endif
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
deleted file mode 100644
index 330390519b..0000000000
--- a/src/lib/libssl/ssl_rsa.c
+++ /dev/null
@@ -1,817 +0,0 @@
1/* ssl/ssl_rsa.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "ssl_locl.h"
61#include <openssl/bio.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include <openssl/pem.h>
66
67static int ssl_set_cert(CERT *c, X509 *x509);
68static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
69int SSL_use_certificate(SSL *ssl, X509 *x)
70 {
71 if (x == NULL)
72 {
73 SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
74 return(0);
75 }
76 if (!ssl_cert_inst(&ssl->cert))
77 {
78 SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
79 return(0);
80 }
81 return(ssl_set_cert(ssl->cert,x));
82 }
83
84#ifndef OPENSSL_NO_STDIO
85int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
86 {
87 int j;
88 BIO *in;
89 int ret=0;
90 X509 *x=NULL;
91
92 in=BIO_new(BIO_s_file_internal());
93 if (in == NULL)
94 {
95 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
96 goto end;
97 }
98
99 if (BIO_read_filename(in,file) <= 0)
100 {
101 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
102 goto end;
103 }
104 if (type == SSL_FILETYPE_ASN1)
105 {
106 j=ERR_R_ASN1_LIB;
107 x=d2i_X509_bio(in,NULL);
108 }
109 else if (type == SSL_FILETYPE_PEM)
110 {
111 j=ERR_R_PEM_LIB;
112 x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
113 }
114 else
115 {
116 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
117 goto end;
118 }
119
120 if (x == NULL)
121 {
122 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j);
123 goto end;
124 }
125
126 ret=SSL_use_certificate(ssl,x);
127end:
128 if (x != NULL) X509_free(x);
129 if (in != NULL) BIO_free(in);
130 return(ret);
131 }
132#endif
133
134int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len)
135 {
136 X509 *x;
137 int ret;
138
139 x=d2i_X509(NULL,&d,(long)len);
140 if (x == NULL)
141 {
142 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
143 return(0);
144 }
145
146 ret=SSL_use_certificate(ssl,x);
147 X509_free(x);
148 return(ret);
149 }
150
151#ifndef OPENSSL_NO_RSA
152int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
153 {
154 EVP_PKEY *pkey;
155 int ret;
156
157 if (rsa == NULL)
158 {
159 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
160 return(0);
161 }
162 if (!ssl_cert_inst(&ssl->cert))
163 {
164 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
165 return(0);
166 }
167 if ((pkey=EVP_PKEY_new()) == NULL)
168 {
169 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
170 return(0);
171 }
172
173 RSA_up_ref(rsa);
174 EVP_PKEY_assign_RSA(pkey,rsa);
175
176 ret=ssl_set_pkey(ssl->cert,pkey);
177 EVP_PKEY_free(pkey);
178 return(ret);
179 }
180#endif
181
182static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
183 {
184 int i,ok=0,bad=0;
185
186 i=ssl_cert_type(NULL,pkey);
187 if (i < 0)
188 {
189 SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
190 return(0);
191 }
192
193 if (c->pkeys[i].x509 != NULL)
194 {
195 EVP_PKEY *pktmp;
196 pktmp = X509_get_pubkey(c->pkeys[i].x509);
197 EVP_PKEY_copy_parameters(pktmp,pkey);
198 EVP_PKEY_free(pktmp);
199 ERR_clear_error();
200
201#ifndef OPENSSL_NO_RSA
202 /* Don't check the public/private key, this is mostly
203 * for smart cards. */
204 if ((pkey->type == EVP_PKEY_RSA) &&
205 (RSA_flags(pkey->pkey.rsa) &
206 RSA_METHOD_FLAG_NO_CHECK))
207 ok=1;
208 else
209#endif
210 if (!X509_check_private_key(c->pkeys[i].x509,pkey))
211 {
212 if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
213 {
214 i=(i == SSL_PKEY_DH_RSA)?
215 SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
216
217 if (c->pkeys[i].x509 == NULL)
218 ok=1;
219 else
220 {
221 if (!X509_check_private_key(
222 c->pkeys[i].x509,pkey))
223 bad=1;
224 else
225 ok=1;
226 }
227 }
228 else
229 bad=1;
230 }
231 else
232 ok=1;
233 }
234 else
235 ok=1;
236
237 if (bad)
238 {
239 X509_free(c->pkeys[i].x509);
240 c->pkeys[i].x509=NULL;
241 return(0);
242 }
243
244 ERR_clear_error(); /* make sure no error from X509_check_private_key()
245 * is left if we have chosen to ignore it */
246 if (c->pkeys[i].privatekey != NULL)
247 EVP_PKEY_free(c->pkeys[i].privatekey);
248 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
249 c->pkeys[i].privatekey=pkey;
250 c->key= &(c->pkeys[i]);
251
252 c->valid=0;
253 return(1);
254 }
255
256#ifndef OPENSSL_NO_RSA
257#ifndef OPENSSL_NO_STDIO
258int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
259 {
260 int j,ret=0;
261 BIO *in;
262 RSA *rsa=NULL;
263
264 in=BIO_new(BIO_s_file_internal());
265 if (in == NULL)
266 {
267 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
268 goto end;
269 }
270
271 if (BIO_read_filename(in,file) <= 0)
272 {
273 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
274 goto end;
275 }
276 if (type == SSL_FILETYPE_ASN1)
277 {
278 j=ERR_R_ASN1_LIB;
279 rsa=d2i_RSAPrivateKey_bio(in,NULL);
280 }
281 else if (type == SSL_FILETYPE_PEM)
282 {
283 j=ERR_R_PEM_LIB;
284 rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
285 ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
286 }
287 else
288 {
289 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
290 goto end;
291 }
292 if (rsa == NULL)
293 {
294 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j);
295 goto end;
296 }
297 ret=SSL_use_RSAPrivateKey(ssl,rsa);
298 RSA_free(rsa);
299end:
300 if (in != NULL) BIO_free(in);
301 return(ret);
302 }
303#endif
304
305int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
306 {
307 int ret;
308 const unsigned char *p;
309 RSA *rsa;
310
311 p=d;
312 if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
313 {
314 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
315 return(0);
316 }
317
318 ret=SSL_use_RSAPrivateKey(ssl,rsa);
319 RSA_free(rsa);
320 return(ret);
321 }
322#endif /* !OPENSSL_NO_RSA */
323
324int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
325 {
326 int ret;
327
328 if (pkey == NULL)
329 {
330 SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
331 return(0);
332 }
333 if (!ssl_cert_inst(&ssl->cert))
334 {
335 SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
336 return(0);
337 }
338 ret=ssl_set_pkey(ssl->cert,pkey);
339 return(ret);
340 }
341
342#ifndef OPENSSL_NO_STDIO
343int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
344 {
345 int j,ret=0;
346 BIO *in;
347 EVP_PKEY *pkey=NULL;
348
349 in=BIO_new(BIO_s_file_internal());
350 if (in == NULL)
351 {
352 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
353 goto end;
354 }
355
356 if (BIO_read_filename(in,file) <= 0)
357 {
358 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
359 goto end;
360 }
361 if (type == SSL_FILETYPE_PEM)
362 {
363 j=ERR_R_PEM_LIB;
364 pkey=PEM_read_bio_PrivateKey(in,NULL,
365 ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
366 }
367 else
368 {
369 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
370 goto end;
371 }
372 if (pkey == NULL)
373 {
374 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
375 goto end;
376 }
377 ret=SSL_use_PrivateKey(ssl,pkey);
378 EVP_PKEY_free(pkey);
379end:
380 if (in != NULL) BIO_free(in);
381 return(ret);
382 }
383#endif
384
385int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len)
386 {
387 int ret;
388 unsigned char *p;
389 EVP_PKEY *pkey;
390
391 p=d;
392 if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
393 {
394 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
395 return(0);
396 }
397
398 ret=SSL_use_PrivateKey(ssl,pkey);
399 EVP_PKEY_free(pkey);
400 return(ret);
401 }
402
403int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
404 {
405 if (x == NULL)
406 {
407 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
408 return(0);
409 }
410 if (!ssl_cert_inst(&ctx->cert))
411 {
412 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
413 return(0);
414 }
415 return(ssl_set_cert(ctx->cert, x));
416 }
417
418static int ssl_set_cert(CERT *c, X509 *x)
419 {
420 EVP_PKEY *pkey;
421 int i,ok=0,bad=0;
422
423 pkey=X509_get_pubkey(x);
424 if (pkey == NULL)
425 {
426 SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB);
427 return(0);
428 }
429
430 i=ssl_cert_type(x,pkey);
431 if (i < 0)
432 {
433 SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
434 EVP_PKEY_free(pkey);
435 return(0);
436 }
437
438 if (c->pkeys[i].privatekey != NULL)
439 {
440 EVP_PKEY_copy_parameters(pkey,c->pkeys[i].privatekey);
441 ERR_clear_error();
442
443#ifndef OPENSSL_NO_RSA
444 /* Don't check the public/private key, this is mostly
445 * for smart cards. */
446 if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
447 (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
448 RSA_METHOD_FLAG_NO_CHECK))
449 ok=1;
450 else
451#endif
452 {
453 if (!X509_check_private_key(x,c->pkeys[i].privatekey))
454 {
455 if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
456 {
457 i=(i == SSL_PKEY_DH_RSA)?
458 SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
459
460 if (c->pkeys[i].privatekey == NULL)
461 ok=1;
462 else
463 {
464 if (!X509_check_private_key(x,
465 c->pkeys[i].privatekey))
466 bad=1;
467 else
468 ok=1;
469 }
470 }
471 else
472 bad=1;
473 }
474 else
475 ok=1;
476 } /* OPENSSL_NO_RSA */
477 }
478 else
479 ok=1;
480
481 EVP_PKEY_free(pkey);
482 if (bad)
483 {
484 EVP_PKEY_free(c->pkeys[i].privatekey);
485 c->pkeys[i].privatekey=NULL;
486 }
487
488 if (c->pkeys[i].x509 != NULL)
489 X509_free(c->pkeys[i].x509);
490 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
491 c->pkeys[i].x509=x;
492 c->key= &(c->pkeys[i]);
493
494 c->valid=0;
495 return(1);
496 }
497
498#ifndef OPENSSL_NO_STDIO
499int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
500 {
501 int j;
502 BIO *in;
503 int ret=0;
504 X509 *x=NULL;
505
506 in=BIO_new(BIO_s_file_internal());
507 if (in == NULL)
508 {
509 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
510 goto end;
511 }
512
513 if (BIO_read_filename(in,file) <= 0)
514 {
515 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
516 goto end;
517 }
518 if (type == SSL_FILETYPE_ASN1)
519 {
520 j=ERR_R_ASN1_LIB;
521 x=d2i_X509_bio(in,NULL);
522 }
523 else if (type == SSL_FILETYPE_PEM)
524 {
525 j=ERR_R_PEM_LIB;
526 x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
527 }
528 else
529 {
530 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
531 goto end;
532 }
533
534 if (x == NULL)
535 {
536 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j);
537 goto end;
538 }
539
540 ret=SSL_CTX_use_certificate(ctx,x);
541end:
542 if (x != NULL) X509_free(x);
543 if (in != NULL) BIO_free(in);
544 return(ret);
545 }
546#endif
547
548int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d)
549 {
550 X509 *x;
551 int ret;
552
553 x=d2i_X509(NULL,&d,(long)len);
554 if (x == NULL)
555 {
556 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
557 return(0);
558 }
559
560 ret=SSL_CTX_use_certificate(ctx,x);
561 X509_free(x);
562 return(ret);
563 }
564
565#ifndef OPENSSL_NO_RSA
566int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
567 {
568 int ret;
569 EVP_PKEY *pkey;
570
571 if (rsa == NULL)
572 {
573 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
574 return(0);
575 }
576 if (!ssl_cert_inst(&ctx->cert))
577 {
578 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
579 return(0);
580 }
581 if ((pkey=EVP_PKEY_new()) == NULL)
582 {
583 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
584 return(0);
585 }
586
587 RSA_up_ref(rsa);
588 EVP_PKEY_assign_RSA(pkey,rsa);
589
590 ret=ssl_set_pkey(ctx->cert, pkey);
591 EVP_PKEY_free(pkey);
592 return(ret);
593 }
594
595#ifndef OPENSSL_NO_STDIO
596int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
597 {
598 int j,ret=0;
599 BIO *in;
600 RSA *rsa=NULL;
601
602 in=BIO_new(BIO_s_file_internal());
603 if (in == NULL)
604 {
605 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
606 goto end;
607 }
608
609 if (BIO_read_filename(in,file) <= 0)
610 {
611 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
612 goto end;
613 }
614 if (type == SSL_FILETYPE_ASN1)
615 {
616 j=ERR_R_ASN1_LIB;
617 rsa=d2i_RSAPrivateKey_bio(in,NULL);
618 }
619 else if (type == SSL_FILETYPE_PEM)
620 {
621 j=ERR_R_PEM_LIB;
622 rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
623 ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
624 }
625 else
626 {
627 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
628 goto end;
629 }
630 if (rsa == NULL)
631 {
632 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j);
633 goto end;
634 }
635 ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
636 RSA_free(rsa);
637end:
638 if (in != NULL) BIO_free(in);
639 return(ret);
640 }
641#endif
642
643int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len)
644 {
645 int ret;
646 const unsigned char *p;
647 RSA *rsa;
648
649 p=d;
650 if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
651 {
652 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
653 return(0);
654 }
655
656 ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
657 RSA_free(rsa);
658 return(ret);
659 }
660#endif /* !OPENSSL_NO_RSA */
661
662int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
663 {
664 if (pkey == NULL)
665 {
666 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
667 return(0);
668 }
669 if (!ssl_cert_inst(&ctx->cert))
670 {
671 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
672 return(0);
673 }
674 return(ssl_set_pkey(ctx->cert,pkey));
675 }
676
677#ifndef OPENSSL_NO_STDIO
678int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
679 {
680 int j,ret=0;
681 BIO *in;
682 EVP_PKEY *pkey=NULL;
683
684 in=BIO_new(BIO_s_file_internal());
685 if (in == NULL)
686 {
687 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
688 goto end;
689 }
690
691 if (BIO_read_filename(in,file) <= 0)
692 {
693 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
694 goto end;
695 }
696 if (type == SSL_FILETYPE_PEM)
697 {
698 j=ERR_R_PEM_LIB;
699 pkey=PEM_read_bio_PrivateKey(in,NULL,
700 ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
701 }
702 else
703 {
704 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
705 goto end;
706 }
707 if (pkey == NULL)
708 {
709 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j);
710 goto end;
711 }
712 ret=SSL_CTX_use_PrivateKey(ctx,pkey);
713 EVP_PKEY_free(pkey);
714end:
715 if (in != NULL) BIO_free(in);
716 return(ret);
717 }
718#endif
719
720int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d,
721 long len)
722 {
723 int ret;
724 unsigned char *p;
725 EVP_PKEY *pkey;
726
727 p=d;
728 if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
729 {
730 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
731 return(0);
732 }
733
734 ret=SSL_CTX_use_PrivateKey(ctx,pkey);
735 EVP_PKEY_free(pkey);
736 return(ret);
737 }
738
739
740#ifndef OPENSSL_NO_STDIO
741/* Read a file that contains our certificate in "PEM" format,
742 * possibly followed by a sequence of CA certificates that should be
743 * sent to the peer in the Certificate message.
744 */
745int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
746 {
747 BIO *in;
748 int ret=0;
749 X509 *x=NULL;
750
751 in=BIO_new(BIO_s_file_internal());
752 if (in == NULL)
753 {
754 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB);
755 goto end;
756 }
757
758 if (BIO_read_filename(in,file) <= 0)
759 {
760 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_SYS_LIB);
761 goto end;
762 }
763
764 x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
765 if (x == NULL)
766 {
767 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
768 goto end;
769 }
770
771 ret=SSL_CTX_use_certificate(ctx,x);
772 if (ERR_peek_error() != 0)
773 ret = 0; /* Key/certificate mismatch doesn't imply ret==0 ... */
774 if (ret)
775 {
776 /* If we could set up our certificate, now proceed to
777 * the CA certificates.
778 */
779 X509 *ca;
780 int r;
781 unsigned long err;
782
783 if (ctx->extra_certs != NULL)
784 {
785 sk_X509_pop_free(ctx->extra_certs, X509_free);
786 ctx->extra_certs = NULL;
787 }
788
789 while ((ca = PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata))
790 != NULL)
791 {
792 r = SSL_CTX_add_extra_chain_cert(ctx, ca);
793 if (!r)
794 {
795 X509_free(ca);
796 ret = 0;
797 goto end;
798 }
799 /* Note that we must not free r if it was successfully
800 * added to the chain (while we must free the main
801 * certificate, since its reference count is increased
802 * by SSL_CTX_use_certificate). */
803 }
804 /* When the while loop ends, it's usually just EOF. */
805 err = ERR_peek_last_error();
806 if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
807 (void)ERR_get_error();
808 else
809 ret = 0; /* some real error */
810 }
811
812end:
813 if (x != NULL) X509_free(x);
814 if (in != NULL) BIO_free(in);
815 return(ret);
816 }
817#endif
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
deleted file mode 100644
index 7016c87d3b..0000000000
--- a/src/lib/libssl/ssl_sess.c
+++ /dev/null
@@ -1,754 +0,0 @@
1/* ssl/ssl_sess.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/lhash.h>
61#include <openssl/rand.h>
62#include "ssl_locl.h"
63
64static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
65static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
66static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
67
68SSL_SESSION *SSL_get_session(SSL *ssl)
69/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
70 {
71 return(ssl->session);
72 }
73
74SSL_SESSION *SSL_get1_session(SSL *ssl)
75/* variant of SSL_get_session: caller really gets something */
76 {
77 SSL_SESSION *sess;
78 /* Need to lock this all up rather than just use CRYPTO_add so that
79 * somebody doesn't free ssl->session between when we check it's
80 * non-null and when we up the reference count. */
81 CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
82 sess = ssl->session;
83 if(sess)
84 sess->references++;
85 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
86 return(sess);
87 }
88
89int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
90 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
91 {
92 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
93 new_func, dup_func, free_func);
94 }
95
96int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
97 {
98 return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
99 }
100
101void *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx)
102 {
103 return(CRYPTO_get_ex_data(&s->ex_data,idx));
104 }
105
106SSL_SESSION *SSL_SESSION_new(void)
107 {
108 SSL_SESSION *ss;
109
110 ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
111 if (ss == NULL)
112 {
113 SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
114 return(0);
115 }
116 memset(ss,0,sizeof(SSL_SESSION));
117
118 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
119 ss->references=1;
120 ss->timeout=60*5+4; /* 5 minute timeout by default */
121 ss->time=time(NULL);
122 ss->prev=NULL;
123 ss->next=NULL;
124 ss->compress_meth=0;
125 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
126 return(ss);
127 }
128
129/* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
130 * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly
131 * until we have no conflict is going to complete in one iteration pretty much
132 * "most" of the time (btw: understatement). So, if it takes us 10 iterations
133 * and we still can't avoid a conflict - well that's a reasonable point to call
134 * it quits. Either the RAND code is broken or someone is trying to open roughly
135 * very close to 2^128 (or 2^256) SSL sessions to our server. How you might
136 * store that many sessions is perhaps a more interesting question ... */
137
138#define MAX_SESS_ID_ATTEMPTS 10
139static int def_generate_session_id(const SSL *ssl, unsigned char *id,
140 unsigned int *id_len)
141{
142 unsigned int retry = 0;
143 do
144 RAND_pseudo_bytes(id, *id_len);
145 while(SSL_has_matching_session_id(ssl, id, *id_len) &&
146 (++retry < MAX_SESS_ID_ATTEMPTS));
147 if(retry < MAX_SESS_ID_ATTEMPTS)
148 return 1;
149 /* else - woops a session_id match */
150 /* XXX We should also check the external cache --
151 * but the probability of a collision is negligible, and
152 * we could not prevent the concurrent creation of sessions
153 * with identical IDs since we currently don't have means
154 * to atomically check whether a session ID already exists
155 * and make a reservation for it if it does not
156 * (this problem applies to the internal cache as well).
157 */
158 return 0;
159}
160
161int ssl_get_new_session(SSL *s, int session)
162 {
163 /* This gets used by clients and servers. */
164
165 unsigned int tmp;
166 SSL_SESSION *ss=NULL;
167 GEN_SESSION_CB cb = def_generate_session_id;
168
169 if ((ss=SSL_SESSION_new()) == NULL) return(0);
170
171 /* If the context has a default timeout, use it */
172 if (s->ctx->session_timeout == 0)
173 ss->timeout=SSL_get_default_timeout(s);
174 else
175 ss->timeout=s->ctx->session_timeout;
176
177 if (s->session != NULL)
178 {
179 SSL_SESSION_free(s->session);
180 s->session=NULL;
181 }
182
183 if (session)
184 {
185 if (s->version == SSL2_VERSION)
186 {
187 ss->ssl_version=SSL2_VERSION;
188 ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
189 }
190 else if (s->version == SSL3_VERSION)
191 {
192 ss->ssl_version=SSL3_VERSION;
193 ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
194 }
195 else if (s->version == TLS1_VERSION)
196 {
197 ss->ssl_version=TLS1_VERSION;
198 ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
199 }
200 else
201 {
202 SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
203 SSL_SESSION_free(ss);
204 return(0);
205 }
206 /* Choose which callback will set the session ID */
207 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
208 if(s->generate_session_id)
209 cb = s->generate_session_id;
210 else if(s->ctx->generate_session_id)
211 cb = s->ctx->generate_session_id;
212 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
213 /* Choose a session ID */
214 tmp = ss->session_id_length;
215 if(!cb(s, ss->session_id, &tmp))
216 {
217 /* The callback failed */
218 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
219 SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
220 SSL_SESSION_free(ss);
221 return(0);
222 }
223 /* Don't allow the callback to set the session length to zero.
224 * nor set it higher than it was. */
225 if(!tmp || (tmp > ss->session_id_length))
226 {
227 /* The callback set an illegal length */
228 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
229 SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
230 SSL_SESSION_free(ss);
231 return(0);
232 }
233 /* If the session length was shrunk and we're SSLv2, pad it */
234 if((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
235 memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
236 else
237 ss->session_id_length = tmp;
238 /* Finally, check for a conflict */
239 if(SSL_has_matching_session_id(s, ss->session_id,
240 ss->session_id_length))
241 {
242 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
243 SSL_R_SSL_SESSION_ID_CONFLICT);
244 SSL_SESSION_free(ss);
245 return(0);
246 }
247 }
248 else
249 {
250 ss->session_id_length=0;
251 }
252
253 if (s->sid_ctx_length > sizeof ss->sid_ctx)
254 {
255 SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
256 SSL_SESSION_free(ss);
257 return 0;
258 }
259 memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
260 ss->sid_ctx_length=s->sid_ctx_length;
261 s->session=ss;
262 ss->ssl_version=s->version;
263 ss->verify_result = X509_V_OK;
264
265 return(1);
266 }
267
268int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
269 {
270 /* This is used only by servers. */
271
272 SSL_SESSION *ret=NULL,data;
273 int fatal = 0;
274
275 data.ssl_version=s->version;
276 data.session_id_length=len;
277 if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
278 goto err;
279 memcpy(data.session_id,session_id,len);
280
281 if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
282 {
283 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
284 ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data);
285 if (ret != NULL)
286 /* don't allow other threads to steal it: */
287 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
288 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
289 }
290
291 if (ret == NULL)
292 {
293 int copy=1;
294
295 s->ctx->stats.sess_miss++;
296 ret=NULL;
297 if (s->ctx->get_session_cb != NULL
298 && (ret=s->ctx->get_session_cb(s,session_id,len,&copy))
299 != NULL)
300 {
301 s->ctx->stats.sess_cb_hit++;
302
303 /* Increment reference count now if the session callback
304 * asks us to do so (note that if the session structures
305 * returned by the callback are shared between threads,
306 * it must handle the reference count itself [i.e. copy == 0],
307 * or things won't be thread-safe). */
308 if (copy)
309 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
310
311 /* Add the externally cached session to the internal
312 * cache as well if and only if we are supposed to. */
313 if(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
314 /* The following should not return 1, otherwise,
315 * things are very strange */
316 SSL_CTX_add_session(s->ctx,ret);
317 }
318 if (ret == NULL)
319 goto err;
320 }
321
322 /* Now ret is non-NULL, and we own one of its reference counts. */
323
324 if((s->verify_mode&SSL_VERIFY_PEER)
325 && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
326 || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
327 {
328 /* We've found the session named by the client, but we don't
329 * want to use it in this context. */
330
331 if (s->sid_ctx_length == 0)
332 {
333 /* application should have used SSL[_CTX]_set_session_id_context
334 * -- we could tolerate this and just pretend we never heard
335 * of this session, but then applications could effectively
336 * disable the session cache by accident without anyone noticing */
337
338 SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
339 fatal = 1;
340 goto err;
341 }
342 else
343 {
344#if 0 /* The client cannot always know when a session is not appropriate,
345 * so we shouldn't generate an error message. */
346
347 SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
348#endif
349 goto err; /* treat like cache miss */
350 }
351 }
352
353 if (ret->cipher == NULL)
354 {
355 unsigned char buf[5],*p;
356 unsigned long l;
357
358 p=buf;
359 l=ret->cipher_id;
360 l2n(l,p);
361 if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
362 ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
363 else
364 ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
365 if (ret->cipher == NULL)
366 goto err;
367 }
368
369
370#if 0 /* This is way too late. */
371
372 /* If a thread got the session, then 'swaped', and another got
373 * it and then due to a time-out decided to 'OPENSSL_free' it we could
374 * be in trouble. So I'll increment it now, then double decrement
375 * later - am I speaking rubbish?. */
376 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
377#endif
378
379 if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
380 {
381 s->ctx->stats.sess_timeout++;
382 /* remove it from the cache */
383 SSL_CTX_remove_session(s->ctx,ret);
384 goto err;
385 }
386
387 s->ctx->stats.sess_hit++;
388
389 /* ret->time=time(NULL); */ /* rezero timeout? */
390 /* again, just leave the session
391 * if it is the same session, we have just incremented and
392 * then decremented the reference count :-) */
393 if (s->session != NULL)
394 SSL_SESSION_free(s->session);
395 s->session=ret;
396 s->verify_result = s->session->verify_result;
397 return(1);
398
399 err:
400 if (ret != NULL)
401 SSL_SESSION_free(ret);
402 if (fatal)
403 return -1;
404 else
405 return 0;
406 }
407
408int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
409 {
410 int ret=0;
411 SSL_SESSION *s;
412
413 /* add just 1 reference count for the SSL_CTX's session cache
414 * even though it has two ways of access: each session is in a
415 * doubly linked list and an lhash */
416 CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
417 /* if session c is in already in cache, we take back the increment later */
418
419 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
420 s=(SSL_SESSION *)lh_insert(ctx->sessions,c);
421
422 /* s != NULL iff we already had a session with the given PID.
423 * In this case, s == c should hold (then we did not really modify
424 * ctx->sessions), or we're in trouble. */
425 if (s != NULL && s != c)
426 {
427 /* We *are* in trouble ... */
428 SSL_SESSION_list_remove(ctx,s);
429 SSL_SESSION_free(s);
430 /* ... so pretend the other session did not exist in cache
431 * (we cannot handle two SSL_SESSION structures with identical
432 * session ID in the same cache, which could happen e.g. when
433 * two threads concurrently obtain the same session from an external
434 * cache) */
435 s = NULL;
436 }
437
438 /* Put at the head of the queue unless it is already in the cache */
439 if (s == NULL)
440 SSL_SESSION_list_add(ctx,c);
441
442 if (s != NULL)
443 {
444 /* existing cache entry -- decrement previously incremented reference
445 * count because it already takes into account the cache */
446
447 SSL_SESSION_free(s); /* s == c */
448 ret=0;
449 }
450 else
451 {
452 /* new cache entry -- remove old ones if cache has become too large */
453
454 ret=1;
455
456 if (SSL_CTX_sess_get_cache_size(ctx) > 0)
457 {
458 while (SSL_CTX_sess_number(ctx) >
459 SSL_CTX_sess_get_cache_size(ctx))
460 {
461 if (!remove_session_lock(ctx,
462 ctx->session_cache_tail, 0))
463 break;
464 else
465 ctx->stats.sess_cache_full++;
466 }
467 }
468 }
469 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
470 return(ret);
471 }
472
473int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
474{
475 return remove_session_lock(ctx, c, 1);
476}
477
478static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
479 {
480 SSL_SESSION *r;
481 int ret=0;
482
483 if ((c != NULL) && (c->session_id_length != 0))
484 {
485 if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
486 if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions,c)) == c)
487 {
488 ret=1;
489 r=(SSL_SESSION *)lh_delete(ctx->sessions,c);
490 SSL_SESSION_list_remove(ctx,c);
491 }
492
493 if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
494
495 if (ret)
496 {
497 r->not_resumable=1;
498 if (ctx->remove_session_cb != NULL)
499 ctx->remove_session_cb(ctx,r);
500 SSL_SESSION_free(r);
501 }
502 }
503 else
504 ret=0;
505 return(ret);
506 }
507
508void SSL_SESSION_free(SSL_SESSION *ss)
509 {
510 int i;
511
512 if(ss == NULL)
513 return;
514
515 i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
516#ifdef REF_PRINT
517 REF_PRINT("SSL_SESSION",ss);
518#endif
519 if (i > 0) return;
520#ifdef REF_CHECK
521 if (i < 0)
522 {
523 fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
524 abort(); /* ok */
525 }
526#endif
527
528 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
529
530 OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg);
531 OPENSSL_cleanse(ss->master_key,sizeof ss->master_key);
532 OPENSSL_cleanse(ss->session_id,sizeof ss->session_id);
533 if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
534 if (ss->peer != NULL) X509_free(ss->peer);
535 if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
536 OPENSSL_cleanse(ss,sizeof(*ss));
537 OPENSSL_free(ss);
538 }
539
540int SSL_set_session(SSL *s, SSL_SESSION *session)
541 {
542 int ret=0;
543 SSL_METHOD *meth;
544
545 if (session != NULL)
546 {
547 meth=s->ctx->method->get_ssl_method(session->ssl_version);
548 if (meth == NULL)
549 meth=s->method->get_ssl_method(session->ssl_version);
550 if (meth == NULL)
551 {
552 SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
553 return(0);
554 }
555
556 if (meth != s->method)
557 {
558 if (!SSL_set_ssl_method(s,meth))
559 return(0);
560 if (s->ctx->session_timeout == 0)
561 session->timeout=SSL_get_default_timeout(s);
562 else
563 session->timeout=s->ctx->session_timeout;
564 }
565
566#ifndef OPENSSL_NO_KRB5
567 if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
568 session->krb5_client_princ_len > 0)
569 {
570 s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1);
571 memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ,
572 session->krb5_client_princ_len);
573 s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
574 }
575#endif /* OPENSSL_NO_KRB5 */
576
577 /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
578 CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
579 if (s->session != NULL)
580 SSL_SESSION_free(s->session);
581 s->session=session;
582 s->verify_result = s->session->verify_result;
583 /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
584 ret=1;
585 }
586 else
587 {
588 if (s->session != NULL)
589 {
590 SSL_SESSION_free(s->session);
591 s->session=NULL;
592 }
593
594 meth=s->ctx->method;
595 if (meth != s->method)
596 {
597 if (!SSL_set_ssl_method(s,meth))
598 return(0);
599 }
600 ret=1;
601 }
602 return(ret);
603 }
604
605long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
606 {
607 if (s == NULL) return(0);
608 s->timeout=t;
609 return(1);
610 }
611
612long SSL_SESSION_get_timeout(SSL_SESSION *s)
613 {
614 if (s == NULL) return(0);
615 return(s->timeout);
616 }
617
618long SSL_SESSION_get_time(SSL_SESSION *s)
619 {
620 if (s == NULL) return(0);
621 return(s->time);
622 }
623
624long SSL_SESSION_set_time(SSL_SESSION *s, long t)
625 {
626 if (s == NULL) return(0);
627 s->time=t;
628 return(t);
629 }
630
631long SSL_CTX_set_timeout(SSL_CTX *s, long t)
632 {
633 long l;
634 if (s == NULL) return(0);
635 l=s->session_timeout;
636 s->session_timeout=t;
637 return(l);
638 }
639
640long SSL_CTX_get_timeout(SSL_CTX *s)
641 {
642 if (s == NULL) return(0);
643 return(s->session_timeout);
644 }
645
646typedef struct timeout_param_st
647 {
648 SSL_CTX *ctx;
649 long time;
650 LHASH *cache;
651 } TIMEOUT_PARAM;
652
653static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
654 {
655 if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
656 {
657 /* The reason we don't call SSL_CTX_remove_session() is to
658 * save on locking overhead */
659 lh_delete(p->cache,s);
660 SSL_SESSION_list_remove(p->ctx,s);
661 s->not_resumable=1;
662 if (p->ctx->remove_session_cb != NULL)
663 p->ctx->remove_session_cb(p->ctx,s);
664 SSL_SESSION_free(s);
665 }
666 }
667
668static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION *, TIMEOUT_PARAM *)
669
670void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
671 {
672 unsigned long i;
673 TIMEOUT_PARAM tp;
674
675 tp.ctx=s;
676 tp.cache=s->sessions;
677 if (tp.cache == NULL) return;
678 tp.time=t;
679 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
680 i=tp.cache->down_load;
681 tp.cache->down_load=0;
682 lh_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), &tp);
683 tp.cache->down_load=i;
684 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
685 }
686
687int ssl_clear_bad_session(SSL *s)
688 {
689 if ( (s->session != NULL) &&
690 !(s->shutdown & SSL_SENT_SHUTDOWN) &&
691 !(SSL_in_init(s) || SSL_in_before(s)))
692 {
693 SSL_CTX_remove_session(s->ctx,s->session);
694 return(1);
695 }
696 else
697 return(0);
698 }
699
700/* locked by SSL_CTX in the calling function */
701static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
702 {
703 if ((s->next == NULL) || (s->prev == NULL)) return;
704
705 if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
706 { /* last element in list */
707 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
708 { /* only one element in list */
709 ctx->session_cache_head=NULL;
710 ctx->session_cache_tail=NULL;
711 }
712 else
713 {
714 ctx->session_cache_tail=s->prev;
715 s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
716 }
717 }
718 else
719 {
720 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
721 { /* first element in list */
722 ctx->session_cache_head=s->next;
723 s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
724 }
725 else
726 { /* middle of list */
727 s->next->prev=s->prev;
728 s->prev->next=s->next;
729 }
730 }
731 s->prev=s->next=NULL;
732 }
733
734static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
735 {
736 if ((s->next != NULL) && (s->prev != NULL))
737 SSL_SESSION_list_remove(ctx,s);
738
739 if (ctx->session_cache_head == NULL)
740 {
741 ctx->session_cache_head=s;
742 ctx->session_cache_tail=s;
743 s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
744 s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
745 }
746 else
747 {
748 s->next=ctx->session_cache_head;
749 s->next->prev=s;
750 s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
751 ctx->session_cache_head=s;
752 }
753 }
754
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
deleted file mode 100644
index b16d253081..0000000000
--- a/src/lib/libssl/ssl_stat.c
+++ /dev/null
@@ -1,502 +0,0 @@
1/* ssl/ssl_stat.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "ssl_locl.h"
61
62const char *SSL_state_string_long(const SSL *s)
63 {
64 const char *str;
65
66 switch (s->state)
67 {
68case SSL_ST_BEFORE: str="before SSL initialization"; break;
69case SSL_ST_ACCEPT: str="before accept initialization"; break;
70case SSL_ST_CONNECT: str="before connect initialization"; break;
71case SSL_ST_OK: str="SSL negotiation finished successfully"; break;
72case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break;
73case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break;
74case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break;
75case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break;
76case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break;
77#ifndef OPENSSL_NO_SSL2
78case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break;
79case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break;
80case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break;
81case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break;
82case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break;
83case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break;
84case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break;
85case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break;
86case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break;
87case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break;
88case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break;
89case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break;
90case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break;
91case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break;
92case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break;
93case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break;
94case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break;
95case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break;
96case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break;
97case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break;
98case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break;
99case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break;
100case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break;
101case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break;
102case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break;
103case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break;
104case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break;
105case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break;
106case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break;
107case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break;
108case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break;
109case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break;
110case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break;
111case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break;
112case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break;
113case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break;
114case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break;
115case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break;
116#endif
117
118#ifndef OPENSSL_NO_SSL3
119/* SSLv3 additions */
120case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break;
121case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break;
122case SSL3_ST_CR_SRVR_HELLO_A: str="SSLv3 read server hello A"; break;
123case SSL3_ST_CR_SRVR_HELLO_B: str="SSLv3 read server hello B"; break;
124case SSL3_ST_CR_CERT_A: str="SSLv3 read server certificate A"; break;
125case SSL3_ST_CR_CERT_B: str="SSLv3 read server certificate B"; break;
126case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break;
127case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break;
128case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break;
129case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break;
130case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break;
131case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break;
132case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break;
133case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break;
134case SSL3_ST_CW_CERT_C: str="SSLv3 write client certificate C"; break;
135case SSL3_ST_CW_CERT_D: str="SSLv3 write client certificate D"; break;
136case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break;
137case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break;
138case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break;
139case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify B"; break;
140
141case SSL3_ST_CW_CHANGE_A:
142case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break;
143case SSL3_ST_CW_CHANGE_B:
144case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break;
145case SSL3_ST_CW_FINISHED_A:
146case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break;
147case SSL3_ST_CW_FINISHED_B:
148case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished B"; break;
149case SSL3_ST_CR_CHANGE_A:
150case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break;
151case SSL3_ST_CR_CHANGE_B:
152case SSL3_ST_SR_CHANGE_B: str="SSLv3 read change cipher spec B"; break;
153case SSL3_ST_CR_FINISHED_A:
154case SSL3_ST_SR_FINISHED_A: str="SSLv3 read finished A"; break;
155case SSL3_ST_CR_FINISHED_B:
156case SSL3_ST_SR_FINISHED_B: str="SSLv3 read finished B"; break;
157
158case SSL3_ST_CW_FLUSH:
159case SSL3_ST_SW_FLUSH: str="SSLv3 flush data"; break;
160
161case SSL3_ST_SR_CLNT_HELLO_A: str="SSLv3 read client hello A"; break;
162case SSL3_ST_SR_CLNT_HELLO_B: str="SSLv3 read client hello B"; break;
163case SSL3_ST_SR_CLNT_HELLO_C: str="SSLv3 read client hello C"; break;
164case SSL3_ST_SW_HELLO_REQ_A: str="SSLv3 write hello request A"; break;
165case SSL3_ST_SW_HELLO_REQ_B: str="SSLv3 write hello request B"; break;
166case SSL3_ST_SW_HELLO_REQ_C: str="SSLv3 write hello request C"; break;
167case SSL3_ST_SW_SRVR_HELLO_A: str="SSLv3 write server hello A"; break;
168case SSL3_ST_SW_SRVR_HELLO_B: str="SSLv3 write server hello B"; break;
169case SSL3_ST_SW_CERT_A: str="SSLv3 write certificate A"; break;
170case SSL3_ST_SW_CERT_B: str="SSLv3 write certificate B"; break;
171case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break;
172case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break;
173case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break;
174case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break;
175case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break;
176case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break;
177case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break;
178case SSL3_ST_SR_CERT_B: str="SSLv3 read client certificate B"; break;
179case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break;
180case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break;
181case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
182case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
183#endif
184
185#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
186/* SSLv2/v3 compatibility states */
187/* client */
188case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break;
189case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break;
190case SSL23_ST_CR_SRVR_HELLO_A: str="SSLv2/v3 read server hello A"; break;
191case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break;
192/* server */
193case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break;
194case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break;
195#endif
196
197default: str="unknown state"; break;
198 }
199 return(str);
200 }
201
202const char *SSL_rstate_string_long(const SSL *s)
203 {
204 const char *str;
205
206 switch (s->rstate)
207 {
208 case SSL_ST_READ_HEADER: str="read header"; break;
209 case SSL_ST_READ_BODY: str="read body"; break;
210 case SSL_ST_READ_DONE: str="read done"; break;
211 default: str="unknown"; break;
212 }
213 return(str);
214 }
215
216const char *SSL_state_string(const SSL *s)
217 {
218 const char *str;
219
220 switch (s->state)
221 {
222case SSL_ST_BEFORE: str="PINIT "; break;
223case SSL_ST_ACCEPT: str="AINIT "; break;
224case SSL_ST_CONNECT: str="CINIT "; break;
225case SSL_ST_OK: str="SSLOK "; break;
226#ifndef OPENSSL_NO_SSL2
227case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break;
228case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break;
229case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break;
230case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break;
231case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break;
232case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break;
233case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break;
234case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break;
235case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break;
236case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break;
237case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break;
238case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break;
239case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break;
240case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break;
241case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break;
242case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break;
243case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break;
244case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break;
245case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break;
246case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break;
247case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break;
248case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break;
249case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break;
250case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break;
251case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break;
252case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break;
253case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break;
254case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break;
255case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break;
256case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break;
257case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break;
258case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break;
259case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break;
260case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break;
261case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break;
262case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break;
263case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break;
264case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break;
265#endif
266
267#ifndef OPENSSL_NO_SSL3
268/* SSLv3 additions */
269case SSL3_ST_SW_FLUSH:
270case SSL3_ST_CW_FLUSH: str="3FLUSH"; break;
271case SSL3_ST_CW_CLNT_HELLO_A: str="3WCH_A"; break;
272case SSL3_ST_CW_CLNT_HELLO_B: str="3WCH_B"; break;
273case SSL3_ST_CR_SRVR_HELLO_A: str="3RSH_A"; break;
274case SSL3_ST_CR_SRVR_HELLO_B: str="3RSH_B"; break;
275case SSL3_ST_CR_CERT_A: str="3RSC_A"; break;
276case SSL3_ST_CR_CERT_B: str="3RSC_B"; break;
277case SSL3_ST_CR_KEY_EXCH_A: str="3RSKEA"; break;
278case SSL3_ST_CR_KEY_EXCH_B: str="3RSKEB"; break;
279case SSL3_ST_CR_CERT_REQ_A: str="3RCR_A"; break;
280case SSL3_ST_CR_CERT_REQ_B: str="3RCR_B"; break;
281case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break;
282case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break;
283case SSL3_ST_CW_CERT_A: str="3WCC_A"; break;
284case SSL3_ST_CW_CERT_B: str="3WCC_B"; break;
285case SSL3_ST_CW_CERT_C: str="3WCC_C"; break;
286case SSL3_ST_CW_CERT_D: str="3WCC_D"; break;
287case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break;
288case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break;
289case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break;
290case SSL3_ST_CW_CERT_VRFY_B: str="3WCV_B"; break;
291
292case SSL3_ST_SW_CHANGE_A:
293case SSL3_ST_CW_CHANGE_A: str="3WCCSA"; break;
294case SSL3_ST_SW_CHANGE_B:
295case SSL3_ST_CW_CHANGE_B: str="3WCCSB"; break;
296case SSL3_ST_SW_FINISHED_A:
297case SSL3_ST_CW_FINISHED_A: str="3WFINA"; break;
298case SSL3_ST_SW_FINISHED_B:
299case SSL3_ST_CW_FINISHED_B: str="3WFINB"; break;
300case SSL3_ST_SR_CHANGE_A:
301case SSL3_ST_CR_CHANGE_A: str="3RCCSA"; break;
302case SSL3_ST_SR_CHANGE_B:
303case SSL3_ST_CR_CHANGE_B: str="3RCCSB"; break;
304case SSL3_ST_SR_FINISHED_A:
305case SSL3_ST_CR_FINISHED_A: str="3RFINA"; break;
306case SSL3_ST_SR_FINISHED_B:
307case SSL3_ST_CR_FINISHED_B: str="3RFINB"; break;
308
309case SSL3_ST_SW_HELLO_REQ_A: str="3WHR_A"; break;
310case SSL3_ST_SW_HELLO_REQ_B: str="3WHR_B"; break;
311case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break;
312case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break;
313case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break;
314case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break;
315case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break;
316case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break;
317case SSL3_ST_SW_CERT_A: str="3WSC_A"; break;
318case SSL3_ST_SW_CERT_B: str="3WSC_B"; break;
319case SSL3_ST_SW_KEY_EXCH_A: str="3WSKEA"; break;
320case SSL3_ST_SW_KEY_EXCH_B: str="3WSKEB"; break;
321case SSL3_ST_SW_CERT_REQ_A: str="3WCR_A"; break;
322case SSL3_ST_SW_CERT_REQ_B: str="3WCR_B"; break;
323case SSL3_ST_SW_SRVR_DONE_A: str="3WSD_A"; break;
324case SSL3_ST_SW_SRVR_DONE_B: str="3WSD_B"; break;
325case SSL3_ST_SR_CERT_A: str="3RCC_A"; break;
326case SSL3_ST_SR_CERT_B: str="3RCC_B"; break;
327case SSL3_ST_SR_KEY_EXCH_A: str="3RCKEA"; break;
328case SSL3_ST_SR_KEY_EXCH_B: str="3RCKEB"; break;
329case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break;
330case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break;
331#endif
332
333#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
334/* SSLv2/v3 compatibility states */
335/* client */
336case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break;
337case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break;
338case SSL23_ST_CR_SRVR_HELLO_A: str="23RSHA"; break;
339case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break;
340/* server */
341case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break;
342case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break;
343#endif
344
345default: str="UNKWN "; break;
346 }
347 return(str);
348 }
349
350const char *SSL_alert_type_string_long(int value)
351 {
352 value>>=8;
353 if (value == SSL3_AL_WARNING)
354 return("warning");
355 else if (value == SSL3_AL_FATAL)
356 return("fatal");
357 else
358 return("unknown");
359 }
360
361const char *SSL_alert_type_string(int value)
362 {
363 value>>=8;
364 if (value == SSL3_AL_WARNING)
365 return("W");
366 else if (value == SSL3_AL_FATAL)
367 return("F");
368 else
369 return("U");
370 }
371
372const char *SSL_alert_desc_string(int value)
373 {
374 const char *str;
375
376 switch (value & 0xff)
377 {
378 case SSL3_AD_CLOSE_NOTIFY: str="CN"; break;
379 case SSL3_AD_UNEXPECTED_MESSAGE: str="UM"; break;
380 case SSL3_AD_BAD_RECORD_MAC: str="BM"; break;
381 case SSL3_AD_DECOMPRESSION_FAILURE: str="DF"; break;
382 case SSL3_AD_HANDSHAKE_FAILURE: str="HF"; break;
383 case SSL3_AD_NO_CERTIFICATE: str="NC"; break;
384 case SSL3_AD_BAD_CERTIFICATE: str="BC"; break;
385 case SSL3_AD_UNSUPPORTED_CERTIFICATE: str="UC"; break;
386 case SSL3_AD_CERTIFICATE_REVOKED: str="CR"; break;
387 case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break;
388 case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break;
389 case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break;
390 case TLS1_AD_DECRYPTION_FAILED: str="DC"; break;
391 case TLS1_AD_RECORD_OVERFLOW: str="RO"; break;
392 case TLS1_AD_UNKNOWN_CA: str="CA"; break;
393 case TLS1_AD_ACCESS_DENIED: str="AD"; break;
394 case TLS1_AD_DECODE_ERROR: str="DE"; break;
395 case TLS1_AD_DECRYPT_ERROR: str="CY"; break;
396 case TLS1_AD_EXPORT_RESTRICTION: str="ER"; break;
397 case TLS1_AD_PROTOCOL_VERSION: str="PV"; break;
398 case TLS1_AD_INSUFFICIENT_SECURITY: str="IS"; break;
399 case TLS1_AD_INTERNAL_ERROR: str="IE"; break;
400 case TLS1_AD_USER_CANCELLED: str="US"; break;
401 case TLS1_AD_NO_RENEGOTIATION: str="NR"; break;
402 default: str="UK"; break;
403 }
404 return(str);
405 }
406
407const char *SSL_alert_desc_string_long(int value)
408 {
409 const char *str;
410
411 switch (value & 0xff)
412 {
413 case SSL3_AD_CLOSE_NOTIFY:
414 str="close notify";
415 break;
416 case SSL3_AD_UNEXPECTED_MESSAGE:
417 str="unexpected_message";
418 break;
419 case SSL3_AD_BAD_RECORD_MAC:
420 str="bad record mac";
421 break;
422 case SSL3_AD_DECOMPRESSION_FAILURE:
423 str="decompression failure";
424 break;
425 case SSL3_AD_HANDSHAKE_FAILURE:
426 str="handshake failure";
427 break;
428 case SSL3_AD_NO_CERTIFICATE:
429 str="no certificate";
430 break;
431 case SSL3_AD_BAD_CERTIFICATE:
432 str="bad certificate";
433 break;
434 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
435 str="unsupported certificate";
436 break;
437 case SSL3_AD_CERTIFICATE_REVOKED:
438 str="certificate revoked";
439 break;
440 case SSL3_AD_CERTIFICATE_EXPIRED:
441 str="certificate expired";
442 break;
443 case SSL3_AD_CERTIFICATE_UNKNOWN:
444 str="certificate unknown";
445 break;
446 case SSL3_AD_ILLEGAL_PARAMETER:
447 str="illegal parameter";
448 break;
449 case TLS1_AD_DECRYPTION_FAILED:
450 str="decryption failed";
451 break;
452 case TLS1_AD_RECORD_OVERFLOW:
453 str="record overflow";
454 break;
455 case TLS1_AD_UNKNOWN_CA:
456 str="unknown CA";
457 break;
458 case TLS1_AD_ACCESS_DENIED:
459 str="access denied";
460 break;
461 case TLS1_AD_DECODE_ERROR:
462 str="decode error";
463 break;
464 case TLS1_AD_DECRYPT_ERROR:
465 str="decrypt error";
466 break;
467 case TLS1_AD_EXPORT_RESTRICTION:
468 str="export restriction";
469 break;
470 case TLS1_AD_PROTOCOL_VERSION:
471 str="protocol version";
472 break;
473 case TLS1_AD_INSUFFICIENT_SECURITY:
474 str="insufficient security";
475 break;
476 case TLS1_AD_INTERNAL_ERROR:
477 str="internal error";
478 break;
479 case TLS1_AD_USER_CANCELLED:
480 str="user canceled";
481 break;
482 case TLS1_AD_NO_RENEGOTIATION:
483 str="no renegotiation";
484 break;
485 default: str="unknown"; break;
486 }
487 return(str);
488 }
489
490const char *SSL_rstate_string(const SSL *s)
491 {
492 const char *str;
493
494 switch (s->rstate)
495 {
496 case SSL_ST_READ_HEADER:str="RH"; break;
497 case SSL_ST_READ_BODY: str="RB"; break;
498 case SSL_ST_READ_DONE: str="RD"; break;
499 default: str="unknown"; break;
500 }
501 return(str);
502 }
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
deleted file mode 100644
index 40b76b1b26..0000000000
--- a/src/lib/libssl/ssl_txt.c
+++ /dev/null
@@ -1,186 +0,0 @@
1/* ssl/ssl_txt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/buffer.h>
61#include "ssl_locl.h"
62
63#ifndef OPENSSL_NO_FP_API
64int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x)
65 {
66 BIO *b;
67 int ret;
68
69 if ((b=BIO_new(BIO_s_file_internal())) == NULL)
70 {
71 SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
72 return(0);
73 }
74 BIO_set_fp(b,fp,BIO_NOCLOSE);
75 ret=SSL_SESSION_print(b,x);
76 BIO_free(b);
77 return(ret);
78 }
79#endif
80
81int SSL_SESSION_print(BIO *bp, SSL_SESSION *x)
82 {
83 unsigned int i;
84 char *s;
85
86 if (x == NULL) goto err;
87 if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
88 if (x->ssl_version == SSL2_VERSION)
89 s="SSLv2";
90 else if (x->ssl_version == SSL3_VERSION)
91 s="SSLv3";
92 else if (x->ssl_version == TLS1_VERSION)
93 s="TLSv1";
94 else
95 s="unknown";
96 if (BIO_printf(bp," Protocol : %s\n",s) <= 0) goto err;
97
98 if (x->cipher == NULL)
99 {
100 if (((x->cipher_id) & 0xff000000) == 0x02000000)
101 {
102 if (BIO_printf(bp," Cipher : %06lX\n",x->cipher_id&0xffffff) <= 0)
103 goto err;
104 }
105 else
106 {
107 if (BIO_printf(bp," Cipher : %04lX\n",x->cipher_id&0xffff) <= 0)
108 goto err;
109 }
110 }
111 else
112 {
113 if (BIO_printf(bp," Cipher : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
114 goto err;
115 }
116 if (BIO_puts(bp," Session-ID: ") <= 0) goto err;
117 for (i=0; i<x->session_id_length; i++)
118 {
119 if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
120 }
121 if (BIO_puts(bp,"\n Session-ID-ctx: ") <= 0) goto err;
122 for (i=0; i<x->sid_ctx_length; i++)
123 {
124 if (BIO_printf(bp,"%02X",x->sid_ctx[i]) <= 0)
125 goto err;
126 }
127 if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err;
128 for (i=0; i<(unsigned int)x->master_key_length; i++)
129 {
130 if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
131 }
132 if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err;
133 if (x->key_arg_length == 0)
134 {
135 if (BIO_puts(bp,"None") <= 0) goto err;
136 }
137 else
138 for (i=0; i<x->key_arg_length; i++)
139 {
140 if (BIO_printf(bp,"%02X",x->key_arg[i]) <= 0) goto err;
141 }
142#ifndef OPENSSL_NO_KRB5
143 if (BIO_puts(bp,"\n Krb5 Principal: ") <= 0) goto err;
144 if (x->krb5_client_princ_len == 0)
145 {
146 if (BIO_puts(bp,"None") <= 0) goto err;
147 }
148 else
149 for (i=0; i<x->krb5_client_princ_len; i++)
150 {
151 if (BIO_printf(bp,"%02X",x->krb5_client_princ[i]) <= 0) goto err;
152 }
153#endif /* OPENSSL_NO_KRB5 */
154 if (x->compress_meth != 0)
155 {
156 SSL_COMP *comp;
157
158 ssl_cipher_get_evp(x,NULL,NULL,&comp);
159 if (comp == NULL)
160 {
161 if (BIO_printf(bp,"\n Compression: %d",x->compress_meth) <= 0) goto err;
162 }
163 else
164 {
165 if (BIO_printf(bp,"\n Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
166 }
167 }
168 if (x->time != 0L)
169 {
170 if (BIO_printf(bp, "\n Start Time: %ld",x->time) <= 0) goto err;
171 }
172 if (x->timeout != 0L)
173 {
174 if (BIO_printf(bp, "\n Timeout : %ld (sec)",x->timeout) <= 0) goto err;
175 }
176 if (BIO_puts(bp,"\n") <= 0) goto err;
177
178 if (BIO_puts(bp, " Verify return code: ") <= 0) goto err;
179 if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
180 X509_verify_cert_error_string(x->verify_result)) <= 0) goto err;
181
182 return(1);
183err:
184 return(0);
185 }
186
diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c
deleted file mode 100644
index 57205fb429..0000000000
--- a/src/lib/libssl/t1_clnt.c
+++ /dev/null
@@ -1,97 +0,0 @@
1/* ssl/t1_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "ssl_locl.h"
61#include <openssl/buffer.h>
62#include <openssl/rand.h>
63#include <openssl/objects.h>
64#include <openssl/evp.h>
65
66static SSL_METHOD *tls1_get_client_method(int ver);
67static SSL_METHOD *tls1_get_client_method(int ver)
68 {
69 if (ver == TLS1_VERSION)
70 return(TLSv1_client_method());
71 else
72 return(NULL);
73 }
74
75SSL_METHOD *TLSv1_client_method(void)
76 {
77 static int init=1;
78 static SSL_METHOD TLSv1_client_data;
79
80 if (init)
81 {
82 CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
83
84 if (init)
85 {
86 memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
87 sizeof(SSL_METHOD));
88 TLSv1_client_data.ssl_connect=ssl3_connect;
89 TLSv1_client_data.get_ssl_method=tls1_get_client_method;
90 init=0;
91 }
92
93 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
94 }
95 return(&TLSv1_client_data);
96 }
97
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
deleted file mode 100644
index 271e247eea..0000000000
--- a/src/lib/libssl/t1_enc.c
+++ /dev/null
@@ -1,814 +0,0 @@
1/* ssl/t1_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#include "ssl_locl.h"
114#include <openssl/comp.h>
115#include <openssl/evp.h>
116#include <openssl/hmac.h>
117#include <openssl/md5.h>
118
119static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
120 int sec_len, unsigned char *seed, int seed_len,
121 unsigned char *out, int olen)
122 {
123 int chunk,n;
124 unsigned int j;
125 HMAC_CTX ctx;
126 HMAC_CTX ctx_tmp;
127 unsigned char A1[EVP_MAX_MD_SIZE];
128 unsigned int A1_len;
129
130 chunk=EVP_MD_size(md);
131
132 HMAC_CTX_init(&ctx);
133 HMAC_CTX_init(&ctx_tmp);
134 HMAC_Init_ex(&ctx,sec,sec_len,md, NULL);
135 HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL);
136 HMAC_Update(&ctx,seed,seed_len);
137 HMAC_Final(&ctx,A1,&A1_len);
138
139 n=0;
140 for (;;)
141 {
142 HMAC_Init_ex(&ctx,NULL,0,NULL,NULL); /* re-init */
143 HMAC_Init_ex(&ctx_tmp,NULL,0,NULL,NULL); /* re-init */
144 HMAC_Update(&ctx,A1,A1_len);
145 HMAC_Update(&ctx_tmp,A1,A1_len);
146 HMAC_Update(&ctx,seed,seed_len);
147
148 if (olen > chunk)
149 {
150 HMAC_Final(&ctx,out,&j);
151 out+=j;
152 olen-=j;
153 HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */
154 }
155 else /* last one */
156 {
157 HMAC_Final(&ctx,A1,&A1_len);
158 memcpy(out,A1,olen);
159 break;
160 }
161 }
162 HMAC_CTX_cleanup(&ctx);
163 HMAC_CTX_cleanup(&ctx_tmp);
164 OPENSSL_cleanse(A1,sizeof(A1));
165 }
166
167static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
168 unsigned char *label, int label_len,
169 const unsigned char *sec, int slen, unsigned char *out1,
170 unsigned char *out2, int olen)
171 {
172 int len,i;
173 const unsigned char *S1,*S2;
174
175 len=slen/2;
176 S1=sec;
177 S2= &(sec[len]);
178 len+=(slen&1); /* add for odd, make longer */
179
180
181 tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
182 tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
183
184 for (i=0; i<olen; i++)
185 out1[i]^=out2[i];
186 }
187
188static void tls1_generate_key_block(SSL *s, unsigned char *km,
189 unsigned char *tmp, int num)
190 {
191 unsigned char *p;
192 unsigned char buf[SSL3_RANDOM_SIZE*2+
193 TLS_MD_MAX_CONST_SIZE];
194 p=buf;
195
196 memcpy(p,TLS_MD_KEY_EXPANSION_CONST,
197 TLS_MD_KEY_EXPANSION_CONST_SIZE);
198 p+=TLS_MD_KEY_EXPANSION_CONST_SIZE;
199 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
200 p+=SSL3_RANDOM_SIZE;
201 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
202 p+=SSL3_RANDOM_SIZE;
203
204 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),
205 s->session->master_key,s->session->master_key_length,
206 km,tmp,num);
207#ifdef KSSL_DEBUG
208 printf("tls1_generate_key_block() ==> %d byte master_key =\n\t",
209 s->session->master_key_length);
210 {
211 int i;
212 for (i=0; i < s->session->master_key_length; i++)
213 {
214 printf("%02X", s->session->master_key[i]);
215 }
216 printf("\n"); }
217#endif /* KSSL_DEBUG */
218 }
219
220int tls1_change_cipher_state(SSL *s, int which)
221 {
222 static const unsigned char empty[]="";
223 unsigned char *p,*key_block,*mac_secret;
224 unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
225 SSL3_RANDOM_SIZE*2];
226 unsigned char tmp1[EVP_MAX_KEY_LENGTH];
227 unsigned char tmp2[EVP_MAX_KEY_LENGTH];
228 unsigned char iv1[EVP_MAX_IV_LENGTH*2];
229 unsigned char iv2[EVP_MAX_IV_LENGTH*2];
230 unsigned char *ms,*key,*iv,*er1,*er2;
231 int client_write;
232 EVP_CIPHER_CTX *dd;
233 const EVP_CIPHER *c;
234 const SSL_COMP *comp;
235 const EVP_MD *m;
236 int is_export,n,i,j,k,exp_label_len,cl;
237 int reuse_dd = 0;
238
239 is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
240 c=s->s3->tmp.new_sym_enc;
241 m=s->s3->tmp.new_hash;
242 comp=s->s3->tmp.new_compression;
243 key_block=s->s3->tmp.key_block;
244
245#ifdef KSSL_DEBUG
246 printf("tls1_change_cipher_state(which= %d) w/\n", which);
247 printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
248 comp);
249 printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
250 printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
251 c->nid,c->block_size,c->key_len,c->iv_len);
252 printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
253 {
254 int i;
255 for (i=0; i<s->s3->tmp.key_block_length; i++)
256 printf("%02x", key_block[i]); printf("\n");
257 }
258#endif /* KSSL_DEBUG */
259
260 if (which & SSL3_CC_READ)
261 {
262 if (s->enc_read_ctx != NULL)
263 reuse_dd = 1;
264 else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
265 goto err;
266 dd= s->enc_read_ctx;
267 s->read_hash=m;
268 if (s->expand != NULL)
269 {
270 COMP_CTX_free(s->expand);
271 s->expand=NULL;
272 }
273 if (comp != NULL)
274 {
275 s->expand=COMP_CTX_new(comp->method);
276 if (s->expand == NULL)
277 {
278 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
279 goto err2;
280 }
281 if (s->s3->rrec.comp == NULL)
282 s->s3->rrec.comp=(unsigned char *)
283 OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
284 if (s->s3->rrec.comp == NULL)
285 goto err;
286 }
287 memset(&(s->s3->read_sequence[0]),0,8);
288 mac_secret= &(s->s3->read_mac_secret[0]);
289 }
290 else
291 {
292 if (s->enc_write_ctx != NULL)
293 reuse_dd = 1;
294 else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
295 goto err;
296 if ((s->enc_write_ctx == NULL) &&
297 ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
298 OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
299 goto err;
300 dd= s->enc_write_ctx;
301 s->write_hash=m;
302 if (s->compress != NULL)
303 {
304 COMP_CTX_free(s->compress);
305 s->compress=NULL;
306 }
307 if (comp != NULL)
308 {
309 s->compress=COMP_CTX_new(comp->method);
310 if (s->compress == NULL)
311 {
312 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
313 goto err2;
314 }
315 }
316 memset(&(s->s3->write_sequence[0]),0,8);
317 mac_secret= &(s->s3->write_mac_secret[0]);
318 }
319
320 if (reuse_dd)
321 EVP_CIPHER_CTX_cleanup(dd);
322 EVP_CIPHER_CTX_init(dd);
323
324 p=s->s3->tmp.key_block;
325 i=EVP_MD_size(m);
326 cl=EVP_CIPHER_key_length(c);
327 j=is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
328 cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
329 /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
330 k=EVP_CIPHER_iv_length(c);
331 er1= &(s->s3->client_random[0]);
332 er2= &(s->s3->server_random[0]);
333 if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
334 (which == SSL3_CHANGE_CIPHER_SERVER_READ))
335 {
336 ms= &(p[ 0]); n=i+i;
337 key= &(p[ n]); n+=j+j;
338 iv= &(p[ n]); n+=k+k;
339 exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
340 exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
341 client_write=1;
342 }
343 else
344 {
345 n=i;
346 ms= &(p[ n]); n+=i+j;
347 key= &(p[ n]); n+=j+k;
348 iv= &(p[ n]); n+=k;
349 exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
350 exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
351 client_write=0;
352 }
353
354 if (n > s->s3->tmp.key_block_length)
355 {
356 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_INTERNAL_ERROR);
357 goto err2;
358 }
359
360 memcpy(mac_secret,ms,i);
361#ifdef TLS_DEBUG
362printf("which = %04X\nmac key=",which);
363{ int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
364#endif
365 if (is_export)
366 {
367 /* In here I set both the read and write key/iv to the
368 * same value since only the correct one will be used :-).
369 */
370 p=buf;
371 memcpy(p,exp_label,exp_label_len);
372 p+=exp_label_len;
373 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
374 p+=SSL3_RANDOM_SIZE;
375 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
376 p+=SSL3_RANDOM_SIZE;
377 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j,
378 tmp1,tmp2,EVP_CIPHER_key_length(c));
379 key=tmp1;
380
381 if (k > 0)
382 {
383 p=buf;
384 memcpy(p,TLS_MD_IV_BLOCK_CONST,
385 TLS_MD_IV_BLOCK_CONST_SIZE);
386 p+=TLS_MD_IV_BLOCK_CONST_SIZE;
387 memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
388 p+=SSL3_RANDOM_SIZE;
389 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
390 p+=SSL3_RANDOM_SIZE;
391 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0,
392 iv1,iv2,k*2);
393 if (client_write)
394 iv=iv1;
395 else
396 iv= &(iv1[k]);
397 }
398 }
399
400 s->session->key_arg_length=0;
401#ifdef KSSL_DEBUG
402 {
403 int i;
404 printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
405 printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]);
406 printf("\n");
407 printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]);
408 printf("\n");
409 }
410#endif /* KSSL_DEBUG */
411
412 EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
413#ifdef TLS_DEBUG
414printf("which = %04X\nkey=",which);
415{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
416printf("\niv=");
417{ int z; for (z=0; z<k; z++) printf("%02X%c",iv[z],((z+1)%16)?' ':'\n'); }
418printf("\n");
419#endif
420
421 OPENSSL_cleanse(tmp1,sizeof(tmp1));
422 OPENSSL_cleanse(tmp2,sizeof(tmp1));
423 OPENSSL_cleanse(iv1,sizeof(iv1));
424 OPENSSL_cleanse(iv2,sizeof(iv2));
425 return(1);
426err:
427 SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
428err2:
429 return(0);
430 }
431
432int tls1_setup_key_block(SSL *s)
433 {
434 unsigned char *p1,*p2;
435 const EVP_CIPHER *c;
436 const EVP_MD *hash;
437 int num;
438 SSL_COMP *comp;
439
440#ifdef KSSL_DEBUG
441 printf ("tls1_setup_key_block()\n");
442#endif /* KSSL_DEBUG */
443
444 if (s->s3->tmp.key_block_length != 0)
445 return(1);
446
447 if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
448 {
449 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
450 return(0);
451 }
452
453 s->s3->tmp.new_sym_enc=c;
454 s->s3->tmp.new_hash=hash;
455
456 num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
457 num*=2;
458
459 ssl3_cleanup_key_block(s);
460
461 if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL)
462 goto err;
463 if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL)
464 goto err;
465
466 s->s3->tmp.key_block_length=num;
467 s->s3->tmp.key_block=p1;
468
469
470#ifdef TLS_DEBUG
471printf("client random\n");
472{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
473printf("server random\n");
474{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
475printf("pre-master\n");
476{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
477#endif
478 tls1_generate_key_block(s,p1,p2,num);
479 OPENSSL_cleanse(p2,num);
480 OPENSSL_free(p2);
481#ifdef TLS_DEBUG
482printf("\nkey block\n");
483{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
484#endif
485
486 if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
487 {
488 /* enable vulnerability countermeasure for CBC ciphers with
489 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
490 */
491 s->s3->need_empty_fragments = 1;
492
493 if (s->session->cipher != NULL)
494 {
495 if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
496 s->s3->need_empty_fragments = 0;
497
498#ifndef OPENSSL_NO_RC4
499 if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
500 s->s3->need_empty_fragments = 0;
501#endif
502 }
503 }
504
505 return(1);
506err:
507 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
508 return(0);
509 }
510
511int tls1_enc(SSL *s, int send)
512 {
513 SSL3_RECORD *rec;
514 EVP_CIPHER_CTX *ds;
515 unsigned long l;
516 int bs,i,ii,j,k,n=0;
517 const EVP_CIPHER *enc;
518
519 if (send)
520 {
521 if (s->write_hash != NULL)
522 n=EVP_MD_size(s->write_hash);
523 ds=s->enc_write_ctx;
524 rec= &(s->s3->wrec);
525 if (s->enc_write_ctx == NULL)
526 enc=NULL;
527 else
528 enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
529 }
530 else
531 {
532 if (s->read_hash != NULL)
533 n=EVP_MD_size(s->read_hash);
534 ds=s->enc_read_ctx;
535 rec= &(s->s3->rrec);
536 if (s->enc_read_ctx == NULL)
537 enc=NULL;
538 else
539 enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
540 }
541
542#ifdef KSSL_DEBUG
543 printf("tls1_enc(%d)\n", send);
544#endif /* KSSL_DEBUG */
545
546 if ((s->session == NULL) || (ds == NULL) ||
547 (enc == NULL))
548 {
549 memmove(rec->data,rec->input,rec->length);
550 rec->input=rec->data;
551 }
552 else
553 {
554 l=rec->length;
555 bs=EVP_CIPHER_block_size(ds->cipher);
556
557 if ((bs != 1) && send)
558 {
559 i=bs-((int)l%bs);
560
561 /* Add weird padding of upto 256 bytes */
562
563 /* we need to add 'i' padding bytes of value j */
564 j=i-1;
565 if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)
566 {
567 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
568 j++;
569 }
570 for (k=(int)l; k<(int)(l+i); k++)
571 rec->input[k]=j;
572 l+=i;
573 rec->length+=i;
574 }
575
576#ifdef KSSL_DEBUG
577 {
578 unsigned long ui;
579 printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
580 ds,rec->data,rec->input,l);
581 printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
582 ds->buf_len, ds->cipher->key_len,
583 DES_KEY_SZ, DES_SCHEDULE_SZ,
584 ds->cipher->iv_len);
585 printf("\t\tIV: ");
586 for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
587 printf("\n");
588 printf("\trec->input=");
589 for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]);
590 printf("\n");
591 }
592#endif /* KSSL_DEBUG */
593
594 if (!send)
595 {
596 if (l == 0 || l%bs != 0)
597 {
598 SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
599 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
600 return 0;
601 }
602 }
603
604 EVP_Cipher(ds,rec->data,rec->input,l);
605
606#ifdef KSSL_DEBUG
607 {
608 unsigned long i;
609 printf("\trec->data=");
610 for (i=0; i<l; i++)
611 printf(" %02x", rec->data[i]); printf("\n");
612 }
613#endif /* KSSL_DEBUG */
614
615 if ((bs != 1) && !send)
616 {
617 ii=i=rec->data[l-1]; /* padding_length */
618 i++;
619 if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
620 {
621 /* First packet is even in size, so check */
622 if ((memcmp(s->s3->read_sequence,
623 "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
624 s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
625 if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
626 i--;
627 }
628 /* TLS 1.0 does not bound the number of padding bytes by the block size.
629 * All of them must have value 'padding_length'. */
630 if (i > (int)rec->length)
631 {
632 /* Incorrect padding. SSLerr() and ssl3_alert are done
633 * by caller: we don't want to reveal whether this is
634 * a decryption error or a MAC verification failure
635 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
636 return -1;
637 }
638 for (j=(int)(l-i); j<(int)l; j++)
639 {
640 if (rec->data[j] != ii)
641 {
642 /* Incorrect padding */
643 return -1;
644 }
645 }
646 rec->length-=i;
647 }
648 }
649 return(1);
650 }
651
652int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out)
653 {
654 unsigned int ret;
655 EVP_MD_CTX ctx;
656
657 EVP_MD_CTX_init(&ctx);
658 EVP_MD_CTX_copy_ex(&ctx,in_ctx);
659 EVP_DigestFinal_ex(&ctx,out,&ret);
660 EVP_MD_CTX_cleanup(&ctx);
661 return((int)ret);
662 }
663
664int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
665 const char *str, int slen, unsigned char *out)
666 {
667 unsigned int i;
668 EVP_MD_CTX ctx;
669 unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
670 unsigned char *q,buf2[12];
671
672 q=buf;
673 memcpy(q,str,slen);
674 q+=slen;
675
676 EVP_MD_CTX_init(&ctx);
677 EVP_MD_CTX_copy_ex(&ctx,in1_ctx);
678 EVP_DigestFinal_ex(&ctx,q,&i);
679 q+=i;
680 EVP_MD_CTX_copy_ex(&ctx,in2_ctx);
681 EVP_DigestFinal_ex(&ctx,q,&i);
682 q+=i;
683
684 tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf),
685 s->session->master_key,s->session->master_key_length,
686 out,buf2,sizeof buf2);
687 EVP_MD_CTX_cleanup(&ctx);
688
689 return sizeof buf2;
690 }
691
692int tls1_mac(SSL *ssl, unsigned char *md, int send)
693 {
694 SSL3_RECORD *rec;
695 unsigned char *mac_sec,*seq;
696 const EVP_MD *hash;
697 unsigned int md_size;
698 int i;
699 HMAC_CTX hmac;
700 unsigned char buf[5];
701
702 if (send)
703 {
704 rec= &(ssl->s3->wrec);
705 mac_sec= &(ssl->s3->write_mac_secret[0]);
706 seq= &(ssl->s3->write_sequence[0]);
707 hash=ssl->write_hash;
708 }
709 else
710 {
711 rec= &(ssl->s3->rrec);
712 mac_sec= &(ssl->s3->read_mac_secret[0]);
713 seq= &(ssl->s3->read_sequence[0]);
714 hash=ssl->read_hash;
715 }
716
717 md_size=EVP_MD_size(hash);
718
719 buf[0]=rec->type;
720 buf[1]=TLS1_VERSION_MAJOR;
721 buf[2]=TLS1_VERSION_MINOR;
722 buf[3]=rec->length>>8;
723 buf[4]=rec->length&0xff;
724
725 /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
726 HMAC_CTX_init(&hmac);
727 HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
728 HMAC_Update(&hmac,seq,8);
729 HMAC_Update(&hmac,buf,5);
730 HMAC_Update(&hmac,rec->input,rec->length);
731 HMAC_Final(&hmac,md,&md_size);
732 HMAC_CTX_cleanup(&hmac);
733
734#ifdef TLS_DEBUG
735printf("sec=");
736{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
737printf("seq=");
738{int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); }
739printf("buf=");
740{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
741printf("rec=");
742{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
743#endif
744
745 for (i=7; i>=0; i--)
746 {
747 ++seq[i];
748 if (seq[i] != 0) break;
749 }
750
751#ifdef TLS_DEBUG
752{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); }
753#endif
754 return(md_size);
755 }
756
757int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
758 int len)
759 {
760 unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE];
761 unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
762
763#ifdef KSSL_DEBUG
764 printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len);
765#endif /* KSSL_DEBUG */
766
767 /* Setup the stuff to munge */
768 memcpy(buf,TLS_MD_MASTER_SECRET_CONST,
769 TLS_MD_MASTER_SECRET_CONST_SIZE);
770 memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
771 s->s3->client_random,SSL3_RANDOM_SIZE);
772 memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]),
773 s->s3->server_random,SSL3_RANDOM_SIZE);
774 tls1_PRF(s->ctx->md5,s->ctx->sha1,
775 buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len,
776 s->session->master_key,buff,sizeof buff);
777#ifdef KSSL_DEBUG
778 printf ("tls1_generate_master_secret() complete\n");
779#endif /* KSSL_DEBUG */
780 return(SSL3_MASTER_SECRET_SIZE);
781 }
782
783int tls1_alert_code(int code)
784 {
785 switch (code)
786 {
787 case SSL_AD_CLOSE_NOTIFY: return(SSL3_AD_CLOSE_NOTIFY);
788 case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE);
789 case SSL_AD_BAD_RECORD_MAC: return(SSL3_AD_BAD_RECORD_MAC);
790 case SSL_AD_DECRYPTION_FAILED: return(TLS1_AD_DECRYPTION_FAILED);
791 case SSL_AD_RECORD_OVERFLOW: return(TLS1_AD_RECORD_OVERFLOW);
792 case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
793 case SSL_AD_HANDSHAKE_FAILURE: return(SSL3_AD_HANDSHAKE_FAILURE);
794 case SSL_AD_NO_CERTIFICATE: return(-1);
795 case SSL_AD_BAD_CERTIFICATE: return(SSL3_AD_BAD_CERTIFICATE);
796 case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
797 case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
798 case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
799 case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
800 case SSL_AD_ILLEGAL_PARAMETER: return(SSL3_AD_ILLEGAL_PARAMETER);
801 case SSL_AD_UNKNOWN_CA: return(TLS1_AD_UNKNOWN_CA);
802 case SSL_AD_ACCESS_DENIED: return(TLS1_AD_ACCESS_DENIED);
803 case SSL_AD_DECODE_ERROR: return(TLS1_AD_DECODE_ERROR);
804 case SSL_AD_DECRYPT_ERROR: return(TLS1_AD_DECRYPT_ERROR);
805 case SSL_AD_EXPORT_RESTRICTION: return(TLS1_AD_EXPORT_RESTRICTION);
806 case SSL_AD_PROTOCOL_VERSION: return(TLS1_AD_PROTOCOL_VERSION);
807 case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY);
808 case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR);
809 case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED);
810 case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION);
811 default: return(-1);
812 }
813 }
814
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
deleted file mode 100644
index ca6c03d5af..0000000000
--- a/src/lib/libssl/t1_lib.c
+++ /dev/null
@@ -1,149 +0,0 @@
1/* ssl/t1_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include "ssl_locl.h"
62
63const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT;
64
65static long tls1_default_timeout(void);
66
67static SSL3_ENC_METHOD TLSv1_enc_data={
68 tls1_enc,
69 tls1_mac,
70 tls1_setup_key_block,
71 tls1_generate_master_secret,
72 tls1_change_cipher_state,
73 tls1_final_finish_mac,
74 TLS1_FINISH_MAC_LENGTH,
75 tls1_cert_verify_mac,
76 TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
77 TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
78 tls1_alert_code,
79 };
80
81static SSL_METHOD TLSv1_data= {
82 TLS1_VERSION,
83 tls1_new,
84 tls1_clear,
85 tls1_free,
86 ssl_undefined_function,
87 ssl_undefined_function,
88 ssl3_read,
89 ssl3_peek,
90 ssl3_write,
91 ssl3_shutdown,
92 ssl3_renegotiate,
93 ssl3_renegotiate_check,
94 ssl3_ctrl,
95 ssl3_ctx_ctrl,
96 ssl3_get_cipher_by_char,
97 ssl3_put_cipher_by_char,
98 ssl3_pending,
99 ssl3_num_ciphers,
100 ssl3_get_cipher,
101 ssl_bad_method,
102 tls1_default_timeout,
103 &TLSv1_enc_data,
104 ssl_undefined_function,
105 ssl3_callback_ctrl,
106 ssl3_ctx_callback_ctrl,
107 };
108
109static long tls1_default_timeout(void)
110 {
111 /* 2 hours, the 24 hours mentioned in the TLSv1 spec
112 * is way too long for http, the cache would over fill */
113 return(60*60*2);
114 }
115
116SSL_METHOD *tlsv1_base_method(void)
117 {
118 return(&TLSv1_data);
119 }
120
121int tls1_new(SSL *s)
122 {
123 if (!ssl3_new(s)) return(0);
124 s->method->ssl_clear(s);
125 return(1);
126 }
127
128void tls1_free(SSL *s)
129 {
130 ssl3_free(s);
131 }
132
133void tls1_clear(SSL *s)
134 {
135 ssl3_clear(s);
136 s->version=TLS1_VERSION;
137 }
138
139#if 0
140long tls1_ctrl(SSL *s, int cmd, long larg, char *parg)
141 {
142 return(0);
143 }
144
145long tls1_callback_ctrl(SSL *s, int cmd, void *(*fp)())
146 {
147 return(0);
148 }
149#endif
diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c
deleted file mode 100644
index fcc243f782..0000000000
--- a/src/lib/libssl/t1_meth.c
+++ /dev/null
@@ -1,96 +0,0 @@
1/* ssl/t1_meth.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/objects.h>
61#include "ssl_locl.h"
62
63static SSL_METHOD *tls1_get_method(int ver);
64static SSL_METHOD *tls1_get_method(int ver)
65 {
66 if (ver == TLS1_VERSION)
67 return(TLSv1_method());
68 else
69 return(NULL);
70 }
71
72SSL_METHOD *TLSv1_method(void)
73 {
74 static int init=1;
75 static SSL_METHOD TLSv1_data;
76
77 if (init)
78 {
79 CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
80
81 if (init)
82 {
83 memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
84 sizeof(SSL_METHOD));
85 TLSv1_data.ssl_connect=ssl3_connect;
86 TLSv1_data.ssl_accept=ssl3_accept;
87 TLSv1_data.get_ssl_method=tls1_get_method;
88 init=0;
89 }
90
91 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
92 }
93
94 return(&TLSv1_data);
95 }
96
diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c
deleted file mode 100644
index 1c1149e49f..0000000000
--- a/src/lib/libssl/t1_srvr.c
+++ /dev/null
@@ -1,98 +0,0 @@
1/* ssl/t1_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "ssl_locl.h"
61#include <openssl/buffer.h>
62#include <openssl/rand.h>
63#include <openssl/objects.h>
64#include <openssl/evp.h>
65#include <openssl/x509.h>
66
67static SSL_METHOD *tls1_get_server_method(int ver);
68static SSL_METHOD *tls1_get_server_method(int ver)
69 {
70 if (ver == TLS1_VERSION)
71 return(TLSv1_server_method());
72 else
73 return(NULL);
74 }
75
76SSL_METHOD *TLSv1_server_method(void)
77 {
78 static int init=1;
79 static SSL_METHOD TLSv1_server_data;
80
81 if (init)
82 {
83 CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
84
85 if (init)
86 {
87 memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
88 sizeof(SSL_METHOD));
89 TLSv1_server_data.ssl_accept=ssl3_accept;
90 TLSv1_server_data.get_ssl_method=tls1_get_server_method;
91 init=0;
92 }
93
94 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
95 }
96 return(&TLSv1_server_data);
97 }
98
diff --git a/src/lib/libssl/test/CAss.cnf b/src/lib/libssl/test/CAss.cnf
deleted file mode 100644
index b941b7ae15..0000000000
--- a/src/lib/libssl/test/CAss.cnf
+++ /dev/null
@@ -1,25 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = ./.rnd
7
8####################################################################
9[ req ]
10default_bits = 512
11default_keyfile = keySS.pem
12distinguished_name = req_distinguished_name
13encrypt_rsa_key = no
14default_md = sha1
15
16[ req_distinguished_name ]
17countryName = Country Name (2 letter code)
18countryName_default = AU
19countryName_value = AU
20
21organizationName = Organization Name (eg, company)
22organizationName_value = Dodgy Brothers
23
24commonName = Common Name (eg, YOUR name)
25commonName_value = Dodgy CA
diff --git a/src/lib/libssl/test/CAssdh.cnf b/src/lib/libssl/test/CAssdh.cnf
deleted file mode 100644
index 4e0a908679..0000000000
--- a/src/lib/libssl/test/CAssdh.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# hacked by iang to do DH certs - CA
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_rsa_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = CU
17countryName_value = CU
18
19organizationName = Organization Name (eg, company)
20organizationName_value = La Junta de la Revolucion
21
22commonName = Common Name (eg, YOUR name)
23commonName_value = Junta
24
diff --git a/src/lib/libssl/test/CAssdsa.cnf b/src/lib/libssl/test/CAssdsa.cnf
deleted file mode 100644
index a6b4d1810c..0000000000
--- a/src/lib/libssl/test/CAssdsa.cnf
+++ /dev/null
@@ -1,23 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# hacked by iang to do DSA certs - CA
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_rsa_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Hermanos Locos
21
22commonName = Common Name (eg, YOUR name)
23commonName_value = Hermanos Locos CA
diff --git a/src/lib/libssl/test/CAssrsa.cnf b/src/lib/libssl/test/CAssrsa.cnf
deleted file mode 100644
index eb24a6dfc0..0000000000
--- a/src/lib/libssl/test/CAssrsa.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# create RSA certs - CA
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Hermanos Locos
21
22commonName = Common Name (eg, YOUR name)
23commonName_value = Hermanos Locos CA
24
diff --git a/src/lib/libssl/test/Sssdsa.cnf b/src/lib/libssl/test/Sssdsa.cnf
deleted file mode 100644
index 8e170a28ef..0000000000
--- a/src/lib/libssl/test/Sssdsa.cnf
+++ /dev/null
@@ -1,27 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# hacked by iang to do DSA certs - Server
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_rsa_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Tortilleras S.A.
21
220.commonName = Common Name (eg, YOUR name)
230.commonName_value = Torti
24
251.commonName = Common Name (eg, YOUR name)
261.commonName_value = Gordita
27
diff --git a/src/lib/libssl/test/Sssrsa.cnf b/src/lib/libssl/test/Sssrsa.cnf
deleted file mode 100644
index 8c79a03fca..0000000000
--- a/src/lib/libssl/test/Sssrsa.cnf
+++ /dev/null
@@ -1,26 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5# create RSA certs - Server
6
7RANDFILE = ./.rnd
8
9####################################################################
10[ req ]
11distinguished_name = req_distinguished_name
12encrypt_key = no
13
14[ req_distinguished_name ]
15countryName = Country Name (2 letter code)
16countryName_default = ES
17countryName_value = ES
18
19organizationName = Organization Name (eg, company)
20organizationName_value = Tortilleras S.A.
21
220.commonName = Common Name (eg, YOUR name)
230.commonName_value = Torti
24
251.commonName = Common Name (eg, YOUR name)
261.commonName_value = Gordita
diff --git a/src/lib/libssl/test/Uss.cnf b/src/lib/libssl/test/Uss.cnf
deleted file mode 100644
index c89692d519..0000000000
--- a/src/lib/libssl/test/Uss.cnf
+++ /dev/null
@@ -1,28 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = ./.rnd
7
8####################################################################
9[ req ]
10default_bits = 512
11default_keyfile = keySS.pem
12distinguished_name = req_distinguished_name
13encrypt_rsa_key = no
14default_md = md2
15
16[ req_distinguished_name ]
17countryName = Country Name (2 letter code)
18countryName_default = AU
19countryName_value = AU
20
21organizationName = Organization Name (eg, company)
22organizationName_value = Dodgy Brothers
23
240.commonName = Common Name (eg, YOUR name)
250.commonName_value = Brother 1
26
271.commonName = Common Name (eg, YOUR name)
281.commonName_value = Brother 2
diff --git a/src/lib/libssl/test/VMSca-response.1 b/src/lib/libssl/test/VMSca-response.1
deleted file mode 100644
index 8b13789179..0000000000
--- a/src/lib/libssl/test/VMSca-response.1
+++ /dev/null
@@ -1 +0,0 @@
1
diff --git a/src/lib/libssl/test/VMSca-response.2 b/src/lib/libssl/test/VMSca-response.2
deleted file mode 100644
index 9b48ee4cf9..0000000000
--- a/src/lib/libssl/test/VMSca-response.2
+++ /dev/null
@@ -1,2 +0,0 @@
1y
2y
diff --git a/src/lib/libssl/test/bctest b/src/lib/libssl/test/bctest
deleted file mode 100644
index bdb3218f7a..0000000000
--- a/src/lib/libssl/test/bctest
+++ /dev/null
@@ -1,111 +0,0 @@
1#!/bin/sh
2
3# This script is used by test/Makefile.ssl to check whether a sane 'bc'
4# is installed.
5# ('make test_bn' should not try to run 'bc' if it does not exist or if
6# it is a broken 'bc' version that is known to cause trouble.)
7#
8# If 'bc' works, we also test if it knows the 'print' command.
9#
10# In any case, output an appropriate command line for running (or not
11# running) bc.
12
13
14IFS=:
15try_without_dir=true
16# First we try "bc", then "$dir/bc" for each item in $PATH.
17for dir in dummy:$PATH; do
18 if [ "$try_without_dir" = true ]; then
19 # first iteration
20 bc=bc
21 try_without_dir=false
22 else
23 # second and later iterations
24 bc="$dir/bc"
25 if [ ! -f "$bc" ]; then # '-x' is not available on Ultrix
26 bc=''
27 fi
28 fi
29
30 if [ ! "$bc" = '' ]; then
31 failure=none
32
33
34 # Test for SunOS 5.[78] bc bug
35 "$bc" >tmp.bctest <<\EOF
36obase=16
37ibase=16
38a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
39CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
4010F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
41C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
423BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
434FC3CADF855448B24A9D7640BCF473E
44b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
459209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
468B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
473ED0E2017D60A68775B75481449
48(a/b)*b + (a%b) - a
49EOF
50 if [ 0 != "`cat tmp.bctest`" ]; then
51 failure=SunOStest
52 fi
53
54
55 if [ "$failure" = none ]; then
56 # Test for SCO bc bug.
57 "$bc" >tmp.bctest <<\EOF
58obase=16
59ibase=16
60-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
619DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
6211B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
631239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
64AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
65F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
66B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
6702EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
6885EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
69A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
70E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
718C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
7204E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
7389C8D71
74AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
75928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
768A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
7737F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
78E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
79F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
809E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
81D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
825296964
83EOF
84 if [ "0
850" != "`cat tmp.bctest`" ]; then
86 failure=SCOtest
87 fi
88 fi
89
90
91 if [ "$failure" = none ]; then
92 # bc works; now check if it knows the 'print' command.
93 if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
94 then
95 echo "$bc"
96 else
97 echo "sed 's/print.*//' | $bc"
98 fi
99 exit 0
100 fi
101
102 echo "$bc does not work properly ('$failure' failed). Looking for another bc ..." >&2
103 fi
104done
105
106echo "No working bc found. Consider installing GNU bc." >&2
107if [ "$1" = ignore ]; then
108 echo "cat >/dev/null"
109 exit 0
110fi
111exit 1
diff --git a/src/lib/libssl/test/methtest.c b/src/lib/libssl/test/methtest.c
deleted file mode 100644
index 005c2f4822..0000000000
--- a/src/lib/libssl/test/methtest.c
+++ /dev/null
@@ -1,105 +0,0 @@
1/* test/methtest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/rsa.h>
62#include <openssl/x509.h>
63#include "meth.h"
64#include <openssl/err.h>
65
66int main(argc,argv)
67int argc;
68char *argv[];
69 {
70 METHOD_CTX *top,*tmp1,*tmp2;
71
72 top=METH_new(x509_lookup()); /* get a top level context */
73 if (top == NULL) goto err;
74
75 tmp1=METH_new(x509_by_file());
76 if (top == NULL) goto err;
77 METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
78 METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
79 METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
80
81 tmp2=METH_new(x509_by_dir());
82 METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
83 METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
84 METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
85 METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
86
87/* tmp=METH_new(x509_by_issuer_dir);
88 METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
89 METH_push(top,METH_X509_BY_ISSUER,tmp);
90
91 tmp=METH_new(x509_by_issuer_primary);
92 METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
93 METH_push(top,METH_X509_BY_ISSUER,tmp);
94*/
95
96 METH_init(top);
97 METH_control(tmp1,METH_CONTROL_DUMP,stdout);
98 METH_control(tmp2,METH_CONTROL_DUMP,stdout);
99 EXIT(0);
100err:
101 ERR_load_crypto_strings();
102 ERR_print_errors_fp(stderr);
103 EXIT(1);
104 return(0);
105 }
diff --git a/src/lib/libssl/test/pkcs7-1.pem b/src/lib/libssl/test/pkcs7-1.pem
deleted file mode 100644
index c47b27af88..0000000000
--- a/src/lib/libssl/test/pkcs7-1.pem
+++ /dev/null
@@ -1,15 +0,0 @@
1-----BEGIN PKCS7-----
2MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
3SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
4AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
5eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
6MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
7bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
8ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
9FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
109XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
11BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
12bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
13BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
14j7Kie1x339mxW/w9VZNTUDQQweHh
15-----END PKCS7-----
diff --git a/src/lib/libssl/test/pkcs7.pem b/src/lib/libssl/test/pkcs7.pem
deleted file mode 100644
index d55c60b94e..0000000000
--- a/src/lib/libssl/test/pkcs7.pem
+++ /dev/null
@@ -1,54 +0,0 @@
1 MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
2 AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
3 EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
4 cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
5 ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
6 MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
7 c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
8 bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
9 CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
10 Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
11 CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
12 ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
13 l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
14 HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
15 Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
16 c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
17 YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
18 dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
19 dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
20 LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
21 ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
22 biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
23 IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
24 AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
25 L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
26 HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
27 slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
28 ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
29 /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
30 aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
31 ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
32 OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
33 MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
34 Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
35 qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
36 sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
37 P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
38 A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
39 KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
40 Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
41 Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
42 hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
43 Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
44 dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
45 KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
46 dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
47 I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
48 ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
49 ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
50 ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
51 MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
52 /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
53 DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
54 b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/src/lib/libssl/test/r160test.c b/src/lib/libssl/test/r160test.c
deleted file mode 100644
index a172e393ca..0000000000
--- a/src/lib/libssl/test/r160test.c
+++ /dev/null
@@ -1,57 +0,0 @@
1/* test/r160test.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
diff --git a/src/lib/libssl/test/tcrl b/src/lib/libssl/test/tcrl
deleted file mode 100644
index f71ef7a863..0000000000
--- a/src/lib/libssl/test/tcrl
+++ /dev/null
@@ -1,85 +0,0 @@
1#!/bin/sh
2
3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
8export PATH
9
10cmd='../apps/openssl crl'
11
12if [ "$1"x != "x" ]; then
13 t=$1
14else
15 t=testcrl.pem
16fi
17
18echo testing crl conversions
19cp $t fff.p
20
21echo "p -> d"
22$cmd -in fff.p -inform p -outform d >f.d
23if [ $? != 0 ]; then exit 1; fi
24#echo "p -> t"
25#$cmd -in fff.p -inform p -outform t >f.t
26#if [ $? != 0 ]; then exit 1; fi
27echo "p -> p"
28$cmd -in fff.p -inform p -outform p >f.p
29if [ $? != 0 ]; then exit 1; fi
30
31echo "d -> d"
32$cmd -in f.d -inform d -outform d >ff.d1
33if [ $? != 0 ]; then exit 1; fi
34#echo "t -> d"
35#$cmd -in f.t -inform t -outform d >ff.d2
36#if [ $? != 0 ]; then exit 1; fi
37echo "p -> d"
38$cmd -in f.p -inform p -outform d >ff.d3
39if [ $? != 0 ]; then exit 1; fi
40
41#echo "d -> t"
42#$cmd -in f.d -inform d -outform t >ff.t1
43#if [ $? != 0 ]; then exit 1; fi
44#echo "t -> t"
45#$cmd -in f.t -inform t -outform t >ff.t2
46#if [ $? != 0 ]; then exit 1; fi
47#echo "p -> t"
48#$cmd -in f.p -inform p -outform t >ff.t3
49#if [ $? != 0 ]; then exit 1; fi
50
51echo "d -> p"
52$cmd -in f.d -inform d -outform p >ff.p1
53if [ $? != 0 ]; then exit 1; fi
54#echo "t -> p"
55#$cmd -in f.t -inform t -outform p >ff.p2
56#if [ $? != 0 ]; then exit 1; fi
57echo "p -> p"
58$cmd -in f.p -inform p -outform p >ff.p3
59if [ $? != 0 ]; then exit 1; fi
60
61cmp fff.p f.p
62if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p1
64if [ $? != 0 ]; then exit 1; fi
65#cmp fff.p ff.p2
66#if [ $? != 0 ]; then exit 1; fi
67cmp fff.p ff.p3
68if [ $? != 0 ]; then exit 1; fi
69
70#cmp f.t ff.t1
71#if [ $? != 0 ]; then exit 1; fi
72#cmp f.t ff.t2
73#if [ $? != 0 ]; then exit 1; fi
74#cmp f.t ff.t3
75#if [ $? != 0 ]; then exit 1; fi
76
77cmp f.p ff.p1
78if [ $? != 0 ]; then exit 1; fi
79#cmp f.p ff.p2
80#if [ $? != 0 ]; then exit 1; fi
81cmp f.p ff.p3
82if [ $? != 0 ]; then exit 1; fi
83
84/bin/rm -f f.* ff.* fff.*
85exit 0
diff --git a/src/lib/libssl/test/test.cnf b/src/lib/libssl/test/test.cnf
deleted file mode 100644
index faad3914a8..0000000000
--- a/src/lib/libssl/test/test.cnf
+++ /dev/null
@@ -1,88 +0,0 @@
1#
2# SSLeay example configuration file.
3# This is mostly being used for generation of certificate requests.
4#
5
6RANDFILE = ./.rnd
7
8####################################################################
9[ ca ]
10default_ca = CA_default # The default ca section
11
12####################################################################
13[ CA_default ]
14
15dir = ./demoCA # Where everything is kept
16certs = $dir/certs # Where the issued certs are kept
17crl_dir = $dir/crl # Where the issued crl are kept
18database = $dir/index.txt # database index file.
19new_certs_dir = $dir/new_certs # default place for new certs.
20
21certificate = $dir/CAcert.pem # The CA certificate
22serial = $dir/serial # The current serial number
23crl = $dir/crl.pem # The current CRL
24private_key = $dir/private/CAkey.pem# The private key
25RANDFILE = $dir/private/.rand # private random number file
26
27default_days = 365 # how long to certify for
28default_crl_days= 30 # how long before next CRL
29default_md = md5 # which md to use.
30
31# A few difference way of specifying how similar the request should look
32# For type CA, the listed attributes must be the same, and the optional
33# and supplied fields are just that :-)
34policy = policy_match
35
36# For the CA policy
37[ policy_match ]
38countryName = match
39stateOrProvinceName = match
40organizationName = match
41organizationalUnitName = optional
42commonName = supplied
43emailAddress = optional
44
45# For the 'anything' policy
46# At this point in time, you must list all acceptable 'object'
47# types.
48[ policy_anything ]
49countryName = optional
50stateOrProvinceName = optional
51localityName = optional
52organizationName = optional
53organizationalUnitName = optional
54commonName = supplied
55emailAddress = optional
56
57####################################################################
58[ req ]
59default_bits = 512
60default_keyfile = testkey.pem
61distinguished_name = req_distinguished_name
62encrypt_rsa_key = no
63
64[ req_distinguished_name ]
65countryName = Country Name (2 letter code)
66countryName_default = AU
67countryName_value = AU
68
69stateOrProvinceName = State or Province Name (full name)
70stateOrProvinceName_default = Queensland
71stateOrProvinceName_value =
72
73localityName = Locality Name (eg, city)
74localityName_value = Brisbane
75
76organizationName = Organization Name (eg, company)
77organizationName_default =
78organizationName_value = CryptSoft Pty Ltd
79
80organizationalUnitName = Organizational Unit Name (eg, section)
81organizationalUnitName_default =
82organizationalUnitName_value = .
83
84commonName = Common Name (eg, YOUR name)
85commonName_value = Eric Young
86
87emailAddress = Email Address
88emailAddress_value = eay@mincom.oz.au
diff --git a/src/lib/libssl/test/testca b/src/lib/libssl/test/testca
deleted file mode 100644
index 8215ebb5d1..0000000000
--- a/src/lib/libssl/test/testca
+++ /dev/null
@@ -1,48 +0,0 @@
1#!/bin/sh
2
3SH="/bin/sh"
4if test "$OSTYPE" = msdosdjgpp; then
5 PATH=./apps\;../apps\;$PATH
6else
7 PATH=../apps:$PATH
8fi
9export SH PATH
10
11SSLEAY_CONFIG="-config CAss.cnf"
12export SSLEAY_CONFIG
13
14/bin/rm -fr demoCA
15$SH ../apps/CA.sh -newca <<EOF
16EOF
17
18if [ $? != 0 ]; then
19 exit 1;
20fi
21
22SSLEAY_CONFIG="-config Uss.cnf"
23export SSLEAY_CONFIG
24$SH ../apps/CA.sh -newreq
25if [ $? != 0 ]; then
26 exit 1;
27fi
28
29
30SSLEAY_CONFIG="-config ../apps/openssl.cnf"
31export SSLEAY_CONFIG
32$SH ../apps/CA.sh -sign <<EOF
33y
34y
35EOF
36if [ $? != 0 ]; then
37 exit 1;
38fi
39
40
41$SH ../apps/CA.sh -verify newcert.pem
42if [ $? != 0 ]; then
43 exit 1;
44fi
45
46/bin/rm -fr demoCA newcert.pem newreq.pem
47#usage: CA -newcert|-newreq|-newca|-sign|-verify
48
diff --git a/src/lib/libssl/test/testcrl.pem b/src/lib/libssl/test/testcrl.pem
deleted file mode 100644
index 0989788354..0000000000
--- a/src/lib/libssl/test/testcrl.pem
+++ /dev/null
@@ -1,16 +0,0 @@
1-----BEGIN X509 CRL-----
2MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
3F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
4IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
5MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
6MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
7MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
8MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
9MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
10MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
11NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
12NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
13AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
14wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
15JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
16-----END X509 CRL-----
diff --git a/src/lib/libssl/test/testenc b/src/lib/libssl/test/testenc
deleted file mode 100644
index 0656c7f525..0000000000
--- a/src/lib/libssl/test/testenc
+++ /dev/null
@@ -1,54 +0,0 @@
1#!/bin/sh
2
3testsrc=Makefile.ssl
4test=./p
5cmd=../apps/openssl
6
7cat $testsrc >$test;
8
9echo cat
10$cmd enc < $test > $test.cipher
11$cmd enc < $test.cipher >$test.clear
12cmp $test $test.clear
13if [ $? != 0 ]
14then
15 exit 1
16else
17 /bin/rm $test.cipher $test.clear
18fi
19echo base64
20$cmd enc -a -e < $test > $test.cipher
21$cmd enc -a -d < $test.cipher >$test.clear
22cmp $test $test.clear
23if [ $? != 0 ]
24then
25 exit 1
26else
27 /bin/rm $test.cipher $test.clear
28fi
29
30for i in `$cmd list-cipher-commands`
31do
32 echo $i
33 $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
34 $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
35 cmp $test $test.$i.clear
36 if [ $? != 0 ]
37 then
38 exit 1
39 else
40 /bin/rm $test.$i.cipher $test.$i.clear
41 fi
42
43 echo $i base64
44 $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
45 $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
46 cmp $test $test.$i.clear
47 if [ $? != 0 ]
48 then
49 exit 1
50 else
51 /bin/rm $test.$i.cipher $test.$i.clear
52 fi
53done
54rm -f $test
diff --git a/src/lib/libssl/test/testgen b/src/lib/libssl/test/testgen
deleted file mode 100644
index 3798543e04..0000000000
--- a/src/lib/libssl/test/testgen
+++ /dev/null
@@ -1,44 +0,0 @@
1#!/bin/sh
2
3T=testcert
4KEY=512
5CA=../certs/testca.pem
6
7/bin/rm -f $T.1 $T.2 $T.key
8
9if test "$OSTYPE" = msdosdjgpp; then
10 PATH=../apps\;$PATH;
11else
12 PATH=../apps:$PATH;
13fi
14export PATH
15
16echo "generating certificate request"
17
18echo "string to make the random number generator think it has entropy" >> ./.rnd
19
20if ../apps/openssl no-rsa; then
21 req_new='-newkey dsa:../apps/dsa512.pem'
22else
23 req_new='-new'
24 echo "There should be a 2 sequences of .'s and some +'s."
25 echo "There should not be more that at most 80 per line"
26fi
27
28echo "This could take some time."
29
30rm -f testkey.pem testreq.pem
31
32../apps/openssl req -config test.cnf $req_new -out testreq.pem
33if [ $? != 0 ]; then
34echo problems creating request
35exit 1
36fi
37
38../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
39if [ $? != 0 ]; then
40echo signature on req is wrong
41exit 1
42fi
43
44exit 0
diff --git a/src/lib/libssl/test/testp7.pem b/src/lib/libssl/test/testp7.pem
deleted file mode 100644
index e5b7866c31..0000000000
--- a/src/lib/libssl/test/testp7.pem
+++ /dev/null
@@ -1,46 +0,0 @@
1-----BEGIN PKCS7-----
2MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
3cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
4DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
5BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
6HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
7ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
8biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
9aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
10aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
11VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
12UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
13AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
14BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
15ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
16IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
17bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
18L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
19OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
20IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
21ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
22cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
23QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
24MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
25AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
26cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
27AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
28MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
29QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
30dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
31Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
32DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
33TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
34AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
352d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
3647ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
37MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
38QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
39AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
40ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
41BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
42ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
43MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
44sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
45XfZsaiiIgotQHjEA
46-----END PKCS7-----
diff --git a/src/lib/libssl/test/testreq2.pem b/src/lib/libssl/test/testreq2.pem
deleted file mode 100644
index c3cdcffcbc..0000000000
--- a/src/lib/libssl/test/testreq2.pem
+++ /dev/null
@@ -1,7 +0,0 @@
1-----BEGIN CERTIFICATE REQUEST-----
2MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
3QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
4DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
5hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
6gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
7-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/test/testrsa.pem b/src/lib/libssl/test/testrsa.pem
deleted file mode 100644
index aad21067a8..0000000000
--- a/src/lib/libssl/test/testrsa.pem
+++ /dev/null
@@ -1,9 +0,0 @@
1-----BEGIN RSA PRIVATE KEY-----
2MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
3Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
4rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
5oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
6mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
7rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
8mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
9-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/test/testsid.pem b/src/lib/libssl/test/testsid.pem
deleted file mode 100644
index 7ffd008f66..0000000000
--- a/src/lib/libssl/test/testsid.pem
+++ /dev/null
@@ -1,12 +0,0 @@
1-----BEGIN SSL SESSION PARAMETERS-----
2MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
3bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
4ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
5YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
6A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
7LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
8CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
9TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
10hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
11CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
12-----END SSL SESSION PARAMETERS-----
diff --git a/src/lib/libssl/test/testss b/src/lib/libssl/test/testss
deleted file mode 100644
index 8d3557f356..0000000000
--- a/src/lib/libssl/test/testss
+++ /dev/null
@@ -1,99 +0,0 @@
1#!/bin/sh
2
3digest='-md5'
4reqcmd="../apps/openssl req"
5x509cmd="../apps/openssl x509 $digest"
6verifycmd="../apps/openssl verify"
7dummycnf="../apps/openssl.cnf"
8
9CAkey="keyCA.ss"
10CAcert="certCA.ss"
11CAreq="reqCA.ss"
12CAconf="CAss.cnf"
13CAreq2="req2CA.ss" # temp
14
15Uconf="Uss.cnf"
16Ukey="keyU.ss"
17Ureq="reqU.ss"
18Ucert="certU.ss"
19
20echo
21echo "make a certificate request using 'req'"
22
23echo "string to make the random number generator think it has entropy" >> ./.rnd
24
25if ../apps/openssl no-rsa; then
26 req_new='-newkey dsa:../apps/dsa512.pem'
27else
28 req_new='-new'
29fi
30
31$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
32if [ $? != 0 ]; then
33 echo "error using 'req' to generate a certificate request"
34 exit 1
35fi
36echo
37echo "convert the certificate request into a self signed certificate using 'x509'"
38$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss
39if [ $? != 0 ]; then
40 echo "error using 'x509' to self sign a certificate request"
41 exit 1
42fi
43
44echo
45echo "convert a certificate into a certificate request using 'x509'"
46$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
47if [ $? != 0 ]; then
48 echo "error using 'x509' convert a certificate to a certificate request"
49 exit 1
50fi
51
52$reqcmd -config $dummycnf -verify -in $CAreq -noout
53if [ $? != 0 ]; then
54 echo first generated request is invalid
55 exit 1
56fi
57
58$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
59if [ $? != 0 ]; then
60 echo second generated request is invalid
61 exit 1
62fi
63
64$verifycmd -CAfile $CAcert $CAcert
65if [ $? != 0 ]; then
66 echo first generated cert is invalid
67 exit 1
68fi
69
70echo
71echo "make another certificate request using 'req'"
72$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
73if [ $? != 0 ]; then
74 echo "error using 'req' to generate a certificate request"
75 exit 1
76fi
77
78echo
79echo "sign certificate request with the just created CA via 'x509'"
80$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss
81if [ $? != 0 ]; then
82 echo "error using 'x509' to sign a certificate request"
83 exit 1
84fi
85
86$verifycmd -CAfile $CAcert $Ucert
87echo
88echo "Certificate details"
89$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
90
91echo
92echo The generated CA certificate is $CAcert
93echo The generated CA private key is $CAkey
94
95echo The generated user certificate is $Ucert
96echo The generated user private key is $Ukey
97
98/bin/rm err.ss
99exit 0
diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl
deleted file mode 100644
index ca8e718022..0000000000
--- a/src/lib/libssl/test/testssl
+++ /dev/null
@@ -1,145 +0,0 @@
1#!/bin/sh
2
3if [ "$1" = "" ]; then
4 key=../apps/server.pem
5else
6 key="$1"
7fi
8if [ "$2" = "" ]; then
9 cert=../apps/server.pem
10else
11 cert="$2"
12fi
13ssltest="./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
14
15if ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
16 dsa_cert=YES
17else
18 dsa_cert=NO
19fi
20
21if [ "$3" = "" ]; then
22 CA="-CApath ../certs"
23else
24 CA="-CAfile $3"
25fi
26
27if [ "$4" = "" ]; then
28 extra=""
29else
30 extra="$4"
31fi
32
33#############################################################################
34
35echo test sslv2
36$ssltest -ssl2 $extra || exit 1
37
38echo test sslv2 with server authentication
39$ssltest -ssl2 -server_auth $CA $extra || exit 1
40
41if [ $dsa_cert = NO ]; then
42 echo test sslv2 with client authentication
43 $ssltest -ssl2 -client_auth $CA $extra || exit 1
44
45 echo test sslv2 with both client and server authentication
46 $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
47fi
48
49echo test sslv3
50$ssltest -ssl3 $extra || exit 1
51
52echo test sslv3 with server authentication
53$ssltest -ssl3 -server_auth $CA $extra || exit 1
54
55echo test sslv3 with client authentication
56$ssltest -ssl3 -client_auth $CA $extra || exit 1
57
58echo test sslv3 with both client and server authentication
59$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
60
61echo test sslv2/sslv3
62$ssltest $extra || exit 1
63
64echo test sslv2/sslv3 with server authentication
65$ssltest -server_auth $CA $extra || exit 1
66
67echo test sslv2/sslv3 with client authentication
68$ssltest -client_auth $CA $extra || exit 1
69
70echo test sslv2/sslv3 with both client and server authentication
71$ssltest -server_auth -client_auth $CA $extra || exit 1
72
73echo test sslv2 via BIO pair
74$ssltest -bio_pair -ssl2 $extra || exit 1
75
76echo test sslv2 with server authentication via BIO pair
77$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
78
79if [ $dsa_cert = NO ]; then
80 echo test sslv2 with client authentication via BIO pair
81 $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
82
83 echo test sslv2 with both client and server authentication via BIO pair
84 $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
85fi
86
87echo test sslv3 via BIO pair
88$ssltest -bio_pair -ssl3 $extra || exit 1
89
90echo test sslv3 with server authentication via BIO pair
91$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
92
93echo test sslv3 with client authentication via BIO pair
94$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
95
96echo test sslv3 with both client and server authentication via BIO pair
97$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
98
99echo test sslv2/sslv3 via BIO pair
100$ssltest $extra || exit 1
101
102if [ $dsa_cert = NO ]; then
103 echo test sslv2/sslv3 w/o DHE via BIO pair
104 $ssltest -bio_pair -no_dhe $extra || exit 1
105fi
106
107echo test sslv2/sslv3 with 1024bit DHE via BIO pair
108$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
109
110echo test sslv2/sslv3 with server authentication
111$ssltest -bio_pair -server_auth $CA $extra || exit 1
112
113echo test sslv2/sslv3 with client authentication via BIO pair
114$ssltest -bio_pair -client_auth $CA $extra || exit 1
115
116echo test sslv2/sslv3 with both client and server authentication via BIO pair
117$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
118
119echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
120$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
121
122#############################################################################
123
124if ../apps/openssl no-dh; then
125 echo skipping anonymous DH tests
126else
127 echo test tls1 with 1024bit anonymous DH, multiple handshakes
128 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
129fi
130
131if ../apps/openssl no-rsa; then
132 echo skipping RSA tests
133else
134 echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
135 ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
136
137 if ../apps/openssl no-dh; then
138 echo skipping RSA+DHE tests
139 else
140 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
141 ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
142 fi
143fi
144
145exit 0
diff --git a/src/lib/libssl/test/testx509.pem b/src/lib/libssl/test/testx509.pem
deleted file mode 100644
index 8a85d14964..0000000000
--- a/src/lib/libssl/test/testx509.pem
+++ /dev/null
@@ -1,10 +0,0 @@
1-----BEGIN CERTIFICATE-----
2MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
3BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
4MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
5RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
6AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
7/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
8Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
9zl9HYIMxATFyqSiD9jsx
10-----END CERTIFICATE-----
diff --git a/src/lib/libssl/test/times b/src/lib/libssl/test/times
deleted file mode 100644
index 49aeebf216..0000000000
--- a/src/lib/libssl/test/times
+++ /dev/null
@@ -1,113 +0,0 @@
1
2More number for the questions about SSL overheads....
3
4The following numbers were generated on a pentium pro 200, running linux.
5They give an indication of the SSL protocol and encryption overheads.
6
7The program that generated them is an unreleased version of ssl/ssltest.c
8which is the SSLeay ssl protocol testing program. It is a single process that
9talks both sides of the SSL protocol via a non-blocking memory buffer
10interface.
11
12How do I read this? The protocol and cipher are reasonable obvious.
13The next number is the number of connections being made. The next is the
14number of bytes exchanged bewteen the client and server side of the protocol.
15This is the number of bytes that the client sends to the server, and then
16the server sends back. Because this is all happening in one process,
17the data is being encrypted, decrypted, encrypted and then decrypted again.
18It is a round trip of that many bytes. Because the one process performs
19both the client and server sides of the protocol and it sends this many bytes
20each direction, multiply this number by 4 to generate the number
21of bytes encrypted/decrypted/MACed. The first time value is how many seconds
22elapsed doing a full SSL handshake, the second is the cost of one
23full handshake and the rest being session-id reuse.
24
25SSLv2 RC4-MD5 1000 x 1 12.83s 0.70s
26SSLv3 NULL-MD5 1000 x 1 14.35s 1.47s
27SSLv3 RC4-MD5 1000 x 1 14.46s 1.56s
28SSLv3 RC4-MD5 1000 x 1 51.93s 1.62s 1024bit RSA
29SSLv3 RC4-SHA 1000 x 1 14.61s 1.83s
30SSLv3 DES-CBC-SHA 1000 x 1 14.70s 1.89s
31SSLv3 DES-CBC3-SHA 1000 x 1 15.16s 2.16s
32
33SSLv2 RC4-MD5 1000 x 1024 13.72s 1.27s
34SSLv3 NULL-MD5 1000 x 1024 14.79s 1.92s
35SSLv3 RC4-MD5 1000 x 1024 52.58s 2.29s 1024bit RSA
36SSLv3 RC4-SHA 1000 x 1024 15.39s 2.67s
37SSLv3 DES-CBC-SHA 1000 x 1024 16.45s 3.55s
38SSLv3 DES-CBC3-SHA 1000 x 1024 18.21s 5.38s
39
40SSLv2 RC4-MD5 1000 x 10240 18.97s 6.52s
41SSLv3 NULL-MD5 1000 x 10240 17.79s 5.11s
42SSLv3 RC4-MD5 1000 x 10240 20.25s 7.90s
43SSLv3 RC4-MD5 1000 x 10240 58.26s 8.08s 1024bit RSA
44SSLv3 RC4-SHA 1000 x 10240 22.96s 11.44s
45SSLv3 DES-CBC-SHA 1000 x 10240 30.65s 18.41s
46SSLv3 DES-CBC3-SHA 1000 x 10240 47.04s 34.53s
47
48SSLv2 RC4-MD5 1000 x 102400 70.22s 57.74s
49SSLv3 NULL-MD5 1000 x 102400 43.73s 31.03s
50SSLv3 RC4-MD5 1000 x 102400 71.32s 58.83s
51SSLv3 RC4-MD5 1000 x 102400 109.66s 59.20s 1024bit RSA
52SSLv3 RC4-SHA 1000 x 102400 95.88s 82.21s
53SSLv3 DES-CBC-SHA 1000 x 102400 173.22s 160.55s
54SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s
55
56What does this all mean? Well for a server, with no session-id reuse, with
57a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
58a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
59about 49 connections a second. Reality will be quite different :-).
60
61Remeber the first number is 1000 full ssl handshakes, the second is
621 full and 999 with session-id reuse. The RSA overheads for each exchange
63would be one public and one private operation, but the protocol/MAC/cipher
64cost would be quite similar in both the client and server.
65
66eric (adding numbers to speculation)
67
68--- Appendix ---
69- The time measured is user time but these number a very rough.
70- Remember this is the cost of both client and server sides of the protocol.
71- The TCP/kernal overhead of connection establishment is normally the
72 killer in SSL. Often delays in the TCP protocol will make session-id
73 reuse look slower that new sessions, but this would not be the case on
74 a loaded server.
75- The TCP round trip latencies, while slowing indervidual connections,
76 would have minimal impact on throughput.
77- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
78- the required number of bytes are processed.
79- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
80- A 512bit server key was being used except where noted.
81- No server key verification was being performed on the client side of the
82 protocol. This would slow things down very little.
83- The library being used is SSLeay 0.8.x.
84- The normal mesauring system was commands of the form
85 time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
86 This modified version of ssltest should be in the next public release of
87 SSLeay.
88
89The general cipher performace number for this platform are
90
91SSLeay 0.8.2a 04-Sep-1997
92built on Fri Sep 5 17:37:05 EST 1997
93options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
94C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
95The 'numbers' are in 1000s of bytes per second processed.
96type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
97md2 131.02k 368.41k 500.57k 549.21k 566.09k
98mdc2 535.60k 589.10k 595.88k 595.97k 594.54k
99md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k
100sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k
101sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k
102rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k
103des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k
104des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k
105idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k
106rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k
107blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k
108 sign verify
109rsa 512 bits 0.0100s 0.0011s
110rsa 1024 bits 0.0451s 0.0012s
111rsa 2048 bits 0.2605s 0.0086s
112rsa 4096 bits 1.6883s 0.0302s
113
diff --git a/src/lib/libssl/test/tpkcs7 b/src/lib/libssl/test/tpkcs7
deleted file mode 100644
index cf3bd9fadb..0000000000
--- a/src/lib/libssl/test/tpkcs7
+++ /dev/null
@@ -1,55 +0,0 @@
1#!/bin/sh
2
3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
8export PATH
9
10cmd='../apps/openssl pkcs7'
11
12if [ "$1"x != "x" ]; then
13 t=$1
14else
15 t=testp7.pem
16fi
17
18echo testing pkcs7 conversions
19cp $t fff.p
20
21echo "p -> d"
22$cmd -in fff.p -inform p -outform d >f.d
23if [ $? != 0 ]; then exit 1; fi
24echo "p -> p"
25$cmd -in fff.p -inform p -outform p >f.p
26if [ $? != 0 ]; then exit 1; fi
27
28echo "d -> d"
29$cmd -in f.d -inform d -outform d >ff.d1
30if [ $? != 0 ]; then exit 1; fi
31echo "p -> d"
32$cmd -in f.p -inform p -outform d >ff.d3
33if [ $? != 0 ]; then exit 1; fi
34
35echo "d -> p"
36$cmd -in f.d -inform d -outform p >ff.p1
37if [ $? != 0 ]; then exit 1; fi
38echo "p -> p"
39$cmd -in f.p -inform p -outform p >ff.p3
40if [ $? != 0 ]; then exit 1; fi
41
42cmp fff.p f.p
43if [ $? != 0 ]; then exit 1; fi
44cmp fff.p ff.p1
45if [ $? != 0 ]; then exit 1; fi
46cmp fff.p ff.p3
47if [ $? != 0 ]; then exit 1; fi
48
49cmp f.p ff.p1
50if [ $? != 0 ]; then exit 1; fi
51cmp f.p ff.p3
52if [ $? != 0 ]; then exit 1; fi
53
54/bin/rm -f f.* ff.* fff.*
55exit 0
diff --git a/src/lib/libssl/test/tpkcs7d b/src/lib/libssl/test/tpkcs7d
deleted file mode 100644
index 18f9311b06..0000000000
--- a/src/lib/libssl/test/tpkcs7d
+++ /dev/null
@@ -1,48 +0,0 @@
1#!/bin/sh
2
3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
8export PATH
9
10cmd='../apps/openssl pkcs7'
11
12if [ "$1"x != "x" ]; then
13 t=$1
14else
15 t=pkcs7-1.pem
16fi
17
18echo "testing pkcs7 conversions (2)"
19cp $t fff.p
20
21echo "p -> d"
22$cmd -in fff.p -inform p -outform d >f.d
23if [ $? != 0 ]; then exit 1; fi
24echo "p -> p"
25$cmd -in fff.p -inform p -outform p >f.p
26if [ $? != 0 ]; then exit 1; fi
27
28echo "d -> d"
29$cmd -in f.d -inform d -outform d >ff.d1
30if [ $? != 0 ]; then exit 1; fi
31echo "p -> d"
32$cmd -in f.p -inform p -outform d >ff.d3
33if [ $? != 0 ]; then exit 1; fi
34
35echo "d -> p"
36$cmd -in f.d -inform d -outform p >ff.p1
37if [ $? != 0 ]; then exit 1; fi
38echo "p -> p"
39$cmd -in f.p -inform p -outform p >ff.p3
40if [ $? != 0 ]; then exit 1; fi
41
42cmp f.p ff.p1
43if [ $? != 0 ]; then exit 1; fi
44cmp f.p ff.p3
45if [ $? != 0 ]; then exit 1; fi
46
47/bin/rm -f f.* ff.* fff.*
48exit 0
diff --git a/src/lib/libssl/test/treq b/src/lib/libssl/test/treq
deleted file mode 100644
index 47a8273cde..0000000000
--- a/src/lib/libssl/test/treq
+++ /dev/null
@@ -1,90 +0,0 @@
1#!/bin/sh
2
3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
8export PATH
9
10cmd='../apps/openssl req -config ../apps/openssl.cnf'
11
12if [ "$1"x != "x" ]; then
13 t=$1
14else
15 t=testreq.pem
16fi
17
18if $cmd -in $t -inform p -noout -text | fgrep 'Unknown Public Key'; then
19 echo "skipping req conversion test for $t"
20 exit 0
21fi
22
23echo testing req conversions
24cp $t fff.p
25
26echo "p -> d"
27$cmd -in fff.p -inform p -outform d >f.d
28if [ $? != 0 ]; then exit 1; fi
29#echo "p -> t"
30#$cmd -in fff.p -inform p -outform t >f.t
31#if [ $? != 0 ]; then exit 1; fi
32echo "p -> p"
33$cmd -in fff.p -inform p -outform p >f.p
34if [ $? != 0 ]; then exit 1; fi
35
36echo "d -> d"
37$cmd -verify -in f.d -inform d -outform d >ff.d1
38if [ $? != 0 ]; then exit 1; fi
39#echo "t -> d"
40#$cmd -in f.t -inform t -outform d >ff.d2
41#if [ $? != 0 ]; then exit 1; fi
42echo "p -> d"
43$cmd -verify -in f.p -inform p -outform d >ff.d3
44if [ $? != 0 ]; then exit 1; fi
45
46#echo "d -> t"
47#$cmd -in f.d -inform d -outform t >ff.t1
48#if [ $? != 0 ]; then exit 1; fi
49#echo "t -> t"
50#$cmd -in f.t -inform t -outform t >ff.t2
51#if [ $? != 0 ]; then exit 1; fi
52#echo "p -> t"
53#$cmd -in f.p -inform p -outform t >ff.t3
54#if [ $? != 0 ]; then exit 1; fi
55
56echo "d -> p"
57$cmd -in f.d -inform d -outform p >ff.p1
58if [ $? != 0 ]; then exit 1; fi
59#echo "t -> p"
60#$cmd -in f.t -inform t -outform p >ff.p2
61#if [ $? != 0 ]; then exit 1; fi
62echo "p -> p"
63$cmd -in f.p -inform p -outform p >ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66cmp fff.p f.p
67if [ $? != 0 ]; then exit 1; fi
68cmp fff.p ff.p1
69if [ $? != 0 ]; then exit 1; fi
70#cmp fff.p ff.p2
71#if [ $? != 0 ]; then exit 1; fi
72cmp fff.p ff.p3
73if [ $? != 0 ]; then exit 1; fi
74
75#cmp f.t ff.t1
76#if [ $? != 0 ]; then exit 1; fi
77#cmp f.t ff.t2
78#if [ $? != 0 ]; then exit 1; fi
79#cmp f.t ff.t3
80#if [ $? != 0 ]; then exit 1; fi
81
82cmp f.p ff.p1
83if [ $? != 0 ]; then exit 1; fi
84#cmp f.p ff.p2
85#if [ $? != 0 ]; then exit 1; fi
86cmp f.p ff.p3
87if [ $? != 0 ]; then exit 1; fi
88
89/bin/rm -f f.* ff.* fff.*
90exit 0
diff --git a/src/lib/libssl/test/trsa b/src/lib/libssl/test/trsa
deleted file mode 100644
index 413e2ec0a0..0000000000
--- a/src/lib/libssl/test/trsa
+++ /dev/null
@@ -1,90 +0,0 @@
1#!/bin/sh
2
3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
8export PATH
9
10if ../apps/openssl no-rsa; then
11 echo skipping rsa conversion test
12 exit 0
13fi
14
15cmd='../apps/openssl rsa'
16
17if [ "$1"x != "x" ]; then
18 t=$1
19else
20 t=testrsa.pem
21fi
22
23echo testing rsa conversions
24cp $t fff.p
25
26echo "p -> d"
27$cmd -in fff.p -inform p -outform d >f.d
28if [ $? != 0 ]; then exit 1; fi
29#echo "p -> t"
30#$cmd -in fff.p -inform p -outform t >f.t
31#if [ $? != 0 ]; then exit 1; fi
32echo "p -> p"
33$cmd -in fff.p -inform p -outform p >f.p
34if [ $? != 0 ]; then exit 1; fi
35
36echo "d -> d"
37$cmd -in f.d -inform d -outform d >ff.d1
38if [ $? != 0 ]; then exit 1; fi
39#echo "t -> d"
40#$cmd -in f.t -inform t -outform d >ff.d2
41#if [ $? != 0 ]; then exit 1; fi
42echo "p -> d"
43$cmd -in f.p -inform p -outform d >ff.d3
44if [ $? != 0 ]; then exit 1; fi
45
46#echo "d -> t"
47#$cmd -in f.d -inform d -outform t >ff.t1
48#if [ $? != 0 ]; then exit 1; fi
49#echo "t -> t"
50#$cmd -in f.t -inform t -outform t >ff.t2
51#if [ $? != 0 ]; then exit 1; fi
52#echo "p -> t"
53#$cmd -in f.p -inform p -outform t >ff.t3
54#if [ $? != 0 ]; then exit 1; fi
55
56echo "d -> p"
57$cmd -in f.d -inform d -outform p >ff.p1
58if [ $? != 0 ]; then exit 1; fi
59#echo "t -> p"
60#$cmd -in f.t -inform t -outform p >ff.p2
61#if [ $? != 0 ]; then exit 1; fi
62echo "p -> p"
63$cmd -in f.p -inform p -outform p >ff.p3
64if [ $? != 0 ]; then exit 1; fi
65
66cmp fff.p f.p
67if [ $? != 0 ]; then exit 1; fi
68cmp fff.p ff.p1
69if [ $? != 0 ]; then exit 1; fi
70#cmp fff.p ff.p2
71#if [ $? != 0 ]; then exit 1; fi
72cmp fff.p ff.p3
73if [ $? != 0 ]; then exit 1; fi
74
75#cmp f.t ff.t1
76#if [ $? != 0 ]; then exit 1; fi
77#cmp f.t ff.t2
78#if [ $? != 0 ]; then exit 1; fi
79#cmp f.t ff.t3
80#if [ $? != 0 ]; then exit 1; fi
81
82cmp f.p ff.p1
83if [ $? != 0 ]; then exit 1; fi
84#cmp f.p ff.p2
85#if [ $? != 0 ]; then exit 1; fi
86cmp f.p ff.p3
87if [ $? != 0 ]; then exit 1; fi
88
89/bin/rm -f f.* ff.* fff.*
90exit 0
diff --git a/src/lib/libssl/test/tsid b/src/lib/libssl/test/tsid
deleted file mode 100644
index 40a1dfa97c..0000000000
--- a/src/lib/libssl/test/tsid
+++ /dev/null
@@ -1,85 +0,0 @@
1#!/bin/sh
2
3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
8export PATH
9
10cmd='../apps/openssl sess_id'
11
12if [ "$1"x != "x" ]; then
13 t=$1
14else
15 t=testsid.pem
16fi
17
18echo testing session-id conversions
19cp $t fff.p
20
21echo "p -> d"
22$cmd -in fff.p -inform p -outform d >f.d
23if [ $? != 0 ]; then exit 1; fi
24#echo "p -> t"
25#$cmd -in fff.p -inform p -outform t >f.t
26#if [ $? != 0 ]; then exit 1; fi
27echo "p -> p"
28$cmd -in fff.p -inform p -outform p >f.p
29if [ $? != 0 ]; then exit 1; fi
30
31echo "d -> d"
32$cmd -in f.d -inform d -outform d >ff.d1
33if [ $? != 0 ]; then exit 1; fi
34#echo "t -> d"
35#$cmd -in f.t -inform t -outform d >ff.d2
36#if [ $? != 0 ]; then exit 1; fi
37echo "p -> d"
38$cmd -in f.p -inform p -outform d >ff.d3
39if [ $? != 0 ]; then exit 1; fi
40
41#echo "d -> t"
42#$cmd -in f.d -inform d -outform t >ff.t1
43#if [ $? != 0 ]; then exit 1; fi
44#echo "t -> t"
45#$cmd -in f.t -inform t -outform t >ff.t2
46#if [ $? != 0 ]; then exit 1; fi
47#echo "p -> t"
48#$cmd -in f.p -inform p -outform t >ff.t3
49#if [ $? != 0 ]; then exit 1; fi
50
51echo "d -> p"
52$cmd -in f.d -inform d -outform p >ff.p1
53if [ $? != 0 ]; then exit 1; fi
54#echo "t -> p"
55#$cmd -in f.t -inform t -outform p >ff.p2
56#if [ $? != 0 ]; then exit 1; fi
57echo "p -> p"
58$cmd -in f.p -inform p -outform p >ff.p3
59if [ $? != 0 ]; then exit 1; fi
60
61cmp fff.p f.p
62if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p1
64if [ $? != 0 ]; then exit 1; fi
65#cmp fff.p ff.p2
66#if [ $? != 0 ]; then exit 1; fi
67cmp fff.p ff.p3
68if [ $? != 0 ]; then exit 1; fi
69
70#cmp f.t ff.t1
71#if [ $? != 0 ]; then exit 1; fi
72#cmp f.t ff.t2
73#if [ $? != 0 ]; then exit 1; fi
74#cmp f.t ff.t3
75#if [ $? != 0 ]; then exit 1; fi
76
77cmp f.p ff.p1
78if [ $? != 0 ]; then exit 1; fi
79#cmp f.p ff.p2
80#if [ $? != 0 ]; then exit 1; fi
81cmp f.p ff.p3
82if [ $? != 0 ]; then exit 1; fi
83
84/bin/rm -f f.* ff.* fff.*
85exit 0
diff --git a/src/lib/libssl/test/tx509 b/src/lib/libssl/test/tx509
deleted file mode 100644
index d380963abc..0000000000
--- a/src/lib/libssl/test/tx509
+++ /dev/null
@@ -1,85 +0,0 @@
1#!/bin/sh
2
3if test "$OSTYPE" = msdosdjgpp; then
4 PATH=../apps\;$PATH
5else
6 PATH=../apps:$PATH
7fi
8export PATH
9
10cmd='../apps/openssl x509'
11
12if [ "$1"x != "x" ]; then
13 t=$1
14else
15 t=testx509.pem
16fi
17
18echo testing X509 conversions
19cp $t fff.p
20
21echo "p -> d"
22$cmd -in fff.p -inform p -outform d >f.d
23if [ $? != 0 ]; then exit 1; fi
24echo "p -> n"
25$cmd -in fff.p -inform p -outform n >f.n
26if [ $? != 0 ]; then exit 1; fi
27echo "p -> p"
28$cmd -in fff.p -inform p -outform p >f.p
29if [ $? != 0 ]; then exit 1; fi
30
31echo "d -> d"
32$cmd -in f.d -inform d -outform d >ff.d1
33if [ $? != 0 ]; then exit 1; fi
34echo "n -> d"
35$cmd -in f.n -inform n -outform d >ff.d2
36if [ $? != 0 ]; then exit 1; fi
37echo "p -> d"
38$cmd -in f.p -inform p -outform d >ff.d3
39if [ $? != 0 ]; then exit 1; fi
40
41echo "d -> n"
42$cmd -in f.d -inform d -outform n >ff.n1
43if [ $? != 0 ]; then exit 1; fi
44echo "n -> n"
45$cmd -in f.n -inform n -outform n >ff.n2
46if [ $? != 0 ]; then exit 1; fi
47echo "p -> n"
48$cmd -in f.p -inform p -outform n >ff.n3
49if [ $? != 0 ]; then exit 1; fi
50
51echo "d -> p"
52$cmd -in f.d -inform d -outform p >ff.p1
53if [ $? != 0 ]; then exit 1; fi
54echo "n -> p"
55$cmd -in f.n -inform n -outform p >ff.p2
56if [ $? != 0 ]; then exit 1; fi
57echo "p -> p"
58$cmd -in f.p -inform p -outform p >ff.p3
59if [ $? != 0 ]; then exit 1; fi
60
61cmp fff.p f.p
62if [ $? != 0 ]; then exit 1; fi
63cmp fff.p ff.p1
64if [ $? != 0 ]; then exit 1; fi
65cmp fff.p ff.p2
66if [ $? != 0 ]; then exit 1; fi
67cmp fff.p ff.p3
68if [ $? != 0 ]; then exit 1; fi
69
70cmp f.n ff.n1
71if [ $? != 0 ]; then exit 1; fi
72cmp f.n ff.n2
73if [ $? != 0 ]; then exit 1; fi
74cmp f.n ff.n3
75if [ $? != 0 ]; then exit 1; fi
76
77cmp f.p ff.p1
78if [ $? != 0 ]; then exit 1; fi
79cmp f.p ff.p2
80if [ $? != 0 ]; then exit 1; fi
81cmp f.p ff.p3
82if [ $? != 0 ]; then exit 1; fi
83
84/bin/rm -f f.* ff.* fff.*
85exit 0
diff --git a/src/lib/libssl/test/v3-cert1.pem b/src/lib/libssl/test/v3-cert1.pem
deleted file mode 100644
index 0da253d5c3..0000000000
--- a/src/lib/libssl/test/v3-cert1.pem
+++ /dev/null
@@ -1,16 +0,0 @@
1-----BEGIN CERTIFICATE-----
2MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
3NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
4dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
5ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
6ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
7ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
8miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
9AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
10Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
11DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
12MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
13AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
14X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
15WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
16-----END CERTIFICATE-----
diff --git a/src/lib/libssl/test/v3-cert2.pem b/src/lib/libssl/test/v3-cert2.pem
deleted file mode 100644
index de0723ff8d..0000000000
--- a/src/lib/libssl/test/v3-cert2.pem
+++ /dev/null
@@ -1,16 +0,0 @@
1-----BEGIN CERTIFICATE-----
2MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
3YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
4ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
5dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
6WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
7BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
8FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
96ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
10G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
11YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
12b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
13F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
14lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
15jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
16-----END CERTIFICATE-----
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
deleted file mode 100644
index 38838ea9a5..0000000000
--- a/src/lib/libssl/tls1.h
+++ /dev/null
@@ -1,195 +0,0 @@
1/* ssl/tls1.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_TLS1_H
60#define HEADER_TLS1_H
61
62#include <openssl/buffer.h>
63
64#ifdef __cplusplus
65extern "C" {
66#endif
67
68#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1
69
70#define TLS1_VERSION 0x0301
71#define TLS1_VERSION_MAJOR 0x03
72#define TLS1_VERSION_MINOR 0x01
73
74#define TLS1_AD_DECRYPTION_FAILED 21
75#define TLS1_AD_RECORD_OVERFLOW 22
76#define TLS1_AD_UNKNOWN_CA 48 /* fatal */
77#define TLS1_AD_ACCESS_DENIED 49 /* fatal */
78#define TLS1_AD_DECODE_ERROR 50 /* fatal */
79#define TLS1_AD_DECRYPT_ERROR 51
80#define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */
81#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */
82#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */
83#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
84#define TLS1_AD_USER_CANCELLED 90
85#define TLS1_AD_NO_RENEGOTIATION 100
86
87/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
88 * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
89 * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably
90 * shouldn't. */
91#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060
92#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061
93#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
94#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
95#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
96#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
97#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
98
99/* AES ciphersuites from RFC3268 */
100
101#define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
102#define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
103#define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
104#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
105#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
106#define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
107
108#define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
109#define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
110#define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
111#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
112#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
113#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
114
115/* XXX
116 * Inconsistency alert:
117 * The OpenSSL names of ciphers with ephemeral DH here include the string
118 * "DHE", while elsewhere it has always been "EDH".
119 * (The alias for the list of all such ciphers also is "EDH".)
120 * The specifications speak of "EDH"; maybe we should allow both forms
121 * for everything. */
122#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
123#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
124#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
125#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA"
126#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
127#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
128#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
129
130/* AES ciphersuites from RFC3268 */
131#define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
132#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
133#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
134#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
135#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
136#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
137
138#define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
139#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
140#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
141#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
142#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
143#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
144
145
146#define TLS_CT_RSA_SIGN 1
147#define TLS_CT_DSS_SIGN 2
148#define TLS_CT_RSA_FIXED_DH 3
149#define TLS_CT_DSS_FIXED_DH 4
150#define TLS_CT_NUMBER 4
151
152#define TLS1_FINISH_MAC_LENGTH 12
153
154#define TLS_MD_MAX_CONST_SIZE 20
155#define TLS_MD_CLIENT_FINISH_CONST "client finished"
156#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
157#define TLS_MD_SERVER_FINISH_CONST "server finished"
158#define TLS_MD_SERVER_FINISH_CONST_SIZE 15
159#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
160#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
161#define TLS_MD_KEY_EXPANSION_CONST "key expansion"
162#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
163#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
164#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
165#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
166#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
167#define TLS_MD_IV_BLOCK_CONST "IV block"
168#define TLS_MD_IV_BLOCK_CONST_SIZE 8
169#define TLS_MD_MASTER_SECRET_CONST "master secret"
170#define TLS_MD_MASTER_SECRET_CONST_SIZE 13
171
172#ifdef CHARSET_EBCDIC
173#undef TLS_MD_CLIENT_FINISH_CONST
174#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*client finished*/
175#undef TLS_MD_SERVER_FINISH_CONST
176#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*server finished*/
177#undef TLS_MD_SERVER_WRITE_KEY_CONST
178#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
179#undef TLS_MD_KEY_EXPANSION_CONST
180#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /*key expansion*/
181#undef TLS_MD_CLIENT_WRITE_KEY_CONST
182#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*client write key*/
183#undef TLS_MD_SERVER_WRITE_KEY_CONST
184#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
185#undef TLS_MD_IV_BLOCK_CONST
186#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /*IV block*/
187#undef TLS_MD_MASTER_SECRET_CONST
188#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/
189#endif
190
191#ifdef __cplusplus
192}
193#endif
194#endif
195
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 07:54:04 +0000