summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/s23_clnt.c80
-rw-r--r--src/lib/libssl/s23_lib.c16
-rw-r--r--src/lib/libssl/s23_srvr.c44
-rw-r--r--src/lib/libssl/src/apps/ciphers.c14
-rw-r--r--src/lib/libssl/src/apps/ocsp.c9
-rw-r--r--src/lib/libssl/src/apps/progs.h8
-rw-r--r--src/lib/libssl/src/apps/s_client.c14
-rw-r--r--src/lib/libssl/src/apps/s_server.c8
-rw-r--r--src/lib/libssl/src/apps/s_time.c12
-rw-r--r--src/lib/libssl/src/ssl/s23_clnt.c80
-rw-r--r--src/lib/libssl/src/ssl/s23_lib.c16
-rw-r--r--src/lib/libssl/src/ssl/s23_meth.c14
-rw-r--r--src/lib/libssl/src/ssl/s23_srvr.c44
-rw-r--r--src/lib/libssl/src/ssl/s2_clnt.c1076
-rw-r--r--src/lib/libssl/src/ssl/s2_enc.c190
-rw-r--r--src/lib/libssl/src/ssl/s2_lib.c569
-rw-r--r--src/lib/libssl/src/ssl/s2_meth.c83
-rw-r--r--src/lib/libssl/src/ssl/s2_pkt.c696
-rw-r--r--src/lib/libssl/src/ssl/s2_srvr.c1092
-rw-r--r--src/lib/libssl/src/ssl/ssl.h10
-rw-r--r--src/lib/libssl/src/ssl/ssl_stat.c197
-rw-r--r--src/lib/libssl/src/ssl/ssltest.c39
-rw-r--r--src/lib/libssl/ssl.h10
-rw-r--r--src/lib/libssl/ssl/Makefile4
-rw-r--r--src/lib/libssl/ssl_stat.c197
25 files changed, 13 insertions, 4509 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 3d2e7510cf..7c9de0dd0e 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -122,10 +122,6 @@ static int ssl23_get_server_hello(SSL *s);
122static const SSL_METHOD 122static const SSL_METHOD
123*ssl23_get_client_method(int ver) 123*ssl23_get_client_method(int ver)
124{ 124{
125#ifndef OPENSSL_NO_SSL2
126 if (ver == SSL2_VERSION)
127 return (SSLv2_client_method());
128#endif
129 if (ver == SSL3_VERSION) 125 if (ver == SSL3_VERSION)
130 return (SSLv3_client_method()); 126 return (SSLv3_client_method());
131 else if (ver == TLS1_VERSION) 127 else if (ver == TLS1_VERSION)
@@ -320,14 +316,7 @@ ssl23_client_hello(SSL *s)
320 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the 316 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
321 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. 317 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
322 */ 318 */
323 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1 319 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3;
324#if !defined(OPENSSL_NO_SSL3)
325 |SSL_OP_NO_SSLv3
326#endif
327#if !defined(OPENSSL_NO_SSL2)
328 |(ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
329#endif
330 ;
331#if !defined(OPENSSL_NO_TLS1_2_CLIENT) 320#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
332 version = TLS1_2_VERSION; 321 version = TLS1_2_VERSION;
333 322
@@ -340,15 +329,9 @@ ssl23_client_hello(SSL *s)
340 if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask) 329 if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
341 version = TLS1_VERSION; 330 version = TLS1_VERSION;
342 mask &= ~SSL_OP_NO_TLSv1; 331 mask &= ~SSL_OP_NO_TLSv1;
343#if !defined(OPENSSL_NO_SSL3)
344 if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask) 332 if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
345 version = SSL3_VERSION; 333 version = SSL3_VERSION;
346 mask &= ~SSL_OP_NO_SSLv3; 334 mask &= ~SSL_OP_NO_SSLv3;
347#endif
348#if !defined(OPENSSL_NO_SSL2)
349 if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
350 version = SSL2_VERSION;
351#endif
352 335
353#ifndef OPENSSL_NO_TLSEXT 336#ifndef OPENSSL_NO_TLSEXT
354 if (version != SSL2_VERSION) { 337 if (version != SSL2_VERSION) {
@@ -592,69 +575,8 @@ ssl23_get_server_hello(SSL *s)
592 575
593 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && 576 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
594 (p[5] == 0x00) && (p[6] == 0x02)) { 577 (p[5] == 0x00) && (p[6] == 0x02)) {
595#ifdef OPENSSL_NO_SSL2
596 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); 578 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
597 goto err; 579 goto err;
598#else
599 /* we are talking sslv2 */
600 /* we need to clean up the SSLv3 setup and put in the
601 * sslv2 stuff. */
602 int ch_len;
603
604 if (s->options & SSL_OP_NO_SSLv2) {
605 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
606 goto err;
607 }
608 if (s->s2 == NULL) {
609 if (!ssl2_new(s))
610 goto err;
611 } else
612 ssl2_clear(s);
613
614 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
615 ch_len = SSL2_CHALLENGE_LENGTH;
616 else
617 ch_len = SSL2_MAX_CHALLENGE_LENGTH;
618
619 /* write out sslv2 challenge */
620 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because
621 it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
622 SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
623 futurproofing */
624 i = (SSL3_RANDOM_SIZE < ch_len) ? SSL3_RANDOM_SIZE : ch_len;
625 s->s2->challenge_length = i;
626 memcpy(s->s2->challenge,
627 &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
628
629 if (s->s3 != NULL)
630 ssl3_free(s);
631
632 if (!BUF_MEM_grow_clean(s->init_buf,
633 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
634 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
635 goto err;
636 }
637
638 s->state = SSL2_ST_GET_SERVER_HELLO_A;
639 if (!(s->client_version == SSL2_VERSION))
640 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
641 s->s2->ssl2_rollback = 1;
642
643 /* setup the 7 bytes we have read so we get them from
644 * the sslv2 buffer */
645 s->rstate = SSL_ST_READ_HEADER;
646 s->packet_length = n;
647 s->packet = &(s->s2->rbuf[0]);
648 memcpy(s->packet, buf, n);
649 s->s2->rbuf_left = n;
650 s->s2->rbuf_offs = 0;
651
652 /* we have already written one */
653 s->s2->write_sequence = 1;
654
655 s->method = SSLv2_client_method();
656 s->handshake_func = s->method->ssl_connect;
657#endif
658 } else if (p[1] == SSL3_VERSION_MAJOR && 580 } else if (p[1] == SSL3_VERSION_MAJOR &&
659 p[2] <= TLS1_2_VERSION_MINOR && 581 p[2] <= TLS1_2_VERSION_MINOR &&
660 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) || 582 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
index 3a4d5a6ecb..74afe01d94 100644
--- a/src/lib/libssl/s23_lib.c
+++ b/src/lib/libssl/s23_lib.c
@@ -69,11 +69,7 @@ ssl23_default_timeout(void)
69int 69int
70ssl23_num_ciphers(void) 70ssl23_num_ciphers(void)
71{ 71{
72 return(ssl3_num_ciphers() 72 return(ssl3_num_ciphers());
73#ifndef OPENSSL_NO_SSL2
74 + ssl2_num_ciphers()
75#endif
76 );
77} 73}
78 74
79const SSL_CIPHER 75const SSL_CIPHER
@@ -84,11 +80,7 @@ const SSL_CIPHER
84 if (u < uu) 80 if (u < uu)
85 return (ssl3_get_cipher(u)); 81 return (ssl3_get_cipher(u));
86 else 82 else
87#ifndef OPENSSL_NO_SSL2 83 return (NULL);
88 return (ssl2_get_cipher(u - uu));
89#else
90 return (NULL);
91#endif
92} 84}
93 85
94/* This function needs to check if the ciphers required are actually 86/* This function needs to check if the ciphers required are actually
@@ -99,10 +91,6 @@ const SSL_CIPHER
99 const SSL_CIPHER *cp; 91 const SSL_CIPHER *cp;
100 92
101 cp = ssl3_get_cipher_by_char(p); 93 cp = ssl3_get_cipher_by_char(p);
102#ifndef OPENSSL_NO_SSL2
103 if (cp == NULL)
104 cp = ssl2_get_cipher_by_char(p);
105#endif
106 return (cp); 94 return (cp);
107} 95}
108 96
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index ca95d4e636..a6062667a0 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -121,10 +121,6 @@ int ssl23_get_client_hello(SSL *s);
121static const SSL_METHOD 121static const SSL_METHOD
122*ssl23_get_server_method(int ver) 122*ssl23_get_server_method(int ver)
123{ 123{
124#ifndef OPENSSL_NO_SSL2
125 if (ver == SSL2_VERSION)
126 return (SSLv2_server_method());
127#endif
128 if (ver == SSL3_VERSION) 124 if (ver == SSL3_VERSION)
129 return (SSLv3_server_method()); 125 return (SSLv3_server_method());
130 else if (ver == TLS1_VERSION) 126 else if (ver == TLS1_VERSION)
@@ -480,48 +476,8 @@ ssl23_get_client_hello(SSL *s)
480 /* s->state = SSL23_SR_CLNT_HELLO_C */ 476 /* s->state = SSL23_SR_CLNT_HELLO_C */
481 477
482 if (type == 1) { 478 if (type == 1) {
483#ifdef OPENSSL_NO_SSL2
484 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); 479 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
485 goto err; 480 goto err;
486#else
487 /* we are talking sslv2 */
488 /* we need to clean up the SSLv3/TLSv1 setup and put in the
489 * sslv2 stuff. */
490
491 if (s->s2 == NULL) {
492 if (!ssl2_new(s))
493 goto err;
494 } else
495 ssl2_clear(s);
496
497 if (s->s3 != NULL)
498 ssl3_free(s);
499
500 if (!BUF_MEM_grow_clean(s->init_buf,
501 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
502 goto err;
503 }
504
505 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
506 if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
507 s->s2->ssl2_rollback = 0;
508 else
509 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
510 * (SSL 3.0 draft/RFC 2246, App. E.2) */
511 s->s2->ssl2_rollback = 1;
512
513 /* setup the n bytes we have read so we get them from
514 * the sslv2 buffer */
515 s->rstate = SSL_ST_READ_HEADER;
516 s->packet_length = n;
517 s->packet = &(s->s2->rbuf[0]);
518 memcpy(s->packet, buf, n);
519 s->s2->rbuf_left = n;
520 s->s2->rbuf_offs = 0;
521
522 s->method = SSLv2_server_method();
523 s->handshake_func = s->method->ssl_accept;
524#endif
525 } 481 }
526 482
527 if ((type == 2) || (type == 3)) { 483 if ((type == 2) || (type == 3)) {
diff --git a/src/lib/libssl/src/apps/ciphers.c b/src/lib/libssl/src/apps/ciphers.c
index 5f2b739700..1906ca85a2 100644
--- a/src/lib/libssl/src/apps/ciphers.c
+++ b/src/lib/libssl/src/apps/ciphers.c
@@ -96,13 +96,7 @@ int MAIN(int argc, char **argv)
96 char buf[512]; 96 char buf[512];
97 BIO *STDout=NULL; 97 BIO *STDout=NULL;
98 98
99#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
100 meth=SSLv23_server_method();
101#elif !defined(OPENSSL_NO_SSL3)
102 meth=SSLv3_server_method(); 99 meth=SSLv3_server_method();
103#elif !defined(OPENSSL_NO_SSL2)
104 meth=SSLv2_server_method();
105#endif
106 100
107 apps_startup(); 101 apps_startup();
108 102
@@ -126,18 +120,10 @@ int MAIN(int argc, char **argv)
126 verbose=1; 120 verbose=1;
127 else if (strcmp(*argv,"-V") == 0) 121 else if (strcmp(*argv,"-V") == 0)
128 verbose=Verbose=1; 122 verbose=Verbose=1;
129#ifndef OPENSSL_NO_SSL2
130 else if (strcmp(*argv,"-ssl2") == 0)
131 meth=SSLv2_client_method();
132#endif
133#ifndef OPENSSL_NO_SSL3
134 else if (strcmp(*argv,"-ssl3") == 0) 123 else if (strcmp(*argv,"-ssl3") == 0)
135 meth=SSLv3_client_method(); 124 meth=SSLv3_client_method();
136#endif
137#ifndef OPENSSL_NO_TLS1
138 else if (strcmp(*argv,"-tls1") == 0) 125 else if (strcmp(*argv,"-tls1") == 0)
139 meth=TLSv1_client_method(); 126 meth=TLSv1_client_method();
140#endif
141 else if ((strncmp(*argv,"-h",2) == 0) || 127 else if ((strncmp(*argv,"-h",2) == 0) ||
142 (strcmp(*argv,"-?") == 0)) 128 (strcmp(*argv,"-?") == 0))
143 { 129 {
diff --git a/src/lib/libssl/src/apps/ocsp.c b/src/lib/libssl/src/apps/ocsp.c
index 83c5a76700..b0ec7cdb19 100644
--- a/src/lib/libssl/src/apps/ocsp.c
+++ b/src/lib/libssl/src/apps/ocsp.c
@@ -1388,16 +1388,7 @@ OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
1388 if (use_ssl == 1) 1388 if (use_ssl == 1)
1389 { 1389 {
1390 BIO *sbio; 1390 BIO *sbio;
1391#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
1392 ctx = SSL_CTX_new(SSLv23_client_method());
1393#elif !defined(OPENSSL_NO_SSL3)
1394 ctx = SSL_CTX_new(SSLv3_client_method()); 1391 ctx = SSL_CTX_new(SSLv3_client_method());
1395#elif !defined(OPENSSL_NO_SSL2)
1396 ctx = SSL_CTX_new(SSLv2_client_method());
1397#else
1398 BIO_printf(err, "SSL is disabled\n");
1399 goto end;
1400#endif
1401 if (ctx == NULL) 1392 if (ctx == NULL)
1402 { 1393 {
1403 BIO_printf(err, "Error creating SSL context.\n"); 1394 BIO_printf(err, "Error creating SSL context.\n");
diff --git a/src/lib/libssl/src/apps/progs.h b/src/lib/libssl/src/apps/progs.h
index 949e78066b..b8d6b5ad17 100644
--- a/src/lib/libssl/src/apps/progs.h
+++ b/src/lib/libssl/src/apps/progs.h
@@ -107,16 +107,16 @@ FUNCTION functions[] = {
107 {FUNC_TYPE_GENERAL,"gendsa",gendsa_main}, 107 {FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
108#endif 108#endif
109 {FUNC_TYPE_GENERAL,"genpkey",genpkey_main}, 109 {FUNC_TYPE_GENERAL,"genpkey",genpkey_main},
110#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) 110#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL3))
111 {FUNC_TYPE_GENERAL,"s_server",s_server_main}, 111 {FUNC_TYPE_GENERAL,"s_server",s_server_main},
112#endif 112#endif
113#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) 113#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL3))
114 {FUNC_TYPE_GENERAL,"s_client",s_client_main}, 114 {FUNC_TYPE_GENERAL,"s_client",s_client_main},
115#endif 115#endif
116#ifndef OPENSSL_NO_SPEED 116#ifndef OPENSSL_NO_SPEED
117 {FUNC_TYPE_GENERAL,"speed",speed_main}, 117 {FUNC_TYPE_GENERAL,"speed",speed_main},
118#endif 118#endif
119#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) 119#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL3))
120 {FUNC_TYPE_GENERAL,"s_time",s_time_main}, 120 {FUNC_TYPE_GENERAL,"s_time",s_time_main},
121#endif 121#endif
122 {FUNC_TYPE_GENERAL,"version",version_main}, 122 {FUNC_TYPE_GENERAL,"version",version_main},
@@ -126,7 +126,7 @@ FUNCTION functions[] = {
126#endif 126#endif
127 {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main}, 127 {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
128 {FUNC_TYPE_GENERAL,"sess_id",sess_id_main}, 128 {FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
129#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) 129#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL3))
130 {FUNC_TYPE_GENERAL,"ciphers",ciphers_main}, 130 {FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
131#endif 131#endif
132 {FUNC_TYPE_GENERAL,"nseq",nseq_main}, 132 {FUNC_TYPE_GENERAL,"nseq",nseq_main},
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c
index e9840ddf09..7bea7204c1 100644
--- a/src/lib/libssl/src/apps/s_client.c
+++ b/src/lib/libssl/src/apps/s_client.c
@@ -337,9 +337,6 @@ static void sc_usage(void)
337 BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n"); 337 BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n");
338 BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); 338 BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N);
339#endif 339#endif
340#ifndef OPENSSL_NO_SSL2
341 BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
342#endif
343 BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); 340 BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
344 BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n"); 341 BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n");
345 BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); 342 BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n");
@@ -348,9 +345,6 @@ static void sc_usage(void)
348 BIO_printf(bio_err," -mtu - set the link layer MTU\n"); 345 BIO_printf(bio_err," -mtu - set the link layer MTU\n");
349 BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); 346 BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
350 BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); 347 BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
351#ifndef OPENSSL_NO_SSL2
352 BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n");
353#endif
354 BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); 348 BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n");
355 BIO_printf(bio_err," command to see what is available\n"); 349 BIO_printf(bio_err," command to see what is available\n");
356 BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); 350 BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
@@ -811,22 +805,14 @@ int MAIN(int argc, char **argv)
811 meth=TLSv1_client_method(); 805 meth=TLSv1_client_method();
812 } 806 }
813#endif 807#endif
814#ifndef OPENSSL_NO_SSL2
815 else if (strcmp(*argv,"-ssl2") == 0)
816 meth=SSLv2_client_method();
817#endif
818#ifndef OPENSSL_NO_SSL3
819 else if (strcmp(*argv,"-ssl3") == 0) 808 else if (strcmp(*argv,"-ssl3") == 0)
820 meth=SSLv3_client_method(); 809 meth=SSLv3_client_method();
821#endif
822#ifndef OPENSSL_NO_TLS1
823 else if (strcmp(*argv,"-tls1_2") == 0) 810 else if (strcmp(*argv,"-tls1_2") == 0)
824 meth=TLSv1_2_client_method(); 811 meth=TLSv1_2_client_method();
825 else if (strcmp(*argv,"-tls1_1") == 0) 812 else if (strcmp(*argv,"-tls1_1") == 0)
826 meth=TLSv1_1_client_method(); 813 meth=TLSv1_1_client_method();
827 else if (strcmp(*argv,"-tls1") == 0) 814 else if (strcmp(*argv,"-tls1") == 0)
828 meth=TLSv1_client_method(); 815 meth=TLSv1_client_method();
829#endif
830#ifndef OPENSSL_NO_DTLS1 816#ifndef OPENSSL_NO_DTLS1
831 else if (strcmp(*argv,"-dtls1") == 0) 817 else if (strcmp(*argv,"-dtls1") == 0)
832 { 818 {
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c
index de54aa6abd..26e1fe9505 100644
--- a/src/lib/libssl/src/apps/s_server.c
+++ b/src/lib/libssl/src/apps/s_server.c
@@ -1091,22 +1091,14 @@ int MAIN(int argc, char *argv[])
1091 else if (strcmp(*argv,"-no_ticket") == 0) 1091 else if (strcmp(*argv,"-no_ticket") == 0)
1092 { off|=SSL_OP_NO_TICKET; } 1092 { off|=SSL_OP_NO_TICKET; }
1093#endif 1093#endif
1094#ifndef OPENSSL_NO_SSL2
1095 else if (strcmp(*argv,"-ssl2") == 0)
1096 { meth=SSLv2_server_method(); }
1097#endif
1098#ifndef OPENSSL_NO_SSL3
1099 else if (strcmp(*argv,"-ssl3") == 0) 1094 else if (strcmp(*argv,"-ssl3") == 0)
1100 { meth=SSLv3_server_method(); } 1095 { meth=SSLv3_server_method(); }
1101#endif
1102#ifndef OPENSSL_NO_TLS1
1103 else if (strcmp(*argv,"-tls1") == 0) 1096 else if (strcmp(*argv,"-tls1") == 0)
1104 { meth=TLSv1_server_method(); } 1097 { meth=TLSv1_server_method(); }
1105 else if (strcmp(*argv,"-tls1_1") == 0) 1098 else if (strcmp(*argv,"-tls1_1") == 0)
1106 { meth=TLSv1_1_server_method(); } 1099 { meth=TLSv1_1_server_method(); }
1107 else if (strcmp(*argv,"-tls1_2") == 0) 1100 else if (strcmp(*argv,"-tls1_2") == 0)
1108 { meth=TLSv1_2_server_method(); } 1101 { meth=TLSv1_2_server_method(); }
1109#endif
1110#ifndef OPENSSL_NO_DTLS1 1102#ifndef OPENSSL_NO_DTLS1
1111 else if (strcmp(*argv,"-dtls1") == 0) 1103 else if (strcmp(*argv,"-dtls1") == 0)
1112 { 1104 {
diff --git a/src/lib/libssl/src/apps/s_time.c b/src/lib/libssl/src/apps/s_time.c
index cda06bba59..f9fcf7d374 100644
--- a/src/lib/libssl/src/apps/s_time.c
+++ b/src/lib/libssl/src/apps/s_time.c
@@ -279,14 +279,8 @@ static int parseArgs(int argc, char **argv)
279 } 279 }
280 else if(strcmp(*argv,"-bugs") == 0) 280 else if(strcmp(*argv,"-bugs") == 0)
281 st_bugs=1; 281 st_bugs=1;
282#ifndef OPENSSL_NO_SSL2
283 else if(strcmp(*argv,"-ssl2") == 0)
284 s_time_meth=SSLv2_client_method();
285#endif
286#ifndef OPENSSL_NO_SSL3
287 else if(strcmp(*argv,"-ssl3") == 0) 282 else if(strcmp(*argv,"-ssl3") == 0)
288 s_time_meth=SSLv3_client_method(); 283 s_time_meth=SSLv3_client_method();
289#endif
290 else if( strcmp(*argv,"-time") == 0) { 284 else if( strcmp(*argv,"-time") == 0) {
291 285
292 if (--argc < 1) goto bad; 286 if (--argc < 1) goto bad;
@@ -346,13 +340,7 @@ int MAIN(int argc, char **argv)
346 if (bio_err == NULL) 340 if (bio_err == NULL)
347 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 341 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
348 342
349#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
350 s_time_meth=SSLv23_client_method();
351#elif !defined(OPENSSL_NO_SSL3)
352 s_time_meth=SSLv3_client_method(); 343 s_time_meth=SSLv3_client_method();
353#elif !defined(OPENSSL_NO_SSL2)
354 s_time_meth=SSLv2_client_method();
355#endif
356 344
357 /* parse the command line arguments */ 345 /* parse the command line arguments */
358 if( parseArgs( argc, argv ) < 0 ) 346 if( parseArgs( argc, argv ) < 0 )
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index 3d2e7510cf..7c9de0dd0e 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -122,10 +122,6 @@ static int ssl23_get_server_hello(SSL *s);
122static const SSL_METHOD 122static const SSL_METHOD
123*ssl23_get_client_method(int ver) 123*ssl23_get_client_method(int ver)
124{ 124{
125#ifndef OPENSSL_NO_SSL2
126 if (ver == SSL2_VERSION)
127 return (SSLv2_client_method());
128#endif
129 if (ver == SSL3_VERSION) 125 if (ver == SSL3_VERSION)
130 return (SSLv3_client_method()); 126 return (SSLv3_client_method());
131 else if (ver == TLS1_VERSION) 127 else if (ver == TLS1_VERSION)
@@ -320,14 +316,7 @@ ssl23_client_hello(SSL *s)
320 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the 316 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
321 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. 317 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
322 */ 318 */
323 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1 319 mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3;
324#if !defined(OPENSSL_NO_SSL3)
325 |SSL_OP_NO_SSLv3
326#endif
327#if !defined(OPENSSL_NO_SSL2)
328 |(ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
329#endif
330 ;
331#if !defined(OPENSSL_NO_TLS1_2_CLIENT) 320#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
332 version = TLS1_2_VERSION; 321 version = TLS1_2_VERSION;
333 322
@@ -340,15 +329,9 @@ ssl23_client_hello(SSL *s)
340 if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask) 329 if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
341 version = TLS1_VERSION; 330 version = TLS1_VERSION;
342 mask &= ~SSL_OP_NO_TLSv1; 331 mask &= ~SSL_OP_NO_TLSv1;
343#if !defined(OPENSSL_NO_SSL3)
344 if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask) 332 if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
345 version = SSL3_VERSION; 333 version = SSL3_VERSION;
346 mask &= ~SSL_OP_NO_SSLv3; 334 mask &= ~SSL_OP_NO_SSLv3;
347#endif
348#if !defined(OPENSSL_NO_SSL2)
349 if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
350 version = SSL2_VERSION;
351#endif
352 335
353#ifndef OPENSSL_NO_TLSEXT 336#ifndef OPENSSL_NO_TLSEXT
354 if (version != SSL2_VERSION) { 337 if (version != SSL2_VERSION) {
@@ -592,69 +575,8 @@ ssl23_get_server_hello(SSL *s)
592 575
593 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && 576 if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
594 (p[5] == 0x00) && (p[6] == 0x02)) { 577 (p[5] == 0x00) && (p[6] == 0x02)) {
595#ifdef OPENSSL_NO_SSL2
596 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); 578 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
597 goto err; 579 goto err;
598#else
599 /* we are talking sslv2 */
600 /* we need to clean up the SSLv3 setup and put in the
601 * sslv2 stuff. */
602 int ch_len;
603
604 if (s->options & SSL_OP_NO_SSLv2) {
605 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
606 goto err;
607 }
608 if (s->s2 == NULL) {
609 if (!ssl2_new(s))
610 goto err;
611 } else
612 ssl2_clear(s);
613
614 if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
615 ch_len = SSL2_CHALLENGE_LENGTH;
616 else
617 ch_len = SSL2_MAX_CHALLENGE_LENGTH;
618
619 /* write out sslv2 challenge */
620 /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because
621 it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
622 SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
623 futurproofing */
624 i = (SSL3_RANDOM_SIZE < ch_len) ? SSL3_RANDOM_SIZE : ch_len;
625 s->s2->challenge_length = i;
626 memcpy(s->s2->challenge,
627 &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
628
629 if (s->s3 != NULL)
630 ssl3_free(s);
631
632 if (!BUF_MEM_grow_clean(s->init_buf,
633 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
634 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
635 goto err;
636 }
637
638 s->state = SSL2_ST_GET_SERVER_HELLO_A;
639 if (!(s->client_version == SSL2_VERSION))
640 /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
641 s->s2->ssl2_rollback = 1;
642
643 /* setup the 7 bytes we have read so we get them from
644 * the sslv2 buffer */
645 s->rstate = SSL_ST_READ_HEADER;
646 s->packet_length = n;
647 s->packet = &(s->s2->rbuf[0]);
648 memcpy(s->packet, buf, n);
649 s->s2->rbuf_left = n;
650 s->s2->rbuf_offs = 0;
651
652 /* we have already written one */
653 s->s2->write_sequence = 1;
654
655 s->method = SSLv2_client_method();
656 s->handshake_func = s->method->ssl_connect;
657#endif
658 } else if (p[1] == SSL3_VERSION_MAJOR && 580 } else if (p[1] == SSL3_VERSION_MAJOR &&
659 p[2] <= TLS1_2_VERSION_MINOR && 581 p[2] <= TLS1_2_VERSION_MINOR &&
660 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) || 582 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
diff --git a/src/lib/libssl/src/ssl/s23_lib.c b/src/lib/libssl/src/ssl/s23_lib.c
index 3a4d5a6ecb..74afe01d94 100644
--- a/src/lib/libssl/src/ssl/s23_lib.c
+++ b/src/lib/libssl/src/ssl/s23_lib.c
@@ -69,11 +69,7 @@ ssl23_default_timeout(void)
69int 69int
70ssl23_num_ciphers(void) 70ssl23_num_ciphers(void)
71{ 71{
72 return(ssl3_num_ciphers() 72 return(ssl3_num_ciphers());
73#ifndef OPENSSL_NO_SSL2
74 + ssl2_num_ciphers()
75#endif
76 );
77} 73}
78 74
79const SSL_CIPHER 75const SSL_CIPHER
@@ -84,11 +80,7 @@ const SSL_CIPHER
84 if (u < uu) 80 if (u < uu)
85 return (ssl3_get_cipher(u)); 81 return (ssl3_get_cipher(u));
86 else 82 else
87#ifndef OPENSSL_NO_SSL2 83 return (NULL);
88 return (ssl2_get_cipher(u - uu));
89#else
90 return (NULL);
91#endif
92} 84}
93 85
94/* This function needs to check if the ciphers required are actually 86/* This function needs to check if the ciphers required are actually
@@ -99,10 +91,6 @@ const SSL_CIPHER
99 const SSL_CIPHER *cp; 91 const SSL_CIPHER *cp;
100 92
101 cp = ssl3_get_cipher_by_char(p); 93 cp = ssl3_get_cipher_by_char(p);
102#ifndef OPENSSL_NO_SSL2
103 if (cp == NULL)
104 cp = ssl2_get_cipher_by_char(p);
105#endif
106 return (cp); 94 return (cp);
107} 95}
108 96
diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c
index ca1bb6819f..f7d9910b8a 100644
--- a/src/lib/libssl/src/ssl/s23_meth.c
+++ b/src/lib/libssl/src/ssl/s23_meth.c
@@ -64,26 +64,16 @@ static const SSL_METHOD *ssl23_get_method(int ver);
64static const SSL_METHOD 64static const SSL_METHOD
65*ssl23_get_method(int ver) 65*ssl23_get_method(int ver)
66{ 66{
67#ifndef OPENSSL_NO_SSL2
68 if (ver == SSL2_VERSION)
69 return (SSLv2_method());
70 else
71#endif
72#ifndef OPENSSL_NO_SSL3
73 if (ver == SSL3_VERSION) 67 if (ver == SSL3_VERSION)
74 return (SSLv3_method()); 68 return (SSLv3_method());
75 else 69 else if (ver == TLS1_VERSION)
76#endif
77#ifndef OPENSSL_NO_TLS1
78 if (ver == TLS1_VERSION)
79 return (TLSv1_method()); 70 return (TLSv1_method());
80 else if (ver == TLS1_1_VERSION) 71 else if (ver == TLS1_1_VERSION)
81 return (TLSv1_1_method()); 72 return (TLSv1_1_method());
82 else if (ver == TLS1_2_VERSION) 73 else if (ver == TLS1_2_VERSION)
83 return (TLSv1_2_method()); 74 return (TLSv1_2_method());
84 else 75 else
85#endif 76 return (NULL);
86 return (NULL);
87} 77}
88 78
89IMPLEMENT_ssl23_meth_func(SSLv23_method, 79IMPLEMENT_ssl23_meth_func(SSLv23_method,
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index ca95d4e636..a6062667a0 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -121,10 +121,6 @@ int ssl23_get_client_hello(SSL *s);
121static const SSL_METHOD 121static const SSL_METHOD
122*ssl23_get_server_method(int ver) 122*ssl23_get_server_method(int ver)
123{ 123{
124#ifndef OPENSSL_NO_SSL2
125 if (ver == SSL2_VERSION)
126 return (SSLv2_server_method());
127#endif
128 if (ver == SSL3_VERSION) 124 if (ver == SSL3_VERSION)
129 return (SSLv3_server_method()); 125 return (SSLv3_server_method());
130 else if (ver == TLS1_VERSION) 126 else if (ver == TLS1_VERSION)
@@ -480,48 +476,8 @@ ssl23_get_client_hello(SSL *s)
480 /* s->state = SSL23_SR_CLNT_HELLO_C */ 476 /* s->state = SSL23_SR_CLNT_HELLO_C */
481 477
482 if (type == 1) { 478 if (type == 1) {
483#ifdef OPENSSL_NO_SSL2
484 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); 479 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
485 goto err; 480 goto err;
486#else
487 /* we are talking sslv2 */
488 /* we need to clean up the SSLv3/TLSv1 setup and put in the
489 * sslv2 stuff. */
490
491 if (s->s2 == NULL) {
492 if (!ssl2_new(s))
493 goto err;
494 } else
495 ssl2_clear(s);
496
497 if (s->s3 != NULL)
498 ssl3_free(s);
499
500 if (!BUF_MEM_grow_clean(s->init_buf,
501 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
502 goto err;
503 }
504
505 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
506 if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
507 s->s2->ssl2_rollback = 0;
508 else
509 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
510 * (SSL 3.0 draft/RFC 2246, App. E.2) */
511 s->s2->ssl2_rollback = 1;
512
513 /* setup the n bytes we have read so we get them from
514 * the sslv2 buffer */
515 s->rstate = SSL_ST_READ_HEADER;
516 s->packet_length = n;
517 s->packet = &(s->s2->rbuf[0]);
518 memcpy(s->packet, buf, n);
519 s->s2->rbuf_left = n;
520 s->s2->rbuf_offs = 0;
521
522 s->method = SSLv2_server_method();
523 s->handshake_func = s->method->ssl_accept;
524#endif
525 } 481 }
526 482
527 if ((type == 2) || (type == 3)) { 483 if ((type == 2) || (type == 3)) {
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c
deleted file mode 100644
index 6c48c25064..0000000000
--- a/src/lib/libssl/src/ssl/s2_clnt.c
+++ /dev/null
@@ -1,1076 +0,0 @@
1/* ssl/s2_clnt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "ssl_locl.h"
113#ifndef OPENSSL_NO_SSL2
114#include <stdio.h>
115#include <openssl/rand.h>
116#include <openssl/buffer.h>
117#include <openssl/objects.h>
118#include <openssl/evp.h>
119
120static const SSL_METHOD *ssl2_get_client_method(int ver);
121static int get_server_finished(SSL *s);
122static int get_server_verify(SSL *s);
123static int get_server_hello(SSL *s);
124static int client_hello(SSL *s);
125
126static int client_master_key(SSL *s);
127static int client_finished(SSL *s);
128static int client_certificate(SSL *s);
129static int
130ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
131unsigned char *to, int padding);
132#define BREAK break
133
134static const SSL_METHOD
135*ssl2_get_client_method(int ver)
136{
137 if (ver == SSL2_VERSION)
138 return (SSLv2_client_method());
139 else
140 return (NULL);
141}
142
143IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
144 ssl_undefined_function, ssl2_connect, ssl2_get_client_method)
145
146int
147ssl2_connect(SSL *s)
148{
149 BUF_MEM *buf = NULL;
150 int ret = -1;
151 void (*cb)(const SSL *ssl, int type, int val) = NULL;
152 int new_state, state;
153
154 ERR_clear_error();
155 errno = 0;
156
157 if (s->info_callback != NULL)
158 cb = s->info_callback;
159 else if (s->ctx->info_callback != NULL)
160 cb = s->ctx->info_callback;
161
162 /* init things to blank */
163 s->in_handshake++;
164 if (!SSL_in_init(s) || SSL_in_before(s))
165 SSL_clear(s);
166
167 for (;;) {
168 state = s->state;
169
170 switch (s->state) {
171 case SSL_ST_BEFORE:
172 case SSL_ST_CONNECT:
173 case SSL_ST_BEFORE|SSL_ST_CONNECT:
174 case SSL_ST_OK|SSL_ST_CONNECT:
175
176 s->server = 0;
177 if (cb != NULL)
178 cb(s, SSL_CB_HANDSHAKE_START, 1);
179
180 s->version = SSL2_VERSION;
181 s->type = SSL_ST_CONNECT;
182
183 buf = s->init_buf;
184 if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
185 ret = -1;
186 goto end;
187 }
188 if (!BUF_MEM_grow(buf,
189 SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
190 if (buf == s->init_buf)
191 buf = NULL;
192 ret = -1;
193 goto end;
194 }
195 s->init_buf = buf;
196 buf = NULL;
197 s->init_num = 0;
198 s->state = SSL2_ST_SEND_CLIENT_HELLO_A;
199 s->ctx->stats.sess_connect++;
200 s->handshake_func = ssl2_connect;
201 BREAK;
202
203 case SSL2_ST_SEND_CLIENT_HELLO_A:
204 case SSL2_ST_SEND_CLIENT_HELLO_B:
205 s->shutdown = 0;
206 ret = client_hello(s);
207 if (ret <= 0)
208 goto end;
209 s->init_num = 0;
210 s->state = SSL2_ST_GET_SERVER_HELLO_A;
211 BREAK;
212
213 case SSL2_ST_GET_SERVER_HELLO_A:
214 case SSL2_ST_GET_SERVER_HELLO_B:
215 ret = get_server_hello(s);
216 if (ret <= 0)
217 goto end;
218 s->init_num = 0;
219 if (!s->hit) /* new session */
220 {
221 s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
222 BREAK;
223
224 } else {
225 s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
226 break;
227 }
228
229 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
230 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
231 ret = client_master_key(s);
232 if (ret <= 0)
233 goto end;
234 s->init_num = 0;
235 s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
236 break;
237
238 case SSL2_ST_CLIENT_START_ENCRYPTION:
239 /* Ok, we now have all the stuff needed to
240 * start encrypting, so lets fire it up :-) */
241 if (!ssl2_enc_init(s, 1)) {
242 ret = -1;
243 goto end;
244 }
245 s->s2->clear_text = 0;
246 s->state = SSL2_ST_SEND_CLIENT_FINISHED_A;
247 break;
248
249 case SSL2_ST_SEND_CLIENT_FINISHED_A:
250 case SSL2_ST_SEND_CLIENT_FINISHED_B:
251 ret = client_finished(s);
252 if (ret <= 0)
253 goto end;
254 s->init_num = 0;
255 s->state = SSL2_ST_GET_SERVER_VERIFY_A;
256 break;
257
258 case SSL2_ST_GET_SERVER_VERIFY_A:
259 case SSL2_ST_GET_SERVER_VERIFY_B:
260 ret = get_server_verify(s);
261 if (ret <= 0)
262 goto end;
263 s->init_num = 0;
264 s->state = SSL2_ST_GET_SERVER_FINISHED_A;
265 break;
266
267 case SSL2_ST_GET_SERVER_FINISHED_A:
268 case SSL2_ST_GET_SERVER_FINISHED_B:
269 ret = get_server_finished(s);
270 if (ret <= 0)
271 goto end;
272 break;
273
274 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
275 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
276 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
277 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
278 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
279 ret = client_certificate(s);
280 if (ret <= 0)
281 goto end;
282 s->init_num = 0;
283 s->state = SSL2_ST_GET_SERVER_FINISHED_A;
284 break;
285
286 case SSL_ST_OK:
287 if (s->init_buf != NULL) {
288 BUF_MEM_free(s->init_buf);
289 s->init_buf = NULL;
290 }
291 s->init_num = 0;
292 /* ERR_clear_error();*/
293
294 /* If we want to cache session-ids in the client
295 * and we successfully add the session-id to the
296 * cache, and there is a callback, then pass it out.
297 * 26/11/96 - eay - only add if not a re-used session.
298 */
299
300 ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
301 if (s->hit)
302 s->ctx->stats.sess_hit++;
303
304 ret = 1;
305 /* s->server=0; */
306 s->ctx->stats.sess_connect_good++;
307
308 if (cb != NULL)
309 cb(s, SSL_CB_HANDSHAKE_DONE, 1);
310
311 goto end;
312 /* break; */
313 default:
314 SSLerr(SSL_F_SSL2_CONNECT, SSL_R_UNKNOWN_STATE);
315 return (-1);
316 /* break; */
317 }
318
319 if ((cb != NULL) && (s->state != state)) {
320 new_state = s->state;
321 s->state = state;
322 cb(s, SSL_CB_CONNECT_LOOP, 1);
323 s->state = new_state;
324 }
325 }
326end:
327 s->in_handshake--;
328 if (buf != NULL)
329 BUF_MEM_free(buf);
330 if (cb != NULL)
331 cb(s, SSL_CB_CONNECT_EXIT, ret);
332 return (ret);
333}
334
335static int
336get_server_hello(SSL *s)
337{
338 unsigned char *buf;
339 unsigned char *p;
340 int i, j;
341 unsigned long len;
342 STACK_OF(SSL_CIPHER) *sk = NULL, *cl, *prio, *allow;
343
344 buf = (unsigned char *)s->init_buf->data;
345 p = buf;
346 if (s->state == SSL2_ST_GET_SERVER_HELLO_A) {
347 i = ssl2_read(s,(char *)&(buf[s->init_num]), 11 - s->init_num);
348 if (i < (11 - s->init_num))
349 return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
350 s->init_num = 11;
351
352 if (*(p++) != SSL2_MT_SERVER_HELLO) {
353 if (p[-1] != SSL2_MT_ERROR) {
354 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
355 SSLerr(SSL_F_GET_SERVER_HELLO,
356 SSL_R_READ_WRONG_PACKET_TYPE);
357 } else
358 SSLerr(SSL_F_GET_SERVER_HELLO,
359 SSL_R_PEER_ERROR);
360 return (-1);
361 }
362#if 0
363 s->hit = (*(p++)) ? 1 : 0;
364 /* Some [PPC?] compilers fail to increment p in above
365 statement, e.g. one provided with Rhapsody 5.5, but
366 most recent example XL C 11.1 for AIX, even without
367 optimization flag... */
368#else
369 s->hit = (*p) ? 1 : 0;
370 p++;
371#endif
372 s->s2->tmp.cert_type= *(p++);
373 n2s(p, i);
374 if (i < s->version)
375 s->version = i;
376 n2s(p, i);
377 s->s2->tmp.cert_length = i;
378 n2s(p, i);
379 s->s2->tmp.csl = i;
380 n2s(p, i);
381 s->s2->tmp.conn_id_length = i;
382 s->state = SSL2_ST_GET_SERVER_HELLO_B;
383 }
384
385 /* SSL2_ST_GET_SERVER_HELLO_B */
386 len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length;
387 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
388 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_MESSAGE_TOO_LONG);
389 return -1;
390 }
391 j = (int)len - s->init_num;
392 i = ssl2_read(s,(char *)&(buf[s->init_num]), j);
393 if (i != j)
394 return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
395 if (s->msg_callback)
396 s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */
397
398 /* things are looking good */
399
400 p = buf + 11;
401 if (s->hit) {
402 if (s->s2->tmp.cert_length != 0) {
403 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
404 return (-1);
405 }
406 if (s->s2->tmp.cert_type != 0) {
407 if (!(s->options &
408 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) {
409 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
410 return (-1);
411 }
412 }
413 if (s->s2->tmp.csl != 0) {
414 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
415 return (-1);
416 }
417 } else {
418#ifdef undef
419 /* very bad */
420 memset(s->session->session_id, 0,
421 SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
422 s->session->session_id_length = 0;
423 */
424#endif
425
426 /* we need to do this in case we were trying to reuse a
427 * client session but others are already reusing it.
428 * If this was a new 'blank' session ID, the session-id
429 * length will still be 0 */
430 if (s->session->session_id_length > 0) {
431 if (!ssl_get_new_session(s, 0)) {
432 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
433 return (-1);
434 }
435 }
436
437 if (ssl2_set_certificate(s, s->s2->tmp.cert_type,
438 s->s2->tmp.cert_length, p) <= 0) {
439 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
440 return (-1);
441 }
442 p += s->s2->tmp.cert_length;
443
444 if (s->s2->tmp.csl == 0) {
445 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
446 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_LIST);
447 return (-1);
448 }
449
450 /* We have just received a list of ciphers back from the
451 * server. We need to get the ones that match, then select
452 * the one we want the most :-). */
453
454 /* load the ciphers */
455 sk = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.csl,
456 &s->session->ciphers);
457 p += s->s2->tmp.csl;
458 if (sk == NULL) {
459 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
460 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
461 return (-1);
462 }
463
464 (void)sk_SSL_CIPHER_set_cmp_func(sk, ssl_cipher_ptr_id_cmp);
465
466 /* get the array of ciphers we will accept */
467 cl = SSL_get_ciphers(s);
468 (void)sk_SSL_CIPHER_set_cmp_func(cl, ssl_cipher_ptr_id_cmp);
469
470 /*
471 * If server preference flag set, choose the first
472 * (highest priority) cipher the server sends, otherwise
473 * client preference has priority.
474 */
475 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
476 prio = sk;
477 allow = cl;
478 } else {
479 prio = cl;
480 allow = sk;
481 }
482 /* In theory we could have ciphers sent back that we
483 * don't want to use but that does not matter since we
484 * will check against the list we originally sent and
485 * for performance reasons we should not bother to match
486 * the two lists up just to check. */
487 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
488 if (sk_SSL_CIPHER_find(allow,
489 sk_SSL_CIPHER_value(prio, i)) >= 0)
490 break;
491 }
492
493 if (i >= sk_SSL_CIPHER_num(prio)) {
494 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
495 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_MATCH);
496 return (-1);
497 }
498 s->session->cipher = sk_SSL_CIPHER_value(prio, i);
499
500
501 if (s->session->peer != NULL) /* can't happen*/
502 {
503 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
504 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
505 return (-1);
506 }
507
508 s->session->peer = s->session->sess_cert->peer_key->x509;
509 /* peer_key->x509 has been set by ssl2_set_certificate. */
510 CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
511 }
512
513 if (s->session->sess_cert == NULL
514 || s->session->peer != s->session->sess_cert->peer_key->x509)
515 /* can't happen */
516 {
517 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
518 SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
519 return (-1);
520 }
521
522 s->s2->conn_id_length = s->s2->tmp.conn_id_length;
523 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
524 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
525 SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
526 return -1;
527 }
528 memcpy(s->s2->conn_id, p, s->s2->tmp.conn_id_length);
529 return (1);
530}
531
532static int
533client_hello(SSL *s)
534{
535 unsigned char *buf;
536 unsigned char *p, *d;
537/* CIPHER **cipher;*/
538 int i, n, j;
539
540 buf = (unsigned char *)s->init_buf->data;
541 if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) {
542 if ((s->session == NULL) ||
543 (s->session->ssl_version != s->version)) {
544 if (!ssl_get_new_session(s, 0)) {
545 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
546 return (-1);
547 }
548 }
549 /* else use the pre-loaded session */
550
551 p = buf;
552 /* header */
553 d = p + 9;
554 /* data section */
555 *(p++) = SSL2_MT_CLIENT_HELLO;
556 /* type */
557 s2n(SSL2_VERSION, p);
558 /* version */
559 n = j=0;
560
561 n = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), d, 0);
562 d += n;
563
564 if (n == 0) {
565 SSLerr(SSL_F_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
566 return (-1);
567 }
568
569 s2n(n, p);
570 /* cipher spec num bytes */
571
572 if ((s->session->session_id_length > 0) &&
573 (s->session->session_id_length <=
574 SSL2_MAX_SSL_SESSION_ID_LENGTH)) {
575 i = s->session->session_id_length;
576 s2n(i, p);
577 /* session id length */
578 memcpy(d, s->session->session_id,(unsigned int)i);
579 d += i;
580 } else {
581 s2n(0, p);
582 }
583
584 s->s2->challenge_length = SSL2_CHALLENGE_LENGTH;
585 s2n(SSL2_CHALLENGE_LENGTH, p);
586 /* challenge length */
587 /*challenge id data*/
588 if (RAND_pseudo_bytes(s->s2->challenge, SSL2_CHALLENGE_LENGTH) <= 0)
589 return -1;
590 memcpy(d, s->s2->challenge, SSL2_CHALLENGE_LENGTH);
591 d += SSL2_CHALLENGE_LENGTH;
592
593 s->state = SSL2_ST_SEND_CLIENT_HELLO_B;
594 s->init_num = d - buf;
595 s->init_off = 0;
596 }
597 /* SSL2_ST_SEND_CLIENT_HELLO_B */
598 return (ssl2_do_write(s));
599}
600
601static int
602client_master_key(SSL *s)
603{
604 unsigned char *buf;
605 unsigned char *p, *d;
606 int clear, enc, karg, i;
607 SSL_SESSION *sess;
608 const EVP_CIPHER *c;
609 const EVP_MD *md;
610
611 buf = (unsigned char *)s->init_buf->data;
612 if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) {
613
614 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
615 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
616 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
617 return (-1);
618 }
619 sess = s->session;
620 p = buf;
621 d = p + 10;
622 *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
623
624 i = ssl_put_cipher_by_char(s, sess->cipher, p);
625 p += i;
626
627 /* make key_arg data */
628 i = EVP_CIPHER_iv_length(c);
629 sess->key_arg_length = i;
630 if (i > SSL_MAX_KEY_ARG_LENGTH) {
631 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
632 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
633 return -1;
634 }
635 if (i > 0)
636 if (RAND_pseudo_bytes(sess->key_arg, i) <= 0)
637 return -1;
638
639 /* make a master key */
640 i = EVP_CIPHER_key_length(c);
641 sess->master_key_length = i;
642 if (i > 0) {
643 if (i > (int)sizeof(sess->master_key)) {
644 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
645 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
646 return -1;
647 }
648 if (RAND_bytes(sess->master_key, i) <= 0) {
649 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
650 return (-1);
651 }
652 }
653
654 if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
655 enc = 8;
656 else if (SSL_C_IS_EXPORT(sess->cipher))
657 enc = 5;
658 else
659 enc = i;
660
661 if ((int)i < enc) {
662 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
663 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_CIPHER_TABLE_SRC_ERROR);
664 return (-1);
665 }
666 clear = i - enc;
667 s2n(clear, p);
668 memcpy(d, sess->master_key,(unsigned int)clear);
669 d += clear;
670
671 enc = ssl_rsa_public_encrypt(sess->sess_cert, enc,
672 &(sess->master_key[clear]), d,
673 (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
674 RSA_PKCS1_PADDING);
675 if (enc <= 0) {
676 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
677 SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
678 return (-1);
679 }
680#ifdef PKCS1_CHECK
681 if (s->options & SSL_OP_PKCS1_CHECK_1)
682 d[1]++;
683 if (s->options & SSL_OP_PKCS1_CHECK_2)
684 sess->master_key[clear]++;
685#endif
686 s2n(enc, p);
687 d += enc;
688 karg = sess->key_arg_length;
689
690 s2n(karg,p); /* key arg size */
691 if (karg > (int)sizeof(sess->key_arg)) {
692 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
693 SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
694 return -1;
695 }
696 memcpy(d, sess->key_arg,(unsigned int)karg);
697 d += karg;
698
699 s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
700 s->init_num = d - buf;
701 s->init_off = 0;
702 }
703
704 /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
705 return (ssl2_do_write(s));
706}
707
708static int
709client_finished(SSL *s)
710{
711 unsigned char *p;
712
713 if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
714 p = (unsigned char *)s->init_buf->data;
715 *(p++) = SSL2_MT_CLIENT_FINISHED;
716 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
717 SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
718 return -1;
719 }
720 memcpy(p, s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
721
722 s->state = SSL2_ST_SEND_CLIENT_FINISHED_B;
723 s->init_num = s->s2->conn_id_length + 1;
724 s->init_off = 0;
725 }
726 return (ssl2_do_write(s));
727}
728
729/* read the data and then respond */
730static int
731client_certificate(SSL *s)
732{
733 unsigned char *buf;
734 unsigned char *p, *d;
735 int i;
736 unsigned int n;
737 int cert_ch_len;
738 unsigned char *cert_ch;
739
740 buf = (unsigned char *)s->init_buf->data;
741
742 /* We have a cert associated with the SSL, so attach it to
743 * the session if it does not have one */
744
745 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) {
746 i = ssl2_read(s,(char *)&(buf[s->init_num]),
747 SSL2_MAX_CERT_CHALLENGE_LENGTH + 2 - s->init_num);
748 if (i < (SSL2_MIN_CERT_CHALLENGE_LENGTH + 2 - s->init_num))
749 return (ssl2_part_read(s, SSL_F_CLIENT_CERTIFICATE, i));
750 s->init_num += i;
751 if (s->msg_callback)
752 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */
753
754 /* type=buf[0]; */
755 /* type eq x509 */
756 if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
757 ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
758 SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_AUTHENTICATION_TYPE);
759 return (-1);
760 }
761
762 if ((s->cert == NULL) || (s->cert->key->x509 == NULL) ||
763 (s->cert->key->privatekey == NULL)) {
764 s->state = SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
765 } else
766 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
767 }
768
769 cert_ch = buf + 2;
770 cert_ch_len = s->init_num - 2;
771
772 if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) {
773 X509 *x509 = NULL;
774 EVP_PKEY *pkey = NULL;
775
776 /* If we get an error we need to
777 * ssl->rwstate=SSL_X509_LOOKUP;
778 * return(error);
779 * We should then be retried when things are ok and we
780 * can get a cert or not */
781
782 i = 0;
783 if (s->ctx->client_cert_cb != NULL) {
784 i = s->ctx->client_cert_cb(s, &(x509), &(pkey));
785 }
786
787 if (i < 0) {
788 s->rwstate = SSL_X509_LOOKUP;
789 return (-1);
790 }
791 s->rwstate = SSL_NOTHING;
792
793 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
794 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
795 if (!SSL_use_certificate(s, x509) ||
796 !SSL_use_PrivateKey(s, pkey)) {
797 i = 0;
798 }
799 X509_free(x509);
800 EVP_PKEY_free(pkey);
801 } else if (i == 1) {
802 if (x509 != NULL)
803 X509_free(x509);
804 if (pkey != NULL)
805 EVP_PKEY_free(pkey);
806 SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
807 i = 0;
808 }
809
810 if (i == 0) {
811 /* We have no client certificate to respond with
812 * so send the correct error message back */
813 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
814 p = buf;
815 *(p++) = SSL2_MT_ERROR;
816 s2n(SSL2_PE_NO_CERTIFICATE, p);
817 s->init_off = 0;
818 s->init_num = 3;
819 /* Write is done at the end */
820 }
821 }
822
823 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) {
824 return (ssl2_do_write(s));
825 }
826
827 if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) {
828 EVP_MD_CTX ctx;
829
830 /* ok, now we calculate the checksum
831 * do it first so we can reuse buf :-) */
832 p = buf;
833 EVP_MD_CTX_init(&ctx);
834 EVP_SignInit_ex(&ctx, s->ctx->rsa_md5, NULL);
835 EVP_SignUpdate(&ctx, s->s2->key_material,
836 s->s2->key_material_length);
837 EVP_SignUpdate(&ctx, cert_ch,(unsigned int)cert_ch_len);
838 i = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
839 /* Don't update the signature if it fails - FIXME: probably should handle this better */
840 if (i > 0)
841 EVP_SignUpdate(&ctx, buf,(unsigned int)i);
842
843 p = buf;
844 d = p + 6;
845 *(p++) = SSL2_MT_CLIENT_CERTIFICATE;
846 *(p++) = SSL2_CT_X509_CERTIFICATE;
847 n = i2d_X509(s->cert->key->x509, &d);
848 s2n(n, p);
849
850 if (!EVP_SignFinal(&ctx, d, &n, s->cert->key->privatekey)) {
851 /* this is not good. If things have failed it
852 * means there so something wrong with the key.
853 * We will continue with a 0 length signature
854 */
855 }
856 EVP_MD_CTX_cleanup(&ctx);
857 s2n(n, p);
858 d += n;
859
860 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
861 s->init_num = d - buf;
862 s->init_off = 0;
863 }
864 /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
865 return (ssl2_do_write(s));
866}
867
868static int
869get_server_verify(SSL *s)
870{
871 unsigned char *p;
872 int i, n, len;
873
874 p = (unsigned char *)s->init_buf->data;
875 if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) {
876 i = ssl2_read(s,(char *)&(p[s->init_num]), 1 - s->init_num);
877 if (i < (1 - s->init_num))
878 return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
879 s->init_num += i;
880
881 s->state = SSL2_ST_GET_SERVER_VERIFY_B;
882 if (*p != SSL2_MT_SERVER_VERIFY) {
883 if (p[0] != SSL2_MT_ERROR) {
884 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
885 SSLerr(SSL_F_GET_SERVER_VERIFY,
886 SSL_R_READ_WRONG_PACKET_TYPE);
887 } else {
888 SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_PEER_ERROR);
889 /* try to read the error message */
890 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
891 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
892 }
893 return (-1);
894 }
895 }
896
897 p = (unsigned char *)s->init_buf->data;
898 len = 1 + s->s2->challenge_length;
899 n = len - s->init_num;
900 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
901 if (i < n)
902 return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
903 if (s->msg_callback)
904 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
905 p += 1;
906
907 if (CRYPTO_memcmp(p, s->s2->challenge, s->s2->challenge_length) != 0) {
908 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
909 SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_CHALLENGE_IS_DIFFERENT);
910 return (-1);
911 }
912 return (1);
913}
914
915static int
916get_server_finished(SSL *s)
917{
918 unsigned char *buf;
919 unsigned char *p;
920 int i, n, len;
921
922 buf = (unsigned char *)s->init_buf->data;
923 p = buf;
924 if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) {
925 i = ssl2_read(s,(char *)&(buf[s->init_num]), 1 - s->init_num);
926 if (i < (1 - s->init_num))
927 return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
928 s->init_num += i;
929
930 if (*p == SSL2_MT_REQUEST_CERTIFICATE) {
931 s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
932 return (1);
933 } else if (*p != SSL2_MT_SERVER_FINISHED) {
934 if (p[0] != SSL2_MT_ERROR) {
935 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
936 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_READ_WRONG_PACKET_TYPE);
937 } else {
938 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_PEER_ERROR);
939 /* try to read the error message */
940 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
941 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
942 }
943 return (-1);
944 }
945 s->state = SSL2_ST_GET_SERVER_FINISHED_B;
946 }
947
948 len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
949 n = len - s->init_num;
950 i = ssl2_read(s,(char *)&(buf[s->init_num]), n);
951 if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */
952 return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
953 s->init_num += i;
954 if (s->msg_callback)
955 s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */
956
957 if (!s->hit) /* new session */
958 {
959 /* new session-id */
960 /* Make sure we were not trying to re-use an old SSL_SESSION
961 * or bad things can happen */
962 /* ZZZZZZZZZZZZZ */
963 s->session->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
964 memcpy(s->session->session_id, p + 1, SSL2_SSL_SESSION_ID_LENGTH);
965 } else {
966 if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
967 if ((s->session->session_id_length > sizeof s->session->session_id)
968 || (0 != memcmp(buf + 1, s->session->session_id,
969 (unsigned int)s->session->session_id_length))) {
970 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
971 SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
972 return (-1);
973 }
974 }
975 }
976 s->state = SSL_ST_OK;
977 return (1);
978}
979
980/* loads in the certificate from the server */
981int
982ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
983{
984 STACK_OF(X509) *sk = NULL;
985 EVP_PKEY *pkey = NULL;
986 SESS_CERT *sc = NULL;
987 int i;
988 X509 *x509 = NULL;
989 int ret = 0;
990
991 x509 = d2i_X509(NULL, &data,(long)len);
992 if (x509 == NULL) {
993 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_X509_LIB);
994 goto err;
995 }
996
997 if ((sk = sk_X509_new_null()) == NULL || !sk_X509_push(sk, x509)) {
998 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_MALLOC_FAILURE);
999 goto err;
1000 }
1001
1002 i = ssl_verify_cert_chain(s, sk);
1003
1004 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
1005 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED);
1006 goto err;
1007 }
1008 ERR_clear_error(); /* but we keep s->verify_result */
1009 s->session->verify_result = s->verify_result;
1010
1011 /* server's cert for this session */
1012 sc = ssl_sess_cert_new();
1013 if (sc == NULL) {
1014 ret = -1;
1015 goto err;
1016 }
1017 if (s->session->sess_cert)
1018 ssl_sess_cert_free(s->session->sess_cert);
1019 s->session->sess_cert = sc;
1020
1021 sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509 = x509;
1022 sc->peer_key = &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
1023
1024 pkey = X509_get_pubkey(x509);
1025 x509 = NULL;
1026 if (pkey == NULL) {
1027 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
1028 goto err;
1029 }
1030 if (pkey->type != EVP_PKEY_RSA) {
1031 SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_PUBLIC_KEY_NOT_RSA);
1032 goto err;
1033 }
1034
1035 if (!ssl_set_peer_cert_type(sc, SSL2_CT_X509_CERTIFICATE))
1036 goto err;
1037 ret = 1;
1038err:
1039 sk_X509_free(sk);
1040 X509_free(x509);
1041 EVP_PKEY_free(pkey);
1042 return (ret);
1043}
1044
1045static int
1046ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
1047 unsigned char *to, int padding)
1048{
1049 EVP_PKEY *pkey = NULL;
1050 int i = -1;
1051
1052 if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
1053 ((pkey = X509_get_pubkey(sc->peer_key->x509)) == NULL)) {
1054 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_NO_PUBLICKEY);
1055 return (-1);
1056 }
1057 if (pkey->type != EVP_PKEY_RSA) {
1058 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1059 goto end;
1060 }
1061
1062 /* we have the public key */
1063 i = RSA_public_encrypt(len, from, to, pkey->pkey.rsa, padding);
1064 if (i < 0)
1065 SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, ERR_R_RSA_LIB);
1066end:
1067 EVP_PKEY_free(pkey);
1068 return (i);
1069}
1070#else /* !OPENSSL_NO_SSL2 */
1071
1072# if PEDANTIC
1073static void *dummy = &dummy;
1074# endif
1075
1076#endif
diff --git a/src/lib/libssl/src/ssl/s2_enc.c b/src/lib/libssl/src/ssl/s2_enc.c
deleted file mode 100644
index 8d2273f9ef..0000000000
--- a/src/lib/libssl/src/ssl/s2_enc.c
+++ /dev/null
@@ -1,190 +0,0 @@
1/* ssl/s2_enc.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "ssl_locl.h"
60#ifndef OPENSSL_NO_SSL2
61#include <stdio.h>
62
63int
64ssl2_enc_init(SSL *s, int client)
65{
66 /* Max number of bytes needed */
67 EVP_CIPHER_CTX *rs, *ws;
68 const EVP_CIPHER *c;
69 const EVP_MD *md;
70 int num;
71
72 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
73 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
74 SSLerr(SSL_F_SSL2_ENC_INIT, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
75 return (0);
76 }
77 ssl_replace_hash(&s->read_hash, md);
78 ssl_replace_hash(&s->write_hash, md);
79
80 if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx =
81 (EVP_CIPHER_CTX *)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
82 goto err;
83
84 /* make sure it's intialized in case the malloc for enc_write_ctx fails
85 * and we exit with an error */
86 rs = s->enc_read_ctx;
87 EVP_CIPHER_CTX_init(rs);
88
89 if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx =
90 (EVP_CIPHER_CTX *)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
91 goto err;
92
93 ws = s->enc_write_ctx;
94 EVP_CIPHER_CTX_init(ws);
95
96 num = c->key_len;
97 s->s2->key_material_length = num*2;
98 OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
99
100 if (ssl2_generate_key_material(s) <= 0)
101 return 0;
102
103 OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
104 EVP_EncryptInit_ex(ws, c, NULL, &(s->s2->key_material[(client) ? num : 0]),
105 s->session->key_arg);
106 EVP_DecryptInit_ex(rs, c, NULL, &(s->s2->key_material[(client) ? 0 : num]),
107 s->session->key_arg);
108 s->s2->read_key = &(s->s2->key_material[(client) ? 0 : num]);
109 s->s2->write_key = &(s->s2->key_material[(client) ? num : 0]);
110 return (1);
111err:
112 SSLerr(SSL_F_SSL2_ENC_INIT, ERR_R_MALLOC_FAILURE);
113 return (0);
114}
115
116/* read/writes from s->s2->mac_data using length for encrypt and
117 * decrypt. It sets s->s2->padding and s->[rw]length
118 * if we are encrypting */
119void
120ssl2_enc(SSL *s, int send)
121{
122 EVP_CIPHER_CTX *ds;
123 unsigned long l;
124 int bs;
125
126 if (send) {
127 ds = s->enc_write_ctx;
128 l = s->s2->wlength;
129 } else {
130 ds = s->enc_read_ctx;
131 l = s->s2->rlength;
132 }
133
134 /* check for NULL cipher */
135 if (ds == NULL)
136 return;
137
138
139 bs = ds->cipher->block_size;
140 /* This should be using (bs-1) and bs instead of 7 and 8, but
141 * what the hell. */
142 if (bs == 8)
143 l = (l + 7) / 8 * 8;
144
145 EVP_Cipher(ds, s->s2->mac_data, s->s2->mac_data, l);
146}
147
148void
149ssl2_mac(SSL *s, unsigned char *md, int send)
150{
151 EVP_MD_CTX c;
152 unsigned char sequence[4], *p, *sec, *act;
153 unsigned long seq;
154 unsigned int len;
155
156 if (send) {
157 seq = s->s2->write_sequence;
158 sec = s->s2->write_key;
159 len = s->s2->wact_data_length;
160 act = s->s2->wact_data;
161 } else {
162 seq = s->s2->read_sequence;
163 sec = s->s2->read_key;
164 len = s->s2->ract_data_length;
165 act = s->s2->ract_data;
166 }
167
168 p = &(sequence[0]);
169 l2n(seq, p);
170
171 /* There has to be a MAC algorithm. */
172 EVP_MD_CTX_init(&c);
173 EVP_MD_CTX_copy(&c, s->read_hash);
174 EVP_DigestUpdate(&c, sec,
175 EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
176 EVP_DigestUpdate(&c, act, len);
177
178 /* the above line also does the pad data */
179 EVP_DigestUpdate(&c, sequence, 4);
180
181 EVP_DigestFinal_ex(&c, md, NULL);
182 EVP_MD_CTX_cleanup(&c);
183}
184#else /* !OPENSSL_NO_SSL2 */
185
186# if PEDANTIC
187static void *dummy = &dummy;
188# endif
189
190#endif
diff --git a/src/lib/libssl/src/ssl/s2_lib.c b/src/lib/libssl/src/ssl/s2_lib.c
deleted file mode 100644
index 76ed912927..0000000000
--- a/src/lib/libssl/src/ssl/s2_lib.c
+++ /dev/null
@@ -1,569 +0,0 @@
1/* ssl/s2_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "ssl_locl.h"
113#ifndef OPENSSL_NO_SSL2
114#include <stdio.h>
115#include <openssl/objects.h>
116#include <openssl/evp.h>
117#include <openssl/md5.h>
118
119const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT;
120
121#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
122
123/* list of available SSLv2 ciphers (sorted by id) */
124OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
125#if 0
126/* NULL_WITH_MD5 v3 */
127 {
128 1,
129 SSL2_TXT_NULL_WITH_MD5,
130 SSL2_CK_NULL_WITH_MD5,
131 SSL_kRSA,
132 SSL_aRSA,
133 SSL_eNULL,
134 SSL_MD5,
135 SSL_SSLV2,
136 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
137 0,
138 0,
139 0,
140 },
141#endif
142
143/* RC4_128_WITH_MD5 */
144 {
145 1,
146 SSL2_TXT_RC4_128_WITH_MD5,
147 SSL2_CK_RC4_128_WITH_MD5,
148 SSL_kRSA,
149 SSL_aRSA,
150 SSL_RC4,
151 SSL_MD5,
152 SSL_SSLV2,
153 SSL_NOT_EXP|SSL_MEDIUM,
154 0,
155 128,
156 128,
157 },
158
159/* RC4_128_EXPORT40_WITH_MD5 */
160 {
161 1,
162 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
163 SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
164 SSL_kRSA,
165 SSL_aRSA,
166 SSL_RC4,
167 SSL_MD5,
168 SSL_SSLV2,
169 SSL_EXPORT|SSL_EXP40,
170 SSL2_CF_5_BYTE_ENC,
171 40,
172 128,
173 },
174
175/* RC2_128_CBC_WITH_MD5 */
176 {
177 1,
178 SSL2_TXT_RC2_128_CBC_WITH_MD5,
179 SSL2_CK_RC2_128_CBC_WITH_MD5,
180 SSL_kRSA,
181 SSL_aRSA,
182 SSL_RC2,
183 SSL_MD5,
184 SSL_SSLV2,
185 SSL_NOT_EXP|SSL_MEDIUM,
186 0,
187 128,
188 128,
189 },
190
191/* RC2_128_CBC_EXPORT40_WITH_MD5 */
192 {
193 1,
194 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
195 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
196 SSL_kRSA,
197 SSL_aRSA,
198 SSL_RC2,
199 SSL_MD5,
200 SSL_SSLV2,
201 SSL_EXPORT|SSL_EXP40,
202 SSL2_CF_5_BYTE_ENC,
203 40,
204 128,
205 },
206
207#ifndef OPENSSL_NO_IDEA
208/* IDEA_128_CBC_WITH_MD5 */
209 {
210 1,
211 SSL2_TXT_IDEA_128_CBC_WITH_MD5,
212 SSL2_CK_IDEA_128_CBC_WITH_MD5,
213 SSL_kRSA,
214 SSL_aRSA,
215 SSL_IDEA,
216 SSL_MD5,
217 SSL_SSLV2,
218 SSL_NOT_EXP|SSL_MEDIUM,
219 0,
220 128,
221 128,
222 },
223#endif
224
225/* DES_64_CBC_WITH_MD5 */
226 {
227 1,
228 SSL2_TXT_DES_64_CBC_WITH_MD5,
229 SSL2_CK_DES_64_CBC_WITH_MD5,
230 SSL_kRSA,
231 SSL_aRSA,
232 SSL_DES,
233 SSL_MD5,
234 SSL_SSLV2,
235 SSL_NOT_EXP|SSL_LOW,
236 0,
237 56,
238 56,
239 },
240
241/* DES_192_EDE3_CBC_WITH_MD5 */
242 {
243 1,
244 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
245 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
246 SSL_kRSA,
247 SSL_aRSA,
248 SSL_3DES,
249 SSL_MD5,
250 SSL_SSLV2,
251 SSL_NOT_EXP|SSL_HIGH,
252 0,
253 168,
254 168,
255 },
256
257#if 0
258/* RC4_64_WITH_MD5 */
259 {
260 1,
261 SSL2_TXT_RC4_64_WITH_MD5,
262 SSL2_CK_RC4_64_WITH_MD5,
263 SSL_kRSA,
264 SSL_aRSA,
265 SSL_RC4,
266 SSL_MD5,
267 SSL_SSLV2,
268 SSL_NOT_EXP|SSL_LOW,
269 SSL2_CF_8_BYTE_ENC,
270 64,
271 64,
272 },
273#endif
274
275#if 0
276/* NULL SSLeay (testing) */
277 {
278 0,
279 SSL2_TXT_NULL,
280 SSL2_CK_NULL,
281 0,
282 0,
283 0,
284 0,
285 SSL_SSLV2,
286 SSL_STRONG_NONE,
287 0,
288 0,
289 0,
290 },
291#endif
292
293/* end of list :-) */
294};
295
296long
297ssl2_default_timeout(void)
298{
299 return (300);
300}
301
302int
303ssl2_num_ciphers(void)
304{
305 return (SSL2_NUM_CIPHERS);
306}
307
308const SSL_CIPHER
309*ssl2_get_cipher(unsigned int u)
310{
311 if (u < SSL2_NUM_CIPHERS)
312 return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
313 else
314 return (NULL);
315}
316
317int
318ssl2_pending(const SSL *s)
319{
320 return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
321}
322
323int
324ssl2_new(SSL *s)
325{
326 SSL2_STATE *s2;
327
328 if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
329 goto err;
330 memset(s2, 0, sizeof *s2);
331
332#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
333# error "assertion failed"
334#endif
335
336 if ((s2->rbuf = OPENSSL_malloc(
337 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL)
338 goto err;
339 /* wbuf needs one byte more because when using two-byte headers,
340 * we leave the first byte unused in do_ssl_write (s2_pkt.c) */
341 if ((s2->wbuf = OPENSSL_malloc(
342 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL)
343 goto err;
344 s->s2 = s2;
345
346 ssl2_clear(s);
347 return (1);
348err:
349 if (s2 != NULL) {
350 if (s2->wbuf != NULL)
351 OPENSSL_free(s2->wbuf);
352 if (s2->rbuf != NULL)
353 OPENSSL_free(s2->rbuf);
354 OPENSSL_free(s2);
355 }
356 return (0);
357}
358
359void
360ssl2_free(SSL *s)
361{
362 SSL2_STATE *s2;
363
364 if (s == NULL)
365 return;
366
367 s2 = s->s2;
368 if (s2->rbuf != NULL)
369 OPENSSL_free(s2->rbuf);
370 if (s2->wbuf != NULL)
371 OPENSSL_free(s2->wbuf);
372 OPENSSL_cleanse(s2, sizeof *s2);
373 OPENSSL_free(s2);
374 s->s2 = NULL;
375}
376
377void
378ssl2_clear(SSL *s)
379{
380 SSL2_STATE *s2;
381 unsigned char *rbuf, *wbuf;
382
383 s2 = s->s2;
384
385 rbuf = s2->rbuf;
386 wbuf = s2->wbuf;
387
388 memset(s2, 0, sizeof *s2);
389
390 s2->rbuf = rbuf;
391 s2->wbuf = wbuf;
392 s2->clear_text = 1;
393 s->packet = s2->rbuf;
394 s->version = SSL2_VERSION;
395 s->packet_length = 0;
396}
397
398long
399ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
400{
401 int ret = 0;
402
403 switch (cmd) {
404 case SSL_CTRL_GET_SESSION_REUSED:
405 ret = s->hit;
406 break;
407 default:
408 break;
409 }
410 return (ret);
411}
412
413long
414ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
415{
416 return (0);
417}
418
419long
420ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
421{
422 return (0);
423}
424
425long
426ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
427{
428 return (0);
429}
430
431/* This function needs to check if the ciphers required are actually
432 * available */
433const SSL_CIPHER
434*ssl2_get_cipher_by_char(const unsigned char *p)
435{
436 SSL_CIPHER c;
437 const SSL_CIPHER *cp;
438 unsigned long id;
439
440 id = 0x02000000L|((unsigned long)p[0]<<16L)|
441 ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
442 c.id = id;
443 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
444 if ((cp == NULL) || (cp->valid == 0))
445 return NULL;
446 else
447 return cp;
448}
449
450int
451ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
452{
453 long l;
454
455 if (p != NULL) {
456 l = c->id;
457 if ((l & 0xff000000) != 0x02000000)
458 return (0);
459 p[0] = ((unsigned char)(l >> 16L))&0xFF;
460 p[1] = ((unsigned char)(l >> 8L))&0xFF;
461 p[2] = ((unsigned char)(l ))&0xFF;
462 }
463 return (3);
464}
465
466int
467ssl2_generate_key_material(SSL *s)
468{
469 unsigned int i;
470 EVP_MD_CTX ctx;
471 unsigned char *km;
472 unsigned char c = '0';
473 const EVP_MD *md5;
474 int md_size;
475
476 md5 = EVP_md5();
477
478 EVP_MD_CTX_init(&ctx);
479 km = s->s2->key_material;
480
481 if (s->session->master_key_length < 0 ||
482 s->session->master_key_length > (int)sizeof(s->session->master_key)) {
483 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
484 return 0;
485 }
486 md_size = EVP_MD_size(md5);
487 if (md_size < 0)
488 return 0;
489 for (i = 0; i < s->s2->key_material_length; i += md_size) {
490 if (((km - s->s2->key_material) + md_size) >
491 (int)sizeof(s->s2->key_material)) {
492 /* EVP_DigestFinal_ex() below would write beyond buffer */
493 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
494 return 0;
495 }
496
497 EVP_DigestInit_ex(&ctx, md5, NULL);
498
499 OPENSSL_assert(s->session->master_key_length >= 0 &&
500 s->session->master_key_length <
501 (int)sizeof(s->session->master_key));
502 EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length);
503 EVP_DigestUpdate(&ctx, &c, 1);
504 c++;
505 EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
506 EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
507 EVP_DigestFinal_ex(&ctx, km, NULL);
508 km += md_size;
509 }
510
511 EVP_MD_CTX_cleanup(&ctx);
512 return 1;
513}
514
515void
516ssl2_return_error(SSL *s, int err)
517{
518 if (!s->error) {
519 s->error = 3;
520 s->error_code = err;
521
522 ssl2_write_error(s);
523 }
524}
525
526
527void
528ssl2_write_error(SSL *s)
529{
530 unsigned char buf[3];
531 int i, error;
532
533 buf[0] = SSL2_MT_ERROR;
534 buf[1] = (s->error_code >> 8)&0xff;
535 buf[2] = (s->error_code)&0xff;
536
537/* state=s->rwstate;*/
538
539 error=s->error; /* number of bytes left to write */
540 s->error = 0;
541 OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
542 i = ssl2_write(s, &(buf[3 - error]), error);
543
544/* if (i == error) s->rwstate=state; */
545
546 if (i < 0)
547 s->error = error;
548 else {
549 s->error = error - i;
550
551 if (s->error == 0)
552 if (s->msg_callback)
553 s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */
554 }
555}
556
557int
558ssl2_shutdown(SSL *s)
559{
560 s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
561 return (1);
562}
563#else /* !OPENSSL_NO_SSL2 */
564
565# if PEDANTIC
566static void *dummy = &dummy;
567# endif
568
569#endif
diff --git a/src/lib/libssl/src/ssl/s2_meth.c b/src/lib/libssl/src/ssl/s2_meth.c
deleted file mode 100644
index ca08fc6e22..0000000000
--- a/src/lib/libssl/src/ssl/s2_meth.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* ssl/s2_meth.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "ssl_locl.h"
60#ifndef OPENSSL_NO_SSL2
61#include <stdio.h>
62#include <openssl/objects.h>
63
64static const SSL_METHOD *ssl2_get_method(int ver);
65static const SSL_METHOD
66*ssl2_get_method(int ver)
67{
68 if (ver == SSL2_VERSION)
69 return (SSLv2_method());
70 else
71 return (NULL);
72}
73
74IMPLEMENT_ssl2_meth_func(SSLv2_method,
75 ssl2_accept, ssl2_connect, ssl2_get_method)
76
77#else /* !OPENSSL_NO_SSL2 */
78
79# if PEDANTIC
80static void *dummy = &dummy;
81# endif
82
83#endif
diff --git a/src/lib/libssl/src/ssl/s2_pkt.c b/src/lib/libssl/src/ssl/s2_pkt.c
deleted file mode 100644
index 3a92c81d65..0000000000
--- a/src/lib/libssl/src/ssl/s2_pkt.c
+++ /dev/null
@@ -1,696 +0,0 @@
1/* ssl/s2_pkt.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "ssl_locl.h"
113#ifndef OPENSSL_NO_SSL2
114#include <stdio.h>
115#include <errno.h>
116
117static int read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend);
118static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
119static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
120static int ssl_mt_error(int n);
121
122
123/* SSL 2.0 imlementation for SSL_read/SSL_peek -
124 * This routine will return 0 to len bytes, decrypted etc if required.
125 */
126static int
127ssl2_read_internal(SSL *s, void *buf, int len, int peek)
128{
129 int n;
130 unsigned char mac[MAX_MAC_SIZE];
131 unsigned char *p;
132 int i;
133 int mac_size;
134
135 ssl2_read_again:
136 if (SSL_in_init(s) && !s->in_handshake) {
137 n = s->handshake_func(s);
138 if (n < 0)
139 return (n);
140 if (n == 0) {
141 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_SSL_HANDSHAKE_FAILURE);
142 return (-1);
143 }
144 }
145
146 errno = 0;
147 s->rwstate = SSL_NOTHING;
148 if (len <= 0)
149 return (len);
150
151 if (s->s2->ract_data_length != 0) /* read from buffer */
152 {
153 if (len > s->s2->ract_data_length)
154 n = s->s2->ract_data_length;
155 else
156 n = len;
157
158 memcpy(buf, s->s2->ract_data,(unsigned int)n);
159 if (!peek) {
160 s->s2->ract_data_length -= n;
161 s->s2->ract_data += n;
162 if (s->s2->ract_data_length == 0)
163 s->rstate = SSL_ST_READ_HEADER;
164 }
165
166 return (n);
167 }
168
169 /* s->s2->ract_data_length == 0
170 *
171 * Fill the buffer, then goto ssl2_read_again.
172 */
173
174 if (s->rstate == SSL_ST_READ_HEADER) {
175 if (s->first_packet) {
176 n = read_n(s, 5, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
177 if (n <= 0) return(n); /* error or non-blocking */
178 s->first_packet = 0;
179 p = s->packet;
180 if (!((p[0] & 0x80) && (
181 (p[2] == SSL2_MT_CLIENT_HELLO) ||
182 (p[2] == SSL2_MT_SERVER_HELLO)))) {
183 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_NON_SSLV2_INITIAL_PACKET);
184 return (-1);
185 }
186 } else {
187 n = read_n(s, 2, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
188 if (n <= 0)
189 return(n); /* error or non-blocking */
190 }
191 /* part read stuff */
192
193 s->rstate = SSL_ST_READ_BODY;
194 p = s->packet;
195 /* Do header */
196 /*s->s2->padding=0;*/
197 s->s2->escape = 0;
198 s->s2->rlength = (((unsigned int)p[0]) << 8)|((unsigned int)p[1]);
199 if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */
200 {
201 s->s2->three_byte_header = 0;
202 s->s2->rlength&=TWO_BYTE_MASK;
203
204 } else {
205 s->s2->three_byte_header = 1;
206 s->s2->rlength&=THREE_BYTE_MASK;
207
208 /* security >s2->escape */
209 s->s2->escape = ((p[0] & SEC_ESC_BIT)) ? 1 : 0;
210 }
211 }
212
213 if (s->rstate == SSL_ST_READ_BODY) {
214 n = s->s2->rlength + 2 + s->s2->three_byte_header;
215 if (n > (int)s->packet_length) {
216 n -= s->packet_length;
217 i = read_n(s, (unsigned int)n, (unsigned int)n, 1);
218 if (i <= 0)
219 return(i); /* ERROR */
220 }
221
222 p = &(s->packet[2]);
223 s->rstate = SSL_ST_READ_HEADER;
224 if (s->s2->three_byte_header)
225 s->s2->padding= *(p++);
226 else s->s2->padding = 0;
227
228 /* Data portion */
229 if (s->s2->clear_text) {
230 mac_size = 0;
231 s->s2->mac_data = p;
232 s->s2->ract_data = p;
233 if (s->s2->padding) {
234 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
235 return (-1);
236 }
237 } else {
238 mac_size = EVP_MD_CTX_size(s->read_hash);
239 if (mac_size < 0)
240 return -1;
241 OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
242 s->s2->mac_data = p;
243 s->s2->ract_data = &p[mac_size];
244 if (s->s2->padding + mac_size > s->s2->rlength) {
245 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
246 return (-1);
247 }
248 }
249
250 s->s2->ract_data_length = s->s2->rlength;
251 /* added a check for length > max_size in case
252 * encryption was not turned on yet due to an error */
253 if ((!s->s2->clear_text) &&
254 (s->s2->rlength >= (unsigned int)mac_size)) {
255 ssl2_enc(s, 0);
256 s->s2->ract_data_length -= mac_size;
257 ssl2_mac(s, mac, 0);
258 s->s2->ract_data_length -= s->s2->padding;
259 if ((CRYPTO_memcmp(mac, s->s2->mac_data, mac_size) != 0) ||
260 (s->s2->rlength % EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) {
261 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_MAC_DECODE);
262 return (-1);
263 }
264 }
265 INC32(s->s2->read_sequence); /* expect next number */
266 /* s->s2->ract_data is now available for processing */
267
268 /* Possibly the packet that we just read had 0 actual data bytes.
269 * (SSLeay/OpenSSL itself never sends such packets; see ssl2_write.)
270 * In this case, returning 0 would be interpreted by the caller
271 * as indicating EOF, so it's not a good idea. Instead, we just
272 * continue reading; thus ssl2_read_internal may have to process
273 * multiple packets before it can return.
274 *
275 * [Note that using select() for blocking sockets *never* guarantees
276 * that the next SSL_read will not block -- the available
277 * data may contain incomplete packets, and except for SSL 2,
278 * renegotiation can confuse things even more.] */
279
280 goto ssl2_read_again; /* This should really be
281 * "return ssl2_read(s, buf, len)",
282 * but that would allow for
283 * denial - of - service attacks if a
284 * C compiler is used that does not
285 * recognize end-recursion. */
286 } else {
287 SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_STATE);
288 return (-1);
289 }
290}
291
292int
293ssl2_read(SSL *s, void *buf, int len)
294{
295 return ssl2_read_internal(s, buf, len, 0);
296}
297
298int
299ssl2_peek(SSL *s, void *buf, int len)
300{
301 return ssl2_read_internal(s, buf, len, 1);
302}
303
304static int
305read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend)
306{
307 int i, off, newb;
308
309 /* if there is stuff still in the buffer from a previous read,
310 * and there is more than we want, take some. */
311 if (s->s2->rbuf_left >= (int)n) {
312 if (extend)
313 s->packet_length += n;
314 else {
315 s->packet = &(s->s2->rbuf[s->s2->rbuf_offs]);
316 s->packet_length = n;
317 }
318 s->s2->rbuf_left -= n;
319 s->s2->rbuf_offs += n;
320 return (n);
321 }
322
323 if (!s->read_ahead)
324 max = n;
325 if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2))
326 max = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2;
327
328
329 /* Else we want more than we have.
330 * First, if there is some left or we want to extend */
331 off = 0;
332 if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) {
333 newb = s->s2->rbuf_left;
334 if (extend) {
335 off = s->packet_length;
336 if (s->packet != s->s2->rbuf)
337 memcpy(s->s2->rbuf, s->packet,
338 (unsigned int)newb + off);
339 } else if (s->s2->rbuf_offs != 0) {
340 memcpy(s->s2->rbuf, &(s->s2->rbuf[s->s2->rbuf_offs]),
341 (unsigned int)newb);
342 s->s2->rbuf_offs = 0;
343 }
344 s->s2->rbuf_left = 0;
345 } else
346 newb = 0;
347
348 /* off is the offset to start writing too.
349 * r->s2->rbuf_offs is the 'unread data', now 0.
350 * newb is the number of new bytes so far
351 */
352 s->packet = s->s2->rbuf;
353 while (newb < (int)n) {
354 errno = 0;
355 if (s->rbio != NULL) {
356 s->rwstate = SSL_READING;
357 i = BIO_read(s->rbio,(char *)&(s->s2->rbuf[off + newb]),
358 max - newb);
359 } else {
360 SSLerr(SSL_F_READ_N, SSL_R_READ_BIO_NOT_SET);
361 i = -1;
362 }
363#ifdef PKT_DEBUG
364 if (s->debug & 0x01)
365 sleep(1);
366#endif
367 if (i <= 0) {
368 s->s2->rbuf_left += newb;
369 return (i);
370 }
371 newb += i;
372 }
373
374 /* record unread data */
375 if (newb > (int)n) {
376 s->s2->rbuf_offs = n + off;
377 s->s2->rbuf_left = newb - n;
378 } else {
379 s->s2->rbuf_offs = 0;
380 s->s2->rbuf_left = 0;
381 }
382 if (extend)
383 s->packet_length += n;
384 else
385 s->packet_length = n;
386 s->rwstate = SSL_NOTHING;
387 return (n);
388}
389
390int
391ssl2_write(SSL *s, const void *_buf, int len)
392{
393 const unsigned char *buf = _buf;
394 unsigned int n, tot;
395 int i;
396
397 if (SSL_in_init(s) && !s->in_handshake) {
398 i = s->handshake_func(s);
399 if (i < 0)
400 return (i);
401 if (i == 0) {
402 SSLerr(SSL_F_SSL2_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
403 return (-1);
404 }
405 }
406
407 if (s->error) {
408 ssl2_write_error(s);
409 if (s->error)
410 return (-1);
411 }
412
413 errno = 0;
414 s->rwstate = SSL_NOTHING;
415 if (len <= 0)
416 return (len);
417
418 tot = s->s2->wnum;
419 s->s2->wnum = 0;
420
421 n = (len - tot);
422 for (;;) {
423 i = n_do_ssl_write(s, &(buf[tot]), n);
424 if (i <= 0) {
425 s->s2->wnum = tot;
426 return (i);
427 }
428 if ((i == (int)n) ||
429 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) {
430 return (tot + i);
431 }
432
433 n -= i;
434 tot += i;
435 }
436}
437
438static int
439write_pending(SSL *s, const unsigned char *buf, unsigned int len)
440{
441 int i;
442
443 /* s->s2->wpend_len != 0 MUST be true. */
444
445 /* check that they have given us the same buffer to
446 * write */
447 if ((s->s2->wpend_tot > (int)len) ||
448 ((s->s2->wpend_buf != buf) &&
449 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) {
450 SSLerr(SSL_F_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
451 return (-1);
452 }
453
454 for (;;) {
455 errno = 0;
456 if (s->wbio != NULL) {
457 s->rwstate = SSL_WRITING;
458 i = BIO_write(s->wbio,
459 (char *)&(s->s2->write_ptr[s->s2->wpend_off]),
460 (unsigned int)s->s2->wpend_len);
461 } else {
462 SSLerr(SSL_F_WRITE_PENDING, SSL_R_WRITE_BIO_NOT_SET);
463 i = -1;
464 }
465#ifdef PKT_DEBUG
466 if (s->debug & 0x01)
467 sleep(1);
468#endif
469 if (i == s->s2->wpend_len) {
470 s->s2->wpend_len = 0;
471 s->rwstate = SSL_NOTHING;
472 return (s->s2->wpend_ret);
473 } else if (i <= 0)
474 return (i);
475 s->s2->wpend_off += i;
476 s->s2->wpend_len -= i;
477 }
478}
479
480static int
481n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
482{
483 unsigned int j, k, olen, p, bs;
484 int mac_size;
485 register unsigned char *pp;
486
487 olen = len;
488
489 /* first check if there is data from an encryption waiting to
490 * be sent - it must be sent because the other end is waiting.
491 * This will happen with non-blocking IO. We print it and then
492 * return.
493 */
494 if (s->s2->wpend_len != 0)
495 return (write_pending(s, buf, len));
496
497 /* set mac_size to mac size */
498 if (s->s2->clear_text)
499 mac_size = 0;
500 else {
501 mac_size = EVP_MD_CTX_size(s->write_hash);
502 if (mac_size < 0)
503 return -1;
504 }
505
506 /* lets set the pad p */
507 if (s->s2->clear_text) {
508 if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
509 len = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
510 p = 0;
511 s->s2->three_byte_header = 0;
512 /* len=len; */
513 } else {
514 bs = EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
515 j = len + mac_size;
516 /* Two-byte headers allow for a larger record length than
517 * three-byte headers, but we can't use them if we need
518 * padding or if we have to set the escape bit. */
519 if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
520 (!s->s2->escape)) {
521 if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
522 j = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
523 /* set k to the max number of bytes with 2
524 * byte header */
525 k = j - (j % bs);
526 /* how many data bytes? */
527 len = k - mac_size;
528
529 s->s2->three_byte_header = 0;
530 p = 0;
531 } else if ((bs <= 1) && (!s->s2->escape)) {
532 /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
533 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */
534 s->s2->three_byte_header = 0;
535 p = 0;
536 }
537 else /* we may have to use a 3 byte header */
538 {
539 /* If s->s2->escape is not set, then
540 * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
541 * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */
542 p = (j % bs);
543 p = (p == 0) ? 0 : (bs - p);
544 if (s->s2->escape) {
545 s->s2->three_byte_header = 1;
546 if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
547 j = SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
548 } else
549 s->s2->three_byte_header = (p == 0) ? 0 : 1;
550 }
551 }
552
553 /* Now
554 * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
555 * holds, and if s->s2->three_byte_header is set, then even
556 * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
557 */
558
559 /* mac_size is the number of MAC bytes
560 * len is the number of data bytes we are going to send
561 * p is the number of padding bytes
562 * (if it is a two-byte header, then p == 0) */
563
564 s->s2->wlength = len;
565 s->s2->padding = p;
566 s->s2->mac_data = &(s->s2->wbuf[3]);
567 s->s2->wact_data = &(s->s2->wbuf[3 + mac_size]);
568 /* we copy the data into s->s2->wbuf */
569 memcpy(s->s2->wact_data, buf, len);
570 if (p)
571 memset(&(s->s2->wact_data[len]), 0, p); /* arbitrary padding */
572
573 if (!s->s2->clear_text) {
574 s->s2->wact_data_length = len + p;
575 ssl2_mac(s, s->s2->mac_data, 1);
576 s->s2->wlength += p + mac_size;
577 ssl2_enc(s, 1);
578 }
579
580 /* package up the header */
581 s->s2->wpend_len = s->s2->wlength;
582 if (s->s2->three_byte_header) /* 3 byte header */
583 {
584 pp = s->s2->mac_data;
585 pp -= 3;
586 pp[0] = (s->s2->wlength >> 8) & (THREE_BYTE_MASK >> 8);
587 if (s->s2->escape)
588 pp[0]|=SEC_ESC_BIT;
589 pp[1] = s->s2->wlength&0xff;
590 pp[2] = s->s2->padding;
591 s->s2->wpend_len += 3;
592 } else {
593 pp = s->s2->mac_data;
594 pp -= 2;
595 pp[0] = ((s->s2->wlength >> 8) & (TWO_BYTE_MASK >> 8)) | TWO_BYTE_BIT;
596 pp[1] = s->s2->wlength&0xff;
597 s->s2->wpend_len += 2;
598 }
599 s->s2->write_ptr = pp;
600
601 INC32(s->s2->write_sequence); /* expect next number */
602
603 /* lets try to actually write the data */
604 s->s2->wpend_tot = olen;
605 s->s2->wpend_buf = buf;
606
607 s->s2->wpend_ret = len;
608
609 s->s2->wpend_off = 0;
610 return (write_pending(s, buf, olen));
611}
612
613int
614ssl2_part_read(SSL *s, unsigned long f, int i)
615{
616 unsigned char *p;
617 int j;
618
619 if (i < 0) {
620 /* ssl2_return_error(s); */
621 /* for non-blocking io,
622 * this is not necessarily fatal */
623 return (i);
624 } else {
625 s->init_num += i;
626
627 /* Check for error. While there are recoverable errors,
628 * this function is not called when those must be expected;
629 * any error detected here is fatal. */
630 if (s->init_num >= 3) {
631 p = (unsigned char *)s->init_buf->data;
632 if (p[0] == SSL2_MT_ERROR) {
633 j = (p[1]<<8)|p[2];
634 SSLerr((int)f, ssl_mt_error(j));
635 s->init_num -= 3;
636 if (s->init_num > 0)
637 memmove(p, p + 3, s->init_num);
638 }
639 }
640
641 /* If it's not an error message, we have some error anyway --
642 * the message was shorter than expected. This too is treated
643 * as fatal (at least if SSL_get_error is asked for its opinion). */
644 return (0);
645 }
646}
647
648int
649ssl2_do_write(SSL *s)
650{
651 int ret;
652
653 ret = ssl2_write(s, &s->init_buf->data[s->init_off], s->init_num);
654 if (ret == s->init_num) {
655 if (s->msg_callback)
656 s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
657 return (1);
658 }
659 if (ret < 0)
660 return (-1);
661 s->init_off += ret;
662 s->init_num -= ret;
663 return (0);
664}
665
666static int
667ssl_mt_error(int n)
668{
669 int ret;
670
671 switch (n) {
672 case SSL2_PE_NO_CIPHER:
673 ret = SSL_R_PEER_ERROR_NO_CIPHER;
674 break;
675 case SSL2_PE_NO_CERTIFICATE:
676 ret = SSL_R_PEER_ERROR_NO_CERTIFICATE;
677 break;
678 case SSL2_PE_BAD_CERTIFICATE:
679 ret = SSL_R_PEER_ERROR_CERTIFICATE;
680 break;
681 case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
682 ret = SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
683 break;
684 default:
685 ret = SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
686 break;
687 }
688 return (ret);
689}
690#else /* !OPENSSL_NO_SSL2 */
691
692# if PEDANTIC
693static void *dummy = &dummy;
694# endif
695
696#endif
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c
deleted file mode 100644
index 8023243e9a..0000000000
--- a/src/lib/libssl/src/ssl/s2_srvr.c
+++ /dev/null
@@ -1,1092 +0,0 @@
1/* ssl/s2_srvr.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "ssl_locl.h"
113#ifndef OPENSSL_NO_SSL2
114#include <stdio.h>
115#include <openssl/bio.h>
116#include <openssl/rand.h>
117#include <openssl/objects.h>
118#include <openssl/evp.h>
119
120static const SSL_METHOD *ssl2_get_server_method(int ver);
121static int get_client_master_key(SSL *s);
122static int get_client_hello(SSL *s);
123static int server_hello(SSL *s);
124
125static int get_client_finished(SSL *s);
126static int server_verify(SSL *s);
127static int server_finish(SSL *s);
128static int request_certificate(SSL *s);
129static int
130ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
131unsigned char *to, int padding);
132#define BREAK break
133
134static const SSL_METHOD
135*ssl2_get_server_method(int ver)
136{
137 if (ver == SSL2_VERSION)
138 return (SSLv2_server_method());
139 else
140 return (NULL);
141}
142
143IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
144 ssl2_accept, ssl_undefined_function, ssl2_get_server_method)
145
146int
147ssl2_accept(SSL *s)
148{
149 BUF_MEM *buf = NULL;
150 int ret = -1;
151 long num1;
152 void (*cb)(const SSL *ssl, int type, int val) = NULL;
153 int new_state, state;
154
155 ERR_clear_error();
156 errno = 0;
157
158 if (s->info_callback != NULL)
159 cb = s->info_callback;
160 else if (s->ctx->info_callback != NULL)
161 cb = s->ctx->info_callback;
162
163 /* init things to blank */
164 s->in_handshake++;
165 if (!SSL_in_init(s) || SSL_in_before(s))
166 SSL_clear(s);
167
168 if (s->cert == NULL) {
169 SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
170 return (-1);
171 }
172
173 errno = 0;
174 for (;;) {
175 state = s->state;
176
177 switch (s->state) {
178 case SSL_ST_BEFORE:
179 case SSL_ST_ACCEPT:
180 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
181 case SSL_ST_OK|SSL_ST_ACCEPT:
182
183 s->server = 1;
184 if (cb != NULL)
185 cb(s, SSL_CB_HANDSHAKE_START, 1);
186
187 s->version = SSL2_VERSION;
188 s->type = SSL_ST_ACCEPT;
189
190 buf = s->init_buf;
191 if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
192 ret = -1;
193 goto end;
194 }
195 if (!BUF_MEM_grow(buf,
196 (int)SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
197 ret = -1;
198 goto end;
199 }
200 s->init_buf = buf;
201 s->init_num = 0;
202 s->ctx->stats.sess_accept++;
203 s->handshake_func = ssl2_accept;
204 s->state = SSL2_ST_GET_CLIENT_HELLO_A;
205 BREAK;
206
207 case SSL2_ST_GET_CLIENT_HELLO_A:
208 case SSL2_ST_GET_CLIENT_HELLO_B:
209 case SSL2_ST_GET_CLIENT_HELLO_C:
210 s->shutdown = 0;
211 ret = get_client_hello(s);
212 if (ret <= 0)
213 goto end;
214 s->init_num = 0;
215 s->state = SSL2_ST_SEND_SERVER_HELLO_A;
216 BREAK;
217
218 case SSL2_ST_SEND_SERVER_HELLO_A:
219 case SSL2_ST_SEND_SERVER_HELLO_B:
220 ret = server_hello(s);
221 if (ret <= 0)
222 goto end;
223 s->init_num = 0;
224 if (!s->hit) {
225 s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_A;
226 BREAK;
227 } else {
228 s->state = SSL2_ST_SERVER_START_ENCRYPTION;
229 BREAK;
230 }
231 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
232 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
233 ret = get_client_master_key(s);
234 if (ret <= 0)
235 goto end;
236 s->init_num = 0;
237 s->state = SSL2_ST_SERVER_START_ENCRYPTION;
238 BREAK;
239
240 case SSL2_ST_SERVER_START_ENCRYPTION:
241 /* Ok we how have sent all the stuff needed to
242 * start encrypting, the next packet back will
243 * be encrypted. */
244 if (!ssl2_enc_init(s, 0)) {
245 ret = -1;
246 goto end;
247 }
248 s->s2->clear_text = 0;
249 s->state = SSL2_ST_SEND_SERVER_VERIFY_A;
250 BREAK;
251
252 case SSL2_ST_SEND_SERVER_VERIFY_A:
253 case SSL2_ST_SEND_SERVER_VERIFY_B:
254 ret = server_verify(s);
255 if (ret <= 0)
256 goto end;
257 s->init_num = 0;
258 if (s->hit) {
259 /* If we are in here, we have been
260 * buffering the output, so we need to
261 * flush it and remove buffering from
262 * future traffic */
263 s->state = SSL2_ST_SEND_SERVER_VERIFY_C;
264 BREAK;
265 } else {
266 s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
267 break;
268 }
269
270 case SSL2_ST_SEND_SERVER_VERIFY_C:
271 /* get the number of bytes to write */
272 num1 = BIO_ctrl(s->wbio, BIO_CTRL_INFO, 0, NULL);
273 if (num1 > 0) {
274 s->rwstate = SSL_WRITING;
275 num1 = BIO_flush(s->wbio);
276 if (num1 <= 0) {
277 ret = -1;
278 goto end;
279 }
280 s->rwstate = SSL_NOTHING;
281 }
282
283 /* flushed and now remove buffering */
284 s->wbio = BIO_pop(s->wbio);
285
286 s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
287 BREAK;
288
289 case SSL2_ST_GET_CLIENT_FINISHED_A:
290 case SSL2_ST_GET_CLIENT_FINISHED_B:
291 ret = get_client_finished(s);
292 if (ret <= 0)
293 goto end;
294 s->init_num = 0;
295 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
296 BREAK;
297
298 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
299 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
300 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
301 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
302 /* don't do a 'request certificate' if we
303 * don't want to, or we already have one, and
304 * we only want to do it once. */
305 if (!(s->verify_mode & SSL_VERIFY_PEER) ||
306 ((s->session->peer != NULL) &&
307 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) {
308 s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
309 break;
310 } else {
311 ret = request_certificate(s);
312 if (ret <= 0)
313 goto end;
314 s->init_num = 0;
315 s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
316 }
317 BREAK;
318
319 case SSL2_ST_SEND_SERVER_FINISHED_A:
320 case SSL2_ST_SEND_SERVER_FINISHED_B:
321 ret = server_finish(s);
322 if (ret <= 0)
323 goto end;
324 s->init_num = 0;
325 s->state = SSL_ST_OK;
326 break;
327
328 case SSL_ST_OK:
329 BUF_MEM_free(s->init_buf);
330 ssl_free_wbio_buffer(s);
331 s->init_buf = NULL;
332 s->init_num = 0;
333 /* ERR_clear_error();*/
334
335 ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
336
337 s->ctx->stats.sess_accept_good++;
338 /* s->server=1; */
339 ret = 1;
340
341 if (cb != NULL)
342 cb(s, SSL_CB_HANDSHAKE_DONE, 1);
343
344 goto end;
345 /* BREAK; */
346
347 default:
348 SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_UNKNOWN_STATE);
349 ret = -1;
350 goto end;
351 /* BREAK; */
352 }
353
354 if ((cb != NULL) && (s->state != state)) {
355 new_state = s->state;
356 s->state = state;
357 cb(s, SSL_CB_ACCEPT_LOOP, 1);
358 s->state = new_state;
359 }
360 }
361end:
362 s->in_handshake--;
363 if (cb != NULL)
364 cb(s, SSL_CB_ACCEPT_EXIT, ret);
365 return (ret);
366}
367
368static int
369get_client_master_key(SSL *s)
370{
371 int is_export, i, n, keya, ek;
372 unsigned long len;
373 unsigned char *p;
374 const SSL_CIPHER *cp;
375 const EVP_CIPHER *c;
376 const EVP_MD *md;
377
378 p = (unsigned char *)s->init_buf->data;
379 if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
380 i = ssl2_read(s,(char *)&(p[s->init_num]), 10 - s->init_num);
381
382 if (i < (10 - s->init_num))
383 return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
384 s->init_num = 10;
385
386 if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) {
387 if (p[-1] != SSL2_MT_ERROR) {
388 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
389 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_READ_WRONG_PACKET_TYPE);
390 } else
391 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
392 return (-1);
393 }
394
395 cp = ssl2_get_cipher_by_char(p);
396 if (cp == NULL) {
397 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
398 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
399 return (-1);
400 }
401 s->session->cipher = cp;
402
403 p += 3;
404 n2s(p, i);
405 s->s2->tmp.clear = i;
406 n2s(p, i);
407 s->s2->tmp.enc = i;
408 n2s(p, i);
409 if (i > SSL_MAX_KEY_ARG_LENGTH) {
410 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
411 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
412 return -1;
413 }
414 s->session->key_arg_length = i;
415 s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_B;
416 }
417
418 /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
419 p = (unsigned char *)s->init_buf->data;
420 if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
421 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
422 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
423 return -1;
424 }
425 keya = s->session->key_arg_length;
426 len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
427 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
428 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
429 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_MESSAGE_TOO_LONG);
430 return -1;
431 }
432 n = (int)len - s->init_num;
433 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
434 if (i != n)
435 return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
436 if (s->msg_callback)
437 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */
438 p += 10;
439
440 memcpy(s->session->key_arg, &(p[s->s2->tmp.clear + s->s2->tmp.enc]),
441 (unsigned int)keya);
442
443 if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) {
444 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
445 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY);
446 return (-1);
447 }
448 i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
449 &(p[s->s2->tmp.clear]), &(p[s->s2->tmp.clear]),
450 (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : RSA_PKCS1_PADDING);
451
452 is_export = SSL_C_IS_EXPORT(s->session->cipher);
453
454 if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
455 ssl2_return_error(s, SSL2_PE_NO_CIPHER);
456 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
457 return (0);
458 }
459
460 if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
461 is_export = 1;
462 ek = 8;
463 } else
464 ek = 5;
465
466 /* bad decrypt */
467#if 1
468 /* If a bad decrypt, continue with protocol but with a
469 * random master secret (Bleichenbacher attack) */
470 if ((i < 0) || ((!is_export && (i != EVP_CIPHER_key_length(c))) ||
471 (is_export && ((i != ek) || (s->s2->tmp.clear + (unsigned int)i !=
472 (unsigned int)EVP_CIPHER_key_length(c)))))) {
473 ERR_clear_error();
474 if (is_export)
475 i = ek;
476 else
477 i = EVP_CIPHER_key_length(c);
478 if (RAND_pseudo_bytes(p, i) <= 0)
479 return 0;
480 }
481#else
482 if (i < 0) {
483 error = 1;
484 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_BAD_RSA_DECRYPT);
485 }
486 /* incorrect number of key bytes for non export cipher */
487 else if ((!is_export && (i != EVP_CIPHER_key_length(c))) ||
488 (is_export && ((i != ek) || (s->s2->tmp.clear + i !=
489 EVP_CIPHER_key_length(c))))) {
490 error = 1;
491 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_WRONG_NUMBER_OF_KEY_BITS);
492 }
493 if (error) {
494 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
495 return (-1);
496 }
497#endif
498
499 if (is_export)
500 i += s->s2->tmp.clear;
501
502 if (i > SSL_MAX_MASTER_KEY_LENGTH) {
503 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
504 SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
505 return -1;
506 }
507 s->session->master_key_length = i;
508 memcpy(s->session->master_key, p,(unsigned int)i);
509 return (1);
510}
511
512static int
513get_client_hello(SSL *s)
514{
515 int i, n;
516 unsigned long len;
517 unsigned char *p;
518 STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
519 STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */
520 STACK_OF(SSL_CIPHER) *prio, *allow;
521 int z;
522
523 /* This is a bit of a hack to check for the correct packet
524 * type the first time round. */
525 if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) {
526 s->first_packet = 1;
527 s->state = SSL2_ST_GET_CLIENT_HELLO_B;
528 }
529
530 p = (unsigned char *)s->init_buf->data;
531 if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) {
532 i = ssl2_read(s,(char *)&(p[s->init_num]), 9 - s->init_num);
533 if (i < (9 - s->init_num))
534 return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
535 s->init_num = 9;
536
537 if (*(p++) != SSL2_MT_CLIENT_HELLO) {
538 if (p[-1] != SSL2_MT_ERROR) {
539 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
540 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
541 } else
542 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_PEER_ERROR);
543 return (-1);
544 }
545 n2s(p, i);
546 if (i < s->version)
547 s->version = i;
548 n2s(p, i);
549 s->s2->tmp.cipher_spec_length = i;
550 n2s(p, i);
551 s->s2->tmp.session_id_length = i;
552 n2s(p, i);
553 s->s2->challenge_length = i;
554 if ((i < SSL2_MIN_CHALLENGE_LENGTH) ||
555 (i > SSL2_MAX_CHALLENGE_LENGTH)) {
556 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
557 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_INVALID_CHALLENGE_LENGTH);
558 return (-1);
559 }
560 s->state = SSL2_ST_GET_CLIENT_HELLO_C;
561 }
562
563 /* SSL2_ST_GET_CLIENT_HELLO_C */
564 p = (unsigned char *)s->init_buf->data;
565 len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length;
566 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
567 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
568 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_MESSAGE_TOO_LONG);
569 return -1;
570 }
571 n = (int)len - s->init_num;
572 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
573 if (i != n)
574 return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
575 if (s->msg_callback)
576 s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */
577 p += 9;
578
579 /* get session-id before cipher stuff so we can get out session
580 * structure if it is cached */
581 /* session-id */
582 if ((s->s2->tmp.session_id_length != 0) &&
583 (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) {
584 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
585 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_BAD_SSL_SESSION_ID_LENGTH);
586 return (-1);
587 }
588
589 if (s->s2->tmp.session_id_length == 0) {
590 if (!ssl_get_new_session(s, 1)) {
591 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
592 return (-1);
593 }
594 } else {
595 i = ssl_get_prev_session(s, &(p[s->s2->tmp.cipher_spec_length]),
596 s->s2->tmp.session_id_length, NULL);
597 if (i == 1)
598 { /* previous session */
599 s->hit = 1;
600 } else if (i == -1) {
601 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
602 return (-1);
603 } else {
604 if (s->cert == NULL) {
605 ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
606 SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CERTIFICATE_SET);
607 return (-1);
608 }
609
610 if (!ssl_get_new_session(s, 1)) {
611 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
612 return (-1);
613 }
614 }
615 }
616
617 if (!s->hit) {
618 cs = ssl_bytes_to_cipher_list(s, p,
619 s->s2->tmp.cipher_spec_length, &s->session->ciphers);
620 if (cs == NULL)
621 goto mem_err;
622
623 cl = SSL_get_ciphers(s);
624
625 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
626 prio = sk_SSL_CIPHER_dup(cl);
627 if (prio == NULL)
628 goto mem_err;
629 allow = cs;
630 } else {
631 prio = cs;
632 allow = cl;
633 }
634 for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
635 if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) {
636 (void)sk_SSL_CIPHER_delete(prio, z);
637 z--;
638 }
639 }
640 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
641 sk_SSL_CIPHER_free(s->session->ciphers);
642 s->session->ciphers = prio;
643 }
644 /* s->session->ciphers should now have a list of
645 * ciphers that are on both the client and server.
646 * This list is ordered by the order the client sent
647 * the ciphers or in the order of the server's preference
648 * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
649 */
650 }
651 p += s->s2->tmp.cipher_spec_length;
652 /* done cipher selection */
653
654 /* session id extracted already */
655 p += s->s2->tmp.session_id_length;
656
657 /* challenge */
658 if (s->s2->challenge_length > sizeof s->s2->challenge) {
659 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
660 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
661 return -1;
662 }
663 memcpy(s->s2->challenge, p, (unsigned int)s->s2->challenge_length);
664 return (1);
665mem_err:
666 SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_MALLOC_FAILURE);
667 return (0);
668}
669
670static int
671server_hello(SSL *s)
672{
673 unsigned char *p, *d;
674 int n, hit;
675
676 p = (unsigned char *)s->init_buf->data;
677 if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) {
678 d = p + 11;
679 *(p++) = SSL2_MT_SERVER_HELLO;
680 /* type */
681 hit = s->hit;
682 *(p++) = (unsigned char)hit;
683#if 1
684 if (!hit) {
685 if (s->session->sess_cert != NULL)
686 /* This can't really happen because get_client_hello
687 * has called ssl_get_new_session, which does not set
688 * sess_cert. */
689 ssl_sess_cert_free(s->session->sess_cert);
690 s->session->sess_cert = ssl_sess_cert_new();
691 if (s->session->sess_cert == NULL) {
692 SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
693 return (-1);
694 }
695 }
696 /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
697 * depending on whether it survived in the internal cache
698 * or was retrieved from an external cache.
699 * If it is NULL, we cannot put any useful data in it anyway,
700 * so we don't touch it.
701 */
702
703#else /* That's what used to be done when cert_st and sess_cert_st were
704 * the same. */
705 if (!hit) { /* else add cert to session */
706 CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
707 if (s->session->sess_cert != NULL)
708 ssl_cert_free(s->session->sess_cert);
709 s->session->sess_cert = s->cert;
710
711 } else /* We have a session id - cache hit, if the
712 * session - id has no certificate listed against
713 * the 'cert' structure, grab the 'old' one
714 * listed against the SSL connection */
715 {
716 if (s->session->sess_cert == NULL) {
717 CRYPTO_add(&s->cert->references, 1,
718 CRYPTO_LOCK_SSL_CERT);
719 s->session->sess_cert = s->cert;
720 }
721 }
722#endif
723
724 if (s->cert == NULL) {
725 ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
726 SSLerr(SSL_F_SERVER_HELLO, SSL_R_NO_CERTIFICATE_SPECIFIED);
727 return (-1);
728 }
729
730 if (hit) {
731 *(p++) = 0;
732 /* no certificate type */
733 s2n(s->version,p); /* version */
734 s2n(0, p);
735 /* cert len */
736 s2n(0, p);
737 /* ciphers len */
738 } else {
739 /* EAY EAY */
740 /* put certificate type */
741 *(p++) = SSL2_CT_X509_CERTIFICATE;
742 s2n(s->version,p); /* version */
743 n = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
744 s2n(n, p);
745 /* certificate length */
746 i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &d);
747 n = 0;
748
749 /* lets send out the ciphers we like in the
750 * prefered order */
751 n = ssl_cipher_list_to_bytes(s, s->session->ciphers, d, 0);
752 d += n;
753 s2n(n, p);
754 /* add cipher length */
755 }
756
757 /* make and send conn_id */
758 s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */
759 s->s2->conn_id_length = SSL2_CONNECTION_ID_LENGTH;
760 if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0)
761 return -1;
762 memcpy(d, s->s2->conn_id, SSL2_CONNECTION_ID_LENGTH);
763 d += SSL2_CONNECTION_ID_LENGTH;
764
765 s->state = SSL2_ST_SEND_SERVER_HELLO_B;
766 s->init_num = d - (unsigned char *)s->init_buf->data;
767 s->init_off = 0;
768 }
769 /* SSL2_ST_SEND_SERVER_HELLO_B */
770 /* If we are using TCP/IP, the performance is bad if we do 2
771 * writes without a read between them. This occurs when
772 * Session-id reuse is used, so I will put in a buffering module
773 */
774 if (s->hit) {
775 if (!ssl_init_wbio_buffer(s, 1))
776 return (-1);
777 }
778
779 return (ssl2_do_write(s));
780}
781
782static int
783get_client_finished(SSL *s)
784{
785 unsigned char *p;
786 int i, n;
787 unsigned long len;
788
789 p = (unsigned char *)s->init_buf->data;
790 if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) {
791 i = ssl2_read(s,(char *)&(p[s->init_num]), 1 - s->init_num);
792 if (i < 1 - s->init_num)
793 return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
794 s->init_num += i;
795
796 if (*p != SSL2_MT_CLIENT_FINISHED) {
797 if (*p != SSL2_MT_ERROR) {
798 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
799 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_READ_WRONG_PACKET_TYPE);
800 } else {
801 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_PEER_ERROR);
802 /* try to read the error message */
803 i = ssl2_read(s,(char *)&(p[s->init_num]), 3 - s->init_num);
804 return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
805 }
806 return (-1);
807 }
808 s->state = SSL2_ST_GET_CLIENT_FINISHED_B;
809 }
810
811 /* SSL2_ST_GET_CLIENT_FINISHED_B */
812 if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
813 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
814 SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
815 return -1;
816 }
817 len = 1 + (unsigned long)s->s2->conn_id_length;
818 n = (int)len - s->init_num;
819 i = ssl2_read(s,(char *)&(p[s->init_num]), n);
820 if (i < n) {
821 return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
822 }
823 if (s->msg_callback)
824 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */
825 p += 1;
826 if (memcmp(p, s->s2->conn_id, s->s2->conn_id_length) != 0) {
827 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
828 SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_CONNECTION_ID_IS_DIFFERENT);
829 return (-1);
830 }
831 return (1);
832}
833
834static int
835server_verify(SSL *s)
836{
837 unsigned char *p;
838
839 if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
840 p = (unsigned char *)s->init_buf->data;
841 *(p++) = SSL2_MT_SERVER_VERIFY;
842 if (s->s2->challenge_length > sizeof s->s2->challenge) {
843 SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
844 return -1;
845 }
846 memcpy(p, s->s2->challenge,(unsigned int)s->s2->challenge_length);
847 /* p+=s->s2->challenge_length; */
848
849 s->state = SSL2_ST_SEND_SERVER_VERIFY_B;
850 s->init_num = s->s2->challenge_length + 1;
851 s->init_off = 0;
852 }
853 return (ssl2_do_write(s));
854}
855
856static int
857server_finish(SSL *s)
858{
859 unsigned char *p;
860
861 if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) {
862 p = (unsigned char *)s->init_buf->data;
863 *(p++) = SSL2_MT_SERVER_FINISHED;
864
865 if (s->session->session_id_length > sizeof s->session->session_id) {
866 SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
867 return -1;
868 }
869 memcpy(p, s->session->session_id, (unsigned int)s->session->session_id_length);
870 /* p+=s->session->session_id_length; */
871
872 s->state = SSL2_ST_SEND_SERVER_FINISHED_B;
873 s->init_num = s->session->session_id_length + 1;
874 s->init_off = 0;
875 }
876
877 /* SSL2_ST_SEND_SERVER_FINISHED_B */
878 return (ssl2_do_write(s));
879}
880
881/* send the request and check the response */
882static int
883request_certificate(SSL *s)
884{
885 const unsigned char *cp;
886 unsigned char *p, *p2, *buf2;
887 unsigned char *ccd;
888 int i, j, ctype, ret = -1;
889 unsigned long len;
890 X509 *x509 = NULL;
891 STACK_OF(X509) *sk = NULL;
892
893 ccd = s->s2->tmp.ccl;
894 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) {
895 p = (unsigned char *)s->init_buf->data;
896 *(p++) = SSL2_MT_REQUEST_CERTIFICATE;
897 *(p++) = SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
898 if (RAND_pseudo_bytes(ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
899 return -1;
900 memcpy(p, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH);
901
902 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
903 s->init_num = SSL2_MIN_CERT_CHALLENGE_LENGTH + 2;
904 s->init_off = 0;
905 }
906
907 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) {
908 i = ssl2_do_write(s);
909 if (i <= 0) {
910 ret = i;
911 goto end;
912 }
913
914 s->init_num = 0;
915 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
916 }
917
918 if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) {
919 p = (unsigned char *)s->init_buf->data;
920 i = ssl2_read(s, (char *)&(p[s->init_num]), 6 - s->init_num); /* try to read 6 octets ... */
921 if (i < 3 - s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3
922 * (probably NO-CERTIFICATE-ERROR) */
923 {
924 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
925 goto end;
926 }
927 s->init_num += i;
928
929 if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) {
930 n2s(p, i);
931 if (i != SSL2_PE_NO_CERTIFICATE) {
932 /* not the error message we expected -- let ssl2_part_read handle it */
933 s->init_num -= 3;
934 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, 3);
935 goto end;
936 }
937
938 if (s->msg_callback)
939 s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */
940
941 /* this is the one place where we can recover from an SSL 2.0 error */
942
943 if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
944 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
945 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
946 goto end;
947 }
948 ret = 1;
949 goto end;
950 }
951 if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) {
952 ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
953 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_SHORT_READ);
954 goto end;
955 }
956 if (s->init_num != 6) {
957 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
958 goto end;
959 }
960
961 /* ok we have a response */
962 /* certificate type, there is only one right now. */
963 ctype= *(p++);
964 if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
965 ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
966 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_RESPONSE_ARGUMENT);
967 goto end;
968 }
969 n2s(p, i);
970 s->s2->tmp.clen = i;
971 n2s(p, i);
972 s->s2->tmp.rlen = i;
973 s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
974 }
975
976 /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
977 p = (unsigned char *)s->init_buf->data;
978 len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
979 if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
980 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_MESSAGE_TOO_LONG);
981 goto end;
982 }
983 j = (int)len - s->init_num;
984 i = ssl2_read(s,(char *)&(p[s->init_num]), j);
985 if (i < j) {
986 ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
987 goto end;
988 }
989 if (s->msg_callback)
990 s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */
991 p += 6;
992
993 cp = p;
994 x509 = (X509 *)d2i_X509(NULL, &cp,(long)s->s2->tmp.clen);
995 if (x509 == NULL) {
996 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_X509_LIB);
997 goto msg_end;
998 }
999
1000 if (((sk = sk_X509_new_null()) == NULL) || (!sk_X509_push(sk, x509))) {
1001 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1002 goto msg_end;
1003 }
1004
1005 i = ssl_verify_cert_chain(s, sk);
1006
1007 if (i > 0) /* we like the packet, now check the chksum */
1008 {
1009 EVP_MD_CTX ctx;
1010 EVP_PKEY *pkey = NULL;
1011
1012 EVP_MD_CTX_init(&ctx);
1013 if (!EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL) ||
1014 !EVP_VerifyUpdate(&ctx, s->s2->key_material,
1015 s->s2->key_material_length) ||
1016 !EVP_VerifyUpdate(&ctx, ccd,
1017 SSL2_MIN_CERT_CHALLENGE_LENGTH))
1018 goto msg_end;
1019
1020 i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
1021 buf2 = OPENSSL_malloc((unsigned int)i);
1022 if (buf2 == NULL) {
1023 SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
1024 goto msg_end;
1025 }
1026 p2 = buf2;
1027 i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &p2);
1028 if (!EVP_VerifyUpdate(&ctx, buf2,(unsigned int)i)) {
1029 OPENSSL_free(buf2);
1030 goto msg_end;
1031 }
1032 OPENSSL_free(buf2);
1033
1034 pkey = X509_get_pubkey(x509);
1035 if (pkey == NULL)
1036 goto end;
1037 i = EVP_VerifyFinal(&ctx, cp, s->s2->tmp.rlen, pkey);
1038 EVP_PKEY_free(pkey);
1039 EVP_MD_CTX_cleanup(&ctx);
1040
1041 if (i > 0) {
1042 if (s->session->peer != NULL)
1043 X509_free(s->session->peer);
1044 s->session->peer = x509;
1045 CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
1046 s->session->verify_result = s->verify_result;
1047 ret = 1;
1048 goto end;
1049 } else {
1050 SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_CHECKSUM);
1051 goto msg_end;
1052 }
1053 } else {
1054msg_end:
1055 ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
1056 }
1057end:
1058 sk_X509_free(sk);
1059 X509_free(x509);
1060 return (ret);
1061}
1062
1063static int
1064ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
1065 unsigned char *to, int padding)
1066{
1067 RSA *rsa;
1068 int i;
1069
1070 if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) {
1071 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_NO_PRIVATEKEY);
1072 return (-1);
1073 }
1074 if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) {
1075 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
1076 return (-1);
1077 }
1078 rsa = c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
1079
1080 /* we have the public key */
1081 i = RSA_private_decrypt(len, from, to, rsa, padding);
1082 if (i < 0)
1083 SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, ERR_R_RSA_LIB);
1084 return (i);
1085}
1086#else /* !OPENSSL_NO_SSL2 */
1087
1088# if PEDANTIC
1089static void *dummy = &dummy;
1090# endif
1091
1092#endif
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
index 97e4a3f96c..d3e015e738 100644
--- a/src/lib/libssl/src/ssl/ssl.h
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -350,10 +350,6 @@ extern "C" {
350extern "C" { 350extern "C" {
351#endif 351#endif
352 352
353#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
354#define OPENSSL_NO_SSL2
355#endif
356
357#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 353#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
358#define SSL_FILETYPE_PEM X509_FILETYPE_PEM 354#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
359 355
@@ -1839,12 +1835,6 @@ const char *SSL_get_version(const SSL *s);
1839/* This sets the 'default' SSL version that SSL_new() will create */ 1835/* This sets the 'default' SSL version that SSL_new() will create */
1840int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); 1836int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
1841 1837
1842#ifndef OPENSSL_NO_SSL2
1843const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
1844const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
1845const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
1846#endif
1847
1848const SSL_METHOD *SSLv3_method(void); /* SSLv3 */ 1838const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1849const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ 1839const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1850const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ 1840const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
diff --git a/src/lib/libssl/src/ssl/ssl_stat.c b/src/lib/libssl/src/ssl/ssl_stat.c
index 3d9371cdd7..da55c92de2 100644
--- a/src/lib/libssl/src/ssl/ssl_stat.c
+++ b/src/lib/libssl/src/ssl/ssl_stat.c
@@ -109,86 +109,6 @@ const char
109 str="before/accept initialization"; break; 109 str="before/accept initialization"; break;
110 case SSL_ST_OK|SSL_ST_ACCEPT: 110 case SSL_ST_OK|SSL_ST_ACCEPT:
111 str="ok/accept SSL initialization"; break; 111 str="ok/accept SSL initialization"; break;
112#ifndef OPENSSL_NO_SSL2
113 case SSL2_ST_CLIENT_START_ENCRYPTION:
114 str="SSLv2 client start encryption"; break;
115 case SSL2_ST_SERVER_START_ENCRYPTION:
116 str="SSLv2 server start encryption"; break;
117 case SSL2_ST_SEND_CLIENT_HELLO_A:
118 str="SSLv2 write client hello A"; break;
119 case SSL2_ST_SEND_CLIENT_HELLO_B:
120 str="SSLv2 write client hello B"; break;
121 case SSL2_ST_GET_SERVER_HELLO_A:
122 str="SSLv2 read server hello A"; break;
123 case SSL2_ST_GET_SERVER_HELLO_B:
124 str="SSLv2 read server hello B"; break;
125 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
126 str="SSLv2 write client master key A"; break;
127 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
128 str="SSLv2 write client master key B"; break;
129 case SSL2_ST_SEND_CLIENT_FINISHED_A:
130 str="SSLv2 write client finished A"; break;
131 case SSL2_ST_SEND_CLIENT_FINISHED_B:
132 str="SSLv2 write client finished B"; break;
133 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
134 str="SSLv2 write client certificate A"; break;
135 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
136 str="SSLv2 write client certificate B"; break;
137 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
138 str="SSLv2 write client certificate C"; break;
139 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
140 str="SSLv2 write client certificate D"; break;
141 case SSL2_ST_GET_SERVER_VERIFY_A:
142 str="SSLv2 read server verify A"; break;
143 case SSL2_ST_GET_SERVER_VERIFY_B:
144 str="SSLv2 read server verify B"; break;
145 case SSL2_ST_GET_SERVER_FINISHED_A:
146 str="SSLv2 read server finished A"; break;
147 case SSL2_ST_GET_SERVER_FINISHED_B:
148 str="SSLv2 read server finished B"; break;
149 case SSL2_ST_GET_CLIENT_HELLO_A:
150 str="SSLv2 read client hello A"; break;
151 case SSL2_ST_GET_CLIENT_HELLO_B:
152 str="SSLv2 read client hello B"; break;
153 case SSL2_ST_GET_CLIENT_HELLO_C:
154 str="SSLv2 read client hello C"; break;
155 case SSL2_ST_SEND_SERVER_HELLO_A:
156 str="SSLv2 write server hello A"; break;
157 case SSL2_ST_SEND_SERVER_HELLO_B:
158 str="SSLv2 write server hello B"; break;
159 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
160 str="SSLv2 read client master key A"; break;
161 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
162 str="SSLv2 read client master key B"; break;
163 case SSL2_ST_SEND_SERVER_VERIFY_A:
164 str="SSLv2 write server verify A"; break;
165 case SSL2_ST_SEND_SERVER_VERIFY_B:
166 str="SSLv2 write server verify B"; break;
167 case SSL2_ST_SEND_SERVER_VERIFY_C:
168 str="SSLv2 write server verify C"; break;
169 case SSL2_ST_GET_CLIENT_FINISHED_A:
170 str="SSLv2 read client finished A"; break;
171 case SSL2_ST_GET_CLIENT_FINISHED_B:
172 str="SSLv2 read client finished B"; break;
173 case SSL2_ST_SEND_SERVER_FINISHED_A:
174 str="SSLv2 write server finished A"; break;
175 case SSL2_ST_SEND_SERVER_FINISHED_B:
176 str="SSLv2 write server finished B"; break;
177 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
178 str="SSLv2 write request certificate A"; break;
179 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
180 str="SSLv2 write request certificate B"; break;
181 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
182 str="SSLv2 write request certificate C"; break;
183 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
184 str="SSLv2 write request certificate D"; break;
185 case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
186 str="SSLv2 X509 read server certificate"; break;
187 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
188 str="SSLv2 X509 read client certificate"; break;
189#endif
190
191#ifndef OPENSSL_NO_SSL3
192/* SSLv3 additions */ 112/* SSLv3 additions */
193 case SSL3_ST_CW_CLNT_HELLO_A: 113 case SSL3_ST_CW_CLNT_HELLO_A:
194 str="SSLv3 write client hello A"; break; 114 str="SSLv3 write client hello A"; break;
@@ -312,25 +232,6 @@ const char
312 str="SSLv3 read certificate verify A"; break; 232 str="SSLv3 read certificate verify A"; break;
313 case SSL3_ST_SR_CERT_VRFY_B: 233 case SSL3_ST_SR_CERT_VRFY_B:
314 str="SSLv3 read certificate verify B"; break; 234 str="SSLv3 read certificate verify B"; break;
315#endif
316
317#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
318/* SSLv2/v3 compatibility states */
319/* client */
320 case SSL23_ST_CW_CLNT_HELLO_A:
321 str="SSLv2/v3 write client hello A"; break;
322 case SSL23_ST_CW_CLNT_HELLO_B:
323 str="SSLv2/v3 write client hello B"; break;
324 case SSL23_ST_CR_SRVR_HELLO_A:
325 str="SSLv2/v3 read server hello A"; break;
326 case SSL23_ST_CR_SRVR_HELLO_B:
327 str="SSLv2/v3 read server hello B"; break;
328/* server */
329 case SSL23_ST_SR_CLNT_HELLO_A:
330 str="SSLv2/v3 read client hello A"; break;
331 case SSL23_ST_SR_CLNT_HELLO_B:
332 str="SSLv2/v3 read client hello B"; break;
333#endif
334 235
335/* DTLS */ 236/* DTLS */
336 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 237 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
@@ -380,86 +281,7 @@ const char
380 str="CINIT "; break; 281 str="CINIT "; break;
381 case SSL_ST_OK: 282 case SSL_ST_OK:
382 str="SSLOK "; break; 283 str="SSLOK "; break;
383#ifndef OPENSSL_NO_SSL2
384 case SSL2_ST_CLIENT_START_ENCRYPTION:
385 str="2CSENC"; break;
386 case SSL2_ST_SERVER_START_ENCRYPTION:
387 str="2SSENC"; break;
388 case SSL2_ST_SEND_CLIENT_HELLO_A:
389 str="2SCH_A"; break;
390 case SSL2_ST_SEND_CLIENT_HELLO_B:
391 str="2SCH_B"; break;
392 case SSL2_ST_GET_SERVER_HELLO_A:
393 str="2GSH_A"; break;
394 case SSL2_ST_GET_SERVER_HELLO_B:
395 str="2GSH_B"; break;
396 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
397 str="2SCMKA"; break;
398 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
399 str="2SCMKB"; break;
400 case SSL2_ST_SEND_CLIENT_FINISHED_A:
401 str="2SCF_A"; break;
402 case SSL2_ST_SEND_CLIENT_FINISHED_B:
403 str="2SCF_B"; break;
404 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
405 str="2SCC_A"; break;
406 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
407 str="2SCC_B"; break;
408 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
409 str="2SCC_C"; break;
410 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
411 str="2SCC_D"; break;
412 case SSL2_ST_GET_SERVER_VERIFY_A:
413 str="2GSV_A"; break;
414 case SSL2_ST_GET_SERVER_VERIFY_B:
415 str="2GSV_B"; break;
416 case SSL2_ST_GET_SERVER_FINISHED_A:
417 str="2GSF_A"; break;
418 case SSL2_ST_GET_SERVER_FINISHED_B:
419 str="2GSF_B"; break;
420 case SSL2_ST_GET_CLIENT_HELLO_A:
421 str="2GCH_A"; break;
422 case SSL2_ST_GET_CLIENT_HELLO_B:
423 str="2GCH_B"; break;
424 case SSL2_ST_GET_CLIENT_HELLO_C:
425 str="2GCH_C"; break;
426 case SSL2_ST_SEND_SERVER_HELLO_A:
427 str="2SSH_A"; break;
428 case SSL2_ST_SEND_SERVER_HELLO_B:
429 str="2SSH_B"; break;
430 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
431 str="2GCMKA"; break;
432 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
433 str="2GCMKA"; break;
434 case SSL2_ST_SEND_SERVER_VERIFY_A:
435 str="2SSV_A"; break;
436 case SSL2_ST_SEND_SERVER_VERIFY_B:
437 str="2SSV_B"; break;
438 case SSL2_ST_SEND_SERVER_VERIFY_C:
439 str="2SSV_C"; break;
440 case SSL2_ST_GET_CLIENT_FINISHED_A:
441 str="2GCF_A"; break;
442 case SSL2_ST_GET_CLIENT_FINISHED_B:
443 str="2GCF_B"; break;
444 case SSL2_ST_SEND_SERVER_FINISHED_A:
445 str="2SSF_A"; break;
446 case SSL2_ST_SEND_SERVER_FINISHED_B:
447 str="2SSF_B"; break;
448 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
449 str="2SRC_A"; break;
450 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
451 str="2SRC_B"; break;
452 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
453 str="2SRC_C"; break;
454 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
455 str="2SRC_D"; break;
456 case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
457 str="2X9GSC"; break;
458 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
459 str="2X9GCC"; break;
460#endif
461 284
462#ifndef OPENSSL_NO_SSL3
463/* SSLv3 additions */ 285/* SSLv3 additions */
464 case SSL3_ST_SW_FLUSH: 286 case SSL3_ST_SW_FLUSH:
465 case SSL3_ST_CW_FLUSH: 287 case SSL3_ST_CW_FLUSH:
@@ -574,25 +396,6 @@ const char
574 str="3RCV_A"; break; 396 str="3RCV_A"; break;
575 case SSL3_ST_SR_CERT_VRFY_B: 397 case SSL3_ST_SR_CERT_VRFY_B:
576 str="3RCV_B"; break; 398 str="3RCV_B"; break;
577#endif
578
579#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
580/* SSLv2/v3 compatibility states */
581/* client */
582 case SSL23_ST_CW_CLNT_HELLO_A:
583 str="23WCHA"; break;
584 case SSL23_ST_CW_CLNT_HELLO_B:
585 str="23WCHB"; break;
586 case SSL23_ST_CR_SRVR_HELLO_A:
587 str="23RSHA"; break;
588 case SSL23_ST_CR_SRVR_HELLO_B:
589 str="23RSHA"; break;
590/* server */
591 case SSL23_ST_SR_CLNT_HELLO_A:
592 str="23RCHA"; break;
593 case SSL23_ST_SR_CLNT_HELLO_B:
594 str="23RCHB"; break;
595#endif
596/* DTLS */ 399/* DTLS */
597 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 400 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
598 str="DRCHVA"; break; 401 str="DRCHVA"; break;
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c
index ea236df44d..771c50a3e1 100644
--- a/src/lib/libssl/src/ssl/ssltest.c
+++ b/src/lib/libssl/src/ssl/ssltest.c
@@ -324,15 +324,8 @@ sv_usage(void)
324 fprintf(stderr, " -srpuser user - SRP username to use\n"); 324 fprintf(stderr, " -srpuser user - SRP username to use\n");
325 fprintf(stderr, " -srppass arg - password for 'user'\n"); 325 fprintf(stderr, " -srppass arg - password for 'user'\n");
326#endif 326#endif
327#ifndef OPENSSL_NO_SSL2
328 fprintf(stderr, " -ssl2 - use SSLv2\n");
329#endif
330#ifndef OPENSSL_NO_SSL3
331 fprintf(stderr, " -ssl3 - use SSLv3\n"); 327 fprintf(stderr, " -ssl3 - use SSLv3\n");
332#endif
333#ifndef OPENSSL_NO_TLS1
334 fprintf(stderr, " -tls1 - use TLSv1\n"); 328 fprintf(stderr, " -tls1 - use TLSv1\n");
335#endif
336 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 329 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
337 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 330 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
338 fprintf(stderr, " -cert arg - Server certificate file\n"); 331 fprintf(stderr, " -cert arg - Server certificate file\n");
@@ -778,27 +771,12 @@ bad:
778 } 771 }
779#endif 772#endif
780 773
781#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
782 if (ssl2)
783 meth = SSLv2_method();
784 else if (tls1)
785 meth = TLSv1_method();
786 else if (ssl3)
787 meth = SSLv3_method();
788 else
789 meth = SSLv23_method();
790#else
791#ifdef OPENSSL_NO_SSL2
792 if (tls1) 774 if (tls1)
793 meth = TLSv1_method(); 775 meth = TLSv1_method();
794 else if (ssl3) 776 else if (ssl3)
795 meth = SSLv3_method(); 777 meth = SSLv3_method();
796 else 778 else
797 meth = SSLv23_method(); 779 meth = SSLv23_method();
798#else
799 meth = SSLv2_method();
800#endif
801#endif
802 780
803 c_ctx = SSL_CTX_new(meth); 781 c_ctx = SSL_CTX_new(meth);
804 s_ctx = SSL_CTX_new(meth); 782 s_ctx = SSL_CTX_new(meth);
@@ -2325,20 +2303,6 @@ do_test_cipherlist(void)
2325 const SSL_METHOD *meth; 2303 const SSL_METHOD *meth;
2326 const SSL_CIPHER *ci, *tci = NULL; 2304 const SSL_CIPHER *ci, *tci = NULL;
2327 2305
2328#ifndef OPENSSL_NO_SSL2
2329 fprintf(stderr, "testing SSLv2 cipher list order: ");
2330 meth = SSLv2_method();
2331 while ((ci = meth->get_cipher(i++)) != NULL) {
2332 if (tci != NULL)
2333 if (ci->id >= tci->id) {
2334 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
2335 return 0;
2336 }
2337 tci = ci;
2338 }
2339 fprintf(stderr, "ok\n");
2340#endif
2341#ifndef OPENSSL_NO_SSL3
2342 fprintf(stderr, "testing SSLv3 cipher list order: "); 2306 fprintf(stderr, "testing SSLv3 cipher list order: ");
2343 meth = SSLv3_method(); 2307 meth = SSLv3_method();
2344 tci = NULL; 2308 tci = NULL;
@@ -2351,8 +2315,6 @@ do_test_cipherlist(void)
2351 tci = ci; 2315 tci = ci;
2352 } 2316 }
2353 fprintf(stderr, "ok\n"); 2317 fprintf(stderr, "ok\n");
2354#endif
2355#ifndef OPENSSL_NO_TLS1
2356 fprintf(stderr, "testing TLSv1 cipher list order: "); 2318 fprintf(stderr, "testing TLSv1 cipher list order: ");
2357 meth = TLSv1_method(); 2319 meth = TLSv1_method();
2358 tci = NULL; 2320 tci = NULL;
@@ -2365,7 +2327,6 @@ do_test_cipherlist(void)
2365 tci = ci; 2327 tci = ci;
2366 } 2328 }
2367 fprintf(stderr, "ok\n"); 2329 fprintf(stderr, "ok\n");
2368#endif
2369 2330
2370 return 1; 2331 return 1;
2371} 2332}
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 97e4a3f96c..d3e015e738 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -350,10 +350,6 @@ extern "C" {
350extern "C" { 350extern "C" {
351#endif 351#endif
352 352
353#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
354#define OPENSSL_NO_SSL2
355#endif
356
357#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 353#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
358#define SSL_FILETYPE_PEM X509_FILETYPE_PEM 354#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
359 355
@@ -1839,12 +1835,6 @@ const char *SSL_get_version(const SSL *s);
1839/* This sets the 'default' SSL version that SSL_new() will create */ 1835/* This sets the 'default' SSL version that SSL_new() will create */
1840int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); 1836int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
1841 1837
1842#ifndef OPENSSL_NO_SSL2
1843const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
1844const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
1845const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
1846#endif
1847
1848const SSL_METHOD *SSLv3_method(void); /* SSLv3 */ 1838const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1849const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ 1839const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1850const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ 1840const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
diff --git a/src/lib/libssl/ssl/Makefile b/src/lib/libssl/ssl/Makefile
index 89c79ed8f9..6c41b6449c 100644
--- a/src/lib/libssl/ssl/Makefile
+++ b/src/lib/libssl/ssl/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.34 2014/04/14 22:12:26 beck Exp $ 1# $OpenBSD: Makefile,v 1.35 2014/04/15 21:47:56 tedu Exp $
2 2
3LIB= ssl 3LIB= ssl
4 4
@@ -7,12 +7,10 @@ LSSL_SRC= ${SSL_SRC}/ssl
7 7
8CFLAGS+= -DTERMIOS -DANSI_SOURCE 8CFLAGS+= -DTERMIOS -DANSI_SOURCE
9CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 9CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5
10CFLAGS+= -DOPENSSL_NO_SSL2
11CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS 10CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS
12CFLAGS+= -I${SSL_SRC} 11CFLAGS+= -I${SSL_SRC}
13 12
14SRCS=\ 13SRCS=\
15 s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \
16 s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \ 14 s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \
17 s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ 15 s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \
18 t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \ 16 t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
index 3d9371cdd7..da55c92de2 100644
--- a/src/lib/libssl/ssl_stat.c
+++ b/src/lib/libssl/ssl_stat.c
@@ -109,86 +109,6 @@ const char
109 str="before/accept initialization"; break; 109 str="before/accept initialization"; break;
110 case SSL_ST_OK|SSL_ST_ACCEPT: 110 case SSL_ST_OK|SSL_ST_ACCEPT:
111 str="ok/accept SSL initialization"; break; 111 str="ok/accept SSL initialization"; break;
112#ifndef OPENSSL_NO_SSL2
113 case SSL2_ST_CLIENT_START_ENCRYPTION:
114 str="SSLv2 client start encryption"; break;
115 case SSL2_ST_SERVER_START_ENCRYPTION:
116 str="SSLv2 server start encryption"; break;
117 case SSL2_ST_SEND_CLIENT_HELLO_A:
118 str="SSLv2 write client hello A"; break;
119 case SSL2_ST_SEND_CLIENT_HELLO_B:
120 str="SSLv2 write client hello B"; break;
121 case SSL2_ST_GET_SERVER_HELLO_A:
122 str="SSLv2 read server hello A"; break;
123 case SSL2_ST_GET_SERVER_HELLO_B:
124 str="SSLv2 read server hello B"; break;
125 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
126 str="SSLv2 write client master key A"; break;
127 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
128 str="SSLv2 write client master key B"; break;
129 case SSL2_ST_SEND_CLIENT_FINISHED_A:
130 str="SSLv2 write client finished A"; break;
131 case SSL2_ST_SEND_CLIENT_FINISHED_B:
132 str="SSLv2 write client finished B"; break;
133 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
134 str="SSLv2 write client certificate A"; break;
135 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
136 str="SSLv2 write client certificate B"; break;
137 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
138 str="SSLv2 write client certificate C"; break;
139 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
140 str="SSLv2 write client certificate D"; break;
141 case SSL2_ST_GET_SERVER_VERIFY_A:
142 str="SSLv2 read server verify A"; break;
143 case SSL2_ST_GET_SERVER_VERIFY_B:
144 str="SSLv2 read server verify B"; break;
145 case SSL2_ST_GET_SERVER_FINISHED_A:
146 str="SSLv2 read server finished A"; break;
147 case SSL2_ST_GET_SERVER_FINISHED_B:
148 str="SSLv2 read server finished B"; break;
149 case SSL2_ST_GET_CLIENT_HELLO_A:
150 str="SSLv2 read client hello A"; break;
151 case SSL2_ST_GET_CLIENT_HELLO_B:
152 str="SSLv2 read client hello B"; break;
153 case SSL2_ST_GET_CLIENT_HELLO_C:
154 str="SSLv2 read client hello C"; break;
155 case SSL2_ST_SEND_SERVER_HELLO_A:
156 str="SSLv2 write server hello A"; break;
157 case SSL2_ST_SEND_SERVER_HELLO_B:
158 str="SSLv2 write server hello B"; break;
159 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
160 str="SSLv2 read client master key A"; break;
161 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
162 str="SSLv2 read client master key B"; break;
163 case SSL2_ST_SEND_SERVER_VERIFY_A:
164 str="SSLv2 write server verify A"; break;
165 case SSL2_ST_SEND_SERVER_VERIFY_B:
166 str="SSLv2 write server verify B"; break;
167 case SSL2_ST_SEND_SERVER_VERIFY_C:
168 str="SSLv2 write server verify C"; break;
169 case SSL2_ST_GET_CLIENT_FINISHED_A:
170 str="SSLv2 read client finished A"; break;
171 case SSL2_ST_GET_CLIENT_FINISHED_B:
172 str="SSLv2 read client finished B"; break;
173 case SSL2_ST_SEND_SERVER_FINISHED_A:
174 str="SSLv2 write server finished A"; break;
175 case SSL2_ST_SEND_SERVER_FINISHED_B:
176 str="SSLv2 write server finished B"; break;
177 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
178 str="SSLv2 write request certificate A"; break;
179 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
180 str="SSLv2 write request certificate B"; break;
181 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
182 str="SSLv2 write request certificate C"; break;
183 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
184 str="SSLv2 write request certificate D"; break;
185 case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
186 str="SSLv2 X509 read server certificate"; break;
187 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
188 str="SSLv2 X509 read client certificate"; break;
189#endif
190
191#ifndef OPENSSL_NO_SSL3
192/* SSLv3 additions */ 112/* SSLv3 additions */
193 case SSL3_ST_CW_CLNT_HELLO_A: 113 case SSL3_ST_CW_CLNT_HELLO_A:
194 str="SSLv3 write client hello A"; break; 114 str="SSLv3 write client hello A"; break;
@@ -312,25 +232,6 @@ const char
312 str="SSLv3 read certificate verify A"; break; 232 str="SSLv3 read certificate verify A"; break;
313 case SSL3_ST_SR_CERT_VRFY_B: 233 case SSL3_ST_SR_CERT_VRFY_B:
314 str="SSLv3 read certificate verify B"; break; 234 str="SSLv3 read certificate verify B"; break;
315#endif
316
317#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
318/* SSLv2/v3 compatibility states */
319/* client */
320 case SSL23_ST_CW_CLNT_HELLO_A:
321 str="SSLv2/v3 write client hello A"; break;
322 case SSL23_ST_CW_CLNT_HELLO_B:
323 str="SSLv2/v3 write client hello B"; break;
324 case SSL23_ST_CR_SRVR_HELLO_A:
325 str="SSLv2/v3 read server hello A"; break;
326 case SSL23_ST_CR_SRVR_HELLO_B:
327 str="SSLv2/v3 read server hello B"; break;
328/* server */
329 case SSL23_ST_SR_CLNT_HELLO_A:
330 str="SSLv2/v3 read client hello A"; break;
331 case SSL23_ST_SR_CLNT_HELLO_B:
332 str="SSLv2/v3 read client hello B"; break;
333#endif
334 235
335/* DTLS */ 236/* DTLS */
336 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 237 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
@@ -380,86 +281,7 @@ const char
380 str="CINIT "; break; 281 str="CINIT "; break;
381 case SSL_ST_OK: 282 case SSL_ST_OK:
382 str="SSLOK "; break; 283 str="SSLOK "; break;
383#ifndef OPENSSL_NO_SSL2
384 case SSL2_ST_CLIENT_START_ENCRYPTION:
385 str="2CSENC"; break;
386 case SSL2_ST_SERVER_START_ENCRYPTION:
387 str="2SSENC"; break;
388 case SSL2_ST_SEND_CLIENT_HELLO_A:
389 str="2SCH_A"; break;
390 case SSL2_ST_SEND_CLIENT_HELLO_B:
391 str="2SCH_B"; break;
392 case SSL2_ST_GET_SERVER_HELLO_A:
393 str="2GSH_A"; break;
394 case SSL2_ST_GET_SERVER_HELLO_B:
395 str="2GSH_B"; break;
396 case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
397 str="2SCMKA"; break;
398 case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
399 str="2SCMKB"; break;
400 case SSL2_ST_SEND_CLIENT_FINISHED_A:
401 str="2SCF_A"; break;
402 case SSL2_ST_SEND_CLIENT_FINISHED_B:
403 str="2SCF_B"; break;
404 case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
405 str="2SCC_A"; break;
406 case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
407 str="2SCC_B"; break;
408 case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
409 str="2SCC_C"; break;
410 case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
411 str="2SCC_D"; break;
412 case SSL2_ST_GET_SERVER_VERIFY_A:
413 str="2GSV_A"; break;
414 case SSL2_ST_GET_SERVER_VERIFY_B:
415 str="2GSV_B"; break;
416 case SSL2_ST_GET_SERVER_FINISHED_A:
417 str="2GSF_A"; break;
418 case SSL2_ST_GET_SERVER_FINISHED_B:
419 str="2GSF_B"; break;
420 case SSL2_ST_GET_CLIENT_HELLO_A:
421 str="2GCH_A"; break;
422 case SSL2_ST_GET_CLIENT_HELLO_B:
423 str="2GCH_B"; break;
424 case SSL2_ST_GET_CLIENT_HELLO_C:
425 str="2GCH_C"; break;
426 case SSL2_ST_SEND_SERVER_HELLO_A:
427 str="2SSH_A"; break;
428 case SSL2_ST_SEND_SERVER_HELLO_B:
429 str="2SSH_B"; break;
430 case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
431 str="2GCMKA"; break;
432 case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
433 str="2GCMKA"; break;
434 case SSL2_ST_SEND_SERVER_VERIFY_A:
435 str="2SSV_A"; break;
436 case SSL2_ST_SEND_SERVER_VERIFY_B:
437 str="2SSV_B"; break;
438 case SSL2_ST_SEND_SERVER_VERIFY_C:
439 str="2SSV_C"; break;
440 case SSL2_ST_GET_CLIENT_FINISHED_A:
441 str="2GCF_A"; break;
442 case SSL2_ST_GET_CLIENT_FINISHED_B:
443 str="2GCF_B"; break;
444 case SSL2_ST_SEND_SERVER_FINISHED_A:
445 str="2SSF_A"; break;
446 case SSL2_ST_SEND_SERVER_FINISHED_B:
447 str="2SSF_B"; break;
448 case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
449 str="2SRC_A"; break;
450 case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
451 str="2SRC_B"; break;
452 case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
453 str="2SRC_C"; break;
454 case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
455 str="2SRC_D"; break;
456 case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
457 str="2X9GSC"; break;
458 case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
459 str="2X9GCC"; break;
460#endif
461 284
462#ifndef OPENSSL_NO_SSL3
463/* SSLv3 additions */ 285/* SSLv3 additions */
464 case SSL3_ST_SW_FLUSH: 286 case SSL3_ST_SW_FLUSH:
465 case SSL3_ST_CW_FLUSH: 287 case SSL3_ST_CW_FLUSH:
@@ -574,25 +396,6 @@ const char
574 str="3RCV_A"; break; 396 str="3RCV_A"; break;
575 case SSL3_ST_SR_CERT_VRFY_B: 397 case SSL3_ST_SR_CERT_VRFY_B:
576 str="3RCV_B"; break; 398 str="3RCV_B"; break;
577#endif
578
579#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
580/* SSLv2/v3 compatibility states */
581/* client */
582 case SSL23_ST_CW_CLNT_HELLO_A:
583 str="23WCHA"; break;
584 case SSL23_ST_CW_CLNT_HELLO_B:
585 str="23WCHB"; break;
586 case SSL23_ST_CR_SRVR_HELLO_A:
587 str="23RSHA"; break;
588 case SSL23_ST_CR_SRVR_HELLO_B:
589 str="23RSHA"; break;
590/* server */
591 case SSL23_ST_SR_CLNT_HELLO_A:
592 str="23RCHA"; break;
593 case SSL23_ST_SR_CLNT_HELLO_B:
594 str="23RCHB"; break;
595#endif
596/* DTLS */ 399/* DTLS */
597 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 400 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
598 str="DRCHVA"; break; 401 str="DRCHVA"; break;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 19:46:33 +0000