return 1;
}
-/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
- * on failure, 1 on success. */
+/*
+ * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
+ * on failure, 1 on success.
+ */
int
ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
{
unsigned char *p, *d;
int i, ch_len;
unsigned long l;
- int ssl2_compat;
int version = 0, version_major, version_minor;
#ifndef OPENSSL_NO_COMP
int j;
int ret;
unsigned long mask, options = s->options;
- ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
-
- if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
- ssl2_compat = 0;
-
/*
* SSL_OP_NO_X disables all protocols above X *if* there are
* some protocols below X enabled. This is required in order
version = SSL3_VERSION;
mask &= ~SSL_OP_NO_SSLv3;
-#ifndef OPENSSL_NO_TLSEXT
- if (version != SSL2_VERSION) {
- /* have to disable SSL 2.0 compatibility if we need TLS extensions */
-
- if (s->tlsext_hostname != NULL)
- ssl2_compat = 0;
- if (s->tlsext_status_type != -1)
- ssl2_compat = 0;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
- ssl2_compat = 0;
-#endif
- }
-#endif
-
buf = (unsigned char *)s->init_buf->data;
if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
#if 0
} else if (version == SSL3_VERSION) {
version_major = SSL3_VERSION_MAJOR;
version_minor = SSL3_VERSION_MINOR;
- } else if (version == SSL2_VERSION) {
- version_major = SSL2_VERSION_MAJOR;
- version_minor = SSL2_VERSION_MINOR;
} else {
SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_PROTOCOLS_AVAILABLE);
return (-1);
s->client_version = version;
- if (ssl2_compat) {
- /* create SSL 2.0 compatible Client Hello */
-
- /* two byte record header will be written last */
- d = &(buf[2]);
- p = d + 9; /* leave space for message type, version, individual length fields */
-
- *(d++) = SSL2_MT_CLIENT_HELLO;
- *(d++) = version_major;
- *(d++) = version_minor;
-
- /* Ciphers supported */
- i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), p, 0);
- if (i == 0) {
- /* no ciphers */
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
- return -1;
- }
- s2n(i, d);
- p += i;
-
- /* put in the session-id length (zero since there is no reuse) */
-#if 0
- s->session->session_id_length = 0;
-#endif
- s2n(0, d);
-
- if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
- ch_len = SSL2_CHALLENGE_LENGTH;
- else
- ch_len = SSL2_MAX_CHALLENGE_LENGTH;
-
- /* write out sslv2 challenge */
- /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32),
- because it is one of SSL2_MAX_CHALLENGE_LENGTH (32)
- or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the
- check in for futurproofing */
- if (SSL3_RANDOM_SIZE < ch_len)
- i = SSL3_RANDOM_SIZE;
- else
- i = ch_len;
- s2n(i, d);
- memset(&(s->s3->client_random[0]), 0, SSL3_RANDOM_SIZE);
- if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i) <= 0)
- return -1;
-
- memcpy(p, &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
- p += i;
-
- i = p- &(buf[2]);
- buf[0] = ((i >> 8)&0xff)|0x80;
- buf[1] = (i&0xff);
-
- /* number of bytes to write */
- s->init_num = i + 2;
- s->init_off = 0;
-
- ssl3_finish_mac(s, &(buf[2]), i);
- } else {
- /* create Client Hello in SSL 3.0/TLS 1.0 format */
+ /* create Client Hello in SSL 3.0/TLS 1.0 format */
- /* do the record header (5 bytes) and handshake message header (4 bytes) last */
- d = p = &(buf[9]);
+ /*
+ * Do the record header (5 bytes) and handshake
+ * message header (4 bytes) last
+ */
+ d = p = &(buf[9]);
- *(p++) = version_major;
- *(p++) = version_minor;
+ *(p++) = version_major;
+ *(p++) = version_minor;
- /* Random stuff */
- memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
+ /* Random stuff */
+ memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+ p += SSL3_RANDOM_SIZE;
- /* Session ID (zero since there is no reuse) */
- *(p++) = 0;
+ /* Session ID (zero since there is no reuse) */
+ *(p++) = 0;
- /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
- i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), ssl3_put_cipher_by_char);
- if (i == 0) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
- return -1;
- }
+ /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
+ i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]),
+ ssl3_put_cipher_by_char);
+ if (i == 0) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO,
+ SSL_R_NO_CIPHERS_AVAILABLE);
+ return -1;
+ }
#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
- /* Some servers hang if client hello > 256 bytes
- * as hack workaround chop number of supported ciphers
- * to keep it well below this if we use TLS v1.2
- */
- if (TLS1_get_version(s) >= TLS1_2_VERSION &&
- i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
- i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+ /*
+ * Some servers hang if client hello > 256 bytes
+ * as hack workaround chop number of supported ciphers
+ * to keep it well below this if we use TLS v1.2
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION &&
+ i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+ i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
#endif
- s2n(i, p);
- p += i;
+ s2n(i, p);
+ p += i;
- /* COMPRESSION */
+ /* COMPRESSION */
#ifdef OPENSSL_NO_COMP
- *(p++) = 1;
+ *(p++) = 1;
#else
- if ((s->options & SSL_OP_NO_COMPRESSION) ||
- !s->ctx->comp_methods)
- j = 0;
- else
- j = sk_SSL_COMP_num(s->ctx->comp_methods);
- *(p++) = 1 + j;
- for (i = 0; i < j; i++) {
- comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
- *(p++) = comp->id;
- }
+ if ((s->options & SSL_OP_NO_COMPRESSION) ||
+ !s->ctx->comp_methods)
+ j = 0;
+ else
+ j = sk_SSL_COMP_num(s->ctx->comp_methods);
+ *(p++) = 1 + j;
+ for (i = 0; i < j; i++) {
+ comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
+ *(p++) = comp->id;
+ }
#endif
- *(p++)=0; /* Add the NULL method */
+ /* Add the NULL method */
+ *(p++) = 0;
#ifndef OPENSSL_NO_TLSEXT
- /* TLS extensions*/
- if (ssl_prepare_clienthello_tlsext(s) <= 0) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
- return -1;
- }
- if ((p = ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- return -1;
- }
+ /* TLS extensions*/
+ if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO,
+ SSL_R_CLIENTHELLO_TLSEXT);
+ return -1;
+ }
+ if ((p = ssl_add_clienthello_tlsext(s, p,
+ buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
#endif
- l = p - d;
-
- /* fill in 4-byte handshake header */
- d = &(buf[5]);
- *(d++) = SSL3_MT_CLIENT_HELLO;
- l2n3(l, d);
+ l = p - d;
- l += 4;
+ /* fill in 4-byte handshake header */
+ d = &(buf[5]);
+ *(d++) = SSL3_MT_CLIENT_HELLO;
+ l2n3(l, d);
- if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- return -1;
- }
+ l += 4;
- /* fill in 5-byte record header */
- d = buf;
- *(d++) = SSL3_RT_HANDSHAKE;
- *(d++) = version_major;
- /* Some servers hang if we use long client hellos
- * and a record number > TLS 1.0.
- */
- if (TLS1_get_client_version(s) > TLS1_VERSION)
- *(d++) = 1;
- else
- *(d++) = version_minor;
- s2n((int)l, d);
-
- /* number of bytes to write */
- s->init_num = p - buf;
- s->init_off = 0;
-
- ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
+ if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
}
+ /* fill in 5-byte record header */
+ d = buf;
+ *(d++) = SSL3_RT_HANDSHAKE;
+ *(d++) = version_major;
+
+ /*
+ * Some servers hang if we use long client hellos
+ * and a record number > TLS 1.0.
+ */
+ if (TLS1_get_client_version(s) > TLS1_VERSION)
+ *(d++) = 1;
+ else
+ *(d++) = version_minor;
+ s2n((int)l, d);
+
+ /* number of bytes to write */
+ s->init_num = p - buf;
+ s->init_off = 0;
+
+ ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
+
s->state = SSL23_ST_CW_CLNT_HELLO_B;
s->init_off = 0;
}
if ((ret >= 2) && s->msg_callback) {
/* Client Hello has been sent; tell msg_callback */
- if (ssl2_compat)
- s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data + 2, ret - 2, s, s->msg_callback_arg);
- else
- s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data + 5, ret - 5, s, s->msg_callback_arg);
+ s->msg_callback(1, version, SSL3_RT_HANDSHAKE,
+ s->init_buf->data + 5, ret - 5, s, s->msg_callback_arg);
}
return ret;
memcpy(buf, p, n);
+ /* Old unsupported sslv2 handshake */
if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
- (p[5] == 0x00) && (p[6] == 0x02)) {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+ (p[5] == 0x00) && (p[6] == 0x02)) {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+ SSL_R_UNSUPPORTED_PROTOCOL);
goto err;
- } else if (p[1] == SSL3_VERSION_MAJOR &&
+ }
+
+ if (p[1] == SSL3_VERSION_MAJOR &&
p[2] <= TLS1_2_VERSION_MINOR &&
((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
(p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
s->version = TLS1_2_VERSION;
s->method = TLSv1_2_client_method();
} else {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+ SSL_R_UNSUPPORTED_PROTOCOL);
goto err;
}
if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) {
/* fatal alert */
-
void (*cb)(const SSL *ssl, int type, int val) = NULL;
int j;
}
if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s, s->msg_callback_arg);
+ s->msg_callback(0, s->version, SSL3_RT_ALERT,
+ p + 5, 2, s, s->msg_callback_arg);
s->rwstate = SSL_NOTHING;
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_AD_REASON_OFFSET + p[6]);
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+ SSL_AD_REASON_OFFSET + p[6]);
goto err;
}
}
s->init_num = 0;
- /* Since, if we are sending a ssl23 client hello, we are not
- * reusing a session-id */
+ /*
+ * Since, if we are sending a ssl23 client hello, we are not
+ * reusing a session-id
+ */
if (!ssl_get_new_session(s, 0))
goto err;
static const SSL_METHOD *ssl23_get_server_method(int ver);
int ssl23_get_client_hello(SSL *s);
-static const SSL_METHOD
-*ssl23_get_server_method(int ver)
+static const SSL_METHOD *
+ssl23_get_server_method(int ver)
{
if (ver == SSL3_VERSION)
return (SSLv3_server_method());
ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
if (s->msg_callback)
- s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+ s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
+ s->packet_length-2, s, s->msg_callback_arg);
p = s->packet;
p += 5;
n2s(p, sil);
n2s(p, cl);
d = (unsigned char *)s->init_buf->data;
- if ((csl + sil + cl + 11) != s->packet_length) /* We can't have TLS extensions in SSL 2.0 format
- * Client Hello, can we ? Error condition should be
- * '>' otherweise */
+ if ((csl + sil + cl + 11) != s->packet_length)
{
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_LENGTH_MISMATCH);
+ /*
+ * We can't have TLS extensions in SSL 2.0 format
+ * Client Hello, can we ? Error condition should be
+ * '>' otherwise
+ */
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
+ SSL_R_RECORD_LENGTH_MISMATCH);
goto err;
}
return 1;
}
-/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
- * on failure, 1 on success. */
+/*
+ * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
+ * on failure, 1 on success.
+ */
int
ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
{
unsigned char *p, *d;
int i, ch_len;
unsigned long l;
- int ssl2_compat;
int version = 0, version_major, version_minor;
#ifndef OPENSSL_NO_COMP
int j;
int ret;
unsigned long mask, options = s->options;
- ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
-
- if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
- ssl2_compat = 0;
-
/*
* SSL_OP_NO_X disables all protocols above X *if* there are
* some protocols below X enabled. This is required in order
version = SSL3_VERSION;
mask &= ~SSL_OP_NO_SSLv3;
-#ifndef OPENSSL_NO_TLSEXT
- if (version != SSL2_VERSION) {
- /* have to disable SSL 2.0 compatibility if we need TLS extensions */
-
- if (s->tlsext_hostname != NULL)
- ssl2_compat = 0;
- if (s->tlsext_status_type != -1)
- ssl2_compat = 0;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
- ssl2_compat = 0;
-#endif
- }
-#endif
-
buf = (unsigned char *)s->init_buf->data;
if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
#if 0
} else if (version == SSL3_VERSION) {
version_major = SSL3_VERSION_MAJOR;
version_minor = SSL3_VERSION_MINOR;
- } else if (version == SSL2_VERSION) {
- version_major = SSL2_VERSION_MAJOR;
- version_minor = SSL2_VERSION_MINOR;
} else {
SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_PROTOCOLS_AVAILABLE);
return (-1);
s->client_version = version;
- if (ssl2_compat) {
- /* create SSL 2.0 compatible Client Hello */
-
- /* two byte record header will be written last */
- d = &(buf[2]);
- p = d + 9; /* leave space for message type, version, individual length fields */
-
- *(d++) = SSL2_MT_CLIENT_HELLO;
- *(d++) = version_major;
- *(d++) = version_minor;
-
- /* Ciphers supported */
- i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), p, 0);
- if (i == 0) {
- /* no ciphers */
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
- return -1;
- }
- s2n(i, d);
- p += i;
-
- /* put in the session-id length (zero since there is no reuse) */
-#if 0
- s->session->session_id_length = 0;
-#endif
- s2n(0, d);
-
- if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
- ch_len = SSL2_CHALLENGE_LENGTH;
- else
- ch_len = SSL2_MAX_CHALLENGE_LENGTH;
-
- /* write out sslv2 challenge */
- /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32),
- because it is one of SSL2_MAX_CHALLENGE_LENGTH (32)
- or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the
- check in for futurproofing */
- if (SSL3_RANDOM_SIZE < ch_len)
- i = SSL3_RANDOM_SIZE;
- else
- i = ch_len;
- s2n(i, d);
- memset(&(s->s3->client_random[0]), 0, SSL3_RANDOM_SIZE);
- if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i) <= 0)
- return -1;
-
- memcpy(p, &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
- p += i;
-
- i = p- &(buf[2]);
- buf[0] = ((i >> 8)&0xff)|0x80;
- buf[1] = (i&0xff);
-
- /* number of bytes to write */
- s->init_num = i + 2;
- s->init_off = 0;
-
- ssl3_finish_mac(s, &(buf[2]), i);
- } else {
- /* create Client Hello in SSL 3.0/TLS 1.0 format */
+ /* create Client Hello in SSL 3.0/TLS 1.0 format */
- /* do the record header (5 bytes) and handshake message header (4 bytes) last */
- d = p = &(buf[9]);
+ /*
+ * Do the record header (5 bytes) and handshake
+ * message header (4 bytes) last
+ */
+ d = p = &(buf[9]);
- *(p++) = version_major;
- *(p++) = version_minor;
+ *(p++) = version_major;
+ *(p++) = version_minor;
- /* Random stuff */
- memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
+ /* Random stuff */
+ memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+ p += SSL3_RANDOM_SIZE;
- /* Session ID (zero since there is no reuse) */
- *(p++) = 0;
+ /* Session ID (zero since there is no reuse) */
+ *(p++) = 0;
- /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
- i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), ssl3_put_cipher_by_char);
- if (i == 0) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
- return -1;
- }
+ /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
+ i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]),
+ ssl3_put_cipher_by_char);
+ if (i == 0) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO,
+ SSL_R_NO_CIPHERS_AVAILABLE);
+ return -1;
+ }
#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
- /* Some servers hang if client hello > 256 bytes
- * as hack workaround chop number of supported ciphers
- * to keep it well below this if we use TLS v1.2
- */
- if (TLS1_get_version(s) >= TLS1_2_VERSION &&
- i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
- i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+ /*
+ * Some servers hang if client hello > 256 bytes
+ * as hack workaround chop number of supported ciphers
+ * to keep it well below this if we use TLS v1.2
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION &&
+ i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+ i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
#endif
- s2n(i, p);
- p += i;
+ s2n(i, p);
+ p += i;
- /* COMPRESSION */
+ /* COMPRESSION */
#ifdef OPENSSL_NO_COMP
- *(p++) = 1;
+ *(p++) = 1;
#else
- if ((s->options & SSL_OP_NO_COMPRESSION) ||
- !s->ctx->comp_methods)
- j = 0;
- else
- j = sk_SSL_COMP_num(s->ctx->comp_methods);
- *(p++) = 1 + j;
- for (i = 0; i < j; i++) {
- comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
- *(p++) = comp->id;
- }
+ if ((s->options & SSL_OP_NO_COMPRESSION) ||
+ !s->ctx->comp_methods)
+ j = 0;
+ else
+ j = sk_SSL_COMP_num(s->ctx->comp_methods);
+ *(p++) = 1 + j;
+ for (i = 0; i < j; i++) {
+ comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
+ *(p++) = comp->id;
+ }
#endif
- *(p++)=0; /* Add the NULL method */
+ /* Add the NULL method */
+ *(p++) = 0;
#ifndef OPENSSL_NO_TLSEXT
- /* TLS extensions*/
- if (ssl_prepare_clienthello_tlsext(s) <= 0) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
- return -1;
- }
- if ((p = ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- return -1;
- }
+ /* TLS extensions*/
+ if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO,
+ SSL_R_CLIENTHELLO_TLSEXT);
+ return -1;
+ }
+ if ((p = ssl_add_clienthello_tlsext(s, p,
+ buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
#endif
- l = p - d;
-
- /* fill in 4-byte handshake header */
- d = &(buf[5]);
- *(d++) = SSL3_MT_CLIENT_HELLO;
- l2n3(l, d);
+ l = p - d;
- l += 4;
+ /* fill in 4-byte handshake header */
+ d = &(buf[5]);
+ *(d++) = SSL3_MT_CLIENT_HELLO;
+ l2n3(l, d);
- if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
- SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- return -1;
- }
+ l += 4;
- /* fill in 5-byte record header */
- d = buf;
- *(d++) = SSL3_RT_HANDSHAKE;
- *(d++) = version_major;
- /* Some servers hang if we use long client hellos
- * and a record number > TLS 1.0.
- */
- if (TLS1_get_client_version(s) > TLS1_VERSION)
- *(d++) = 1;
- else
- *(d++) = version_minor;
- s2n((int)l, d);
-
- /* number of bytes to write */
- s->init_num = p - buf;
- s->init_off = 0;
-
- ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
+ if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
}
+ /* fill in 5-byte record header */
+ d = buf;
+ *(d++) = SSL3_RT_HANDSHAKE;
+ *(d++) = version_major;
+
+ /*
+ * Some servers hang if we use long client hellos
+ * and a record number > TLS 1.0.
+ */
+ if (TLS1_get_client_version(s) > TLS1_VERSION)
+ *(d++) = 1;
+ else
+ *(d++) = version_minor;
+ s2n((int)l, d);
+
+ /* number of bytes to write */
+ s->init_num = p - buf;
+ s->init_off = 0;
+
+ ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
+
s->state = SSL23_ST_CW_CLNT_HELLO_B;
s->init_off = 0;
}
if ((ret >= 2) && s->msg_callback) {
/* Client Hello has been sent; tell msg_callback */
- if (ssl2_compat)
- s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data + 2, ret - 2, s, s->msg_callback_arg);
- else
- s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data + 5, ret - 5, s, s->msg_callback_arg);
+ s->msg_callback(1, version, SSL3_RT_HANDSHAKE,
+ s->init_buf->data + 5, ret - 5, s, s->msg_callback_arg);
}
return ret;
memcpy(buf, p, n);
+ /* Old unsupported sslv2 handshake */
if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
- (p[5] == 0x00) && (p[6] == 0x02)) {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+ (p[5] == 0x00) && (p[6] == 0x02)) {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+ SSL_R_UNSUPPORTED_PROTOCOL);
goto err;
- } else if (p[1] == SSL3_VERSION_MAJOR &&
+ }
+
+ if (p[1] == SSL3_VERSION_MAJOR &&
p[2] <= TLS1_2_VERSION_MINOR &&
((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
(p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
s->version = TLS1_2_VERSION;
s->method = TLSv1_2_client_method();
} else {
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+ SSL_R_UNSUPPORTED_PROTOCOL);
goto err;
}
if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) {
/* fatal alert */
-
void (*cb)(const SSL *ssl, int type, int val) = NULL;
int j;
}
if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s, s->msg_callback_arg);
+ s->msg_callback(0, s->version, SSL3_RT_ALERT,
+ p + 5, 2, s, s->msg_callback_arg);
s->rwstate = SSL_NOTHING;
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_AD_REASON_OFFSET + p[6]);
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+ SSL_AD_REASON_OFFSET + p[6]);
goto err;
}
}
s->init_num = 0;
- /* Since, if we are sending a ssl23 client hello, we are not
- * reusing a session-id */
+ /*
+ * Since, if we are sending a ssl23 client hello, we are not
+ * reusing a session-id
+ */
if (!ssl_get_new_session(s, 0))
goto err;
static const SSL_METHOD *ssl23_get_server_method(int ver);
int ssl23_get_client_hello(SSL *s);
-static const SSL_METHOD
-*ssl23_get_server_method(int ver)
+static const SSL_METHOD *
+ssl23_get_server_method(int ver)
{
if (ver == SSL3_VERSION)
return (SSLv3_server_method());
ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
if (s->msg_callback)
- s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+ s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
+ s->packet_length-2, s, s->msg_callback_arg);
p = s->packet;
p += 5;
n2s(p, sil);
n2s(p, cl);
d = (unsigned char *)s->init_buf->data;
- if ((csl + sil + cl + 11) != s->packet_length) /* We can't have TLS extensions in SSL 2.0 format
- * Client Hello, can we ? Error condition should be
- * '>' otherweise */
+ if ((csl + sil + cl + 11) != s->packet_length)
{
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_LENGTH_MISMATCH);
+ /*
+ * We can't have TLS extensions in SSL 2.0 format
+ * Client Hello, can we ? Error condition should be
+ * '>' otherwise
+ */
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
+ SSL_R_RECORD_LENGTH_MISMATCH);
goto err;
}
l = in->cipher_id;
else
l = in->cipher->id;
- if (in->ssl_version == SSL2_VERSION) {
- a.cipher.length = 3;
- buf[0] = ((unsigned char)(l >> 16L))&0xff;
- buf[1] = ((unsigned char)(l >> 8L))&0xff;
- buf[2] = ((unsigned char)(l ))&0xff;
- } else {
- a.cipher.length = 2;
- buf[0] = ((unsigned char)(l >> 8L))&0xff;
- buf[1] = ((unsigned char)(l ))&0xff;
- }
+ a.cipher.length = 2;
+ buf[0] = ((unsigned char)(l >> 8L))&0xff;
+ buf[1] = ((unsigned char)(l ))&0xff;
#ifndef OPENSSL_NO_COMP
if (in->compress_meth) {
os.data = NULL;
os.length = 0;
M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
- if (ssl_version == SSL2_VERSION) {
- if (os.length != 3) {
- c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
- goto err;
- }
- id = 0x02000000L|
- ((unsigned long)os.data[0]<<16L)|
- ((unsigned long)os.data[1]<< 8L)|
- (unsigned long)os.data[2];
- } else if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
+ if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
if (os.length != 2) {
c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
goto err;
ret->cipher_id = id;
M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
- if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR)
- i = SSL3_MAX_SSL_SESSION_ID_LENGTH;
- else /* if (ssl_version>>8 == SSL2_VERSION_MAJOR) */
- i = SSL2_MAX_SSL_SESSION_ID_LENGTH;
+ i = SSL3_MAX_SSL_SESSION_ID_LENGTH;
if (os.length > i)
os.length = i;
return (1);
}
-/** Used to change an SSL_CTXs default SSL method type */
+/* Used to change an SSL_CTXs default SSL method type */
int
SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
{
ctx->method = meth;
sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
- &(ctx->cipher_list_by_id),
- meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
+ &(ctx->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
return (0);
SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
unsigned int id_len)
{
- /* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
- * we can "construct" a session to give us the desired check - ie. to
- * find if there's a session in the hash table that would conflict with
- * any new session built out of this id/id_len and the ssl_version in
- * use by this SSL. */
+ /*
+ * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp
+ * shows how we can "construct" a session to give us the desired
+ * check - ie. to find if there's a session in the hash table
+ * that would conflict with any new session built out of this
+ * id/id_len and the ssl_version in use by this SSL.
+ */
SSL_SESSION r, *p;
if (id_len > sizeof r.session_id)
r.ssl_version = ssl->version;
r.session_id_length = id_len;
memcpy(r.session_id, id, id_len);
- /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
- * callback is calling us to check the uniqueness of a shorter ID, it
- * must be compared as a padded-out ID because that is what it will be
- * converted to when the callback has finished choosing it. */
- if ((r.ssl_version == SSL2_VERSION) &&
- (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
- memset(r.session_id + id_len, 0,
- SSL2_SSL_SESSION_ID_LENGTH - id_len);
- r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
- }
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
if (ret->cert_store == NULL)
goto err;
- ssl_create_cipher_list(ret->method,
- &ret->cipher_list, &ret->cipher_list_by_id,
- meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
- if (ret->cipher_list == NULL
- || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
+ ssl_create_cipher_list(ret->method, &ret->cipher_list,
+ &ret->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
+ if (ret->cipher_list == NULL ||
+ sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
goto err2;
}
if (!ret->param)
goto err;
- if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
- goto err2;
- }
if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
goto err2;
if (BIO_should_read(bio))
return (SSL_ERROR_WANT_READ);
else if (BIO_should_write(bio))
- /* This one doesn't make too much sense ... We never try
- * to write to the rbio, and an application program where
- * rbio and wbio are separate couldn't even know what it
- * should wait for.
- * However if we ever set s->rwstate incorrectly
- * (so that we have SSL_want_read(s) instead of
- * SSL_want_write(s)) and rbio and wbio *are* the same,
- * this test works around that bug; so it might be safer
- * to keep it. */
+ /*
+ * This one doesn't make too much sense... We never
+ * try to write to the rbio, and an application
+ * program where rbio and wbio are separate couldn't
+ * even know what it should wait for. However if we
+ * ever set s->rwstate incorrectly (so that we have
+ * SSL_want_read(s) instead of SSL_want_write(s))
+ * and rbio and wbio *are* the same, this test works
+ * around that bug; so it might be safer to keep it.
+ */
return (SSL_ERROR_WANT_WRITE);
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
}
if (i == 0) {
- if (s->version == SSL2_VERSION) {
- /* assume it is the socket being closed */
- return (SSL_ERROR_ZERO_RETURN);
- } else {
- if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
- (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
- return (SSL_ERROR_ZERO_RETURN);
- }
+ if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+ (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
+ return (SSL_ERROR_ZERO_RETURN);
}
return (SSL_ERROR_SYSCALL);
}
return (0);
}
-SSL_METHOD
-*ssl_bad_method(int ver)
+SSL_METHOD *
+ssl_bad_method(int ver)
{
SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (NULL);
}
-const char
-*SSL_get_version(const SSL *s)
+const char *
+SSL_get_version(const SSL *s)
{
if (s->version == TLS1_2_VERSION)
return("TLSv1.2");
return("TLSv1");
else if (s->version == SSL3_VERSION)
return("SSLv3");
- else if (s->version == SSL2_VERSION)
- return("SSLv2");
else
return("unknown");
}
-SSL
-*SSL_dup(SSL *s)
+SSL *
+SSL_dup(SSL *s)
{
STACK_OF(X509_NAME) *sk;
X509_NAME *xn;
typedef struct sess_cert_st {
- STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
+ STACK_OF(X509) *cert_chain; /* as received from peer */
/* The 'peer_...' members are used only by clients. */
int peer_cert_type;
return &func_name##_data; \
}
-#define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-const SSL_METHOD *func_name(void) \
- { \
- static const SSL_METHOD func_name##_data= { \
- SSL2_VERSION, \
- ssl2_new, /* local */ \
- ssl2_clear, /* local */ \
- ssl2_free, /* local */ \
- s_accept, \
- s_connect, \
- ssl2_read, \
- ssl2_peek, \
- ssl2_write, \
- ssl2_shutdown, \
- ssl_ok, /* NULL - renegotiate */ \
- ssl_ok, /* NULL - check renegotiate */ \
- NULL, /* NULL - ssl_get_message */ \
- NULL, /* NULL - ssl_get_record */ \
- NULL, /* NULL - ssl_write_bytes */ \
- NULL, /* NULL - dispatch_alert */ \
- ssl2_ctrl, /* local */ \
- ssl2_ctx_ctrl, /* local */ \
- ssl2_get_cipher_by_char, \
- ssl2_put_cipher_by_char, \
- ssl2_pending, \
- ssl2_num_ciphers, \
- ssl2_get_cipher, \
- s_get_meth, \
- ssl2_default_timeout, \
- &ssl3_undef_enc_method, \
- ssl_undefined_void_function, \
- ssl2_callback_ctrl, /* local */ \
- ssl2_ctx_callback_ctrl, /* local */ \
- }; \
- return &func_name##_data; \
- }
-
#define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
const SSL_METHOD *func_name(void) \
{ \
}
if (session) {
- if (s->version == SSL2_VERSION) {
- ss->ssl_version = SSL2_VERSION;
- ss->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
- } else if (s->version == SSL3_VERSION) {
- ss->ssl_version = SSL3_VERSION;
+ switch (s->version) {
+ case SSL3_VERSION:
+ case TLS1_VERSION:
+ case TLS1_1_VERSION:
+ case TLS1_2_VERSION:
+ case DTLS1_BAD_VER:
+ case DTLS1_VERSION:
+ ss->ssl_version = s->version;
ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == TLS1_VERSION) {
- ss->ssl_version = TLS1_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == TLS1_1_VERSION) {
- ss->ssl_version = TLS1_1_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == TLS1_2_VERSION) {
- ss->ssl_version = TLS1_2_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == DTLS1_BAD_VER) {
- ss->ssl_version = DTLS1_BAD_VER;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == DTLS1_VERSION) {
- ss->ssl_version = DTLS1_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else {
- SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION);
+ break;
+ default:
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+ SSL_R_UNSUPPORTED_SSL_VERSION);
SSL_SESSION_free(ss);
return (0);
}
SSL_SESSION_free(ss);
return (0);
}
- /* If the session length was shrunk and we're SSLv2, pad it */
- if ((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
- memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
- else
- ss->session_id_length = tmp;
+ ss->session_id_length = tmp;
/* Finally, check for a conflict */
if (SSL_has_matching_session_id(s, ss->session_id,
ss->session_id_length)) {
goto err;
if (BIO_puts(bp, "SSL-Session:\n")
<= 0) goto err;
- if (x->ssl_version == SSL2_VERSION)
- s="SSLv2";
- else if (x->ssl_version == SSL3_VERSION)
+ if (x->ssl_version == SSL3_VERSION)
s="SSLv3";
else if (x->ssl_version == TLS1_2_VERSION)
s="TLSv1.2";
l = in->cipher_id;
else
l = in->cipher->id;
- if (in->ssl_version == SSL2_VERSION) {
- a.cipher.length = 3;
- buf[0] = ((unsigned char)(l >> 16L))&0xff;
- buf[1] = ((unsigned char)(l >> 8L))&0xff;
- buf[2] = ((unsigned char)(l ))&0xff;
- } else {
- a.cipher.length = 2;
- buf[0] = ((unsigned char)(l >> 8L))&0xff;
- buf[1] = ((unsigned char)(l ))&0xff;
- }
+ a.cipher.length = 2;
+ buf[0] = ((unsigned char)(l >> 8L))&0xff;
+ buf[1] = ((unsigned char)(l ))&0xff;
#ifndef OPENSSL_NO_COMP
if (in->compress_meth) {
os.data = NULL;
os.length = 0;
M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
- if (ssl_version == SSL2_VERSION) {
- if (os.length != 3) {
- c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
- goto err;
- }
- id = 0x02000000L|
- ((unsigned long)os.data[0]<<16L)|
- ((unsigned long)os.data[1]<< 8L)|
- (unsigned long)os.data[2];
- } else if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
+ if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
if (os.length != 2) {
c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
goto err;
ret->cipher_id = id;
M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
- if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR)
- i = SSL3_MAX_SSL_SESSION_ID_LENGTH;
- else /* if (ssl_version>>8 == SSL2_VERSION_MAJOR) */
- i = SSL2_MAX_SSL_SESSION_ID_LENGTH;
+ i = SSL3_MAX_SSL_SESSION_ID_LENGTH;
if (os.length > i)
os.length = i;
return (1);
}
-/** Used to change an SSL_CTXs default SSL method type */
+/* Used to change an SSL_CTXs default SSL method type */
int
SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
{
ctx->method = meth;
sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
- &(ctx->cipher_list_by_id),
- meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
+ &(ctx->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
return (0);
SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
unsigned int id_len)
{
- /* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
- * we can "construct" a session to give us the desired check - ie. to
- * find if there's a session in the hash table that would conflict with
- * any new session built out of this id/id_len and the ssl_version in
- * use by this SSL. */
+ /*
+ * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp
+ * shows how we can "construct" a session to give us the desired
+ * check - ie. to find if there's a session in the hash table
+ * that would conflict with any new session built out of this
+ * id/id_len and the ssl_version in use by this SSL.
+ */
SSL_SESSION r, *p;
if (id_len > sizeof r.session_id)
r.ssl_version = ssl->version;
r.session_id_length = id_len;
memcpy(r.session_id, id, id_len);
- /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
- * callback is calling us to check the uniqueness of a shorter ID, it
- * must be compared as a padded-out ID because that is what it will be
- * converted to when the callback has finished choosing it. */
- if ((r.ssl_version == SSL2_VERSION) &&
- (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
- memset(r.session_id + id_len, 0,
- SSL2_SSL_SESSION_ID_LENGTH - id_len);
- r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
- }
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
if (ret->cert_store == NULL)
goto err;
- ssl_create_cipher_list(ret->method,
- &ret->cipher_list, &ret->cipher_list_by_id,
- meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
- if (ret->cipher_list == NULL
- || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
+ ssl_create_cipher_list(ret->method, &ret->cipher_list,
+ &ret->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
+ if (ret->cipher_list == NULL ||
+ sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
goto err2;
}
if (!ret->param)
goto err;
- if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
- goto err2;
- }
if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
goto err2;
if (BIO_should_read(bio))
return (SSL_ERROR_WANT_READ);
else if (BIO_should_write(bio))
- /* This one doesn't make too much sense ... We never try
- * to write to the rbio, and an application program where
- * rbio and wbio are separate couldn't even know what it
- * should wait for.
- * However if we ever set s->rwstate incorrectly
- * (so that we have SSL_want_read(s) instead of
- * SSL_want_write(s)) and rbio and wbio *are* the same,
- * this test works around that bug; so it might be safer
- * to keep it. */
+ /*
+ * This one doesn't make too much sense... We never
+ * try to write to the rbio, and an application
+ * program where rbio and wbio are separate couldn't
+ * even know what it should wait for. However if we
+ * ever set s->rwstate incorrectly (so that we have
+ * SSL_want_read(s) instead of SSL_want_write(s))
+ * and rbio and wbio *are* the same, this test works
+ * around that bug; so it might be safer to keep it.
+ */
return (SSL_ERROR_WANT_WRITE);
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
}
if (i == 0) {
- if (s->version == SSL2_VERSION) {
- /* assume it is the socket being closed */
- return (SSL_ERROR_ZERO_RETURN);
- } else {
- if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
- (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
- return (SSL_ERROR_ZERO_RETURN);
- }
+ if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+ (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
+ return (SSL_ERROR_ZERO_RETURN);
}
return (SSL_ERROR_SYSCALL);
}
return (0);
}
-SSL_METHOD
-*ssl_bad_method(int ver)
+SSL_METHOD *
+ssl_bad_method(int ver)
{
SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (NULL);
}
-const char
-*SSL_get_version(const SSL *s)
+const char *
+SSL_get_version(const SSL *s)
{
if (s->version == TLS1_2_VERSION)
return("TLSv1.2");
return("TLSv1");
else if (s->version == SSL3_VERSION)
return("SSLv3");
- else if (s->version == SSL2_VERSION)
- return("SSLv2");
else
return("unknown");
}
-SSL
-*SSL_dup(SSL *s)
+SSL *
+SSL_dup(SSL *s)
{
STACK_OF(X509_NAME) *sk;
X509_NAME *xn;
typedef struct sess_cert_st {
- STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
+ STACK_OF(X509) *cert_chain; /* as received from peer */
/* The 'peer_...' members are used only by clients. */
int peer_cert_type;
return &func_name##_data; \
}
-#define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-const SSL_METHOD *func_name(void) \
- { \
- static const SSL_METHOD func_name##_data= { \
- SSL2_VERSION, \
- ssl2_new, /* local */ \
- ssl2_clear, /* local */ \
- ssl2_free, /* local */ \
- s_accept, \
- s_connect, \
- ssl2_read, \
- ssl2_peek, \
- ssl2_write, \
- ssl2_shutdown, \
- ssl_ok, /* NULL - renegotiate */ \
- ssl_ok, /* NULL - check renegotiate */ \
- NULL, /* NULL - ssl_get_message */ \
- NULL, /* NULL - ssl_get_record */ \
- NULL, /* NULL - ssl_write_bytes */ \
- NULL, /* NULL - dispatch_alert */ \
- ssl2_ctrl, /* local */ \
- ssl2_ctx_ctrl, /* local */ \
- ssl2_get_cipher_by_char, \
- ssl2_put_cipher_by_char, \
- ssl2_pending, \
- ssl2_num_ciphers, \
- ssl2_get_cipher, \
- s_get_meth, \
- ssl2_default_timeout, \
- &ssl3_undef_enc_method, \
- ssl_undefined_void_function, \
- ssl2_callback_ctrl, /* local */ \
- ssl2_ctx_callback_ctrl, /* local */ \
- }; \
- return &func_name##_data; \
- }
-
#define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
const SSL_METHOD *func_name(void) \
{ \
}
if (session) {
- if (s->version == SSL2_VERSION) {
- ss->ssl_version = SSL2_VERSION;
- ss->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
- } else if (s->version == SSL3_VERSION) {
- ss->ssl_version = SSL3_VERSION;
+ switch (s->version) {
+ case SSL3_VERSION:
+ case TLS1_VERSION:
+ case TLS1_1_VERSION:
+ case TLS1_2_VERSION:
+ case DTLS1_BAD_VER:
+ case DTLS1_VERSION:
+ ss->ssl_version = s->version;
ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == TLS1_VERSION) {
- ss->ssl_version = TLS1_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == TLS1_1_VERSION) {
- ss->ssl_version = TLS1_1_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == TLS1_2_VERSION) {
- ss->ssl_version = TLS1_2_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == DTLS1_BAD_VER) {
- ss->ssl_version = DTLS1_BAD_VER;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else if (s->version == DTLS1_VERSION) {
- ss->ssl_version = DTLS1_VERSION;
- ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- } else {
- SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION);
+ break;
+ default:
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+ SSL_R_UNSUPPORTED_SSL_VERSION);
SSL_SESSION_free(ss);
return (0);
}
SSL_SESSION_free(ss);
return (0);
}
- /* If the session length was shrunk and we're SSLv2, pad it */
- if ((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
- memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
- else
- ss->session_id_length = tmp;
+ ss->session_id_length = tmp;
/* Finally, check for a conflict */
if (SSL_has_matching_session_id(s, ss->session_id,
ss->session_id_length)) {
goto err;
if (BIO_puts(bp, "SSL-Session:\n")
<= 0) goto err;
- if (x->ssl_version == SSL2_VERSION)
- s="SSLv2";
- else if (x->ssl_version == SSL3_VERSION)
+ if (x->ssl_version == SSL3_VERSION)
s="SSLv3";
else if (x->ssl_version == TLS1_2_VERSION)
s="TLSv1.2";
projects / openbsd / commitdiff