1/* ssl/s2_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
--- 41 unchanged lines hidden (view full) ---
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 *
58 * $FreeBSD: head/crypto/openssl/ssl/s2_lib.c 59194 2000-04-13 07:15:03Z kris $
59 */
60
61#include "ssl_locl.h"
62#ifndef NO_SSL2
63#include <stdio.h>
64#include <openssl/rsa.h>
65#include <openssl/objects.h>
66#include <openssl/md5.h>
67
68static long ssl2_default_timeout(void );
69const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
70
71#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
72
73OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
74/* NULL_WITH_MD5 v3 */
75#if 0
76 {
77 1,
78 SSL2_TXT_NULL_WITH_MD5,
79 SSL2_CK_NULL_WITH_MD5,
80 SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
81 SSL_EXPORT|SSL_EXP40,
82 0,
83 0,
84 SSL_ALL_CIPHERS,
85 SSL_ALL_STRENGTHS,
86 },
87#endif
88/* RC4_128_EXPORT40_WITH_MD5 */
89 {
90 1,
91 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
92 SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
93 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
94 SSL_EXPORT|SSL_EXP40,
95 SSL2_CF_5_BYTE_ENC,
96 40,
97 128,
98 SSL_ALL_CIPHERS,
99 SSL_ALL_STRENGTHS,
100 },
101/* RC4_128_WITH_MD5 */
102 {
103 1,
104 SSL2_TXT_RC4_128_WITH_MD5,
105 SSL2_CK_RC4_128_WITH_MD5,
106 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
107 SSL_NOT_EXP|SSL_MEDIUM,
108 0,
109 128,
110 128,
111 SSL_ALL_CIPHERS,
112 SSL_ALL_STRENGTHS,
113 },
114/* RC2_128_CBC_EXPORT40_WITH_MD5 */
115 {
116 1,
117 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
118 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
119 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
120 SSL_EXPORT|SSL_EXP40,
121 SSL2_CF_5_BYTE_ENC,
122 40,
123 128,
124 SSL_ALL_CIPHERS,
125 SSL_ALL_STRENGTHS,
126 },
127/* RC2_128_CBC_WITH_MD5 */
128 {
129 1,
130 SSL2_TXT_RC2_128_CBC_WITH_MD5,
131 SSL2_CK_RC2_128_CBC_WITH_MD5,
132 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
133 SSL_NOT_EXP|SSL_MEDIUM,
134 0,
135 128,
136 128,
137 SSL_ALL_CIPHERS,
138 SSL_ALL_STRENGTHS,
139 },
140/* IDEA_128_CBC_WITH_MD5 */
141 {
142 1,
143 SSL2_TXT_IDEA_128_CBC_WITH_MD5,
144 SSL2_CK_IDEA_128_CBC_WITH_MD5,
145 SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_SSLV2,
146 SSL_NOT_EXP|SSL_MEDIUM,
147 0,
148 128,
149 128,
150 SSL_ALL_CIPHERS,
151 SSL_ALL_STRENGTHS,
152 },
153/* DES_64_CBC_WITH_MD5 */
154 {
155 1,
156 SSL2_TXT_DES_64_CBC_WITH_MD5,
157 SSL2_CK_DES_64_CBC_WITH_MD5,
158 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2,
159 SSL_NOT_EXP|SSL_LOW,
160 0,
161 56,
162 56,
163 SSL_ALL_CIPHERS,
164 SSL_ALL_STRENGTHS,
165 },
166/* DES_192_EDE3_CBC_WITH_MD5 */
167 {
168 1,
169 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
170 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
171 SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2,
172 SSL_NOT_EXP|SSL_HIGH,
173 0,
174 168,
175 168,
176 SSL_ALL_CIPHERS,
177 SSL_ALL_STRENGTHS,
178 },
179/* RC4_64_WITH_MD5 */
180#if 1
181 {
182 1,
183 SSL2_TXT_RC4_64_WITH_MD5,
184 SSL2_CK_RC4_64_WITH_MD5,
185 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
186 SSL_NOT_EXP|SSL_LOW,
187 SSL2_CF_8_BYTE_ENC,
188 64,
189 64,
190 SSL_ALL_CIPHERS,
191 SSL_ALL_STRENGTHS,
192 },
193#endif
194/* NULL SSLeay (testing) */
195#if 0
196 {
197 0,
198 SSL2_TXT_NULL,
199 SSL2_CK_NULL,
200 0,
201 0,
202 0,
203 0,
204 SSL_ALL_CIPHERS,
205 SSL_ALL_STRENGTHS,
206 },
207#endif
208
209/* end of list :-) */
210 };
211
212static SSL_METHOD SSLv2_data= {
213 SSL2_VERSION,
--- 13 unchanged lines hidden (view full) ---
227 ssl2_get_cipher_by_char,
228 ssl2_put_cipher_by_char,
229 ssl2_pending,
230 ssl2_num_ciphers,
231 ssl2_get_cipher,
232 ssl_bad_method,
233 ssl2_default_timeout,
234 &ssl3_undef_enc_method,
235 ssl_undefined_function,
236 ssl2_callback_ctrl, /* local */
237 ssl2_ctx_callback_ctrl, /* local */
238 };
239
240static long ssl2_default_timeout(void)
241 {
242 return(300);
243 }
244
245SSL_METHOD *sslv2_base_method(void)
--- 16 unchanged lines hidden (view full) ---
262
263int ssl2_pending(SSL *s)
264 {
265 return(s->s2->ract_data_length);
266 }
267
268int ssl2_new(SSL *s)
269 {
270 SSL2_STATE *s2;
271
272 if ((s2=Malloc(sizeof *s2)) == NULL) goto err;
273 memset(s2,0,sizeof *s2);
274
275 if ((s2->rbuf=Malloc(
276 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
277 if ((s2->wbuf=Malloc(
278 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
279 s->s2=s2;
280
281 ssl2_clear(s);
282 return(1);
283err:
284 if (s2 != NULL)
285 {
286 if (s2->wbuf != NULL) Free(s2->wbuf);
287 if (s2->rbuf != NULL) Free(s2->rbuf);
288 Free(s2);
289 }
290 return(0);
291 }
292
293void ssl2_free(SSL *s)
294 {
295 SSL2_STATE *s2;
296
297 if(s == NULL)
298 return;
299
300 s2=s->s2;
301 if (s2->rbuf != NULL) Free(s2->rbuf);
302 if (s2->wbuf != NULL) Free(s2->wbuf);
303 memset(s2,0,sizeof *s2);
304 Free(s2);
305 s->s2=NULL;
306 }
307
308void ssl2_clear(SSL *s)
309 {
310 SSL2_STATE *s2;
311 unsigned char *rbuf,*wbuf;
312
313 s2=s->s2;
314
315 rbuf=s2->rbuf;
316 wbuf=s2->wbuf;
317
318 memset(s2,0,sizeof *s2);
319
320 s2->rbuf=rbuf;
321 s2->wbuf=wbuf;
322 s2->clear_text=1;
323 s->packet=s2->rbuf;
324 s->version=SSL2_VERSION;
325 s->packet_length=0;
326 }
--- 8 unchanged lines hidden (view full) ---
335 ret=s->hit;
336 break;
337 default:
338 break;
339 }
340 return(ret);
341 }
342
343long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)())
344 {
345 return(0);
346 }
347
348long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
349 {
350 return(0);
351 }
352
353long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
354 {
355 return(0);
356 }
357
358/* This function needs to check if the ciphers required are actually
359 * available */
360SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
361 {
362 static int init=1;
363 static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
364 SSL_CIPHER c,*cp= &c,**cpp;
365 unsigned long id;
--- 55 unchanged lines hidden (view full) ---
421#endif
422
423 km=s->s2->key_material;
424 for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
425 {
426 MD5_Init(&ctx);
427
428 MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
429 MD5_Update(&ctx,&c,1);
430 c++;
431 MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length);
432 MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length);
433 MD5_Final(km,&ctx);
434 km+=MD5_DIGEST_LENGTH;
435 }
436 }
437
--- 32 unchanged lines hidden (view full) ---
470 s->error=0; */
471 }
472
473int ssl2_shutdown(SSL *s)
474 {
475 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
476 return(1);
477 }
478#else /* !NO_SSL2 */
479
480# if PEDANTIC
481static void *dummy=&dummy;
482# endif
483
484#endif
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
--- 41 unchanged lines hidden (view full) ---
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 *
58 * $FreeBSD: head/crypto/openssl/ssl/s2_lib.c 59194 2000-04-13 07:15:03Z kris $
59 */
60
61#include "ssl_locl.h"
62#ifndef NO_SSL2
63#include <stdio.h>
64#include <openssl/rsa.h>
65#include <openssl/objects.h>
66#include <openssl/md5.h>
67
68static long ssl2_default_timeout(void );
69const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
70
71#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
72
73OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
74/* NULL_WITH_MD5 v3 */
75#if 0
76 {
77 1,
78 SSL2_TXT_NULL_WITH_MD5,
79 SSL2_CK_NULL_WITH_MD5,
80 SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
81 SSL_EXPORT|SSL_EXP40,
82 0,
83 0,
84 SSL_ALL_CIPHERS,
85 SSL_ALL_STRENGTHS,
86 },
87#endif
88/* RC4_128_EXPORT40_WITH_MD5 */
89 {
90 1,
91 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
92 SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
93 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
94 SSL_EXPORT|SSL_EXP40,
95 SSL2_CF_5_BYTE_ENC,
96 40,
97 128,
98 SSL_ALL_CIPHERS,
99 SSL_ALL_STRENGTHS,
100 },
101/* RC4_128_WITH_MD5 */
102 {
103 1,
104 SSL2_TXT_RC4_128_WITH_MD5,
105 SSL2_CK_RC4_128_WITH_MD5,
106 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
107 SSL_NOT_EXP|SSL_MEDIUM,
108 0,
109 128,
110 128,
111 SSL_ALL_CIPHERS,
112 SSL_ALL_STRENGTHS,
113 },
114/* RC2_128_CBC_EXPORT40_WITH_MD5 */
115 {
116 1,
117 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
118 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
119 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
120 SSL_EXPORT|SSL_EXP40,
121 SSL2_CF_5_BYTE_ENC,
122 40,
123 128,
124 SSL_ALL_CIPHERS,
125 SSL_ALL_STRENGTHS,
126 },
127/* RC2_128_CBC_WITH_MD5 */
128 {
129 1,
130 SSL2_TXT_RC2_128_CBC_WITH_MD5,
131 SSL2_CK_RC2_128_CBC_WITH_MD5,
132 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
133 SSL_NOT_EXP|SSL_MEDIUM,
134 0,
135 128,
136 128,
137 SSL_ALL_CIPHERS,
138 SSL_ALL_STRENGTHS,
139 },
140/* IDEA_128_CBC_WITH_MD5 */
141 {
142 1,
143 SSL2_TXT_IDEA_128_CBC_WITH_MD5,
144 SSL2_CK_IDEA_128_CBC_WITH_MD5,
145 SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_SSLV2,
146 SSL_NOT_EXP|SSL_MEDIUM,
147 0,
148 128,
149 128,
150 SSL_ALL_CIPHERS,
151 SSL_ALL_STRENGTHS,
152 },
153/* DES_64_CBC_WITH_MD5 */
154 {
155 1,
156 SSL2_TXT_DES_64_CBC_WITH_MD5,
157 SSL2_CK_DES_64_CBC_WITH_MD5,
158 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2,
159 SSL_NOT_EXP|SSL_LOW,
160 0,
161 56,
162 56,
163 SSL_ALL_CIPHERS,
164 SSL_ALL_STRENGTHS,
165 },
166/* DES_192_EDE3_CBC_WITH_MD5 */
167 {
168 1,
169 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
170 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
171 SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2,
172 SSL_NOT_EXP|SSL_HIGH,
173 0,
174 168,
175 168,
176 SSL_ALL_CIPHERS,
177 SSL_ALL_STRENGTHS,
178 },
179/* RC4_64_WITH_MD5 */
180#if 1
181 {
182 1,
183 SSL2_TXT_RC4_64_WITH_MD5,
184 SSL2_CK_RC4_64_WITH_MD5,
185 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
186 SSL_NOT_EXP|SSL_LOW,
187 SSL2_CF_8_BYTE_ENC,
188 64,
189 64,
190 SSL_ALL_CIPHERS,
191 SSL_ALL_STRENGTHS,
192 },
193#endif
194/* NULL SSLeay (testing) */
195#if 0
196 {
197 0,
198 SSL2_TXT_NULL,
199 SSL2_CK_NULL,
200 0,
201 0,
202 0,
203 0,
204 SSL_ALL_CIPHERS,
205 SSL_ALL_STRENGTHS,
206 },
207#endif
208
209/* end of list :-) */
210 };
211
212static SSL_METHOD SSLv2_data= {
213 SSL2_VERSION,
--- 13 unchanged lines hidden (view full) ---
227 ssl2_get_cipher_by_char,
228 ssl2_put_cipher_by_char,
229 ssl2_pending,
230 ssl2_num_ciphers,
231 ssl2_get_cipher,
232 ssl_bad_method,
233 ssl2_default_timeout,
234 &ssl3_undef_enc_method,
235 ssl_undefined_function,
236 ssl2_callback_ctrl, /* local */
237 ssl2_ctx_callback_ctrl, /* local */
238 };
239
240static long ssl2_default_timeout(void)
241 {
242 return(300);
243 }
244
245SSL_METHOD *sslv2_base_method(void)
--- 16 unchanged lines hidden (view full) ---
262
263int ssl2_pending(SSL *s)
264 {
265 return(s->s2->ract_data_length);
266 }
267
268int ssl2_new(SSL *s)
269 {
270 SSL2_STATE *s2;
271
272 if ((s2=Malloc(sizeof *s2)) == NULL) goto err;
273 memset(s2,0,sizeof *s2);
274
275 if ((s2->rbuf=Malloc(
276 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
277 if ((s2->wbuf=Malloc(
278 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
279 s->s2=s2;
280
281 ssl2_clear(s);
282 return(1);
283err:
284 if (s2 != NULL)
285 {
286 if (s2->wbuf != NULL) Free(s2->wbuf);
287 if (s2->rbuf != NULL) Free(s2->rbuf);
288 Free(s2);
289 }
290 return(0);
291 }
292
293void ssl2_free(SSL *s)
294 {
295 SSL2_STATE *s2;
296
297 if(s == NULL)
298 return;
299
300 s2=s->s2;
301 if (s2->rbuf != NULL) Free(s2->rbuf);
302 if (s2->wbuf != NULL) Free(s2->wbuf);
303 memset(s2,0,sizeof *s2);
304 Free(s2);
305 s->s2=NULL;
306 }
307
308void ssl2_clear(SSL *s)
309 {
310 SSL2_STATE *s2;
311 unsigned char *rbuf,*wbuf;
312
313 s2=s->s2;
314
315 rbuf=s2->rbuf;
316 wbuf=s2->wbuf;
317
318 memset(s2,0,sizeof *s2);
319
320 s2->rbuf=rbuf;
321 s2->wbuf=wbuf;
322 s2->clear_text=1;
323 s->packet=s2->rbuf;
324 s->version=SSL2_VERSION;
325 s->packet_length=0;
326 }
--- 8 unchanged lines hidden (view full) ---
335 ret=s->hit;
336 break;
337 default:
338 break;
339 }
340 return(ret);
341 }
342
343long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)())
344 {
345 return(0);
346 }
347
348long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
349 {
350 return(0);
351 }
352
353long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
354 {
355 return(0);
356 }
357
358/* This function needs to check if the ciphers required are actually
359 * available */
360SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
361 {
362 static int init=1;
363 static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
364 SSL_CIPHER c,*cp= &c,**cpp;
365 unsigned long id;
--- 55 unchanged lines hidden (view full) ---
421#endif
422
423 km=s->s2->key_material;
424 for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
425 {
426 MD5_Init(&ctx);
427
428 MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
429 MD5_Update(&ctx,&c,1);
430 c++;
431 MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length);
432 MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length);
433 MD5_Final(km,&ctx);
434 km+=MD5_DIGEST_LENGTH;
435 }
436 }
437
--- 32 unchanged lines hidden (view full) ---
470 s->error=0; */
471 }
472
473int ssl2_shutdown(SSL *s)
474 {
475 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
476 return(1);
477 }
478#else /* !NO_SSL2 */
479
480# if PEDANTIC
481static void *dummy=&dummy;
482# endif
483
484#endif