| s2_lib.c (55949) | s2_lib.c (59194) |
|---|---|
| 1/* ssl/s2_lib.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 41 unchanged lines hidden (view full) --- 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 * | 1/* ssl/s2_lib.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 41 unchanged lines hidden (view full) --- 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 * |
| 58 * $FreeBSD: head/crypto/openssl/ssl/s2_lib.c 55949 2000-01-14 05:24:08Z kris $ | 58 * $FreeBSD: head/crypto/openssl/ssl/s2_lib.c 59194 2000-04-13 07:15:03Z kris $ |
| 59 */ 60 | 59 */ 60 |
| 61#include "ssl_locl.h" |
|
| 61#ifndef NO_SSL2 62#include <stdio.h> 63#include <openssl/rsa.h> 64#include <openssl/objects.h> 65#include <openssl/md5.h> | 62#ifndef NO_SSL2 63#include <stdio.h> 64#include <openssl/rsa.h> 65#include <openssl/objects.h> 66#include <openssl/md5.h> |
| 66#include "ssl_locl.h" | |
| 67 68static long ssl2_default_timeout(void ); 69const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; 70 71#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) 72 73OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={ 74/* NULL_WITH_MD5 v3 */ 75#if 0 76 { 77 1, 78 SSL2_TXT_NULL_WITH_MD5, 79 SSL2_CK_NULL_WITH_MD5, | 67 68static long ssl2_default_timeout(void ); 69const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; 70 71#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) 72 73OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={ 74/* NULL_WITH_MD5 v3 */ 75#if 0 76 { 77 1, 78 SSL2_TXT_NULL_WITH_MD5, 79 SSL2_CK_NULL_WITH_MD5, |
| 80 SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_EXP40|SSL_SSLV2, | 80 SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2, 81 SSL_EXPORT|SSL_EXP40, |
| 81 0, | 82 0, |
| 83 0, |
|
| 82 SSL_ALL_CIPHERS, | 84 SSL_ALL_CIPHERS, |
| 85 SSL_ALL_STRENGTHS, |
|
| 83 }, 84#endif 85/* RC4_128_EXPORT40_WITH_MD5 */ 86 { 87 1, 88 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, 89 SSL2_CK_RC4_128_EXPORT40_WITH_MD5, | 86 }, 87#endif 88/* RC4_128_EXPORT40_WITH_MD5 */ 89 { 90 1, 91 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, 92 SSL2_CK_RC4_128_EXPORT40_WITH_MD5, |
| 90 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP40|SSL_SSLV2, | 93 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2, 94 SSL_EXPORT|SSL_EXP40, |
| 91 SSL2_CF_5_BYTE_ENC, | 95 SSL2_CF_5_BYTE_ENC, |
| 96 40, 97 128, |
|
| 92 SSL_ALL_CIPHERS, | 98 SSL_ALL_CIPHERS, |
| 99 SSL_ALL_STRENGTHS, |
|
| 93 }, 94/* RC4_128_WITH_MD5 */ 95 { 96 1, 97 SSL2_TXT_RC4_128_WITH_MD5, 98 SSL2_CK_RC4_128_WITH_MD5, | 100 }, 101/* RC4_128_WITH_MD5 */ 102 { 103 1, 104 SSL2_TXT_RC4_128_WITH_MD5, 105 SSL2_CK_RC4_128_WITH_MD5, |
| 99 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM, | 106 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2, 107 SSL_NOT_EXP|SSL_MEDIUM, |
| 100 0, | 108 0, |
| 109 128, 110 128, |
|
| 101 SSL_ALL_CIPHERS, | 111 SSL_ALL_CIPHERS, |
| 112 SSL_ALL_STRENGTHS, |
|
| 102 }, 103/* RC2_128_CBC_EXPORT40_WITH_MD5 */ 104 { 105 1, 106 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, 107 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, | 113 }, 114/* RC2_128_CBC_EXPORT40_WITH_MD5 */ 115 { 116 1, 117 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, 118 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, |
| 108 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP40|SSL_SSLV2, | 119 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2, 120 SSL_EXPORT|SSL_EXP40, |
| 109 SSL2_CF_5_BYTE_ENC, | 121 SSL2_CF_5_BYTE_ENC, |
| 122 40, 123 128, |
|
| 110 SSL_ALL_CIPHERS, | 124 SSL_ALL_CIPHERS, |
| 125 SSL_ALL_STRENGTHS, |
|
| 111 }, 112/* RC2_128_CBC_WITH_MD5 */ 113 { 114 1, 115 SSL2_TXT_RC2_128_CBC_WITH_MD5, 116 SSL2_CK_RC2_128_CBC_WITH_MD5, | 126 }, 127/* RC2_128_CBC_WITH_MD5 */ 128 { 129 1, 130 SSL2_TXT_RC2_128_CBC_WITH_MD5, 131 SSL2_CK_RC2_128_CBC_WITH_MD5, |
| 117 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM, | 132 SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2, 133 SSL_NOT_EXP|SSL_MEDIUM, |
| 118 0, | 134 0, |
| 135 128, 136 128, |
|
| 119 SSL_ALL_CIPHERS, | 137 SSL_ALL_CIPHERS, |
| 138 SSL_ALL_STRENGTHS, |
|
| 120 }, 121/* IDEA_128_CBC_WITH_MD5 */ 122 { 123 1, 124 SSL2_TXT_IDEA_128_CBC_WITH_MD5, 125 SSL2_CK_IDEA_128_CBC_WITH_MD5, | 139 }, 140/* IDEA_128_CBC_WITH_MD5 */ 141 { 142 1, 143 SSL2_TXT_IDEA_128_CBC_WITH_MD5, 144 SSL2_CK_IDEA_128_CBC_WITH_MD5, |
| 126 SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM, | 145 SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_SSLV2, 146 SSL_NOT_EXP|SSL_MEDIUM, |
| 127 0, | 147 0, |
| 148 128, 149 128, |
|
| 128 SSL_ALL_CIPHERS, | 150 SSL_ALL_CIPHERS, |
| 151 SSL_ALL_STRENGTHS, |
|
| 129 }, 130/* DES_64_CBC_WITH_MD5 */ 131 { 132 1, 133 SSL2_TXT_DES_64_CBC_WITH_MD5, 134 SSL2_CK_DES_64_CBC_WITH_MD5, | 152 }, 153/* DES_64_CBC_WITH_MD5 */ 154 { 155 1, 156 SSL2_TXT_DES_64_CBC_WITH_MD5, 157 SSL2_CK_DES_64_CBC_WITH_MD5, |
| 135 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW, | 158 SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2, 159 SSL_NOT_EXP|SSL_LOW, |
| 136 0, | 160 0, |
| 161 56, 162 56, |
|
| 137 SSL_ALL_CIPHERS, | 163 SSL_ALL_CIPHERS, |
| 164 SSL_ALL_STRENGTHS, |
|
| 138 }, 139/* DES_192_EDE3_CBC_WITH_MD5 */ 140 { 141 1, 142 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, 143 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, | 165 }, 166/* DES_192_EDE3_CBC_WITH_MD5 */ 167 { 168 1, 169 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, 170 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, |
| 144 SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH, | 171 SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2, 172 SSL_NOT_EXP|SSL_HIGH, |
| 145 0, | 173 0, |
| 174 168, 175 168, |
|
| 146 SSL_ALL_CIPHERS, | 176 SSL_ALL_CIPHERS, |
| 177 SSL_ALL_STRENGTHS, |
|
| 147 }, 148/* RC4_64_WITH_MD5 */ 149#if 1 150 { 151 1, 152 SSL2_TXT_RC4_64_WITH_MD5, 153 SSL2_CK_RC4_64_WITH_MD5, | 178 }, 179/* RC4_64_WITH_MD5 */ 180#if 1 181 { 182 1, 183 SSL2_TXT_RC4_64_WITH_MD5, 184 SSL2_CK_RC4_64_WITH_MD5, |
| 154 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2|SSL_LOW, | 185 SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2, 186 SSL_NOT_EXP|SSL_LOW, |
| 155 SSL2_CF_8_BYTE_ENC, | 187 SSL2_CF_8_BYTE_ENC, |
| 188 64, 189 64, |
|
| 156 SSL_ALL_CIPHERS, | 190 SSL_ALL_CIPHERS, |
| 191 SSL_ALL_STRENGTHS, |
|
| 157 }, 158#endif 159/* NULL SSLeay (testing) */ 160#if 0 161 { 162 0, 163 SSL2_TXT_NULL, 164 SSL2_CK_NULL, 165 0, | 192 }, 193#endif 194/* NULL SSLeay (testing) */ 195#if 0 196 { 197 0, 198 SSL2_TXT_NULL, 199 SSL2_CK_NULL, 200 0, |
| 201 0, 202 0, 203 0, |
|
| 166 SSL_ALL_CIPHERS, | 204 SSL_ALL_CIPHERS, |
| 205 SSL_ALL_STRENGTHS, |
|
| 167 }, 168#endif 169 170/* end of list :-) */ 171 }; 172 173static SSL_METHOD SSLv2_data= { 174 SSL2_VERSION, --- 13 unchanged lines hidden (view full) --- 188 ssl2_get_cipher_by_char, 189 ssl2_put_cipher_by_char, 190 ssl2_pending, 191 ssl2_num_ciphers, 192 ssl2_get_cipher, 193 ssl_bad_method, 194 ssl2_default_timeout, 195 &ssl3_undef_enc_method, | 206 }, 207#endif 208 209/* end of list :-) */ 210 }; 211 212static SSL_METHOD SSLv2_data= { 213 SSL2_VERSION, --- 13 unchanged lines hidden (view full) --- 227 ssl2_get_cipher_by_char, 228 ssl2_put_cipher_by_char, 229 ssl2_pending, 230 ssl2_num_ciphers, 231 ssl2_get_cipher, 232 ssl_bad_method, 233 ssl2_default_timeout, 234 &ssl3_undef_enc_method, |
| 235 ssl_undefined_function, 236 ssl2_callback_ctrl, /* local */ 237 ssl2_ctx_callback_ctrl, /* local */ |
|
| 196 }; 197 198static long ssl2_default_timeout(void) 199 { 200 return(300); 201 } 202 203SSL_METHOD *sslv2_base_method(void) --- 16 unchanged lines hidden (view full) --- 220 221int ssl2_pending(SSL *s) 222 { 223 return(s->s2->ract_data_length); 224 } 225 226int ssl2_new(SSL *s) 227 { | 238 }; 239 240static long ssl2_default_timeout(void) 241 { 242 return(300); 243 } 244 245SSL_METHOD *sslv2_base_method(void) --- 16 unchanged lines hidden (view full) --- 262 263int ssl2_pending(SSL *s) 264 { 265 return(s->s2->ract_data_length); 266 } 267 268int ssl2_new(SSL *s) 269 { |
| 228 SSL2_CTX *s2; | 270 SSL2_STATE *s2; |
| 229 | 271 |
| 230 if ((s2=(SSL2_CTX *)Malloc(sizeof(SSL2_CTX))) == NULL) goto err; 231 memset(s2,0,sizeof(SSL2_CTX)); | 272 if ((s2=Malloc(sizeof *s2)) == NULL) goto err; 273 memset(s2,0,sizeof *s2); |
| 232 | 274 |
| 233 if ((s2->rbuf=(unsigned char *)Malloc( | 275 if ((s2->rbuf=Malloc( |
| 234 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; | 276 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; |
| 235 if ((s2->wbuf=(unsigned char *)Malloc( | 277 if ((s2->wbuf=Malloc( |
| 236 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; 237 s->s2=s2; 238 239 ssl2_clear(s); 240 return(1); 241err: 242 if (s2 != NULL) 243 { 244 if (s2->wbuf != NULL) Free(s2->wbuf); 245 if (s2->rbuf != NULL) Free(s2->rbuf); 246 Free(s2); 247 } 248 return(0); 249 } 250 251void ssl2_free(SSL *s) 252 { | 278 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; 279 s->s2=s2; 280 281 ssl2_clear(s); 282 return(1); 283err: 284 if (s2 != NULL) 285 { 286 if (s2->wbuf != NULL) Free(s2->wbuf); 287 if (s2->rbuf != NULL) Free(s2->rbuf); 288 Free(s2); 289 } 290 return(0); 291 } 292 293void ssl2_free(SSL *s) 294 { |
| 253 SSL2_CTX *s2; | 295 SSL2_STATE *s2; |
| 254 255 if(s == NULL) 256 return; 257 258 s2=s->s2; 259 if (s2->rbuf != NULL) Free(s2->rbuf); 260 if (s2->wbuf != NULL) Free(s2->wbuf); | 296 297 if(s == NULL) 298 return; 299 300 s2=s->s2; 301 if (s2->rbuf != NULL) Free(s2->rbuf); 302 if (s2->wbuf != NULL) Free(s2->wbuf); |
| 261 memset(s2,0,sizeof(SSL2_CTX)); | 303 memset(s2,0,sizeof *s2); |
| 262 Free(s2); 263 s->s2=NULL; 264 } 265 266void ssl2_clear(SSL *s) 267 { | 304 Free(s2); 305 s->s2=NULL; 306 } 307 308void ssl2_clear(SSL *s) 309 { |
| 268 SSL2_CTX *s2; | 310 SSL2_STATE *s2; |
| 269 unsigned char *rbuf,*wbuf; 270 271 s2=s->s2; 272 273 rbuf=s2->rbuf; 274 wbuf=s2->wbuf; 275 | 311 unsigned char *rbuf,*wbuf; 312 313 s2=s->s2; 314 315 rbuf=s2->rbuf; 316 wbuf=s2->wbuf; 317 |
| 276 memset(s2,0,sizeof(SSL2_CTX)); | 318 memset(s2,0,sizeof *s2); |
| 277 278 s2->rbuf=rbuf; 279 s2->wbuf=wbuf; 280 s2->clear_text=1; 281 s->packet=s2->rbuf; 282 s->version=SSL2_VERSION; 283 s->packet_length=0; 284 } --- 8 unchanged lines hidden (view full) --- 293 ret=s->hit; 294 break; 295 default: 296 break; 297 } 298 return(ret); 299 } 300 | 319 320 s2->rbuf=rbuf; 321 s2->wbuf=wbuf; 322 s2->clear_text=1; 323 s->packet=s2->rbuf; 324 s->version=SSL2_VERSION; 325 s->packet_length=0; 326 } --- 8 unchanged lines hidden (view full) --- 335 ret=s->hit; 336 break; 337 default: 338 break; 339 } 340 return(ret); 341 } 342 |
| 343long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)()) 344 { 345 return(0); 346 } 347 |
|
| 301long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg) 302 { 303 return(0); 304 } 305 | 348long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg) 349 { 350 return(0); 351 } 352 |
| 353long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)()) 354 { 355 return(0); 356 } 357 |
|
| 306/* This function needs to check if the ciphers required are actually 307 * available */ 308SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) 309 { 310 static int init=1; 311 static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS]; 312 SSL_CIPHER c,*cp= &c,**cpp; 313 unsigned long id; --- 55 unchanged lines hidden (view full) --- 369#endif 370 371 km=s->s2->key_material; 372 for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) 373 { 374 MD5_Init(&ctx); 375 376 MD5_Update(&ctx,s->session->master_key,s->session->master_key_length); | 358/* This function needs to check if the ciphers required are actually 359 * available */ 360SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) 361 { 362 static int init=1; 363 static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS]; 364 SSL_CIPHER c,*cp= &c,**cpp; 365 unsigned long id; --- 55 unchanged lines hidden (view full) --- 421#endif 422 423 km=s->s2->key_material; 424 for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) 425 { 426 MD5_Init(&ctx); 427 428 MD5_Update(&ctx,s->session->master_key,s->session->master_key_length); |
| 377 MD5_Update(&ctx,(unsigned char *)&c,1); | 429 MD5_Update(&ctx,&c,1); |
| 378 c++; 379 MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length); 380 MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length); 381 MD5_Final(km,&ctx); 382 km+=MD5_DIGEST_LENGTH; 383 } 384 } 385 --- 32 unchanged lines hidden (view full) --- 418 s->error=0; */ 419 } 420 421int ssl2_shutdown(SSL *s) 422 { 423 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 424 return(1); 425 } | 430 c++; 431 MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length); 432 MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length); 433 MD5_Final(km,&ctx); 434 km+=MD5_DIGEST_LENGTH; 435 } 436 } 437 --- 32 unchanged lines hidden (view full) --- 470 s->error=0; */ 471 } 472 473int ssl2_shutdown(SSL *s) 474 { 475 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 476 return(1); 477 } |
| 478#else /* !NO_SSL2 */ 479 480# if PEDANTIC 481static void *dummy=&dummy; 482# endif 483 |
|
| 426#endif | 484#endif |