s3_clnt.c (100928) | s3_clnt.c (100936) |
---|---|
1/* ssl/s3_clnt.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 103 unchanged lines hidden (view full) --- 112#include <stdio.h> 113#include <openssl/buffer.h> 114#include <openssl/rand.h> 115#include <openssl/objects.h> 116#include <openssl/md5.h> 117#include <openssl/sha.h> 118#include <openssl/evp.h> 119#include "ssl_locl.h" | 1/* ssl/s3_clnt.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 103 unchanged lines hidden (view full) --- 112#include <stdio.h> 113#include <openssl/buffer.h> 114#include <openssl/rand.h> 115#include <openssl/objects.h> 116#include <openssl/md5.h> 117#include <openssl/sha.h> 118#include <openssl/evp.h> 119#include "ssl_locl.h" |
120#include "cryptlib.h" |
|
120 121static SSL_METHOD *ssl3_get_client_method(int ver); 122static int ssl3_client_hello(SSL *s); 123static int ssl3_get_server_hello(SSL *s); 124static int ssl3_get_certificate_request(SSL *s); 125static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b); 126static int ssl3_get_server_done(SSL *s); 127static int ssl3_send_client_verify(SSL *s); --- 412 unchanged lines hidden (view full) --- 540 /* Session ID */ 541 if (s->new_session) 542 i=0; 543 else 544 i=s->session->session_id_length; 545 *(p++)=i; 546 if (i != 0) 547 { | 121 122static SSL_METHOD *ssl3_get_client_method(int ver); 123static int ssl3_client_hello(SSL *s); 124static int ssl3_get_server_hello(SSL *s); 125static int ssl3_get_certificate_request(SSL *s); 126static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b); 127static int ssl3_get_server_done(SSL *s); 128static int ssl3_send_client_verify(SSL *s); --- 412 unchanged lines hidden (view full) --- 541 /* Session ID */ 542 if (s->new_session) 543 i=0; 544 else 545 i=s->session->session_id_length; 546 *(p++)=i; 547 if (i != 0) 548 { |
549 die(i <= sizeof s->session->session_id); |
|
548 memcpy(p,s->session->session_id,i); 549 p+=i; 550 } 551 552 /* Ciphers supported */ 553 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2])); 554 if (i == 0) 555 { --- 65 unchanged lines hidden (view full) --- 621 /* load the server hello data */ 622 /* load the server random */ 623 memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE); 624 p+=SSL3_RANDOM_SIZE; 625 626 /* get the session-id */ 627 j= *(p++); 628 | 550 memcpy(p,s->session->session_id,i); 551 p+=i; 552 } 553 554 /* Ciphers supported */ 555 i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2])); 556 if (i == 0) 557 { --- 65 unchanged lines hidden (view full) --- 623 /* load the server hello data */ 624 /* load the server random */ 625 memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE); 626 p+=SSL3_RANDOM_SIZE; 627 628 /* get the session-id */ 629 j= *(p++); 630 |
631 if(j > sizeof s->session->session_id) 632 { 633 al=SSL_AD_ILLEGAL_PARAMETER; 634 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, 635 SSL_R_SSL3_SESSION_ID_TOO_LONG); 636 goto f_err; 637 } 638 |
|
629 if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) 630 { 631 /* SSLref returns 16 :-( */ 632 if (j < SSL2_SSL_SESSION_ID_LENGTH) 633 { 634 al=SSL_AD_ILLEGAL_PARAMETER; 635 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); 636 goto f_err; --- 1165 unchanged lines hidden --- | 639 if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) 640 { 641 /* SSLref returns 16 :-( */ 642 if (j < SSL2_SSL_SESSION_ID_LENGTH) 643 { 644 al=SSL_AD_ILLEGAL_PARAMETER; 645 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); 646 goto f_err; --- 1165 unchanged lines hidden --- |