| s3_lib.c (76866) | s3_lib.c (100928) |
|---|---|
| 1/* ssl/s3_lib.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 42 unchanged lines hidden (view full) --- 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== | 1/* ssl/s3_lib.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 42 unchanged lines hidden (view full) --- 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== |
| 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. | 59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. |
| 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * --- 97 unchanged lines hidden (view full) --- 165 SSL_ALL_STRENGTHS, 166 }, 167/* Cipher 18 */ 168 { 169 1, 170 SSL3_TXT_ADH_RC4_128_MD5, 171 SSL3_CK_ADH_RC4_128_MD5, 172 SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3, | 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * --- 97 unchanged lines hidden (view full) --- 165 SSL_ALL_STRENGTHS, 166 }, 167/* Cipher 18 */ 168 { 169 1, 170 SSL3_TXT_ADH_RC4_128_MD5, 171 SSL3_CK_ADH_RC4_128_MD5, 172 SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3, |
| 173 SSL_NOT_EXP, | 173 SSL_NOT_EXP|SSL_MEDIUM, |
| 174 0, 175 128, 176 128, 177 SSL_ALL_CIPHERS, 178 SSL_ALL_STRENGTHS, 179 }, 180/* Cipher 19 */ 181 { --- 9 unchanged lines hidden (view full) --- 191 SSL_ALL_STRENGTHS, 192 }, 193/* Cipher 1A */ 194 { 195 1, 196 SSL3_TXT_ADH_DES_64_CBC_SHA, 197 SSL3_CK_ADH_DES_64_CBC_SHA, 198 SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3, | 174 0, 175 128, 176 128, 177 SSL_ALL_CIPHERS, 178 SSL_ALL_STRENGTHS, 179 }, 180/* Cipher 19 */ 181 { --- 9 unchanged lines hidden (view full) --- 191 SSL_ALL_STRENGTHS, 192 }, 193/* Cipher 1A */ 194 { 195 1, 196 SSL3_TXT_ADH_DES_64_CBC_SHA, 197 SSL3_CK_ADH_DES_64_CBC_SHA, 198 SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3, |
| 199 SSL_NOT_EXP, | 199 SSL_NOT_EXP|SSL_LOW, |
| 200 0, 201 56, 202 56, 203 SSL_ALL_CIPHERS, 204 SSL_ALL_STRENGTHS, 205 }, 206/* Cipher 1B */ 207 { 208 1, 209 SSL3_TXT_ADH_DES_192_CBC_SHA, 210 SSL3_CK_ADH_DES_192_CBC_SHA, 211 SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3, | 200 0, 201 56, 202 56, 203 SSL_ALL_CIPHERS, 204 SSL_ALL_STRENGTHS, 205 }, 206/* Cipher 1B */ 207 { 208 1, 209 SSL3_TXT_ADH_DES_192_CBC_SHA, 210 SSL3_CK_ADH_DES_192_CBC_SHA, 211 SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3, |
| 212 SSL_NOT_EXP, | 212 SSL_NOT_EXP|SSL_HIGH, |
| 213 0, 214 168, 215 168, 216 SSL_ALL_CIPHERS, 217 SSL_ALL_STRENGTHS, 218 }, 219 220/* RSA again */ --- 292 unchanged lines hidden (view full) --- 513 }, 514 515/* Cipher 1E */ 516 { 517 0, 518 SSL3_TXT_FZA_DMS_RC4_SHA, 519 SSL3_CK_FZA_DMS_RC4_SHA, 520 SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_SSLV3, | 213 0, 214 168, 215 168, 216 SSL_ALL_CIPHERS, 217 SSL_ALL_STRENGTHS, 218 }, 219 220/* RSA again */ --- 292 unchanged lines hidden (view full) --- 513 }, 514 515/* Cipher 1E */ 516 { 517 0, 518 SSL3_TXT_FZA_DMS_RC4_SHA, 519 SSL3_CK_FZA_DMS_RC4_SHA, 520 SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_SSLV3, |
| 521 SSL_NOT_EXP, | 521 SSL_NOT_EXP|SSL_MEDIUM, |
| 522 0, 523 128, 524 128, 525 SSL_ALL_CIPHERS, 526 SSL_ALL_STRENGTHS, 527 }, 528 529#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES --- 77 unchanged lines hidden (view full) --- 607 SSL_ALL_STRENGTHS, 608 }, 609 /* Cipher 66 */ 610 { 611 1, 612 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 613 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 614 SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1, | 522 0, 523 128, 524 128, 525 SSL_ALL_CIPHERS, 526 SSL_ALL_STRENGTHS, 527 }, 528 529#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES --- 77 unchanged lines hidden (view full) --- 607 SSL_ALL_STRENGTHS, 608 }, 609 /* Cipher 66 */ 610 { 611 1, 612 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 613 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 614 SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1, |
| 615 SSL_NOT_EXP, | 615 SSL_NOT_EXP|SSL_MEDIUM, |
| 616 0, 617 128, 618 128, 619 SSL_ALL_CIPHERS, 620 SSL_ALL_STRENGTHS 621 }, 622#endif 623 --- 64 unchanged lines hidden (view full) --- 688 if (u < SSL3_NUM_CIPHERS) 689 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u])); 690 else 691 return(NULL); 692 } 693 694int ssl3_pending(SSL *s) 695 { | 616 0, 617 128, 618 128, 619 SSL_ALL_CIPHERS, 620 SSL_ALL_STRENGTHS 621 }, 622#endif 623 --- 64 unchanged lines hidden (view full) --- 688 if (u < SSL3_NUM_CIPHERS) 689 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u])); 690 else 691 return(NULL); 692 } 693 694int ssl3_pending(SSL *s) 695 { |
| 696 if (s->rstate == SSL_ST_READ_BODY) 697 return 0; 698 |
|
| 696 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 697 } 698 699int ssl3_new(SSL *s) 700 { 701 SSL3_STATE *s3; 702 703 if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err; --- 28 unchanged lines hidden (view full) --- 732 memset(s->s3,0,sizeof *s->s3); 733 OPENSSL_free(s->s3); 734 s->s3=NULL; 735 } 736 737void ssl3_clear(SSL *s) 738 { 739 unsigned char *rp,*wp; | 699 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 700 } 701 702int ssl3_new(SSL *s) 703 { 704 SSL3_STATE *s3; 705 706 if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err; --- 28 unchanged lines hidden (view full) --- 735 memset(s->s3,0,sizeof *s->s3); 736 OPENSSL_free(s->s3); 737 s->s3=NULL; 738 } 739 740void ssl3_clear(SSL *s) 741 { 742 unsigned char *rp,*wp; |
| 743 size_t rlen, wlen; |
|
| 740 741 ssl3_cleanup_key_block(s); 742 if (s->s3->tmp.ca_names != NULL) 743 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); 744 745 if (s->s3->rrec.comp != NULL) 746 { 747 OPENSSL_free(s->s3->rrec.comp); 748 s->s3->rrec.comp=NULL; 749 } 750#ifndef NO_DH 751 if (s->s3->tmp.dh != NULL) 752 DH_free(s->s3->tmp.dh); 753#endif 754 | 744 745 ssl3_cleanup_key_block(s); 746 if (s->s3->tmp.ca_names != NULL) 747 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); 748 749 if (s->s3->rrec.comp != NULL) 750 { 751 OPENSSL_free(s->s3->rrec.comp); 752 s->s3->rrec.comp=NULL; 753 } 754#ifndef NO_DH 755 if (s->s3->tmp.dh != NULL) 756 DH_free(s->s3->tmp.dh); 757#endif 758 |
| 755 rp=s->s3->rbuf.buf; 756 wp=s->s3->wbuf.buf; | 759 rp = s->s3->rbuf.buf; 760 wp = s->s3->wbuf.buf; 761 rlen = s->s3->rbuf_len; 762 wlen = s->s3->wbuf_len; |
| 757 758 memset(s->s3,0,sizeof *s->s3); | 763 764 memset(s->s3,0,sizeof *s->s3); |
| 759 if (rp != NULL) s->s3->rbuf.buf=rp; 760 if (wp != NULL) s->s3->wbuf.buf=wp; | 765 s->s3->rbuf.buf = rp; 766 s->s3->wbuf.buf = wp; 767 s->s3->rbuf_len = rlen; 768 s->s3->wbuf_len = wlen; |
| 761 762 ssl_free_wbio_buffer(s); 763 764 s->packet_length=0; 765 s->s3->renegotiate=0; 766 s->s3->total_renegotiations=0; 767 s->s3->num_renegotiations=0; 768 s->s3->in_read_app_data=0; --- 538 unchanged lines hidden (view full) --- 1307static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 1308 { 1309 int ret; 1310 1311 clear_sys_error(); 1312 if (s->s3->renegotiate) ssl3_renegotiate_check(s); 1313 s->s3->in_read_app_data=1; 1314 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); | 769 770 ssl_free_wbio_buffer(s); 771 772 s->packet_length=0; 773 s->s3->renegotiate=0; 774 s->s3->total_renegotiations=0; 775 s->s3->num_renegotiations=0; 776 s->s3->in_read_app_data=0; --- 538 unchanged lines hidden (view full) --- 1315static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 1316 { 1317 int ret; 1318 1319 clear_sys_error(); 1320 if (s->s3->renegotiate) ssl3_renegotiate_check(s); 1321 s->s3->in_read_app_data=1; 1322 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); |
| 1315 if ((ret == -1) && (s->s3->in_read_app_data == 0)) | 1323 if ((ret == -1) && (s->s3->in_read_app_data == 2)) |
| 1316 { 1317 /* ssl3_read_bytes decided to call s->handshake_func, which 1318 * called ssl3_read_bytes to read handshake data. 1319 * However, ssl3_read_bytes actually found application data | 1324 { 1325 /* ssl3_read_bytes decided to call s->handshake_func, which 1326 * called ssl3_read_bytes to read handshake data. 1327 * However, ssl3_read_bytes actually found application data |
| 1320 * and thinks that application data makes sense here (signalled 1321 * by resetting 'in_read_app_data', strangely); so disable | 1328 * and thinks that application data makes sense here; so disable |
| 1322 * handshake processing and try to read application data again. */ 1323 s->in_handshake++; 1324 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); 1325 s->in_handshake--; 1326 } 1327 else 1328 s->s3->in_read_app_data=0; 1329 --- 50 unchanged lines hidden --- | 1329 * handshake processing and try to read application data again. */ 1330 s->in_handshake++; 1331 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); 1332 s->in_handshake--; 1333 } 1334 else 1335 s->s3->in_read_app_data=0; 1336 --- 50 unchanged lines hidden --- |