155714Skris/* ssl/s2_lib.c */
255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
355714Skris * All rights reserved.
455714Skris *
555714Skris * This package is an SSL implementation written
655714Skris * by Eric Young (eay@cryptsoft.com).
755714Skris * The implementation was written so as to conform with Netscapes SSL.
855714Skris *
955714Skris * This library is free for commercial and non-commercial use as long as
1055714Skris * the following conditions are aheared to.  The following conditions
1155714Skris * apply to all code found in this distribution, be it the RC4, RSA,
1255714Skris * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
1355714Skris * included with this distribution is covered by the same copyright terms
1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1555714Skris *
1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in
1755714Skris * the code are not to be removed.
1855714Skris * If this package is used in a product, Eric Young should be given attribution
1955714Skris * as the author of the parts of the library used.
2055714Skris * This can be in the form of a textual message at program startup or
2155714Skris * in documentation (online or textual) provided with the package.
2255714Skris *
2355714Skris * Redistribution and use in source and binary forms, with or without
2455714Skris * modification, are permitted provided that the following conditions
2555714Skris * are met:
2655714Skris * 1. Redistributions of source code must retain the copyright
2755714Skris *    notice, this list of conditions and the following disclaimer.
2855714Skris * 2. Redistributions in binary form must reproduce the above copyright
2955714Skris *    notice, this list of conditions and the following disclaimer in the
3055714Skris *    documentation and/or other materials provided with the distribution.
3155714Skris * 3. All advertising materials mentioning features or use of this software
3255714Skris *    must display the following acknowledgement:
3355714Skris *    "This product includes cryptographic software written by
3455714Skris *     Eric Young (eay@cryptsoft.com)"
3555714Skris *    The word 'cryptographic' can be left out if the rouines from the library
3655714Skris *    being used are not cryptographic related :-).
3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from
3855714Skris *    the apps directory (application code) you must include an acknowledgement:
3955714Skris *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
4055714Skris *
4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4455714Skris * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
5155714Skris * SUCH DAMAGE.
5255714Skris *
5355714Skris * The licence and distribution terms for any publically available version or
5455714Skris * derivative of this code cannot be changed.  i.e. this code cannot simply be
5555714Skris * copied and put under another distribution licence
5655714Skris * [including the GNU Public Licence.]
5755714Skris */
58238405Sjkim/* ====================================================================
59238405Sjkim * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
60238405Sjkim *
61238405Sjkim * Redistribution and use in source and binary forms, with or without
62238405Sjkim * modification, are permitted provided that the following conditions
63238405Sjkim * are met:
64238405Sjkim *
65238405Sjkim * 1. Redistributions of source code must retain the above copyright
66238405Sjkim *    notice, this list of conditions and the following disclaimer.
67238405Sjkim *
68238405Sjkim * 2. Redistributions in binary form must reproduce the above copyright
69238405Sjkim *    notice, this list of conditions and the following disclaimer in
70238405Sjkim *    the documentation and/or other materials provided with the
71238405Sjkim *    distribution.
72238405Sjkim *
73238405Sjkim * 3. All advertising materials mentioning features or use of this
74238405Sjkim *    software must display the following acknowledgment:
75238405Sjkim *    "This product includes software developed by the OpenSSL Project
76238405Sjkim *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77238405Sjkim *
78238405Sjkim * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79238405Sjkim *    endorse or promote products derived from this software without
80238405Sjkim *    prior written permission. For written permission, please contact
81238405Sjkim *    openssl-core@openssl.org.
82238405Sjkim *
83238405Sjkim * 5. Products derived from this software may not be called "OpenSSL"
84238405Sjkim *    nor may "OpenSSL" appear in their names without prior written
85238405Sjkim *    permission of the OpenSSL Project.
86238405Sjkim *
87238405Sjkim * 6. Redistributions of any form whatsoever must retain the following
88238405Sjkim *    acknowledgment:
89238405Sjkim *    "This product includes software developed by the OpenSSL Project
90238405Sjkim *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91238405Sjkim *
92238405Sjkim * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93238405Sjkim * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94238405Sjkim * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95238405Sjkim * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96238405Sjkim * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97238405Sjkim * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98238405Sjkim * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99238405Sjkim * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100238405Sjkim * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101238405Sjkim * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102238405Sjkim * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103238405Sjkim * OF THE POSSIBILITY OF SUCH DAMAGE.
104238405Sjkim * ====================================================================
105238405Sjkim *
106238405Sjkim * This product includes cryptographic software written by Eric Young
107238405Sjkim * (eay@cryptsoft.com).  This product includes software written by Tim
108238405Sjkim * Hudson (tjh@cryptsoft.com).
109238405Sjkim *
110238405Sjkim */
11155714Skris
11259194Skris#include "ssl_locl.h"
113110007Smarkm#ifndef OPENSSL_NO_SSL2
11455714Skris#include <stdio.h>
11555714Skris#include <openssl/objects.h>
116110007Smarkm#include <openssl/evp.h>
11755714Skris#include <openssl/md5.h>
11855714Skris
119167615Ssimonconst char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT;
12055714Skris
12155714Skris#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
12255714Skris
123160817Ssimon/* list of available SSLv2 ciphers (sorted by id) */
124238405SjkimOPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={
125238405Sjkim#if 0
12655714Skris/* NULL_WITH_MD5 v3 */
12755714Skris	{
12855714Skris	1,
12955714Skris	SSL2_TXT_NULL_WITH_MD5,
13055714Skris	SSL2_CK_NULL_WITH_MD5,
131238405Sjkim	SSL_kRSA,
132238405Sjkim	SSL_aRSA,
133238405Sjkim	SSL_eNULL,
134238405Sjkim	SSL_MD5,
135238405Sjkim	SSL_SSLV2,
136100943Snectar	SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
13755714Skris	0,
13859194Skris	0,
139100943Snectar	0,
14055714Skris	},
14155714Skris#endif
142238405Sjkim
143160817Ssimon/* RC4_128_WITH_MD5 */
144160817Ssimon	{
145160817Ssimon	1,
146160817Ssimon	SSL2_TXT_RC4_128_WITH_MD5,
147160817Ssimon	SSL2_CK_RC4_128_WITH_MD5,
148238405Sjkim	SSL_kRSA,
149238405Sjkim	SSL_aRSA,
150238405Sjkim	SSL_RC4,
151238405Sjkim	SSL_MD5,
152238405Sjkim	SSL_SSLV2,
153160817Ssimon	SSL_NOT_EXP|SSL_MEDIUM,
154160817Ssimon	0,
155160817Ssimon	128,
156160817Ssimon	128,
157160817Ssimon	},
158238405Sjkim
15955714Skris/* RC4_128_EXPORT40_WITH_MD5 */
16055714Skris	{
16155714Skris	1,
16255714Skris	SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
16355714Skris	SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
164238405Sjkim	SSL_kRSA,
165238405Sjkim	SSL_aRSA,
166238405Sjkim	SSL_RC4,
167238405Sjkim	SSL_MD5,
168238405Sjkim	SSL_SSLV2,
16959194Skris	SSL_EXPORT|SSL_EXP40,
17055714Skris	SSL2_CF_5_BYTE_ENC,
17159194Skris	40,
17259194Skris	128,
17355714Skris	},
174238405Sjkim
175160817Ssimon/* RC2_128_CBC_WITH_MD5 */
17655714Skris	{
17755714Skris	1,
178160817Ssimon	SSL2_TXT_RC2_128_CBC_WITH_MD5,
179160817Ssimon	SSL2_CK_RC2_128_CBC_WITH_MD5,
180238405Sjkim	SSL_kRSA,
181238405Sjkim	SSL_aRSA,
182238405Sjkim	SSL_RC2,
183238405Sjkim	SSL_MD5,
184238405Sjkim	SSL_SSLV2,
18559194Skris	SSL_NOT_EXP|SSL_MEDIUM,
18655714Skris	0,
18759194Skris	128,
18859194Skris	128,
18955714Skris	},
190238405Sjkim
19155714Skris/* RC2_128_CBC_EXPORT40_WITH_MD5 */
19255714Skris	{
19355714Skris	1,
19455714Skris	SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
19555714Skris	SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
196238405Sjkim	SSL_kRSA,
197238405Sjkim	SSL_aRSA,
198238405Sjkim	SSL_RC2,
199238405Sjkim	SSL_MD5,
200238405Sjkim	SSL_SSLV2,
20159194Skris	SSL_EXPORT|SSL_EXP40,
20255714Skris	SSL2_CF_5_BYTE_ENC,
20359194Skris	40,
20459194Skris	128,
20555714Skris	},
206238405Sjkim
207238405Sjkim#ifndef OPENSSL_NO_IDEA
20855714Skris/* IDEA_128_CBC_WITH_MD5 */
20955714Skris	{
21055714Skris	1,
21155714Skris	SSL2_TXT_IDEA_128_CBC_WITH_MD5,
21255714Skris	SSL2_CK_IDEA_128_CBC_WITH_MD5,
213238405Sjkim	SSL_kRSA,
214238405Sjkim	SSL_aRSA,
215238405Sjkim	SSL_IDEA,
216238405Sjkim	SSL_MD5,
217238405Sjkim	SSL_SSLV2,
21859194Skris	SSL_NOT_EXP|SSL_MEDIUM,
21955714Skris	0,
22059194Skris	128,
22159194Skris	128,
22255714Skris	},
223127134Snectar#endif
224238405Sjkim
22555714Skris/* DES_64_CBC_WITH_MD5 */
22655714Skris	{
22755714Skris	1,
22855714Skris	SSL2_TXT_DES_64_CBC_WITH_MD5,
22955714Skris	SSL2_CK_DES_64_CBC_WITH_MD5,
230238405Sjkim	SSL_kRSA,
231238405Sjkim	SSL_aRSA,
232238405Sjkim	SSL_DES,
233238405Sjkim	SSL_MD5,
234238405Sjkim	SSL_SSLV2,
23559194Skris	SSL_NOT_EXP|SSL_LOW,
23655714Skris	0,
23759194Skris	56,
23859194Skris	56,
23955714Skris	},
240238405Sjkim
24155714Skris/* DES_192_EDE3_CBC_WITH_MD5 */
24255714Skris	{
24355714Skris	1,
24455714Skris	SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
24555714Skris	SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
246238405Sjkim	SSL_kRSA,
247238405Sjkim	SSL_aRSA,
248238405Sjkim	SSL_3DES,
249238405Sjkim	SSL_MD5,
250238405Sjkim	SSL_SSLV2,
25159194Skris	SSL_NOT_EXP|SSL_HIGH,
25255714Skris	0,
253279264Sdelphij	112,
25459194Skris	168,
25555714Skris	},
256238405Sjkim
257238405Sjkim#if 0
25855714Skris/* RC4_64_WITH_MD5 */
25955714Skris	{
26055714Skris	1,
26155714Skris	SSL2_TXT_RC4_64_WITH_MD5,
26255714Skris	SSL2_CK_RC4_64_WITH_MD5,
263238405Sjkim	SSL_kRSA,
264238405Sjkim	SSL_aRSA,
265238405Sjkim	SSL_RC4,
266238405Sjkim	SSL_MD5,
267238405Sjkim	SSL_SSLV2,
26859194Skris	SSL_NOT_EXP|SSL_LOW,
26955714Skris	SSL2_CF_8_BYTE_ENC,
27059194Skris	64,
27159194Skris	64,
27255714Skris	},
27355714Skris#endif
274238405Sjkim
275238405Sjkim#if 0
27655714Skris/* NULL SSLeay (testing) */
27755714Skris	{
27855714Skris	0,
27955714Skris	SSL2_TXT_NULL,
28055714Skris	SSL2_CK_NULL,
28155714Skris	0,
282238405Sjkim	0,
283238405Sjkim	0,
284238405Sjkim	0,
285238405Sjkim	SSL_SSLV2,
286100943Snectar	SSL_STRONG_NONE,
28759194Skris	0,
28859194Skris	0,
28959194Skris	0,
29055714Skris	},
29155714Skris#endif
29255714Skris
29355714Skris/* end of list :-) */
29455714Skris	};
29555714Skris
296160817Ssimonlong ssl2_default_timeout(void)
29755714Skris	{
29855714Skris	return(300);
29955714Skris	}
30055714Skris
30155714Skrisint ssl2_num_ciphers(void)
30255714Skris	{
30355714Skris	return(SSL2_NUM_CIPHERS);
30455714Skris	}
30555714Skris
306238405Sjkimconst SSL_CIPHER *ssl2_get_cipher(unsigned int u)
30755714Skris	{
30855714Skris	if (u < SSL2_NUM_CIPHERS)
30955714Skris		return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u]));
31055714Skris	else
31155714Skris		return(NULL);
31255714Skris	}
31355714Skris
314160817Ssimonint ssl2_pending(const SSL *s)
31555714Skris	{
31672616Skris	return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
31755714Skris	}
31855714Skris
31955714Skrisint ssl2_new(SSL *s)
32055714Skris	{
32159194Skris	SSL2_STATE *s2;
32255714Skris
32368654Skris	if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err;
32459194Skris	memset(s2,0,sizeof *s2);
32555714Skris
32672616Skris#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
32772616Skris#  error "assertion failed"
32872616Skris#endif
32972616Skris
33068654Skris	if ((s2->rbuf=OPENSSL_malloc(
33155714Skris		SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
33272616Skris	/* wbuf needs one byte more because when using two-byte headers,
33372616Skris	 * we leave the first byte unused in do_ssl_write (s2_pkt.c) */
33468654Skris	if ((s2->wbuf=OPENSSL_malloc(
33572616Skris		SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err;
33655714Skris	s->s2=s2;
33755714Skris
33855714Skris	ssl2_clear(s);
33955714Skris	return(1);
34055714Skriserr:
34155714Skris	if (s2 != NULL)
34255714Skris		{
34368654Skris		if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
34468654Skris		if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
34568654Skris		OPENSSL_free(s2);
34655714Skris		}
34755714Skris	return(0);
34855714Skris	}
34955714Skris
35055714Skrisvoid ssl2_free(SSL *s)
35155714Skris	{
35259194Skris	SSL2_STATE *s2;
35355714Skris
35455714Skris	if(s == NULL)
35555714Skris	    return;
35655714Skris
35755714Skris	s2=s->s2;
35868654Skris	if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
35968654Skris	if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
360110007Smarkm	OPENSSL_cleanse(s2,sizeof *s2);
36168654Skris	OPENSSL_free(s2);
36255714Skris	s->s2=NULL;
36355714Skris	}
36455714Skris
36555714Skrisvoid ssl2_clear(SSL *s)
36655714Skris	{
36759194Skris	SSL2_STATE *s2;
36855714Skris	unsigned char *rbuf,*wbuf;
36955714Skris
37055714Skris	s2=s->s2;
37155714Skris
37255714Skris	rbuf=s2->rbuf;
37355714Skris	wbuf=s2->wbuf;
37455714Skris
37559194Skris	memset(s2,0,sizeof *s2);
37655714Skris
37755714Skris	s2->rbuf=rbuf;
37855714Skris	s2->wbuf=wbuf;
37955714Skris	s2->clear_text=1;
38055714Skris	s->packet=s2->rbuf;
38155714Skris	s->version=SSL2_VERSION;
38255714Skris	s->packet_length=0;
38355714Skris	}
38455714Skris
385110007Smarkmlong ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
38655714Skris	{
38755714Skris	int ret=0;
38855714Skris
38955714Skris	switch(cmd)
39055714Skris		{
39155714Skris	case SSL_CTRL_GET_SESSION_REUSED:
39255714Skris		ret=s->hit;
39355714Skris		break;
394273415Sdelphij	case SSL_CTRL_CHECK_PROTO_VERSION:
395273415Sdelphij		return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg);
39655714Skris	default:
39755714Skris		break;
39855714Skris		}
39955714Skris	return(ret);
40055714Skris	}
40155714Skris
402160817Ssimonlong ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
40359194Skris	{
40459194Skris	return(0);
40559194Skris	}
40659194Skris
407110007Smarkmlong ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
40855714Skris	{
40955714Skris	return(0);
41055714Skris	}
41155714Skris
412160817Ssimonlong ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
41359194Skris	{
41459194Skris	return(0);
41559194Skris	}
41659194Skris
41755714Skris/* This function needs to check if the ciphers required are actually
41855714Skris * available */
419238405Sjkimconst SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
42055714Skris	{
421238405Sjkim	SSL_CIPHER c;
422238405Sjkim	const SSL_CIPHER *cp;
42355714Skris	unsigned long id;
42455714Skris
42555714Skris	id=0x02000000L|((unsigned long)p[0]<<16L)|
42655714Skris		((unsigned long)p[1]<<8L)|(unsigned long)p[2];
42755714Skris	c.id=id;
428238405Sjkim	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
429160817Ssimon	if ((cp == NULL) || (cp->valid == 0))
430160817Ssimon		return NULL;
43155714Skris	else
432160817Ssimon		return cp;
43355714Skris	}
43455714Skris
43555714Skrisint ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
43655714Skris	{
43755714Skris	long l;
43855714Skris
43955714Skris	if (p != NULL)
44055714Skris		{
44155714Skris		l=c->id;
442273415Sdelphij		if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV) return(0);
44355714Skris		p[0]=((unsigned char)(l>>16L))&0xFF;
44455714Skris		p[1]=((unsigned char)(l>> 8L))&0xFF;
44555714Skris		p[2]=((unsigned char)(l     ))&0xFF;
44655714Skris		}
44755714Skris	return(3);
44855714Skris	}
44955714Skris
450101621Snectarint ssl2_generate_key_material(SSL *s)
45155714Skris	{
45255714Skris	unsigned int i;
453110007Smarkm	EVP_MD_CTX ctx;
45455714Skris	unsigned char *km;
45555714Skris	unsigned char c='0';
456110007Smarkm	const EVP_MD *md5;
457238405Sjkim	int md_size;
45855714Skris
459110007Smarkm	md5 = EVP_md5();
460110007Smarkm
46155714Skris#ifdef CHARSET_EBCDIC
46255714Skris	c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0',
46355714Skris				see SSLv2 docu */
46455714Skris#endif
465110007Smarkm	EVP_MD_CTX_init(&ctx);
46655714Skris	km=s->s2->key_material;
467101621Snectar
468160817Ssimon 	if (s->session->master_key_length < 0 ||
469160817Ssimon			s->session->master_key_length > (int)sizeof(s->session->master_key))
470110007Smarkm 		{
471110007Smarkm 		SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
472110007Smarkm 		return 0;
473110007Smarkm 		}
474238405Sjkim	md_size = EVP_MD_size(md5);
475238405Sjkim	if (md_size < 0)
476238405Sjkim	    return 0;
477238405Sjkim	for (i=0; i<s->s2->key_material_length; i += md_size)
47855714Skris		{
479238405Sjkim		if (((km - s->s2->key_material) + md_size) >
480160817Ssimon				(int)sizeof(s->s2->key_material))
481101621Snectar			{
482110007Smarkm			/* EVP_DigestFinal_ex() below would write beyond buffer */
483110007Smarkm			SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
484101621Snectar			return 0;
485101621Snectar			}
486101621Snectar
487110007Smarkm		EVP_DigestInit_ex(&ctx, md5, NULL);
48855714Skris
489110007Smarkm		OPENSSL_assert(s->session->master_key_length >= 0
490110007Smarkm		    && s->session->master_key_length
491160817Ssimon		    < (int)sizeof(s->session->master_key));
492110007Smarkm		EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
493110007Smarkm		EVP_DigestUpdate(&ctx,&c,1);
49455714Skris		c++;
495110007Smarkm		EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length);
496110007Smarkm		EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length);
497110007Smarkm		EVP_DigestFinal_ex(&ctx,km,NULL);
498238405Sjkim		km += md_size;
49955714Skris		}
500101621Snectar
501110007Smarkm	EVP_MD_CTX_cleanup(&ctx);
502101621Snectar	return 1;
50355714Skris	}
50455714Skris
50555714Skrisvoid ssl2_return_error(SSL *s, int err)
50655714Skris	{
50755714Skris	if (!s->error)
50855714Skris		{
50955714Skris		s->error=3;
51055714Skris		s->error_code=err;
51155714Skris
51255714Skris		ssl2_write_error(s);
51355714Skris		}
51455714Skris	}
51555714Skris
51655714Skris
51755714Skrisvoid ssl2_write_error(SSL *s)
51855714Skris	{
51955714Skris	unsigned char buf[3];
52055714Skris	int i,error;
52155714Skris
52255714Skris	buf[0]=SSL2_MT_ERROR;
52355714Skris	buf[1]=(s->error_code>>8)&0xff;
52455714Skris	buf[2]=(s->error_code)&0xff;
52555714Skris
52655714Skris/*	state=s->rwstate;*/
527101621Snectar
528101621Snectar	error=s->error; /* number of bytes left to write */
52955714Skris	s->error=0;
530160817Ssimon	OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
53155714Skris	i=ssl2_write(s,&(buf[3-error]),error);
532101621Snectar
53355714Skris/*	if (i == error) s->rwstate=state; */
53455714Skris
53555714Skris	if (i < 0)
53655714Skris		s->error=error;
537110007Smarkm	else
538110007Smarkm		{
53955714Skris		s->error=error-i;
540110007Smarkm
541110007Smarkm		if (s->error == 0)
542110007Smarkm			if (s->msg_callback)
543110007Smarkm				s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */
544110007Smarkm		}
54555714Skris	}
54655714Skris
54755714Skrisint ssl2_shutdown(SSL *s)
54855714Skris	{
54955714Skris	s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
55055714Skris	return(1);
55155714Skris	}
552110007Smarkm#else /* !OPENSSL_NO_SSL2 */
55359194Skris
55459194Skris# if PEDANTIC
55559194Skrisstatic void *dummy=&dummy;
55659194Skris# endif
55759194Skris
55855714Skris#endif
559