155714Skris/* ssl/s2_pkt.c */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 855714Skris * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1555714Skris * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 2255714Skris * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4055714Skris * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 5255714Skris * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5772616Skris */ 5872616Skris/* ==================================================================== 5989840Skris * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. 6055949Skris * 6172616Skris * Redistribution and use in source and binary forms, with or without 6272616Skris * modification, are permitted provided that the following conditions 6372616Skris * are met: 6472616Skris * 6572616Skris * 1. Redistributions of source code must retain the above copyright 6672616Skris * notice, this list of conditions and the following disclaimer. 6772616Skris * 6872616Skris * 2. Redistributions in binary form must reproduce the above copyright 6972616Skris * notice, this list of conditions and the following disclaimer in 7072616Skris * the documentation and/or other materials provided with the 7172616Skris * distribution. 7272616Skris * 7372616Skris * 3. All advertising materials mentioning features or use of this 7472616Skris * software must display the following acknowledgment: 7572616Skris * "This product includes software developed by the OpenSSL Project 7672616Skris * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 7772616Skris * 7872616Skris * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 7972616Skris * endorse or promote products derived from this software without 8072616Skris * prior written permission. For written permission, please contact 8172616Skris * openssl-core@openssl.org. 8272616Skris * 8372616Skris * 5. Products derived from this software may not be called "OpenSSL" 8472616Skris * nor may "OpenSSL" appear in their names without prior written 8572616Skris * permission of the OpenSSL Project. 8672616Skris * 8772616Skris * 6. Redistributions of any form whatsoever must retain the following 8872616Skris * acknowledgment: 8972616Skris * "This product includes software developed by the OpenSSL Project 9072616Skris * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 9172616Skris * 9272616Skris * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 9372616Skris * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 9472616Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 9572616Skris * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 9672616Skris * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 9772616Skris * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 9872616Skris * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 9972616Skris * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 10072616Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 10172616Skris * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 10272616Skris * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 10372616Skris * OF THE POSSIBILITY OF SUCH DAMAGE. 10472616Skris * ==================================================================== 10572616Skris * 10672616Skris * This product includes cryptographic software written by Eric Young 10772616Skris * (eay@cryptsoft.com). This product includes software written by Tim 10872616Skris * Hudson (tjh@cryptsoft.com). 10972616Skris * 11055714Skris */ 11155714Skris 11259194Skris#include "ssl_locl.h" 113110007Smarkm#ifndef OPENSSL_NO_SSL2 11455714Skris#include <stdio.h> 11555714Skris#include <errno.h> 11655714Skris#define USE_SOCKETS 11755714Skris 11855714Skrisstatic int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); 119238405Sjkimstatic int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); 12055714Skrisstatic int write_pending(SSL *s, const unsigned char *buf, unsigned int len); 12155714Skrisstatic int ssl_mt_error(int n); 12255714Skris 12355714Skris 12472616Skris/* SSL 2.0 imlementation for SSL_read/SSL_peek - 12555714Skris * This routine will return 0 to len bytes, decrypted etc if required. 12655714Skris */ 12772616Skrisstatic int ssl2_read_internal(SSL *s, void *buf, int len, int peek) 12855714Skris { 12955714Skris int n; 13055714Skris unsigned char mac[MAX_MAC_SIZE]; 13155714Skris unsigned char *p; 13255714Skris int i; 133238405Sjkim int mac_size; 13455714Skris 13572616Skris ssl2_read_again: 13655714Skris if (SSL_in_init(s) && !s->in_handshake) 13755714Skris { 13855714Skris n=s->handshake_func(s); 13955714Skris if (n < 0) return(n); 14055714Skris if (n == 0) 14155714Skris { 14272616Skris SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAILURE); 14355714Skris return(-1); 14455714Skris } 14555714Skris } 14655714Skris 14755714Skris clear_sys_error(); 14855714Skris s->rwstate=SSL_NOTHING; 14955714Skris if (len <= 0) return(len); 15055714Skris 15155714Skris if (s->s2->ract_data_length != 0) /* read from buffer */ 15255714Skris { 15355714Skris if (len > s->s2->ract_data_length) 15455714Skris n=s->s2->ract_data_length; 15555714Skris else 15655714Skris n=len; 15755714Skris 15855714Skris memcpy(buf,s->s2->ract_data,(unsigned int)n); 15972616Skris if (!peek) 16072616Skris { 16172616Skris s->s2->ract_data_length-=n; 16272616Skris s->s2->ract_data+=n; 16372616Skris if (s->s2->ract_data_length == 0) 16472616Skris s->rstate=SSL_ST_READ_HEADER; 16572616Skris } 16672616Skris 16755714Skris return(n); 16855714Skris } 16955714Skris 17072616Skris /* s->s2->ract_data_length == 0 17172616Skris * 17272616Skris * Fill the buffer, then goto ssl2_read_again. 17372616Skris */ 17472616Skris 17555714Skris if (s->rstate == SSL_ST_READ_HEADER) 17655714Skris { 17755714Skris if (s->first_packet) 17855714Skris { 17955714Skris n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0); 18055714Skris if (n <= 0) return(n); /* error or non-blocking */ 18155714Skris s->first_packet=0; 18255714Skris p=s->packet; 18355714Skris if (!((p[0] & 0x80) && ( 18455714Skris (p[2] == SSL2_MT_CLIENT_HELLO) || 18555714Skris (p[2] == SSL2_MT_SERVER_HELLO)))) 18655714Skris { 18772616Skris SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_NON_SSLV2_INITIAL_PACKET); 18855714Skris return(-1); 18955714Skris } 19055714Skris } 19155714Skris else 19255714Skris { 19355714Skris n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0); 19455714Skris if (n <= 0) return(n); /* error or non-blocking */ 19555714Skris } 19655714Skris /* part read stuff */ 19755714Skris 19855714Skris s->rstate=SSL_ST_READ_BODY; 19955714Skris p=s->packet; 20055714Skris /* Do header */ 20155714Skris /*s->s2->padding=0;*/ 20255714Skris s->s2->escape=0; 20355714Skris s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]); 20455714Skris if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */ 20555714Skris { 20655714Skris s->s2->three_byte_header=0; 20755714Skris s->s2->rlength&=TWO_BYTE_MASK; 20855714Skris } 20955714Skris else 21055714Skris { 21155714Skris s->s2->three_byte_header=1; 21255714Skris s->s2->rlength&=THREE_BYTE_MASK; 21355714Skris 21455714Skris /* security >s2->escape */ 21555714Skris s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0; 21655714Skris } 21755714Skris } 21855714Skris 21955714Skris if (s->rstate == SSL_ST_READ_BODY) 22055714Skris { 22155714Skris n=s->s2->rlength+2+s->s2->three_byte_header; 22255714Skris if (n > (int)s->packet_length) 22355714Skris { 22455714Skris n-=s->packet_length; 22555714Skris i=read_n(s,(unsigned int)n,(unsigned int)n,1); 22655714Skris if (i <= 0) return(i); /* ERROR */ 22755714Skris } 22855714Skris 22955714Skris p= &(s->packet[2]); 23055714Skris s->rstate=SSL_ST_READ_HEADER; 23155714Skris if (s->s2->three_byte_header) 23255714Skris s->s2->padding= *(p++); 23355714Skris else s->s2->padding=0; 23455714Skris 23555714Skris /* Data portion */ 23655714Skris if (s->s2->clear_text) 23755714Skris { 23889840Skris mac_size = 0; 23955714Skris s->s2->mac_data=p; 24055714Skris s->s2->ract_data=p; 24189840Skris if (s->s2->padding) 24289840Skris { 24389840Skris SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); 24489840Skris return(-1); 24589840Skris } 24655714Skris } 24755714Skris else 24855714Skris { 249238405Sjkim mac_size=EVP_MD_CTX_size(s->read_hash); 250238405Sjkim if (mac_size < 0) 251238405Sjkim return -1; 252110007Smarkm OPENSSL_assert(mac_size <= MAX_MAC_SIZE); 25355714Skris s->s2->mac_data=p; 25455714Skris s->s2->ract_data= &p[mac_size]; 25589840Skris if (s->s2->padding + mac_size > s->s2->rlength) 25689840Skris { 25789840Skris SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); 25889840Skris return(-1); 25989840Skris } 26055714Skris } 26155714Skris 26255714Skris s->s2->ract_data_length=s->s2->rlength; 26355714Skris /* added a check for length > max_size in case 26455714Skris * encryption was not turned on yet due to an error */ 26555714Skris if ((!s->s2->clear_text) && 266238405Sjkim (s->s2->rlength >= (unsigned int)mac_size)) 26755714Skris { 268279264Sdelphij if(!ssl2_enc(s,0)) 269279264Sdelphij { 270279264Sdelphij SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_DECRYPTION_FAILED); 271279264Sdelphij return(-1); 272279264Sdelphij } 27355714Skris s->s2->ract_data_length-=mac_size; 27455714Skris ssl2_mac(s,mac,0); 27555714Skris s->s2->ract_data_length-=s->s2->padding; 276246772Sjkim if ( (CRYPTO_memcmp(mac,s->s2->mac_data,mac_size) != 0) || 27755714Skris (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) 27855714Skris { 27972616Skris SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE); 28055714Skris return(-1); 28155714Skris } 28255714Skris } 28355714Skris INC32(s->s2->read_sequence); /* expect next number */ 28455714Skris /* s->s2->ract_data is now available for processing */ 28555714Skris 28672616Skris /* Possibly the packet that we just read had 0 actual data bytes. 28772616Skris * (SSLeay/OpenSSL itself never sends such packets; see ssl2_write.) 28872616Skris * In this case, returning 0 would be interpreted by the caller 28972616Skris * as indicating EOF, so it's not a good idea. Instead, we just 29072616Skris * continue reading; thus ssl2_read_internal may have to process 29172616Skris * multiple packets before it can return. 29272616Skris * 29372616Skris * [Note that using select() for blocking sockets *never* guarantees 29455714Skris * that the next SSL_read will not block -- the available 29572616Skris * data may contain incomplete packets, and except for SSL 2, 29672616Skris * renegotiation can confuse things even more.] */ 29755714Skris 29855714Skris goto ssl2_read_again; /* This should really be 29972616Skris * "return ssl2_read(s,buf,len)", 30072616Skris * but that would allow for 30172616Skris * denial-of-service attacks if a 30272616Skris * C compiler is used that does not 30372616Skris * recognize end-recursion. */ 30455714Skris } 30555714Skris else 30655714Skris { 30772616Skris SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_STATE); 30855714Skris return(-1); 30955714Skris } 31055714Skris } 31155714Skris 31272616Skrisint ssl2_read(SSL *s, void *buf, int len) 31372616Skris { 31472616Skris return ssl2_read_internal(s, buf, len, 0); 31572616Skris } 31672616Skris 31776870Skrisint ssl2_peek(SSL *s, void *buf, int len) 31872616Skris { 31972616Skris return ssl2_read_internal(s, buf, len, 1); 32072616Skris } 32172616Skris 32255714Skrisstatic int read_n(SSL *s, unsigned int n, unsigned int max, 32355714Skris unsigned int extend) 32455714Skris { 32555714Skris int i,off,newb; 32655714Skris 32755714Skris /* if there is stuff still in the buffer from a previous read, 32855714Skris * and there is more than we want, take some. */ 32955714Skris if (s->s2->rbuf_left >= (int)n) 33055714Skris { 33155714Skris if (extend) 33255714Skris s->packet_length+=n; 33355714Skris else 33455714Skris { 33555714Skris s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]); 33655714Skris s->packet_length=n; 33755714Skris } 33855714Skris s->s2->rbuf_left-=n; 33955714Skris s->s2->rbuf_offs+=n; 34055714Skris return(n); 34155714Skris } 34255714Skris 34355714Skris if (!s->read_ahead) max=n; 34455714Skris if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) 34555714Skris max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2; 34655714Skris 34755714Skris 34855714Skris /* Else we want more than we have. 34955714Skris * First, if there is some left or we want to extend */ 35055714Skris off=0; 35155714Skris if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) 35255714Skris { 35355714Skris newb=s->s2->rbuf_left; 35455714Skris if (extend) 35555714Skris { 35655714Skris off=s->packet_length; 35755714Skris if (s->packet != s->s2->rbuf) 35855714Skris memcpy(s->s2->rbuf,s->packet, 35955714Skris (unsigned int)newb+off); 36055714Skris } 36155714Skris else if (s->s2->rbuf_offs != 0) 36255714Skris { 36355714Skris memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]), 36455714Skris (unsigned int)newb); 36555714Skris s->s2->rbuf_offs=0; 36655714Skris } 36755714Skris s->s2->rbuf_left=0; 36855714Skris } 36955714Skris else 37055714Skris newb=0; 37155714Skris 37255714Skris /* off is the offset to start writing too. 37355714Skris * r->s2->rbuf_offs is the 'unread data', now 0. 37455714Skris * newb is the number of new bytes so far 37555714Skris */ 37655714Skris s->packet=s->s2->rbuf; 37755714Skris while (newb < (int)n) 37855714Skris { 37955714Skris clear_sys_error(); 38055714Skris if (s->rbio != NULL) 38155714Skris { 38255714Skris s->rwstate=SSL_READING; 38355714Skris i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]), 38455714Skris max-newb); 38555714Skris } 38655714Skris else 38755714Skris { 38855714Skris SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET); 38955714Skris i= -1; 39055714Skris } 39155714Skris#ifdef PKT_DEBUG 39255714Skris if (s->debug & 0x01) sleep(1); 39355714Skris#endif 39455714Skris if (i <= 0) 39555714Skris { 39655714Skris s->s2->rbuf_left+=newb; 39755714Skris return(i); 39855714Skris } 39955714Skris newb+=i; 40055714Skris } 40155714Skris 40255714Skris /* record unread data */ 40355714Skris if (newb > (int)n) 40455714Skris { 40555714Skris s->s2->rbuf_offs=n+off; 40655714Skris s->s2->rbuf_left=newb-n; 40755714Skris } 40855714Skris else 40955714Skris { 41055714Skris s->s2->rbuf_offs=0; 41155714Skris s->s2->rbuf_left=0; 41255714Skris } 41355714Skris if (extend) 41455714Skris s->packet_length+=n; 41555714Skris else 41655714Skris s->packet_length=n; 41755714Skris s->rwstate=SSL_NOTHING; 41855714Skris return(n); 41955714Skris } 42055714Skris 42155714Skrisint ssl2_write(SSL *s, const void *_buf, int len) 42255714Skris { 42355714Skris const unsigned char *buf=_buf; 42455714Skris unsigned int n,tot; 42555714Skris int i; 42655714Skris 42755714Skris if (SSL_in_init(s) && !s->in_handshake) 42855714Skris { 42955714Skris i=s->handshake_func(s); 43055714Skris if (i < 0) return(i); 43155714Skris if (i == 0) 43255714Skris { 43355714Skris SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); 43455714Skris return(-1); 43555714Skris } 43655714Skris } 43755714Skris 43855714Skris if (s->error) 43955714Skris { 44055714Skris ssl2_write_error(s); 44155714Skris if (s->error) 44255714Skris return(-1); 44355714Skris } 44455714Skris 44555714Skris clear_sys_error(); 44655714Skris s->rwstate=SSL_NOTHING; 44755714Skris if (len <= 0) return(len); 44855714Skris 44955714Skris tot=s->s2->wnum; 45055714Skris s->s2->wnum=0; 45155714Skris 45255714Skris n=(len-tot); 45355714Skris for (;;) 45455714Skris { 455238405Sjkim i=n_do_ssl_write(s,&(buf[tot]),n); 45655714Skris if (i <= 0) 45755714Skris { 45855714Skris s->s2->wnum=tot; 45955714Skris return(i); 46055714Skris } 46155714Skris if ((i == (int)n) || 46255714Skris (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) 46355714Skris { 46455714Skris return(tot+i); 46555714Skris } 46655714Skris 46755714Skris n-=i; 46855714Skris tot+=i; 46955714Skris } 47055714Skris } 47155714Skris 47255714Skrisstatic int write_pending(SSL *s, const unsigned char *buf, unsigned int len) 47355714Skris { 47455714Skris int i; 47555714Skris 47655714Skris /* s->s2->wpend_len != 0 MUST be true. */ 47755714Skris 47855714Skris /* check that they have given us the same buffer to 47955714Skris * write */ 48055714Skris if ((s->s2->wpend_tot > (int)len) || 48155714Skris ((s->s2->wpend_buf != buf) && 48255714Skris !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) 48355714Skris { 48455714Skris SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); 48555714Skris return(-1); 48655714Skris } 48755714Skris 48855714Skris for (;;) 48955714Skris { 49055714Skris clear_sys_error(); 49155714Skris if (s->wbio != NULL) 49255714Skris { 49355714Skris s->rwstate=SSL_WRITING; 49455714Skris i=BIO_write(s->wbio, 49555714Skris (char *)&(s->s2->write_ptr[s->s2->wpend_off]), 49655714Skris (unsigned int)s->s2->wpend_len); 49755714Skris } 49855714Skris else 49955714Skris { 50055714Skris SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET); 50155714Skris i= -1; 50255714Skris } 50355714Skris#ifdef PKT_DEBUG 50455714Skris if (s->debug & 0x01) sleep(1); 50555714Skris#endif 50655714Skris if (i == s->s2->wpend_len) 50755714Skris { 50855714Skris s->s2->wpend_len=0; 50955714Skris s->rwstate=SSL_NOTHING; 51055714Skris return(s->s2->wpend_ret); 51155714Skris } 51255714Skris else if (i <= 0) 51355714Skris return(i); 51455714Skris s->s2->wpend_off+=i; 51555714Skris s->s2->wpend_len-=i; 51655714Skris } 51755714Skris } 51855714Skris 519238405Sjkimstatic int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) 52055714Skris { 521238405Sjkim unsigned int j,k,olen,p,bs; 522238405Sjkim int mac_size; 52355714Skris register unsigned char *pp; 52455714Skris 52555714Skris olen=len; 52655714Skris 52755714Skris /* first check if there is data from an encryption waiting to 52855714Skris * be sent - it must be sent because the other end is waiting. 52955714Skris * This will happen with non-blocking IO. We print it and then 53055714Skris * return. 53155714Skris */ 53255714Skris if (s->s2->wpend_len != 0) return(write_pending(s,buf,len)); 53355714Skris 53455714Skris /* set mac_size to mac size */ 53555714Skris if (s->s2->clear_text) 53655714Skris mac_size=0; 53755714Skris else 538238405Sjkim { 539238405Sjkim mac_size=EVP_MD_CTX_size(s->write_hash); 540238405Sjkim if (mac_size < 0) 541238405Sjkim return -1; 542238405Sjkim } 54355714Skris 54455714Skris /* lets set the pad p */ 54555714Skris if (s->s2->clear_text) 54655714Skris { 54755714Skris if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) 54855714Skris len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; 54955714Skris p=0; 55055714Skris s->s2->three_byte_header=0; 55155714Skris /* len=len; */ 55255714Skris } 55355714Skris else 55455714Skris { 55555714Skris bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx); 55655714Skris j=len+mac_size; 55772616Skris /* Two-byte headers allow for a larger record length than 55872616Skris * three-byte headers, but we can't use them if we need 55972616Skris * padding or if we have to set the escape bit. */ 56055714Skris if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) && 56155714Skris (!s->s2->escape)) 56255714Skris { 56355714Skris if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) 56455714Skris j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; 56555714Skris /* set k to the max number of bytes with 2 56655714Skris * byte header */ 56755714Skris k=j-(j%bs); 56855714Skris /* how many data bytes? */ 56955714Skris len=k-mac_size; 57055714Skris s->s2->three_byte_header=0; 57155714Skris p=0; 57255714Skris } 57355714Skris else if ((bs <= 1) && (!s->s2->escape)) 57455714Skris { 57572616Skris /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus 57672616Skris * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */ 57755714Skris s->s2->three_byte_header=0; 57855714Skris p=0; 57955714Skris } 58072616Skris else /* we may have to use a 3 byte header */ 58155714Skris { 58272616Skris /* If s->s2->escape is not set, then 58372616Skris * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus 58472616Skris * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */ 58555714Skris p=(j%bs); 58655714Skris p=(p == 0)?0:(bs-p); 58755714Skris if (s->s2->escape) 58872616Skris { 58955714Skris s->s2->three_byte_header=1; 59072616Skris if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) 59172616Skris j=SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER; 59272616Skris } 59355714Skris else 59455714Skris s->s2->three_byte_header=(p == 0)?0:1; 59555714Skris } 59655714Skris } 59772616Skris 59872616Skris /* Now 59972616Skris * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 60072616Skris * holds, and if s->s2->three_byte_header is set, then even 60172616Skris * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER. 60272616Skris */ 60372616Skris 60455714Skris /* mac_size is the number of MAC bytes 60555714Skris * len is the number of data bytes we are going to send 60655714Skris * p is the number of padding bytes 60772616Skris * (if it is a two-byte header, then p == 0) */ 60855714Skris 60955714Skris s->s2->wlength=len; 61055714Skris s->s2->padding=p; 61155714Skris s->s2->mac_data= &(s->s2->wbuf[3]); 61255714Skris s->s2->wact_data= &(s->s2->wbuf[3+mac_size]); 61355714Skris /* we copy the data into s->s2->wbuf */ 61455714Skris memcpy(s->s2->wact_data,buf,len); 61555714Skris if (p) 61689840Skris memset(&(s->s2->wact_data[len]),0,p); /* arbitrary padding */ 61755714Skris 61855714Skris if (!s->s2->clear_text) 61955714Skris { 62055714Skris s->s2->wact_data_length=len+p; 62155714Skris ssl2_mac(s,s->s2->mac_data,1); 62255714Skris s->s2->wlength+=p+mac_size; 623279264Sdelphij if(ssl2_enc(s,1) < 1) 624279264Sdelphij return -1; 62555714Skris } 62655714Skris 62755714Skris /* package up the header */ 62855714Skris s->s2->wpend_len=s->s2->wlength; 62955714Skris if (s->s2->three_byte_header) /* 3 byte header */ 63055714Skris { 63155714Skris pp=s->s2->mac_data; 63255714Skris pp-=3; 63355714Skris pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8); 63455714Skris if (s->s2->escape) pp[0]|=SEC_ESC_BIT; 63555714Skris pp[1]=s->s2->wlength&0xff; 63655714Skris pp[2]=s->s2->padding; 63755714Skris s->s2->wpend_len+=3; 63855714Skris } 63955714Skris else 64055714Skris { 64155714Skris pp=s->s2->mac_data; 64255714Skris pp-=2; 64355714Skris pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT; 64455714Skris pp[1]=s->s2->wlength&0xff; 64555714Skris s->s2->wpend_len+=2; 64655714Skris } 64755714Skris s->s2->write_ptr=pp; 64855714Skris 64955714Skris INC32(s->s2->write_sequence); /* expect next number */ 65055714Skris 65155714Skris /* lets try to actually write the data */ 65255714Skris s->s2->wpend_tot=olen; 65355714Skris s->s2->wpend_buf=buf; 65455714Skris 65555714Skris s->s2->wpend_ret=len; 65655714Skris 65755714Skris s->s2->wpend_off=0; 65855714Skris return(write_pending(s,buf,olen)); 65955714Skris } 66055714Skris 66155714Skrisint ssl2_part_read(SSL *s, unsigned long f, int i) 66255714Skris { 66355714Skris unsigned char *p; 66455714Skris int j; 66555714Skris 66655714Skris if (i < 0) 66755714Skris { 66855714Skris /* ssl2_return_error(s); */ 66955714Skris /* for non-blocking io, 67089840Skris * this is not necessarily fatal */ 67155714Skris return(i); 67255714Skris } 67355714Skris else 67455714Skris { 67555714Skris s->init_num+=i; 67689840Skris 67789840Skris /* Check for error. While there are recoverable errors, 67889840Skris * this function is not called when those must be expected; 67989840Skris * any error detected here is fatal. */ 68089840Skris if (s->init_num >= 3) 68189840Skris { 68289840Skris p=(unsigned char *)s->init_buf->data; 68389840Skris if (p[0] == SSL2_MT_ERROR) 68489840Skris { 68589840Skris j=(p[1]<<8)|p[2]; 68689840Skris SSLerr((int)f,ssl_mt_error(j)); 68789840Skris s->init_num -= 3; 68889840Skris if (s->init_num > 0) 68989840Skris memmove(p, p+3, s->init_num); 69089840Skris } 69189840Skris } 69289840Skris 69389840Skris /* If it's not an error message, we have some error anyway -- 69489840Skris * the message was shorter than expected. This too is treated 69589840Skris * as fatal (at least if SSL_get_error is asked for its opinion). */ 69655714Skris return(0); 69755714Skris } 69855714Skris } 69955714Skris 70055714Skrisint ssl2_do_write(SSL *s) 70155714Skris { 70255714Skris int ret; 70355714Skris 70455714Skris ret=ssl2_write(s,&s->init_buf->data[s->init_off],s->init_num); 70555714Skris if (ret == s->init_num) 70689840Skris { 707110007Smarkm if (s->msg_callback) 708110007Smarkm s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg); 70955714Skris return(1); 71089840Skris } 71155714Skris if (ret < 0) 71255714Skris return(-1); 71355714Skris s->init_off+=ret; 71455714Skris s->init_num-=ret; 71555714Skris return(0); 71655714Skris } 71755714Skris 71855714Skrisstatic int ssl_mt_error(int n) 71955714Skris { 72055714Skris int ret; 72155714Skris 72255714Skris switch (n) 72355714Skris { 72455714Skris case SSL2_PE_NO_CIPHER: 72555714Skris ret=SSL_R_PEER_ERROR_NO_CIPHER; 72655714Skris break; 72755714Skris case SSL2_PE_NO_CERTIFICATE: 72855714Skris ret=SSL_R_PEER_ERROR_NO_CERTIFICATE; 72955714Skris break; 73055714Skris case SSL2_PE_BAD_CERTIFICATE: 73155714Skris ret=SSL_R_PEER_ERROR_CERTIFICATE; 73255714Skris break; 73355714Skris case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE: 73455714Skris ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE; 73555714Skris break; 73655714Skris default: 73755714Skris ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE; 73855714Skris break; 73955714Skris } 74055714Skris return(ret); 74155714Skris } 742110007Smarkm#else /* !OPENSSL_NO_SSL2 */ 74355949Skris 74459194Skris# if PEDANTIC 74559194Skrisstatic void *dummy=&dummy; 74659194Skris# endif 74759194Skris 74855949Skris#endif 749