s2_lib.c revision 280297
1191783Srmacklem/* ssl/s2_lib.c */ 2191783Srmacklem/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3191783Srmacklem * All rights reserved. 4191783Srmacklem * 5191783Srmacklem * This package is an SSL implementation written 6191783Srmacklem * by Eric Young (eay@cryptsoft.com). 7191783Srmacklem * The implementation was written so as to conform with Netscapes SSL. 8191783Srmacklem * 9191783Srmacklem * This library is free for commercial and non-commercial use as long as 10191783Srmacklem * the following conditions are aheared to. The following conditions 11191783Srmacklem * apply to all code found in this distribution, be it the RC4, RSA, 12191783Srmacklem * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13191783Srmacklem * included with this distribution is covered by the same copyright terms 14191783Srmacklem * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15191783Srmacklem * 16191783Srmacklem * Copyright remains Eric Young's, and as such any Copyright notices in 17191783Srmacklem * the code are not to be removed. 18191783Srmacklem * If this package is used in a product, Eric Young should be given attribution 19191783Srmacklem * as the author of the parts of the library used. 20191783Srmacklem * This can be in the form of a textual message at program startup or 21191783Srmacklem * in documentation (online or textual) provided with the package. 22191783Srmacklem * 23191783Srmacklem * Redistribution and use in source and binary forms, with or without 24191783Srmacklem * modification, are permitted provided that the following conditions 25191783Srmacklem * are met: 26191783Srmacklem * 1. Redistributions of source code must retain the copyright 27191783Srmacklem * notice, this list of conditions and the following disclaimer. 28191783Srmacklem * 2. Redistributions in binary form must reproduce the above copyright 29191783Srmacklem * notice, this list of conditions and the following disclaimer in the 30191783Srmacklem * documentation and/or other materials provided with the distribution. 31191783Srmacklem * 3. All advertising materials mentioning features or use of this software 32191783Srmacklem * must display the following acknowledgement: 33191783Srmacklem * "This product includes cryptographic software written by 34191783Srmacklem * Eric Young (eay@cryptsoft.com)" 35191783Srmacklem * The word 'cryptographic' can be left out if the rouines from the library 36191783Srmacklem * being used are not cryptographic related :-). 37191783Srmacklem * 4. If you include any Windows specific code (or a derivative thereof) from 38191783Srmacklem * the apps directory (application code) you must include an acknowledgement: 39198289Sjh * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40191783Srmacklem * 41198289Sjh * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42191783Srmacklem * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43191783Srmacklem * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44191783Srmacklem * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45191783Srmacklem * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46191783Srmacklem * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47191783Srmacklem * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48191783Srmacklem * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49191783Srmacklem * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50191783Srmacklem * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51191783Srmacklem * SUCH DAMAGE. 52191783Srmacklem * 53198289Sjh * The licence and distribution terms for any publically available version or 54198289Sjh * derivative of this code cannot be changed. i.e. this code cannot simply be 55191783Srmacklem * copied and put under another distribution licence 56191783Srmacklem * [including the GNU Public Licence.] 57191783Srmacklem */ 58191783Srmacklem/* ==================================================================== 59191783Srmacklem * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60191783Srmacklem * 61191783Srmacklem * Redistribution and use in source and binary forms, with or without 62191783Srmacklem * modification, are permitted provided that the following conditions 63191783Srmacklem * are met: 64191783Srmacklem * 65191783Srmacklem * 1. Redistributions of source code must retain the above copyright 66191783Srmacklem * notice, this list of conditions and the following disclaimer. 67227744Srmacklem * 68227744Srmacklem * 2. Redistributions in binary form must reproduce the above copyright 69191783Srmacklem * notice, this list of conditions and the following disclaimer in 70191783Srmacklem * the documentation and/or other materials provided with the 71191783Srmacklem * distribution. 72191783Srmacklem * 73191783Srmacklem * 3. All advertising materials mentioning features or use of this 74191783Srmacklem * software must display the following acknowledgment: 75191783Srmacklem * "This product includes software developed by the OpenSSL Project 76191783Srmacklem * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77191783Srmacklem * 78191783Srmacklem * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79191783Srmacklem * endorse or promote products derived from this software without 80191783Srmacklem * prior written permission. For written permission, please contact 81191783Srmacklem * openssl-core@openssl.org. 82191783Srmacklem * 83191783Srmacklem * 5. Products derived from this software may not be called "OpenSSL" 84191783Srmacklem * nor may "OpenSSL" appear in their names without prior written 85191783Srmacklem * permission of the OpenSSL Project. 86191783Srmacklem * 87191783Srmacklem * 6. Redistributions of any form whatsoever must retain the following 88191783Srmacklem * acknowledgment: 89191783Srmacklem * "This product includes software developed by the OpenSSL Project 90191783Srmacklem * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91191783Srmacklem * 92191783Srmacklem * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93191783Srmacklem * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94191783Srmacklem * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95191783Srmacklem * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96191783Srmacklem * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97191783Srmacklem * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98223774Srmacklem * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99191783Srmacklem * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100191783Srmacklem * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101191783Srmacklem * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102191783Srmacklem * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103191783Srmacklem * OF THE POSSIBILITY OF SUCH DAMAGE. 104191783Srmacklem * ==================================================================== 105191783Srmacklem * 106191783Srmacklem * This product includes cryptographic software written by Eric Young 107191783Srmacklem * (eay@cryptsoft.com). This product includes software written by Tim 108191783Srmacklem * Hudson (tjh@cryptsoft.com). 109191783Srmacklem * 110191783Srmacklem */ 111191783Srmacklem 112191783Srmacklem#include "ssl_locl.h" 113191783Srmacklem#ifndef OPENSSL_NO_SSL2 114191783Srmacklem# include <stdio.h> 115191783Srmacklem# include <openssl/objects.h> 116191783Srmacklem# include <openssl/evp.h> 117191783Srmacklem# include <openssl/md5.h> 118201439Srmacklem 119201439Srmacklemconst char ssl2_version_str[] = "SSLv2" OPENSSL_VERSION_PTEXT; 120191783Srmacklem 121191783Srmacklem# define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) 122191783Srmacklem 123191783Srmacklem/* list of available SSLv2 ciphers (sorted by id) */ 124191783SrmacklemOPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { 125191783Srmacklem# if 0 126191783Srmacklem/* NULL_WITH_MD5 v3 */ 127191783Srmacklem { 128191783Srmacklem 1, 129191783Srmacklem SSL2_TXT_NULL_WITH_MD5, 130191783Srmacklem SSL2_CK_NULL_WITH_MD5, 131191783Srmacklem SSL_kRSA, 132191783Srmacklem SSL_aRSA, 133191783Srmacklem SSL_eNULL, 134191783Srmacklem SSL_MD5, 135191783Srmacklem SSL_SSLV2, 136191783Srmacklem SSL_EXPORT | SSL_EXP40 | SSL_STRONG_NONE, 137191783Srmacklem 0, 138191783Srmacklem 0, 139191783Srmacklem 0, 140191783Srmacklem }, 141207082Srmacklem# endif 142191783Srmacklem 143191783Srmacklem/* RC4_128_WITH_MD5 */ 144191783Srmacklem { 145191783Srmacklem 1, 146228217Srmacklem SSL2_TXT_RC4_128_WITH_MD5, 147228217Srmacklem SSL2_CK_RC4_128_WITH_MD5, 148191783Srmacklem SSL_kRSA, 149191783Srmacklem SSL_aRSA, 150191783Srmacklem SSL_RC4, 151191783Srmacklem SSL_MD5, 152191783Srmacklem SSL_SSLV2, 153191783Srmacklem SSL_NOT_EXP | SSL_MEDIUM, 154191783Srmacklem 0, 155191783Srmacklem 128, 156191783Srmacklem 128, 157191783Srmacklem }, 158191783Srmacklem 159191783Srmacklem/* RC4_128_EXPORT40_WITH_MD5 */ 160191783Srmacklem { 161191783Srmacklem 1, 162191783Srmacklem SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, 163191783Srmacklem SSL2_CK_RC4_128_EXPORT40_WITH_MD5, 164191783Srmacklem SSL_kRSA, 165191783Srmacklem SSL_aRSA, 166191783Srmacklem SSL_RC4, 167191783Srmacklem SSL_MD5, 168191783Srmacklem SSL_SSLV2, 169191783Srmacklem SSL_EXPORT | SSL_EXP40, 170191783Srmacklem SSL2_CF_5_BYTE_ENC, 171191783Srmacklem 40, 172191783Srmacklem 128, 173191783Srmacklem }, 174191783Srmacklem 175191783Srmacklem/* RC2_128_CBC_WITH_MD5 */ 176191783Srmacklem { 177191783Srmacklem 1, 178191783Srmacklem SSL2_TXT_RC2_128_CBC_WITH_MD5, 179191783Srmacklem SSL2_CK_RC2_128_CBC_WITH_MD5, 180191783Srmacklem SSL_kRSA, 181191783Srmacklem SSL_aRSA, 182191783Srmacklem SSL_RC2, 183191783Srmacklem SSL_MD5, 184191783Srmacklem SSL_SSLV2, 185191783Srmacklem SSL_NOT_EXP | SSL_MEDIUM, 186191783Srmacklem 0, 187191783Srmacklem 128, 188191783Srmacklem 128, 189191783Srmacklem }, 190191783Srmacklem 191191783Srmacklem/* RC2_128_CBC_EXPORT40_WITH_MD5 */ 192191783Srmacklem { 193191783Srmacklem 1, 194191783Srmacklem SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, 195191783Srmacklem SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, 196191783Srmacklem SSL_kRSA, 197191783Srmacklem SSL_aRSA, 198191783Srmacklem SSL_RC2, 199191783Srmacklem SSL_MD5, 200191783Srmacklem SSL_SSLV2, 201191783Srmacklem SSL_EXPORT | SSL_EXP40, 202191783Srmacklem SSL2_CF_5_BYTE_ENC, 203191783Srmacklem 40, 204191783Srmacklem 128, 205191783Srmacklem }, 206191783Srmacklem 207191783Srmacklem# ifndef OPENSSL_NO_IDEA 208191783Srmacklem/* IDEA_128_CBC_WITH_MD5 */ 209191783Srmacklem { 210191783Srmacklem 1, 211191783Srmacklem SSL2_TXT_IDEA_128_CBC_WITH_MD5, 212191783Srmacklem SSL2_CK_IDEA_128_CBC_WITH_MD5, 213191783Srmacklem SSL_kRSA, 214191783Srmacklem SSL_aRSA, 215191783Srmacklem SSL_IDEA, 216191783Srmacklem SSL_MD5, 217191783Srmacklem SSL_SSLV2, 218191783Srmacklem SSL_NOT_EXP | SSL_MEDIUM, 219191783Srmacklem 0, 220191783Srmacklem 128, 221191783Srmacklem 128, 222191783Srmacklem }, 223191783Srmacklem# endif 224191783Srmacklem 225191783Srmacklem/* DES_64_CBC_WITH_MD5 */ 226191783Srmacklem { 227191783Srmacklem 1, 228191783Srmacklem SSL2_TXT_DES_64_CBC_WITH_MD5, 229191783Srmacklem SSL2_CK_DES_64_CBC_WITH_MD5, 230222719Srmacklem SSL_kRSA, 231191783Srmacklem SSL_aRSA, 232191783Srmacklem SSL_DES, 233191783Srmacklem SSL_MD5, 234191783Srmacklem SSL_SSLV2, 235191783Srmacklem SSL_NOT_EXP | SSL_LOW, 236191783Srmacklem 0, 237191783Srmacklem 56, 238191783Srmacklem 56, 239191783Srmacklem }, 240191783Srmacklem 241191783Srmacklem/* DES_192_EDE3_CBC_WITH_MD5 */ 242191783Srmacklem { 243191783Srmacklem 1, 244191783Srmacklem SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, 245191783Srmacklem SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, 246191783Srmacklem SSL_kRSA, 247191783Srmacklem SSL_aRSA, 248191783Srmacklem SSL_3DES, 249191783Srmacklem SSL_MD5, 250191783Srmacklem SSL_SSLV2, 251191783Srmacklem SSL_NOT_EXP | SSL_HIGH, 252191783Srmacklem 0, 253191783Srmacklem 112, 254191783Srmacklem 168, 255191783Srmacklem }, 256191783Srmacklem 257191783Srmacklem# if 0 258191783Srmacklem/* RC4_64_WITH_MD5 */ 259191783Srmacklem { 260191783Srmacklem 1, 261191783Srmacklem SSL2_TXT_RC4_64_WITH_MD5, 262191783Srmacklem SSL2_CK_RC4_64_WITH_MD5, 263191783Srmacklem SSL_kRSA, 264191783Srmacklem SSL_aRSA, 265191783Srmacklem SSL_RC4, 266191783Srmacklem SSL_MD5, 267191783Srmacklem SSL_SSLV2, 268191783Srmacklem SSL_NOT_EXP | SSL_LOW, 269191783Srmacklem SSL2_CF_8_BYTE_ENC, 270191783Srmacklem 64, 271191783Srmacklem 64, 272191783Srmacklem }, 273191783Srmacklem# endif 274191783Srmacklem 275191783Srmacklem# if 0 276191783Srmacklem/* NULL SSLeay (testing) */ 277191783Srmacklem { 278206688Srmacklem 0, 279206688Srmacklem SSL2_TXT_NULL, 280206688Srmacklem SSL2_CK_NULL, 281206688Srmacklem 0, 282206688Srmacklem 0, 283206688Srmacklem 0, 284206688Srmacklem 0, 285191783Srmacklem SSL_SSLV2, 286191783Srmacklem SSL_STRONG_NONE, 287191783Srmacklem 0, 288191783Srmacklem 0, 289191783Srmacklem 0, 290191783Srmacklem }, 291191783Srmacklem# endif 292191783Srmacklem 293191783Srmacklem/* end of list :-) */ 294191783Srmacklem}; 295191783Srmacklem 296191783Srmacklemlong ssl2_default_timeout(void) 297191783Srmacklem{ 298191783Srmacklem return (300); 299191783Srmacklem} 300191783Srmacklem 301191783Srmacklemint ssl2_num_ciphers(void) 302191783Srmacklem{ 303191783Srmacklem return (SSL2_NUM_CIPHERS); 304191783Srmacklem} 305191783Srmacklem 306191783Srmacklemconst SSL_CIPHER *ssl2_get_cipher(unsigned int u) 307191783Srmacklem{ 308191783Srmacklem if (u < SSL2_NUM_CIPHERS) 309191783Srmacklem return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u])); 310191783Srmacklem else 311191783Srmacklem return (NULL); 312191783Srmacklem} 313191783Srmacklem 314191783Srmacklemint ssl2_pending(const SSL *s) 315191783Srmacklem{ 316191783Srmacklem return SSL_in_init(s) ? 0 : s->s2->ract_data_length; 317191783Srmacklem} 318191783Srmacklem 319191783Srmacklemint ssl2_new(SSL *s) 320191783Srmacklem{ 321191783Srmacklem SSL2_STATE *s2; 322191783Srmacklem 323191783Srmacklem if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL) 324191783Srmacklem goto err; 325191783Srmacklem memset(s2, 0, sizeof *s2); 326191783Srmacklem 327191783Srmacklem# if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2 328191783Srmacklem# error "assertion failed" 329191783Srmacklem# endif 330191783Srmacklem 331191783Srmacklem if ((s2->rbuf = 332191783Srmacklem OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL) 333191783Srmacklem goto err; 334191783Srmacklem /* 335191783Srmacklem * wbuf needs one byte more because when using two-byte headers, we leave 336191783Srmacklem * the first byte unused in do_ssl_write (s2_pkt.c) 337191783Srmacklem */ 338191783Srmacklem if ((s2->wbuf = 339191783Srmacklem OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL) 340191783Srmacklem goto err; 341191783Srmacklem s->s2 = s2; 342191783Srmacklem 343191783Srmacklem ssl2_clear(s); 344191783Srmacklem return (1); 345191783Srmacklem err: 346191783Srmacklem if (s2 != NULL) { 347191783Srmacklem if (s2->wbuf != NULL) 348191783Srmacklem OPENSSL_free(s2->wbuf); 349191783Srmacklem if (s2->rbuf != NULL) 350191783Srmacklem OPENSSL_free(s2->rbuf); 351191783Srmacklem OPENSSL_free(s2); 352191783Srmacklem } 353191783Srmacklem return (0); 354191783Srmacklem} 355191783Srmacklem 356191783Srmacklemvoid ssl2_free(SSL *s) 357191783Srmacklem{ 358191783Srmacklem SSL2_STATE *s2; 359191783Srmacklem 360191783Srmacklem if (s == NULL) 361191783Srmacklem return; 362191783Srmacklem 363191783Srmacklem s2 = s->s2; 364191783Srmacklem if (s2->rbuf != NULL) 365191783Srmacklem OPENSSL_free(s2->rbuf); 366191783Srmacklem if (s2->wbuf != NULL) 367191783Srmacklem OPENSSL_free(s2->wbuf); 368191783Srmacklem OPENSSL_cleanse(s2, sizeof *s2); 369191783Srmacklem OPENSSL_free(s2); 370191783Srmacklem s->s2 = NULL; 371191783Srmacklem} 372191783Srmacklem 373191783Srmacklemvoid ssl2_clear(SSL *s) 374191783Srmacklem{ 375191783Srmacklem SSL2_STATE *s2; 376191783Srmacklem unsigned char *rbuf, *wbuf; 377191783Srmacklem 378191783Srmacklem s2 = s->s2; 379191783Srmacklem 380191783Srmacklem rbuf = s2->rbuf; 381191783Srmacklem wbuf = s2->wbuf; 382191783Srmacklem 383191783Srmacklem memset(s2, 0, sizeof *s2); 384191783Srmacklem 385191783Srmacklem s2->rbuf = rbuf; 386191783Srmacklem s2->wbuf = wbuf; 387191783Srmacklem s2->clear_text = 1; 388191783Srmacklem s->packet = s2->rbuf; 389191783Srmacklem s->version = SSL2_VERSION; 390191783Srmacklem s->packet_length = 0; 391191783Srmacklem} 392191783Srmacklem 393191783Srmacklemlong ssl2_ctrl(SSL *s, int cmd, long larg, void *parg) 394191783Srmacklem{ 395191783Srmacklem int ret = 0; 396191783Srmacklem 397191783Srmacklem switch (cmd) { 398191783Srmacklem case SSL_CTRL_GET_SESSION_REUSED: 399191783Srmacklem ret = s->hit; 400191783Srmacklem break; 401191783Srmacklem case SSL_CTRL_CHECK_PROTO_VERSION: 402191783Srmacklem return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg); 403191783Srmacklem default: 404191783Srmacklem break; 405191783Srmacklem } 406191783Srmacklem return (ret); 407191783Srmacklem} 408191783Srmacklem 409191783Srmacklemlong ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 410191783Srmacklem{ 411191783Srmacklem return (0); 412191783Srmacklem} 413191783Srmacklem 414191783Srmacklemlong ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 415191783Srmacklem{ 416191783Srmacklem return (0); 417191783Srmacklem} 418191783Srmacklem 419191783Srmacklemlong ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 420191783Srmacklem{ 421191783Srmacklem return (0); 422191783Srmacklem} 423191783Srmacklem 424191783Srmacklem/* 425191783Srmacklem * This function needs to check if the ciphers required are actually 426191783Srmacklem * available 427191783Srmacklem */ 428191783Srmacklemconst SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) 429191783Srmacklem{ 430191783Srmacklem SSL_CIPHER c; 431191783Srmacklem const SSL_CIPHER *cp; 432191783Srmacklem unsigned long id; 433191783Srmacklem 434191783Srmacklem id = 0x02000000L | ((unsigned long)p[0] << 16L) | 435191783Srmacklem ((unsigned long)p[1] << 8L) | (unsigned long)p[2]; 436191783Srmacklem c.id = id; 437191783Srmacklem cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS); 438191783Srmacklem if ((cp == NULL) || (cp->valid == 0)) 439191783Srmacklem return NULL; 440191783Srmacklem else 441191783Srmacklem return cp; 442191783Srmacklem} 443191783Srmacklem 444191783Srmacklemint ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 445191783Srmacklem{ 446191783Srmacklem long l; 447191783Srmacklem 448191783Srmacklem if (p != NULL) { 449191783Srmacklem l = c->id; 450191783Srmacklem if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV) 451191783Srmacklem return (0); 452191783Srmacklem p[0] = ((unsigned char)(l >> 16L)) & 0xFF; 453191783Srmacklem p[1] = ((unsigned char)(l >> 8L)) & 0xFF; 454191783Srmacklem p[2] = ((unsigned char)(l)) & 0xFF; 455191783Srmacklem } 456191783Srmacklem return (3); 457191783Srmacklem} 458191783Srmacklem 459195510Srmacklemint ssl2_generate_key_material(SSL *s) 460191783Srmacklem{ 461191783Srmacklem unsigned int i; 462191783Srmacklem EVP_MD_CTX ctx; 463191783Srmacklem unsigned char *km; 464191783Srmacklem unsigned char c = '0'; 465191783Srmacklem const EVP_MD *md5; 466191783Srmacklem int md_size; 467191783Srmacklem 468191783Srmacklem md5 = EVP_md5(); 469191783Srmacklem 470191783Srmacklem# ifdef CHARSET_EBCDIC 471191783Srmacklem c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', see 472191783Srmacklem * SSLv2 docu */ 473191783Srmacklem# endif 474191783Srmacklem EVP_MD_CTX_init(&ctx); 475191783Srmacklem km = s->s2->key_material; 476191783Srmacklem 477191783Srmacklem if (s->session->master_key_length < 0 || 478191783Srmacklem s->session->master_key_length > (int)sizeof(s->session->master_key)) { 479191783Srmacklem SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); 480191783Srmacklem return 0; 481191783Srmacklem } 482191783Srmacklem md_size = EVP_MD_size(md5); 483191783Srmacklem if (md_size < 0) 484191783Srmacklem return 0; 485206818Srmacklem for (i = 0; i < s->s2->key_material_length; i += md_size) { 486206818Srmacklem if (((km - s->s2->key_material) + md_size) > 487206818Srmacklem (int)sizeof(s->s2->key_material)) { 488206818Srmacklem /* 489206818Srmacklem * EVP_DigestFinal_ex() below would write beyond buffer 490206818Srmacklem */ 491206818Srmacklem SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); 492191783Srmacklem return 0; 493191783Srmacklem } 494191783Srmacklem 495191783Srmacklem EVP_DigestInit_ex(&ctx, md5, NULL); 496191783Srmacklem 497191783Srmacklem OPENSSL_assert(s->session->master_key_length >= 0 498191783Srmacklem && s->session->master_key_length 499191783Srmacklem <= (int)sizeof(s->session->master_key)); 500191783Srmacklem EVP_DigestUpdate(&ctx, s->session->master_key, 501191783Srmacklem s->session->master_key_length); 502191783Srmacklem EVP_DigestUpdate(&ctx, &c, 1); 503191783Srmacklem c++; 504191783Srmacklem EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length); 505191783Srmacklem EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length); 506191783Srmacklem EVP_DigestFinal_ex(&ctx, km, NULL); 507191783Srmacklem km += md_size; 508191783Srmacklem } 509191783Srmacklem 510191783Srmacklem EVP_MD_CTX_cleanup(&ctx); 511191783Srmacklem return 1; 512191783Srmacklem} 513191783Srmacklem 514191783Srmacklemvoid ssl2_return_error(SSL *s, int err) 515191783Srmacklem{ 516191783Srmacklem if (!s->error) { 517191783Srmacklem s->error = 3; 518191783Srmacklem s->error_code = err; 519191783Srmacklem 520191783Srmacklem ssl2_write_error(s); 521191783Srmacklem } 522191783Srmacklem} 523191783Srmacklem 524191783Srmacklemvoid ssl2_write_error(SSL *s) 525222719Srmacklem{ 526223774Srmacklem unsigned char buf[3]; 527223774Srmacklem int i, error; 528223774Srmacklem 529223774Srmacklem buf[0] = SSL2_MT_ERROR; 530223774Srmacklem buf[1] = (s->error_code >> 8) & 0xff; 531223774Srmacklem buf[2] = (s->error_code) & 0xff; 532223774Srmacklem 533223774Srmacklem/* state=s->rwstate;*/ 534223774Srmacklem 535223774Srmacklem error = s->error; /* number of bytes left to write */ 536223774Srmacklem s->error = 0; 537223774Srmacklem OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf)); 538223774Srmacklem i = ssl2_write(s, &(buf[3 - error]), error); 539223774Srmacklem 540191783Srmacklem/* if (i == error) s->rwstate=state; */ 541195510Srmacklem 542195510Srmacklem if (i < 0) 543195510Srmacklem s->error = error; 544191783Srmacklem else { 545191783Srmacklem s->error = error - i; 546191783Srmacklem 547195510Srmacklem if (s->error == 0) 548195510Srmacklem if (s->msg_callback) { 549195510Srmacklem /* ERROR */ 550195510Srmacklem s->msg_callback(1, s->version, 0, buf, 3, s, 551195510Srmacklem s->msg_callback_arg); 552195510Srmacklem } 553195510Srmacklem } 554191783Srmacklem} 555195510Srmacklem 556195510Srmacklemint ssl2_shutdown(SSL *s) 557191783Srmacklem{ 558191783Srmacklem s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 559191783Srmacklem return (1); 560191783Srmacklem} 561191783Srmacklem#else /* !OPENSSL_NO_SSL2 */ 562231133Srmacklem 563231133Srmacklem# if PEDANTIC 564231133Srmacklemstatic void *dummy = &dummy; 565231133Srmacklem# endif 566231133Srmacklem 567231133Srmacklem#endif 568191783Srmacklem