s23_srvr.c revision 59194
155714Skris/* ssl/s23_srvr.c */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 855714Skris * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1555714Skris * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 2255714Skris * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4055714Skris * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 5255714Skris * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755949Skris * 5855949Skris * $FreeBSD: head/crypto/openssl/ssl/s23_srvr.c 59194 2000-04-13 07:15:03Z kris $ 5955714Skris */ 6055714Skris 6155714Skris#include <stdio.h> 6255714Skris#include <openssl/buffer.h> 6355714Skris#include <openssl/rand.h> 6455714Skris#include <openssl/objects.h> 6555714Skris#include <openssl/evp.h> 6655714Skris#include "ssl_locl.h" 6755714Skris 6855714Skrisstatic SSL_METHOD *ssl23_get_server_method(int ver); 6955714Skrisint ssl23_get_client_hello(SSL *s); 7055714Skrisstatic SSL_METHOD *ssl23_get_server_method(int ver) 7155714Skris { 7255949Skris#ifndef NO_SSL2 7355714Skris if (ver == SSL2_VERSION) 7455714Skris return(SSLv2_server_method()); 7555949Skris#endif 7655714Skris if (ver == SSL3_VERSION) 7755714Skris return(SSLv3_server_method()); 7855714Skris else if (ver == TLS1_VERSION) 7955714Skris return(TLSv1_server_method()); 8055714Skris else 8155714Skris return(NULL); 8255714Skris } 8355714Skris 8455714SkrisSSL_METHOD *SSLv23_server_method(void) 8555714Skris { 8655714Skris static int init=1; 8755714Skris static SSL_METHOD SSLv23_server_data; 8855714Skris 8955714Skris if (init) 9055714Skris { 9155714Skris memcpy((char *)&SSLv23_server_data, 9255714Skris (char *)sslv23_base_method(),sizeof(SSL_METHOD)); 9355714Skris SSLv23_server_data.ssl_accept=ssl23_accept; 9455714Skris SSLv23_server_data.get_ssl_method=ssl23_get_server_method; 9555714Skris init=0; 9655714Skris } 9755714Skris return(&SSLv23_server_data); 9855714Skris } 9955714Skris 10055714Skrisint ssl23_accept(SSL *s) 10155714Skris { 10255714Skris BUF_MEM *buf; 10355714Skris unsigned long Time=time(NULL); 10455714Skris void (*cb)()=NULL; 10555714Skris int ret= -1; 10655714Skris int new_state,state; 10755714Skris 10859194Skris RAND_add(&Time,sizeof(Time),0); 10955714Skris ERR_clear_error(); 11055714Skris clear_sys_error(); 11155714Skris 11255714Skris if (s->info_callback != NULL) 11355714Skris cb=s->info_callback; 11455714Skris else if (s->ctx->info_callback != NULL) 11555714Skris cb=s->ctx->info_callback; 11655714Skris 11755714Skris if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 11855714Skris s->in_handshake++; 11955714Skris 12055714Skris for (;;) 12155714Skris { 12255714Skris state=s->state; 12355714Skris 12455714Skris switch(s->state) 12555714Skris { 12655714Skris case SSL_ST_BEFORE: 12755714Skris case SSL_ST_ACCEPT: 12855714Skris case SSL_ST_BEFORE|SSL_ST_ACCEPT: 12955714Skris case SSL_ST_OK|SSL_ST_ACCEPT: 13055714Skris 13155714Skris s->server=1; 13255714Skris if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); 13355714Skris 13455714Skris /* s->version=SSL3_VERSION; */ 13555714Skris s->type=SSL_ST_ACCEPT; 13655714Skris 13755714Skris if (s->init_buf == NULL) 13855714Skris { 13955714Skris if ((buf=BUF_MEM_new()) == NULL) 14055714Skris { 14155714Skris ret= -1; 14255714Skris goto end; 14355714Skris } 14455714Skris if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) 14555714Skris { 14655714Skris ret= -1; 14755714Skris goto end; 14855714Skris } 14955714Skris s->init_buf=buf; 15055714Skris } 15155714Skris 15255714Skris ssl3_init_finished_mac(s); 15355714Skris 15455714Skris s->state=SSL23_ST_SR_CLNT_HELLO_A; 15555714Skris s->ctx->stats.sess_accept++; 15655714Skris s->init_num=0; 15755714Skris break; 15855714Skris 15955714Skris case SSL23_ST_SR_CLNT_HELLO_A: 16055714Skris case SSL23_ST_SR_CLNT_HELLO_B: 16155714Skris 16255714Skris s->shutdown=0; 16355714Skris ret=ssl23_get_client_hello(s); 16455714Skris if (ret >= 0) cb=NULL; 16555714Skris goto end; 16655714Skris /* break; */ 16755714Skris 16855714Skris default: 16955714Skris SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE); 17055714Skris ret= -1; 17155714Skris goto end; 17255714Skris /* break; */ 17355714Skris } 17455714Skris 17555714Skris if ((cb != NULL) && (s->state != state)) 17655714Skris { 17755714Skris new_state=s->state; 17855714Skris s->state=state; 17955714Skris cb(s,SSL_CB_ACCEPT_LOOP,1); 18055714Skris s->state=new_state; 18155714Skris } 18255714Skris } 18355714Skrisend: 18455714Skris if (cb != NULL) 18555714Skris cb(s,SSL_CB_ACCEPT_EXIT,ret); 18655714Skris s->in_handshake--; 18755714Skris return(ret); 18855714Skris } 18955714Skris 19055714Skris 19155714Skrisint ssl23_get_client_hello(SSL *s) 19255714Skris { 19359194Skris char buf_space[11]; /* Request this many bytes in initial read. 19459194Skris * We can detect SSL 3.0/TLS 1.0 Client Hellos 19559194Skris * ('type == 3') correctly only when the following 19659194Skris * is in a single record, which is not guaranteed by 19759194Skris * the protocol specification: 19859194Skris * Byte Content 19959194Skris * 0 type \ 20059194Skris * 1/2 version > record header 20159194Skris * 3/4 length / 20259194Skris * 5 msg_type \ 20359194Skris * 6-8 length > Client Hello message 20459194Skris * 9/10 client_version / 20559194Skris */ 20655714Skris char *buf= &(buf_space[0]); 20755714Skris unsigned char *p,*d,*dd; 20855714Skris unsigned int i; 20955714Skris unsigned int csl,sil,cl; 21059194Skris int n=0,j; 21159194Skris int type=0; 21255714Skris int v[2]; 21359194Skris#ifndef NO_RSA 21459194Skris int use_sslv2_strong=0; 21559194Skris#endif 21655714Skris 21755714Skris if (s->state == SSL23_ST_SR_CLNT_HELLO_A) 21855714Skris { 21959194Skris /* read the initial header */ 22059194Skris v[0]=v[1]=0; 22159194Skris 22255714Skris if (!ssl3_setup_buffers(s)) goto err; 22355714Skris 22459194Skris n=ssl23_read_bytes(s, sizeof buf_space); 22559194Skris if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */ 22655714Skris 22755714Skris p=s->packet; 22855714Skris 22955714Skris memcpy(buf,p,n); 23055714Skris 23155714Skris if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) 23255714Skris { 23359194Skris /* 23459194Skris * SSLv2 header 23559194Skris */ 23655714Skris if ((p[3] == 0x00) && (p[4] == 0x02)) 23755714Skris { 23855714Skris v[0]=p[3]; v[1]=p[4]; 23955714Skris /* SSLv2 */ 24055714Skris if (!(s->options & SSL_OP_NO_SSLv2)) 24155714Skris type=1; 24255714Skris } 24355714Skris else if (p[3] == SSL3_VERSION_MAJOR) 24455714Skris { 24555714Skris v[0]=p[3]; v[1]=p[4]; 24655714Skris /* SSLv3/TLSv1 */ 24755714Skris if (p[4] >= TLS1_VERSION_MINOR) 24855714Skris { 24955714Skris if (!(s->options & SSL_OP_NO_TLSv1)) 25055714Skris { 25159194Skris s->version=TLS1_VERSION; 25259194Skris /* type=2; */ /* done later to survive restarts */ 25355714Skris s->state=SSL23_ST_SR_CLNT_HELLO_B; 25455714Skris } 25555714Skris else if (!(s->options & SSL_OP_NO_SSLv3)) 25655714Skris { 25759194Skris s->version=SSL3_VERSION; 25859194Skris /* type=2; */ 25955714Skris s->state=SSL23_ST_SR_CLNT_HELLO_B; 26055714Skris } 26155714Skris else if (!(s->options & SSL_OP_NO_SSLv2)) 26255714Skris { 26355714Skris type=1; 26455714Skris } 26555714Skris } 26655714Skris else if (!(s->options & SSL_OP_NO_SSLv3)) 26759194Skris { 26859194Skris s->version=SSL3_VERSION; 26959194Skris /* type=2; */ 27055714Skris s->state=SSL23_ST_SR_CLNT_HELLO_B; 27159194Skris } 27255714Skris else if (!(s->options & SSL_OP_NO_SSLv2)) 27355714Skris type=1; 27455714Skris 27555714Skris if (s->options & SSL_OP_NON_EXPORT_FIRST) 27659194Skris /* Not only utterly confusing, but broken 27759194Skris * ('fractured programming'?) -- the details 27859194Skris * of this block nearly make it work 27959194Skris * as intended in this environment, but on one 28059194Skris * of the fine points (w.r.t. restarts) it fails. 28159194Skris * The obvious fix would be even more devastating 28259194Skris * to program structure; if you want the functionality, 28359194Skris * throw this away and implement it in a way 28459194Skris * that makes sense */ 28555714Skris { 28659194Skris#if 0 28755714Skris STACK_OF(SSL_CIPHER) *sk; 28855714Skris SSL_CIPHER *c; 28955714Skris int ne2,ne3; 29055714Skris 29155714Skris j=((p[0]&0x7f)<<8)|p[1]; 29255714Skris if (j > (1024*4)) 29355714Skris { 29455714Skris SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); 29555714Skris goto err; 29655714Skris } 29755714Skris 29855714Skris n=ssl23_read_bytes(s,j+2); 29955714Skris if (n <= 0) return(n); 30055714Skris p=s->packet; 30155714Skris 30255714Skris if ((buf=Malloc(n)) == NULL) 30355714Skris { 30455714Skris SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); 30555714Skris goto err; 30655714Skris } 30755714Skris memcpy(buf,p,n); 30855714Skris 30955714Skris p+=5; 31055714Skris n2s(p,csl); 31155714Skris p+=4; 31255714Skris 31355714Skris sk=ssl_bytes_to_cipher_list( 31455714Skris s,p,csl,NULL); 31555714Skris if (sk != NULL) 31655714Skris { 31755714Skris ne2=ne3=0; 31855714Skris for (j=0; j<sk_SSL_CIPHER_num(sk); j++) 31955714Skris { 32055714Skris c=sk_SSL_CIPHER_value(sk,j); 32155714Skris if (!SSL_C_IS_EXPORT(c)) 32255714Skris { 32355714Skris if ((c->id>>24L) == 2L) 32455714Skris ne2=1; 32555714Skris else 32655714Skris ne3=1; 32755714Skris } 32855714Skris } 32955714Skris if (ne2 && !ne3) 33055714Skris { 33155714Skris type=1; 33255714Skris use_sslv2_strong=1; 33355714Skris goto next_bit; 33455714Skris } 33555714Skris } 33659194Skris#else 33759194Skris SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_OPTION); 33859194Skris goto err; 33959194Skris#endif 34055714Skris } 34155714Skris } 34255714Skris } 34355714Skris else if ((p[0] == SSL3_RT_HANDSHAKE) && 34455714Skris (p[1] == SSL3_VERSION_MAJOR) && 34559194Skris (p[5] == SSL3_MT_CLIENT_HELLO) && 34659194Skris ((p[3] == 0 && p[4] < 5 /* silly record length? */) 34759194Skris || (p[9] == p[1]))) 34855714Skris { 34959194Skris /* 35059194Skris * SSLv3 or tls1 header 35159194Skris */ 35259194Skris 35359194Skris v[0]=p[1]; /* major version */ 35459194Skris /* We must look at client_version inside the Client Hello message 35559194Skris * to get the correct minor version: */ 35659194Skris v[1]=p[10]; 35759194Skris /* However if we have only a pathologically small fragment of the 35859194Skris * Client Hello message, we simply use the version from the 35959194Skris * record header -- this is incorrect but unlikely to fail in 36059194Skris * practice */ 36159194Skris if (p[3] == 0 && p[4] < 6) 36259194Skris v[1]=p[2]; 36359194Skris if (v[1] >= TLS1_VERSION_MINOR) 36455714Skris { 36555714Skris if (!(s->options & SSL_OP_NO_TLSv1)) 36655714Skris { 36759194Skris s->version=TLS1_VERSION; 36855714Skris type=3; 36955714Skris } 37055714Skris else if (!(s->options & SSL_OP_NO_SSLv3)) 37159194Skris { 37259194Skris s->version=SSL3_VERSION; 37355714Skris type=3; 37459194Skris } 37555714Skris } 37655714Skris else if (!(s->options & SSL_OP_NO_SSLv3)) 37759194Skris { 37859194Skris s->version=SSL3_VERSION; 37955714Skris type=3; 38059194Skris } 38155714Skris } 38255714Skris else if ((strncmp("GET ", (char *)p,4) == 0) || 38355714Skris (strncmp("POST ",(char *)p,5) == 0) || 38455714Skris (strncmp("HEAD ",(char *)p,5) == 0) || 38555714Skris (strncmp("PUT ", (char *)p,4) == 0)) 38655714Skris { 38755714Skris SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST); 38855714Skris goto err; 38955714Skris } 39055714Skris else if (strncmp("CONNECT",(char *)p,7) == 0) 39155714Skris { 39255714Skris SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST); 39355714Skris goto err; 39455714Skris } 39555714Skris } 39655714Skris 39755714Skris if (s->state == SSL23_ST_SR_CLNT_HELLO_B) 39855714Skris { 39959194Skris /* we have SSLv3/TLSv1 in an SSLv2 header 40059194Skris * (other cases skip this state) */ 40159194Skris 40255714Skris type=2; 40355714Skris p=s->packet; 40459194Skris v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ 40559194Skris v[1] = p[4]; 40659194Skris 40755714Skris n=((p[0]&0x7f)<<8)|p[1]; 40855714Skris if (n > (1024*4)) 40955714Skris { 41055714Skris SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); 41155714Skris goto err; 41255714Skris } 41355714Skris 41455714Skris j=ssl23_read_bytes(s,n+2); 41555714Skris if (j <= 0) return(j); 41655714Skris 41755714Skris ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2); 41855714Skris 41955714Skris p=s->packet; 42055714Skris p+=5; 42155714Skris n2s(p,csl); 42255714Skris n2s(p,sil); 42355714Skris n2s(p,cl); 42455714Skris d=(unsigned char *)s->init_buf->data; 42555714Skris if ((csl+sil+cl+11) != s->packet_length) 42655714Skris { 42755714Skris SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH); 42855714Skris goto err; 42955714Skris } 43055714Skris 43159194Skris *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */ 43259194Skris *(d++) = v[1]; 43355714Skris 43455714Skris /* lets populate the random area */ 43559194Skris /* get the challenge_length */ 43655714Skris i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl; 43755714Skris memset(d,0,SSL3_RANDOM_SIZE); 43855714Skris memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i); 43955714Skris d+=SSL3_RANDOM_SIZE; 44055714Skris 44155714Skris /* no session-id reuse */ 44255714Skris *(d++)=0; 44355714Skris 44455714Skris /* ciphers */ 44555714Skris j=0; 44655714Skris dd=d; 44755714Skris d+=2; 44855714Skris for (i=0; i<csl; i+=3) 44955714Skris { 45055714Skris if (p[i] != 0) continue; 45155714Skris *(d++)=p[i+1]; 45255714Skris *(d++)=p[i+2]; 45355714Skris j+=2; 45455714Skris } 45555714Skris s2n(j,dd); 45655714Skris 45755714Skris /* COMPRESSION */ 45855714Skris *(d++)=1; 45955714Skris *(d++)=0; 46055714Skris 46155714Skris i=(d-(unsigned char *)s->init_buf->data); 46255714Skris 46355714Skris /* get the data reused from the init_buf */ 46455714Skris s->s3->tmp.reuse_message=1; 46555714Skris s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; 46655714Skris s->s3->tmp.message_size=i; 46755714Skris } 46855714Skris 46959194Skris /* imaginary new state (for program structure): */ 47059194Skris /* s->state = SSL23_SR_CLNT_HELLO_C */ 47159194Skris 47255714Skris if (type == 1) 47355714Skris { 47455949Skris#ifdef NO_SSL2 47559194Skris SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); 47659194Skris goto err; 47755949Skris#else 47855714Skris /* we are talking sslv2 */ 47955714Skris /* we need to clean up the SSLv3/TLSv1 setup and put in the 48055714Skris * sslv2 stuff. */ 48155714Skris 48255714Skris if (s->s2 == NULL) 48355714Skris { 48455714Skris if (!ssl2_new(s)) 48555714Skris goto err; 48655714Skris } 48755714Skris else 48855714Skris ssl2_clear(s); 48955714Skris 49055714Skris if (s->s3 != NULL) ssl3_free(s); 49155714Skris 49255714Skris if (!BUF_MEM_grow(s->init_buf, 49355714Skris SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) 49455714Skris { 49555714Skris goto err; 49655714Skris } 49755714Skris 49855714Skris s->state=SSL2_ST_GET_CLIENT_HELLO_A; 49955714Skris if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || 50055714Skris use_sslv2_strong) 50155714Skris s->s2->ssl2_rollback=0; 50255714Skris else 50355714Skris s->s2->ssl2_rollback=1; 50455714Skris 50559194Skris /* setup the n bytes we have read so we get them from 50655714Skris * the sslv2 buffer */ 50755714Skris s->rstate=SSL_ST_READ_HEADER; 50855714Skris s->packet_length=n; 50955714Skris s->packet= &(s->s2->rbuf[0]); 51055714Skris memcpy(s->packet,buf,n); 51155714Skris s->s2->rbuf_left=n; 51255714Skris s->s2->rbuf_offs=0; 51355714Skris 51455714Skris s->method=SSLv2_server_method(); 51555714Skris s->handshake_func=s->method->ssl_accept; 51655949Skris#endif 51755714Skris } 51855714Skris 51955714Skris if ((type == 2) || (type == 3)) 52055714Skris { 52159194Skris /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ 52255714Skris 52355714Skris if (!ssl_init_wbio_buffer(s,1)) goto err; 52455714Skris 52555714Skris /* we are in this state */ 52655714Skris s->state=SSL3_ST_SR_CLNT_HELLO_A; 52755714Skris 52855714Skris if (type == 3) 52955714Skris { 53055714Skris /* put the 'n' bytes we have read into the input buffer 53155714Skris * for SSLv3 */ 53255714Skris s->rstate=SSL_ST_READ_HEADER; 53355714Skris s->packet_length=n; 53455714Skris s->packet= &(s->s3->rbuf.buf[0]); 53555714Skris memcpy(s->packet,buf,n); 53655714Skris s->s3->rbuf.left=n; 53755714Skris s->s3->rbuf.offset=0; 53855714Skris } 53955714Skris else 54055714Skris { 54155714Skris s->packet_length=0; 54255714Skris s->s3->rbuf.left=0; 54355714Skris s->s3->rbuf.offset=0; 54455714Skris } 54555714Skris 54659194Skris if (s->version == TLS1_VERSION) 54759194Skris s->method = TLSv1_server_method(); 54855714Skris else 54959194Skris s->method = SSLv3_server_method(); 55059194Skris#if 0 /* ssl3_get_client_hello does this */ 55155714Skris s->client_version=(v[0]<<8)|v[1]; 55259194Skris#endif 55355714Skris s->handshake_func=s->method->ssl_accept; 55455714Skris } 55555714Skris 55655714Skris if ((type < 1) || (type > 3)) 55755714Skris { 55855714Skris /* bad, very bad */ 55955714Skris SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); 56055714Skris goto err; 56155714Skris } 56255714Skris s->init_num=0; 56355714Skris 56455714Skris if (buf != buf_space) Free(buf); 56555714Skris s->first_packet=1; 56655714Skris return(SSL_accept(s)); 56755714Skriserr: 56855714Skris if (buf != buf_space) Free(buf); 56955714Skris return(-1); 57055714Skris } 571