X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=ssl%2Fs2_lib.c;h=25823d46e546e4b845a61e0db5e9535e75cc80d2;hb=063a8905bfd53f3cc12a01789efc23c0ea6af053;hp=8c9d992541bdb6e2d8803a14de804999df01e43f;hpb=26a3a48d65c7464b400ec1de439994d7f0d25fed;p=openssl.git diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index 8c9d992541..25823d46e5 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -57,10 +57,11 @@ */ #include "ssl_locl.h" -#ifndef NO_SSL2 +#ifndef OPENSSL_NO_SSL2 #include #include #include +#include #include static long ssl2_default_timeout(void ); @@ -76,7 +77,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={ SSL2_TXT_NULL_WITH_MD5, SSL2_CK_NULL_WITH_MD5, SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2, - SSL_EXPORT|SSL_EXP40, + SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE, + 0, 0, 0, SSL_ALL_CIPHERS, @@ -196,6 +198,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={ SSL2_TXT_NULL, SSL2_CK_NULL, 0, + SSL_STRONG_NONE, 0, 0, 0, @@ -260,7 +263,7 @@ SSL_CIPHER *ssl2_get_cipher(unsigned int u) int ssl2_pending(SSL *s) { - return(s->s2->ract_data_length); + return SSL_in_init(s) ? 0 : s->s2->ract_data_length; } int ssl2_new(SSL *s) @@ -270,10 +273,16 @@ int ssl2_new(SSL *s) if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err; memset(s2,0,sizeof *s2); +#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2 +# error "assertion failed" +#endif + if ((s2->rbuf=OPENSSL_malloc( SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; + /* wbuf needs one byte more because when using two-byte headers, + * we leave the first byte unused in do_ssl_write (s2_pkt.c) */ if ((s2->wbuf=OPENSSL_malloc( - SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; + SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err; s->s2=s2; ssl2_clear(s); @@ -323,7 +332,7 @@ void ssl2_clear(SSL *s) s->packet_length=0; } -long ssl2_ctrl(SSL *s, int cmd, long larg, char *parg) +long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg) { int ret=0; @@ -343,7 +352,7 @@ long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)()) return(0); } -long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg) +long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) { return(0); } @@ -384,7 +393,7 @@ SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp, (char *)sorted, SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *), - (int (*)())ssl_cipher_ptr_id_cmp); + FP_ICC ssl_cipher_ptr_id_cmp); if ((cpp == NULL) || !(*cpp)->valid) return(NULL); else @@ -409,7 +418,7 @@ int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) void ssl2_generate_key_material(SSL *s) { unsigned int i; - MD5_CTX ctx; + EVP_MD_CTX ctx; unsigned char *km; unsigned char c='0'; @@ -417,20 +426,21 @@ void ssl2_generate_key_material(SSL *s) c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', see SSLv2 docu */ #endif - + EVP_MD_CTX_init(&ctx); km=s->s2->key_material; for (i=0; is2->key_material_length; i+=MD5_DIGEST_LENGTH) { - MD5_Init(&ctx); + EVP_DigestInit_ex(&ctx,EVP_md5(), NULL); - MD5_Update(&ctx,s->session->master_key,s->session->master_key_length); - MD5_Update(&ctx,&c,1); + EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); + EVP_DigestUpdate(&ctx,&c,1); c++; - MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length); - MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length); - MD5_Final(km,&ctx); + EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length); + EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length); + EVP_DigestFinal_ex(&ctx,km,NULL); km+=MD5_DIGEST_LENGTH; } + EVP_MD_CTX_cleanup(&ctx); } void ssl2_return_error(SSL *s, int err) @@ -462,10 +472,14 @@ void ssl2_write_error(SSL *s) if (i < 0) s->error=error; - else if (i != s->error) + else + { s->error=error-i; - /* else - s->error=0; */ + + if (s->error == 0) + if (s->msg_callback) + s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */ + } } int ssl2_shutdown(SSL *s) @@ -473,7 +487,7 @@ int ssl2_shutdown(SSL *s) s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); return(1); } -#else /* !NO_SSL2 */ +#else /* !OPENSSL_NO_SSL2 */ # if PEDANTIC static void *dummy=&dummy;