Avoid some warnings, and run "make update".
[openssl.git] / ssl / s3_lib.c
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58
59 #include <stdio.h>
60 #include <openssl/md5.h>
61 #include <openssl/sha.h>
62 #include <openssl/objects.h>
63 #include "ssl_locl.h"
64
65 const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
66
67 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
68
69 static long ssl3_default_timeout(void );
70
71 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
72 /* The RSA ciphers */
73 /* Cipher 01 */
74         {
75         1,
76         SSL3_TXT_RSA_NULL_MD5,
77         SSL3_CK_RSA_NULL_MD5,
78         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
79         0,
80         SSL_ALL_CIPHERS,
81         },
82 /* Cipher 02 */
83         {
84         1,
85         SSL3_TXT_RSA_NULL_SHA,
86         SSL3_CK_RSA_NULL_SHA,
87         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
88         0,
89         SSL_ALL_CIPHERS,
90         },
91
92 /* anon DH */
93 /* Cipher 17 */
94         {
95         1,
96         SSL3_TXT_ADH_RC4_40_MD5,
97         SSL3_CK_ADH_RC4_40_MD5,
98         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_EXP40|SSL_SSLV3,
99         0,
100         SSL_ALL_CIPHERS,
101         },
102 /* Cipher 18 */
103         {
104         1,
105         SSL3_TXT_ADH_RC4_128_MD5,
106         SSL3_CK_ADH_RC4_128_MD5,
107         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
108         0,
109         SSL_ALL_CIPHERS,
110         },
111 /* Cipher 19 */
112         {
113         1,
114         SSL3_TXT_ADH_DES_40_CBC_SHA,
115         SSL3_CK_ADH_DES_40_CBC_SHA,
116         SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
117         0,
118         SSL_ALL_CIPHERS,
119         },
120 /* Cipher 1A */
121         {
122         1,
123         SSL3_TXT_ADH_DES_64_CBC_SHA,
124         SSL3_CK_ADH_DES_64_CBC_SHA,
125         SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
126         0,
127         SSL_ALL_CIPHERS,
128         },
129 /* Cipher 1B */
130         {
131         1,
132         SSL3_TXT_ADH_DES_192_CBC_SHA,
133         SSL3_CK_ADH_DES_192_CBC_SHA,
134         SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
135         0,
136         SSL_ALL_CIPHERS,
137         },
138
139 /* RSA again */
140 /* Cipher 03 */
141         {
142         1,
143         SSL3_TXT_RSA_RC4_40_MD5,
144         SSL3_CK_RSA_RC4_40_MD5,
145         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_EXP40|SSL_SSLV3,
146         0,
147         SSL_ALL_CIPHERS,
148         },
149 /* Cipher 04 */
150         {
151         1,
152         SSL3_TXT_RSA_RC4_128_MD5,
153         SSL3_CK_RSA_RC4_128_MD5,
154         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
155         0,
156         SSL_ALL_CIPHERS,
157         },
158 /* Cipher 05 */
159         {
160         1,
161         SSL3_TXT_RSA_RC4_128_SHA,
162         SSL3_CK_RSA_RC4_128_SHA,
163         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
164         0,
165         SSL_ALL_CIPHERS,
166         },
167 /* Cipher 06 */
168         {
169         1,
170         SSL3_TXT_RSA_RC2_40_MD5,
171         SSL3_CK_RSA_RC2_40_MD5,
172         SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_EXP40|SSL_SSLV3,
173         0,
174         SSL_ALL_CIPHERS,
175         },
176 /* Cipher 07 */
177         {
178         1,
179         SSL3_TXT_RSA_IDEA_128_SHA,
180         SSL3_CK_RSA_IDEA_128_SHA,
181         SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
182         0,
183         SSL_ALL_CIPHERS,
184         },
185 /* Cipher 08 */
186         {
187         1,
188         SSL3_TXT_RSA_DES_40_CBC_SHA,
189         SSL3_CK_RSA_DES_40_CBC_SHA,
190         SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
191         0,
192         SSL_ALL_CIPHERS,
193         },
194 /* Cipher 09 */
195         {
196         1,
197         SSL3_TXT_RSA_DES_64_CBC_SHA,
198         SSL3_CK_RSA_DES_64_CBC_SHA,
199         SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
200         0,
201         SSL_ALL_CIPHERS,
202         },
203 /* Cipher 0A */
204         {
205         1,
206         SSL3_TXT_RSA_DES_192_CBC3_SHA,
207         SSL3_CK_RSA_DES_192_CBC3_SHA,
208         SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
209         0,
210         SSL_ALL_CIPHERS,
211         },
212
213 /*  The DH ciphers */
214 /* Cipher 0B */
215         {
216         0,
217         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
218         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
219         SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
220         0,
221         SSL_ALL_CIPHERS,
222         },
223 /* Cipher 0C */
224         {
225         0,
226         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
227         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
228         SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
229         0,
230         SSL_ALL_CIPHERS,
231         },
232 /* Cipher 0D */
233         {
234         0,
235         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
236         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
237         SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
238         0,
239         SSL_ALL_CIPHERS,
240         },
241 /* Cipher 0E */
242         {
243         0,
244         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
245         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
246         SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
247         0,
248         SSL_ALL_CIPHERS,
249         },
250 /* Cipher 0F */
251         {
252         0,
253         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
254         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
255         SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
256         0,
257         SSL_ALL_CIPHERS,
258         },
259 /* Cipher 10 */
260         {
261         0,
262         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
263         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
264         SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
265         0,
266         SSL_ALL_CIPHERS,
267         },
268
269 /* The Ephemeral DH ciphers */
270 /* Cipher 11 */
271         {
272         1,
273         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
274         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
275         SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
276         0,
277         SSL_ALL_CIPHERS,
278         },
279 /* Cipher 12 */
280         {
281         1,
282         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
283         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
284         SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
285         0,
286         SSL_ALL_CIPHERS,
287         },
288 /* Cipher 13 */
289         {
290         1,
291         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
292         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
293         SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
294         0,
295         SSL_ALL_CIPHERS,
296         },
297 /* Cipher 14 */
298         {
299         1,
300         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
301         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
302         SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
303         0,
304         SSL_ALL_CIPHERS,
305         },
306 /* Cipher 15 */
307         {
308         1,
309         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
310         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
311         SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
312         0,
313         SSL_ALL_CIPHERS,
314         },
315 /* Cipher 16 */
316         {
317         1,
318         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
319         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
320         SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
321         0,
322         SSL_ALL_CIPHERS,
323         },
324
325 /* Fortezza */
326 /* Cipher 1C */
327         {
328         0,
329         SSL3_TXT_FZA_DMS_NULL_SHA,
330         SSL3_CK_FZA_DMS_NULL_SHA,
331         SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
332         0,
333         SSL_ALL_CIPHERS,
334         },
335
336 /* Cipher 1D */
337         {
338         0,
339         SSL3_TXT_FZA_DMS_FZA_SHA,
340         SSL3_CK_FZA_DMS_FZA_SHA,
341         SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
342         0,
343         SSL_ALL_CIPHERS,
344         },
345
346 /* Cipher 1E */
347         {
348         0,
349         SSL3_TXT_FZA_DMS_RC4_SHA,
350         SSL3_CK_FZA_DMS_RC4_SHA,
351         SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
352         0,
353         SSL_ALL_CIPHERS,
354         },
355
356 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
357         /* New TLS Export CipherSuites */
358         /* Cipher 60 */
359             {
360             1,
361             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
362             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
363             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP56|SSL_TLSV1,
364             0,
365             SSL_ALL_CIPHERS
366             },
367         /* Cipher 61 */
368             {
369             1,
370             TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
371             TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
372             SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP56|SSL_TLSV1,
373             0,
374             SSL_ALL_CIPHERS
375             },
376         /* Cipher 62 */
377             {
378             1,
379             TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
380             TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
381             SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_EXP56|SSL_TLSV1,
382             0,
383             SSL_ALL_CIPHERS
384             },
385         /* Cipher 63 */
386             {
387             1,
388             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
389             TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
390             SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_EXP56|SSL_TLSV1,
391             0,
392             SSL_ALL_CIPHERS
393             },
394         /* Cipher 64 */
395             {
396             1,
397             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
398             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
399             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_EXP56|SSL_TLSV1,
400             0,
401             SSL_ALL_CIPHERS
402             },
403         /* Cipher 65 */
404             {
405             1,
406             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
407             TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
408             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_EXP56|SSL_TLSV1,
409             0,
410             SSL_ALL_CIPHERS
411             },
412         /* Cipher 66 */
413             {
414             1,
415             TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
416             TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
417             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
418             0,
419             SSL_ALL_CIPHERS
420             },
421 #endif
422
423 /* end of list */
424         };
425
426 static SSL3_ENC_METHOD SSLv3_enc_data={
427         ssl3_enc,
428         ssl3_mac,
429         ssl3_setup_key_block,
430         ssl3_generate_master_secret,
431         ssl3_change_cipher_state,
432         ssl3_final_finish_mac,
433         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
434         ssl3_cert_verify_mac,
435         SSL3_MD_CLIENT_FINISHED_CONST,4,
436         SSL3_MD_SERVER_FINISHED_CONST,4,
437         ssl3_alert_code,
438         };
439
440 static SSL_METHOD SSLv3_data= {
441         SSL3_VERSION,
442         ssl3_new,
443         ssl3_clear,
444         ssl3_free,
445         ssl_undefined_function,
446         ssl_undefined_function,
447         ssl3_read,
448         ssl3_peek,
449         ssl3_write,
450         ssl3_shutdown,
451         ssl3_renegotiate,
452         ssl3_renegotiate_check,
453         ssl3_ctrl,
454         ssl3_ctx_ctrl,
455         ssl3_get_cipher_by_char,
456         ssl3_put_cipher_by_char,
457         ssl3_pending,
458         ssl3_num_ciphers,
459         ssl3_get_cipher,
460         ssl_bad_method,
461         ssl3_default_timeout,
462         &SSLv3_enc_data,
463         };
464
465 static long ssl3_default_timeout(void)
466         {
467         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
468          * is way too long for http, the cache would over fill */
469         return(60*60*2);
470         }
471
472 SSL_METHOD *sslv3_base_method(void)
473         {
474         return(&SSLv3_data);
475         }
476
477 int ssl3_num_ciphers(void)
478         {
479         return(SSL3_NUM_CIPHERS);
480         }
481
482 SSL_CIPHER *ssl3_get_cipher(unsigned int u)
483         {
484         if (u < SSL3_NUM_CIPHERS)
485                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
486         else
487                 return(NULL);
488         }
489
490 /* The problem is that it may not be the correct record type */
491 int ssl3_pending(SSL *s)
492         {
493         return(s->s3->rrec.length);
494         }
495
496 int ssl3_new(SSL *s)
497         {
498         SSL3_CTX *s3;
499
500         if ((s3=(SSL3_CTX *)Malloc(sizeof(SSL3_CTX))) == NULL) goto err;
501         memset(s3,0,sizeof(SSL3_CTX));
502
503         s->s3=s3;
504         /*
505         s->s3->tmp.ca_names=NULL;
506         s->s3->tmp.key_block=NULL;
507         s->s3->tmp.key_block_length=0;
508         s->s3->rbuf.buf=NULL;
509         s->s3->wbuf.buf=NULL;
510         */
511
512         s->method->ssl_clear(s);
513         return(1);
514 err:
515         return(0);
516         }
517
518 void ssl3_free(SSL *s)
519         {
520         if(s == NULL)
521             return;
522
523         ssl3_cleanup_key_block(s);
524         if (s->s3->rbuf.buf != NULL)
525                 Free(s->s3->rbuf.buf);
526         if (s->s3->wbuf.buf != NULL)
527                 Free(s->s3->wbuf.buf);
528         if (s->s3->rrec.comp != NULL)
529                 Free(s->s3->rrec.comp);
530 #ifndef NO_DH
531         if (s->s3->tmp.dh != NULL)
532                 DH_free(s->s3->tmp.dh);
533 #endif
534         if (s->s3->tmp.ca_names != NULL)
535                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
536         memset(s->s3,0,sizeof(SSL3_CTX));
537         Free(s->s3);
538         s->s3=NULL;
539         }
540
541 void ssl3_clear(SSL *s)
542         {
543         unsigned char *rp,*wp;
544
545         ssl3_cleanup_key_block(s);
546         if (s->s3->tmp.ca_names != NULL)
547                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
548
549         if (s->s3->rrec.comp != NULL)
550                 {
551                 Free(s->s3->rrec.comp);
552                 s->s3->rrec.comp=NULL;
553                 }
554
555         rp=s->s3->rbuf.buf;
556         wp=s->s3->wbuf.buf;
557
558         memset(s->s3,0,sizeof(SSL3_CTX));
559         if (rp != NULL) s->s3->rbuf.buf=rp;
560         if (wp != NULL) s->s3->wbuf.buf=wp;
561
562         ssl_free_wbio_buffer(s);
563
564         s->packet_length=0;
565         s->s3->renegotiate=0;
566         s->s3->total_renegotiations=0;
567         s->s3->num_renegotiations=0;
568         s->s3->in_read_app_data=0;
569         s->version=SSL3_VERSION;
570         }
571
572 long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
573         {
574         int ret=0;
575
576 #if !defined(NO_DSA) || !defined(NO_RSA)
577         if (
578 #ifndef NO_RSA
579             cmd == SSL_CTRL_SET_TMP_RSA ||
580             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
581 #endif
582 #ifndef NO_DSA
583             cmd == SSL_CTRL_SET_TMP_DH ||
584             cmd == SSL_CTRL_SET_TMP_DH_CB ||
585 #endif
586                 0)
587                 {
588                 if (!ssl_cert_inst(&s->cert))
589                         {
590                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
591                         return(0);
592                         }
593                 }
594 #endif
595
596         switch (cmd)
597                 {
598         case SSL_CTRL_GET_SESSION_REUSED:
599                 ret=s->hit;
600                 break;
601         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
602                 break;
603         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
604                 ret=s->s3->num_renegotiations;
605                 break;
606         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
607                 ret=s->s3->num_renegotiations;
608                 s->s3->num_renegotiations=0;
609                 break;
610         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
611                 ret=s->s3->total_renegotiations;
612                 break;
613         case SSL_CTRL_GET_FLAGS:
614                 ret=(int)(s->s3->flags);
615                 break;
616 #ifndef NO_RSA
617         case SSL_CTRL_NEED_TMP_RSA:
618                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
619                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
620                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
621                         ret = 1;
622                 break;
623         case SSL_CTRL_SET_TMP_RSA:
624                 {
625                         RSA *rsa = (RSA *)parg;
626                         if (rsa == NULL) {
627                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
628                                 return(ret);
629                         }
630                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
631                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
632                                 return(ret);
633                         }
634                         if (s->cert->rsa_tmp != NULL)
635                                 RSA_free(s->cert->rsa_tmp);
636                         s->cert->rsa_tmp = rsa;
637                         ret = 1;
638                 }
639                 break;
640         case SSL_CTRL_SET_TMP_RSA_CB:
641                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))parg;
642                 break;
643 #endif
644 #ifndef NO_DH
645         case SSL_CTRL_SET_TMP_DH:
646                 {
647                         DH *dh = (DH *)parg;
648                         if (dh == NULL) {
649                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
650                                 return(ret);
651                         }
652                         if ((dh = DHparams_dup(dh)) == NULL) {
653                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
654                                 return(ret);
655                         }
656                         if (!DH_generate_key(dh)) {
657                                 DH_free(dh);
658                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
659                                 return(ret);
660                         }
661                         if (s->cert->dh_tmp != NULL)
662                                 DH_free(s->cert->dh_tmp);
663                         s->cert->dh_tmp = dh;
664                         ret = 1;
665                 }
666                 break;
667         case SSL_CTRL_SET_TMP_DH_CB:
668                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))parg;
669                 break;
670 #endif
671         default:
672                 break;
673                 }
674         return(ret);
675         }
676
677 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
678         {
679         CERT *cert;
680
681         cert=ctx->cert;
682
683         switch (cmd)
684                 {
685 #ifndef NO_RSA
686         case SSL_CTRL_NEED_TMP_RSA:
687                 if (    (cert->rsa_tmp == NULL) &&
688                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
689                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
690                         )
691                         return(1);
692                 else
693                         return(0);
694                 /* break; */
695         case SSL_CTRL_SET_TMP_RSA:
696                 {
697                 RSA *rsa;
698                 int i;
699
700                 rsa=(RSA *)parg;
701                 i=1;
702                 if (rsa == NULL)
703                         i=0;
704                 else
705                         {
706                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
707                                 i=0;
708                         }
709                 if (!i)
710                         {
711                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
712                         return(0);
713                         }
714                 else
715                         {
716                         if (cert->rsa_tmp != NULL)
717                                 RSA_free(cert->rsa_tmp);
718                         cert->rsa_tmp=rsa;
719                         return(1);
720                         }
721                 }
722                 /* break; */
723         case SSL_CTRL_SET_TMP_RSA_CB:
724                 cert->rsa_tmp_cb=(RSA *(*)(SSL *, int, int))parg;
725                 break;
726 #endif
727 #ifndef NO_DH
728         case SSL_CTRL_SET_TMP_DH:
729                 {
730                 DH *new=NULL,*dh;
731                 int rret=0;
732
733                 dh=(DH *)parg;
734                 if (    ((new=DHparams_dup(dh)) == NULL) ||
735                         (!DH_generate_key(new)))
736                         {
737                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
738                         if (new != NULL) DH_free(new);
739                         }
740                 else
741                         {
742                         if (cert->dh_tmp != NULL)
743                                 DH_free(cert->dh_tmp);
744                         cert->dh_tmp=new;
745                         rret=1;
746                         }
747                 return(rret);
748                 }
749                 /*break; */
750         case SSL_CTRL_SET_TMP_DH_CB:
751                 cert->dh_tmp_cb=(DH *(*)(SSL *, int, int))parg;
752                 break;
753 #endif
754         /* A Thawte special :-) */
755         case SSL_CTRL_EXTRA_CHAIN_CERT:
756                 if (ctx->extra_certs == NULL)
757                         {
758                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
759                                 return(0);
760                         }
761                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
762                 break;
763
764         default:
765                 return(0);
766                 }
767         return(1);
768         }
769
770 /* This function needs to check if the ciphers required are actually
771  * available */
772 SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
773         {
774         static int init=1;
775         static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
776         SSL_CIPHER c,*cp= &c,**cpp;
777         unsigned long id;
778         int i;
779
780         if (init)
781                 {
782                 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
783
784                 for (i=0; i<SSL3_NUM_CIPHERS; i++)
785                         sorted[i]= &(ssl3_ciphers[i]);
786
787                 qsort(  (char *)sorted,
788                         SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
789                         FP_ICC ssl_cipher_ptr_id_cmp);
790
791                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
792
793                 init=0;
794                 }
795
796         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
797         c.id=id;
798         cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
799                 (char *)sorted,
800                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
801                 (int (*)())ssl_cipher_ptr_id_cmp);
802         if ((cpp == NULL) || !(*cpp)->valid)
803                 return(NULL);
804         else
805                 return(*cpp);
806         }
807
808 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
809         {
810         long l;
811
812         if (p != NULL)
813                 {
814                 l=c->id;
815                 if ((l & 0xff000000) != 0x03000000) return(0);
816                 p[0]=((unsigned char)(l>> 8L))&0xFF;
817                 p[1]=((unsigned char)(l     ))&0xFF;
818                 }
819         return(2);
820         }
821
822 int ssl3_part_read(SSL *s, int i)
823         {
824         s->rwstate=SSL_READING;
825
826         if (i < 0)
827                 {
828                 return(i);
829                 }
830         else
831                 {
832                 s->init_num+=i;
833                 return(0);
834                 }
835         }
836
837 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *have,
838              STACK_OF(SSL_CIPHER) *pref)
839         {
840         SSL_CIPHER *c,*ret=NULL;
841         int i,j,ok;
842         CERT *cert;
843         unsigned long alg,mask,emask;
844
845         /* Let's see which ciphers we can support */
846         cert=s->cert;
847
848         sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);
849
850 #ifdef CIPHER_DEBUG
851         printf("Have:\n");
852         for(i=0 ; i < sk_num(pref) ; ++i)
853             {
854             c=(SSL_CIPHER *)sk_value(pref,i);
855             printf("%p:%s\n",c,c->name);
856             }
857 #endif
858
859         for (i=0; i<sk_SSL_CIPHER_num(have); i++)
860                 {
861                 c=sk_SSL_CIPHER_value(have,i);
862
863                 ssl_set_cert_masks(cert,c);
864                 mask=cert->mask;
865                 emask=cert->export_mask;
866                         
867                 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
868                 if (SSL_IS_EXPORT(c->algorithms))
869                         {
870                         ok=((alg & emask) == alg)?1:0;
871 #ifdef CIPHER_DEBUG
872                         printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
873                                c,c->name);
874 #endif
875                         }
876                 else
877                         {
878                         ok=((alg & mask) == alg)?1:0;
879 #ifdef CIPHER_DEBUG
880                         printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
881                                c->name);
882 #endif
883                         }
884
885                 if (!ok) continue;
886         
887                 j=sk_SSL_CIPHER_find(pref,c);
888                 if (j >= 0)
889                         {
890                         ret=sk_SSL_CIPHER_value(pref,j);
891                         break;
892                         }
893                 }
894         return(ret);
895         }
896
897 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
898         {
899         int ret=0;
900         unsigned long alg;
901
902         alg=s->s3->tmp.new_cipher->algorithms;
903
904 #ifndef NO_DH
905         if (alg & (SSL_kDHr|SSL_kEDH))
906                 {
907 #  ifndef NO_RSA
908                 p[ret++]=SSL3_CT_RSA_FIXED_DH;
909 #  endif
910 #  ifndef NO_DSA
911                 p[ret++]=SSL3_CT_DSS_FIXED_DH;
912 #  endif
913                 }
914         if ((s->version == SSL3_VERSION) &&
915                 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
916                 {
917 #  ifndef NO_RSA
918                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
919 #  endif
920 #  ifndef NO_DSA
921                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
922 #  endif
923                 }
924 #endif /* !NO_DH */
925 #ifndef NO_RSA
926         p[ret++]=SSL3_CT_RSA_SIGN;
927 #endif
928 #ifndef NO_DSA
929         p[ret++]=SSL3_CT_DSS_SIGN;
930 #endif
931         return(ret);
932         }
933
934 int ssl3_shutdown(SSL *s)
935         {
936
937         /* Don't do anything much if we have not done the handshake or
938          * we don't want to send messages :-) */
939         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
940                 {
941                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
942                 return(1);
943                 }
944
945         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
946                 {
947                 s->shutdown|=SSL_SENT_SHUTDOWN;
948 #if 1
949                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
950 #endif
951                 /* our shutdown alert has been sent now, and if it still needs
952                  * to be written, s->s3->alert_dispatch will be true */
953                 }
954         else if (s->s3->alert_dispatch)
955                 {
956                 /* resend it if not sent */
957 #if 1
958                 ssl3_dispatch_alert(s);
959 #endif
960                 }
961         else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
962                 {
963                 /* If we are waiting for a close from our peer, we are closed */
964                 ssl3_read_bytes(s,0,NULL,0);
965                 }
966
967         if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
968                 !s->s3->alert_dispatch)
969                 return(1);
970         else
971                 return(0);
972         }
973
974 int ssl3_write(SSL *s, const void *buf, int len)
975         {
976         int ret,n;
977
978 #if 0
979         if (s->shutdown & SSL_SEND_SHUTDOWN)
980                 {
981                 s->rwstate=SSL_NOTHING;
982                 return(0);
983                 }
984 #endif
985         clear_sys_error();
986         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
987
988         /* This is an experimental flag that sends the
989          * last handshake message in the same packet as the first
990          * use data - used to see if it helps the TCP protocol during
991          * session-id reuse */
992         /* The second test is because the buffer may have been removed */
993         if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
994                 {
995                 /* First time through, we write into the buffer */
996                 if (s->s3->delay_buf_pop_ret == 0)
997                         {
998                         ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
999                                              buf,len);
1000                         if (ret <= 0) return(ret);
1001
1002                         s->s3->delay_buf_pop_ret=ret;
1003                         }
1004
1005                 s->rwstate=SSL_WRITING;
1006                 n=BIO_flush(s->wbio);
1007                 if (n <= 0) return(n);
1008                 s->rwstate=SSL_NOTHING;
1009
1010                 /* We have flushed the buffer, so remove it */
1011                 ssl_free_wbio_buffer(s);
1012                 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
1013
1014                 ret=s->s3->delay_buf_pop_ret;
1015                 s->s3->delay_buf_pop_ret=0;
1016                 }
1017         else
1018                 {
1019                 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1020                                      buf,len);
1021                 if (ret <= 0) return(ret);
1022                 }
1023
1024         return(ret);
1025         }
1026
1027 int ssl3_read(SSL *s, void *buf, int len)
1028         {
1029         int ret;
1030         
1031         clear_sys_error();
1032         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1033         s->s3->in_read_app_data=1;
1034         ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
1035         if ((ret == -1) && (s->s3->in_read_app_data == 0))
1036                 {
1037                 ERR_get_error(); /* clear the error */
1038                 s->s3->in_read_app_data=0;
1039                 s->in_handshake++;
1040                 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
1041                 s->in_handshake--;
1042                 }
1043         else
1044                 s->s3->in_read_app_data=0;
1045
1046         return(ret);
1047         }
1048
1049 int ssl3_peek(SSL *s, char *buf, int len)
1050         {
1051         SSL3_RECORD *rr;
1052         int n;
1053
1054         rr= &(s->s3->rrec);
1055         if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA))
1056                 {
1057                 n=ssl3_read(s,buf,1);
1058                 if (n <= 0) return(n);
1059                 rr->length++;
1060                 rr->off--;
1061                 }
1062
1063         if ((unsigned int)len > rr->length)
1064                 n=rr->length;
1065         else
1066                 n=len;
1067         memcpy(buf,&(rr->data[rr->off]),(unsigned int)n);
1068         return(n);
1069         }
1070
1071 int ssl3_renegotiate(SSL *s)
1072         {
1073         if (s->handshake_func == NULL)
1074                 return(1);
1075
1076         if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
1077                 return(0);
1078
1079         s->s3->renegotiate=1;
1080         return(1);
1081         }
1082
1083 int ssl3_renegotiate_check(SSL *s)
1084         {
1085         int ret=0;
1086
1087         if (s->s3->renegotiate)
1088                 {
1089                 if (    (s->s3->rbuf.left == 0) &&
1090                         (s->s3->wbuf.left == 0) &&
1091                         !SSL_in_init(s))
1092                         {
1093 /*
1094 if we are the server, and we have sent a 'RENEGOTIATE' message, we
1095 need to go to SSL_ST_ACCEPT.
1096 */
1097                         /* SSL_ST_ACCEPT */
1098                         s->state=SSL_ST_RENEGOTIATE;
1099                         s->s3->renegotiate=0;
1100                         s->s3->num_renegotiations++;
1101                         s->s3->total_renegotiations++;
1102                         ret=1;
1103                         }
1104                 }
1105         return(ret);
1106         }
1107