fix more race conditions
[openssl.git] / ssl / s3_lib.c
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by 
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * In addition, Sun covenants to all licensees who provide a reciprocal
121  * covenant with respect to their own patents if any, not to sue under
122  * current and future patent claims necessarily infringed by the making,
123  * using, practicing, selling, offering for sale and/or otherwise
124  * disposing of the Contribution as delivered hereunder 
125  * (or portions thereof), provided that such covenant shall not apply:
126  *  1) for code that a licensee deletes from the Contribution;
127  *  2) separates from the Contribution; or
128  *  3) for infringements caused by:
129  *       i) the modification of the Contribution or
130  *      ii) the combination of the  Contribution with other software or
131  *          devices where such combination causes the infringement.
132  *
133  * ECC cipher suite support in OpenSSL originally written by
134  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
135  *
136  */
137
138 #include <stdio.h>
139 #include <openssl/objects.h>
140 #include "ssl_locl.h"
141 #include "kssl_lcl.h"
142 #include <openssl/md5.h>
143
144 const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
145
146 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
147
148 static long ssl3_default_timeout(void );
149
150 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
151 /* The RSA ciphers */
152 /* Cipher 01 */
153         {
154         1,
155         SSL3_TXT_RSA_NULL_MD5,
156         SSL3_CK_RSA_NULL_MD5,
157         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
158         SSL_NOT_EXP|SSL_STRONG_NONE,
159         0,
160         0,
161         0,
162         SSL_ALL_CIPHERS,
163         SSL_ALL_STRENGTHS,
164         },
165 /* Cipher 02 */
166         {
167         1,
168         SSL3_TXT_RSA_NULL_SHA,
169         SSL3_CK_RSA_NULL_SHA,
170         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
171         SSL_NOT_EXP|SSL_STRONG_NONE,
172         0,
173         0,
174         0,
175         SSL_ALL_CIPHERS,
176         SSL_ALL_STRENGTHS,
177         },
178
179 /* anon DH */
180 /* Cipher 17 */
181         {
182         1,
183         SSL3_TXT_ADH_RC4_40_MD5,
184         SSL3_CK_ADH_RC4_40_MD5,
185         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
186         SSL_EXPORT|SSL_EXP40,
187         0,
188         40,
189         128,
190         SSL_ALL_CIPHERS,
191         SSL_ALL_STRENGTHS,
192         },
193 /* Cipher 18 */
194         {
195         1,
196         SSL3_TXT_ADH_RC4_128_MD5,
197         SSL3_CK_ADH_RC4_128_MD5,
198         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
199         SSL_NOT_EXP|SSL_MEDIUM,
200         0,
201         128,
202         128,
203         SSL_ALL_CIPHERS,
204         SSL_ALL_STRENGTHS,
205         },
206 /* Cipher 19 */
207         {
208         1,
209         SSL3_TXT_ADH_DES_40_CBC_SHA,
210         SSL3_CK_ADH_DES_40_CBC_SHA,
211         SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
212         SSL_EXPORT|SSL_EXP40,
213         0,
214         40,
215         128,
216         SSL_ALL_CIPHERS,
217         SSL_ALL_STRENGTHS,
218         },
219 /* Cipher 1A */
220         {
221         1,
222         SSL3_TXT_ADH_DES_64_CBC_SHA,
223         SSL3_CK_ADH_DES_64_CBC_SHA,
224         SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
225         SSL_NOT_EXP|SSL_LOW,
226         0,
227         56,
228         56,
229         SSL_ALL_CIPHERS,
230         SSL_ALL_STRENGTHS,
231         },
232 /* Cipher 1B */
233         {
234         1,
235         SSL3_TXT_ADH_DES_192_CBC_SHA,
236         SSL3_CK_ADH_DES_192_CBC_SHA,
237         SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
238         SSL_NOT_EXP|SSL_HIGH,
239         0,
240         168,
241         168,
242         SSL_ALL_CIPHERS,
243         SSL_ALL_STRENGTHS,
244         },
245
246 /* RSA again */
247 /* Cipher 03 */
248         {
249         1,
250         SSL3_TXT_RSA_RC4_40_MD5,
251         SSL3_CK_RSA_RC4_40_MD5,
252         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
253         SSL_EXPORT|SSL_EXP40,
254         0,
255         40,
256         128,
257         SSL_ALL_CIPHERS,
258         SSL_ALL_STRENGTHS,
259         },
260 /* Cipher 04 */
261         {
262         1,
263         SSL3_TXT_RSA_RC4_128_MD5,
264         SSL3_CK_RSA_RC4_128_MD5,
265         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
266         SSL_NOT_EXP|SSL_MEDIUM,
267         0,
268         128,
269         128,
270         SSL_ALL_CIPHERS,
271         SSL_ALL_STRENGTHS,
272         },
273 /* Cipher 05 */
274         {
275         1,
276         SSL3_TXT_RSA_RC4_128_SHA,
277         SSL3_CK_RSA_RC4_128_SHA,
278         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
279         SSL_NOT_EXP|SSL_MEDIUM,
280         0,
281         128,
282         128,
283         SSL_ALL_CIPHERS,
284         SSL_ALL_STRENGTHS,
285         },
286 /* Cipher 06 */
287         {
288         1,
289         SSL3_TXT_RSA_RC2_40_MD5,
290         SSL3_CK_RSA_RC2_40_MD5,
291         SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
292         SSL_EXPORT|SSL_EXP40,
293         0,
294         40,
295         128,
296         SSL_ALL_CIPHERS,
297         SSL_ALL_STRENGTHS,
298         },
299 /* Cipher 07 */
300         {
301         1,
302         SSL3_TXT_RSA_IDEA_128_SHA,
303         SSL3_CK_RSA_IDEA_128_SHA,
304         SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
305         SSL_NOT_EXP|SSL_MEDIUM,
306         0,
307         128,
308         128,
309         SSL_ALL_CIPHERS,
310         SSL_ALL_STRENGTHS,
311         },
312 /* Cipher 08 */
313         {
314         1,
315         SSL3_TXT_RSA_DES_40_CBC_SHA,
316         SSL3_CK_RSA_DES_40_CBC_SHA,
317         SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
318         SSL_EXPORT|SSL_EXP40,
319         0,
320         40,
321         56,
322         SSL_ALL_CIPHERS,
323         SSL_ALL_STRENGTHS,
324         },
325 /* Cipher 09 */
326         {
327         1,
328         SSL3_TXT_RSA_DES_64_CBC_SHA,
329         SSL3_CK_RSA_DES_64_CBC_SHA,
330         SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
331         SSL_NOT_EXP|SSL_LOW,
332         0,
333         56,
334         56,
335         SSL_ALL_CIPHERS,
336         SSL_ALL_STRENGTHS,
337         },
338 /* Cipher 0A */
339         {
340         1,
341         SSL3_TXT_RSA_DES_192_CBC3_SHA,
342         SSL3_CK_RSA_DES_192_CBC3_SHA,
343         SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
344         SSL_NOT_EXP|SSL_HIGH,
345         0,
346         168,
347         168,
348         SSL_ALL_CIPHERS,
349         SSL_ALL_STRENGTHS,
350         },
351
352 /*  The DH ciphers */
353 /* Cipher 0B */
354         {
355         0,
356         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
357         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
358         SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
359         SSL_EXPORT|SSL_EXP40,
360         0,
361         40,
362         56,
363         SSL_ALL_CIPHERS,
364         SSL_ALL_STRENGTHS,
365         },
366 /* Cipher 0C */
367         {
368         0,
369         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
370         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
371         SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
372         SSL_NOT_EXP|SSL_LOW,
373         0,
374         56,
375         56,
376         SSL_ALL_CIPHERS,
377         SSL_ALL_STRENGTHS,
378         },
379 /* Cipher 0D */
380         {
381         0,
382         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
383         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
384         SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
385         SSL_NOT_EXP|SSL_HIGH,
386         0,
387         168,
388         168,
389         SSL_ALL_CIPHERS,
390         SSL_ALL_STRENGTHS,
391         },
392 /* Cipher 0E */
393         {
394         0,
395         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
396         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
397         SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
398         SSL_EXPORT|SSL_EXP40,
399         0,
400         40,
401         56,
402         SSL_ALL_CIPHERS,
403         SSL_ALL_STRENGTHS,
404         },
405 /* Cipher 0F */
406         {
407         0,
408         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
409         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
410         SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
411         SSL_NOT_EXP|SSL_LOW,
412         0,
413         56,
414         56,
415         SSL_ALL_CIPHERS,
416         SSL_ALL_STRENGTHS,
417         },
418 /* Cipher 10 */
419         {
420         0,
421         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
422         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
423         SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
424         SSL_NOT_EXP|SSL_HIGH,
425         0,
426         168,
427         168,
428         SSL_ALL_CIPHERS,
429         SSL_ALL_STRENGTHS,
430         },
431
432 /* The Ephemeral DH ciphers */
433 /* Cipher 11 */
434         {
435         1,
436         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
437         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
438         SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
439         SSL_EXPORT|SSL_EXP40,
440         0,
441         40,
442         56,
443         SSL_ALL_CIPHERS,
444         SSL_ALL_STRENGTHS,
445         },
446 /* Cipher 12 */
447         {
448         1,
449         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
450         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
451         SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
452         SSL_NOT_EXP|SSL_LOW,
453         0,
454         56,
455         56,
456         SSL_ALL_CIPHERS,
457         SSL_ALL_STRENGTHS,
458         },
459 /* Cipher 13 */
460         {
461         1,
462         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
463         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
464         SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
465         SSL_NOT_EXP|SSL_HIGH,
466         0,
467         168,
468         168,
469         SSL_ALL_CIPHERS,
470         SSL_ALL_STRENGTHS,
471         },
472 /* Cipher 14 */
473         {
474         1,
475         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
476         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
477         SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
478         SSL_EXPORT|SSL_EXP40,
479         0,
480         40,
481         56,
482         SSL_ALL_CIPHERS,
483         SSL_ALL_STRENGTHS,
484         },
485 /* Cipher 15 */
486         {
487         1,
488         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
489         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
490         SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
491         SSL_NOT_EXP|SSL_LOW,
492         0,
493         56,
494         56,
495         SSL_ALL_CIPHERS,
496         SSL_ALL_STRENGTHS,
497         },
498 /* Cipher 16 */
499         {
500         1,
501         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
502         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
503         SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
504         SSL_NOT_EXP|SSL_HIGH,
505         0,
506         168,
507         168,
508         SSL_ALL_CIPHERS,
509         SSL_ALL_STRENGTHS,
510         },
511
512 /* Fortezza */
513 /* Cipher 1C */
514         {
515         0,
516         SSL3_TXT_FZA_DMS_NULL_SHA,
517         SSL3_CK_FZA_DMS_NULL_SHA,
518         SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
519         SSL_NOT_EXP|SSL_STRONG_NONE,
520         0,
521         0,
522         0,
523         SSL_ALL_CIPHERS,
524         SSL_ALL_STRENGTHS,
525         },
526
527 /* Cipher 1D */
528         {
529         0,
530         SSL3_TXT_FZA_DMS_FZA_SHA,
531         SSL3_CK_FZA_DMS_FZA_SHA,
532         SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
533         SSL_NOT_EXP|SSL_STRONG_NONE,
534         0,
535         0,
536         0,
537         SSL_ALL_CIPHERS,
538         SSL_ALL_STRENGTHS,
539         },
540
541 /* Cipher 1E */
542         {
543         0,
544         SSL3_TXT_FZA_DMS_RC4_SHA,
545         SSL3_CK_FZA_DMS_RC4_SHA,
546         SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
547         SSL_NOT_EXP|SSL_MEDIUM,
548         0,
549         128,
550         128,
551         SSL_ALL_CIPHERS,
552         SSL_ALL_STRENGTHS,
553         },
554
555 #ifndef OPENSSL_NO_KRB5
556 /* The Kerberos ciphers
557 ** 20000107 VRS: And the first shall be last,
558 ** in hopes of avoiding the lynx ssl renegotiation problem.
559 */
560 /* Cipher 21 VRS */
561         {
562         1,
563         SSL3_TXT_KRB5_DES_40_CBC_SHA,
564         SSL3_CK_KRB5_DES_40_CBC_SHA,
565         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
566         SSL_EXPORT|SSL_EXP40,
567         0,
568         40,
569         56,
570         SSL_ALL_CIPHERS,
571         SSL_ALL_STRENGTHS,
572         },
573
574 /* Cipher 22 VRS */
575         {
576         1,
577         SSL3_TXT_KRB5_DES_40_CBC_MD5,
578         SSL3_CK_KRB5_DES_40_CBC_MD5,
579         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
580         SSL_EXPORT|SSL_EXP40,
581         0,
582         40,
583         56,
584         SSL_ALL_CIPHERS,
585         SSL_ALL_STRENGTHS,
586         },
587
588 /* Cipher 23 VRS */
589         {
590         1,
591         SSL3_TXT_KRB5_DES_64_CBC_SHA,
592         SSL3_CK_KRB5_DES_64_CBC_SHA,
593         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
594         SSL_NOT_EXP|SSL_LOW,
595         0,
596         56,
597         56,
598         SSL_ALL_CIPHERS,
599         SSL_ALL_STRENGTHS,
600         },
601
602 /* Cipher 24 VRS */
603         {
604         1,
605         SSL3_TXT_KRB5_DES_64_CBC_MD5,
606         SSL3_CK_KRB5_DES_64_CBC_MD5,
607         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
608         SSL_NOT_EXP|SSL_LOW,
609         0,
610         56,
611         56,
612         SSL_ALL_CIPHERS,
613         SSL_ALL_STRENGTHS,
614         },
615
616 /* Cipher 25 VRS */
617         {
618         1,
619         SSL3_TXT_KRB5_DES_192_CBC3_SHA,
620         SSL3_CK_KRB5_DES_192_CBC3_SHA,
621         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
622         SSL_NOT_EXP|SSL_HIGH,
623         0,
624         112,
625         168,
626         SSL_ALL_CIPHERS,
627         SSL_ALL_STRENGTHS,
628         },
629
630 /* Cipher 26 VRS */
631         {
632         1,
633         SSL3_TXT_KRB5_DES_192_CBC3_MD5,
634         SSL3_CK_KRB5_DES_192_CBC3_MD5,
635         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
636         SSL_NOT_EXP|SSL_HIGH,
637         0,
638         112,
639         168,
640         SSL_ALL_CIPHERS,
641         SSL_ALL_STRENGTHS,
642         },
643 #endif  /* OPENSSL_NO_KRB5 */
644
645
646 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
647         /* New TLS Export CipherSuites */
648         /* Cipher 60 */
649             {
650             1,
651             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
652             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
653             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
654             SSL_EXPORT|SSL_EXP56,
655             0,
656             56,
657             128,
658             SSL_ALL_CIPHERS,
659             SSL_ALL_STRENGTHS,
660             },
661         /* Cipher 61 */
662             {
663             1,
664             TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
665             TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
666             SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
667             SSL_EXPORT|SSL_EXP56,
668             0,
669             56,
670             128,
671             SSL_ALL_CIPHERS,
672             SSL_ALL_STRENGTHS,
673             },
674         /* Cipher 62 */
675             {
676             1,
677             TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
678             TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
679             SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
680             SSL_EXPORT|SSL_EXP56,
681             0,
682             56,
683             56,
684             SSL_ALL_CIPHERS,
685             SSL_ALL_STRENGTHS,
686             },
687         /* Cipher 63 */
688             {
689             1,
690             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
691             TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
692             SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
693             SSL_EXPORT|SSL_EXP56,
694             0,
695             56,
696             56,
697             SSL_ALL_CIPHERS,
698             SSL_ALL_STRENGTHS,
699             },
700         /* Cipher 64 */
701             {
702             1,
703             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
704             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
705             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
706             SSL_EXPORT|SSL_EXP56,
707             0,
708             56,
709             128,
710             SSL_ALL_CIPHERS,
711             SSL_ALL_STRENGTHS,
712             },
713         /* Cipher 65 */
714             {
715             1,
716             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
717             TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
718             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
719             SSL_EXPORT|SSL_EXP56,
720             0,
721             56,
722             128,
723             SSL_ALL_CIPHERS,
724             SSL_ALL_STRENGTHS,
725             },
726         /* Cipher 66 */
727             {
728             1,
729             TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
730             TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
731             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
732             SSL_NOT_EXP|SSL_MEDIUM,
733             0,
734             128,
735             128,
736             SSL_ALL_CIPHERS,
737             SSL_ALL_STRENGTHS
738             },
739 #endif
740         /* New AES ciphersuites */
741
742         /* Cipher 2F */
743             {
744             1,
745             TLS1_TXT_RSA_WITH_AES_128_SHA,
746             TLS1_CK_RSA_WITH_AES_128_SHA,
747             SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
748             SSL_NOT_EXP|SSL_MEDIUM,
749             0,
750             128,
751             128,
752             SSL_ALL_CIPHERS,
753             SSL_ALL_STRENGTHS,
754             },
755         /* Cipher 30 */
756             {
757             0,
758             TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
759             TLS1_CK_DH_DSS_WITH_AES_128_SHA,
760             SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
761             SSL_NOT_EXP|SSL_MEDIUM,
762             0,
763             128,
764             128,
765             SSL_ALL_CIPHERS,
766             SSL_ALL_STRENGTHS,
767             },
768         /* Cipher 31 */
769             {
770             0,
771             TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
772             TLS1_CK_DH_RSA_WITH_AES_128_SHA,
773             SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
774             SSL_NOT_EXP|SSL_MEDIUM,
775             0,
776             128,
777             128,
778             SSL_ALL_CIPHERS,
779             SSL_ALL_STRENGTHS,
780             },
781         /* Cipher 32 */
782             {
783             1,
784             TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
785             TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
786             SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
787             SSL_NOT_EXP|SSL_MEDIUM,
788             0,
789             128,
790             128,
791             SSL_ALL_CIPHERS,
792             SSL_ALL_STRENGTHS,
793             },
794         /* Cipher 33 */
795             {
796             1,
797             TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
798             TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
799             SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
800             SSL_NOT_EXP|SSL_MEDIUM,
801             0,
802             128,
803             128,
804             SSL_ALL_CIPHERS,
805             SSL_ALL_STRENGTHS,
806             },
807         /* Cipher 34 */
808             {
809             1,
810             TLS1_TXT_ADH_WITH_AES_128_SHA,
811             TLS1_CK_ADH_WITH_AES_128_SHA,
812             SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
813             SSL_NOT_EXP|SSL_MEDIUM,
814             0,
815             128,
816             128,
817             SSL_ALL_CIPHERS,
818             SSL_ALL_STRENGTHS,
819             },
820
821         /* Cipher 35 */
822             {
823             1,
824             TLS1_TXT_RSA_WITH_AES_256_SHA,
825             TLS1_CK_RSA_WITH_AES_256_SHA,
826             SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
827             SSL_NOT_EXP|SSL_HIGH,
828             0,
829             256,
830             256,
831             SSL_ALL_CIPHERS,
832             SSL_ALL_STRENGTHS,
833             },
834         /* Cipher 36 */
835             {
836             0,
837             TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
838             TLS1_CK_DH_DSS_WITH_AES_256_SHA,
839             SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
840             SSL_NOT_EXP|SSL_HIGH,
841             0,
842             256,
843             256,
844             SSL_ALL_CIPHERS,
845             SSL_ALL_STRENGTHS,
846             },
847         /* Cipher 37 */
848             {
849             0,
850             TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
851             TLS1_CK_DH_RSA_WITH_AES_256_SHA,
852             SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
853             SSL_NOT_EXP|SSL_HIGH,
854             0,
855             256,
856             256,
857             SSL_ALL_CIPHERS,
858             SSL_ALL_STRENGTHS,
859             },
860         /* Cipher 38 */
861             {
862             1,
863             TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
864             TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
865             SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
866             SSL_NOT_EXP|SSL_HIGH,
867             0,
868             256,
869             256,
870             SSL_ALL_CIPHERS,
871             SSL_ALL_STRENGTHS,
872             },
873         /* Cipher 39 */
874             {
875             1,
876             TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
877             TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
878             SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
879             SSL_NOT_EXP|SSL_HIGH,
880             0,
881             256,
882             256,
883             SSL_ALL_CIPHERS,
884             SSL_ALL_STRENGTHS,
885             },
886         /* Cipher 3A */
887             {
888             1,
889             TLS1_TXT_ADH_WITH_AES_256_SHA,
890             TLS1_CK_ADH_WITH_AES_256_SHA,
891             SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
892             SSL_NOT_EXP|SSL_HIGH,
893             0,
894             256,
895             256,
896             SSL_ALL_CIPHERS,
897             SSL_ALL_STRENGTHS,
898             },
899
900 #ifndef OPENSSL_NO_ECDH
901         /* Cipher 47 */
902             {
903             1,
904             TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
905             TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
906             SSL_kECDH|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
907             SSL_NOT_EXP,
908             0,
909             0,
910             0,
911             SSL_ALL_CIPHERS,
912             SSL_ALL_STRENGTHS,
913             },
914
915         /* Cipher 48 */
916             {
917             1,
918             TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
919             TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
920             SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
921             SSL_NOT_EXP,
922             0,
923             128,
924             128,
925             SSL_ALL_CIPHERS,
926             SSL_ALL_STRENGTHS,
927             },
928
929         /* Cipher 49 */
930             {
931             1,
932             TLS1_TXT_ECDH_ECDSA_WITH_DES_CBC_SHA,
933             TLS1_CK_ECDH_ECDSA_WITH_DES_CBC_SHA,
934             SSL_kECDH|SSL_aECDSA|SSL_DES|SSL_SHA|SSL_TLSV1,
935             SSL_NOT_EXP|SSL_LOW,
936             0,
937             56,
938             56,
939             SSL_ALL_CIPHERS,
940             SSL_ALL_STRENGTHS,
941             },
942
943         /* Cipher 4A */
944             {
945             1,
946             TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
947             TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
948             SSL_kECDH|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
949             SSL_NOT_EXP|SSL_HIGH,
950             0,
951             168,
952             168,
953             SSL_ALL_CIPHERS,
954             SSL_ALL_STRENGTHS,
955             },
956
957         /* Cipher 4B */
958             {
959             1,
960             TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
961             TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
962             SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
963             SSL_NOT_EXP|SSL_MEDIUM,
964             0,
965             128,
966             128,
967             SSL_ALL_CIPHERS,
968             SSL_ALL_STRENGTHS,
969             },
970
971         /* Cipher 4C */
972             {
973             1,
974             TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
975             TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
976             SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
977             SSL_NOT_EXP|SSL_HIGH,
978             0,
979             256,
980             256,
981             SSL_ALL_CIPHERS,
982             SSL_ALL_STRENGTHS,
983             },
984
985         /* Cipher 5B */
986         /* XXX NOTE: The ECC/TLS draft has a bug and reuses 4B for this */
987             {
988             1,
989             TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
990             TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
991             SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
992             SSL_EXPORT|SSL_EXP40,
993             0,
994             40,
995             128,
996             SSL_ALL_CIPHERS,
997             SSL_ALL_STRENGTHS,
998             },
999
1000         /* Cipher 5C */
1001         /* XXX NOTE: The ECC/TLS draft has a bug and reuses 4C for this */
1002             {
1003             1,
1004             TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
1005             TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
1006             SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1007             SSL_EXPORT|SSL_EXP56,
1008             0,
1009             56,
1010             128,
1011             SSL_ALL_CIPHERS,
1012             SSL_ALL_STRENGTHS,
1013             },
1014
1015         /* Cipher 4D */
1016             {
1017             1,
1018             TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
1019             TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
1020             SSL_kECDH|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1021             SSL_NOT_EXP,
1022             0,
1023             0,
1024             0,
1025             SSL_ALL_CIPHERS,
1026             SSL_ALL_STRENGTHS,
1027             },
1028
1029         /* Cipher 4E */
1030             {
1031             1,
1032             TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
1033             TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
1034             SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1035             SSL_NOT_EXP,
1036             0,
1037             128,
1038             128,
1039             SSL_ALL_CIPHERS,
1040             SSL_ALL_STRENGTHS,
1041             },
1042
1043         /* Cipher 4F */
1044             {
1045             1,
1046             TLS1_TXT_ECDH_RSA_WITH_DES_CBC_SHA,
1047             TLS1_CK_ECDH_RSA_WITH_DES_CBC_SHA,
1048             SSL_kECDH|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
1049             SSL_NOT_EXP|SSL_LOW,
1050             0,
1051             56,
1052             56,
1053             SSL_ALL_CIPHERS,
1054             SSL_ALL_STRENGTHS,
1055             },
1056
1057         /* Cipher 50 */
1058             {
1059             1,
1060             TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1061             TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1062             SSL_kECDH|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1063             SSL_NOT_EXP|SSL_HIGH,
1064             0,
1065             168,
1066             168,
1067             SSL_ALL_CIPHERS,
1068             SSL_ALL_STRENGTHS,
1069             },
1070
1071         /* Cipher 51 */
1072             {
1073             1,
1074             TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
1075             TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
1076             SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1077             SSL_NOT_EXP|SSL_MEDIUM,
1078             0,
1079             128,
1080             128,
1081             SSL_ALL_CIPHERS,
1082             SSL_ALL_STRENGTHS,
1083             },
1084
1085         /* Cipher 52 */
1086             {
1087             1,
1088             TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
1089             TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
1090             SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1091             SSL_NOT_EXP|SSL_HIGH,
1092             0,
1093             256,
1094             256,
1095             SSL_ALL_CIPHERS,
1096             SSL_ALL_STRENGTHS,
1097             },
1098
1099         /* Cipher 53 */
1100             {
1101             1,
1102             TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
1103             TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
1104             SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1105             SSL_EXPORT|SSL_EXP40,
1106             0,
1107             40,
1108             128,
1109             SSL_ALL_CIPHERS,
1110             SSL_ALL_STRENGTHS,
1111             },
1112
1113         /* Cipher 54 */
1114             {
1115             1,
1116             TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
1117             TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
1118             SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1119             SSL_EXPORT|SSL_EXP56,
1120             0,
1121             56,
1122             128,
1123             SSL_ALL_CIPHERS,
1124             SSL_ALL_STRENGTHS,
1125             },
1126
1127         /* Cipher 55 */
1128             {
1129             1,
1130             TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1131             TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1132             SSL_kECDHE|SSL_aNULL|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1133             SSL_NOT_EXP,
1134             0,
1135             0,
1136             0,
1137             SSL_ALL_CIPHERS,
1138             SSL_ALL_STRENGTHS,
1139             },
1140
1141         /* Cipher 56 */
1142             {
1143             1,
1144             TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
1145             TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
1146             SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
1147             SSL_NOT_EXP,
1148             0,
1149             128,
1150             128,
1151             SSL_ALL_CIPHERS,
1152             SSL_ALL_STRENGTHS,
1153             },
1154
1155         /* Cipher 57 */
1156             {
1157             1,
1158             TLS1_TXT_ECDH_anon_WITH_DES_CBC_SHA,
1159             TLS1_CK_ECDH_anon_WITH_DES_CBC_SHA,
1160             SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
1161             SSL_NOT_EXP|SSL_LOW,
1162             0,
1163             56,
1164             56,
1165             SSL_ALL_CIPHERS,
1166             SSL_ALL_STRENGTHS,
1167             },
1168
1169         /* Cipher 58 */
1170             {
1171             1,
1172             TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1173             TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1174             SSL_kECDHE|SSL_aNULL|SSL_3DES|SSL_SHA|SSL_TLSV1,
1175             SSL_NOT_EXP|SSL_HIGH,
1176             0,
1177             168,
1178             168,
1179             SSL_ALL_CIPHERS,
1180             SSL_ALL_STRENGTHS,
1181             },
1182
1183         /* Cipher 59 */
1184             {
1185             1,
1186             TLS1_TXT_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
1187             TLS1_CK_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
1188             SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
1189             SSL_EXPORT|SSL_EXP40,
1190             0,
1191             40,
1192             56,
1193             SSL_ALL_CIPHERS,
1194             SSL_ALL_STRENGTHS,
1195             },
1196
1197         /* Cipher 5A */
1198             {
1199             1,
1200             TLS1_TXT_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
1201             TLS1_CK_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
1202             SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
1203             SSL_EXPORT|SSL_EXP40,
1204             0,
1205             40,
1206             128,
1207             SSL_ALL_CIPHERS,
1208             SSL_ALL_STRENGTHS,
1209             },
1210
1211         /* Cipher 77 XXX: ECC ciphersuites offering forward secrecy
1212          * are not yet specified in the ECC/TLS draft but our code
1213          * allows them to be implemented very easily. To add such
1214          * a cipher suite, one needs to add two constant definitions
1215          * to tls1.h and a new structure in this file as shown below. We 
1216          * illustrate the process for the made-up cipher
1217          * ECDHE-ECDSA-AES128-SHA.
1218          */
1219             {
1220             1,
1221             TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1222             TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1223             SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1224             SSL_NOT_EXP|SSL_MEDIUM,
1225             0,
1226             128,
1227             128,
1228             SSL_ALL_CIPHERS,
1229             SSL_ALL_STRENGTHS,
1230             },
1231
1232         /* Cipher 78 XXX: Another made-up ECC cipher suite that
1233          * offers forward secrecy (ECDHE-RSA-AES128-SHA).
1234          */
1235             {
1236             1,
1237             TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1238             TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1239             SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1240             SSL_NOT_EXP|SSL_MEDIUM,
1241             0,
1242             128,
1243             128,
1244             SSL_ALL_CIPHERS,
1245             SSL_ALL_STRENGTHS,
1246             },
1247
1248 #endif /* !OPENSSL_NO_ECDH */
1249
1250 /* end of list */
1251         };
1252
1253 static SSL3_ENC_METHOD SSLv3_enc_data={
1254         ssl3_enc,
1255         ssl3_mac,
1256         ssl3_setup_key_block,
1257         ssl3_generate_master_secret,
1258         ssl3_change_cipher_state,
1259         ssl3_final_finish_mac,
1260         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
1261         ssl3_cert_verify_mac,
1262         SSL3_MD_CLIENT_FINISHED_CONST,4,
1263         SSL3_MD_SERVER_FINISHED_CONST,4,
1264         ssl3_alert_code,
1265         };
1266
1267 static SSL_METHOD SSLv3_data= {
1268         SSL3_VERSION,
1269         ssl3_new,
1270         ssl3_clear,
1271         ssl3_free,
1272         ssl_undefined_function,
1273         ssl_undefined_function,
1274         ssl3_read,
1275         ssl3_peek,
1276         ssl3_write,
1277         ssl3_shutdown,
1278         ssl3_renegotiate,
1279         ssl3_renegotiate_check,
1280         ssl3_ctrl,
1281         ssl3_ctx_ctrl,
1282         ssl3_get_cipher_by_char,
1283         ssl3_put_cipher_by_char,
1284         ssl3_pending,
1285         ssl3_num_ciphers,
1286         ssl3_get_cipher,
1287         ssl_bad_method,
1288         ssl3_default_timeout,
1289         &SSLv3_enc_data,
1290         ssl_undefined_function,
1291         ssl3_callback_ctrl,
1292         ssl3_ctx_callback_ctrl,
1293         };
1294
1295 static long ssl3_default_timeout(void)
1296         {
1297         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
1298          * is way too long for http, the cache would over fill */
1299         return(60*60*2);
1300         }
1301
1302 SSL_METHOD *sslv3_base_method(void)
1303         {
1304         return(&SSLv3_data);
1305         }
1306
1307 int ssl3_num_ciphers(void)
1308         {
1309         return(SSL3_NUM_CIPHERS);
1310         }
1311
1312 SSL_CIPHER *ssl3_get_cipher(unsigned int u)
1313         {
1314         if (u < SSL3_NUM_CIPHERS)
1315                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
1316         else
1317                 return(NULL);
1318         }
1319
1320 int ssl3_pending(SSL *s)
1321         {
1322         if (s->rstate == SSL_ST_READ_BODY)
1323                 return 0;
1324         
1325         return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
1326         }
1327
1328 int ssl3_new(SSL *s)
1329         {
1330         SSL3_STATE *s3;
1331
1332         if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
1333         memset(s3,0,sizeof *s3);
1334         EVP_MD_CTX_init(&s3->finish_dgst1);
1335         EVP_MD_CTX_init(&s3->finish_dgst2);
1336
1337         s->s3=s3;
1338
1339         s->method->ssl_clear(s);
1340         return(1);
1341 err:
1342         return(0);
1343         }
1344
1345 void ssl3_free(SSL *s)
1346         {
1347         if(s == NULL)
1348             return;
1349
1350         ssl3_cleanup_key_block(s);
1351         if (s->s3->rbuf.buf != NULL)
1352                 OPENSSL_free(s->s3->rbuf.buf);
1353         if (s->s3->wbuf.buf != NULL)
1354                 OPENSSL_free(s->s3->wbuf.buf);
1355         if (s->s3->rrec.comp != NULL)
1356                 OPENSSL_free(s->s3->rrec.comp);
1357 #ifndef OPENSSL_NO_DH
1358         if (s->s3->tmp.dh != NULL)
1359                 DH_free(s->s3->tmp.dh);
1360 #endif
1361 #ifndef OPENSSL_NO_ECDH
1362         if (s->s3->tmp.ecdh != NULL)
1363                 EC_KEY_free(s->s3->tmp.ecdh);
1364 #endif
1365
1366         if (s->s3->tmp.ca_names != NULL)
1367                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1368         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1369         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1370         memset(s->s3,0,sizeof *s->s3);
1371         OPENSSL_free(s->s3);
1372         s->s3=NULL;
1373         }
1374
1375 void ssl3_clear(SSL *s)
1376         {
1377         unsigned char *rp,*wp;
1378         size_t rlen, wlen;
1379
1380         ssl3_cleanup_key_block(s);
1381         if (s->s3->tmp.ca_names != NULL)
1382                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1383
1384         if (s->s3->rrec.comp != NULL)
1385                 {
1386                 OPENSSL_free(s->s3->rrec.comp);
1387                 s->s3->rrec.comp=NULL;
1388                 }
1389 #ifndef OPENSSL_NO_DH
1390         if (s->s3->tmp.dh != NULL)
1391                 DH_free(s->s3->tmp.dh);
1392 #endif
1393 #ifndef OPENSSL_NO_ECDH
1394         if (s->s3->tmp.ecdh != NULL)
1395                 EC_KEY_free(s->s3->tmp.ecdh);
1396 #endif
1397
1398         rp = s->s3->rbuf.buf;
1399         wp = s->s3->wbuf.buf;
1400         rlen = s->s3->rbuf.len;
1401         wlen = s->s3->wbuf.len;
1402
1403         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1404         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1405
1406         memset(s->s3,0,sizeof *s->s3);
1407         s->s3->rbuf.buf = rp;
1408         s->s3->wbuf.buf = wp;
1409         s->s3->rbuf.len = rlen;
1410         s->s3->wbuf.len = wlen;
1411
1412         ssl_free_wbio_buffer(s);
1413
1414         s->packet_length=0;
1415         s->s3->renegotiate=0;
1416         s->s3->total_renegotiations=0;
1417         s->s3->num_renegotiations=0;
1418         s->s3->in_read_app_data=0;
1419         s->version=SSL3_VERSION;
1420         }
1421
1422 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1423         {
1424         int ret=0;
1425
1426 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1427         if (
1428 #ifndef OPENSSL_NO_RSA
1429             cmd == SSL_CTRL_SET_TMP_RSA ||
1430             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1431 #endif
1432 #ifndef OPENSSL_NO_DSA
1433             cmd == SSL_CTRL_SET_TMP_DH ||
1434             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1435 #endif
1436                 0)
1437                 {
1438                 if (!ssl_cert_inst(&s->cert))
1439                         {
1440                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
1441                         return(0);
1442                         }
1443                 }
1444 #endif
1445
1446         switch (cmd)
1447                 {
1448         case SSL_CTRL_GET_SESSION_REUSED:
1449                 ret=s->hit;
1450                 break;
1451         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
1452                 break;
1453         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
1454                 ret=s->s3->num_renegotiations;
1455                 break;
1456         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
1457                 ret=s->s3->num_renegotiations;
1458                 s->s3->num_renegotiations=0;
1459                 break;
1460         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
1461                 ret=s->s3->total_renegotiations;
1462                 break;
1463         case SSL_CTRL_GET_FLAGS:
1464                 ret=(int)(s->s3->flags);
1465                 break;
1466 #ifndef OPENSSL_NO_RSA
1467         case SSL_CTRL_NEED_TMP_RSA:
1468                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
1469                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1470                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
1471                         ret = 1;
1472                 break;
1473         case SSL_CTRL_SET_TMP_RSA:
1474                 {
1475                         RSA *rsa = (RSA *)parg;
1476                         if (rsa == NULL)
1477                                 {
1478                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1479                                 return(ret);
1480                                 }
1481                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
1482                                 {
1483                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
1484                                 return(ret);
1485                                 }
1486                         if (s->cert->rsa_tmp != NULL)
1487                                 RSA_free(s->cert->rsa_tmp);
1488                         s->cert->rsa_tmp = rsa;
1489                         ret = 1;
1490                 }
1491                 break;
1492         case SSL_CTRL_SET_TMP_RSA_CB:
1493                 {
1494                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1495                 return(ret);
1496                 }
1497                 break;
1498 #endif
1499 #ifndef OPENSSL_NO_DH
1500         case SSL_CTRL_SET_TMP_DH:
1501                 {
1502                         DH *dh = (DH *)parg;
1503                         if (dh == NULL)
1504                                 {
1505                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1506                                 return(ret);
1507                                 }
1508                         if ((dh = DHparams_dup(dh)) == NULL)
1509                                 {
1510                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1511                                 return(ret);
1512                                 }
1513                         if (!(s->options & SSL_OP_SINGLE_DH_USE))
1514                                 {
1515                                 if (!DH_generate_key(dh))
1516                                         {
1517                                         DH_free(dh);
1518                                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1519                                         return(ret);
1520                                         }
1521                                 }
1522                         if (s->cert->dh_tmp != NULL)
1523                                 DH_free(s->cert->dh_tmp);
1524                         s->cert->dh_tmp = dh;
1525                         ret = 1;
1526                 }
1527                 break;
1528         case SSL_CTRL_SET_TMP_DH_CB:
1529                 {
1530                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1531                 return(ret);
1532                 }
1533                 break;
1534 #endif
1535 #ifndef OPENSSL_NO_ECDH
1536         case SSL_CTRL_SET_TMP_ECDH:
1537                 {
1538                 EC_KEY *ecdh = NULL;
1539                         
1540                 if (parg == NULL)
1541                         {
1542                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1543                         return(ret);
1544                         }
1545                 if (!EC_KEY_up_ref((EC_KEY *)parg))
1546                         {
1547                         SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
1548                         return(ret);
1549                         }
1550                 ecdh = (EC_KEY *)parg;
1551                 if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
1552                         {
1553                         if (!EC_KEY_generate_key(ecdh))
1554                                 {
1555                                 EC_KEY_free(ecdh);
1556                                 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
1557                                 return(ret);
1558                                 }
1559                         }
1560                 if (s->cert->ecdh_tmp != NULL)
1561                         EC_KEY_free(s->cert->ecdh_tmp);
1562                 s->cert->ecdh_tmp = ecdh;
1563                 ret = 1;
1564                 }
1565                 break;
1566         case SSL_CTRL_SET_TMP_ECDH_CB:
1567                 {
1568                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1569                 return(ret);
1570                 }
1571                 break;
1572 #endif /* !OPENSSL_NO_ECDH */
1573         default:
1574                 break;
1575                 }
1576         return(ret);
1577         }
1578
1579 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
1580         {
1581         int ret=0;
1582
1583 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1584         if (
1585 #ifndef OPENSSL_NO_RSA
1586             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1587 #endif
1588 #ifndef OPENSSL_NO_DSA
1589             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1590 #endif
1591                 0)
1592                 {
1593                 if (!ssl_cert_inst(&s->cert))
1594                         {
1595                         SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
1596                         return(0);
1597                         }
1598                 }
1599 #endif
1600
1601         switch (cmd)
1602                 {
1603 #ifndef OPENSSL_NO_RSA
1604         case SSL_CTRL_SET_TMP_RSA_CB:
1605                 {
1606                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1607                 }
1608                 break;
1609 #endif
1610 #ifndef OPENSSL_NO_DH
1611         case SSL_CTRL_SET_TMP_DH_CB:
1612                 {
1613                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1614                 }
1615                 break;
1616 #endif
1617 #ifndef OPENSSL_NO_ECDH
1618         case SSL_CTRL_SET_TMP_ECDH_CB:
1619                 {
1620                 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
1621                 }
1622                 break;
1623 #endif
1624         default:
1625                 break;
1626                 }
1627         return(ret);
1628         }
1629
1630 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1631         {
1632         CERT *cert;
1633
1634         cert=ctx->cert;
1635
1636         switch (cmd)
1637                 {
1638 #ifndef OPENSSL_NO_RSA
1639         case SSL_CTRL_NEED_TMP_RSA:
1640                 if (    (cert->rsa_tmp == NULL) &&
1641                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1642                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
1643                         )
1644                         return(1);
1645                 else
1646                         return(0);
1647                 /* break; */
1648         case SSL_CTRL_SET_TMP_RSA:
1649                 {
1650                 RSA *rsa;
1651                 int i;
1652
1653                 rsa=(RSA *)parg;
1654                 i=1;
1655                 if (rsa == NULL)
1656                         i=0;
1657                 else
1658                         {
1659                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
1660                                 i=0;
1661                         }
1662                 if (!i)
1663                         {
1664                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
1665                         return(0);
1666                         }
1667                 else
1668                         {
1669                         if (cert->rsa_tmp != NULL)
1670                                 RSA_free(cert->rsa_tmp);
1671                         cert->rsa_tmp=rsa;
1672                         return(1);
1673                         }
1674                 }
1675                 /* break; */
1676         case SSL_CTRL_SET_TMP_RSA_CB:
1677                 {
1678                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1679                 return(0);
1680                 }
1681                 break;
1682 #endif
1683 #ifndef OPENSSL_NO_DH
1684         case SSL_CTRL_SET_TMP_DH:
1685                 {
1686                 DH *new=NULL,*dh;
1687
1688                 dh=(DH *)parg;
1689                 if ((new=DHparams_dup(dh)) == NULL)
1690                         {
1691                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1692                         return 0;
1693                         }
1694                 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1695                         {
1696                         if (!DH_generate_key(new))
1697                                 {
1698                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1699                                 DH_free(new);
1700                                 return 0;
1701                                 }
1702                         }
1703                 if (cert->dh_tmp != NULL)
1704                         DH_free(cert->dh_tmp);
1705                 cert->dh_tmp=new;
1706                 return 1;
1707                 }
1708                 /*break; */
1709         case SSL_CTRL_SET_TMP_DH_CB:
1710                 {
1711                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1712                 return(0);
1713                 }
1714                 break;
1715 #endif
1716 #ifndef OPENSSL_NO_ECDH
1717         case SSL_CTRL_SET_TMP_ECDH:
1718                 {
1719                 EC_KEY *ecdh = NULL;
1720                         
1721                 if (parg == NULL)
1722                         {
1723                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
1724                         return 0;
1725                         }
1726                 if (!EC_KEY_up_ref((EC_KEY *)parg))
1727                         {
1728                         SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
1729                         return 0;
1730                         }
1731                 ecdh = (EC_KEY *)parg;
1732                 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
1733                         {
1734                         if (!EC_KEY_generate_key(ecdh))
1735                                 {
1736                                 EC_KEY_free(ecdh);
1737                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
1738                                 return 0;
1739                                 }
1740                         }
1741
1742                 if (cert->ecdh_tmp != NULL)
1743                         {
1744                         EC_KEY_free(cert->ecdh_tmp);
1745                         }
1746                 cert->ecdh_tmp = ecdh;
1747                 return 1;
1748                 }
1749                 /* break; */
1750         case SSL_CTRL_SET_TMP_ECDH_CB:
1751                 {
1752                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1753                 return(0);
1754                 }
1755                 break;
1756 #endif /* !OPENSSL_NO_ECDH */
1757         /* A Thawte special :-) */
1758         case SSL_CTRL_EXTRA_CHAIN_CERT:
1759                 if (ctx->extra_certs == NULL)
1760                         {
1761                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1762                                 return(0);
1763                         }
1764                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
1765                 break;
1766
1767         default:
1768                 return(0);
1769                 }
1770         return(1);
1771         }
1772
1773 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
1774         {
1775         CERT *cert;
1776
1777         cert=ctx->cert;
1778
1779         switch (cmd)
1780                 {
1781 #ifndef OPENSSL_NO_RSA
1782         case SSL_CTRL_SET_TMP_RSA_CB:
1783                 {
1784                 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1785                 }
1786                 break;
1787 #endif
1788 #ifndef OPENSSL_NO_DH
1789         case SSL_CTRL_SET_TMP_DH_CB:
1790                 {
1791                 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1792                 }
1793                 break;
1794 #endif
1795 #ifndef OPENSSL_NO_ECDH
1796         case SSL_CTRL_SET_TMP_ECDH_CB:
1797                 {
1798                 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
1799                 }
1800                 break;
1801 #endif
1802         default:
1803                 return(0);
1804                 }
1805         return(1);
1806         }
1807
1808 /* This function needs to check if the ciphers required are actually
1809  * available */
1810 SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
1811         {
1812         static int init=1;
1813         static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
1814         SSL_CIPHER c,*cp= &c,**cpp;
1815         unsigned long id;
1816         int i;
1817
1818         if (init)
1819                 {
1820                 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
1821
1822                 if (init)
1823                         {
1824                         for (i=0; i<SSL3_NUM_CIPHERS; i++)
1825                                 sorted[i]= &(ssl3_ciphers[i]);
1826
1827                         qsort(sorted,
1828                                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1829                                 FP_ICC ssl_cipher_ptr_id_cmp);
1830
1831                         init=0;
1832                         }
1833                 
1834                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
1835                 }
1836
1837         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
1838         c.id=id;
1839         cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
1840                 (char *)sorted,
1841                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1842                 FP_ICC ssl_cipher_ptr_id_cmp);
1843         if ((cpp == NULL) || !(*cpp)->valid)
1844                 return(NULL);
1845         else
1846                 return(*cpp);
1847         }
1848
1849 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
1850         {
1851         long l;
1852
1853         if (p != NULL)
1854                 {
1855                 l=c->id;
1856                 if ((l & 0xff000000) != 0x03000000) return(0);
1857                 p[0]=((unsigned char)(l>> 8L))&0xFF;
1858                 p[1]=((unsigned char)(l     ))&0xFF;
1859                 }
1860         return(2);
1861         }
1862
1863 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
1864              STACK_OF(SSL_CIPHER) *srvr)
1865         {
1866         SSL_CIPHER *c,*ret=NULL;
1867         STACK_OF(SSL_CIPHER) *prio, *allow;
1868         int i,j,ok;
1869         CERT *cert;
1870         unsigned long alg,mask,emask;
1871
1872         /* Let's see which ciphers we can support */
1873         cert=s->cert;
1874
1875 #if 0
1876         /* Do not set the compare functions, because this may lead to a
1877          * reordering by "id". We want to keep the original ordering.
1878          * We may pay a price in performance during sk_SSL_CIPHER_find(),
1879          * but would have to pay with the price of sk_SSL_CIPHER_dup().
1880          */
1881         sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
1882         sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
1883 #endif
1884
1885 #ifdef CIPHER_DEBUG
1886         printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
1887         for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
1888             {
1889             c=sk_SSL_CIPHER_value(srvr,i);
1890             printf("%p:%s\n",c,c->name);
1891             }
1892         printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
1893         for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
1894             {
1895             c=sk_SSL_CIPHER_value(clnt,i);
1896             printf("%p:%s\n",c,c->name);
1897             }
1898 #endif
1899
1900         if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
1901             {
1902             prio = srvr;
1903             allow = clnt;
1904             }
1905         else
1906             {
1907             prio = clnt;
1908             allow = srvr;
1909             }
1910
1911         for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
1912                 {
1913                 c=sk_SSL_CIPHER_value(prio,i);
1914
1915                 ssl_set_cert_masks(cert,c);
1916                 mask=cert->mask;
1917                 emask=cert->export_mask;
1918                         
1919 #ifdef KSSL_DEBUG
1920                 printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
1921 #endif    /* KSSL_DEBUG */
1922
1923                 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1924 #ifndef OPENSSL_NO_KRB5
1925                 if (alg & SSL_KRB5) 
1926                         {
1927                         if ( !kssl_keytab_is_available(s->kssl_ctx) )
1928                             continue;
1929                         }
1930 #endif /* OPENSSL_NO_KRB5 */
1931                 if (SSL_C_IS_EXPORT(c))
1932                         {
1933                         ok=((alg & emask) == alg)?1:0;
1934 #ifdef CIPHER_DEBUG
1935                         printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
1936                                c,c->name);
1937 #endif
1938                         }
1939                 else
1940                         {
1941                         ok=((alg & mask) == alg)?1:0;
1942 #ifdef CIPHER_DEBUG
1943                         printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
1944                                c->name);
1945 #endif
1946                         }
1947
1948                 if (!ok) continue;
1949                 j=sk_SSL_CIPHER_find(allow,c);
1950                 if (j >= 0)
1951                         {
1952                         ret=sk_SSL_CIPHER_value(allow,j);
1953                         break;
1954                         }
1955                 }
1956         return(ret);
1957         }
1958
1959 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
1960         {
1961         int ret=0;
1962         unsigned long alg;
1963
1964         alg=s->s3->tmp.new_cipher->algorithms;
1965
1966 #ifndef OPENSSL_NO_DH
1967         if (alg & (SSL_kDHr|SSL_kEDH))
1968                 {
1969 #  ifndef OPENSSL_NO_RSA
1970                 p[ret++]=SSL3_CT_RSA_FIXED_DH;
1971 #  endif
1972 #  ifndef OPENSSL_NO_DSA
1973                 p[ret++]=SSL3_CT_DSS_FIXED_DH;
1974 #  endif
1975                 }
1976         if ((s->version == SSL3_VERSION) &&
1977                 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
1978                 {
1979 #  ifndef OPENSSL_NO_RSA
1980                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
1981 #  endif
1982 #  ifndef OPENSSL_NO_DSA
1983                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
1984 #  endif
1985                 }
1986 #endif /* !OPENSSL_NO_DH */
1987 #ifndef OPENSSL_NO_RSA
1988         p[ret++]=SSL3_CT_RSA_SIGN;
1989 #endif
1990 #ifndef OPENSSL_NO_DSA
1991         p[ret++]=SSL3_CT_DSS_SIGN;
1992 #endif
1993 #ifndef OPENSSL_NO_ECDH
1994         /* We should ask for fixed ECDH certificates only
1995          * for SSL_kECDH (and not SSL_kECDHE)
1996          */
1997         if ((alg & SSL_kECDH) && (s->version >= TLS1_VERSION))
1998                 {
1999                 p[ret++]=TLS_CT_RSA_FIXED_ECDH;
2000                 p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
2001                 }
2002 #endif
2003
2004 #ifndef OPENSSL_NO_ECDSA
2005         /* ECDSA certs can be used with RSA cipher suites as well 
2006          * so we don't need to check for SSL_kECDH or SSL_kECDHE
2007          */
2008         if (s->version >= TLS1_VERSION)
2009                 {
2010                 p[ret++]=TLS_CT_ECDSA_SIGN;
2011                 }
2012 #endif  
2013         return(ret);
2014         }
2015
2016 int ssl3_shutdown(SSL *s)
2017         {
2018
2019         /* Don't do anything much if we have not done the handshake or
2020          * we don't want to send messages :-) */
2021         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
2022                 {
2023                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
2024                 return(1);
2025                 }
2026
2027         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
2028                 {
2029                 s->shutdown|=SSL_SENT_SHUTDOWN;
2030 #if 1
2031                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
2032 #endif
2033                 /* our shutdown alert has been sent now, and if it still needs
2034                  * to be written, s->s3->alert_dispatch will be true */
2035                 }
2036         else if (s->s3->alert_dispatch)
2037                 {
2038                 /* resend it if not sent */
2039 #if 1
2040                 ssl3_dispatch_alert(s);
2041 #endif
2042                 }
2043         else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
2044                 {
2045                 /* If we are waiting for a close from our peer, we are closed */
2046                 ssl3_read_bytes(s,0,NULL,0,0);
2047                 }
2048
2049         if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
2050                 !s->s3->alert_dispatch)
2051                 return(1);
2052         else
2053                 return(0);
2054         }
2055
2056 int ssl3_write(SSL *s, const void *buf, int len)
2057         {
2058         int ret,n;
2059
2060 #if 0
2061         if (s->shutdown & SSL_SEND_SHUTDOWN)
2062                 {
2063                 s->rwstate=SSL_NOTHING;
2064                 return(0);
2065                 }
2066 #endif
2067         clear_sys_error();
2068         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
2069
2070         /* This is an experimental flag that sends the
2071          * last handshake message in the same packet as the first
2072          * use data - used to see if it helps the TCP protocol during
2073          * session-id reuse */
2074         /* The second test is because the buffer may have been removed */
2075         if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
2076                 {
2077                 /* First time through, we write into the buffer */
2078                 if (s->s3->delay_buf_pop_ret == 0)
2079                         {
2080                         ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
2081                                              buf,len);
2082                         if (ret <= 0) return(ret);
2083
2084                         s->s3->delay_buf_pop_ret=ret;
2085                         }
2086
2087                 s->rwstate=SSL_WRITING;
2088                 n=BIO_flush(s->wbio);
2089                 if (n <= 0) return(n);
2090                 s->rwstate=SSL_NOTHING;
2091
2092                 /* We have flushed the buffer, so remove it */
2093                 ssl_free_wbio_buffer(s);
2094                 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
2095
2096                 ret=s->s3->delay_buf_pop_ret;
2097                 s->s3->delay_buf_pop_ret=0;
2098                 }
2099         else
2100                 {
2101                 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
2102                                      buf,len);
2103                 if (ret <= 0) return(ret);
2104                 }
2105
2106         return(ret);
2107         }
2108
2109 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
2110         {
2111         int ret;
2112         
2113         clear_sys_error();
2114         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
2115         s->s3->in_read_app_data=1;
2116         ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
2117         if ((ret == -1) && (s->s3->in_read_app_data == 2))
2118                 {
2119                 /* ssl3_read_bytes decided to call s->handshake_func, which
2120                  * called ssl3_read_bytes to read handshake data.
2121                  * However, ssl3_read_bytes actually found application data
2122                  * and thinks that application data makes sense here; so disable
2123                  * handshake processing and try to read application data again. */
2124                 s->in_handshake++;
2125                 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
2126                 s->in_handshake--;
2127                 }
2128         else
2129                 s->s3->in_read_app_data=0;
2130
2131         return(ret);
2132         }
2133
2134 int ssl3_read(SSL *s, void *buf, int len)
2135         {
2136         return ssl3_read_internal(s, buf, len, 0);
2137         }
2138
2139 int ssl3_peek(SSL *s, void *buf, int len)
2140         {
2141         return ssl3_read_internal(s, buf, len, 1);
2142         }
2143
2144 int ssl3_renegotiate(SSL *s)
2145         {
2146         if (s->handshake_func == NULL)
2147                 return(1);
2148
2149         if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
2150                 return(0);
2151
2152         s->s3->renegotiate=1;
2153         return(1);
2154         }
2155
2156 int ssl3_renegotiate_check(SSL *s)
2157         {
2158         int ret=0;
2159
2160         if (s->s3->renegotiate)
2161                 {
2162                 if (    (s->s3->rbuf.left == 0) &&
2163                         (s->s3->wbuf.left == 0) &&
2164                         !SSL_in_init(s))
2165                         {
2166 /*
2167 if we are the server, and we have sent a 'RENEGOTIATE' message, we
2168 need to go to SSL_ST_ACCEPT.
2169 */
2170                         /* SSL_ST_ACCEPT */
2171                         s->state=SSL_ST_RENEGOTIATE;
2172                         s->s3->renegotiate=0;
2173                         s->s3->num_renegotiations++;
2174                         s->s3->total_renegotiations++;
2175                         ret=1;
2176                         }
2177                 }
2178         return(ret);
2179         }
2180