#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
-#include "cryptlib.h"
+#include <openssl/dh.h>
+#include <openssl/bn.h>
static SSL_METHOD *ssl3_get_client_method(int ver);
static int ssl3_client_hello(SSL *s);
p=s->s3->client_random;
Time=time(NULL); /* Time */
l2n(Time,p);
- RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+ RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);
/* Do the message type and length last */
d=p= &(buf[4]);
*(p++)=i;
if (i != 0)
{
- if (i > sizeof s->session->session_id)
+ if (i > (int)sizeof(s->session->session_id))
{
SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
goto err;
int al,i,ok,ret= -1;
unsigned long n,nc,llen,l;
X509 *x=NULL;
- unsigned char *p,*d,*q;
+ const unsigned char *q,*p;
+ unsigned char *d;
STACK_OF(X509) *sk=NULL;
SESS_CERT *sc;
EVP_PKEY *pkey=NULL;
SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
goto f_err;
}
- d=p=(unsigned char *)s->init_msg;
+ p=d=(unsigned char *)s->init_msg;
if ((sk=sk_X509_new_null()) == NULL)
{
unsigned long n,nc,l;
unsigned int llen,ctype_num,i;
X509_NAME *xn=NULL;
- unsigned char *p,*d,*q;
+ const unsigned char *p,*q;
+ unsigned char *d;
STACK_OF(X509_NAME) *ca_sk=NULL;
n=ssl3_get_message(s,
}
}
- d=p=(unsigned char *)s->init_msg;
+ p=d=(unsigned char *)s->init_msg;
if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL)
{
*(d++)=SSL3_MT_CERTIFICATE_VERIFY;
l2n3(n,d);
+ s->state=SSL3_ST_CW_CERT_VRFY_B;
s->init_num=(int)n+4;
s->init_off=0;
}
if (algs & SSL_kRSA)
{
if (rsa == NULL
- || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
+ || RSA_size(rsa)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
goto f_err;
if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
{
if (dh == NULL
- || DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
+ || DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
goto f_err;