*/
#include <stdio.h>
-#include "buffer.h"
-#include "rand.h"
-#include "objects.h"
-#include "evp.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/md5.h>
+#include <openssl/sha.h>
+#include <openssl/evp.h>
#include "ssl_locl.h"
-#define BREAK break
-/* SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_SERVER_DONE,ERR_R_MALLOC_FAILURE);
-SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
- */
-
-#ifndef NOPROTO
static SSL_METHOD *ssl3_get_client_method(int ver);
static int ssl3_client_hello(SSL *s);
static int ssl3_get_server_hello(SSL *s);
static int ssl3_get_key_exchange(SSL *s);
static int ssl3_get_server_certificate(SSL *s);
static int ssl3_check_cert_and_algorithm(SSL *s);
-#else
-static SSL_METHOD *ssl3_get_client_method();
-static int ssl3_client_hello();
-static int ssl3_get_server_hello();
-static int ssl3_get_certificate_request();
-static int ca_dn_cmp();
-static int ssl3_get_server_done();
-static int ssl3_send_client_verify();
-static int ssl3_send_client_certificate();
-static int ssl3_send_client_key_exchange();
-static int ssl3_get_key_exchange();
-static int ssl3_get_server_certificate();
-static int ssl3_check_cert_and_algorithm();
-#endif
-
static SSL_METHOD *ssl3_get_client_method(int ver)
{
if (ver == SSL3_VERSION)
int al,i,j,param_len,ok;
long n,alg;
EVP_PKEY *pkey=NULL;
+#ifndef NO_RSA
RSA *rsa=NULL;
+#endif
#ifndef NO_DH
DH *dh=NULL;
#endif
static int ssl3_send_client_key_exchange(SSL *s)
{
- unsigned char *p,*q,*d;
+ unsigned char *p,*d;
int n;
unsigned long l;
+#ifndef NO_RSA
+ unsigned char *q;
EVP_PKEY *pkey=NULL;
+#endif
if (s->state == SSL3_ST_CW_KEY_EXCH_A)
{
unsigned char *p,*d;
unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
EVP_PKEY *pkey;
+#ifndef NO_RSA
int i=0;
+#endif
unsigned long n;
#ifndef NO_DSA
int j;
long algs;
EVP_PKEY *pkey=NULL;
CERT *c;
+#ifndef NO_RSA
RSA *rsa;
+#endif
+#ifndef NO_DH
DH *dh;
+#endif
c=s->session->cert;
if (algs & (SSL_aDH|SSL_aNULL))
return(1);
+#ifndef NO_RSA
rsa=s->session->cert->rsa_tmp;
+#endif
+#ifndef NO_DH
dh=s->session->cert->dh_tmp;
+#endif
/* This is the passed certificate */
goto f_err;
}
#endif
-
+#ifndef NO_RSA
if ((algs & SSL_kRSA) &&
!(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
goto f_err;
}
+#endif
#ifndef NO_DH
- else if ((algs & SSL_kEDH) &&
+ if ((algs & SSL_kEDH) &&
!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);