#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
+#include <openssl/rand.h>
const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT;
/* The DH ciphers */
/* Cipher 0B */
{
- 1,
+ 0,
SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
SSL3_CK_DH_DSS_DES_40_CBC_SHA,
SSL_kDHd,
/* Cipher 0E */
{
- 1,
+ 0,
SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
SSL3_CK_DH_RSA_DES_40_CBC_SHA,
SSL_kDHr,
#endif
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- BIO_free(s->s3->handshake_buffer);
- if (s->s3->handshake_dgst)
- ssl3_free_digest_list(s);
-#ifndef OPENSSL_NO_TLSEXT
+ OPENSSL_free(s->s3->tmp.ciphers_raw);
+ OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
+ OPENSSL_free(s->s3->tmp.peer_sigalgs);
+ ssl3_free_digest_list(s);
OPENSSL_free(s->s3->alpn_selected);
-#endif
#ifndef OPENSSL_NO_SRP
SSL_SRP_CTX_free(s);
ssl3_cleanup_key_block(s);
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+ OPENSSL_free(s->s3->tmp.ciphers_raw);
+ s->s3->tmp.ciphers_raw = NULL;
+ OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
+ s->s3->tmp.pms = NULL;
+ OPENSSL_free(s->s3->tmp.peer_sigalgs);
+ s->s3->tmp.peer_sigalgs = NULL;
#ifndef OPENSSL_NO_DH
DH_free(s->s3->tmp.dh);
#ifndef OPENSSL_NO_EC
EC_KEY_free(s->s3->tmp.ecdh);
s->s3->tmp.ecdh = NULL;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_EC
s->s3->is_probably_safari = 0;
-# endif /* !OPENSSL_NO_EC */
-#endif /* !OPENSSL_NO_TLSEXT */
+#endif /* !OPENSSL_NO_EC */
init_extra = s->s3->init_extra;
- BIO_free(s->s3->handshake_buffer);
- s->s3->handshake_buffer = NULL;
- if (s->s3->handshake_dgst) {
- ssl3_free_digest_list(s);
- }
-#if !defined(OPENSSL_NO_TLSEXT)
+ ssl3_free_digest_list(s);
+
if (s->s3->alpn_selected) {
- free(s->s3->alpn_selected);
+ OPENSSL_free(s->s3->alpn_selected);
s->s3->alpn_selected = NULL;
}
-#endif
+
memset(s->s3, 0, sizeof(*s->s3));
s->s3->init_extra = init_extra;
s->s3->in_read_app_data = 0;
s->version = SSL3_VERSION;
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+#if !defined(OPENSSL_NO_NEXTPROTONEG)
OPENSSL_free(s->next_proto_negotiated);
s->next_proto_negotiated = NULL;
s->next_proto_negotiated_len = 0;
return (ret);
}
#endif /* !OPENSSL_NO_EC */
-#ifndef OPENSSL_NO_TLSEXT
case SSL_CTRL_SET_TLSEXT_HOSTNAME:
if (larg == TLSEXT_NAMETYPE_host_name) {
OPENSSL_free(s->tlsext_hostname);
ret = 1;
break;
-# ifndef OPENSSL_NO_HEARTBEATS
+#ifndef OPENSSL_NO_HEARTBEATS
case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
if (SSL_IS_DTLS(s))
ret = dtls1_heartbeat(s);
s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
ret = 1;
break;
-# endif
-
-#endif /* !OPENSSL_NO_TLSEXT */
+#endif
case SSL_CTRL_CHAIN:
if (larg)
if (SSL_USE_SIGALGS(s)) {
if (s->session && s->session->sess_cert) {
const EVP_MD *sig;
- sig = s->session->sess_cert->peer_key->digest;
+ sig = s->s3->tmp.peer_md;
if (sig) {
*(int *)parg = EVP_MD_type(sig);
return 1;
}
break;
#endif
-#ifndef OPENSSL_NO_TLSEXT
case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
s->tlsext_debug_cb = (void (*)(SSL *, int, int,
unsigned char *, int, void *))fp;
break;
-#endif
+
case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
{
s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
return (0);
}
#endif /* !OPENSSL_NO_EC */
-#ifndef OPENSSL_NO_TLSEXT
case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
ctx->tlsext_servername_arg = parg;
break;
ctx->tlsext_status_arg = parg;
return 1;
-# ifndef OPENSSL_NO_SRP
+#ifndef OPENSSL_NO_SRP
case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
ctx->srp_ctx.srp_Mask |= SSL_kSRP;
OPENSSL_free(ctx->srp_ctx.login);
case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
ctx->srp_ctx.strength = larg;
break;
-# endif
+#endif
-# ifndef OPENSSL_NO_EC
+#ifndef OPENSSL_NO_EC
case SSL_CTRL_SET_CURVES:
return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
&ctx->tlsext_ellipticcurvelist_length,
return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
&ctx->tlsext_ellipticcurvelist_length,
parg);
-# ifndef OPENSSL_NO_EC
case SSL_CTRL_SET_ECDH_AUTO:
ctx->cert->ecdh_tmp_auto = larg;
return 1;
-# endif
-# endif
+#endif
case SSL_CTRL_SET_SIGALGS:
return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
case SSL_CTRL_SET_CHAIN_CERT_STORE:
return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
-#endif /* !OPENSSL_NO_TLSEXT */
-
/* A Thawte special :-) */
case SSL_CTRL_EXTRA_CHAIN_CERT:
if (ctx->extra_certs == NULL) {
}
break;
#endif
-#ifndef OPENSSL_NO_TLSEXT
case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
break;
HMAC_CTX *, int))fp;
break;
-# ifndef OPENSSL_NO_SRP
+#ifndef OPENSSL_NO_SRP
case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
ctx->srp_ctx.srp_Mask |= SSL_kSRP;
ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
(char *(*)(SSL *, void *))fp;
break;
-# endif
#endif
case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
{
SSL_CIPHER *c, *ret = NULL;
STACK_OF(SSL_CIPHER) *prio, *allow;
int i, ii, ok;
- CERT *cert;
unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
/* Let's see which ciphers we can support */
- cert = s->cert;
#if 0
/*
if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s))
continue;
- ssl_set_cert_masks(cert, c);
- mask_k = cert->mask_k;
- mask_a = cert->mask_a;
- emask_k = cert->export_mask_k;
- emask_a = cert->export_mask_a;
+ ssl_set_masks(s, c);
+ mask_k = s->s3->tmp.mask_k;
+ mask_a = s->s3->tmp.mask_a;
+ emask_k = s->s3->tmp.export_mask_k;
+ emask_a = s->s3->tmp.export_mask_a;
#ifndef OPENSSL_NO_SRP
if (s->srp_ctx.srp_Mask & SSL_kSRP) {
mask_k |= SSL_kSRP;
#endif
}
-#ifndef OPENSSL_NO_TLSEXT
# ifndef OPENSSL_NO_EC
/*
* if we are considering an ECC cipher suite that uses an ephemeral
if (alg_k & SSL_kECDHE)
ok = ok && tls1_check_ec_tmp_key(s, c->id);
# endif /* OPENSSL_NO_EC */
-#endif /* OPENSSL_NO_TLSEXT */
if (!ok)
continue;
if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
c->strength_bits, 0, c))
continue;
-#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
+#if !defined(OPENSSL_NO_EC)
if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
&& s->s3->is_probably_safari) {
if (!ret)
return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
return alg2;
}
+
+/*
+ * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
+ * failure, 1 on success.
+ */
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
+{
+ int send_time = 0;
+
+ if (len < 4)
+ return 0;
+ if (server)
+ send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
+ else
+ send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
+ if (send_time) {
+ unsigned long Time = (unsigned long)time(NULL);
+ unsigned char *p = result;
+ l2n(Time, p);
+ return RAND_bytes(p, len - 4);
+ } else
+ return RAND_bytes(result, len);
+}