really fix race conditions
[openssl.git] / ssl / s3_lib.c
index 76c499e..afc81a2 100644 (file)
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by 
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the Contribution as delivered hereunder 
+ * (or portions thereof), provided that such covenant shall not apply:
+ *  1) for code that a licensee deletes from the Contribution;
+ *  2) separates from the Contribution; or
+ *  3) for infringements caused by:
+ *       i) the modification of the Contribution or
+ *      ii) the combination of the  Contribution with other software or
+ *          devices where such combination causes the infringement.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
 
 #include <stdio.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
 #include <openssl/objects.h>
 #include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/md5.h>
 
 const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
 
@@ -129,7 +155,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL3_TXT_RSA_NULL_MD5,
        SSL3_CK_RSA_NULL_MD5,
        SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
-       SSL_NOT_EXP,
+       SSL_NOT_EXP|SSL_STRONG_NONE,
        0,
        0,
        0,
@@ -142,7 +168,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL3_TXT_RSA_NULL_SHA,
        SSL3_CK_RSA_NULL_SHA,
        SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
-       SSL_NOT_EXP,
+       SSL_NOT_EXP|SSL_STRONG_NONE,
        0,
        0,
        0,
@@ -170,7 +196,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL3_TXT_ADH_RC4_128_MD5,
        SSL3_CK_ADH_RC4_128_MD5,
        SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
-       SSL_NOT_EXP,
+       SSL_NOT_EXP|SSL_MEDIUM,
        0,
        128,
        128,
@@ -196,7 +222,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL3_TXT_ADH_DES_64_CBC_SHA,
        SSL3_CK_ADH_DES_64_CBC_SHA,
        SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
-       SSL_NOT_EXP,
+       SSL_NOT_EXP|SSL_LOW,
        0,
        56,
        56,
@@ -209,7 +235,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL3_TXT_ADH_DES_192_CBC_SHA,
        SSL3_CK_ADH_DES_192_CBC_SHA,
        SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-       SSL_NOT_EXP,
+       SSL_NOT_EXP|SSL_HIGH,
        0,
        168,
        168,
@@ -490,7 +516,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL3_TXT_FZA_DMS_NULL_SHA,
        SSL3_CK_FZA_DMS_NULL_SHA,
        SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
-       SSL_NOT_EXP,
+       SSL_NOT_EXP|SSL_STRONG_NONE,
        0,
        0,
        0,
@@ -504,7 +530,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL3_TXT_FZA_DMS_FZA_SHA,
        SSL3_CK_FZA_DMS_FZA_SHA,
        SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
-       SSL_NOT_EXP,
+       SSL_NOT_EXP|SSL_STRONG_NONE,
        0,
        0,
        0,
@@ -518,7 +544,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL3_TXT_FZA_DMS_RC4_SHA,
        SSL3_CK_FZA_DMS_RC4_SHA,
        SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
-       SSL_NOT_EXP,
+       SSL_NOT_EXP|SSL_MEDIUM,
        0,
        128,
        128,
@@ -526,7 +552,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL_ALL_STRENGTHS,
        },
 
-#ifndef NO_KRB5
+#ifndef OPENSSL_NO_KRB5
 /* The Kerberos ciphers
 ** 20000107 VRS: And the first shall be last,
 ** in hopes of avoiding the lynx ssl renegotiation problem.
@@ -614,7 +640,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        SSL_ALL_CIPHERS,
        SSL_ALL_STRENGTHS,
        },
-#endif /* NO_KRB5 */
+#endif /* OPENSSL_NO_KRB5 */
 
 
 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
@@ -703,7 +729,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
            TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
            TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
            SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
-           SSL_NOT_EXP,
+           SSL_NOT_EXP|SSL_MEDIUM,
            0,
            128,
            128,
@@ -871,6 +897,356 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
            SSL_ALL_STRENGTHS,
            },
 
+#ifndef OPENSSL_NO_ECDH
+       /* Cipher 47 */
+           {
+            1,
+            TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
+            TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
+            SSL_kECDH|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP,
+            0,
+            0,
+            0,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 48 */
+           {
+            1,
+            TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
+            TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
+            SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 49 */
+           {
+            1,
+            TLS1_TXT_ECDH_ECDSA_WITH_DES_CBC_SHA,
+            TLS1_CK_ECDH_ECDSA_WITH_DES_CBC_SHA,
+            SSL_kECDH|SSL_aECDSA|SSL_DES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_LOW,
+            0,
+            56,
+            56,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 4A */
+           {
+            1,
+            TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+            TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+            SSL_kECDH|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH,
+            0,
+            168,
+            168,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 4B */
+           {
+            1,
+            TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+            TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+            SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 4C */
+           {
+            1,
+            TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+            TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+            SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH,
+            0,
+            256,
+            256,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 5B */
+       /* XXX NOTE: The ECC/TLS draft has a bug and reuses 4B for this */
+           {
+            1,
+            TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
+            TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
+            SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP40,
+            0,
+            40,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 5C */
+       /* XXX NOTE: The ECC/TLS draft has a bug and reuses 4C for this */
+           {
+            1,
+            TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
+            TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
+            SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP56,
+            0,
+            56,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 4D */
+           {
+            1,
+            TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
+            TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
+            SSL_kECDH|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP,
+            0,
+            0,
+            0,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 4E */
+           {
+            1,
+            TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
+            TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
+            SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 4F */
+           {
+            1,
+            TLS1_TXT_ECDH_RSA_WITH_DES_CBC_SHA,
+            TLS1_CK_ECDH_RSA_WITH_DES_CBC_SHA,
+            SSL_kECDH|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_LOW,
+            0,
+            56,
+            56,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 50 */
+           {
+            1,
+            TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+            TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+            SSL_kECDH|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH,
+            0,
+            168,
+            168,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 51 */
+           {
+            1,
+            TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
+            TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
+            SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 52 */
+           {
+            1,
+            TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
+            TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
+            SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH,
+            0,
+            256,
+            256,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 53 */
+           {
+            1,
+            TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
+            TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
+            SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP40,
+            0,
+            40,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 54 */
+           {
+            1,
+            TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
+            TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
+            SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP56,
+            0,
+            56,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 55 */
+            {
+            1,
+            TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
+            TLS1_CK_ECDH_anon_WITH_NULL_SHA,
+            SSL_kECDHE|SSL_aNULL|SSL_eNULL|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP,
+            0,
+            0,
+            0,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+           },
+
+       /* Cipher 56 */
+            {
+            1,
+            TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
+            TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
+            SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+           },
+
+       /* Cipher 57 */
+           {
+            1,
+            TLS1_TXT_ECDH_anon_WITH_DES_CBC_SHA,
+            TLS1_CK_ECDH_anon_WITH_DES_CBC_SHA,
+            SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_LOW,
+            0,
+            56,
+            56,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 58 */
+           {
+            1,
+            TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
+            TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
+            SSL_kECDHE|SSL_aNULL|SSL_3DES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH,
+            0,
+            168,
+            168,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 59 */
+           {
+            1,
+            TLS1_TXT_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
+            TLS1_CK_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
+            SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP40,
+            0,
+            40,
+            56,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 5A */
+           {
+            1,
+            TLS1_TXT_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
+            TLS1_CK_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
+            SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP40,
+            0,
+            40,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 77 XXX: ECC ciphersuites offering forward secrecy
+        * are not yet specified in the ECC/TLS draft but our code
+        * allows them to be implemented very easily. To add such
+        * a cipher suite, one needs to add two constant definitions
+        * to tls1.h and a new structure in this file as shown below. We 
+        * illustrate the process for the made-up cipher
+        * ECDHE-ECDSA-AES128-SHA.
+        */
+           {
+            1,
+            TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+            TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+            SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+       /* Cipher 78 XXX: Another made-up ECC cipher suite that
+        * offers forward secrecy (ECDHE-RSA-AES128-SHA).
+        */
+           {
+            1,
+            TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+            TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+            SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+#endif /* !OPENSSL_NO_ECDH */
+
 /* end of list */
        };
 
@@ -943,6 +1319,9 @@ SSL_CIPHER *ssl3_get_cipher(unsigned int u)
 
 int ssl3_pending(SSL *s)
        {
+       if (s->rstate == SSL_ST_READ_BODY)
+               return 0;
+       
        return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
        }
 
@@ -952,6 +1331,8 @@ int ssl3_new(SSL *s)
 
        if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
        memset(s3,0,sizeof *s3);
+       EVP_MD_CTX_init(&s3->finish_dgst1);
+       EVP_MD_CTX_init(&s3->finish_dgst2);
 
        s->s3=s3;
 
@@ -973,12 +1354,19 @@ void ssl3_free(SSL *s)
                OPENSSL_free(s->s3->wbuf.buf);
        if (s->s3->rrec.comp != NULL)
                OPENSSL_free(s->s3->rrec.comp);
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
        if (s->s3->tmp.dh != NULL)
                DH_free(s->s3->tmp.dh);
 #endif
+#ifndef OPENSSL_NO_ECDH
+       if (s->s3->tmp.ecdh != NULL)
+               EC_KEY_free(s->s3->tmp.ecdh);
+#endif
+
        if (s->s3->tmp.ca_names != NULL)
                sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+       EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
+       EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
        memset(s->s3,0,sizeof *s->s3);
        OPENSSL_free(s->s3);
        s->s3=NULL;
@@ -987,6 +1375,7 @@ void ssl3_free(SSL *s)
 void ssl3_clear(SSL *s)
        {
        unsigned char *rp,*wp;
+       size_t rlen, wlen;
 
        ssl3_cleanup_key_block(s);
        if (s->s3->tmp.ca_names != NULL)
@@ -997,17 +1386,28 @@ void ssl3_clear(SSL *s)
                OPENSSL_free(s->s3->rrec.comp);
                s->s3->rrec.comp=NULL;
                }
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
        if (s->s3->tmp.dh != NULL)
                DH_free(s->s3->tmp.dh);
 #endif
+#ifndef OPENSSL_NO_ECDH
+       if (s->s3->tmp.ecdh != NULL)
+               EC_KEY_free(s->s3->tmp.ecdh);
+#endif
+
+       rp = s->s3->rbuf.buf;
+       wp = s->s3->wbuf.buf;
+       rlen = s->s3->rbuf.len;
+       wlen = s->s3->wbuf.len;
 
-       rp=s->s3->rbuf.buf;
-       wp=s->s3->wbuf.buf;
+       EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
+       EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
 
        memset(s->s3,0,sizeof *s->s3);
-       if (rp != NULL) s->s3->rbuf.buf=rp;
-       if (wp != NULL) s->s3->wbuf.buf=wp;
+       s->s3->rbuf.buf = rp;
+       s->s3->wbuf.buf = wp;
+       s->s3->rbuf.len = rlen;
+       s->s3->wbuf.len = wlen;
 
        ssl_free_wbio_buffer(s);
 
@@ -1019,17 +1419,17 @@ void ssl3_clear(SSL *s)
        s->version=SSL3_VERSION;
        }
 
-long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
+long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
        {
        int ret=0;
 
-#if !defined(NO_DSA) || !defined(NO_RSA)
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
        if (
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
            cmd == SSL_CTRL_SET_TMP_RSA ||
            cmd == SSL_CTRL_SET_TMP_RSA_CB ||
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
            cmd == SSL_CTRL_SET_TMP_DH ||
            cmd == SSL_CTRL_SET_TMP_DH_CB ||
 #endif
@@ -1063,7 +1463,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
        case SSL_CTRL_GET_FLAGS:
                ret=(int)(s->s3->flags);
                break;
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
        case SSL_CTRL_NEED_TMP_RSA:
                if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
                    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
@@ -1096,7 +1496,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
                }
                break;
 #endif
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
        case SSL_CTRL_SET_TMP_DH:
                {
                        DH *dh = (DH *)parg;
@@ -1132,6 +1532,44 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
                }
                break;
 #endif
+#ifndef OPENSSL_NO_ECDH
+       case SSL_CTRL_SET_TMP_ECDH:
+               {
+               EC_KEY *ecdh = NULL;
+                       
+               if (parg == NULL)
+                       {
+                       SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+                       return(ret);
+                       }
+               if (!EC_KEY_up_ref((EC_KEY *)parg))
+                       {
+                       SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
+                       return(ret);
+                       }
+               ecdh = (EC_KEY *)parg;
+               if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
+                       {
+                       if (!EC_KEY_generate_key(ecdh))
+                               {
+                               EC_KEY_free(ecdh);
+                               SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
+                               return(ret);
+                               }
+                       }
+               if (s->cert->ecdh_tmp != NULL)
+                       EC_KEY_free(s->cert->ecdh_tmp);
+               s->cert->ecdh_tmp = ecdh;
+               ret = 1;
+               }
+               break;
+       case SSL_CTRL_SET_TMP_ECDH_CB:
+               {
+               SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+               return(ret);
+               }
+               break;
+#endif /* !OPENSSL_NO_ECDH */
        default:
                break;
                }
@@ -1142,12 +1580,12 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
        {
        int ret=0;
 
-#if !defined(NO_DSA) || !defined(NO_RSA)
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
        if (
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
            cmd == SSL_CTRL_SET_TMP_RSA_CB ||
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
            cmd == SSL_CTRL_SET_TMP_DH_CB ||
 #endif
                0)
@@ -1162,19 +1600,26 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
 
        switch (cmd)
                {
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
        case SSL_CTRL_SET_TMP_RSA_CB:
                {
                s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
                }
                break;
 #endif
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
        case SSL_CTRL_SET_TMP_DH_CB:
                {
                s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
                }
                break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+       case SSL_CTRL_SET_TMP_ECDH_CB:
+               {
+               s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+               }
+               break;
 #endif
        default:
                break;
@@ -1182,7 +1627,7 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
        return(ret);
        }
 
-long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
+long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
        {
        CERT *cert;
 
@@ -1190,7 +1635,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
 
        switch (cmd)
                {
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
        case SSL_CTRL_NEED_TMP_RSA:
                if (    (cert->rsa_tmp == NULL) &&
                        ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
@@ -1235,7 +1680,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
                }
                break;
 #endif
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
        case SSL_CTRL_SET_TMP_DH:
                {
                DH *new=NULL,*dh;
@@ -1268,6 +1713,47 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
                }
                break;
 #endif
+#ifndef OPENSSL_NO_ECDH
+       case SSL_CTRL_SET_TMP_ECDH:
+               {
+               EC_KEY *ecdh = NULL;
+                       
+               if (parg == NULL)
+                       {
+                       SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
+                       return 0;
+                       }
+               if (!EC_KEY_up_ref((EC_KEY *)parg))
+                       {
+                       SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
+                       return 0;
+                       }
+               ecdh = (EC_KEY *)parg;
+               if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
+                       {
+                       if (!EC_KEY_generate_key(ecdh))
+                               {
+                               EC_KEY_free(ecdh);
+                               SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
+                               return 0;
+                               }
+                       }
+
+               if (cert->ecdh_tmp != NULL)
+                       {
+                       EC_KEY_free(cert->ecdh_tmp);
+                       }
+               cert->ecdh_tmp = ecdh;
+               return 1;
+               }
+               /* break; */
+       case SSL_CTRL_SET_TMP_ECDH_CB:
+               {
+               SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+               return(0);
+               }
+               break;
+#endif /* !OPENSSL_NO_ECDH */
        /* A Thawte special :-) */
        case SSL_CTRL_EXTRA_CHAIN_CERT:
                if (ctx->extra_certs == NULL)
@@ -1292,19 +1778,26 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
 
        switch (cmd)
                {
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
        case SSL_CTRL_SET_TMP_RSA_CB:
                {
                cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
                }
                break;
 #endif
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
        case SSL_CTRL_SET_TMP_DH_CB:
                {
                cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
                }
                break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+       case SSL_CTRL_SET_TMP_ECDH_CB:
+               {
+               cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+               }
+               break;
 #endif
        default:
                return(0);
@@ -1326,16 +1819,19 @@ SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
                {
                CRYPTO_w_lock(CRYPTO_LOCK_SSL);
 
-               for (i=0; i<SSL3_NUM_CIPHERS; i++)
-                       sorted[i]= &(ssl3_ciphers[i]);
+               if (init)
+                       {
+                       for (i=0; i<SSL3_NUM_CIPHERS; i++)
+                               sorted[i]= &(ssl3_ciphers[i]);
 
-               qsort(  (char *)sorted,
-                       SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-                       FP_ICC ssl_cipher_ptr_id_cmp);
+                       qsort(sorted,
+                               SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+                               FP_ICC ssl_cipher_ptr_id_cmp);
 
+                       init=0;
+                       }
+               
                CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-
-               init=0;
                }
 
        id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
@@ -1425,6 +1921,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 #endif    /* KSSL_DEBUG */
 
                alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
+#ifndef OPENSSL_NO_KRB5
+                if (alg & SSL_KRB5) 
+                        {
+                        if ( !kssl_keytab_is_available(s->kssl_ctx) )
+                            continue;
+                        }
+#endif /* OPENSSL_NO_KRB5 */
                if (SSL_C_IS_EXPORT(c))
                        {
                        ok=((alg & emask) == alg)?1:0;
@@ -1443,7 +1946,6 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
                        }
 
                if (!ok) continue;
-       
                j=sk_SSL_CIPHER_find(allow,c);
                if (j >= 0)
                        {
@@ -1461,33 +1963,53 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
 
        alg=s->s3->tmp.new_cipher->algorithms;
 
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
        if (alg & (SSL_kDHr|SSL_kEDH))
                {
-#  ifndef NO_RSA
+#  ifndef OPENSSL_NO_RSA
                p[ret++]=SSL3_CT_RSA_FIXED_DH;
 #  endif
-#  ifndef NO_DSA
+#  ifndef OPENSSL_NO_DSA
                p[ret++]=SSL3_CT_DSS_FIXED_DH;
 #  endif
                }
        if ((s->version == SSL3_VERSION) &&
                (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
                {
-#  ifndef NO_RSA
+#  ifndef OPENSSL_NO_RSA
                p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
 #  endif
-#  ifndef NO_DSA
+#  ifndef OPENSSL_NO_DSA
                p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
 #  endif
                }
-#endif /* !NO_DH */
-#ifndef NO_RSA
+#endif /* !OPENSSL_NO_DH */
+#ifndef OPENSSL_NO_RSA
        p[ret++]=SSL3_CT_RSA_SIGN;
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
        p[ret++]=SSL3_CT_DSS_SIGN;
 #endif
+#ifndef OPENSSL_NO_ECDH
+       /* We should ask for fixed ECDH certificates only
+        * for SSL_kECDH (and not SSL_kECDHE)
+        */
+       if ((alg & SSL_kECDH) && (s->version >= TLS1_VERSION))
+               {
+               p[ret++]=TLS_CT_RSA_FIXED_ECDH;
+               p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
+               }
+#endif
+
+#ifndef OPENSSL_NO_ECDSA
+       /* ECDSA certs can be used with RSA cipher suites as well 
+        * so we don't need to check for SSL_kECDH or SSL_kECDHE
+        */
+       if (s->version >= TLS1_VERSION)
+               {
+               p[ret++]=TLS_CT_ECDSA_SIGN;
+               }
+#endif 
        return(ret);
        }
 
@@ -1592,13 +2114,12 @@ static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
        if (s->s3->renegotiate) ssl3_renegotiate_check(s);
        s->s3->in_read_app_data=1;
        ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
-       if ((ret == -1) && (s->s3->in_read_app_data == 0))
+       if ((ret == -1) && (s->s3->in_read_app_data == 2))
                {
                /* ssl3_read_bytes decided to call s->handshake_func, which
                 * called ssl3_read_bytes to read handshake data.
                 * However, ssl3_read_bytes actually found application data
-                * and thinks that application data makes sense here (signalled
-                * by resetting 'in_read_app_data', strangely); so disable
+                * and thinks that application data makes sense here; so disable
                 * handshake processing and try to read application data again. */
                s->in_handshake++;
                ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
@@ -1615,7 +2136,7 @@ int ssl3_read(SSL *s, void *buf, int len)
        return ssl3_read_internal(s, buf, len, 0);
        }
 
-int ssl3_peek(SSL *s, char *buf, int len)
+int ssl3_peek(SSL *s, void *buf, int len)
        {
        return ssl3_read_internal(s, buf, len, 1);
        }