* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/krb5_asn.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
#include <openssl/md5.h>
static SSL_METHOD *ssl3_get_server_method(int ver);
{
BUF_MEM *buf;
unsigned long l,Time=time(NULL);
- void (*cb)()=NULL;
+ void (*cb)(const SSL *ssl,int type,int val)=NULL;
long num1;
int ret= -1;
int new_state,state,skip=0;
- int got_new_session=0;
RAND_add(&Time,sizeof(Time),0);
ERR_clear_error();
cb=s->ctx->info_callback;
/* init things to blank */
- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
if (s->cert == NULL)
{
s->shutdown=0;
ret=ssl3_get_client_hello(s);
if (ret <= 0) goto end;
- got_new_session=1;
+ s->new_session = 2;
s->state=SSL3_ST_SW_SRVR_HELLO_A;
s->init_num=0;
break;
s->init_num=0;
- if (got_new_session) /* skipped if we just sent a HelloRequest */
+ if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
{
/* actually not necessarily a 'new' session unless
* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
end:
/* BIO_flush(s->wbio); */
+ s->in_handshake--;
if (cb != NULL)
cb(s,SSL_CB_ACCEPT_EXIT,ret);
- s->in_handshake--;
return(ret);
}
&ok);
if (!ok) return((int)n);
- d=p=(unsigned char *)s->init_buf->data;
+ d=p=(unsigned char *)s->init_msg;
/* use version from inside client hello, not from record header
* (may differ: see RFC 2246, Appendix E, second paragraph) */
s->client_version=(((int)p[0])<<8)|(int)p[1];
p+=2;
+ if (s->client_version < s->version)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
+ if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
+ {
+ /* similar to ssl3_get_record, send alert using remote version number */
+ s->version = s->client_version;
+ }
+ al = SSL_AD_PROTOCOL_VERSION;
+ goto f_err;
+ }
+
/* load the client random */
memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
p+=SSL3_RANDOM_SIZE;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
goto f_err;
}
- if ((i+p) > (d+n))
+ if ((p+i) >= (d+n))
{
/* not enough data */
al=SSL_AD_DECODE_ERROR;
/* compression */
i= *(p++);
+ if ((p+i) > (d+n))
+ {
+ /* not enough data */
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
q=p;
for (j=0; j<i; j++)
{
/* TLS does not mind if there is extra stuff */
if (s->version == SSL3_VERSION)
{
- if (p > (d+n))
+ if (p < (d+n))
{
/* wrong number of bytes,
* there could be more to follow */
j=0;
for (num=2; num > 0; num--)
{
- EVP_DigestInit(&md_ctx,(num == 2)
- ?s->ctx->md5:s->ctx->sha1);
+ EVP_DigestInit_ex(&md_ctx,(num == 2)
+ ?s->ctx->md5:s->ctx->sha1, NULL);
EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx,&(d[4]),n);
- EVP_DigestFinal(&md_ctx,q,
+ EVP_DigestFinal_ex(&md_ctx,q,
(unsigned int *)&i);
q+=i;
j+=i;
if (pkey->type == EVP_PKEY_DSA)
{
/* lets do DSS */
- EVP_SignInit(&md_ctx,EVP_dss1());
+ EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL);
EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
EVP_SignUpdate(&md_ctx,&(d[4]),n);
&ok);
if (!ok) return((int)n);
- p=(unsigned char *)s->init_buf->data;
+ p=(unsigned char *)s->init_msg;
l=s->s3->tmp.new_cipher->algorithms;
krb5_timestamp authtime = 0;
krb5_ticket_times ttimes;
+ EVP_CIPHER_CTX_init(&ciph_ctx);
+
if (!kssl_ctx) kssl_ctx = kssl_ctx_new();
n2s(p,i);
enc_ticket.length = i;
- enc_ticket.data = p;
+ enc_ticket.data = (char *)p;
p+=enc_ticket.length;
n2s(p,i);
authenticator.length = i;
- authenticator.data = p;
+ authenticator.data = (char *)p;
p+=authenticator.length;
n2s(p,i);
enc_pms.length = i;
- enc_pms.data = p;
+ enc_pms.data = (char *)p;
p+=enc_pms.length;
- if ((unsigned long)n != enc_ticket.length + authenticator.length +
+ if (n != enc_ticket.length + authenticator.length +
enc_pms.length + 6)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */
- if (!EVP_DecryptInit(&ciph_ctx,enc,kssl_ctx->key,iv))
+ if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DECRYPTION_FAILED);
goto err;
}
if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl,
- enc_pms.data, enc_pms.length))
+ (unsigned char *)enc_pms.data, enc_pms.length))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DECRYPTION_FAILED);
SSL_R_DATA_LENGTH_TOO_LONG);
goto err;
}
- if (!EVP_DecryptFinal(&ciph_ctx,&(pms[outl]),&padl))
+ if (!EVP_DecryptFinal_ex(&ciph_ctx,&(pms[outl]),&padl))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DECRYPTION_FAILED);
}
/* we now have a signature that we need to verify */
- p=(unsigned char *)s->init_buf->data;
+ p=(unsigned char *)s->init_msg;
n2s(p,i);
n-=2;
if (i > n)
SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
goto f_err;
}
- d=p=(unsigned char *)s->init_buf->data;
+ d=p=(unsigned char *)s->init_msg;
if ((sk=sk_X509_new_null()) == NULL)
{