X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs23_lib.c;h=0c799418b13f8184e6b92fe5c97daf5a25780129;hp=bcfda91fe50c620344151b9b5699eb3f5fd23fba;hb=259c360d0b4faad28c89c97352291219903ee3c5;hpb=41a15c4f0f2535591ba9f258cf76119f86477c43 diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c index bcfda91fe5..0c799418b1 100644 --- a/ssl/s23_lib.c +++ b/ssl/s23_lib.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -60,177 +60,106 @@ #include #include "ssl_locl.h" -static int ssl23_num_ciphers(void ); -static SSL_CIPHER *ssl23_get_cipher(unsigned int u); -static int ssl23_read(SSL *s, void *buf, int len); -static int ssl23_peek(SSL *s, void *buf, int len); -static int ssl23_write(SSL *s, const void *buf, int len); -static long ssl23_default_timeout(void ); -static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); -static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p); -const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT; - -static SSL_METHOD SSLv23_data= { - TLS1_VERSION, - tls1_new, - tls1_clear, - tls1_free, - ssl_undefined_function, - ssl_undefined_function, - ssl23_read, - ssl23_peek, - ssl23_write, - ssl_undefined_function, - ssl_undefined_function, - ssl_ok, - ssl3_ctrl, - ssl3_ctx_ctrl, - ssl23_get_cipher_by_char, - ssl23_put_cipher_by_char, - ssl_undefined_const_function, - ssl23_num_ciphers, - ssl23_get_cipher, - ssl_bad_method, - ssl23_default_timeout, - &ssl3_undef_enc_method, - ssl_undefined_void_function, - ssl3_callback_ctrl, - ssl3_ctx_callback_ctrl, - }; - -static long ssl23_default_timeout(void) - { - return(300); - } - -SSL_METHOD *sslv23_base_method(void) - { - return(&SSLv23_data); - } - -static int ssl23_num_ciphers(void) - { - return(ssl3_num_ciphers() -#ifndef OPENSSL_NO_SSL2 - + ssl2_num_ciphers() -#endif - ); - } - -static SSL_CIPHER *ssl23_get_cipher(unsigned int u) - { - unsigned int uu=ssl3_num_ciphers(); +long ssl23_default_timeout(void) +{ + return (300); +} - if (u < uu) - return(ssl3_get_cipher(u)); - else -#ifndef OPENSSL_NO_SSL2 - return(ssl2_get_cipher(u-uu)); -#else - return(NULL); -#endif - } +int ssl23_num_ciphers(void) +{ + return (ssl3_num_ciphers()); +} -/* This function needs to check if the ciphers required are actually - * available */ -static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) - { - SSL_CIPHER c,*cp; - unsigned long id; - int n; +const SSL_CIPHER *ssl23_get_cipher(unsigned int u) +{ + return (ssl3_get_cipher(u)); +} - n=ssl3_num_ciphers(); - id=0x03000000|((unsigned long)p[0]<<16L)| - ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; - c.id=id; - cp=ssl3_get_cipher_by_char(p); -#ifndef OPENSSL_NO_SSL2 - if (cp == NULL) - cp=ssl2_get_cipher_by_char(p); -#endif - return(cp); - } - -static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) - { - long l; - - /* We can write SSLv2 and SSLv3 ciphers */ - if (p != NULL) - { - l=c->id; - p[0]=((unsigned char)(l>>16L))&0xFF; - p[1]=((unsigned char)(l>> 8L))&0xFF; - p[2]=((unsigned char)(l ))&0xFF; - } - return(3); - } - -static int ssl23_read(SSL *s, void *buf, int len) - { - int n; - - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) - { - n=s->handshake_func(s); - if (n < 0) return(n); - if (n == 0) - { - SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - return(SSL_read(s,buf,len)); - } - else - { - ssl_undefined_function(s); - return(-1); - } - } - -static int ssl23_peek(SSL *s, void *buf, int len) - { - int n; - - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) - { - n=s->handshake_func(s); - if (n < 0) return(n); - if (n == 0) - { - SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - return(SSL_peek(s,buf,len)); - } - else - { - ssl_undefined_function(s); - return(-1); - } - } - -static int ssl23_write(SSL *s, const void *buf, int len) - { - int n; - - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) - { - n=s->handshake_func(s); - if (n < 0) return(n); - if (n == 0) - { - SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - return(SSL_write(s,buf,len)); - } - else - { - ssl_undefined_function(s); - return(-1); - } - } +/* + * This function needs to check if the ciphers required are actually + * available + */ +const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) +{ + return (ssl3_get_cipher_by_char(p)); +} + +int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) +{ + long l; + + /* We can write SSLv3 ciphers */ + /* but no ECC ciphers */ + if (c->algorithm_mkey == SSL_kECDHr || + c->algorithm_mkey == SSL_kECDHe || + c->algorithm_mkey == SSL_kEECDH || + c->algorithm_auth == SSL_aECDH || c->algorithm_auth == SSL_aECDSA) + return 0; + if (p != NULL) { + l = c->id; + p[0] = ((unsigned char)(l >> 16L)) & 0xFF; + p[1] = ((unsigned char)(l >> 8L)) & 0xFF; + p[2] = ((unsigned char)(l)) & 0xFF; + } + return (3); +} + +int ssl23_read(SSL *s, void *buf, int len) +{ + int n; + + clear_sys_error(); + if (SSL_in_init(s) && (!s->in_handshake)) { + n = s->handshake_func(s); + if (n < 0) + return (n); + if (n == 0) { + SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE); + return (-1); + } + return (SSL_read(s, buf, len)); + } else { + ssl_undefined_function(s); + return (-1); + } +} + +int ssl23_peek(SSL *s, void *buf, int len) +{ + int n; + + clear_sys_error(); + if (SSL_in_init(s) && (!s->in_handshake)) { + n = s->handshake_func(s); + if (n < 0) + return (n); + if (n == 0) { + SSLerr(SSL_F_SSL23_PEEK, SSL_R_SSL_HANDSHAKE_FAILURE); + return (-1); + } + return (SSL_peek(s, buf, len)); + } else { + ssl_undefined_function(s); + return (-1); + } +} + +int ssl23_write(SSL *s, const void *buf, int len) +{ + int n; + + clear_sys_error(); + if (SSL_in_init(s) && (!s->in_handshake)) { + n = s->handshake_func(s); + if (n < 0) + return (n); + if (n == 0) { + SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE); + return (-1); + } + return (SSL_write(s, buf, len)); + } else { + ssl_undefined_function(s); + return (-1); + } +}