X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs23_lib.c;h=9056d39e83847b3dc98bfa39b97c3804d8dc0e1c;hp=5019a1a63637b52ed91606ec34cfda6fd33ff966;hb=396e30044910df29b81a416de42a94eb4355cd70;hpb=651d0aff98d28e2db146afa1790e9e22f3ef22db diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c index 5019a1a636..9056d39e83 100644 --- a/ssl/s23_lib.c +++ b/ssl/s23_lib.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -57,178 +57,129 @@ */ #include -#include "objects.h" +#include #include "ssl_locl.h" -#ifndef NOPROTO -static int ssl23_num_ciphers(void ); -static SSL_CIPHER *ssl23_get_cipher(unsigned int u); -static int ssl23_read(SSL *s, char *buf, int len); -static int ssl23_write(SSL *s, char *buf, int len); -static long ssl23_default_timeout(void ); -static int ssl23_put_cipher_by_char(SSL_CIPHER *c, unsigned char *p); -static SSL_CIPHER *ssl23_get_cipher_by_char(unsigned char *p); -#else -static int ssl23_num_ciphers(); -static SSL_CIPHER *ssl23_get_cipher(); -static int ssl23_read(); -static int ssl23_write(); -static long ssl23_default_timeout(); -static int ssl23_put_cipher_by_char(); -static SSL_CIPHER *ssl23_get_cipher_by_char(); -#endif - -char *SSL23_version_str="SSLv2/3 compatibility part of SSLeay 0.9.1c 22-Dec-1998"; - -static SSL_METHOD SSLv23_data= { - TLS1_VERSION, - tls1_new, - tls1_clear, - tls1_free, - ssl_undefined_function, - ssl_undefined_function, - ssl23_read, - ssl_undefined_function, - ssl23_write, - ssl_undefined_function, - ssl_undefined_function, - ssl_ok, - ssl3_ctrl, - ssl3_ctx_ctrl, - ssl23_get_cipher_by_char, - ssl23_put_cipher_by_char, - ssl_undefined_function, - ssl23_num_ciphers, - ssl23_get_cipher, - ssl_bad_method, - ssl23_default_timeout, - &ssl3_undef_enc_method, - }; - -static long ssl23_default_timeout() - { - return(300); - } - -SSL_METHOD *sslv23_base_method() - { - return(&SSLv23_data); - } - -static int ssl23_num_ciphers() - { - return(ssl3_num_ciphers()+ssl2_num_ciphers()); - } +long ssl23_default_timeout(void) +{ + return (300); +} -static SSL_CIPHER *ssl23_get_cipher(u) -unsigned int u; - { - unsigned int uu=ssl3_num_ciphers(); - - if (u < uu) - return(ssl3_get_cipher(u)); - else - return(ssl2_get_cipher(u-uu)); - } - -/* This function needs to check if the ciphers required are actually - * available */ -static SSL_CIPHER *ssl23_get_cipher_by_char(p) -unsigned char *p; - { - SSL_CIPHER c,*cp; - unsigned long id; - int n; - - n=ssl3_num_ciphers(); - id=0x03000000|((unsigned long)p[0]<<16L)| - ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; - c.id=id; - cp=ssl3_get_cipher_by_char(p); - if (cp == NULL) - cp=ssl2_get_cipher_by_char(p); - return(cp); - } - -static int ssl23_put_cipher_by_char(c,p) -SSL_CIPHER *c; -unsigned char *p; - { - long l; - - /* We can write SSLv2 and SSLv3 ciphers */ - if (p != NULL) - { - l=c->id; - p[0]=((unsigned char)(l>>16L))&0xFF; - p[1]=((unsigned char)(l>> 8L))&0xFF; - p[2]=((unsigned char)(l ))&0xFF; - } - return(3); - } - -static int ssl23_read(s,buf,len) -SSL *s; -char *buf; -int len; - { - int n; - -#if 0 - if (s->shutdown & SSL_RECEIVED_SHUTDOWN) - { - s->rwstate=SSL_NOTHING; - return(0); - } +int ssl23_num_ciphers(void) +{ + return (ssl3_num_ciphers() +#ifndef OPENSSL_NO_SSL2 + + ssl2_num_ciphers() #endif - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) - { - n=s->handshake_func(s); - if (n < 0) return(n); - if (n == 0) - { - SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - return(SSL_read(s,buf,len)); - } - else - { - ssl_undefined_function(s); - return(-1); - } - } - -static int ssl23_write(s,buf,len) -SSL *s; -char *buf; -int len; - { - int n; + ); +} + +const SSL_CIPHER *ssl23_get_cipher(unsigned int u) +{ + unsigned int uu = ssl3_num_ciphers(); + + if (u < uu) + return (ssl3_get_cipher(u)); + else +#ifndef OPENSSL_NO_SSL2 + return (ssl2_get_cipher(u - uu)); +#else + return (NULL); +#endif +} -#if 0 - if (s->shutdown & SSL_SENT_SHUTDOWN) - { - s->rwstate=SSL_NOTHING; - return(0); - } +/* + * This function needs to check if the ciphers required are actually + * available + */ +const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) +{ + const SSL_CIPHER *cp; + + cp = ssl3_get_cipher_by_char(p); +#ifndef OPENSSL_NO_SSL2 + if (cp == NULL) + cp = ssl2_get_cipher_by_char(p); #endif - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) - { - n=s->handshake_func(s); - if (n < 0) return(n); - if (n == 0) - { - SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - return(SSL_write(s,buf,len)); - } - else - { - ssl_undefined_function(s); - return(-1); - } - } + return (cp); +} + +int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) +{ + long l; + + /* We can write SSLv2 and SSLv3 ciphers */ + /* but no ECC ciphers */ + if (c->algorithm_mkey == SSL_kECDHr || + c->algorithm_mkey == SSL_kECDHe || + c->algorithm_mkey == SSL_kEECDH || + c->algorithm_auth == SSL_aECDH || c->algorithm_auth == SSL_aECDSA) + return 0; + if (p != NULL) { + l = c->id; + p[0] = ((unsigned char)(l >> 16L)) & 0xFF; + p[1] = ((unsigned char)(l >> 8L)) & 0xFF; + p[2] = ((unsigned char)(l)) & 0xFF; + } + return (3); +} + +int ssl23_read(SSL *s, void *buf, int len) +{ + int n; + + clear_sys_error(); + if (SSL_in_init(s) && (!s->in_handshake)) { + n = s->handshake_func(s); + if (n < 0) + return (n); + if (n == 0) { + SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE); + return (-1); + } + return (SSL_read(s, buf, len)); + } else { + ssl_undefined_function(s); + return (-1); + } +} + +int ssl23_peek(SSL *s, void *buf, int len) +{ + int n; + + clear_sys_error(); + if (SSL_in_init(s) && (!s->in_handshake)) { + n = s->handshake_func(s); + if (n < 0) + return (n); + if (n == 0) { + SSLerr(SSL_F_SSL23_PEEK, SSL_R_SSL_HANDSHAKE_FAILURE); + return (-1); + } + return (SSL_peek(s, buf, len)); + } else { + ssl_undefined_function(s); + return (-1); + } +} + +int ssl23_write(SSL *s, const void *buf, int len) +{ + int n; + + clear_sys_error(); + if (SSL_in_init(s) && (!s->in_handshake)) { + n = s->handshake_func(s); + if (n < 0) + return (n); + if (n == 0) { + SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE); + return (-1); + } + return (SSL_write(s, buf, len)); + } else { + ssl_undefined_function(s); + return (-1); + } +}