X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs2_lib.c;h=9d5f898238e0211ab6dcff4cd385f35927f73ec6;hp=ad23ce1dc5439419cac1325a23ee8226998fb609;hb=8a208cba97b0d08cfc6f07bb2f0e0d1f305a0b13;hpb=a9be3af5ad4836f7e50f0546311ca90c717b861e

diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index ad23ce1dc5..9d5f898238 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -56,26 +56,31 @@
  * [including the GNU Public Licence.]
  */
 
+#include "ssl_locl.h"
+#ifndef NO_SSL2
 #include <stdio.h>
 #include <openssl/rsa.h>
 #include <openssl/objects.h>
-#include "ssl_locl.h"
+#include <openssl/md5.h>
 
 static long ssl2_default_timeout(void );
 const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
 
 #define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
 
-SSL_CIPHER ssl2_ciphers[]={
+OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
 /* NULL_WITH_MD5 v3 */
 #if 0
 	{
 	1,
 	SSL2_TXT_NULL_WITH_MD5,
 	SSL2_CK_NULL_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_EXP40|SSL_SSLV2,
+	SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
+	SSL_EXPORT|SSL_EXP40,
+	0,
 	0,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 #endif
 /* RC4_128_EXPORT40_WITH_MD5 */
@@ -83,63 +88,91 @@ SSL_CIPHER ssl2_ciphers[]={
 	1,
 	SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
 	SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP40|SSL_SSLV2,
+	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
+	SSL_EXPORT|SSL_EXP40,
 	SSL2_CF_5_BYTE_ENC,
+	40,
+	128,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 /* RC4_128_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_RC4_128_WITH_MD5,
 	SSL2_CK_RC4_128_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
+	SSL_NOT_EXP|SSL_MEDIUM,
 	0,
+	128,
+	128,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 /* RC2_128_CBC_EXPORT40_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
 	SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP40|SSL_SSLV2,
+	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
+	SSL_EXPORT|SSL_EXP40,
 	SSL2_CF_5_BYTE_ENC,
+	40,
+	128,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 /* RC2_128_CBC_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_RC2_128_CBC_WITH_MD5,
 	SSL2_CK_RC2_128_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
+	SSL_NOT_EXP|SSL_MEDIUM,
 	0,
+	128,
+	128,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 /* IDEA_128_CBC_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_IDEA_128_CBC_WITH_MD5,
 	SSL2_CK_IDEA_128_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+	SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_SSLV2,
+	SSL_NOT_EXP|SSL_MEDIUM,
 	0,
+	128,
+	128,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 /* DES_64_CBC_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_DES_64_CBC_WITH_MD5,
 	SSL2_CK_DES_64_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW,
+	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2,
+	SSL_NOT_EXP|SSL_LOW,
 	0,
+	56,
+	56,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 /* DES_192_EDE3_CBC_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
 	SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH,
+	SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2,
+	SSL_NOT_EXP|SSL_HIGH,
 	0,
+	168,
+	168,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 /* RC4_64_WITH_MD5 */
 #if 1
@@ -147,9 +180,13 @@ SSL_CIPHER ssl2_ciphers[]={
 	1,
 	SSL2_TXT_RC4_64_WITH_MD5,
 	SSL2_CK_RC4_64_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2|SSL_LOW,
+	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
+	SSL_NOT_EXP|SSL_LOW,
 	SSL2_CF_8_BYTE_ENC,
+	64,
+	64,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 #endif
 /* NULL SSLeay (testing) */
@@ -159,7 +196,11 @@ SSL_CIPHER ssl2_ciphers[]={
 	SSL2_TXT_NULL,
 	SSL2_CK_NULL,
 	0,
+	0,
+	0,
+	0,
 	SSL_ALL_CIPHERS,
+	SSL_ALL_STRENGTHS,
 	},
 #endif
 
@@ -359,13 +400,18 @@ void ssl2_generate_key_material(SSL *s)
 	unsigned char *km;
 	unsigned char c='0';
 
+#ifdef CHARSET_EBCDIC
+	c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0',
+				see SSLv2 docu */
+#endif
+
 	km=s->s2->key_material;
 	for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
 		{
 		MD5_Init(&ctx);
 
 		MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
-		MD5_Update(&ctx,(unsigned char *)&c,1);
+		MD5_Update(&ctx,&c,1);
 		c++;
 		MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length);
 		MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length);
@@ -414,4 +460,10 @@ int ssl2_shutdown(SSL *s)
 	s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
 	return(1);
 	}
+#else /* !NO_SSL2 */
 
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
+#endif