Ooops, revert committed conflict.

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 458b233d860d956ab115cd12fbc82d6128d8438c..77d7d878e381cf48dce1af3752ecbc3231d897f1 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1679,18 +1679,13 @@ int ssl3_send_server_key_exchange(SSL *s)
                                j=0;
                                for (num=2; num > 0; num--)
                                        {
                                j=0;
                                for (num=2; num > 0; num--)
                                        {

-                                       if (!EVP_DigestInit_ex(&md_ctx,(num == 2)
-                                               ?s->ctx->md5:s->ctx->sha1, NULL)
-                                               || !EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE)
-                                               || !EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE)
-                                               || !EVP_DigestUpdate(&md_ctx,&(d[4]),n)
-                                               || !EVP_DigestFinal_ex(&md_ctx,q,
-                                               (unsigned int *)&i))
-                                               {
-                                               SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_EVP_LIB);
-                                               goto err;
-                                               }
-                                               
+                                       EVP_DigestInit_ex(&md_ctx,(num == 2)
+                                               ?s->ctx->md5:s->ctx->sha1, NULL);
+                                       EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+                                       EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+                                       EVP_DigestUpdate(&md_ctx,&(d[4]),n);
+                                       EVP_DigestFinal_ex(&md_ctx,q,
+                                               (unsigned int *)&i);

                                        q+=i;
                                        j+=i;
                                        }
                                        q+=i;
                                        j+=i;
                                        }


@@ -1709,14 +1704,14 @@ int ssl3_send_server_key_exchange(SSL *s)
                                if (pkey->type == EVP_PKEY_DSA)
                                {
                                /* lets do DSS */
                                if (pkey->type == EVP_PKEY_DSA)
                                {
                                /* lets do DSS */

-                               if (!EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL)
-                                       || !EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE)
-                                       || !EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE)
-                                       || !EVP_SignUpdate(&md_ctx,&(d[4]),n)
-                                       || !EVP_SignFinal(&md_ctx,&(p[2]),
+                               EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL);
+                               EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+                               EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+                               EVP_SignUpdate(&md_ctx,&(d[4]),n);
+                               if (!EVP_SignFinal(&md_ctx,&(p[2]),

                                        (unsigned int *)&i,pkey))
                                        {
                                        (unsigned int *)&i,pkey))
                                        {

-                                       SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_EVP_LIB);
+                                       SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);

                                        goto err;
                                        }
                                s2n(i,p);
                                        goto err;
                                        }
                                s2n(i,p);


@@ -1728,14 +1723,14 @@ int ssl3_send_server_key_exchange(SSL *s)
                                if (pkey->type == EVP_PKEY_EC)
                                {
                                /* let's do ECDSA */
                                if (pkey->type == EVP_PKEY_EC)
                                {
                                /* let's do ECDSA */

-                               if (!EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL)
-                                       || !EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE)
-                                       || !EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE)
-                                       || !EVP_SignUpdate(&md_ctx,&(d[4]),n)
-                                       || !EVP_SignFinal(&md_ctx,&(p[2]),
-                                               (unsigned int *)&i,pkey))
+                               EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
+                               EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+                               EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+                               EVP_SignUpdate(&md_ctx,&(d[4]),n);
+                               if (!EVP_SignFinal(&md_ctx,&(p[2]),
+                                       (unsigned int *)&i,pkey))

                                        {
                                        {

-                                       SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_EVP_LIB);
+                                       SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_ECDSA);

                                        goto err;
                                        }
                                s2n(i,p);
                                        goto err;
                                        }
                                s2n(i,p);


@@ -2974,7 +2969,7 @@ int ssl3_send_newsession_ticket(SSL *s)
        if (s->state == SSL3_ST_SW_SESSION_TICKET_A)
                {
                unsigned char *p, *senc, *macstart;
        if (s->state == SSL3_ST_SW_SESSION_TICKET_A)
                {
                unsigned char *p, *senc, *macstart;

-               int len, slen, rv = 0;
+               int len, slen;

                unsigned int hlen;
                EVP_CIPHER_CTX ctx;
                HMAC_CTX hctx;
                unsigned int hlen;
                EVP_CIPHER_CTX ctx;
                HMAC_CTX hctx;


@@ -3029,21 +3024,11 @@ int ssl3_send_newsession_ticket(SSL *s)
                else
                        {
                        RAND_pseudo_bytes(iv, 16);
                else
                        {
                        RAND_pseudo_bytes(iv, 16);

-<<<<<<< s3_srvr.c
-                       if (!EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
-                                       s->ctx->tlsext_tick_aes_key, iv))
-                               goto evp_err;
-                       if (!HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key,
-                                       16, tlsext_tick_md(), NULL))
-                               goto evp_err;
-                       memcpy(key_name, s->ctx->tlsext_tick_key_name, 16);
-=======

                        EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
                                        tctx->tlsext_tick_aes_key, iv);
                        HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
                                        tlsext_tick_md(), NULL);
                        memcpy(key_name, tctx->tlsext_tick_key_name, 16);
                        EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
                                        tctx->tlsext_tick_aes_key, iv);
                        HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
                                        tlsext_tick_md(), NULL);
                        memcpy(key_name, tctx->tlsext_tick_key_name, 16);

->>>>>>> 1.180

                        }
                l2n(s->session->tlsext_tick_lifetime_hint, p);
                /* Skip ticket length for now */
                        }
                l2n(s->session->tlsext_tick_lifetime_hint, p);
                /* Skip ticket length for now */


@@ -3056,26 +3041,15 @@ int ssl3_send_newsession_ticket(SSL *s)
                memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
                p += EVP_CIPHER_CTX_iv_length(&ctx);
                /* Encrypt session data */
                memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
                p += EVP_CIPHER_CTX_iv_length(&ctx);
                /* Encrypt session data */

-               if (!EVP_EncryptUpdate(&ctx, p, &len, senc, slen))
-                       goto evp_err;
+               EVP_EncryptUpdate(&ctx, p, &len, senc, slen);

                p += len;
                p += len;

-               if (!EVP_EncryptFinal(&ctx, p, &len))
-                       goto evp_err;
+               EVP_EncryptFinal(&ctx, p, &len);

                p += len;
                p += len;

-
-               if (!HMAC_Update(&hctx, macstart, p - macstart))
-                       goto evp_err;
-
-               if (!HMAC_Final(&hctx, p, &hlen))
-                       goto evp_err;
-
-               rv = 1;
-
-               evp_err:

                EVP_CIPHER_CTX_cleanup(&ctx);
                EVP_CIPHER_CTX_cleanup(&ctx);

+
+               HMAC_Update(&hctx, macstart, p - macstart);
+               HMAC_Final(&hctx, p, &hlen);

                HMAC_CTX_cleanup(&hctx);
                HMAC_CTX_cleanup(&hctx);

-               if (!rv)
-                       return -1;

 
                p += hlen;
                /* Now write out lengths: p points to end of data written */
 
                p += hlen;
                /* Now write out lengths: p points to end of data written */