compress_meth should be unsigned

[openssl.git] / ssl / t1_enc.c

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index ee511a6512169857d527403b8365927e761e2abe..028f6493d1d6beeee8760cde03ca4ceb9a956532 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -137,10 +137,13 @@
 
 #include <stdio.h>
 #include "ssl_locl.h"
+#ifndef OPENSSL_NO_COMP
 #include <openssl/comp.h>
+#endif
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
 #include <openssl/md5.h>
+#include <openssl/rand.h>
 #ifdef KSSL_DEBUG
 #include <openssl/des.h>
 #endif
@@ -163,6 +166,7 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
        unsigned int A1_len;
        
        chunk=EVP_MD_size(md);
+       OPENSSL_assert(chunk >= 0);
 
        HMAC_CTX_init(&ctx);
        HMAC_CTX_init(&ctx_tmp);
@@ -605,18 +609,44 @@ int tls1_enc(SSL *s, int send)
        if (send)
                {
                if (EVP_MD_CTX_md(s->write_hash))
+                       {
                        n=EVP_MD_CTX_size(s->write_hash);
+                       OPENSSL_assert(n >= 0);
+                       }
                ds=s->enc_write_ctx;
                rec= &(s->s3->wrec);
                if (s->enc_write_ctx == NULL)
                        enc=NULL;
                else
+                       {
+                       int ivlen;
                        enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+                       /* For TLSv1.1 and later explicit IV */
+                       if (s->version >= TLS1_1_VERSION)
+                               ivlen = EVP_CIPHER_iv_length(enc);
+                       else
+                               ivlen = 0;
+                       if (ivlen > 1)
+                               {
+                               if ( rec->data != rec->input)
+                               /* we can't write into the input stream:
+                                * Can this ever happen?? (steve)
+                                */
+                               fprintf(stderr,
+                                       "%s:%d: rec->data != rec->input\n",
+                                       __FILE__, __LINE__);
+                               else if (RAND_bytes(rec->input, ivlen) <= 0)
+                                       return -1;
+                               }
+                       }
                }
        else
                {
                if (EVP_MD_CTX_md(s->read_hash))
+                       {
                        n=EVP_MD_CTX_size(s->read_hash);
+                       OPENSSL_assert(n >= 0);
+                       }
                ds=s->enc_read_ctx;
                rec= &(s->s3->rrec);
                if (s->enc_read_ctx == NULL)
@@ -737,7 +767,13 @@ int tls1_enc(SSL *s, int send)
                                        return -1;
                                        }
                                }
-                       rec->length-=i;
+                       rec->length -=i;
+                       if (s->version >= TLS1_1_VERSION)
+                               {
+                               rec->data += bs;    /* skip the explicit IV */
+                               rec->input += bs;
+                               rec->length -= bs;
+                               }
                        }
                }
        return(1);
@@ -749,7 +785,9 @@ int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
        int i;
 
        if (s->s3->handshake_buffer) 
-               ssl3_digest_cached_records(s);
+               if (!ssl3_digest_cached_records(s))
+                       return 0;
+
        for (i=0;i<SSL_MAX_DIGEST;i++) 
                {
                  if (s->s3->handshake_dgst[i]&&EVP_MD_CTX_type(s->s3->handshake_dgst[i])==md_nid) 
@@ -784,17 +822,18 @@ int tls1_final_finish_mac(SSL *s,
 
        q=buf;
 
-       EVP_MD_CTX_init(&ctx);
-
        if (s->s3->handshake_buffer) 
-               ssl3_digest_cached_records(s);
+               if (!ssl3_digest_cached_records(s))
+                       return 0;
+
+       EVP_MD_CTX_init(&ctx);
 
        for (idx=0;ssl_get_handshake_digest(idx,&mask,&md);idx++)
                {
                if (mask & s->s3->tmp.new_cipher->algorithm2)
                        {
                        int hashsize = EVP_MD_size(md);
-                       if ((size_t)hashsize > (sizeof buf - (size_t)(q-buf)))
+                       if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
                                {
                                /* internal error: 'buf' is too small for this cipersuite! */
                                err = 1;
@@ -803,7 +842,7 @@ int tls1_final_finish_mac(SSL *s,
                                {
                                EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]);
                                EVP_DigestFinal_ex(&ctx,q,&i);
-                               if (i != hashsize) /* can't really happen */
+                               if (i != (unsigned int)hashsize) /* can't really happen */
                                        err = 1;
                                q+=i;
                                }
@@ -832,6 +871,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
        EVP_MD_CTX hmac, *mac_ctx;
        unsigned char buf[5]; 
        int stream_mac = (send?(ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM):(ssl->mac_flags&SSL_MAC_FLAG_READ_MAC_STREAM));
+       int t;
 
        if (send)
                {
@@ -848,7 +888,9 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
                hash=ssl->read_hash;
                }
 
-       md_size=EVP_MD_CTX_size(hash);
+       t=EVP_MD_CTX_size(hash);
+       OPENSSL_assert(t >= 0);
+       md_size=t;
 
        buf[0]=rec->type;
        buf[1]=(unsigned char)(ssl->version>>8);
@@ -867,7 +909,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
                        mac_ctx = &hmac;
                }
 
-       if (ssl->version == DTLS1_VERSION)
+       if (ssl->version == DTLS1_VERSION || ssl->version == DTLS1_BAD_VER)
                {
                unsigned char dtlsseq[8],*p=dtlsseq;
 
@@ -881,7 +923,9 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
 
        EVP_DigestSignUpdate(mac_ctx,buf,5);
        EVP_DigestSignUpdate(mac_ctx,rec->input,rec->length);
-       EVP_DigestSignFinal(mac_ctx,md,&md_size);
+       t=EVP_DigestSignFinal(mac_ctx,md,&md_size);
+       OPENSSL_assert(t > 0);
+               
        if (!stream_mac) EVP_MD_CTX_cleanup(&hmac);
 #ifdef TLS_DEBUG
 printf("sec=");
@@ -894,7 +938,7 @@ printf("rec=");
 {unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
 #endif
 
-       if (ssl->version != DTLS1_VERSION)
+       if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER)
                {
                for (i=7; i>=0; i--)
                        {