0537a16743cff7527a8e67c1ba1c418cabbc0123
[openssl.git] / ssl / s3_lib.c
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by 
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * ECC cipher suite support in OpenSSL originally written by
121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122  *
123  */
124 /* ====================================================================
125  * Copyright 2005 Nokia. All rights reserved.
126  *
127  * The portions of the attached software ("Contribution") is developed by
128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129  * license.
130  *
131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133  * support (see RFC 4279) to OpenSSL.
134  *
135  * No patent licenses or other rights except those expressly stated in
136  * the OpenSSL open source license shall be deemed granted or received
137  * expressly, by implication, estoppel, or otherwise.
138  *
139  * No assurances are provided by Nokia that the Contribution does not
140  * infringe the patent or other intellectual property rights of any third
141  * party or that the license provides you with all the necessary rights
142  * to make use of the Contribution.
143  *
144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148  * OTHERWISE.
149  */
150
151 #include <stdio.h>
152 #include <openssl/objects.h>
153 #include "ssl_locl.h"
154 #include "kssl_lcl.h"
155 #include <openssl/md5.h>
156 #ifndef OPENSSL_NO_DH
157 #include <openssl/dh.h>
158 #endif
159
160 const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
161
162 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
163
164 /* list of available SSLv3 ciphers (sorted by id) */
165 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
166 /* The RSA ciphers */
167 /* Cipher 01 */
168         {
169         1,
170         SSL3_TXT_RSA_NULL_MD5,
171         SSL3_CK_RSA_NULL_MD5,
172         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
173         SSL_NOT_EXP|SSL_STRONG_NONE,
174         0,
175         0,
176         0,
177         SSL_ALL_CIPHERS,
178         SSL_ALL_STRENGTHS,
179         },
180 /* Cipher 02 */
181         {
182         1,
183         SSL3_TXT_RSA_NULL_SHA,
184         SSL3_CK_RSA_NULL_SHA,
185         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
186         SSL_NOT_EXP|SSL_STRONG_NONE,
187         0,
188         0,
189         0,
190         SSL_ALL_CIPHERS,
191         SSL_ALL_STRENGTHS,
192         },
193 /* Cipher 03 */
194         {
195         1,
196         SSL3_TXT_RSA_RC4_40_MD5,
197         SSL3_CK_RSA_RC4_40_MD5,
198         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
199         SSL_EXPORT|SSL_EXP40,
200         0,
201         40,
202         128,
203         SSL_ALL_CIPHERS,
204         SSL_ALL_STRENGTHS,
205         },
206 /* Cipher 04 */
207         {
208         1,
209         SSL3_TXT_RSA_RC4_128_MD5,
210         SSL3_CK_RSA_RC4_128_MD5,
211         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
212         SSL_NOT_EXP|SSL_MEDIUM,
213         0,
214         128,
215         128,
216         SSL_ALL_CIPHERS,
217         SSL_ALL_STRENGTHS,
218         },
219 /* Cipher 05 */
220         {
221         1,
222         SSL3_TXT_RSA_RC4_128_SHA,
223         SSL3_CK_RSA_RC4_128_SHA,
224         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
225         SSL_NOT_EXP|SSL_MEDIUM,
226         0,
227         128,
228         128,
229         SSL_ALL_CIPHERS,
230         SSL_ALL_STRENGTHS,
231         },
232 /* Cipher 06 */
233         {
234         1,
235         SSL3_TXT_RSA_RC2_40_MD5,
236         SSL3_CK_RSA_RC2_40_MD5,
237         SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
238         SSL_EXPORT|SSL_EXP40,
239         0,
240         40,
241         128,
242         SSL_ALL_CIPHERS,
243         SSL_ALL_STRENGTHS,
244         },
245 /* Cipher 07 */
246 #ifndef OPENSSL_NO_IDEA
247         {
248         1,
249         SSL3_TXT_RSA_IDEA_128_SHA,
250         SSL3_CK_RSA_IDEA_128_SHA,
251         SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
252         SSL_NOT_EXP|SSL_MEDIUM,
253         0,
254         128,
255         128,
256         SSL_ALL_CIPHERS,
257         SSL_ALL_STRENGTHS,
258         },
259 #endif
260 /* Cipher 08 */
261         {
262         1,
263         SSL3_TXT_RSA_DES_40_CBC_SHA,
264         SSL3_CK_RSA_DES_40_CBC_SHA,
265         SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
266         SSL_EXPORT|SSL_EXP40,
267         0,
268         40,
269         56,
270         SSL_ALL_CIPHERS,
271         SSL_ALL_STRENGTHS,
272         },
273 /* Cipher 09 */
274         {
275         1,
276         SSL3_TXT_RSA_DES_64_CBC_SHA,
277         SSL3_CK_RSA_DES_64_CBC_SHA,
278         SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
279         SSL_NOT_EXP|SSL_LOW,
280         0,
281         56,
282         56,
283         SSL_ALL_CIPHERS,
284         SSL_ALL_STRENGTHS,
285         },
286 /* Cipher 0A */
287         {
288         1,
289         SSL3_TXT_RSA_DES_192_CBC3_SHA,
290         SSL3_CK_RSA_DES_192_CBC3_SHA,
291         SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
292         SSL_NOT_EXP|SSL_HIGH,
293         0,
294         168,
295         168,
296         SSL_ALL_CIPHERS,
297         SSL_ALL_STRENGTHS,
298         },
299 /* The DH ciphers */
300 /* Cipher 0B */
301         {
302         0,
303         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
304         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
305         SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
306         SSL_EXPORT|SSL_EXP40,
307         0,
308         40,
309         56,
310         SSL_ALL_CIPHERS,
311         SSL_ALL_STRENGTHS,
312         },
313 /* Cipher 0C */
314         {
315         0,
316         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
317         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
318         SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
319         SSL_NOT_EXP|SSL_LOW,
320         0,
321         56,
322         56,
323         SSL_ALL_CIPHERS,
324         SSL_ALL_STRENGTHS,
325         },
326 /* Cipher 0D */
327         {
328         0,
329         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
330         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
331         SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
332         SSL_NOT_EXP|SSL_HIGH,
333         0,
334         168,
335         168,
336         SSL_ALL_CIPHERS,
337         SSL_ALL_STRENGTHS,
338         },
339 /* Cipher 0E */
340         {
341         0,
342         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
343         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
344         SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
345         SSL_EXPORT|SSL_EXP40,
346         0,
347         40,
348         56,
349         SSL_ALL_CIPHERS,
350         SSL_ALL_STRENGTHS,
351         },
352 /* Cipher 0F */
353         {
354         0,
355         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
356         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
357         SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
358         SSL_NOT_EXP|SSL_LOW,
359         0,
360         56,
361         56,
362         SSL_ALL_CIPHERS,
363         SSL_ALL_STRENGTHS,
364         },
365 /* Cipher 10 */
366         {
367         0,
368         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
369         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
370         SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
371         SSL_NOT_EXP|SSL_HIGH,
372         0,
373         168,
374         168,
375         SSL_ALL_CIPHERS,
376         SSL_ALL_STRENGTHS,
377         },
378
379 /* The Ephemeral DH ciphers */
380 /* Cipher 11 */
381         {
382         1,
383         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
384         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
385         SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
386         SSL_EXPORT|SSL_EXP40,
387         0,
388         40,
389         56,
390         SSL_ALL_CIPHERS,
391         SSL_ALL_STRENGTHS,
392         },
393 /* Cipher 12 */
394         {
395         1,
396         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
397         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
398         SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
399         SSL_NOT_EXP|SSL_LOW,
400         0,
401         56,
402         56,
403         SSL_ALL_CIPHERS,
404         SSL_ALL_STRENGTHS,
405         },
406 /* Cipher 13 */
407         {
408         1,
409         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
410         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
411         SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
412         SSL_NOT_EXP|SSL_HIGH,
413         0,
414         168,
415         168,
416         SSL_ALL_CIPHERS,
417         SSL_ALL_STRENGTHS,
418         },
419 /* Cipher 14 */
420         {
421         1,
422         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
423         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
424         SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
425         SSL_EXPORT|SSL_EXP40,
426         0,
427         40,
428         56,
429         SSL_ALL_CIPHERS,
430         SSL_ALL_STRENGTHS,
431         },
432 /* Cipher 15 */
433         {
434         1,
435         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
436         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
437         SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
438         SSL_NOT_EXP|SSL_LOW,
439         0,
440         56,
441         56,
442         SSL_ALL_CIPHERS,
443         SSL_ALL_STRENGTHS,
444         },
445 /* Cipher 16 */
446         {
447         1,
448         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
449         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
450         SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
451         SSL_NOT_EXP|SSL_HIGH,
452         0,
453         168,
454         168,
455         SSL_ALL_CIPHERS,
456         SSL_ALL_STRENGTHS,
457         },
458 /* Cipher 17 */
459         {
460         1,
461         SSL3_TXT_ADH_RC4_40_MD5,
462         SSL3_CK_ADH_RC4_40_MD5,
463         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
464         SSL_EXPORT|SSL_EXP40,
465         0,
466         40,
467         128,
468         SSL_ALL_CIPHERS,
469         SSL_ALL_STRENGTHS,
470         },
471 /* Cipher 18 */
472         {
473         1,
474         SSL3_TXT_ADH_RC4_128_MD5,
475         SSL3_CK_ADH_RC4_128_MD5,
476         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
477         SSL_NOT_EXP|SSL_MEDIUM,
478         0,
479         128,
480         128,
481         SSL_ALL_CIPHERS,
482         SSL_ALL_STRENGTHS,
483         },
484 /* Cipher 19 */
485         {
486         1,
487         SSL3_TXT_ADH_DES_40_CBC_SHA,
488         SSL3_CK_ADH_DES_40_CBC_SHA,
489         SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
490         SSL_EXPORT|SSL_EXP40,
491         0,
492         40,
493         128,
494         SSL_ALL_CIPHERS,
495         SSL_ALL_STRENGTHS,
496         },
497 /* Cipher 1A */
498         {
499         1,
500         SSL3_TXT_ADH_DES_64_CBC_SHA,
501         SSL3_CK_ADH_DES_64_CBC_SHA,
502         SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
503         SSL_NOT_EXP|SSL_LOW,
504         0,
505         56,
506         56,
507         SSL_ALL_CIPHERS,
508         SSL_ALL_STRENGTHS,
509         },
510 /* Cipher 1B */
511         {
512         1,
513         SSL3_TXT_ADH_DES_192_CBC_SHA,
514         SSL3_CK_ADH_DES_192_CBC_SHA,
515         SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
516         SSL_NOT_EXP|SSL_HIGH,
517         0,
518         168,
519         168,
520         SSL_ALL_CIPHERS,
521         SSL_ALL_STRENGTHS,
522         },
523
524 /* Fortezza */
525 /* Cipher 1C */
526         {
527         0,
528         SSL3_TXT_FZA_DMS_NULL_SHA,
529         SSL3_CK_FZA_DMS_NULL_SHA,
530         SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
531         SSL_NOT_EXP|SSL_STRONG_NONE,
532         0,
533         0,
534         0,
535         SSL_ALL_CIPHERS,
536         SSL_ALL_STRENGTHS,
537         },
538
539 /* Cipher 1D */
540         {
541         0,
542         SSL3_TXT_FZA_DMS_FZA_SHA,
543         SSL3_CK_FZA_DMS_FZA_SHA,
544         SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
545         SSL_NOT_EXP|SSL_STRONG_NONE,
546         0,
547         0,
548         0,
549         SSL_ALL_CIPHERS,
550         SSL_ALL_STRENGTHS,
551         },
552
553 #if 0
554 /* Cipher 1E */
555         {
556         0,
557         SSL3_TXT_FZA_DMS_RC4_SHA,
558         SSL3_CK_FZA_DMS_RC4_SHA,
559         SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
560         SSL_NOT_EXP|SSL_MEDIUM,
561         0,
562         128,
563         128,
564         SSL_ALL_CIPHERS,
565         SSL_ALL_STRENGTHS,
566         },
567 #endif
568
569 #ifndef OPENSSL_NO_KRB5
570 /* The Kerberos ciphers
571 ** 20000107 VRS: And the first shall be last,
572 ** in hopes of avoiding the lynx ssl renegotiation problem.
573 */
574 /* Cipher 1E VRS */
575         {
576         1,
577         SSL3_TXT_KRB5_DES_64_CBC_SHA,
578         SSL3_CK_KRB5_DES_64_CBC_SHA,
579         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
580         SSL_NOT_EXP|SSL_LOW,
581         0,
582         56,
583         56,
584         SSL_ALL_CIPHERS,
585         SSL_ALL_STRENGTHS,
586         },
587
588 /* Cipher 1F VRS */
589         {
590         1,
591         SSL3_TXT_KRB5_DES_192_CBC3_SHA,
592         SSL3_CK_KRB5_DES_192_CBC3_SHA,
593         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
594         SSL_NOT_EXP|SSL_HIGH,
595         0,
596         112,
597         168,
598         SSL_ALL_CIPHERS,
599         SSL_ALL_STRENGTHS,
600         },
601
602 /* Cipher 20 VRS */
603         {
604         1,
605         SSL3_TXT_KRB5_RC4_128_SHA,
606         SSL3_CK_KRB5_RC4_128_SHA,
607         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1  |SSL_SSLV3,
608         SSL_NOT_EXP|SSL_MEDIUM,
609         0,
610         128,
611         128,
612         SSL_ALL_CIPHERS,
613         SSL_ALL_STRENGTHS,
614         },
615
616 /* Cipher 21 VRS */
617         {
618         1,
619         SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
620         SSL3_CK_KRB5_IDEA_128_CBC_SHA,
621         SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_SHA1  |SSL_SSLV3,
622         SSL_NOT_EXP|SSL_MEDIUM,
623         0,
624         128,
625         128,
626         SSL_ALL_CIPHERS,
627         SSL_ALL_STRENGTHS,
628         },
629
630 /* Cipher 22 VRS */
631         {
632         1,
633         SSL3_TXT_KRB5_DES_64_CBC_MD5,
634         SSL3_CK_KRB5_DES_64_CBC_MD5,
635         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
636         SSL_NOT_EXP|SSL_LOW,
637         0,
638         56,
639         56,
640         SSL_ALL_CIPHERS,
641         SSL_ALL_STRENGTHS,
642         },
643
644 /* Cipher 23 VRS */
645         {
646         1,
647         SSL3_TXT_KRB5_DES_192_CBC3_MD5,
648         SSL3_CK_KRB5_DES_192_CBC3_MD5,
649         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
650         SSL_NOT_EXP|SSL_HIGH,
651         0,
652         112,
653         168,
654         SSL_ALL_CIPHERS,
655         SSL_ALL_STRENGTHS,
656         },
657
658 /* Cipher 24 VRS */
659         {
660         1,
661         SSL3_TXT_KRB5_RC4_128_MD5,
662         SSL3_CK_KRB5_RC4_128_MD5,
663         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5  |SSL_SSLV3,
664         SSL_NOT_EXP|SSL_MEDIUM,
665         0,
666         128,
667         128,
668         SSL_ALL_CIPHERS,
669         SSL_ALL_STRENGTHS,
670         },
671
672 /* Cipher 25 VRS */
673         {
674         1,
675         SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
676         SSL3_CK_KRB5_IDEA_128_CBC_MD5,
677         SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_MD5  |SSL_SSLV3,
678         SSL_NOT_EXP|SSL_MEDIUM,
679         0,
680         128,
681         128,
682         SSL_ALL_CIPHERS,
683         SSL_ALL_STRENGTHS,
684         },
685
686 /* Cipher 26 VRS */
687         {
688         1,
689         SSL3_TXT_KRB5_DES_40_CBC_SHA,
690         SSL3_CK_KRB5_DES_40_CBC_SHA,
691         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
692         SSL_EXPORT|SSL_EXP40,
693         0,
694         40,
695         56,
696         SSL_ALL_CIPHERS,
697         SSL_ALL_STRENGTHS,
698         },
699
700 /* Cipher 27 VRS */
701         {
702         1,
703         SSL3_TXT_KRB5_RC2_40_CBC_SHA,
704         SSL3_CK_KRB5_RC2_40_CBC_SHA,
705         SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_SHA1   |SSL_SSLV3,
706         SSL_EXPORT|SSL_EXP40,
707         0,
708         40,
709         128,
710         SSL_ALL_CIPHERS,
711         SSL_ALL_STRENGTHS,
712         },
713
714 /* Cipher 28 VRS */
715         {
716         1,
717         SSL3_TXT_KRB5_RC4_40_SHA,
718         SSL3_CK_KRB5_RC4_40_SHA,
719         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1   |SSL_SSLV3,
720         SSL_EXPORT|SSL_EXP40,
721         0,
722         128,
723         128,
724         SSL_ALL_CIPHERS,
725         SSL_ALL_STRENGTHS,
726         },
727
728 /* Cipher 29 VRS */
729         {
730         1,
731         SSL3_TXT_KRB5_DES_40_CBC_MD5,
732         SSL3_CK_KRB5_DES_40_CBC_MD5,
733         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
734         SSL_EXPORT|SSL_EXP40,
735         0,
736         40,
737         56,
738         SSL_ALL_CIPHERS,
739         SSL_ALL_STRENGTHS,
740         },
741
742 /* Cipher 2A VRS */
743         {
744         1,
745         SSL3_TXT_KRB5_RC2_40_CBC_MD5,
746         SSL3_CK_KRB5_RC2_40_CBC_MD5,
747         SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_MD5    |SSL_SSLV3,
748         SSL_EXPORT|SSL_EXP40,
749         0,
750         40,
751         128,
752         SSL_ALL_CIPHERS,
753         SSL_ALL_STRENGTHS,
754         },
755
756 /* Cipher 2B VRS */
757         {
758         1,
759         SSL3_TXT_KRB5_RC4_40_MD5,
760         SSL3_CK_KRB5_RC4_40_MD5,
761         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5    |SSL_SSLV3,
762         SSL_EXPORT|SSL_EXP40,
763         0,
764         128,
765         128,
766         SSL_ALL_CIPHERS,
767         SSL_ALL_STRENGTHS,
768         },
769 #endif  /* OPENSSL_NO_KRB5 */
770 /* New AES ciphersuites */
771
772 /* Cipher 2F */
773         {
774         1,
775         TLS1_TXT_RSA_WITH_AES_128_SHA,
776         TLS1_CK_RSA_WITH_AES_128_SHA,
777         SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
778         SSL_NOT_EXP|SSL_HIGH,
779         0,
780         128,
781         128,
782         SSL_ALL_CIPHERS,
783         SSL_ALL_STRENGTHS,
784         },
785 /* Cipher 30 */
786         {
787         0,
788         TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
789         TLS1_CK_DH_DSS_WITH_AES_128_SHA,
790         SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
791         SSL_NOT_EXP|SSL_HIGH,
792         0,
793         128,
794         128,
795         SSL_ALL_CIPHERS,
796         SSL_ALL_STRENGTHS,
797         },
798 /* Cipher 31 */
799         {
800         0,
801         TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
802         TLS1_CK_DH_RSA_WITH_AES_128_SHA,
803         SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
804         SSL_NOT_EXP|SSL_HIGH,
805         0,
806         128,
807         128,
808         SSL_ALL_CIPHERS,
809         SSL_ALL_STRENGTHS,
810         },
811 /* Cipher 32 */
812         {
813         1,
814         TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
815         TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
816         SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
817         SSL_NOT_EXP|SSL_HIGH,
818         0,
819         128,
820         128,
821         SSL_ALL_CIPHERS,
822         SSL_ALL_STRENGTHS,
823         },
824 /* Cipher 33 */
825         {
826         1,
827         TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
828         TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
829         SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
830         SSL_NOT_EXP|SSL_HIGH,
831         0,
832         128,
833         128,
834         SSL_ALL_CIPHERS,
835         SSL_ALL_STRENGTHS,
836         },
837 /* Cipher 34 */
838         {
839         1,
840         TLS1_TXT_ADH_WITH_AES_128_SHA,
841         TLS1_CK_ADH_WITH_AES_128_SHA,
842         SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
843         SSL_NOT_EXP|SSL_HIGH,
844         0,
845         128,
846         128,
847         SSL_ALL_CIPHERS,
848         SSL_ALL_STRENGTHS,
849         },
850
851 /* Cipher 35 */
852         {
853         1,
854         TLS1_TXT_RSA_WITH_AES_256_SHA,
855         TLS1_CK_RSA_WITH_AES_256_SHA,
856         SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
857         SSL_NOT_EXP|SSL_HIGH,
858         0,
859         256,
860         256,
861         SSL_ALL_CIPHERS,
862         SSL_ALL_STRENGTHS,
863         },
864 /* Cipher 36 */
865         {
866         0,
867         TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
868         TLS1_CK_DH_DSS_WITH_AES_256_SHA,
869         SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
870         SSL_NOT_EXP|SSL_HIGH,
871         0,
872         256,
873         256,
874         SSL_ALL_CIPHERS,
875         SSL_ALL_STRENGTHS,
876         },
877 /* Cipher 37 */
878         {
879         0,
880         TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
881         TLS1_CK_DH_RSA_WITH_AES_256_SHA,
882         SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
883         SSL_NOT_EXP|SSL_HIGH,
884         0,
885         256,
886         256,
887         SSL_ALL_CIPHERS,
888         SSL_ALL_STRENGTHS,
889         },
890 /* Cipher 38 */
891         {
892         1,
893         TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
894         TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
895         SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
896         SSL_NOT_EXP|SSL_HIGH,
897         0,
898         256,
899         256,
900         SSL_ALL_CIPHERS,
901         SSL_ALL_STRENGTHS,
902         },
903 /* Cipher 39 */
904         {
905         1,
906         TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
907         TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
908         SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
909         SSL_NOT_EXP|SSL_HIGH,
910         0,
911         256,
912         256,
913         SSL_ALL_CIPHERS,
914         SSL_ALL_STRENGTHS,
915         },
916         /* Cipher 3A */
917         {
918         1,
919         TLS1_TXT_ADH_WITH_AES_256_SHA,
920         TLS1_CK_ADH_WITH_AES_256_SHA,
921         SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
922         SSL_NOT_EXP|SSL_HIGH,
923         0,
924         256,
925         256,
926         SSL_ALL_CIPHERS,
927         SSL_ALL_STRENGTHS,
928         },
929
930 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
931         /* New TLS Export CipherSuites from expired ID */
932 #if 0
933         /* Cipher 60 */
934             {
935             1,
936             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
937             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
938             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
939             SSL_EXPORT|SSL_EXP56,
940             0,
941             56,
942             128,
943             SSL_ALL_CIPHERS,
944             SSL_ALL_STRENGTHS,
945             },
946         /* Cipher 61 */
947             {
948             1,
949             TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
950             TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
951             SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
952             SSL_EXPORT|SSL_EXP56,
953             0,
954             56,
955             128,
956             SSL_ALL_CIPHERS,
957             SSL_ALL_STRENGTHS,
958             },
959 #endif
960         /* Cipher 62 */
961             {
962             1,
963             TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
964             TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
965             SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
966             SSL_EXPORT|SSL_EXP56,
967             0,
968             56,
969             56,
970             SSL_ALL_CIPHERS,
971             SSL_ALL_STRENGTHS,
972             },
973         /* Cipher 63 */
974             {
975             1,
976             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
977             TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
978             SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
979             SSL_EXPORT|SSL_EXP56,
980             0,
981             56,
982             56,
983             SSL_ALL_CIPHERS,
984             SSL_ALL_STRENGTHS,
985             },
986         /* Cipher 64 */
987             {
988             1,
989             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
990             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
991             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
992             SSL_EXPORT|SSL_EXP56,
993             0,
994             56,
995             128,
996             SSL_ALL_CIPHERS,
997             SSL_ALL_STRENGTHS,
998             },
999         /* Cipher 65 */
1000             {
1001             1,
1002             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1003             TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1004             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
1005             SSL_EXPORT|SSL_EXP56,
1006             0,
1007             56,
1008             128,
1009             SSL_ALL_CIPHERS,
1010             SSL_ALL_STRENGTHS,
1011             },
1012         /* Cipher 66 */
1013             {
1014             1,
1015             TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
1016             TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
1017             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
1018             SSL_NOT_EXP|SSL_MEDIUM,
1019             0,
1020             128,
1021             128,
1022             SSL_ALL_CIPHERS,
1023             SSL_ALL_STRENGTHS
1024             },
1025 #endif
1026 #ifndef OPENSSL_NO_PSK
1027         /* Cipher 8A */
1028         {
1029         1,
1030         TLS1_TXT_PSK_WITH_RC4_128_SHA,
1031         TLS1_CK_PSK_WITH_RC4_128_SHA,
1032         SSL_kPSK|SSL_aPSK|SSL_RC4|SSL_SHA|SSL_TLSV1,
1033         SSL_NOT_EXP|SSL_MEDIUM,
1034         0,
1035         128,
1036         128,
1037         SSL_ALL_CIPHERS,
1038         SSL_ALL_STRENGTHS,
1039         },
1040
1041         /* Cipher 8B */
1042         {
1043         1,
1044         TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1045         TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1046         SSL_kPSK|SSL_aPSK|SSL_3DES|SSL_SHA|SSL_TLSV1,
1047         SSL_NOT_EXP|SSL_HIGH,
1048         0,
1049         168,
1050         168,
1051         SSL_ALL_CIPHERS,
1052         SSL_ALL_STRENGTHS,
1053         },
1054
1055         /* Cipher 8C */
1056         {
1057         1,
1058         TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1059         TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1060         SSL_kPSK|SSL_aPSK|SSL_AES|SSL_SHA|SSL_TLSV1,
1061         SSL_NOT_EXP|SSL_MEDIUM,
1062         0,
1063         128,
1064         128,
1065         SSL_ALL_CIPHERS,
1066         SSL_ALL_STRENGTHS,
1067         },
1068
1069         /* Cipher 8D */
1070         {
1071         1,
1072         TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1073         TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1074         SSL_kPSK|SSL_aPSK|SSL_AES|SSL_SHA|SSL_TLSV1,
1075         SSL_NOT_EXP|SSL_HIGH,
1076         0,
1077         256,
1078         256,
1079         SSL_ALL_CIPHERS,
1080         SSL_ALL_STRENGTHS,
1081         },
1082 #endif  /* OPENSSL_NO_PSK */
1083 #ifndef OPENSSL_NO_ECDH
1084         /* Cipher C001 */
1085             {
1086             1,
1087             TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
1088             TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
1089             SSL_kECDH|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1090             SSL_NOT_EXP,
1091             0,
1092             0,
1093             0,
1094             SSL_ALL_CIPHERS,
1095             SSL_ALL_STRENGTHS,
1096             },
1097
1098         /* Cipher C002 */
1099             {
1100             1,
1101             TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
1102             TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
1103             SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1104             SSL_NOT_EXP,
1105             0,
1106             128,
1107             128,
1108             SSL_ALL_CIPHERS,
1109             SSL_ALL_STRENGTHS,
1110             },
1111
1112         /* Cipher C003 */
1113             {
1114             1,
1115             TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1116             TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1117             SSL_kECDH|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1118             SSL_NOT_EXP|SSL_HIGH,
1119             0,
1120             168,
1121             168,
1122             SSL_ALL_CIPHERS,
1123             SSL_ALL_STRENGTHS,
1124             },
1125
1126         /* Cipher C004 */
1127             {
1128             1,
1129             TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1130             TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1131             SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1132             SSL_NOT_EXP|SSL_HIGH,
1133             0,
1134             128,
1135             128,
1136             SSL_ALL_CIPHERS,
1137             SSL_ALL_STRENGTHS,
1138             },
1139
1140         /* Cipher C005 */
1141             {
1142             1,
1143             TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1144             TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1145             SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1146             SSL_NOT_EXP|SSL_HIGH,
1147             0,
1148             256,
1149             256,
1150             SSL_ALL_CIPHERS,
1151             SSL_ALL_STRENGTHS,
1152             },
1153
1154         /* Cipher C006 */
1155             {
1156             1,
1157             TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
1158             TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
1159             SSL_kECDHE|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1160             SSL_NOT_EXP,
1161             0,
1162             0,
1163             0,
1164             SSL_ALL_CIPHERS,
1165             SSL_ALL_STRENGTHS,
1166             },
1167
1168         /* Cipher C007 */
1169             {
1170             1,
1171             TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
1172             TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
1173             SSL_kECDHE|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1174             SSL_NOT_EXP,
1175             0,
1176             128,
1177             128,
1178             SSL_ALL_CIPHERS,
1179             SSL_ALL_STRENGTHS,
1180             },
1181
1182         /* Cipher C008 */
1183             {
1184             1,
1185             TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1186             TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1187             SSL_kECDHE|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1188             SSL_NOT_EXP|SSL_HIGH,
1189             0,
1190             168,
1191             168,
1192             SSL_ALL_CIPHERS,
1193             SSL_ALL_STRENGTHS,
1194             },
1195
1196         /* Cipher C009 */
1197             {
1198             1,
1199             TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1200             TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1201             SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1202             SSL_NOT_EXP|SSL_HIGH,
1203             0,
1204             128,
1205             128,
1206             SSL_ALL_CIPHERS,
1207             SSL_ALL_STRENGTHS,
1208             },
1209
1210         /* Cipher C00A */
1211             {
1212             1,
1213             TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1214             TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1215             SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1216             SSL_NOT_EXP|SSL_HIGH,
1217             0,
1218             256,
1219             256,
1220             SSL_ALL_CIPHERS,
1221             SSL_ALL_STRENGTHS,
1222             },
1223
1224         /* Cipher C00B */
1225             {
1226             1,
1227             TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
1228             TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
1229             SSL_kECDH|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1230             SSL_NOT_EXP,
1231             0,
1232             0,
1233             0,
1234             SSL_ALL_CIPHERS,
1235             SSL_ALL_STRENGTHS,
1236             },
1237
1238         /* Cipher C00C */
1239             {
1240             1,
1241             TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
1242             TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
1243             SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1244             SSL_NOT_EXP,
1245             0,
1246             128,
1247             128,
1248             SSL_ALL_CIPHERS,
1249             SSL_ALL_STRENGTHS,
1250             },
1251
1252         /* Cipher C00D */
1253             {
1254             1,
1255             TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1256             TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1257             SSL_kECDH|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1258             SSL_NOT_EXP|SSL_HIGH,
1259             0,
1260             168,
1261             168,
1262             SSL_ALL_CIPHERS,
1263             SSL_ALL_STRENGTHS,
1264             },
1265
1266         /* Cipher C00E */
1267             {
1268             1,
1269             TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
1270             TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
1271             SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1272             SSL_NOT_EXP|SSL_HIGH,
1273             0,
1274             128,
1275             128,
1276             SSL_ALL_CIPHERS,
1277             SSL_ALL_STRENGTHS,
1278             },
1279
1280         /* Cipher C00F */
1281             {
1282             1,
1283             TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
1284             TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
1285             SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1286             SSL_NOT_EXP|SSL_HIGH,
1287             0,
1288             256,
1289             256,
1290             SSL_ALL_CIPHERS,
1291             SSL_ALL_STRENGTHS,
1292             },
1293
1294         /* Cipher C010 */
1295             {
1296             1,
1297             TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1298             TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1299             SSL_kECDHE|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1300             SSL_NOT_EXP,
1301             0,
1302             0,
1303             0,
1304             SSL_ALL_CIPHERS,
1305             SSL_ALL_STRENGTHS,
1306             },
1307
1308         /* Cipher C011 */
1309             {
1310             1,
1311             TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
1312             TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
1313             SSL_kECDHE|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1314             SSL_NOT_EXP,
1315             0,
1316             128,
1317             128,
1318             SSL_ALL_CIPHERS,
1319             SSL_ALL_STRENGTHS,
1320             },
1321
1322         /* Cipher C012 */
1323             {
1324             1,
1325             TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1326             TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1327             SSL_kECDHE|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1328             SSL_NOT_EXP|SSL_HIGH,
1329             0,
1330             168,
1331             168,
1332             SSL_ALL_CIPHERS,
1333             SSL_ALL_STRENGTHS,
1334             },
1335
1336         /* Cipher C013 */
1337             {
1338             1,
1339             TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1340             TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1341             SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1342             SSL_NOT_EXP|SSL_HIGH,
1343             0,
1344             128,
1345             128,
1346             SSL_ALL_CIPHERS,
1347             SSL_ALL_STRENGTHS,
1348             },
1349
1350         /* Cipher C014 */
1351             {
1352             1,
1353             TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1354             TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1355             SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1356             SSL_NOT_EXP|SSL_HIGH,
1357             0,
1358             256,
1359             256,
1360             SSL_ALL_CIPHERS,
1361             SSL_ALL_STRENGTHS,
1362             },
1363
1364         /* Cipher C015 */
1365             {
1366             1,
1367             TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1368             TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1369             SSL_kECDHE|SSL_aNULL|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1370             SSL_NOT_EXP,
1371             0,
1372             0,
1373             0,
1374             SSL_ALL_CIPHERS,
1375             SSL_ALL_STRENGTHS,
1376             },
1377
1378         /* Cipher C016 */
1379             {
1380             1,
1381             TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
1382             TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
1383             SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
1384             SSL_NOT_EXP,
1385             0,
1386             128,
1387             128,
1388             SSL_ALL_CIPHERS,
1389             SSL_ALL_STRENGTHS,
1390             },
1391
1392         /* Cipher C017 */
1393             {
1394             1,
1395             TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1396             TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1397             SSL_kECDHE|SSL_aNULL|SSL_3DES|SSL_SHA|SSL_TLSV1,
1398             SSL_NOT_EXP|SSL_HIGH,
1399             0,
1400             168,
1401             168,
1402             SSL_ALL_CIPHERS,
1403             SSL_ALL_STRENGTHS,
1404             },
1405
1406         /* Cipher C018 */
1407             {
1408             1,
1409             TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1410             TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1411             SSL_kECDHE|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
1412             SSL_NOT_EXP|SSL_HIGH,
1413             0,
1414             128,
1415             128,
1416             SSL_ALL_CIPHERS,
1417             SSL_ALL_STRENGTHS,
1418             },
1419
1420         /* Cipher C019 */
1421             {
1422             1,
1423             TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1424             TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1425             SSL_kECDHE|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
1426             SSL_NOT_EXP|SSL_HIGH,
1427             0,
1428             256,
1429             256,
1430             SSL_ALL_CIPHERS,
1431             SSL_ALL_STRENGTHS,
1432             },
1433 #endif  /* OPENSSL_NO_ECDH */
1434
1435 /* end of list */
1436         };
1437
1438 SSL3_ENC_METHOD SSLv3_enc_data={
1439         ssl3_enc,
1440         ssl3_mac,
1441         ssl3_setup_key_block,
1442         ssl3_generate_master_secret,
1443         ssl3_change_cipher_state,
1444         ssl3_final_finish_mac,
1445         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
1446         ssl3_cert_verify_mac,
1447         SSL3_MD_CLIENT_FINISHED_CONST,4,
1448         SSL3_MD_SERVER_FINISHED_CONST,4,
1449         ssl3_alert_code,
1450         };
1451
1452 long ssl3_default_timeout(void)
1453         {
1454         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
1455          * is way too long for http, the cache would over fill */
1456         return(60*60*2);
1457         }
1458
1459 int ssl3_num_ciphers(void)
1460         {
1461         return(SSL3_NUM_CIPHERS);
1462         }
1463
1464 SSL_CIPHER *ssl3_get_cipher(unsigned int u)
1465         {
1466         if (u < SSL3_NUM_CIPHERS)
1467                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
1468         else
1469                 return(NULL);
1470         }
1471
1472 int ssl3_pending(const SSL *s)
1473         {
1474         if (s->rstate == SSL_ST_READ_BODY)
1475                 return 0;
1476         
1477         return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
1478         }
1479
1480 int ssl3_new(SSL *s)
1481         {
1482         SSL3_STATE *s3;
1483
1484         if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
1485         memset(s3,0,sizeof *s3);
1486         EVP_MD_CTX_init(&s3->finish_dgst1);
1487         EVP_MD_CTX_init(&s3->finish_dgst2);
1488         memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
1489         memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
1490
1491         s->s3=s3;
1492
1493         s->method->ssl_clear(s);
1494         return(1);
1495 err:
1496         return(0);
1497         }
1498
1499 void ssl3_free(SSL *s)
1500         {
1501         if(s == NULL)
1502             return;
1503
1504         ssl3_cleanup_key_block(s);
1505         if (s->s3->rbuf.buf != NULL)
1506                 OPENSSL_free(s->s3->rbuf.buf);
1507         if (s->s3->wbuf.buf != NULL)
1508                 OPENSSL_free(s->s3->wbuf.buf);
1509         if (s->s3->rrec.comp != NULL)
1510                 OPENSSL_free(s->s3->rrec.comp);
1511 #ifndef OPENSSL_NO_DH
1512         if (s->s3->tmp.dh != NULL)
1513                 DH_free(s->s3->tmp.dh);
1514 #endif
1515 #ifndef OPENSSL_NO_ECDH
1516         if (s->s3->tmp.ecdh != NULL)
1517                 EC_KEY_free(s->s3->tmp.ecdh);
1518 #endif
1519
1520         if (s->s3->tmp.ca_names != NULL)
1521                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1522         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1523         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1524
1525         OPENSSL_cleanse(s->s3,sizeof *s->s3);
1526         OPENSSL_free(s->s3);
1527         s->s3=NULL;
1528         }
1529
1530 void ssl3_clear(SSL *s)
1531         {
1532         unsigned char *rp,*wp;
1533         size_t rlen, wlen;
1534
1535         ssl3_cleanup_key_block(s);
1536         if (s->s3->tmp.ca_names != NULL)
1537                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1538
1539         if (s->s3->rrec.comp != NULL)
1540                 {
1541                 OPENSSL_free(s->s3->rrec.comp);
1542                 s->s3->rrec.comp=NULL;
1543                 }
1544 #ifndef OPENSSL_NO_DH
1545         if (s->s3->tmp.dh != NULL)
1546                 DH_free(s->s3->tmp.dh);
1547 #endif
1548 #ifndef OPENSSL_NO_ECDH
1549         if (s->s3->tmp.ecdh != NULL)
1550                 EC_KEY_free(s->s3->tmp.ecdh);
1551 #endif
1552
1553         rp = s->s3->rbuf.buf;
1554         wp = s->s3->wbuf.buf;
1555         rlen = s->s3->rbuf.len;
1556         wlen = s->s3->wbuf.len;
1557
1558         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1559         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1560
1561         memset(s->s3,0,sizeof *s->s3);
1562         s->s3->rbuf.buf = rp;
1563         s->s3->wbuf.buf = wp;
1564         s->s3->rbuf.len = rlen;
1565         s->s3->wbuf.len = wlen;
1566
1567         ssl_free_wbio_buffer(s);
1568
1569         s->packet_length=0;
1570         s->s3->renegotiate=0;
1571         s->s3->total_renegotiations=0;
1572         s->s3->num_renegotiations=0;
1573         s->s3->in_read_app_data=0;
1574         s->version=SSL3_VERSION;
1575         }
1576
1577 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1578         {
1579         int ret=0;
1580
1581 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1582         if (
1583 #ifndef OPENSSL_NO_RSA
1584             cmd == SSL_CTRL_SET_TMP_RSA ||
1585             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1586 #endif
1587 #ifndef OPENSSL_NO_DSA
1588             cmd == SSL_CTRL_SET_TMP_DH ||
1589             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1590 #endif
1591                 0)
1592                 {
1593                 if (!ssl_cert_inst(&s->cert))
1594                         {
1595                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
1596                         return(0);
1597                         }
1598                 }
1599 #endif
1600
1601         switch (cmd)
1602                 {
1603         case SSL_CTRL_GET_SESSION_REUSED:
1604                 ret=s->hit;
1605                 break;
1606         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
1607                 break;
1608         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
1609                 ret=s->s3->num_renegotiations;
1610                 break;
1611         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
1612                 ret=s->s3->num_renegotiations;
1613                 s->s3->num_renegotiations=0;
1614                 break;
1615         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
1616                 ret=s->s3->total_renegotiations;
1617                 break;
1618         case SSL_CTRL_GET_FLAGS:
1619                 ret=(int)(s->s3->flags);
1620                 break;
1621 #ifndef OPENSSL_NO_RSA
1622         case SSL_CTRL_NEED_TMP_RSA:
1623                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
1624                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1625                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
1626                         ret = 1;
1627                 break;
1628         case SSL_CTRL_SET_TMP_RSA:
1629                 {
1630                         RSA *rsa = (RSA *)parg;
1631                         if (rsa == NULL)
1632                                 {
1633                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1634                                 return(ret);
1635                                 }
1636                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
1637                                 {
1638                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
1639                                 return(ret);
1640                                 }
1641                         if (s->cert->rsa_tmp != NULL)
1642                                 RSA_free(s->cert->rsa_tmp);
1643                         s->cert->rsa_tmp = rsa;
1644                         ret = 1;
1645                 }
1646                 break;
1647         case SSL_CTRL_SET_TMP_RSA_CB:
1648                 {
1649                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1650                 return(ret);
1651                 }
1652                 break;
1653 #endif
1654 #ifndef OPENSSL_NO_DH
1655         case SSL_CTRL_SET_TMP_DH:
1656                 {
1657                         DH *dh = (DH *)parg;
1658                         if (dh == NULL)
1659                                 {
1660                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1661                                 return(ret);
1662                                 }
1663                         if ((dh = DHparams_dup(dh)) == NULL)
1664                                 {
1665                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1666                                 return(ret);
1667                                 }
1668                         if (!(s->options & SSL_OP_SINGLE_DH_USE))
1669                                 {
1670                                 if (!DH_generate_key(dh))
1671                                         {
1672                                         DH_free(dh);
1673                                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1674                                         return(ret);
1675                                         }
1676                                 }
1677                         if (s->cert->dh_tmp != NULL)
1678                                 DH_free(s->cert->dh_tmp);
1679                         s->cert->dh_tmp = dh;
1680                         ret = 1;
1681                 }
1682                 break;
1683         case SSL_CTRL_SET_TMP_DH_CB:
1684                 {
1685                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1686                 return(ret);
1687                 }
1688                 break;
1689 #endif
1690 #ifndef OPENSSL_NO_ECDH
1691         case SSL_CTRL_SET_TMP_ECDH:
1692                 {
1693                 EC_KEY *ecdh = NULL;
1694                         
1695                 if (parg == NULL)
1696                         {
1697                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1698                         return(ret);
1699                         }
1700                 if (!EC_KEY_up_ref((EC_KEY *)parg))
1701                         {
1702                         SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
1703                         return(ret);
1704                         }
1705                 ecdh = (EC_KEY *)parg;
1706                 if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
1707                         {
1708                         if (!EC_KEY_generate_key(ecdh))
1709                                 {
1710                                 EC_KEY_free(ecdh);
1711                                 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
1712                                 return(ret);
1713                                 }
1714                         }
1715                 if (s->cert->ecdh_tmp != NULL)
1716                         EC_KEY_free(s->cert->ecdh_tmp);
1717                 s->cert->ecdh_tmp = ecdh;
1718                 ret = 1;
1719                 }
1720                 break;
1721         case SSL_CTRL_SET_TMP_ECDH_CB:
1722                 {
1723                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1724                 return(ret);
1725                 }
1726                 break;
1727 #endif /* !OPENSSL_NO_ECDH */
1728 #ifndef OPENSSL_NO_TLSEXT
1729         case SSL_CTRL_SET_TLSEXT_HOSTNAME:
1730                 if (larg == TLSEXT_NAMETYPE_host_name)
1731                         {
1732                         if (s->tlsext_hostname != NULL) 
1733                                 OPENSSL_free(s->tlsext_hostname);
1734                         s->tlsext_hostname = NULL;
1735
1736                         ret = 1;
1737                         if (parg == NULL) 
1738                                 break;
1739                         if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
1740                                 {
1741                                 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
1742                                 return 0;
1743                                 }
1744                         if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
1745                                 {
1746                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
1747                                 return 0;
1748                                 }
1749                         }
1750                 else
1751                         {
1752                         SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
1753                         return 0;
1754                         }
1755                 s->options |= SSL_OP_NO_SSLv2; /* can't use extension w/ SSL 2.0 format */
1756                 break;
1757 #ifndef OPENSSL_NO_EC
1758         case SSL_CTRL_SET_TLSEXT_ECPOINTFORMATLIST:
1759                 if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(larg)) == NULL)
1760                         {
1761                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
1762                         return 0;
1763                         }
1764                 {
1765                 int i;
1766                 unsigned char *sparg = (unsigned char *) parg;
1767                 for (i = 0; i < larg; i++, sparg++)
1768                         {
1769                         if (TLSEXT_ECPOINTFORMAT_last < *sparg)
1770                                 {
1771                                 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT);
1772                                 return(0);
1773                                 }
1774                         }
1775                 }
1776                 s->tlsext_ecpointformatlist_length = larg;
1777                 memcpy(s->tlsext_ecpointformatlist, parg, larg);
1778                 s->options |= SSL_OP_NO_SSLv2; /* can't use extension w/ SSL 2.0 format */
1779                 break;
1780 #endif /* OPENSSL_NO_EC */
1781 #endif /* !OPENSSL_NO_TLSEXT */
1782         default:
1783                 break;
1784                 }
1785         return(ret);
1786         }
1787
1788 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1789         {
1790         int ret=0;
1791
1792 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1793         if (
1794 #ifndef OPENSSL_NO_RSA
1795             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1796 #endif
1797 #ifndef OPENSSL_NO_DSA
1798             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1799 #endif
1800                 0)
1801                 {
1802                 if (!ssl_cert_inst(&s->cert))
1803                         {
1804                         SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
1805                         return(0);
1806                         }
1807                 }
1808 #endif
1809
1810         switch (cmd)
1811                 {
1812 #ifndef OPENSSL_NO_RSA
1813         case SSL_CTRL_SET_TMP_RSA_CB:
1814                 {
1815                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1816                 }
1817                 break;
1818 #endif
1819 #ifndef OPENSSL_NO_DH
1820         case SSL_CTRL_SET_TMP_DH_CB:
1821                 {
1822                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1823                 }
1824                 break;
1825 #endif
1826 #ifndef OPENSSL_NO_ECDH
1827         case SSL_CTRL_SET_TMP_ECDH_CB:
1828                 {
1829                 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
1830                 }
1831                 break;
1832 #endif
1833         default:
1834                 break;
1835                 }
1836         return(ret);
1837         }
1838
1839 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1840         {
1841         CERT *cert;
1842
1843         cert=ctx->cert;
1844
1845         switch (cmd)
1846                 {
1847 #ifndef OPENSSL_NO_RSA
1848         case SSL_CTRL_NEED_TMP_RSA:
1849                 if (    (cert->rsa_tmp == NULL) &&
1850                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1851                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
1852                         )
1853                         return(1);
1854                 else
1855                         return(0);
1856                 /* break; */
1857         case SSL_CTRL_SET_TMP_RSA:
1858                 {
1859                 RSA *rsa;
1860                 int i;
1861
1862                 rsa=(RSA *)parg;
1863                 i=1;
1864                 if (rsa == NULL)
1865                         i=0;
1866                 else
1867                         {
1868                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
1869                                 i=0;
1870                         }
1871                 if (!i)
1872                         {
1873                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
1874                         return(0);
1875                         }
1876                 else
1877                         {
1878                         if (cert->rsa_tmp != NULL)
1879                                 RSA_free(cert->rsa_tmp);
1880                         cert->rsa_tmp=rsa;
1881                         return(1);
1882                         }
1883                 }
1884                 /* break; */
1885         case SSL_CTRL_SET_TMP_RSA_CB:
1886                 {
1887                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1888                 return(0);
1889                 }
1890                 break;
1891 #endif
1892 #ifndef OPENSSL_NO_DH
1893         case SSL_CTRL_SET_TMP_DH:
1894                 {
1895                 DH *new=NULL,*dh;
1896
1897                 dh=(DH *)parg;
1898                 if ((new=DHparams_dup(dh)) == NULL)
1899                         {
1900                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1901                         return 0;
1902                         }
1903                 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1904                         {
1905                         if (!DH_generate_key(new))
1906                                 {
1907                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1908                                 DH_free(new);
1909                                 return 0;
1910                                 }
1911                         }
1912                 if (cert->dh_tmp != NULL)
1913                         DH_free(cert->dh_tmp);
1914                 cert->dh_tmp=new;
1915                 return 1;
1916                 }
1917                 /*break; */
1918         case SSL_CTRL_SET_TMP_DH_CB:
1919                 {
1920                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1921                 return(0);
1922                 }
1923                 break;
1924 #endif
1925 #ifndef OPENSSL_NO_ECDH
1926         case SSL_CTRL_SET_TMP_ECDH:
1927                 {
1928                 EC_KEY *ecdh = NULL;
1929                         
1930                 if (parg == NULL)
1931                         {
1932                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
1933                         return 0;
1934                         }
1935                 ecdh = EC_KEY_dup((EC_KEY *)parg);
1936                 if (ecdh == NULL)
1937                         {
1938                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
1939                         return 0;
1940                         }
1941                 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
1942                         {
1943                         if (!EC_KEY_generate_key(ecdh))
1944                                 {
1945                                 EC_KEY_free(ecdh);
1946                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
1947                                 return 0;
1948                                 }
1949                         }
1950
1951                 if (cert->ecdh_tmp != NULL)
1952                         {
1953                         EC_KEY_free(cert->ecdh_tmp);
1954                         }
1955                 cert->ecdh_tmp = ecdh;
1956                 return 1;
1957                 }
1958                 /* break; */
1959         case SSL_CTRL_SET_TMP_ECDH_CB:
1960                 {
1961                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1962                 return(0);
1963                 }
1964                 break;
1965 #endif /* !OPENSSL_NO_ECDH */
1966 #ifndef OPENSSL_NO_TLSEXT
1967         case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
1968                 ctx->tlsext_servername_arg=parg;
1969                 break;
1970 #endif /* !OPENSSL_NO_TLSEXT */
1971         /* A Thawte special :-) */
1972         case SSL_CTRL_EXTRA_CHAIN_CERT:
1973                 if (ctx->extra_certs == NULL)
1974                         {
1975                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1976                                 return(0);
1977                         }
1978                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
1979                 break;
1980
1981         default:
1982                 return(0);
1983                 }
1984         return(1);
1985         }
1986
1987 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1988         {
1989         CERT *cert;
1990
1991         cert=ctx->cert;
1992
1993         switch (cmd)
1994                 {
1995 #ifndef OPENSSL_NO_RSA
1996         case SSL_CTRL_SET_TMP_RSA_CB:
1997                 {
1998                 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1999                 }
2000                 break;
2001 #endif
2002 #ifndef OPENSSL_NO_DH
2003         case SSL_CTRL_SET_TMP_DH_CB:
2004                 {
2005                 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2006                 }
2007                 break;
2008 #endif
2009 #ifndef OPENSSL_NO_ECDH
2010         case SSL_CTRL_SET_TMP_ECDH_CB:
2011                 {
2012                 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
2013                 }
2014                 break;
2015 #endif
2016 #ifndef OPENSSL_NO_TLSEXT
2017         case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
2018                 ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
2019                 break;
2020 #endif
2021         default:
2022                 return(0);
2023                 }
2024         return(1);
2025         }
2026
2027 /* This function needs to check if the ciphers required are actually
2028  * available */
2029 SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
2030         {
2031         SSL_CIPHER c,*cp;
2032         unsigned long id;
2033
2034         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
2035         c.id=id;
2036         cp = (SSL_CIPHER *)OBJ_bsearch((char *)&c,
2037                 (char *)ssl3_ciphers,
2038                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER),
2039                 FP_ICC ssl_cipher_id_cmp);
2040         if (cp == NULL || cp->valid == 0)
2041                 return NULL;
2042         else
2043                 return cp;
2044         }
2045
2046 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
2047         {
2048         long l;
2049
2050         if (p != NULL)
2051                 {
2052                 l=c->id;
2053                 if ((l & 0xff000000) != 0x03000000) return(0);
2054                 p[0]=((unsigned char)(l>> 8L))&0xFF;
2055                 p[1]=((unsigned char)(l     ))&0xFF;
2056                 }
2057         return(2);
2058         }
2059
2060 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
2061              STACK_OF(SSL_CIPHER) *srvr)
2062         {
2063         SSL_CIPHER *c,*ret=NULL;
2064         STACK_OF(SSL_CIPHER) *prio, *allow;
2065         int i,j,ok;
2066         CERT *cert;
2067         unsigned long alg,mask,emask;
2068
2069         /* Let's see which ciphers we can support */
2070         cert=s->cert;
2071
2072 #if 0
2073         /* Do not set the compare functions, because this may lead to a
2074          * reordering by "id". We want to keep the original ordering.
2075          * We may pay a price in performance during sk_SSL_CIPHER_find(),
2076          * but would have to pay with the price of sk_SSL_CIPHER_dup().
2077          */
2078         sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
2079         sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
2080 #endif
2081
2082 #ifdef CIPHER_DEBUG
2083         printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
2084         for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
2085             {
2086             c=sk_SSL_CIPHER_value(srvr,i);
2087             printf("%p:%s\n",c,c->name);
2088             }
2089         printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
2090         for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
2091             {
2092             c=sk_SSL_CIPHER_value(clnt,i);
2093             printf("%p:%s\n",c,c->name);
2094             }
2095 #endif
2096
2097         if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
2098             {
2099             prio = srvr;
2100             allow = clnt;
2101             }
2102         else
2103             {
2104             prio = clnt;
2105             allow = srvr;
2106             }
2107
2108         for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
2109                 {
2110                 c=sk_SSL_CIPHER_value(prio,i);
2111
2112                 ssl_set_cert_masks(cert,c);
2113                 mask=cert->mask;
2114                 emask=cert->export_mask;
2115                         
2116 #ifdef KSSL_DEBUG
2117                 printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
2118 #endif    /* KSSL_DEBUG */
2119
2120                 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
2121 #ifndef OPENSSL_NO_KRB5
2122                 if (alg & SSL_KRB5) 
2123                         {
2124                         if ( !kssl_keytab_is_available(s->kssl_ctx) )
2125                             continue;
2126                         }
2127 #endif /* OPENSSL_NO_KRB5 */
2128 #ifndef OPENSSL_NO_PSK
2129                 /* with PSK there must be server callback set */
2130                 if ((alg & SSL_PSK) && s->psk_server_callback == NULL)
2131                         continue;
2132 #endif /* OPENSSL_NO_PSK */
2133
2134                 if (SSL_C_IS_EXPORT(c))
2135                         {
2136                         ok=((alg & emask) == alg)?1:0;
2137 #ifdef CIPHER_DEBUG
2138                         printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
2139                                c,c->name);
2140 #endif
2141                         }
2142                 else
2143                         {
2144                         ok=((alg & mask) == alg)?1:0;
2145 #ifdef CIPHER_DEBUG
2146                         printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
2147                                c->name);
2148 #endif
2149                         }
2150
2151                 if (!ok) continue;
2152                 j=sk_SSL_CIPHER_find(allow,c);
2153                 if (j >= 0)
2154                         {
2155                         ret=sk_SSL_CIPHER_value(allow,j);
2156                         break;
2157                         }
2158                 }
2159         return(ret);
2160         }
2161
2162 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
2163         {
2164         int ret=0;
2165         unsigned long alg;
2166
2167         alg=s->s3->tmp.new_cipher->algorithms;
2168
2169 #ifndef OPENSSL_NO_DH
2170         if (alg & (SSL_kDHr|SSL_kEDH))
2171                 {
2172 #  ifndef OPENSSL_NO_RSA
2173                 p[ret++]=SSL3_CT_RSA_FIXED_DH;
2174 #  endif
2175 #  ifndef OPENSSL_NO_DSA
2176                 p[ret++]=SSL3_CT_DSS_FIXED_DH;
2177 #  endif
2178                 }
2179         if ((s->version == SSL3_VERSION) &&
2180                 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
2181                 {
2182 #  ifndef OPENSSL_NO_RSA
2183                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
2184 #  endif
2185 #  ifndef OPENSSL_NO_DSA
2186                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
2187 #  endif
2188                 }
2189 #endif /* !OPENSSL_NO_DH */
2190 #ifndef OPENSSL_NO_RSA
2191         p[ret++]=SSL3_CT_RSA_SIGN;
2192 #endif
2193 #ifndef OPENSSL_NO_DSA
2194         p[ret++]=SSL3_CT_DSS_SIGN;
2195 #endif
2196 #ifndef OPENSSL_NO_ECDH
2197         /* We should ask for fixed ECDH certificates only
2198          * for SSL_kECDH (and not SSL_kECDHE)
2199          */
2200         if ((alg & SSL_kECDH) && (s->version >= TLS1_VERSION))
2201                 {
2202                 p[ret++]=TLS_CT_RSA_FIXED_ECDH;
2203                 p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
2204                 }
2205 #endif
2206
2207 #ifndef OPENSSL_NO_ECDSA
2208         /* ECDSA certs can be used with RSA cipher suites as well 
2209          * so we don't need to check for SSL_kECDH or SSL_kECDHE
2210          */
2211         if (s->version >= TLS1_VERSION)
2212                 {
2213                 p[ret++]=TLS_CT_ECDSA_SIGN;
2214                 }
2215 #endif  
2216         return(ret);
2217         }
2218
2219 int ssl3_shutdown(SSL *s)
2220         {
2221
2222         /* Don't do anything much if we have not done the handshake or
2223          * we don't want to send messages :-) */
2224         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
2225                 {
2226                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
2227                 return(1);
2228                 }
2229
2230         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
2231                 {
2232                 s->shutdown|=SSL_SENT_SHUTDOWN;
2233 #if 1
2234                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
2235 #endif
2236                 /* our shutdown alert has been sent now, and if it still needs
2237                  * to be written, s->s3->alert_dispatch will be true */
2238                 }
2239         else if (s->s3->alert_dispatch)
2240                 {
2241                 /* resend it if not sent */
2242 #if 1
2243                 s->method->ssl_dispatch_alert(s);
2244 #endif
2245                 }
2246         else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
2247                 {
2248                 /* If we are waiting for a close from our peer, we are closed */
2249                 s->method->ssl_read_bytes(s,0,NULL,0,0);
2250                 }
2251
2252         if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
2253                 !s->s3->alert_dispatch)
2254                 return(1);
2255         else
2256                 return(0);
2257         }
2258
2259 int ssl3_write(SSL *s, const void *buf, int len)
2260         {
2261         int ret,n;
2262
2263 #if 0
2264         if (s->shutdown & SSL_SEND_SHUTDOWN)
2265                 {
2266                 s->rwstate=SSL_NOTHING;
2267                 return(0);
2268                 }
2269 #endif
2270         clear_sys_error();
2271         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
2272
2273         /* This is an experimental flag that sends the
2274          * last handshake message in the same packet as the first
2275          * use data - used to see if it helps the TCP protocol during
2276          * session-id reuse */
2277         /* The second test is because the buffer may have been removed */
2278         if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
2279                 {
2280                 /* First time through, we write into the buffer */
2281                 if (s->s3->delay_buf_pop_ret == 0)
2282                         {
2283                         ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
2284                                              buf,len);
2285                         if (ret <= 0) return(ret);
2286
2287                         s->s3->delay_buf_pop_ret=ret;
2288                         }
2289
2290                 s->rwstate=SSL_WRITING;
2291                 n=BIO_flush(s->wbio);
2292                 if (n <= 0) return(n);
2293                 s->rwstate=SSL_NOTHING;
2294
2295                 /* We have flushed the buffer, so remove it */
2296                 ssl_free_wbio_buffer(s);
2297                 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
2298
2299                 ret=s->s3->delay_buf_pop_ret;
2300                 s->s3->delay_buf_pop_ret=0;
2301                 }
2302         else
2303                 {
2304                 ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
2305                         buf,len);
2306                 if (ret <= 0) return(ret);
2307                 }
2308
2309         return(ret);
2310         }
2311
2312 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
2313         {
2314         int ret;
2315         
2316         clear_sys_error();
2317         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
2318         s->s3->in_read_app_data=1;
2319         ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
2320         if ((ret == -1) && (s->s3->in_read_app_data == 2))
2321                 {
2322                 /* ssl3_read_bytes decided to call s->handshake_func, which
2323                  * called ssl3_read_bytes to read handshake data.
2324                  * However, ssl3_read_bytes actually found application data
2325                  * and thinks that application data makes sense here; so disable
2326                  * handshake processing and try to read application data again. */
2327                 s->in_handshake++;
2328                 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
2329                 s->in_handshake--;
2330                 }
2331         else
2332                 s->s3->in_read_app_data=0;
2333
2334         return(ret);
2335         }
2336
2337 int ssl3_read(SSL *s, void *buf, int len)
2338         {
2339         return ssl3_read_internal(s, buf, len, 0);
2340         }
2341
2342 int ssl3_peek(SSL *s, void *buf, int len)
2343         {
2344         return ssl3_read_internal(s, buf, len, 1);
2345         }
2346
2347 int ssl3_renegotiate(SSL *s)
2348         {
2349         if (s->handshake_func == NULL)
2350                 return(1);
2351
2352         if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
2353                 return(0);
2354
2355         s->s3->renegotiate=1;
2356         return(1);
2357         }
2358
2359 int ssl3_renegotiate_check(SSL *s)
2360         {
2361         int ret=0;
2362
2363         if (s->s3->renegotiate)
2364                 {
2365                 if (    (s->s3->rbuf.left == 0) &&
2366                         (s->s3->wbuf.left == 0) &&
2367                         !SSL_in_init(s))
2368                         {
2369 /*
2370 if we are the server, and we have sent a 'RENEGOTIATE' message, we
2371 need to go to SSL_ST_ACCEPT.
2372 */
2373                         /* SSL_ST_ACCEPT */
2374                         s->state=SSL_ST_RENEGOTIATE;
2375                         s->s3->renegotiate=0;
2376                         s->s3->num_renegotiations++;
2377                         s->s3->total_renegotiations++;
2378                         ret=1;
2379                         }
2380                 }
2381         return(ret);
2382         }
2383