Further BUILDENV refinement, further fool-proofing of Makefiles and
[openssl.git] / ssl / s3_lib.c
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by 
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * ECC cipher suite support in OpenSSL originally written by
121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122  *
123  */
124
125 #include <stdio.h>
126 #include <openssl/objects.h>
127 #include "ssl_locl.h"
128 #include "kssl_lcl.h"
129 #include <openssl/md5.h>
130 #include <openssl/dh.h>
131
132 const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
133
134 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
135
136 static long ssl3_default_timeout(void );
137
138 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
139 /* The RSA ciphers */
140 /* Cipher 01 */
141         {
142         1,
143         SSL3_TXT_RSA_NULL_MD5,
144         SSL3_CK_RSA_NULL_MD5,
145         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
146         SSL_NOT_EXP|SSL_STRONG_NONE,
147         0,
148         0,
149         0,
150         SSL_ALL_CIPHERS,
151         SSL_ALL_STRENGTHS,
152         },
153 /* Cipher 02 */
154         {
155         1,
156         SSL3_TXT_RSA_NULL_SHA,
157         SSL3_CK_RSA_NULL_SHA,
158         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
159         SSL_NOT_EXP|SSL_STRONG_NONE,
160         0,
161         0,
162         0,
163         SSL_ALL_CIPHERS,
164         SSL_ALL_STRENGTHS,
165         },
166
167 /* anon DH */
168 /* Cipher 17 */
169         {
170         1,
171         SSL3_TXT_ADH_RC4_40_MD5,
172         SSL3_CK_ADH_RC4_40_MD5,
173         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
174         SSL_EXPORT|SSL_EXP40,
175         0,
176         40,
177         128,
178         SSL_ALL_CIPHERS,
179         SSL_ALL_STRENGTHS,
180         },
181 /* Cipher 18 */
182         {
183         1,
184         SSL3_TXT_ADH_RC4_128_MD5,
185         SSL3_CK_ADH_RC4_128_MD5,
186         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
187         SSL_NOT_EXP|SSL_MEDIUM,
188         0,
189         128,
190         128,
191         SSL_ALL_CIPHERS,
192         SSL_ALL_STRENGTHS,
193         },
194 /* Cipher 19 */
195         {
196         1,
197         SSL3_TXT_ADH_DES_40_CBC_SHA,
198         SSL3_CK_ADH_DES_40_CBC_SHA,
199         SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
200         SSL_EXPORT|SSL_EXP40,
201         0,
202         40,
203         128,
204         SSL_ALL_CIPHERS,
205         SSL_ALL_STRENGTHS,
206         },
207 /* Cipher 1A */
208         {
209         1,
210         SSL3_TXT_ADH_DES_64_CBC_SHA,
211         SSL3_CK_ADH_DES_64_CBC_SHA,
212         SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
213         SSL_NOT_EXP|SSL_LOW,
214         0,
215         56,
216         56,
217         SSL_ALL_CIPHERS,
218         SSL_ALL_STRENGTHS,
219         },
220 /* Cipher 1B */
221         {
222         1,
223         SSL3_TXT_ADH_DES_192_CBC_SHA,
224         SSL3_CK_ADH_DES_192_CBC_SHA,
225         SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
226         SSL_NOT_EXP|SSL_HIGH,
227         0,
228         168,
229         168,
230         SSL_ALL_CIPHERS,
231         SSL_ALL_STRENGTHS,
232         },
233
234 /* RSA again */
235 /* Cipher 03 */
236         {
237         1,
238         SSL3_TXT_RSA_RC4_40_MD5,
239         SSL3_CK_RSA_RC4_40_MD5,
240         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
241         SSL_EXPORT|SSL_EXP40,
242         0,
243         40,
244         128,
245         SSL_ALL_CIPHERS,
246         SSL_ALL_STRENGTHS,
247         },
248 /* Cipher 04 */
249         {
250         1,
251         SSL3_TXT_RSA_RC4_128_MD5,
252         SSL3_CK_RSA_RC4_128_MD5,
253         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
254         SSL_NOT_EXP|SSL_MEDIUM,
255         0,
256         128,
257         128,
258         SSL_ALL_CIPHERS,
259         SSL_ALL_STRENGTHS,
260         },
261 /* Cipher 05 */
262         {
263         1,
264         SSL3_TXT_RSA_RC4_128_SHA,
265         SSL3_CK_RSA_RC4_128_SHA,
266         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
267         SSL_NOT_EXP|SSL_MEDIUM,
268         0,
269         128,
270         128,
271         SSL_ALL_CIPHERS,
272         SSL_ALL_STRENGTHS,
273         },
274 /* Cipher 06 */
275         {
276         1,
277         SSL3_TXT_RSA_RC2_40_MD5,
278         SSL3_CK_RSA_RC2_40_MD5,
279         SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
280         SSL_EXPORT|SSL_EXP40,
281         0,
282         40,
283         128,
284         SSL_ALL_CIPHERS,
285         SSL_ALL_STRENGTHS,
286         },
287 /* Cipher 07 */
288 #ifndef OPENSSL_NO_IDEA
289         {
290         1,
291         SSL3_TXT_RSA_IDEA_128_SHA,
292         SSL3_CK_RSA_IDEA_128_SHA,
293         SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
294         SSL_NOT_EXP|SSL_MEDIUM,
295         0,
296         128,
297         128,
298         SSL_ALL_CIPHERS,
299         SSL_ALL_STRENGTHS,
300         },
301 #endif
302 /* Cipher 08 */
303         {
304         1,
305         SSL3_TXT_RSA_DES_40_CBC_SHA,
306         SSL3_CK_RSA_DES_40_CBC_SHA,
307         SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
308         SSL_EXPORT|SSL_EXP40,
309         0,
310         40,
311         56,
312         SSL_ALL_CIPHERS,
313         SSL_ALL_STRENGTHS,
314         },
315 /* Cipher 09 */
316         {
317         1,
318         SSL3_TXT_RSA_DES_64_CBC_SHA,
319         SSL3_CK_RSA_DES_64_CBC_SHA,
320         SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
321         SSL_NOT_EXP|SSL_LOW,
322         0,
323         56,
324         56,
325         SSL_ALL_CIPHERS,
326         SSL_ALL_STRENGTHS,
327         },
328 /* Cipher 0A */
329         {
330         1,
331         SSL3_TXT_RSA_DES_192_CBC3_SHA,
332         SSL3_CK_RSA_DES_192_CBC3_SHA,
333         SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
334         SSL_NOT_EXP|SSL_HIGH,
335         0,
336         168,
337         168,
338         SSL_ALL_CIPHERS,
339         SSL_ALL_STRENGTHS,
340         },
341
342 /*  The DH ciphers */
343 /* Cipher 0B */
344         {
345         0,
346         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
347         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
348         SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
349         SSL_EXPORT|SSL_EXP40,
350         0,
351         40,
352         56,
353         SSL_ALL_CIPHERS,
354         SSL_ALL_STRENGTHS,
355         },
356 /* Cipher 0C */
357         {
358         0,
359         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
360         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
361         SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
362         SSL_NOT_EXP|SSL_LOW,
363         0,
364         56,
365         56,
366         SSL_ALL_CIPHERS,
367         SSL_ALL_STRENGTHS,
368         },
369 /* Cipher 0D */
370         {
371         0,
372         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
373         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
374         SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
375         SSL_NOT_EXP|SSL_HIGH,
376         0,
377         168,
378         168,
379         SSL_ALL_CIPHERS,
380         SSL_ALL_STRENGTHS,
381         },
382 /* Cipher 0E */
383         {
384         0,
385         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
386         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
387         SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
388         SSL_EXPORT|SSL_EXP40,
389         0,
390         40,
391         56,
392         SSL_ALL_CIPHERS,
393         SSL_ALL_STRENGTHS,
394         },
395 /* Cipher 0F */
396         {
397         0,
398         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
399         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
400         SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
401         SSL_NOT_EXP|SSL_LOW,
402         0,
403         56,
404         56,
405         SSL_ALL_CIPHERS,
406         SSL_ALL_STRENGTHS,
407         },
408 /* Cipher 10 */
409         {
410         0,
411         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
412         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
413         SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
414         SSL_NOT_EXP|SSL_HIGH,
415         0,
416         168,
417         168,
418         SSL_ALL_CIPHERS,
419         SSL_ALL_STRENGTHS,
420         },
421
422 /* The Ephemeral DH ciphers */
423 /* Cipher 11 */
424         {
425         1,
426         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
427         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
428         SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
429         SSL_EXPORT|SSL_EXP40,
430         0,
431         40,
432         56,
433         SSL_ALL_CIPHERS,
434         SSL_ALL_STRENGTHS,
435         },
436 /* Cipher 12 */
437         {
438         1,
439         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
440         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
441         SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
442         SSL_NOT_EXP|SSL_LOW,
443         0,
444         56,
445         56,
446         SSL_ALL_CIPHERS,
447         SSL_ALL_STRENGTHS,
448         },
449 /* Cipher 13 */
450         {
451         1,
452         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
453         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
454         SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
455         SSL_NOT_EXP|SSL_HIGH,
456         0,
457         168,
458         168,
459         SSL_ALL_CIPHERS,
460         SSL_ALL_STRENGTHS,
461         },
462 /* Cipher 14 */
463         {
464         1,
465         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
466         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
467         SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
468         SSL_EXPORT|SSL_EXP40,
469         0,
470         40,
471         56,
472         SSL_ALL_CIPHERS,
473         SSL_ALL_STRENGTHS,
474         },
475 /* Cipher 15 */
476         {
477         1,
478         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
479         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
480         SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
481         SSL_NOT_EXP|SSL_LOW,
482         0,
483         56,
484         56,
485         SSL_ALL_CIPHERS,
486         SSL_ALL_STRENGTHS,
487         },
488 /* Cipher 16 */
489         {
490         1,
491         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
492         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
493         SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
494         SSL_NOT_EXP|SSL_HIGH,
495         0,
496         168,
497         168,
498         SSL_ALL_CIPHERS,
499         SSL_ALL_STRENGTHS,
500         },
501
502 /* Fortezza */
503 /* Cipher 1C */
504         {
505         0,
506         SSL3_TXT_FZA_DMS_NULL_SHA,
507         SSL3_CK_FZA_DMS_NULL_SHA,
508         SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
509         SSL_NOT_EXP|SSL_STRONG_NONE,
510         0,
511         0,
512         0,
513         SSL_ALL_CIPHERS,
514         SSL_ALL_STRENGTHS,
515         },
516
517 /* Cipher 1D */
518         {
519         0,
520         SSL3_TXT_FZA_DMS_FZA_SHA,
521         SSL3_CK_FZA_DMS_FZA_SHA,
522         SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
523         SSL_NOT_EXP|SSL_STRONG_NONE,
524         0,
525         0,
526         0,
527         SSL_ALL_CIPHERS,
528         SSL_ALL_STRENGTHS,
529         },
530
531 #if 0
532 /* Cipher 1E */
533         {
534         0,
535         SSL3_TXT_FZA_DMS_RC4_SHA,
536         SSL3_CK_FZA_DMS_RC4_SHA,
537         SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
538         SSL_NOT_EXP|SSL_MEDIUM,
539         0,
540         128,
541         128,
542         SSL_ALL_CIPHERS,
543         SSL_ALL_STRENGTHS,
544         },
545 #endif
546
547 #ifndef OPENSSL_NO_KRB5
548 /* The Kerberos ciphers
549 ** 20000107 VRS: And the first shall be last,
550 ** in hopes of avoiding the lynx ssl renegotiation problem.
551 */
552 /* Cipher 1E VRS */
553         {
554         1,
555         SSL3_TXT_KRB5_DES_64_CBC_SHA,
556         SSL3_CK_KRB5_DES_64_CBC_SHA,
557         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
558         SSL_NOT_EXP|SSL_LOW,
559         0,
560         56,
561         56,
562         SSL_ALL_CIPHERS,
563         SSL_ALL_STRENGTHS,
564         },
565
566 /* Cipher 1F VRS */
567         {
568         1,
569         SSL3_TXT_KRB5_DES_192_CBC3_SHA,
570         SSL3_CK_KRB5_DES_192_CBC3_SHA,
571         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
572         SSL_NOT_EXP|SSL_HIGH,
573         0,
574         112,
575         168,
576         SSL_ALL_CIPHERS,
577         SSL_ALL_STRENGTHS,
578         },
579
580 /* Cipher 20 VRS */
581         {
582         1,
583         SSL3_TXT_KRB5_RC4_128_SHA,
584         SSL3_CK_KRB5_RC4_128_SHA,
585         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1  |SSL_SSLV3,
586         SSL_NOT_EXP|SSL_MEDIUM,
587         0,
588         128,
589         128,
590         SSL_ALL_CIPHERS,
591         SSL_ALL_STRENGTHS,
592         },
593
594 /* Cipher 21 VRS */
595         {
596         1,
597         SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
598         SSL3_CK_KRB5_IDEA_128_CBC_SHA,
599         SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_SHA1  |SSL_SSLV3,
600         SSL_NOT_EXP|SSL_MEDIUM,
601         0,
602         128,
603         128,
604         SSL_ALL_CIPHERS,
605         SSL_ALL_STRENGTHS,
606         },
607
608 /* Cipher 22 VRS */
609         {
610         1,
611         SSL3_TXT_KRB5_DES_64_CBC_MD5,
612         SSL3_CK_KRB5_DES_64_CBC_MD5,
613         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
614         SSL_NOT_EXP|SSL_LOW,
615         0,
616         56,
617         56,
618         SSL_ALL_CIPHERS,
619         SSL_ALL_STRENGTHS,
620         },
621
622 /* Cipher 23 VRS */
623         {
624         1,
625         SSL3_TXT_KRB5_DES_192_CBC3_MD5,
626         SSL3_CK_KRB5_DES_192_CBC3_MD5,
627         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
628         SSL_NOT_EXP|SSL_HIGH,
629         0,
630         112,
631         168,
632         SSL_ALL_CIPHERS,
633         SSL_ALL_STRENGTHS,
634         },
635
636 /* Cipher 24 VRS */
637         {
638         1,
639         SSL3_TXT_KRB5_RC4_128_MD5,
640         SSL3_CK_KRB5_RC4_128_MD5,
641         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5  |SSL_SSLV3,
642         SSL_NOT_EXP|SSL_MEDIUM,
643         0,
644         128,
645         128,
646         SSL_ALL_CIPHERS,
647         SSL_ALL_STRENGTHS,
648         },
649
650 /* Cipher 25 VRS */
651         {
652         1,
653         SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
654         SSL3_CK_KRB5_IDEA_128_CBC_MD5,
655         SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_MD5  |SSL_SSLV3,
656         SSL_NOT_EXP|SSL_MEDIUM,
657         0,
658         128,
659         128,
660         SSL_ALL_CIPHERS,
661         SSL_ALL_STRENGTHS,
662         },
663
664 /* Cipher 26 VRS */
665         {
666         1,
667         SSL3_TXT_KRB5_DES_40_CBC_SHA,
668         SSL3_CK_KRB5_DES_40_CBC_SHA,
669         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
670         SSL_EXPORT|SSL_EXP40,
671         0,
672         40,
673         56,
674         SSL_ALL_CIPHERS,
675         SSL_ALL_STRENGTHS,
676         },
677
678 /* Cipher 27 VRS */
679         {
680         1,
681         SSL3_TXT_KRB5_RC2_40_CBC_SHA,
682         SSL3_CK_KRB5_RC2_40_CBC_SHA,
683         SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_SHA1   |SSL_SSLV3,
684         SSL_EXPORT|SSL_EXP40,
685         0,
686         40,
687         128,
688         SSL_ALL_CIPHERS,
689         SSL_ALL_STRENGTHS,
690         },
691
692 /* Cipher 28 VRS */
693         {
694         1,
695         SSL3_TXT_KRB5_RC4_40_SHA,
696         SSL3_CK_KRB5_RC4_40_SHA,
697         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1   |SSL_SSLV3,
698         SSL_EXPORT|SSL_EXP40,
699         0,
700         128,
701         128,
702         SSL_ALL_CIPHERS,
703         SSL_ALL_STRENGTHS,
704         },
705
706 /* Cipher 29 VRS */
707         {
708         1,
709         SSL3_TXT_KRB5_DES_40_CBC_MD5,
710         SSL3_CK_KRB5_DES_40_CBC_MD5,
711         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
712         SSL_EXPORT|SSL_EXP40,
713         0,
714         40,
715         56,
716         SSL_ALL_CIPHERS,
717         SSL_ALL_STRENGTHS,
718         },
719
720 /* Cipher 2A VRS */
721         {
722         1,
723         SSL3_TXT_KRB5_RC2_40_CBC_MD5,
724         SSL3_CK_KRB5_RC2_40_CBC_MD5,
725         SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_MD5    |SSL_SSLV3,
726         SSL_EXPORT|SSL_EXP40,
727         0,
728         40,
729         128,
730         SSL_ALL_CIPHERS,
731         SSL_ALL_STRENGTHS,
732         },
733
734 /* Cipher 2B VRS */
735         {
736         1,
737         SSL3_TXT_KRB5_RC4_40_MD5,
738         SSL3_CK_KRB5_RC4_40_MD5,
739         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5    |SSL_SSLV3,
740         SSL_EXPORT|SSL_EXP40,
741         0,
742         128,
743         128,
744         SSL_ALL_CIPHERS,
745         SSL_ALL_STRENGTHS,
746         },
747 #endif  /* OPENSSL_NO_KRB5 */
748
749
750 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
751         /* New TLS Export CipherSuites */
752         /* Cipher 60 */
753             {
754             1,
755             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
756             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
757             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
758             SSL_EXPORT|SSL_EXP56,
759             0,
760             56,
761             128,
762             SSL_ALL_CIPHERS,
763             SSL_ALL_STRENGTHS,
764             },
765         /* Cipher 61 */
766             {
767             1,
768             TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
769             TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
770             SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
771             SSL_EXPORT|SSL_EXP56,
772             0,
773             56,
774             128,
775             SSL_ALL_CIPHERS,
776             SSL_ALL_STRENGTHS,
777             },
778         /* Cipher 62 */
779             {
780             1,
781             TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
782             TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
783             SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
784             SSL_EXPORT|SSL_EXP56,
785             0,
786             56,
787             56,
788             SSL_ALL_CIPHERS,
789             SSL_ALL_STRENGTHS,
790             },
791         /* Cipher 63 */
792             {
793             1,
794             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
795             TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
796             SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
797             SSL_EXPORT|SSL_EXP56,
798             0,
799             56,
800             56,
801             SSL_ALL_CIPHERS,
802             SSL_ALL_STRENGTHS,
803             },
804         /* Cipher 64 */
805             {
806             1,
807             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
808             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
809             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
810             SSL_EXPORT|SSL_EXP56,
811             0,
812             56,
813             128,
814             SSL_ALL_CIPHERS,
815             SSL_ALL_STRENGTHS,
816             },
817         /* Cipher 65 */
818             {
819             1,
820             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
821             TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
822             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
823             SSL_EXPORT|SSL_EXP56,
824             0,
825             56,
826             128,
827             SSL_ALL_CIPHERS,
828             SSL_ALL_STRENGTHS,
829             },
830         /* Cipher 66 */
831             {
832             1,
833             TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
834             TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
835             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
836             SSL_NOT_EXP|SSL_MEDIUM,
837             0,
838             128,
839             128,
840             SSL_ALL_CIPHERS,
841             SSL_ALL_STRENGTHS
842             },
843 #endif
844         /* New AES ciphersuites */
845
846         /* Cipher 2F */
847             {
848             1,
849             TLS1_TXT_RSA_WITH_AES_128_SHA,
850             TLS1_CK_RSA_WITH_AES_128_SHA,
851             SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
852             SSL_NOT_EXP|SSL_MEDIUM,
853             0,
854             128,
855             128,
856             SSL_ALL_CIPHERS,
857             SSL_ALL_STRENGTHS,
858             },
859         /* Cipher 30 */
860             {
861             0,
862             TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
863             TLS1_CK_DH_DSS_WITH_AES_128_SHA,
864             SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
865             SSL_NOT_EXP|SSL_MEDIUM,
866             0,
867             128,
868             128,
869             SSL_ALL_CIPHERS,
870             SSL_ALL_STRENGTHS,
871             },
872         /* Cipher 31 */
873             {
874             0,
875             TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
876             TLS1_CK_DH_RSA_WITH_AES_128_SHA,
877             SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
878             SSL_NOT_EXP|SSL_MEDIUM,
879             0,
880             128,
881             128,
882             SSL_ALL_CIPHERS,
883             SSL_ALL_STRENGTHS,
884             },
885         /* Cipher 32 */
886             {
887             1,
888             TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
889             TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
890             SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
891             SSL_NOT_EXP|SSL_MEDIUM,
892             0,
893             128,
894             128,
895             SSL_ALL_CIPHERS,
896             SSL_ALL_STRENGTHS,
897             },
898         /* Cipher 33 */
899             {
900             1,
901             TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
902             TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
903             SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
904             SSL_NOT_EXP|SSL_MEDIUM,
905             0,
906             128,
907             128,
908             SSL_ALL_CIPHERS,
909             SSL_ALL_STRENGTHS,
910             },
911         /* Cipher 34 */
912             {
913             1,
914             TLS1_TXT_ADH_WITH_AES_128_SHA,
915             TLS1_CK_ADH_WITH_AES_128_SHA,
916             SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
917             SSL_NOT_EXP|SSL_MEDIUM,
918             0,
919             128,
920             128,
921             SSL_ALL_CIPHERS,
922             SSL_ALL_STRENGTHS,
923             },
924
925         /* Cipher 35 */
926             {
927             1,
928             TLS1_TXT_RSA_WITH_AES_256_SHA,
929             TLS1_CK_RSA_WITH_AES_256_SHA,
930             SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
931             SSL_NOT_EXP|SSL_HIGH,
932             0,
933             256,
934             256,
935             SSL_ALL_CIPHERS,
936             SSL_ALL_STRENGTHS,
937             },
938         /* Cipher 36 */
939             {
940             0,
941             TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
942             TLS1_CK_DH_DSS_WITH_AES_256_SHA,
943             SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
944             SSL_NOT_EXP|SSL_HIGH,
945             0,
946             256,
947             256,
948             SSL_ALL_CIPHERS,
949             SSL_ALL_STRENGTHS,
950             },
951         /* Cipher 37 */
952             {
953             0,
954             TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
955             TLS1_CK_DH_RSA_WITH_AES_256_SHA,
956             SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
957             SSL_NOT_EXP|SSL_HIGH,
958             0,
959             256,
960             256,
961             SSL_ALL_CIPHERS,
962             SSL_ALL_STRENGTHS,
963             },
964         /* Cipher 38 */
965             {
966             1,
967             TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
968             TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
969             SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
970             SSL_NOT_EXP|SSL_HIGH,
971             0,
972             256,
973             256,
974             SSL_ALL_CIPHERS,
975             SSL_ALL_STRENGTHS,
976             },
977         /* Cipher 39 */
978             {
979             1,
980             TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
981             TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
982             SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
983             SSL_NOT_EXP|SSL_HIGH,
984             0,
985             256,
986             256,
987             SSL_ALL_CIPHERS,
988             SSL_ALL_STRENGTHS,
989             },
990         /* Cipher 3A */
991             {
992             1,
993             TLS1_TXT_ADH_WITH_AES_256_SHA,
994             TLS1_CK_ADH_WITH_AES_256_SHA,
995             SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
996             SSL_NOT_EXP|SSL_HIGH,
997             0,
998             256,
999             256,
1000             SSL_ALL_CIPHERS,
1001             SSL_ALL_STRENGTHS,
1002             },
1003
1004 #ifndef OPENSSL_NO_ECDH
1005         /* Cipher 47 */
1006             {
1007             1,
1008             TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
1009             TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
1010             SSL_kECDH|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1011             SSL_NOT_EXP,
1012             0,
1013             0,
1014             0,
1015             SSL_ALL_CIPHERS,
1016             SSL_ALL_STRENGTHS,
1017             },
1018
1019         /* Cipher 48 */
1020             {
1021             1,
1022             TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
1023             TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
1024             SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1025             SSL_NOT_EXP,
1026             0,
1027             128,
1028             128,
1029             SSL_ALL_CIPHERS,
1030             SSL_ALL_STRENGTHS,
1031             },
1032
1033         /* Cipher 49 */
1034             {
1035             1,
1036             TLS1_TXT_ECDH_ECDSA_WITH_DES_CBC_SHA,
1037             TLS1_CK_ECDH_ECDSA_WITH_DES_CBC_SHA,
1038             SSL_kECDH|SSL_aECDSA|SSL_DES|SSL_SHA|SSL_TLSV1,
1039             SSL_NOT_EXP|SSL_LOW,
1040             0,
1041             56,
1042             56,
1043             SSL_ALL_CIPHERS,
1044             SSL_ALL_STRENGTHS,
1045             },
1046
1047         /* Cipher 4A */
1048             {
1049             1,
1050             TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1051             TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1052             SSL_kECDH|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1053             SSL_NOT_EXP|SSL_HIGH,
1054             0,
1055             168,
1056             168,
1057             SSL_ALL_CIPHERS,
1058             SSL_ALL_STRENGTHS,
1059             },
1060
1061         /* Cipher 4B */
1062             {
1063             1,
1064             TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1065             TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1066             SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1067             SSL_NOT_EXP|SSL_MEDIUM,
1068             0,
1069             128,
1070             128,
1071             SSL_ALL_CIPHERS,
1072             SSL_ALL_STRENGTHS,
1073             },
1074
1075         /* Cipher 4C */
1076             {
1077             1,
1078             TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1079             TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1080             SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1081             SSL_NOT_EXP|SSL_HIGH,
1082             0,
1083             256,
1084             256,
1085             SSL_ALL_CIPHERS,
1086             SSL_ALL_STRENGTHS,
1087             },
1088
1089         /* Cipher 5B */
1090         /* XXX NOTE: The ECC/TLS draft has a bug and reuses 4B for this */
1091             {
1092             1,
1093             TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
1094             TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
1095             SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1096             SSL_EXPORT|SSL_EXP40,
1097             0,
1098             40,
1099             128,
1100             SSL_ALL_CIPHERS,
1101             SSL_ALL_STRENGTHS,
1102             },
1103
1104         /* Cipher 5C */
1105         /* XXX NOTE: The ECC/TLS draft has a bug and reuses 4C for this */
1106             {
1107             1,
1108             TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
1109             TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
1110             SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1111             SSL_EXPORT|SSL_EXP56,
1112             0,
1113             56,
1114             128,
1115             SSL_ALL_CIPHERS,
1116             SSL_ALL_STRENGTHS,
1117             },
1118
1119         /* Cipher 4D */
1120             {
1121             1,
1122             TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
1123             TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
1124             SSL_kECDH|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1125             SSL_NOT_EXP,
1126             0,
1127             0,
1128             0,
1129             SSL_ALL_CIPHERS,
1130             SSL_ALL_STRENGTHS,
1131             },
1132
1133         /* Cipher 4E */
1134             {
1135             1,
1136             TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
1137             TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
1138             SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1139             SSL_NOT_EXP,
1140             0,
1141             128,
1142             128,
1143             SSL_ALL_CIPHERS,
1144             SSL_ALL_STRENGTHS,
1145             },
1146
1147         /* Cipher 4F */
1148             {
1149             1,
1150             TLS1_TXT_ECDH_RSA_WITH_DES_CBC_SHA,
1151             TLS1_CK_ECDH_RSA_WITH_DES_CBC_SHA,
1152             SSL_kECDH|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
1153             SSL_NOT_EXP|SSL_LOW,
1154             0,
1155             56,
1156             56,
1157             SSL_ALL_CIPHERS,
1158             SSL_ALL_STRENGTHS,
1159             },
1160
1161         /* Cipher 50 */
1162             {
1163             1,
1164             TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1165             TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1166             SSL_kECDH|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1167             SSL_NOT_EXP|SSL_HIGH,
1168             0,
1169             168,
1170             168,
1171             SSL_ALL_CIPHERS,
1172             SSL_ALL_STRENGTHS,
1173             },
1174
1175         /* Cipher 51 */
1176             {
1177             1,
1178             TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
1179             TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
1180             SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1181             SSL_NOT_EXP|SSL_MEDIUM,
1182             0,
1183             128,
1184             128,
1185             SSL_ALL_CIPHERS,
1186             SSL_ALL_STRENGTHS,
1187             },
1188
1189         /* Cipher 52 */
1190             {
1191             1,
1192             TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
1193             TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
1194             SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1195             SSL_NOT_EXP|SSL_HIGH,
1196             0,
1197             256,
1198             256,
1199             SSL_ALL_CIPHERS,
1200             SSL_ALL_STRENGTHS,
1201             },
1202
1203         /* Cipher 53 */
1204             {
1205             1,
1206             TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
1207             TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
1208             SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1209             SSL_EXPORT|SSL_EXP40,
1210             0,
1211             40,
1212             128,
1213             SSL_ALL_CIPHERS,
1214             SSL_ALL_STRENGTHS,
1215             },
1216
1217         /* Cipher 54 */
1218             {
1219             1,
1220             TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
1221             TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
1222             SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1223             SSL_EXPORT|SSL_EXP56,
1224             0,
1225             56,
1226             128,
1227             SSL_ALL_CIPHERS,
1228             SSL_ALL_STRENGTHS,
1229             },
1230
1231         /* Cipher 55 */
1232             {
1233             1,
1234             TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1235             TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1236             SSL_kECDHE|SSL_aNULL|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1237             SSL_NOT_EXP,
1238             0,
1239             0,
1240             0,
1241             SSL_ALL_CIPHERS,
1242             SSL_ALL_STRENGTHS,
1243             },
1244
1245         /* Cipher 56 */
1246             {
1247             1,
1248             TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
1249             TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
1250             SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
1251             SSL_NOT_EXP,
1252             0,
1253             128,
1254             128,
1255             SSL_ALL_CIPHERS,
1256             SSL_ALL_STRENGTHS,
1257             },
1258
1259         /* Cipher 57 */
1260             {
1261             1,
1262             TLS1_TXT_ECDH_anon_WITH_DES_CBC_SHA,
1263             TLS1_CK_ECDH_anon_WITH_DES_CBC_SHA,
1264             SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
1265             SSL_NOT_EXP|SSL_LOW,
1266             0,
1267             56,
1268             56,
1269             SSL_ALL_CIPHERS,
1270             SSL_ALL_STRENGTHS,
1271             },
1272
1273         /* Cipher 58 */
1274             {
1275             1,
1276             TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1277             TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1278             SSL_kECDHE|SSL_aNULL|SSL_3DES|SSL_SHA|SSL_TLSV1,
1279             SSL_NOT_EXP|SSL_HIGH,
1280             0,
1281             168,
1282             168,
1283             SSL_ALL_CIPHERS,
1284             SSL_ALL_STRENGTHS,
1285             },
1286
1287         /* Cipher 59 */
1288             {
1289             1,
1290             TLS1_TXT_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
1291             TLS1_CK_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
1292             SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
1293             SSL_EXPORT|SSL_EXP40,
1294             0,
1295             40,
1296             56,
1297             SSL_ALL_CIPHERS,
1298             SSL_ALL_STRENGTHS,
1299             },
1300
1301         /* Cipher 5A */
1302             {
1303             1,
1304             TLS1_TXT_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
1305             TLS1_CK_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
1306             SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
1307             SSL_EXPORT|SSL_EXP40,
1308             0,
1309             40,
1310             128,
1311             SSL_ALL_CIPHERS,
1312             SSL_ALL_STRENGTHS,
1313             },
1314
1315         /* Cipher 77 XXX: ECC ciphersuites offering forward secrecy
1316          * are not yet specified in the ECC/TLS draft but our code
1317          * allows them to be implemented very easily. To add such
1318          * a cipher suite, one needs to add two constant definitions
1319          * to tls1.h and a new structure in this file as shown below. We 
1320          * illustrate the process for the made-up cipher
1321          * ECDHE-ECDSA-AES128-SHA.
1322          */
1323             {
1324             1,
1325             TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1326             TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1327             SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1328             SSL_NOT_EXP|SSL_MEDIUM,
1329             0,
1330             128,
1331             128,
1332             SSL_ALL_CIPHERS,
1333             SSL_ALL_STRENGTHS,
1334             },
1335
1336         /* Cipher 78 XXX: Another made-up ECC cipher suite that
1337          * offers forward secrecy (ECDHE-RSA-AES128-SHA).
1338          */
1339             {
1340             1,
1341             TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1342             TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1343             SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1344             SSL_NOT_EXP|SSL_MEDIUM,
1345             0,
1346             128,
1347             128,
1348             SSL_ALL_CIPHERS,
1349             SSL_ALL_STRENGTHS,
1350             },
1351
1352 #endif /* !OPENSSL_NO_ECDH */
1353
1354 /* end of list */
1355         };
1356
1357 static SSL3_ENC_METHOD SSLv3_enc_data={
1358         ssl3_enc,
1359         ssl3_mac,
1360         ssl3_setup_key_block,
1361         ssl3_generate_master_secret,
1362         ssl3_change_cipher_state,
1363         ssl3_final_finish_mac,
1364         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
1365         ssl3_cert_verify_mac,
1366         SSL3_MD_CLIENT_FINISHED_CONST,4,
1367         SSL3_MD_SERVER_FINISHED_CONST,4,
1368         ssl3_alert_code,
1369         };
1370
1371 static SSL_METHOD SSLv3_data= {
1372         SSL3_VERSION,
1373         ssl3_new,
1374         ssl3_clear,
1375         ssl3_free,
1376         ssl_undefined_function,
1377         ssl_undefined_function,
1378         ssl3_read,
1379         ssl3_peek,
1380         ssl3_write,
1381         ssl3_shutdown,
1382         ssl3_renegotiate,
1383         ssl3_renegotiate_check,
1384         ssl3_get_message,
1385         ssl3_read_bytes,
1386         ssl3_write_bytes,
1387         ssl3_dispatch_alert,
1388         ssl3_ctrl,
1389         ssl3_ctx_ctrl,
1390         ssl3_get_cipher_by_char,
1391         ssl3_put_cipher_by_char,
1392         ssl3_pending,
1393         ssl3_num_ciphers,
1394         ssl3_get_cipher,
1395         ssl_bad_method,
1396         ssl3_default_timeout,
1397         &SSLv3_enc_data,
1398         ssl_undefined_void_function,
1399         ssl3_callback_ctrl,
1400         ssl3_ctx_callback_ctrl,
1401         };
1402
1403 static long ssl3_default_timeout(void)
1404         {
1405         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
1406          * is way too long for http, the cache would over fill */
1407         return(60*60*2);
1408         }
1409
1410 SSL_METHOD *sslv3_base_method(void)
1411         {
1412         return(&SSLv3_data);
1413         }
1414
1415 int ssl3_num_ciphers(void)
1416         {
1417         return(SSL3_NUM_CIPHERS);
1418         }
1419
1420 SSL_CIPHER *ssl3_get_cipher(unsigned int u)
1421         {
1422         if (u < SSL3_NUM_CIPHERS)
1423                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
1424         else
1425                 return(NULL);
1426         }
1427
1428 int ssl3_pending(const SSL *s)
1429         {
1430         if (s->rstate == SSL_ST_READ_BODY)
1431                 return 0;
1432         
1433         return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
1434         }
1435
1436 int ssl3_new(SSL *s)
1437         {
1438         SSL3_STATE *s3;
1439
1440         if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
1441         memset(s3,0,sizeof *s3);
1442         EVP_MD_CTX_init(&s3->finish_dgst1);
1443         EVP_MD_CTX_init(&s3->finish_dgst2);
1444
1445         s->s3=s3;
1446
1447         s->method->ssl_clear(s);
1448         return(1);
1449 err:
1450         return(0);
1451         }
1452
1453 void ssl3_free(SSL *s)
1454         {
1455         if(s == NULL)
1456             return;
1457
1458         ssl3_cleanup_key_block(s);
1459         if (s->s3->rbuf.buf != NULL)
1460                 OPENSSL_free(s->s3->rbuf.buf);
1461         if (s->s3->wbuf.buf != NULL)
1462                 OPENSSL_free(s->s3->wbuf.buf);
1463         if (s->s3->rrec.comp != NULL)
1464                 OPENSSL_free(s->s3->rrec.comp);
1465 #ifndef OPENSSL_NO_DH
1466         if (s->s3->tmp.dh != NULL)
1467                 DH_free(s->s3->tmp.dh);
1468 #endif
1469 #ifndef OPENSSL_NO_ECDH
1470         if (s->s3->tmp.ecdh != NULL)
1471                 EC_KEY_free(s->s3->tmp.ecdh);
1472 #endif
1473
1474         if (s->s3->tmp.ca_names != NULL)
1475                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1476         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1477         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1478         OPENSSL_cleanse(s->s3,sizeof *s->s3);
1479         OPENSSL_free(s->s3);
1480         s->s3=NULL;
1481         }
1482
1483 void ssl3_clear(SSL *s)
1484         {
1485         unsigned char *rp,*wp;
1486         size_t rlen, wlen;
1487
1488         ssl3_cleanup_key_block(s);
1489         if (s->s3->tmp.ca_names != NULL)
1490                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1491
1492         if (s->s3->rrec.comp != NULL)
1493                 {
1494                 OPENSSL_free(s->s3->rrec.comp);
1495                 s->s3->rrec.comp=NULL;
1496                 }
1497 #ifndef OPENSSL_NO_DH
1498         if (s->s3->tmp.dh != NULL)
1499                 DH_free(s->s3->tmp.dh);
1500 #endif
1501 #ifndef OPENSSL_NO_ECDH
1502         if (s->s3->tmp.ecdh != NULL)
1503                 EC_KEY_free(s->s3->tmp.ecdh);
1504 #endif
1505
1506         rp = s->s3->rbuf.buf;
1507         wp = s->s3->wbuf.buf;
1508         rlen = s->s3->rbuf.len;
1509         wlen = s->s3->wbuf.len;
1510
1511         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1512         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1513
1514         memset(s->s3,0,sizeof *s->s3);
1515         s->s3->rbuf.buf = rp;
1516         s->s3->wbuf.buf = wp;
1517         s->s3->rbuf.len = rlen;
1518         s->s3->wbuf.len = wlen;
1519
1520         ssl_free_wbio_buffer(s);
1521
1522         s->packet_length=0;
1523         s->s3->renegotiate=0;
1524         s->s3->total_renegotiations=0;
1525         s->s3->num_renegotiations=0;
1526         s->s3->in_read_app_data=0;
1527         s->version=SSL3_VERSION;
1528         }
1529
1530 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1531         {
1532         int ret=0;
1533
1534 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1535         if (
1536 #ifndef OPENSSL_NO_RSA
1537             cmd == SSL_CTRL_SET_TMP_RSA ||
1538             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1539 #endif
1540 #ifndef OPENSSL_NO_DSA
1541             cmd == SSL_CTRL_SET_TMP_DH ||
1542             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1543 #endif
1544                 0)
1545                 {
1546                 if (!ssl_cert_inst(&s->cert))
1547                         {
1548                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
1549                         return(0);
1550                         }
1551                 }
1552 #endif
1553
1554         switch (cmd)
1555                 {
1556         case SSL_CTRL_GET_SESSION_REUSED:
1557                 ret=s->hit;
1558                 break;
1559         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
1560                 break;
1561         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
1562                 ret=s->s3->num_renegotiations;
1563                 break;
1564         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
1565                 ret=s->s3->num_renegotiations;
1566                 s->s3->num_renegotiations=0;
1567                 break;
1568         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
1569                 ret=s->s3->total_renegotiations;
1570                 break;
1571         case SSL_CTRL_GET_FLAGS:
1572                 ret=(int)(s->s3->flags);
1573                 break;
1574 #ifndef OPENSSL_NO_RSA
1575         case SSL_CTRL_NEED_TMP_RSA:
1576                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
1577                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1578                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
1579                         ret = 1;
1580                 break;
1581         case SSL_CTRL_SET_TMP_RSA:
1582                 {
1583                         RSA *rsa = (RSA *)parg;
1584                         if (rsa == NULL)
1585                                 {
1586                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1587                                 return(ret);
1588                                 }
1589                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
1590                                 {
1591                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
1592                                 return(ret);
1593                                 }
1594                         if (s->cert->rsa_tmp != NULL)
1595                                 RSA_free(s->cert->rsa_tmp);
1596                         s->cert->rsa_tmp = rsa;
1597                         ret = 1;
1598                 }
1599                 break;
1600         case SSL_CTRL_SET_TMP_RSA_CB:
1601                 {
1602                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1603                 return(ret);
1604                 }
1605                 break;
1606 #endif
1607 #ifndef OPENSSL_NO_DH
1608         case SSL_CTRL_SET_TMP_DH:
1609                 {
1610                         DH *dh = (DH *)parg;
1611                         if (dh == NULL)
1612                                 {
1613                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1614                                 return(ret);
1615                                 }
1616                         if ((dh = DHparams_dup(dh)) == NULL)
1617                                 {
1618                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1619                                 return(ret);
1620                                 }
1621                         if (!(s->options & SSL_OP_SINGLE_DH_USE))
1622                                 {
1623                                 if (!DH_generate_key(dh))
1624                                         {
1625                                         DH_free(dh);
1626                                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1627                                         return(ret);
1628                                         }
1629                                 }
1630                         if (s->cert->dh_tmp != NULL)
1631                                 DH_free(s->cert->dh_tmp);
1632                         s->cert->dh_tmp = dh;
1633                         ret = 1;
1634                 }
1635                 break;
1636         case SSL_CTRL_SET_TMP_DH_CB:
1637                 {
1638                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1639                 return(ret);
1640                 }
1641                 break;
1642 #endif
1643 #ifndef OPENSSL_NO_ECDH
1644         case SSL_CTRL_SET_TMP_ECDH:
1645                 {
1646                 EC_KEY *ecdh = NULL;
1647                         
1648                 if (parg == NULL)
1649                         {
1650                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1651                         return(ret);
1652                         }
1653                 if (!EC_KEY_up_ref((EC_KEY *)parg))
1654                         {
1655                         SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
1656                         return(ret);
1657                         }
1658                 ecdh = (EC_KEY *)parg;
1659                 if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
1660                         {
1661                         if (!EC_KEY_generate_key(ecdh))
1662                                 {
1663                                 EC_KEY_free(ecdh);
1664                                 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
1665                                 return(ret);
1666                                 }
1667                         }
1668                 if (s->cert->ecdh_tmp != NULL)
1669                         EC_KEY_free(s->cert->ecdh_tmp);
1670                 s->cert->ecdh_tmp = ecdh;
1671                 ret = 1;
1672                 }
1673                 break;
1674         case SSL_CTRL_SET_TMP_ECDH_CB:
1675                 {
1676                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1677                 return(ret);
1678                 }
1679                 break;
1680 #endif /* !OPENSSL_NO_ECDH */
1681         default:
1682                 break;
1683                 }
1684         return(ret);
1685         }
1686
1687 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1688         {
1689         int ret=0;
1690
1691 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1692         if (
1693 #ifndef OPENSSL_NO_RSA
1694             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1695 #endif
1696 #ifndef OPENSSL_NO_DSA
1697             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1698 #endif
1699                 0)
1700                 {
1701                 if (!ssl_cert_inst(&s->cert))
1702                         {
1703                         SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
1704                         return(0);
1705                         }
1706                 }
1707 #endif
1708
1709         switch (cmd)
1710                 {
1711 #ifndef OPENSSL_NO_RSA
1712         case SSL_CTRL_SET_TMP_RSA_CB:
1713                 {
1714                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1715                 }
1716                 break;
1717 #endif
1718 #ifndef OPENSSL_NO_DH
1719         case SSL_CTRL_SET_TMP_DH_CB:
1720                 {
1721                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1722                 }
1723                 break;
1724 #endif
1725 #ifndef OPENSSL_NO_ECDH
1726         case SSL_CTRL_SET_TMP_ECDH_CB:
1727                 {
1728                 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
1729                 }
1730                 break;
1731 #endif
1732         default:
1733                 break;
1734                 }
1735         return(ret);
1736         }
1737
1738 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1739         {
1740         CERT *cert;
1741
1742         cert=ctx->cert;
1743
1744         switch (cmd)
1745                 {
1746 #ifndef OPENSSL_NO_RSA
1747         case SSL_CTRL_NEED_TMP_RSA:
1748                 if (    (cert->rsa_tmp == NULL) &&
1749                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1750                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
1751                         )
1752                         return(1);
1753                 else
1754                         return(0);
1755                 /* break; */
1756         case SSL_CTRL_SET_TMP_RSA:
1757                 {
1758                 RSA *rsa;
1759                 int i;
1760
1761                 rsa=(RSA *)parg;
1762                 i=1;
1763                 if (rsa == NULL)
1764                         i=0;
1765                 else
1766                         {
1767                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
1768                                 i=0;
1769                         }
1770                 if (!i)
1771                         {
1772                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
1773                         return(0);
1774                         }
1775                 else
1776                         {
1777                         if (cert->rsa_tmp != NULL)
1778                                 RSA_free(cert->rsa_tmp);
1779                         cert->rsa_tmp=rsa;
1780                         return(1);
1781                         }
1782                 }
1783                 /* break; */
1784         case SSL_CTRL_SET_TMP_RSA_CB:
1785                 {
1786                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1787                 return(0);
1788                 }
1789                 break;
1790 #endif
1791 #ifndef OPENSSL_NO_DH
1792         case SSL_CTRL_SET_TMP_DH:
1793                 {
1794                 DH *new=NULL,*dh;
1795
1796                 dh=(DH *)parg;
1797                 if ((new=DHparams_dup(dh)) == NULL)
1798                         {
1799                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1800                         return 0;
1801                         }
1802                 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1803                         {
1804                         if (!DH_generate_key(new))
1805                                 {
1806                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1807                                 DH_free(new);
1808                                 return 0;
1809                                 }
1810                         }
1811                 if (cert->dh_tmp != NULL)
1812                         DH_free(cert->dh_tmp);
1813                 cert->dh_tmp=new;
1814                 return 1;
1815                 }
1816                 /*break; */
1817         case SSL_CTRL_SET_TMP_DH_CB:
1818                 {
1819                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1820                 return(0);
1821                 }
1822                 break;
1823 #endif
1824 #ifndef OPENSSL_NO_ECDH
1825         case SSL_CTRL_SET_TMP_ECDH:
1826                 {
1827                 EC_KEY *ecdh = NULL;
1828                         
1829                 if (parg == NULL)
1830                         {
1831                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
1832                         return 0;
1833                         }
1834                 if (!EC_KEY_up_ref((EC_KEY *)parg))
1835                         {
1836                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
1837                         return 0;
1838                         }
1839                 ecdh = (EC_KEY *)parg;
1840                 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
1841                         {
1842                         if (!EC_KEY_generate_key(ecdh))
1843                                 {
1844                                 EC_KEY_free(ecdh);
1845                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
1846                                 return 0;
1847                                 }
1848                         }
1849
1850                 if (cert->ecdh_tmp != NULL)
1851                         {
1852                         EC_KEY_free(cert->ecdh_tmp);
1853                         }
1854                 cert->ecdh_tmp = ecdh;
1855                 return 1;
1856                 }
1857                 /* break; */
1858         case SSL_CTRL_SET_TMP_ECDH_CB:
1859                 {
1860                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1861                 return(0);
1862                 }
1863                 break;
1864 #endif /* !OPENSSL_NO_ECDH */
1865         /* A Thawte special :-) */
1866         case SSL_CTRL_EXTRA_CHAIN_CERT:
1867                 if (ctx->extra_certs == NULL)
1868                         {
1869                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1870                                 return(0);
1871                         }
1872                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
1873                 break;
1874
1875         default:
1876                 return(0);
1877                 }
1878         return(1);
1879         }
1880
1881 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1882         {
1883         CERT *cert;
1884
1885         cert=ctx->cert;
1886
1887         switch (cmd)
1888                 {
1889 #ifndef OPENSSL_NO_RSA
1890         case SSL_CTRL_SET_TMP_RSA_CB:
1891                 {
1892                 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1893                 }
1894                 break;
1895 #endif
1896 #ifndef OPENSSL_NO_DH
1897         case SSL_CTRL_SET_TMP_DH_CB:
1898                 {
1899                 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1900                 }
1901                 break;
1902 #endif
1903 #ifndef OPENSSL_NO_ECDH
1904         case SSL_CTRL_SET_TMP_ECDH_CB:
1905                 {
1906                 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
1907                 }
1908                 break;
1909 #endif
1910         default:
1911                 return(0);
1912                 }
1913         return(1);
1914         }
1915
1916 /* This function needs to check if the ciphers required are actually
1917  * available */
1918 SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
1919         {
1920         static int init=1;
1921         static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
1922         SSL_CIPHER c,*cp= &c,**cpp;
1923         unsigned long id;
1924         unsigned int i;
1925
1926         if (init)
1927                 {
1928                 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
1929
1930                 if (init)
1931                         {
1932                         for (i=0; i<SSL3_NUM_CIPHERS; i++)
1933                                 sorted[i]= &(ssl3_ciphers[i]);
1934
1935                         qsort(sorted,
1936                                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1937                                 FP_ICC ssl_cipher_ptr_id_cmp);
1938
1939                         init=0;
1940                         }
1941                 
1942                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
1943                 }
1944
1945         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
1946         c.id=id;
1947         cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
1948                 (char *)sorted,
1949                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1950                 FP_ICC ssl_cipher_ptr_id_cmp);
1951         if ((cpp == NULL) || !(*cpp)->valid)
1952                 return(NULL);
1953         else
1954                 return(*cpp);
1955         }
1956
1957 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
1958         {
1959         long l;
1960
1961         if (p != NULL)
1962                 {
1963                 l=c->id;
1964                 if ((l & 0xff000000) != 0x03000000) return(0);
1965                 p[0]=((unsigned char)(l>> 8L))&0xFF;
1966                 p[1]=((unsigned char)(l     ))&0xFF;
1967                 }
1968         return(2);
1969         }
1970
1971 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
1972              STACK_OF(SSL_CIPHER) *srvr)
1973         {
1974         SSL_CIPHER *c,*ret=NULL;
1975         STACK_OF(SSL_CIPHER) *prio, *allow;
1976         int i,j,ok;
1977         CERT *cert;
1978         unsigned long alg,mask,emask;
1979
1980         /* Let's see which ciphers we can support */
1981         cert=s->cert;
1982
1983 #if 0
1984         /* Do not set the compare functions, because this may lead to a
1985          * reordering by "id". We want to keep the original ordering.
1986          * We may pay a price in performance during sk_SSL_CIPHER_find(),
1987          * but would have to pay with the price of sk_SSL_CIPHER_dup().
1988          */
1989         sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
1990         sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
1991 #endif
1992
1993 #ifdef CIPHER_DEBUG
1994         printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
1995         for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
1996             {
1997             c=sk_SSL_CIPHER_value(srvr,i);
1998             printf("%p:%s\n",c,c->name);
1999             }
2000         printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
2001         for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
2002             {
2003             c=sk_SSL_CIPHER_value(clnt,i);
2004             printf("%p:%s\n",c,c->name);
2005             }
2006 #endif
2007
2008         if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
2009             {
2010             prio = srvr;
2011             allow = clnt;
2012             }
2013         else
2014             {
2015             prio = clnt;
2016             allow = srvr;
2017             }
2018
2019         for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
2020                 {
2021                 c=sk_SSL_CIPHER_value(prio,i);
2022
2023                 ssl_set_cert_masks(cert,c);
2024                 mask=cert->mask;
2025                 emask=cert->export_mask;
2026                         
2027 #ifdef KSSL_DEBUG
2028                 printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
2029 #endif    /* KSSL_DEBUG */
2030
2031                 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
2032 #ifndef OPENSSL_NO_KRB5
2033                 if (alg & SSL_KRB5) 
2034                         {
2035                         if ( !kssl_keytab_is_available(s->kssl_ctx) )
2036                             continue;
2037                         }
2038 #endif /* OPENSSL_NO_KRB5 */
2039                 if (SSL_C_IS_EXPORT(c))
2040                         {
2041                         ok=((alg & emask) == alg)?1:0;
2042 #ifdef CIPHER_DEBUG
2043                         printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
2044                                c,c->name);
2045 #endif
2046                         }
2047                 else
2048                         {
2049                         ok=((alg & mask) == alg)?1:0;
2050 #ifdef CIPHER_DEBUG
2051                         printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
2052                                c->name);
2053 #endif
2054                         }
2055
2056                 if (!ok) continue;
2057                 j=sk_SSL_CIPHER_find(allow,c);
2058                 if (j >= 0)
2059                         {
2060                         ret=sk_SSL_CIPHER_value(allow,j);
2061                         break;
2062                         }
2063                 }
2064         return(ret);
2065         }
2066
2067 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
2068         {
2069         int ret=0;
2070         unsigned long alg;
2071
2072         alg=s->s3->tmp.new_cipher->algorithms;
2073
2074 #ifndef OPENSSL_NO_DH
2075         if (alg & (SSL_kDHr|SSL_kEDH))
2076                 {
2077 #  ifndef OPENSSL_NO_RSA
2078                 p[ret++]=SSL3_CT_RSA_FIXED_DH;
2079 #  endif
2080 #  ifndef OPENSSL_NO_DSA
2081                 p[ret++]=SSL3_CT_DSS_FIXED_DH;
2082 #  endif
2083                 }
2084         if ((s->version == SSL3_VERSION) &&
2085                 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
2086                 {
2087 #  ifndef OPENSSL_NO_RSA
2088                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
2089 #  endif
2090 #  ifndef OPENSSL_NO_DSA
2091                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
2092 #  endif
2093                 }
2094 #endif /* !OPENSSL_NO_DH */
2095 #ifndef OPENSSL_NO_RSA
2096         p[ret++]=SSL3_CT_RSA_SIGN;
2097 #endif
2098 #ifndef OPENSSL_NO_DSA
2099         p[ret++]=SSL3_CT_DSS_SIGN;
2100 #endif
2101 #ifndef OPENSSL_NO_ECDH
2102         /* We should ask for fixed ECDH certificates only
2103          * for SSL_kECDH (and not SSL_kECDHE)
2104          */
2105         if ((alg & SSL_kECDH) && (s->version >= TLS1_VERSION))
2106                 {
2107                 p[ret++]=TLS_CT_RSA_FIXED_ECDH;
2108                 p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
2109                 }
2110 #endif
2111
2112 #ifndef OPENSSL_NO_ECDSA
2113         /* ECDSA certs can be used with RSA cipher suites as well 
2114          * so we don't need to check for SSL_kECDH or SSL_kECDHE
2115          */
2116         if (s->version >= TLS1_VERSION)
2117                 {
2118                 p[ret++]=TLS_CT_ECDSA_SIGN;
2119                 }
2120 #endif  
2121         return(ret);
2122         }
2123
2124 int ssl3_shutdown(SSL *s)
2125         {
2126
2127         /* Don't do anything much if we have not done the handshake or
2128          * we don't want to send messages :-) */
2129         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
2130                 {
2131                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
2132                 return(1);
2133                 }
2134
2135         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
2136                 {
2137                 s->shutdown|=SSL_SENT_SHUTDOWN;
2138 #if 1
2139                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
2140 #endif
2141                 /* our shutdown alert has been sent now, and if it still needs
2142                  * to be written, s->s3->alert_dispatch will be true */
2143                 }
2144         else if (s->s3->alert_dispatch)
2145                 {
2146                 /* resend it if not sent */
2147 #if 1
2148                 s->method->ssl_dispatch_alert(s);
2149 #endif
2150                 }
2151         else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
2152                 {
2153                 /* If we are waiting for a close from our peer, we are closed */
2154                 s->method->ssl_read_bytes(s,0,NULL,0,0);
2155                 }
2156
2157         if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
2158                 !s->s3->alert_dispatch)
2159                 return(1);
2160         else
2161                 return(0);
2162         }
2163
2164 int ssl3_write(SSL *s, const void *buf, int len)
2165         {
2166         int ret,n;
2167
2168 #if 0
2169         if (s->shutdown & SSL_SEND_SHUTDOWN)
2170                 {
2171                 s->rwstate=SSL_NOTHING;
2172                 return(0);
2173                 }
2174 #endif
2175         clear_sys_error();
2176         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
2177
2178         /* This is an experimental flag that sends the
2179          * last handshake message in the same packet as the first
2180          * use data - used to see if it helps the TCP protocol during
2181          * session-id reuse */
2182         /* The second test is because the buffer may have been removed */
2183         if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
2184                 {
2185                 /* First time through, we write into the buffer */
2186                 if (s->s3->delay_buf_pop_ret == 0)
2187                         {
2188                         ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
2189                                              buf,len);
2190                         if (ret <= 0) return(ret);
2191
2192                         s->s3->delay_buf_pop_ret=ret;
2193                         }
2194
2195                 s->rwstate=SSL_WRITING;
2196                 n=BIO_flush(s->wbio);
2197                 if (n <= 0) return(n);
2198                 s->rwstate=SSL_NOTHING;
2199
2200                 /* We have flushed the buffer, so remove it */
2201                 ssl_free_wbio_buffer(s);
2202                 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
2203
2204                 ret=s->s3->delay_buf_pop_ret;
2205                 s->s3->delay_buf_pop_ret=0;
2206                 }
2207         else
2208                 {
2209                 ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
2210                         buf,len);
2211                 if (ret <= 0) return(ret);
2212                 }
2213
2214         return(ret);
2215         }
2216
2217 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
2218         {
2219         int ret;
2220         
2221         clear_sys_error();
2222         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
2223         s->s3->in_read_app_data=1;
2224         ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
2225         if ((ret == -1) && (s->s3->in_read_app_data == 2))
2226                 {
2227                 /* ssl3_read_bytes decided to call s->handshake_func, which
2228                  * called ssl3_read_bytes to read handshake data.
2229                  * However, ssl3_read_bytes actually found application data
2230                  * and thinks that application data makes sense here; so disable
2231                  * handshake processing and try to read application data again. */
2232                 s->in_handshake++;
2233                 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
2234                 s->in_handshake--;
2235                 }
2236         else
2237                 s->s3->in_read_app_data=0;
2238
2239         return(ret);
2240         }
2241
2242 int ssl3_read(SSL *s, void *buf, int len)
2243         {
2244         return ssl3_read_internal(s, buf, len, 0);
2245         }
2246
2247 int ssl3_peek(SSL *s, void *buf, int len)
2248         {
2249         return ssl3_read_internal(s, buf, len, 1);
2250         }
2251
2252 int ssl3_renegotiate(SSL *s)
2253         {
2254         if (s->handshake_func == NULL)
2255                 return(1);
2256
2257         if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
2258                 return(0);
2259
2260         s->s3->renegotiate=1;
2261         return(1);
2262         }
2263
2264 int ssl3_renegotiate_check(SSL *s)
2265         {
2266         int ret=0;
2267
2268         if (s->s3->renegotiate)
2269                 {
2270                 if (    (s->s3->rbuf.left == 0) &&
2271                         (s->s3->wbuf.left == 0) &&
2272                         !SSL_in_init(s))
2273                         {
2274 /*
2275 if we are the server, and we have sent a 'RENEGOTIATE' message, we
2276 need to go to SSL_ST_ACCEPT.
2277 */
2278                         /* SSL_ST_ACCEPT */
2279                         s->state=SSL_ST_RENEGOTIATE;
2280                         s->s3->renegotiate=0;
2281                         s->s3->num_renegotiations++;
2282                         s->s3->total_renegotiations++;
2283                         ret=1;
2284                         }
2285                 }
2286         return(ret);
2287         }
2288