a48869257951087ecd490b3079146103481d0f03
[openssl.git] / ssl / s3_lib.c
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by 
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * ECC cipher suite support in OpenSSL originally written by
121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122  *
123  */
124 /* ====================================================================
125  * Copyright 2005 Nokia. All rights reserved.
126  *
127  * The portions of the attached software ("Contribution") is developed by
128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129  * license.
130  *
131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133  * support (see RFC 4279) to OpenSSL.
134  *
135  * No patent licenses or other rights except those expressly stated in
136  * the OpenSSL open source license shall be deemed granted or received
137  * expressly, by implication, estoppel, or otherwise.
138  *
139  * No assurances are provided by Nokia that the Contribution does not
140  * infringe the patent or other intellectual property rights of any third
141  * party or that the license provides you with all the necessary rights
142  * to make use of the Contribution.
143  *
144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148  * OTHERWISE.
149  */
150
151 #include <stdio.h>
152 #include <openssl/objects.h>
153 #include "ssl_locl.h"
154 #include "kssl_lcl.h"
155 #ifndef OPENSSL_NO_TLSEXT
156 #ifndef OPENSSL_NO_EC
157 #include "../crypto/ec/ec_lcl.h"
158 #endif /* OPENSSL_NO_EC */
159 #endif /* OPENSSL_NO_TLSEXT */
160 #include <openssl/md5.h>
161 #ifndef OPENSSL_NO_DH
162 #include <openssl/dh.h>
163 #endif
164
165 const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
166
167 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
168
169 /* list of available SSLv3 ciphers (sorted by id) */
170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
171 /* The RSA ciphers */
172 /* Cipher 01 */
173         {
174         1,
175         SSL3_TXT_RSA_NULL_MD5,
176         SSL3_CK_RSA_NULL_MD5,
177         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
178         SSL_NOT_EXP|SSL_STRONG_NONE,
179         0,
180         0,
181         0,
182         SSL_ALL_CIPHERS,
183         SSL_ALL_STRENGTHS,
184         },
185 /* Cipher 02 */
186         {
187         1,
188         SSL3_TXT_RSA_NULL_SHA,
189         SSL3_CK_RSA_NULL_SHA,
190         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
191         SSL_NOT_EXP|SSL_STRONG_NONE,
192         0,
193         0,
194         0,
195         SSL_ALL_CIPHERS,
196         SSL_ALL_STRENGTHS,
197         },
198 /* Cipher 03 */
199         {
200         1,
201         SSL3_TXT_RSA_RC4_40_MD5,
202         SSL3_CK_RSA_RC4_40_MD5,
203         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
204         SSL_EXPORT|SSL_EXP40,
205         0,
206         40,
207         128,
208         SSL_ALL_CIPHERS,
209         SSL_ALL_STRENGTHS,
210         },
211 /* Cipher 04 */
212         {
213         1,
214         SSL3_TXT_RSA_RC4_128_MD5,
215         SSL3_CK_RSA_RC4_128_MD5,
216         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
217         SSL_NOT_EXP|SSL_MEDIUM,
218         0,
219         128,
220         128,
221         SSL_ALL_CIPHERS,
222         SSL_ALL_STRENGTHS,
223         },
224 /* Cipher 05 */
225         {
226         1,
227         SSL3_TXT_RSA_RC4_128_SHA,
228         SSL3_CK_RSA_RC4_128_SHA,
229         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
230         SSL_NOT_EXP|SSL_MEDIUM,
231         0,
232         128,
233         128,
234         SSL_ALL_CIPHERS,
235         SSL_ALL_STRENGTHS,
236         },
237 /* Cipher 06 */
238         {
239         1,
240         SSL3_TXT_RSA_RC2_40_MD5,
241         SSL3_CK_RSA_RC2_40_MD5,
242         SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
243         SSL_EXPORT|SSL_EXP40,
244         0,
245         40,
246         128,
247         SSL_ALL_CIPHERS,
248         SSL_ALL_STRENGTHS,
249         },
250 /* Cipher 07 */
251 #ifndef OPENSSL_NO_IDEA
252         {
253         1,
254         SSL3_TXT_RSA_IDEA_128_SHA,
255         SSL3_CK_RSA_IDEA_128_SHA,
256         SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
257         SSL_NOT_EXP|SSL_MEDIUM,
258         0,
259         128,
260         128,
261         SSL_ALL_CIPHERS,
262         SSL_ALL_STRENGTHS,
263         },
264 #endif
265 /* Cipher 08 */
266         {
267         1,
268         SSL3_TXT_RSA_DES_40_CBC_SHA,
269         SSL3_CK_RSA_DES_40_CBC_SHA,
270         SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
271         SSL_EXPORT|SSL_EXP40,
272         0,
273         40,
274         56,
275         SSL_ALL_CIPHERS,
276         SSL_ALL_STRENGTHS,
277         },
278 /* Cipher 09 */
279         {
280         1,
281         SSL3_TXT_RSA_DES_64_CBC_SHA,
282         SSL3_CK_RSA_DES_64_CBC_SHA,
283         SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
284         SSL_NOT_EXP|SSL_LOW,
285         0,
286         56,
287         56,
288         SSL_ALL_CIPHERS,
289         SSL_ALL_STRENGTHS,
290         },
291 /* Cipher 0A */
292         {
293         1,
294         SSL3_TXT_RSA_DES_192_CBC3_SHA,
295         SSL3_CK_RSA_DES_192_CBC3_SHA,
296         SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
297         SSL_NOT_EXP|SSL_HIGH,
298         0,
299         168,
300         168,
301         SSL_ALL_CIPHERS,
302         SSL_ALL_STRENGTHS,
303         },
304 /* The DH ciphers */
305 /* Cipher 0B */
306         {
307         0,
308         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
309         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
310         SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
311         SSL_EXPORT|SSL_EXP40,
312         0,
313         40,
314         56,
315         SSL_ALL_CIPHERS,
316         SSL_ALL_STRENGTHS,
317         },
318 /* Cipher 0C */
319         {
320         0,
321         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
322         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
323         SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
324         SSL_NOT_EXP|SSL_LOW,
325         0,
326         56,
327         56,
328         SSL_ALL_CIPHERS,
329         SSL_ALL_STRENGTHS,
330         },
331 /* Cipher 0D */
332         {
333         0,
334         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
335         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
336         SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
337         SSL_NOT_EXP|SSL_HIGH,
338         0,
339         168,
340         168,
341         SSL_ALL_CIPHERS,
342         SSL_ALL_STRENGTHS,
343         },
344 /* Cipher 0E */
345         {
346         0,
347         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
348         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
349         SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
350         SSL_EXPORT|SSL_EXP40,
351         0,
352         40,
353         56,
354         SSL_ALL_CIPHERS,
355         SSL_ALL_STRENGTHS,
356         },
357 /* Cipher 0F */
358         {
359         0,
360         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
361         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
362         SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
363         SSL_NOT_EXP|SSL_LOW,
364         0,
365         56,
366         56,
367         SSL_ALL_CIPHERS,
368         SSL_ALL_STRENGTHS,
369         },
370 /* Cipher 10 */
371         {
372         0,
373         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
374         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
375         SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
376         SSL_NOT_EXP|SSL_HIGH,
377         0,
378         168,
379         168,
380         SSL_ALL_CIPHERS,
381         SSL_ALL_STRENGTHS,
382         },
383
384 /* The Ephemeral DH ciphers */
385 /* Cipher 11 */
386         {
387         1,
388         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
389         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
390         SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
391         SSL_EXPORT|SSL_EXP40,
392         0,
393         40,
394         56,
395         SSL_ALL_CIPHERS,
396         SSL_ALL_STRENGTHS,
397         },
398 /* Cipher 12 */
399         {
400         1,
401         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
402         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
403         SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
404         SSL_NOT_EXP|SSL_LOW,
405         0,
406         56,
407         56,
408         SSL_ALL_CIPHERS,
409         SSL_ALL_STRENGTHS,
410         },
411 /* Cipher 13 */
412         {
413         1,
414         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
415         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
416         SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
417         SSL_NOT_EXP|SSL_HIGH,
418         0,
419         168,
420         168,
421         SSL_ALL_CIPHERS,
422         SSL_ALL_STRENGTHS,
423         },
424 /* Cipher 14 */
425         {
426         1,
427         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
428         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
429         SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
430         SSL_EXPORT|SSL_EXP40,
431         0,
432         40,
433         56,
434         SSL_ALL_CIPHERS,
435         SSL_ALL_STRENGTHS,
436         },
437 /* Cipher 15 */
438         {
439         1,
440         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
441         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
442         SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
443         SSL_NOT_EXP|SSL_LOW,
444         0,
445         56,
446         56,
447         SSL_ALL_CIPHERS,
448         SSL_ALL_STRENGTHS,
449         },
450 /* Cipher 16 */
451         {
452         1,
453         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
454         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
455         SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
456         SSL_NOT_EXP|SSL_HIGH,
457         0,
458         168,
459         168,
460         SSL_ALL_CIPHERS,
461         SSL_ALL_STRENGTHS,
462         },
463 /* Cipher 17 */
464         {
465         1,
466         SSL3_TXT_ADH_RC4_40_MD5,
467         SSL3_CK_ADH_RC4_40_MD5,
468         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
469         SSL_EXPORT|SSL_EXP40,
470         0,
471         40,
472         128,
473         SSL_ALL_CIPHERS,
474         SSL_ALL_STRENGTHS,
475         },
476 /* Cipher 18 */
477         {
478         1,
479         SSL3_TXT_ADH_RC4_128_MD5,
480         SSL3_CK_ADH_RC4_128_MD5,
481         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
482         SSL_NOT_EXP|SSL_MEDIUM,
483         0,
484         128,
485         128,
486         SSL_ALL_CIPHERS,
487         SSL_ALL_STRENGTHS,
488         },
489 /* Cipher 19 */
490         {
491         1,
492         SSL3_TXT_ADH_DES_40_CBC_SHA,
493         SSL3_CK_ADH_DES_40_CBC_SHA,
494         SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
495         SSL_EXPORT|SSL_EXP40,
496         0,
497         40,
498         128,
499         SSL_ALL_CIPHERS,
500         SSL_ALL_STRENGTHS,
501         },
502 /* Cipher 1A */
503         {
504         1,
505         SSL3_TXT_ADH_DES_64_CBC_SHA,
506         SSL3_CK_ADH_DES_64_CBC_SHA,
507         SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
508         SSL_NOT_EXP|SSL_LOW,
509         0,
510         56,
511         56,
512         SSL_ALL_CIPHERS,
513         SSL_ALL_STRENGTHS,
514         },
515 /* Cipher 1B */
516         {
517         1,
518         SSL3_TXT_ADH_DES_192_CBC_SHA,
519         SSL3_CK_ADH_DES_192_CBC_SHA,
520         SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
521         SSL_NOT_EXP|SSL_HIGH,
522         0,
523         168,
524         168,
525         SSL_ALL_CIPHERS,
526         SSL_ALL_STRENGTHS,
527         },
528
529 /* Fortezza */
530 /* Cipher 1C */
531         {
532         0,
533         SSL3_TXT_FZA_DMS_NULL_SHA,
534         SSL3_CK_FZA_DMS_NULL_SHA,
535         SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
536         SSL_NOT_EXP|SSL_STRONG_NONE,
537         0,
538         0,
539         0,
540         SSL_ALL_CIPHERS,
541         SSL_ALL_STRENGTHS,
542         },
543
544 /* Cipher 1D */
545         {
546         0,
547         SSL3_TXT_FZA_DMS_FZA_SHA,
548         SSL3_CK_FZA_DMS_FZA_SHA,
549         SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
550         SSL_NOT_EXP|SSL_STRONG_NONE,
551         0,
552         0,
553         0,
554         SSL_ALL_CIPHERS,
555         SSL_ALL_STRENGTHS,
556         },
557
558 #if 0
559 /* Cipher 1E */
560         {
561         0,
562         SSL3_TXT_FZA_DMS_RC4_SHA,
563         SSL3_CK_FZA_DMS_RC4_SHA,
564         SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
565         SSL_NOT_EXP|SSL_MEDIUM,
566         0,
567         128,
568         128,
569         SSL_ALL_CIPHERS,
570         SSL_ALL_STRENGTHS,
571         },
572 #endif
573
574 #ifndef OPENSSL_NO_KRB5
575 /* The Kerberos ciphers
576 ** 20000107 VRS: And the first shall be last,
577 ** in hopes of avoiding the lynx ssl renegotiation problem.
578 */
579 /* Cipher 1E VRS */
580         {
581         1,
582         SSL3_TXT_KRB5_DES_64_CBC_SHA,
583         SSL3_CK_KRB5_DES_64_CBC_SHA,
584         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
585         SSL_NOT_EXP|SSL_LOW,
586         0,
587         56,
588         56,
589         SSL_ALL_CIPHERS,
590         SSL_ALL_STRENGTHS,
591         },
592
593 /* Cipher 1F VRS */
594         {
595         1,
596         SSL3_TXT_KRB5_DES_192_CBC3_SHA,
597         SSL3_CK_KRB5_DES_192_CBC3_SHA,
598         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
599         SSL_NOT_EXP|SSL_HIGH,
600         0,
601         112,
602         168,
603         SSL_ALL_CIPHERS,
604         SSL_ALL_STRENGTHS,
605         },
606
607 /* Cipher 20 VRS */
608         {
609         1,
610         SSL3_TXT_KRB5_RC4_128_SHA,
611         SSL3_CK_KRB5_RC4_128_SHA,
612         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1  |SSL_SSLV3,
613         SSL_NOT_EXP|SSL_MEDIUM,
614         0,
615         128,
616         128,
617         SSL_ALL_CIPHERS,
618         SSL_ALL_STRENGTHS,
619         },
620
621 /* Cipher 21 VRS */
622         {
623         1,
624         SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
625         SSL3_CK_KRB5_IDEA_128_CBC_SHA,
626         SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_SHA1  |SSL_SSLV3,
627         SSL_NOT_EXP|SSL_MEDIUM,
628         0,
629         128,
630         128,
631         SSL_ALL_CIPHERS,
632         SSL_ALL_STRENGTHS,
633         },
634
635 /* Cipher 22 VRS */
636         {
637         1,
638         SSL3_TXT_KRB5_DES_64_CBC_MD5,
639         SSL3_CK_KRB5_DES_64_CBC_MD5,
640         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
641         SSL_NOT_EXP|SSL_LOW,
642         0,
643         56,
644         56,
645         SSL_ALL_CIPHERS,
646         SSL_ALL_STRENGTHS,
647         },
648
649 /* Cipher 23 VRS */
650         {
651         1,
652         SSL3_TXT_KRB5_DES_192_CBC3_MD5,
653         SSL3_CK_KRB5_DES_192_CBC3_MD5,
654         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
655         SSL_NOT_EXP|SSL_HIGH,
656         0,
657         112,
658         168,
659         SSL_ALL_CIPHERS,
660         SSL_ALL_STRENGTHS,
661         },
662
663 /* Cipher 24 VRS */
664         {
665         1,
666         SSL3_TXT_KRB5_RC4_128_MD5,
667         SSL3_CK_KRB5_RC4_128_MD5,
668         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5  |SSL_SSLV3,
669         SSL_NOT_EXP|SSL_MEDIUM,
670         0,
671         128,
672         128,
673         SSL_ALL_CIPHERS,
674         SSL_ALL_STRENGTHS,
675         },
676
677 /* Cipher 25 VRS */
678         {
679         1,
680         SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
681         SSL3_CK_KRB5_IDEA_128_CBC_MD5,
682         SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_MD5  |SSL_SSLV3,
683         SSL_NOT_EXP|SSL_MEDIUM,
684         0,
685         128,
686         128,
687         SSL_ALL_CIPHERS,
688         SSL_ALL_STRENGTHS,
689         },
690
691 /* Cipher 26 VRS */
692         {
693         1,
694         SSL3_TXT_KRB5_DES_40_CBC_SHA,
695         SSL3_CK_KRB5_DES_40_CBC_SHA,
696         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
697         SSL_EXPORT|SSL_EXP40,
698         0,
699         40,
700         56,
701         SSL_ALL_CIPHERS,
702         SSL_ALL_STRENGTHS,
703         },
704
705 /* Cipher 27 VRS */
706         {
707         1,
708         SSL3_TXT_KRB5_RC2_40_CBC_SHA,
709         SSL3_CK_KRB5_RC2_40_CBC_SHA,
710         SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_SHA1   |SSL_SSLV3,
711         SSL_EXPORT|SSL_EXP40,
712         0,
713         40,
714         128,
715         SSL_ALL_CIPHERS,
716         SSL_ALL_STRENGTHS,
717         },
718
719 /* Cipher 28 VRS */
720         {
721         1,
722         SSL3_TXT_KRB5_RC4_40_SHA,
723         SSL3_CK_KRB5_RC4_40_SHA,
724         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1   |SSL_SSLV3,
725         SSL_EXPORT|SSL_EXP40,
726         0,
727         128,
728         128,
729         SSL_ALL_CIPHERS,
730         SSL_ALL_STRENGTHS,
731         },
732
733 /* Cipher 29 VRS */
734         {
735         1,
736         SSL3_TXT_KRB5_DES_40_CBC_MD5,
737         SSL3_CK_KRB5_DES_40_CBC_MD5,
738         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
739         SSL_EXPORT|SSL_EXP40,
740         0,
741         40,
742         56,
743         SSL_ALL_CIPHERS,
744         SSL_ALL_STRENGTHS,
745         },
746
747 /* Cipher 2A VRS */
748         {
749         1,
750         SSL3_TXT_KRB5_RC2_40_CBC_MD5,
751         SSL3_CK_KRB5_RC2_40_CBC_MD5,
752         SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_MD5    |SSL_SSLV3,
753         SSL_EXPORT|SSL_EXP40,
754         0,
755         40,
756         128,
757         SSL_ALL_CIPHERS,
758         SSL_ALL_STRENGTHS,
759         },
760
761 /* Cipher 2B VRS */
762         {
763         1,
764         SSL3_TXT_KRB5_RC4_40_MD5,
765         SSL3_CK_KRB5_RC4_40_MD5,
766         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5    |SSL_SSLV3,
767         SSL_EXPORT|SSL_EXP40,
768         0,
769         128,
770         128,
771         SSL_ALL_CIPHERS,
772         SSL_ALL_STRENGTHS,
773         },
774 #endif  /* OPENSSL_NO_KRB5 */
775 /* New AES ciphersuites */
776
777 /* Cipher 2F */
778         {
779         1,
780         TLS1_TXT_RSA_WITH_AES_128_SHA,
781         TLS1_CK_RSA_WITH_AES_128_SHA,
782         SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
783         SSL_NOT_EXP|SSL_HIGH,
784         0,
785         128,
786         128,
787         SSL_ALL_CIPHERS,
788         SSL_ALL_STRENGTHS,
789         },
790 /* Cipher 30 */
791         {
792         0,
793         TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
794         TLS1_CK_DH_DSS_WITH_AES_128_SHA,
795         SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
796         SSL_NOT_EXP|SSL_HIGH,
797         0,
798         128,
799         128,
800         SSL_ALL_CIPHERS,
801         SSL_ALL_STRENGTHS,
802         },
803 /* Cipher 31 */
804         {
805         0,
806         TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
807         TLS1_CK_DH_RSA_WITH_AES_128_SHA,
808         SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
809         SSL_NOT_EXP|SSL_HIGH,
810         0,
811         128,
812         128,
813         SSL_ALL_CIPHERS,
814         SSL_ALL_STRENGTHS,
815         },
816 /* Cipher 32 */
817         {
818         1,
819         TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
820         TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
821         SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
822         SSL_NOT_EXP|SSL_HIGH,
823         0,
824         128,
825         128,
826         SSL_ALL_CIPHERS,
827         SSL_ALL_STRENGTHS,
828         },
829 /* Cipher 33 */
830         {
831         1,
832         TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
833         TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
834         SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
835         SSL_NOT_EXP|SSL_HIGH,
836         0,
837         128,
838         128,
839         SSL_ALL_CIPHERS,
840         SSL_ALL_STRENGTHS,
841         },
842 /* Cipher 34 */
843         {
844         1,
845         TLS1_TXT_ADH_WITH_AES_128_SHA,
846         TLS1_CK_ADH_WITH_AES_128_SHA,
847         SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
848         SSL_NOT_EXP|SSL_HIGH,
849         0,
850         128,
851         128,
852         SSL_ALL_CIPHERS,
853         SSL_ALL_STRENGTHS,
854         },
855
856 /* Cipher 35 */
857         {
858         1,
859         TLS1_TXT_RSA_WITH_AES_256_SHA,
860         TLS1_CK_RSA_WITH_AES_256_SHA,
861         SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
862         SSL_NOT_EXP|SSL_HIGH,
863         0,
864         256,
865         256,
866         SSL_ALL_CIPHERS,
867         SSL_ALL_STRENGTHS,
868         },
869 /* Cipher 36 */
870         {
871         0,
872         TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
873         TLS1_CK_DH_DSS_WITH_AES_256_SHA,
874         SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
875         SSL_NOT_EXP|SSL_HIGH,
876         0,
877         256,
878         256,
879         SSL_ALL_CIPHERS,
880         SSL_ALL_STRENGTHS,
881         },
882 /* Cipher 37 */
883         {
884         0,
885         TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
886         TLS1_CK_DH_RSA_WITH_AES_256_SHA,
887         SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
888         SSL_NOT_EXP|SSL_HIGH,
889         0,
890         256,
891         256,
892         SSL_ALL_CIPHERS,
893         SSL_ALL_STRENGTHS,
894         },
895 /* Cipher 38 */
896         {
897         1,
898         TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
899         TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
900         SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
901         SSL_NOT_EXP|SSL_HIGH,
902         0,
903         256,
904         256,
905         SSL_ALL_CIPHERS,
906         SSL_ALL_STRENGTHS,
907         },
908 /* Cipher 39 */
909         {
910         1,
911         TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
912         TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
913         SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
914         SSL_NOT_EXP|SSL_HIGH,
915         0,
916         256,
917         256,
918         SSL_ALL_CIPHERS,
919         SSL_ALL_STRENGTHS,
920         },
921         /* Cipher 3A */
922         {
923         1,
924         TLS1_TXT_ADH_WITH_AES_256_SHA,
925         TLS1_CK_ADH_WITH_AES_256_SHA,
926         SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
927         SSL_NOT_EXP|SSL_HIGH,
928         0,
929         256,
930         256,
931         SSL_ALL_CIPHERS,
932         SSL_ALL_STRENGTHS,
933         },
934
935 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
936         /* New TLS Export CipherSuites from expired ID */
937 #if 0
938         /* Cipher 60 */
939             {
940             1,
941             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
942             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
943             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
944             SSL_EXPORT|SSL_EXP56,
945             0,
946             56,
947             128,
948             SSL_ALL_CIPHERS,
949             SSL_ALL_STRENGTHS,
950             },
951         /* Cipher 61 */
952             {
953             1,
954             TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
955             TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
956             SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
957             SSL_EXPORT|SSL_EXP56,
958             0,
959             56,
960             128,
961             SSL_ALL_CIPHERS,
962             SSL_ALL_STRENGTHS,
963             },
964 #endif
965         /* Cipher 62 */
966             {
967             1,
968             TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
969             TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
970             SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
971             SSL_EXPORT|SSL_EXP56,
972             0,
973             56,
974             56,
975             SSL_ALL_CIPHERS,
976             SSL_ALL_STRENGTHS,
977             },
978         /* Cipher 63 */
979             {
980             1,
981             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
982             TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
983             SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
984             SSL_EXPORT|SSL_EXP56,
985             0,
986             56,
987             56,
988             SSL_ALL_CIPHERS,
989             SSL_ALL_STRENGTHS,
990             },
991         /* Cipher 64 */
992             {
993             1,
994             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
995             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
996             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
997             SSL_EXPORT|SSL_EXP56,
998             0,
999             56,
1000             128,
1001             SSL_ALL_CIPHERS,
1002             SSL_ALL_STRENGTHS,
1003             },
1004         /* Cipher 65 */
1005             {
1006             1,
1007             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1008             TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1009             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
1010             SSL_EXPORT|SSL_EXP56,
1011             0,
1012             56,
1013             128,
1014             SSL_ALL_CIPHERS,
1015             SSL_ALL_STRENGTHS,
1016             },
1017         /* Cipher 66 */
1018             {
1019             1,
1020             TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
1021             TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
1022             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
1023             SSL_NOT_EXP|SSL_MEDIUM,
1024             0,
1025             128,
1026             128,
1027             SSL_ALL_CIPHERS,
1028             SSL_ALL_STRENGTHS
1029             },
1030 #endif
1031 #ifndef OPENSSL_NO_PSK
1032         /* Cipher 8A */
1033         {
1034         1,
1035         TLS1_TXT_PSK_WITH_RC4_128_SHA,
1036         TLS1_CK_PSK_WITH_RC4_128_SHA,
1037         SSL_kPSK|SSL_aPSK|SSL_RC4|SSL_SHA|SSL_TLSV1,
1038         SSL_NOT_EXP|SSL_MEDIUM,
1039         0,
1040         128,
1041         128,
1042         SSL_ALL_CIPHERS,
1043         SSL_ALL_STRENGTHS,
1044         },
1045
1046         /* Cipher 8B */
1047         {
1048         1,
1049         TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1050         TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1051         SSL_kPSK|SSL_aPSK|SSL_3DES|SSL_SHA|SSL_TLSV1,
1052         SSL_NOT_EXP|SSL_HIGH,
1053         0,
1054         168,
1055         168,
1056         SSL_ALL_CIPHERS,
1057         SSL_ALL_STRENGTHS,
1058         },
1059
1060         /* Cipher 8C */
1061         {
1062         1,
1063         TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1064         TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1065         SSL_kPSK|SSL_aPSK|SSL_AES|SSL_SHA|SSL_TLSV1,
1066         SSL_NOT_EXP|SSL_MEDIUM,
1067         0,
1068         128,
1069         128,
1070         SSL_ALL_CIPHERS,
1071         SSL_ALL_STRENGTHS,
1072         },
1073
1074         /* Cipher 8D */
1075         {
1076         1,
1077         TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1078         TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1079         SSL_kPSK|SSL_aPSK|SSL_AES|SSL_SHA|SSL_TLSV1,
1080         SSL_NOT_EXP|SSL_HIGH,
1081         0,
1082         256,
1083         256,
1084         SSL_ALL_CIPHERS,
1085         SSL_ALL_STRENGTHS,
1086         },
1087 #endif  /* OPENSSL_NO_PSK */
1088 #ifndef OPENSSL_NO_ECDH
1089         /* Cipher C001 */
1090             {
1091             1,
1092             TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
1093             TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
1094             SSL_kECDH|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1095             SSL_NOT_EXP,
1096             0,
1097             0,
1098             0,
1099             SSL_ALL_CIPHERS,
1100             SSL_ALL_STRENGTHS,
1101             },
1102
1103         /* Cipher C002 */
1104             {
1105             1,
1106             TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
1107             TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
1108             SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1109             SSL_NOT_EXP,
1110             0,
1111             128,
1112             128,
1113             SSL_ALL_CIPHERS,
1114             SSL_ALL_STRENGTHS,
1115             },
1116
1117         /* Cipher C003 */
1118             {
1119             1,
1120             TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1121             TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1122             SSL_kECDH|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1123             SSL_NOT_EXP|SSL_HIGH,
1124             0,
1125             168,
1126             168,
1127             SSL_ALL_CIPHERS,
1128             SSL_ALL_STRENGTHS,
1129             },
1130
1131         /* Cipher C004 */
1132             {
1133             1,
1134             TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1135             TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1136             SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1137             SSL_NOT_EXP|SSL_HIGH,
1138             0,
1139             128,
1140             128,
1141             SSL_ALL_CIPHERS,
1142             SSL_ALL_STRENGTHS,
1143             },
1144
1145         /* Cipher C005 */
1146             {
1147             1,
1148             TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1149             TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1150             SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1151             SSL_NOT_EXP|SSL_HIGH,
1152             0,
1153             256,
1154             256,
1155             SSL_ALL_CIPHERS,
1156             SSL_ALL_STRENGTHS,
1157             },
1158
1159         /* Cipher C006 */
1160             {
1161             1,
1162             TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
1163             TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
1164             SSL_kECDHE|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1165             SSL_NOT_EXP,
1166             0,
1167             0,
1168             0,
1169             SSL_ALL_CIPHERS,
1170             SSL_ALL_STRENGTHS,
1171             },
1172
1173         /* Cipher C007 */
1174             {
1175             1,
1176             TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
1177             TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
1178             SSL_kECDHE|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1179             SSL_NOT_EXP,
1180             0,
1181             128,
1182             128,
1183             SSL_ALL_CIPHERS,
1184             SSL_ALL_STRENGTHS,
1185             },
1186
1187         /* Cipher C008 */
1188             {
1189             1,
1190             TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1191             TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1192             SSL_kECDHE|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1193             SSL_NOT_EXP|SSL_HIGH,
1194             0,
1195             168,
1196             168,
1197             SSL_ALL_CIPHERS,
1198             SSL_ALL_STRENGTHS,
1199             },
1200
1201         /* Cipher C009 */
1202             {
1203             1,
1204             TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1205             TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1206             SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1207             SSL_NOT_EXP|SSL_HIGH,
1208             0,
1209             128,
1210             128,
1211             SSL_ALL_CIPHERS,
1212             SSL_ALL_STRENGTHS,
1213             },
1214
1215         /* Cipher C00A */
1216             {
1217             1,
1218             TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1219             TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1220             SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1221             SSL_NOT_EXP|SSL_HIGH,
1222             0,
1223             256,
1224             256,
1225             SSL_ALL_CIPHERS,
1226             SSL_ALL_STRENGTHS,
1227             },
1228
1229         /* Cipher C00B */
1230             {
1231             1,
1232             TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
1233             TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
1234             SSL_kECDH|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1235             SSL_NOT_EXP,
1236             0,
1237             0,
1238             0,
1239             SSL_ALL_CIPHERS,
1240             SSL_ALL_STRENGTHS,
1241             },
1242
1243         /* Cipher C00C */
1244             {
1245             1,
1246             TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
1247             TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
1248             SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1249             SSL_NOT_EXP,
1250             0,
1251             128,
1252             128,
1253             SSL_ALL_CIPHERS,
1254             SSL_ALL_STRENGTHS,
1255             },
1256
1257         /* Cipher C00D */
1258             {
1259             1,
1260             TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1261             TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1262             SSL_kECDH|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1263             SSL_NOT_EXP|SSL_HIGH,
1264             0,
1265             168,
1266             168,
1267             SSL_ALL_CIPHERS,
1268             SSL_ALL_STRENGTHS,
1269             },
1270
1271         /* Cipher C00E */
1272             {
1273             1,
1274             TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
1275             TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
1276             SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1277             SSL_NOT_EXP|SSL_HIGH,
1278             0,
1279             128,
1280             128,
1281             SSL_ALL_CIPHERS,
1282             SSL_ALL_STRENGTHS,
1283             },
1284
1285         /* Cipher C00F */
1286             {
1287             1,
1288             TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
1289             TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
1290             SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1291             SSL_NOT_EXP|SSL_HIGH,
1292             0,
1293             256,
1294             256,
1295             SSL_ALL_CIPHERS,
1296             SSL_ALL_STRENGTHS,
1297             },
1298
1299         /* Cipher C010 */
1300             {
1301             1,
1302             TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1303             TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1304             SSL_kECDHE|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1305             SSL_NOT_EXP,
1306             0,
1307             0,
1308             0,
1309             SSL_ALL_CIPHERS,
1310             SSL_ALL_STRENGTHS,
1311             },
1312
1313         /* Cipher C011 */
1314             {
1315             1,
1316             TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
1317             TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
1318             SSL_kECDHE|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
1319             SSL_NOT_EXP,
1320             0,
1321             128,
1322             128,
1323             SSL_ALL_CIPHERS,
1324             SSL_ALL_STRENGTHS,
1325             },
1326
1327         /* Cipher C012 */
1328             {
1329             1,
1330             TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1331             TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1332             SSL_kECDHE|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
1333             SSL_NOT_EXP|SSL_HIGH,
1334             0,
1335             168,
1336             168,
1337             SSL_ALL_CIPHERS,
1338             SSL_ALL_STRENGTHS,
1339             },
1340
1341         /* Cipher C013 */
1342             {
1343             1,
1344             TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1345             TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1346             SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1347             SSL_NOT_EXP|SSL_HIGH,
1348             0,
1349             128,
1350             128,
1351             SSL_ALL_CIPHERS,
1352             SSL_ALL_STRENGTHS,
1353             },
1354
1355         /* Cipher C014 */
1356             {
1357             1,
1358             TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1359             TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1360             SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
1361             SSL_NOT_EXP|SSL_HIGH,
1362             0,
1363             256,
1364             256,
1365             SSL_ALL_CIPHERS,
1366             SSL_ALL_STRENGTHS,
1367             },
1368
1369         /* Cipher C015 */
1370             {
1371             1,
1372             TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1373             TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1374             SSL_kECDHE|SSL_aNULL|SSL_eNULL|SSL_SHA|SSL_TLSV1,
1375             SSL_NOT_EXP,
1376             0,
1377             0,
1378             0,
1379             SSL_ALL_CIPHERS,
1380             SSL_ALL_STRENGTHS,
1381             },
1382
1383         /* Cipher C016 */
1384             {
1385             1,
1386             TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
1387             TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
1388             SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
1389             SSL_NOT_EXP,
1390             0,
1391             128,
1392             128,
1393             SSL_ALL_CIPHERS,
1394             SSL_ALL_STRENGTHS,
1395             },
1396
1397         /* Cipher C017 */
1398             {
1399             1,
1400             TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1401             TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1402             SSL_kECDHE|SSL_aNULL|SSL_3DES|SSL_SHA|SSL_TLSV1,
1403             SSL_NOT_EXP|SSL_HIGH,
1404             0,
1405             168,
1406             168,
1407             SSL_ALL_CIPHERS,
1408             SSL_ALL_STRENGTHS,
1409             },
1410
1411         /* Cipher C018 */
1412             {
1413             1,
1414             TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1415             TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1416             SSL_kECDHE|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
1417             SSL_NOT_EXP|SSL_HIGH,
1418             0,
1419             128,
1420             128,
1421             SSL_ALL_CIPHERS,
1422             SSL_ALL_STRENGTHS,
1423             },
1424
1425         /* Cipher C019 */
1426             {
1427             1,
1428             TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1429             TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1430             SSL_kECDHE|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
1431             SSL_NOT_EXP|SSL_HIGH,
1432             0,
1433             256,
1434             256,
1435             SSL_ALL_CIPHERS,
1436             SSL_ALL_STRENGTHS,
1437             },
1438 #endif  /* OPENSSL_NO_ECDH */
1439
1440 /* end of list */
1441         };
1442
1443 SSL3_ENC_METHOD SSLv3_enc_data={
1444         ssl3_enc,
1445         ssl3_mac,
1446         ssl3_setup_key_block,
1447         ssl3_generate_master_secret,
1448         ssl3_change_cipher_state,
1449         ssl3_final_finish_mac,
1450         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
1451         ssl3_cert_verify_mac,
1452         SSL3_MD_CLIENT_FINISHED_CONST,4,
1453         SSL3_MD_SERVER_FINISHED_CONST,4,
1454         ssl3_alert_code,
1455         };
1456
1457 long ssl3_default_timeout(void)
1458         {
1459         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
1460          * is way too long for http, the cache would over fill */
1461         return(60*60*2);
1462         }
1463
1464 int ssl3_num_ciphers(void)
1465         {
1466         return(SSL3_NUM_CIPHERS);
1467         }
1468
1469 SSL_CIPHER *ssl3_get_cipher(unsigned int u)
1470         {
1471         if (u < SSL3_NUM_CIPHERS)
1472                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
1473         else
1474                 return(NULL);
1475         }
1476
1477 int ssl3_pending(const SSL *s)
1478         {
1479         if (s->rstate == SSL_ST_READ_BODY)
1480                 return 0;
1481         
1482         return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
1483         }
1484
1485 int ssl3_new(SSL *s)
1486         {
1487         SSL3_STATE *s3;
1488
1489         if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
1490         memset(s3,0,sizeof *s3);
1491         EVP_MD_CTX_init(&s3->finish_dgst1);
1492         EVP_MD_CTX_init(&s3->finish_dgst2);
1493         memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
1494         memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
1495
1496         s->s3=s3;
1497
1498         s->method->ssl_clear(s);
1499         return(1);
1500 err:
1501         return(0);
1502         }
1503
1504 void ssl3_free(SSL *s)
1505         {
1506         if(s == NULL)
1507             return;
1508
1509         ssl3_cleanup_key_block(s);
1510         if (s->s3->rbuf.buf != NULL)
1511                 OPENSSL_free(s->s3->rbuf.buf);
1512         if (s->s3->wbuf.buf != NULL)
1513                 OPENSSL_free(s->s3->wbuf.buf);
1514         if (s->s3->rrec.comp != NULL)
1515                 OPENSSL_free(s->s3->rrec.comp);
1516 #ifndef OPENSSL_NO_DH
1517         if (s->s3->tmp.dh != NULL)
1518                 DH_free(s->s3->tmp.dh);
1519 #endif
1520 #ifndef OPENSSL_NO_ECDH
1521         if (s->s3->tmp.ecdh != NULL)
1522                 EC_KEY_free(s->s3->tmp.ecdh);
1523 #endif
1524
1525         if (s->s3->tmp.ca_names != NULL)
1526                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1527         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1528         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1529
1530         OPENSSL_cleanse(s->s3,sizeof *s->s3);
1531         OPENSSL_free(s->s3);
1532         s->s3=NULL;
1533         }
1534
1535 void ssl3_clear(SSL *s)
1536         {
1537         unsigned char *rp,*wp;
1538         size_t rlen, wlen;
1539
1540         ssl3_cleanup_key_block(s);
1541         if (s->s3->tmp.ca_names != NULL)
1542                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1543
1544         if (s->s3->rrec.comp != NULL)
1545                 {
1546                 OPENSSL_free(s->s3->rrec.comp);
1547                 s->s3->rrec.comp=NULL;
1548                 }
1549 #ifndef OPENSSL_NO_DH
1550         if (s->s3->tmp.dh != NULL)
1551                 DH_free(s->s3->tmp.dh);
1552 #endif
1553 #ifndef OPENSSL_NO_ECDH
1554         if (s->s3->tmp.ecdh != NULL)
1555                 EC_KEY_free(s->s3->tmp.ecdh);
1556 #endif
1557
1558         rp = s->s3->rbuf.buf;
1559         wp = s->s3->wbuf.buf;
1560         rlen = s->s3->rbuf.len;
1561         wlen = s->s3->wbuf.len;
1562
1563         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1564         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1565
1566         memset(s->s3,0,sizeof *s->s3);
1567         s->s3->rbuf.buf = rp;
1568         s->s3->wbuf.buf = wp;
1569         s->s3->rbuf.len = rlen;
1570         s->s3->wbuf.len = wlen;
1571
1572         ssl_free_wbio_buffer(s);
1573
1574         s->packet_length=0;
1575         s->s3->renegotiate=0;
1576         s->s3->total_renegotiations=0;
1577         s->s3->num_renegotiations=0;
1578         s->s3->in_read_app_data=0;
1579         s->version=SSL3_VERSION;
1580         }
1581
1582 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1583         {
1584         int ret=0;
1585
1586 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1587         if (
1588 #ifndef OPENSSL_NO_RSA
1589             cmd == SSL_CTRL_SET_TMP_RSA ||
1590             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1591 #endif
1592 #ifndef OPENSSL_NO_DSA
1593             cmd == SSL_CTRL_SET_TMP_DH ||
1594             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1595 #endif
1596                 0)
1597                 {
1598                 if (!ssl_cert_inst(&s->cert))
1599                         {
1600                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
1601                         return(0);
1602                         }
1603                 }
1604 #endif
1605
1606         switch (cmd)
1607                 {
1608         case SSL_CTRL_GET_SESSION_REUSED:
1609                 ret=s->hit;
1610                 break;
1611         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
1612                 break;
1613         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
1614                 ret=s->s3->num_renegotiations;
1615                 break;
1616         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
1617                 ret=s->s3->num_renegotiations;
1618                 s->s3->num_renegotiations=0;
1619                 break;
1620         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
1621                 ret=s->s3->total_renegotiations;
1622                 break;
1623         case SSL_CTRL_GET_FLAGS:
1624                 ret=(int)(s->s3->flags);
1625                 break;
1626 #ifndef OPENSSL_NO_RSA
1627         case SSL_CTRL_NEED_TMP_RSA:
1628                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
1629                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1630                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
1631                         ret = 1;
1632                 break;
1633         case SSL_CTRL_SET_TMP_RSA:
1634                 {
1635                         RSA *rsa = (RSA *)parg;
1636                         if (rsa == NULL)
1637                                 {
1638                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1639                                 return(ret);
1640                                 }
1641                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
1642                                 {
1643                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
1644                                 return(ret);
1645                                 }
1646                         if (s->cert->rsa_tmp != NULL)
1647                                 RSA_free(s->cert->rsa_tmp);
1648                         s->cert->rsa_tmp = rsa;
1649                         ret = 1;
1650                 }
1651                 break;
1652         case SSL_CTRL_SET_TMP_RSA_CB:
1653                 {
1654                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1655                 return(ret);
1656                 }
1657                 break;
1658 #endif
1659 #ifndef OPENSSL_NO_DH
1660         case SSL_CTRL_SET_TMP_DH:
1661                 {
1662                         DH *dh = (DH *)parg;
1663                         if (dh == NULL)
1664                                 {
1665                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1666                                 return(ret);
1667                                 }
1668                         if ((dh = DHparams_dup(dh)) == NULL)
1669                                 {
1670                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1671                                 return(ret);
1672                                 }
1673                         if (!(s->options & SSL_OP_SINGLE_DH_USE))
1674                                 {
1675                                 if (!DH_generate_key(dh))
1676                                         {
1677                                         DH_free(dh);
1678                                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1679                                         return(ret);
1680                                         }
1681                                 }
1682                         if (s->cert->dh_tmp != NULL)
1683                                 DH_free(s->cert->dh_tmp);
1684                         s->cert->dh_tmp = dh;
1685                         ret = 1;
1686                 }
1687                 break;
1688         case SSL_CTRL_SET_TMP_DH_CB:
1689                 {
1690                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1691                 return(ret);
1692                 }
1693                 break;
1694 #endif
1695 #ifndef OPENSSL_NO_ECDH
1696         case SSL_CTRL_SET_TMP_ECDH:
1697                 {
1698                 EC_KEY *ecdh = NULL;
1699                         
1700                 if (parg == NULL)
1701                         {
1702                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1703                         return(ret);
1704                         }
1705                 if (!EC_KEY_up_ref((EC_KEY *)parg))
1706                         {
1707                         SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
1708                         return(ret);
1709                         }
1710                 ecdh = (EC_KEY *)parg;
1711                 if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
1712                         {
1713                         if (!EC_KEY_generate_key(ecdh))
1714                                 {
1715                                 EC_KEY_free(ecdh);
1716                                 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
1717                                 return(ret);
1718                                 }
1719                         }
1720                 if (s->cert->ecdh_tmp != NULL)
1721                         EC_KEY_free(s->cert->ecdh_tmp);
1722                 s->cert->ecdh_tmp = ecdh;
1723                 ret = 1;
1724                 }
1725                 break;
1726         case SSL_CTRL_SET_TMP_ECDH_CB:
1727                 {
1728                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1729                 return(ret);
1730                 }
1731                 break;
1732 #endif /* !OPENSSL_NO_ECDH */
1733 #ifndef OPENSSL_NO_TLSEXT
1734         case SSL_CTRL_SET_TLSEXT_HOSTNAME:
1735                 if (larg == TLSEXT_NAMETYPE_host_name)
1736                         {
1737                         if (s->tlsext_hostname != NULL) 
1738                                 OPENSSL_free(s->tlsext_hostname);
1739                         s->tlsext_hostname = NULL;
1740
1741                         ret = 1;
1742                         if (parg == NULL) 
1743                                 break;
1744                         if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
1745                                 {
1746                                 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
1747                                 return 0;
1748                                 }
1749                         if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
1750                                 {
1751                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
1752                                 return 0;
1753                                 }
1754                         }
1755                 else
1756                         {
1757                         SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
1758                         return 0;
1759                         }
1760                 s->options |= SSL_OP_NO_SSLv2; /* can't use extension w/ SSL 2.0 format */
1761                 break;
1762 #endif /* !OPENSSL_NO_TLSEXT */
1763         default:
1764                 break;
1765                 }
1766         return(ret);
1767         }
1768
1769 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
1770         {
1771         int ret=0;
1772
1773 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1774         if (
1775 #ifndef OPENSSL_NO_RSA
1776             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1777 #endif
1778 #ifndef OPENSSL_NO_DSA
1779             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1780 #endif
1781                 0)
1782                 {
1783                 if (!ssl_cert_inst(&s->cert))
1784                         {
1785                         SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
1786                         return(0);
1787                         }
1788                 }
1789 #endif
1790
1791         switch (cmd)
1792                 {
1793 #ifndef OPENSSL_NO_RSA
1794         case SSL_CTRL_SET_TMP_RSA_CB:
1795                 {
1796                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1797                 }
1798                 break;
1799 #endif
1800 #ifndef OPENSSL_NO_DH
1801         case SSL_CTRL_SET_TMP_DH_CB:
1802                 {
1803                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1804                 }
1805                 break;
1806 #endif
1807 #ifndef OPENSSL_NO_ECDH
1808         case SSL_CTRL_SET_TMP_ECDH_CB:
1809                 {
1810                 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
1811                 }
1812                 break;
1813 #endif
1814         default:
1815                 break;
1816                 }
1817         return(ret);
1818         }
1819
1820 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1821         {
1822         CERT *cert;
1823
1824         cert=ctx->cert;
1825
1826         switch (cmd)
1827                 {
1828 #ifndef OPENSSL_NO_RSA
1829         case SSL_CTRL_NEED_TMP_RSA:
1830                 if (    (cert->rsa_tmp == NULL) &&
1831                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1832                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
1833                         )
1834                         return(1);
1835                 else
1836                         return(0);
1837                 /* break; */
1838         case SSL_CTRL_SET_TMP_RSA:
1839                 {
1840                 RSA *rsa;
1841                 int i;
1842
1843                 rsa=(RSA *)parg;
1844                 i=1;
1845                 if (rsa == NULL)
1846                         i=0;
1847                 else
1848                         {
1849                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
1850                                 i=0;
1851                         }
1852                 if (!i)
1853                         {
1854                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
1855                         return(0);
1856                         }
1857                 else
1858                         {
1859                         if (cert->rsa_tmp != NULL)
1860                                 RSA_free(cert->rsa_tmp);
1861                         cert->rsa_tmp=rsa;
1862                         return(1);
1863                         }
1864                 }
1865                 /* break; */
1866         case SSL_CTRL_SET_TMP_RSA_CB:
1867                 {
1868                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1869                 return(0);
1870                 }
1871                 break;
1872 #endif
1873 #ifndef OPENSSL_NO_DH
1874         case SSL_CTRL_SET_TMP_DH:
1875                 {
1876                 DH *new=NULL,*dh;
1877
1878                 dh=(DH *)parg;
1879                 if ((new=DHparams_dup(dh)) == NULL)
1880                         {
1881                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1882                         return 0;
1883                         }
1884                 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1885                         {
1886                         if (!DH_generate_key(new))
1887                                 {
1888                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1889                                 DH_free(new);
1890                                 return 0;
1891                                 }
1892                         }
1893                 if (cert->dh_tmp != NULL)
1894                         DH_free(cert->dh_tmp);
1895                 cert->dh_tmp=new;
1896                 return 1;
1897                 }
1898                 /*break; */
1899         case SSL_CTRL_SET_TMP_DH_CB:
1900                 {
1901                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1902                 return(0);
1903                 }
1904                 break;
1905 #endif
1906 #ifndef OPENSSL_NO_ECDH
1907         case SSL_CTRL_SET_TMP_ECDH:
1908                 {
1909                 EC_KEY *ecdh = NULL;
1910                         
1911                 if (parg == NULL)
1912                         {
1913                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
1914                         return 0;
1915                         }
1916                 ecdh = EC_KEY_dup((EC_KEY *)parg);
1917                 if (ecdh == NULL)
1918                         {
1919                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
1920                         return 0;
1921                         }
1922                 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
1923                         {
1924                         if (!EC_KEY_generate_key(ecdh))
1925                                 {
1926                                 EC_KEY_free(ecdh);
1927                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
1928                                 return 0;
1929                                 }
1930                         }
1931
1932                 if (cert->ecdh_tmp != NULL)
1933                         {
1934                         EC_KEY_free(cert->ecdh_tmp);
1935                         }
1936                 cert->ecdh_tmp = ecdh;
1937                 return 1;
1938                 }
1939                 /* break; */
1940         case SSL_CTRL_SET_TMP_ECDH_CB:
1941                 {
1942                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1943                 return(0);
1944                 }
1945                 break;
1946 #endif /* !OPENSSL_NO_ECDH */
1947 #ifndef OPENSSL_NO_TLSEXT
1948         case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
1949                 ctx->tlsext_servername_arg=parg;
1950                 break;
1951 #endif /* !OPENSSL_NO_TLSEXT */
1952         /* A Thawte special :-) */
1953         case SSL_CTRL_EXTRA_CHAIN_CERT:
1954                 if (ctx->extra_certs == NULL)
1955                         {
1956                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1957                                 return(0);
1958                         }
1959                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
1960                 break;
1961
1962         default:
1963                 return(0);
1964                 }
1965         return(1);
1966         }
1967
1968 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
1969         {
1970         CERT *cert;
1971
1972         cert=ctx->cert;
1973
1974         switch (cmd)
1975                 {
1976 #ifndef OPENSSL_NO_RSA
1977         case SSL_CTRL_SET_TMP_RSA_CB:
1978                 {
1979                 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1980                 }
1981                 break;
1982 #endif
1983 #ifndef OPENSSL_NO_DH
1984         case SSL_CTRL_SET_TMP_DH_CB:
1985                 {
1986                 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1987                 }
1988                 break;
1989 #endif
1990 #ifndef OPENSSL_NO_ECDH
1991         case SSL_CTRL_SET_TMP_ECDH_CB:
1992                 {
1993                 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
1994                 }
1995                 break;
1996 #endif
1997 #ifndef OPENSSL_NO_TLSEXT
1998         case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
1999                 ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
2000                 break;
2001 #endif
2002         default:
2003                 return(0);
2004                 }
2005         return(1);
2006         }
2007
2008 /* This function needs to check if the ciphers required are actually
2009  * available */
2010 SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
2011         {
2012         SSL_CIPHER c,*cp;
2013         unsigned long id;
2014
2015         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
2016         c.id=id;
2017         cp = (SSL_CIPHER *)OBJ_bsearch((char *)&c,
2018                 (char *)ssl3_ciphers,
2019                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER),
2020                 FP_ICC ssl_cipher_id_cmp);
2021         if (cp == NULL || cp->valid == 0)
2022                 return NULL;
2023         else
2024                 return cp;
2025         }
2026
2027 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
2028         {
2029         long l;
2030
2031         if (p != NULL)
2032                 {
2033                 l=c->id;
2034                 if ((l & 0xff000000) != 0x03000000) return(0);
2035                 p[0]=((unsigned char)(l>> 8L))&0xFF;
2036                 p[1]=((unsigned char)(l     ))&0xFF;
2037                 }
2038         return(2);
2039         }
2040
2041 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
2042              STACK_OF(SSL_CIPHER) *srvr)
2043         {
2044         SSL_CIPHER *c,*ret=NULL;
2045         STACK_OF(SSL_CIPHER) *prio, *allow;
2046         int i,j,ok;
2047 #ifndef OPENSSL_NO_TLSEXT
2048 #ifndef OPENSSL_NO_EC
2049         int ec_ok;
2050 #endif /* OPENSSL_NO_EC */
2051 #endif /* OPENSSL_NO_TLSEXT */
2052         CERT *cert;
2053         unsigned long alg,mask,emask;
2054
2055         /* Let's see which ciphers we can support */
2056         cert=s->cert;
2057
2058 #if 0
2059         /* Do not set the compare functions, because this may lead to a
2060          * reordering by "id". We want to keep the original ordering.
2061          * We may pay a price in performance during sk_SSL_CIPHER_find(),
2062          * but would have to pay with the price of sk_SSL_CIPHER_dup().
2063          */
2064         sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
2065         sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
2066 #endif
2067
2068 #ifdef CIPHER_DEBUG
2069         printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
2070         for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
2071             {
2072             c=sk_SSL_CIPHER_value(srvr,i);
2073             printf("%p:%s\n",c,c->name);
2074             }
2075         printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
2076         for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
2077             {
2078             c=sk_SSL_CIPHER_value(clnt,i);
2079             printf("%p:%s\n",c,c->name);
2080             }
2081 #endif
2082
2083         if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
2084             {
2085             prio = srvr;
2086             allow = clnt;
2087             }
2088         else
2089             {
2090             prio = clnt;
2091             allow = srvr;
2092             }
2093
2094         for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
2095                 {
2096                 c=sk_SSL_CIPHER_value(prio,i);
2097
2098                 ssl_set_cert_masks(cert,c);
2099                 mask=cert->mask;
2100                 emask=cert->export_mask;
2101                         
2102 #ifdef KSSL_DEBUG
2103                 printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
2104 #endif    /* KSSL_DEBUG */
2105
2106                 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
2107 #ifndef OPENSSL_NO_KRB5
2108                 if (alg & SSL_KRB5) 
2109                         {
2110                         if ( !kssl_keytab_is_available(s->kssl_ctx) )
2111                             continue;
2112                         }
2113 #endif /* OPENSSL_NO_KRB5 */
2114 #ifndef OPENSSL_NO_PSK
2115                 /* with PSK there must be server callback set */
2116                 if ((alg & SSL_PSK) && s->psk_server_callback == NULL)
2117                         continue;
2118 #endif /* OPENSSL_NO_PSK */
2119
2120                 if (SSL_C_IS_EXPORT(c))
2121                         {
2122                         ok=((alg & emask) == alg)?1:0;
2123 #ifdef CIPHER_DEBUG
2124                         printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
2125                                c,c->name);
2126 #endif
2127                         }
2128                 else
2129                         {
2130                         ok=((alg & mask) == alg)?1:0;
2131 #ifdef CIPHER_DEBUG
2132                         printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
2133                                c->name);
2134 #endif
2135                         }
2136
2137 #ifndef OPENSSL_NO_TLSEXT
2138 #ifndef OPENSSL_NO_EC
2139                 if (
2140                         /* if we are considering an ECC cipher suite that uses our certificate */
2141                         (alg & SSL_aECDSA)
2142                         /* and we have an ECC certificate */
2143                         && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
2144                         /* and the client specified a Supported Point Formats extension */
2145                         && ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
2146                         /* and our certificate's point is compressed */
2147                         && (
2148                                 (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
2149                                 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
2150                                 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
2151                                 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
2152                                 && (
2153                                         (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
2154                                         || (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
2155                                         )
2156                                 )
2157                 )
2158                         {
2159                         ec_ok = 0;
2160                         /* if our certificate's curve is over a field type that the client does not support
2161                          * then do not allow this cipher suite to be negotiated */
2162                         if (
2163                                 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
2164                                 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
2165                                 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
2166                                 && (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
2167                         )
2168                                 {
2169                                 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
2170                                         {
2171                                         if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
2172                                                 {
2173                                                 ec_ok = 1;
2174                                                 break;
2175                                                 }
2176                                         }
2177                                 }
2178                         else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
2179                                 {
2180                                 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
2181                                         {
2182                                         if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
2183                                                 {
2184                                                 ec_ok = 1;
2185                                                 break;
2186                                                 }
2187                                         }
2188                                 }
2189                         ok = ok && ec_ok;
2190                         }
2191 #endif /* OPENSSL_NO_EC */
2192 #endif /* OPENSSL_NO_TLSEXT */
2193
2194                 if (!ok) continue;
2195                 j=sk_SSL_CIPHER_find(allow,c);
2196                 if (j >= 0)
2197                         {
2198                         ret=sk_SSL_CIPHER_value(allow,j);
2199                         break;
2200                         }
2201                 }
2202         return(ret);
2203         }
2204
2205 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
2206         {
2207         int ret=0;
2208         unsigned long alg;
2209
2210         alg=s->s3->tmp.new_cipher->algorithms;
2211
2212 #ifndef OPENSSL_NO_DH
2213         if (alg & (SSL_kDHr|SSL_kEDH))
2214                 {
2215 #  ifndef OPENSSL_NO_RSA
2216                 p[ret++]=SSL3_CT_RSA_FIXED_DH;
2217 #  endif
2218 #  ifndef OPENSSL_NO_DSA
2219                 p[ret++]=SSL3_CT_DSS_FIXED_DH;
2220 #  endif
2221                 }
2222         if ((s->version == SSL3_VERSION) &&
2223                 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
2224                 {
2225 #  ifndef OPENSSL_NO_RSA
2226                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
2227 #  endif
2228 #  ifndef OPENSSL_NO_DSA
2229                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
2230 #  endif
2231                 }
2232 #endif /* !OPENSSL_NO_DH */
2233 #ifndef OPENSSL_NO_RSA
2234         p[ret++]=SSL3_CT_RSA_SIGN;
2235 #endif
2236 #ifndef OPENSSL_NO_DSA
2237         p[ret++]=SSL3_CT_DSS_SIGN;
2238 #endif
2239 #ifndef OPENSSL_NO_ECDH
2240         /* We should ask for fixed ECDH certificates only
2241          * for SSL_kECDH (and not SSL_kECDHE)
2242          */
2243         if ((alg & SSL_kECDH) && (s->version >= TLS1_VERSION))
2244                 {
2245                 p[ret++]=TLS_CT_RSA_FIXED_ECDH;
2246                 p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
2247                 }
2248 #endif
2249
2250 #ifndef OPENSSL_NO_ECDSA
2251         /* ECDSA certs can be used with RSA cipher suites as well 
2252          * so we don't need to check for SSL_kECDH or SSL_kECDHE
2253          */
2254         if (s->version >= TLS1_VERSION)
2255                 {
2256                 p[ret++]=TLS_CT_ECDSA_SIGN;
2257                 }
2258 #endif  
2259         return(ret);
2260         }
2261
2262 int ssl3_shutdown(SSL *s)
2263         {
2264
2265         /* Don't do anything much if we have not done the handshake or
2266          * we don't want to send messages :-) */
2267         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
2268                 {
2269                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
2270                 return(1);
2271                 }
2272
2273         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
2274                 {
2275                 s->shutdown|=SSL_SENT_SHUTDOWN;
2276 #if 1
2277                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
2278 #endif
2279                 /* our shutdown alert has been sent now, and if it still needs
2280                  * to be written, s->s3->alert_dispatch will be true */
2281                 }
2282         else if (s->s3->alert_dispatch)
2283                 {
2284                 /* resend it if not sent */
2285 #if 1
2286                 s->method->ssl_dispatch_alert(s);
2287 #endif
2288                 }
2289         else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
2290                 {
2291                 /* If we are waiting for a close from our peer, we are closed */
2292                 s->method->ssl_read_bytes(s,0,NULL,0,0);
2293                 }
2294
2295         if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
2296                 !s->s3->alert_dispatch)
2297                 return(1);
2298         else
2299                 return(0);
2300         }
2301
2302 int ssl3_write(SSL *s, const void *buf, int len)
2303         {
2304         int ret,n;
2305
2306 #if 0
2307         if (s->shutdown & SSL_SEND_SHUTDOWN)
2308                 {
2309                 s->rwstate=SSL_NOTHING;
2310                 return(0);
2311                 }
2312 #endif
2313         clear_sys_error();
2314         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
2315
2316         /* This is an experimental flag that sends the
2317          * last handshake message in the same packet as the first
2318          * use data - used to see if it helps the TCP protocol during
2319          * session-id reuse */
2320         /* The second test is because the buffer may have been removed */
2321         if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
2322                 {
2323                 /* First time through, we write into the buffer */
2324                 if (s->s3->delay_buf_pop_ret == 0)
2325                         {
2326                         ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
2327                                              buf,len);
2328                         if (ret <= 0) return(ret);
2329
2330                         s->s3->delay_buf_pop_ret=ret;
2331                         }
2332
2333                 s->rwstate=SSL_WRITING;
2334                 n=BIO_flush(s->wbio);
2335                 if (n <= 0) return(n);
2336                 s->rwstate=SSL_NOTHING;
2337
2338                 /* We have flushed the buffer, so remove it */
2339                 ssl_free_wbio_buffer(s);
2340                 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
2341
2342                 ret=s->s3->delay_buf_pop_ret;
2343                 s->s3->delay_buf_pop_ret=0;
2344                 }
2345         else
2346                 {
2347                 ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
2348                         buf,len);
2349                 if (ret <= 0) return(ret);
2350                 }
2351
2352         return(ret);
2353         }
2354
2355 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
2356         {
2357         int ret;
2358         
2359         clear_sys_error();
2360         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
2361         s->s3->in_read_app_data=1;
2362         ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
2363         if ((ret == -1) && (s->s3->in_read_app_data == 2))
2364                 {
2365                 /* ssl3_read_bytes decided to call s->handshake_func, which
2366                  * called ssl3_read_bytes to read handshake data.
2367                  * However, ssl3_read_bytes actually found application data
2368                  * and thinks that application data makes sense here; so disable
2369                  * handshake processing and try to read application data again. */
2370                 s->in_handshake++;
2371                 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
2372                 s->in_handshake--;
2373                 }
2374         else
2375                 s->s3->in_read_app_data=0;
2376
2377         return(ret);
2378         }
2379
2380 int ssl3_read(SSL *s, void *buf, int len)
2381         {
2382         return ssl3_read_internal(s, buf, len, 0);
2383         }
2384
2385 int ssl3_peek(SSL *s, void *buf, int len)
2386         {
2387         return ssl3_read_internal(s, buf, len, 1);
2388         }
2389
2390 int ssl3_renegotiate(SSL *s)
2391         {
2392         if (s->handshake_func == NULL)
2393                 return(1);
2394
2395         if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
2396                 return(0);
2397
2398         s->s3->renegotiate=1;
2399         return(1);
2400         }
2401
2402 int ssl3_renegotiate_check(SSL *s)
2403         {
2404         int ret=0;
2405
2406         if (s->s3->renegotiate)
2407                 {
2408                 if (    (s->s3->rbuf.left == 0) &&
2409                         (s->s3->wbuf.left == 0) &&
2410                         !SSL_in_init(s))
2411                         {
2412 /*
2413 if we are the server, and we have sent a 'RENEGOTIATE' message, we
2414 need to go to SSL_ST_ACCEPT.
2415 */
2416                         /* SSL_ST_ACCEPT */
2417                         s->state=SSL_ST_RENEGOTIATE;
2418                         s->s3->renegotiate=0;
2419                         s->s3->num_renegotiations++;
2420                         s->s3->total_renegotiations++;
2421                         ret=1;
2422                         }
2423                 }
2424         return(ret);
2425         }
2426