ssl/s3_lib.c

   1 /* ssl/s3_lib.c */
   2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58
  59 #include <stdio.h>
  60 #include "objects.h"
  61 #include "ssl_locl.h"
  62
  63 char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
  64
  65 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
  66
  67 #ifndef NOPROTO
  68 static long ssl3_default_timeout(void );
  69 #else
  70 static long ssl3_default_timeout();
  71 #endif
  72
  73 SSL_CIPHER ssl3_ciphers[]={
  74 /* The RSA ciphers */
  75 /* Cipher 01 */
  76         {
  77         1,
  78         SSL3_TXT_RSA_NULL_MD5,
  79         SSL3_CK_RSA_NULL_MD5,
  80         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
  81         0,
  82         SSL_ALL_CIPHERS,
  83         },
  84 /* Cipher 02 */
  85         {
  86         1,
  87         SSL3_TXT_RSA_NULL_SHA,
  88         SSL3_CK_RSA_NULL_SHA,
  89         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
  90         0,
  91         SSL_ALL_CIPHERS,
  92         },
  93
  94 /* anon DH */
  95 /* Cipher 17 */
  96         {
  97         1,
  98         SSL3_TXT_ADH_RC4_40_MD5,
  99         SSL3_CK_ADH_RC4_40_MD5,
 100         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_EXP40|SSL_SSLV3,
 101         0,
 102         SSL_ALL_CIPHERS,
 103         },
 104 /* Cipher 18 */
 105         {
 106         1,
 107         SSL3_TXT_ADH_RC4_128_MD5,
 108         SSL3_CK_ADH_RC4_128_MD5,
 109         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
 110         0,
 111         SSL_ALL_CIPHERS,
 112         },
 113 /* Cipher 19 */
 114         {
 115         1,
 116         SSL3_TXT_ADH_DES_40_CBC_SHA,
 117         SSL3_CK_ADH_DES_40_CBC_SHA,
 118         SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
 119         0,
 120         SSL_ALL_CIPHERS,
 121         },
 122 /* Cipher 1A */
 123         {
 124         1,
 125         SSL3_TXT_ADH_DES_64_CBC_SHA,
 126         SSL3_CK_ADH_DES_64_CBC_SHA,
 127         SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
 128         0,
 129         SSL_ALL_CIPHERS,
 130         },
 131 /* Cipher 1B */
 132         {
 133         1,
 134         SSL3_TXT_ADH_DES_192_CBC_SHA,
 135         SSL3_CK_ADH_DES_192_CBC_SHA,
 136         SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
 137         0,
 138         SSL_ALL_CIPHERS,
 139         },
 140
 141 /* RSA again */
 142 /* Cipher 03 */
 143         {
 144         1,
 145         SSL3_TXT_RSA_RC4_40_MD5,
 146         SSL3_CK_RSA_RC4_40_MD5,
 147         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_EXP40|SSL_SSLV3,
 148         0,
 149         SSL_ALL_CIPHERS,
 150         },
 151 /* Cipher 04 */
 152         {
 153         1,
 154         SSL3_TXT_RSA_RC4_128_MD5,
 155         SSL3_CK_RSA_RC4_128_MD5,
 156         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
 157         0,
 158         SSL_ALL_CIPHERS,
 159         },
 160 /* Cipher 05 */
 161         {
 162         1,
 163         SSL3_TXT_RSA_RC4_128_SHA,
 164         SSL3_CK_RSA_RC4_128_SHA,
 165         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
 166         0,
 167         SSL_ALL_CIPHERS,
 168         },
 169 /* Cipher 06 */
 170         {
 171         1,
 172         SSL3_TXT_RSA_RC2_40_MD5,
 173         SSL3_CK_RSA_RC2_40_MD5,
 174         SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_EXP40|SSL_SSLV3,
 175         0,
 176         SSL_ALL_CIPHERS,
 177         },
 178 /* Cipher 07 */
 179         {
 180         1,
 181         SSL3_TXT_RSA_IDEA_128_SHA,
 182         SSL3_CK_RSA_IDEA_128_SHA,
 183         SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
 184         0,
 185         SSL_ALL_CIPHERS,
 186         },
 187 /* Cipher 08 */
 188         {
 189         1,
 190         SSL3_TXT_RSA_DES_40_CBC_SHA,
 191         SSL3_CK_RSA_DES_40_CBC_SHA,
 192         SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
 193         0,
 194         SSL_ALL_CIPHERS,
 195         },
 196 /* Cipher 09 */
 197         {
 198         1,
 199         SSL3_TXT_RSA_DES_64_CBC_SHA,
 200         SSL3_CK_RSA_DES_64_CBC_SHA,
 201         SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
 202         0,
 203         SSL_ALL_CIPHERS,
 204         },
 205 /* Cipher 0A */
 206         {
 207         1,
 208         SSL3_TXT_RSA_DES_192_CBC3_SHA,
 209         SSL3_CK_RSA_DES_192_CBC3_SHA,
 210         SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
 211         0,
 212         SSL_ALL_CIPHERS,
 213         },
 214
 215 /*  The DH ciphers */
 216 /* Cipher 0B */
 217         {
 218         0,
 219         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
 220         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
 221         SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
 222         0,
 223         SSL_ALL_CIPHERS,
 224         },
 225 /* Cipher 0C */
 226         {
 227         0,
 228         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
 229         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
 230         SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
 231         0,
 232         SSL_ALL_CIPHERS,
 233         },
 234 /* Cipher 0D */
 235         {
 236         0,
 237         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
 238         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
 239         SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
 240         0,
 241         SSL_ALL_CIPHERS,
 242         },
 243 /* Cipher 0E */
 244         {
 245         0,
 246         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
 247         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
 248         SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
 249         0,
 250         SSL_ALL_CIPHERS,
 251         },
 252 /* Cipher 0F */
 253         {
 254         0,
 255         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
 256         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
 257         SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
 258         0,
 259         SSL_ALL_CIPHERS,
 260         },
 261 /* Cipher 10 */
 262         {
 263         0,
 264         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
 265         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
 266         SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
 267         0,
 268         SSL_ALL_CIPHERS,
 269         },
 270
 271 /* The Ephemeral DH ciphers */
 272 /* Cipher 11 */
 273         {
 274         1,
 275         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
 276         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
 277         SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
 278         0,
 279         SSL_ALL_CIPHERS,
 280         },
 281 /* Cipher 12 */
 282         {
 283         1,
 284         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
 285         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
 286         SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
 287         0,
 288         SSL_ALL_CIPHERS,
 289         },
 290 /* Cipher 13 */
 291         {
 292         1,
 293         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
 294         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
 295         SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
 296         0,
 297         SSL_ALL_CIPHERS,
 298         },
 299 /* Cipher 14 */
 300         {
 301         1,
 302         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
 303         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
 304         SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
 305         0,
 306         SSL_ALL_CIPHERS,
 307         },
 308 /* Cipher 15 */
 309         {
 310         1,
 311         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
 312         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
 313         SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
 314         0,
 315         SSL_ALL_CIPHERS,
 316         },
 317 /* Cipher 16 */
 318         {
 319         1,
 320         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
 321         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
 322         SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
 323         0,
 324         SSL_ALL_CIPHERS,
 325         },
 326
 327 /* Fortezza */
 328 /* Cipher 1C */
 329         {
 330         0,
 331         SSL3_TXT_FZA_DMS_NULL_SHA,
 332         SSL3_CK_FZA_DMS_NULL_SHA,
 333         SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
 334         0,
 335         SSL_ALL_CIPHERS,
 336         },
 337
 338 /* Cipher 1D */
 339         {
 340         0,
 341         SSL3_TXT_FZA_DMS_FZA_SHA,
 342         SSL3_CK_FZA_DMS_FZA_SHA,
 343         SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
 344         0,
 345         SSL_ALL_CIPHERS,
 346         },
 347
 348 /* Cipher 1E */
 349         {
 350         0,
 351         SSL3_TXT_FZA_DMS_RC4_SHA,
 352         SSL3_CK_FZA_DMS_RC4_SHA,
 353         SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
 354         0,
 355         SSL_ALL_CIPHERS,
 356         },
 357
 358 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
 359         /* New TLS Export CipherSuites */
 360         /* Cipher 60 */
 361             {
 362             1,
 363             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
 364             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
 365             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP56|SSL_TLSV1,
 366             0,
 367             SSL_ALL_CIPHERS
 368             },
 369         /* Cipher 61 */
 370             {
 371             1,
 372             TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
 373             TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
 374             SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP56|SSL_TLSV1,
 375             0,
 376             SSL_ALL_CIPHERS
 377             },
 378         /* Cipher 62 */
 379             {
 380             1,
 381             TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
 382             TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
 383             SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_EXP56|SSL_TLSV1,
 384             0,
 385             SSL_ALL_CIPHERS
 386             },
 387         /* Cipher 63 */
 388             {
 389             1,
 390             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
 391             TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
 392             SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_EXP56|SSL_TLSV1,
 393             0,
 394             SSL_ALL_CIPHERS
 395             },
 396         /* Cipher 64 */
 397             {
 398             1,
 399             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
 400             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
 401             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_EXP56|SSL_TLSV1,
 402             0,
 403             SSL_ALL_CIPHERS
 404             },
 405         /* Cipher 65 */
 406             {
 407             1,
 408             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
 409             TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
 410             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_EXP56|SSL_TLSV1,
 411             0,
 412             SSL_ALL_CIPHERS
 413             },
 414         /* Cipher 66 */
 415             {
 416             1,
 417             TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
 418             TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
 419             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
 420             0,
 421             SSL_ALL_CIPHERS
 422             },
 423 #endif
 424
 425 /* end of list */
 426         };
 427
 428 static SSL3_ENC_METHOD SSLv3_enc_data={
 429         ssl3_enc,
 430         ssl3_mac,
 431         ssl3_setup_key_block,
 432         ssl3_generate_master_secret,
 433         ssl3_change_cipher_state,
 434         ssl3_final_finish_mac,
 435         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
 436         ssl3_cert_verify_mac,
 437         SSL3_MD_CLIENT_FINISHED_CONST,4,
 438         SSL3_MD_SERVER_FINISHED_CONST,4,
 439         ssl3_alert_code,
 440         };
 441
 442 static SSL_METHOD SSLv3_data= {
 443         SSL3_VERSION,
 444         ssl3_new,
 445         ssl3_clear,
 446         ssl3_free,
 447         ssl_undefined_function,
 448         ssl_undefined_function,
 449         ssl3_read,
 450         ssl3_peek,
 451         ssl3_write,
 452         ssl3_shutdown,
 453         ssl3_renegotiate,
 454         ssl3_renegotiate_check,
 455         ssl3_ctrl,
 456         ssl3_ctx_ctrl,
 457         ssl3_get_cipher_by_char,
 458         ssl3_put_cipher_by_char,
 459         ssl3_pending,
 460         ssl3_num_ciphers,
 461         ssl3_get_cipher,
 462         ssl_bad_method,
 463         ssl3_default_timeout,
 464         &SSLv3_enc_data,
 465         };
 466
 467 static long ssl3_default_timeout()
 468         {
 469         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
 470          * is way too long for http, the cache would over fill */
 471         return(60*60*2);
 472         }
 473
 474 SSL_METHOD *sslv3_base_method()
 475         {
 476         return(&SSLv3_data);
 477         }
 478
 479 int ssl3_num_ciphers()
 480         {
 481         return(SSL3_NUM_CIPHERS);
 482         }
 483
 484 SSL_CIPHER *ssl3_get_cipher(u)
 485 unsigned int u;
 486         {
 487         if (u < SSL3_NUM_CIPHERS)
 488                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
 489         else
 490                 return(NULL);
 491         }
 492
 493 /* The problem is that it may not be the correct record type */
 494 int ssl3_pending(s)
 495 SSL *s;
 496         {
 497         return(s->s3->rrec.length);
 498         }
 499
 500 int ssl3_new(s)
 501 SSL *s;
 502         {
 503         SSL3_CTX *s3;
 504
 505         if ((s3=(SSL3_CTX *)Malloc(sizeof(SSL3_CTX))) == NULL) goto err;
 506         memset(s3,0,sizeof(SSL3_CTX));
 507
 508         s->s3=s3;
 509         /*
 510         s->s3->tmp.ca_names=NULL;
 511         s->s3->tmp.key_block=NULL;
 512         s->s3->tmp.key_block_length=0;
 513         s->s3->rbuf.buf=NULL;
 514         s->s3->wbuf.buf=NULL;
 515         */
 516
 517         s->method->ssl_clear(s);
 518         return(1);
 519 err:
 520         return(0);
 521         }
 522
 523 void ssl3_free(s)
 524 SSL *s;
 525         {
 526         if(s == NULL)
 527             return;
 528
 529         ssl3_cleanup_key_block(s);
 530         if (s->s3->rbuf.buf != NULL)
 531                 Free(s->s3->rbuf.buf);
 532         if (s->s3->wbuf.buf != NULL)
 533                 Free(s->s3->wbuf.buf);
 534         if (s->s3->rrec.comp != NULL)
 535                 Free(s->s3->rrec.comp);
 536 #ifndef NO_DH
 537         if (s->s3->tmp.dh != NULL)
 538                 DH_free(s->s3->tmp.dh);
 539 #endif
 540         if (s->s3->tmp.ca_names != NULL)
 541                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
 542         memset(s->s3,0,sizeof(SSL3_CTX));
 543         Free(s->s3);
 544         s->s3=NULL;
 545         }
 546
 547 void ssl3_clear(s)
 548 SSL *s;
 549         {
 550         unsigned char *rp,*wp;
 551
 552         ssl3_cleanup_key_block(s);
 553         if (s->s3->tmp.ca_names != NULL)
 554                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
 555
 556         if (s->s3->rrec.comp != NULL)
 557                 {
 558                 Free(s->s3->rrec.comp);
 559                 s->s3->rrec.comp=NULL;
 560                 }
 561
 562         rp=s->s3->rbuf.buf;
 563         wp=s->s3->wbuf.buf;
 564
 565         memset(s->s3,0,sizeof(SSL3_CTX));
 566         if (rp != NULL) s->s3->rbuf.buf=rp;
 567         if (wp != NULL) s->s3->wbuf.buf=wp;
 568
 569         ssl_free_wbio_buffer(s);
 570
 571         s->packet_length=0;
 572         s->s3->renegotiate=0;
 573         s->s3->total_renegotiations=0;
 574         s->s3->num_renegotiations=0;
 575         s->s3->in_read_app_data=0;
 576         s->version=SSL3_VERSION;
 577         }
 578
 579 long ssl3_ctrl(s,cmd,larg,parg)
 580 SSL *s;
 581 int cmd;
 582 long larg;
 583 char *parg;
 584         {
 585         int ret=0;
 586
 587 #if !defined(NO_DSA) || !defined(NO_RSA)
 588         if (
 589 #ifndef NO_RSA
 590             cmd == SSL_CTRL_SET_TMP_RSA ||
 591             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
 592 #endif
 593 #ifndef NO_DSA
 594             cmd == SSL_CTRL_SET_TMP_DH ||
 595             cmd == SSL_CTRL_SET_TMP_DH_CB ||
 596 #endif
 597                 0)
 598                 {
 599                 if (!ssl_cert_instantiate(&s->cert, s->ctx->default_cert))
 600                         {
 601                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
 602                         return(0);
 603                         }
 604                 }
 605 #endif
 606
 607         switch (cmd)
 608                 {
 609         case SSL_CTRL_GET_SESSION_REUSED:
 610                 ret=s->hit;
 611                 break;
 612         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
 613                 break;
 614         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
 615                 ret=s->s3->num_renegotiations;
 616                 break;
 617         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
 618                 ret=s->s3->num_renegotiations;
 619                 s->s3->num_renegotiations=0;
 620                 break;
 621         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
 622                 ret=s->s3->total_renegotiations;
 623                 break;
 624         case SSL_CTRL_GET_FLAGS:
 625                 ret=(int)(s->s3->flags);
 626                 break;
 627 #ifndef NO_RSA
 628         case SSL_CTRL_NEED_TMP_RSA:
 629                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
 630                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
 631                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
 632                         ret = 1;
 633                 break;
 634         case SSL_CTRL_SET_TMP_RSA:
 635                 {
 636                         RSA *rsa = (RSA *)parg;
 637                         if (rsa == NULL) {
 638                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
 639                                 return(ret);
 640                         }
 641                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
 642                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
 643                                 return(ret);
 644                         }
 645                         if (s->cert->rsa_tmp != NULL)
 646                                 RSA_free(s->cert->rsa_tmp);
 647                         s->cert->rsa_tmp = rsa;
 648                         ret = 1;
 649                 }
 650                 break;
 651         case SSL_CTRL_SET_TMP_RSA_CB:
 652 #ifndef NOPROTO
 653                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))parg;
 654 #else
 655                 s->cert->rsa_tmp_cb = (RSA *(*)())parg;
 656 #endif
 657                 break;
 658 #endif
 659 #ifndef NO_DH
 660         case SSL_CTRL_SET_TMP_DH:
 661                 {
 662                         DH *dh = (DH *)parg;
 663                         if (dh == NULL) {
 664                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
 665                                 return(ret);
 666                         }
 667                         if ((dh = DHparams_dup(dh)) == NULL) {
 668                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
 669                                 return(ret);
 670                         }
 671                         if (!DH_generate_key(dh)) {
 672                                 DH_free(dh);
 673                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
 674                                 return(ret);
 675                         }
 676                         if (s->cert->dh_tmp != NULL)
 677                                 DH_free(s->cert->dh_tmp);
 678                         s->cert->dh_tmp = dh;
 679                         ret = 1;
 680                 }
 681                 break;
 682         case SSL_CTRL_SET_TMP_DH_CB:
 683 #ifndef NOPROTO
 684                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))parg;
 685 #else
 686                 s->cert->dh_tmp_cb = (DH *(*)())parg;
 687 #endif
 688                 break;
 689 #endif
 690         default:
 691                 break;
 692                 }
 693         return(ret);
 694         }
 695
 696 long ssl3_ctx_ctrl(ctx,cmd,larg,parg)
 697 SSL_CTX *ctx;
 698 int cmd;
 699 long larg;
 700 char *parg;
 701         {
 702         CERT *cert;
 703
 704         cert=ctx->default_cert;
 705
 706         switch (cmd)
 707                 {
 708 #ifndef NO_RSA
 709         case SSL_CTRL_NEED_TMP_RSA:
 710                 if (    (cert->rsa_tmp == NULL) &&
 711                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
 712                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
 713                         )
 714                         return(1);
 715                 else
 716                         return(0);
 717                 /* break; */
 718         case SSL_CTRL_SET_TMP_RSA:
 719                 {
 720                 RSA *rsa;
 721                 int i;
 722
 723                 rsa=(RSA *)parg;
 724                 i=1;
 725                 if (rsa == NULL)
 726                         i=0;
 727                 else
 728                         {
 729                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
 730                                 i=0;
 731                         }
 732                 if (!i)
 733                         {
 734                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
 735                         return(0);
 736                         }
 737                 else
 738                         {
 739                         if (cert->rsa_tmp != NULL)
 740                                 RSA_free(cert->rsa_tmp);
 741                         cert->rsa_tmp=rsa;
 742                         return(1);
 743                         }
 744                 }
 745                 /* break; */
 746         case SSL_CTRL_SET_TMP_RSA_CB:
 747 #ifndef NOPROTO
 748                 cert->rsa_tmp_cb=(RSA *(*)(SSL *, int, int))parg;
 749 #else
 750                 cert->rsa_tmp_cb=(RSA *(*)())parg;
 751 #endif
 752                 break;
 753 #endif
 754 #ifndef NO_DH
 755         case SSL_CTRL_SET_TMP_DH:
 756                 {
 757                 DH *new=NULL,*dh;
 758                 int rret=0;
 759
 760                 dh=(DH *)parg;
 761                 if (    ((new=DHparams_dup(dh)) == NULL) ||
 762                         (!DH_generate_key(new)))
 763                         {
 764                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
 765                         if (new != NULL) DH_free(new);
 766                         }
 767                 else
 768                         {
 769                         if (cert->dh_tmp != NULL)
 770                                 DH_free(cert->dh_tmp);
 771                         cert->dh_tmp=new;
 772                         rret=1;
 773                         }
 774                 return(rret);
 775                 }
 776                 /*break; */
 777         case SSL_CTRL_SET_TMP_DH_CB:
 778 #ifndef NOPROTO
 779                 cert->dh_tmp_cb=(DH *(*)(SSL *, int, int))parg;
 780 #else
 781                 cert->dh_tmp_cb=(DH *(*)())parg;
 782 #endif
 783                 break;
 784 #endif
 785         /* A Thawte special :-) */
 786         case SSL_CTRL_EXTRA_CHAIN_CERT:
 787                 if (ctx->extra_certs == NULL)
 788                         {
 789                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
 790                                 return(0);
 791                         }
 792                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
 793                 break;
 794
 795         default:
 796                 return(0);
 797                 }
 798         return(1);
 799         }
 800
 801 /* This function needs to check if the ciphers required are actually
 802  * available */
 803 SSL_CIPHER *ssl3_get_cipher_by_char(p)
 804 const unsigned char *p;
 805         {
 806         static int init=1;
 807         static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
 808         SSL_CIPHER c,*cp= &c,**cpp;
 809         unsigned long id;
 810         int i;
 811
 812         if (init)
 813                 {
 814                 init=0;
 815
 816                 for (i=0; i<SSL3_NUM_CIPHERS; i++)
 817                         sorted[i]= &(ssl3_ciphers[i]);
 818
 819                 qsort(  (char *)sorted,
 820                         SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
 821                         FP_ICC ssl_cipher_ptr_id_cmp);
 822                 }
 823
 824         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
 825         c.id=id;
 826         cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
 827                 (char *)sorted,
 828                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
 829                 (int (*)())ssl_cipher_ptr_id_cmp);
 830         if ((cpp == NULL) || !(*cpp)->valid)
 831                 return(NULL);
 832         else
 833                 return(*cpp);
 834         }
 835
 836 int ssl3_put_cipher_by_char(c,p)
 837 const SSL_CIPHER *c;
 838 unsigned char *p;
 839         {
 840         long l;
 841
 842         if (p != NULL)
 843                 {
 844                 l=c->id;
 845                 if ((l & 0xff000000) != 0x03000000) return(0);
 846                 p[0]=((unsigned char)(l>> 8L))&0xFF;
 847                 p[1]=((unsigned char)(l     ))&0xFF;
 848                 }
 849         return(2);
 850         }
 851
 852 int ssl3_part_read(s,i)
 853 SSL *s;
 854 int i;
 855         {
 856         s->rwstate=SSL_READING;
 857
 858         if (i < 0)
 859                 {
 860                 return(i);
 861                 }
 862         else
 863                 {
 864                 s->init_num+=i;
 865                 return(0);
 866                 }
 867         }
 868
 869 SSL_CIPHER *ssl3_choose_cipher(s,have,pref)
 870 SSL *s;
 871 STACK_OF(SSL_CIPHER) *have;
 872 STACK_OF(SSL_CIPHER) *pref;
 873         {
 874         SSL_CIPHER *c,*ret=NULL;
 875         int i,j,ok;
 876         CERT *cert;
 877         unsigned long alg,mask,emask;
 878
 879         /* Lets see which ciphers we can supported */
 880         if (s->cert != NULL)
 881                 cert=s->cert;
 882         else
 883                 cert=s->ctx->default_cert;
 884
 885         sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);
 886
 887 #ifdef CIPHER_DEBUG
 888         printf("Have:\n");
 889         for(i=0 ; i < sk_num(pref) ; ++i)
 890             {
 891             c=(SSL_CIPHER *)sk_value(pref,i);
 892             printf("%p:%s\n",c,c->name);
 893             }
 894 #endif
 895
 896         for (i=0; i<sk_SSL_CIPHER_num(have); i++)
 897                 {
 898                 c=sk_SSL_CIPHER_value(have,i);
 899
 900                 ssl_set_cert_masks(cert,s->ctx->default_cert,c);
 901                 mask=cert->mask;
 902                 emask=cert->export_mask;
 903
 904                 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
 905                 if (SSL_IS_EXPORT(c->algorithms))
 906                         {
 907                         ok=((alg & emask) == alg)?1:0;
 908 #ifdef CIPHER_DEBUG
 909                         printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
 910                                c,c->name);
 911 #endif
 912                         }
 913                 else
 914                         {
 915                         ok=((alg & mask) == alg)?1:0;
 916 #ifdef CIPHER_DEBUG
 917                         printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
 918                                c->name);
 919 #endif
 920                         }
 921
 922                 if (!ok) continue;
 923
 924                 j=sk_SSL_CIPHER_find(pref,c);
 925                 if (j >= 0)
 926                         {
 927                         ret=sk_SSL_CIPHER_value(pref,j);
 928                         break;
 929                         }
 930                 }
 931         return(ret);
 932         }
 933
 934 int ssl3_get_req_cert_type(s,p)
 935 SSL *s;
 936 unsigned char *p;
 937         {
 938         int ret=0;
 939         unsigned long alg;
 940
 941         alg=s->s3->tmp.new_cipher->algorithms;
 942
 943 #ifndef NO_DH
 944         if (alg & (SSL_kDHr|SSL_kEDH))
 945                 {
 946 #  ifndef NO_RSA
 947                 p[ret++]=SSL3_CT_RSA_FIXED_DH;
 948 #  endif
 949 #  ifndef NO_DSA
 950                 p[ret++]=SSL3_CT_DSS_FIXED_DH;
 951 #  endif
 952                 }
 953         if ((s->version == SSL3_VERSION) &&
 954                 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
 955                 {
 956 #  ifndef NO_RSA
 957                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
 958 #  endif
 959 #  ifndef NO_DSA
 960                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
 961 #  endif
 962                 }
 963 #endif /* !NO_DH */
 964 #ifndef NO_RSA
 965         p[ret++]=SSL3_CT_RSA_SIGN;
 966 #endif
 967 #ifndef NO_DSA
 968         p[ret++]=SSL3_CT_DSS_SIGN;
 969 #endif
 970         return(ret);
 971         }
 972
 973 int ssl3_shutdown(s)
 974 SSL *s;
 975         {
 976
 977         /* Don't do anything much if we have not done the handshake or
 978          * we don't want to send messages :-) */
 979         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
 980                 {
 981                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
 982                 return(1);
 983                 }
 984
 985         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
 986                 {
 987                 s->shutdown|=SSL_SENT_SHUTDOWN;
 988 #if 1
 989                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
 990 #endif
 991                 /* our shutdown alert has been sent now, and if it still needs
 992                  * to be written, s->s3->alert_dispatch will be true */
 993                 }
 994         else if (s->s3->alert_dispatch)
 995                 {
 996                 /* resend it if not sent */
 997 #if 1
 998                 ssl3_dispatch_alert(s);
 999 #endif
1000                 }
1001         else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
1002                 {
1003                 /* If we are waiting for a close from our peer, we are closed */
1004                 ssl3_read_bytes(s,0,NULL,0);
1005                 }
1006
1007         if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
1008                 !s->s3->alert_dispatch)
1009                 return(1);
1010         else
1011                 return(0);
1012         }
1013
1014 int ssl3_write(s,buf,len)
1015 SSL *s;
1016 const char *buf;
1017 int len;
1018         {
1019         int ret,n;
1020
1021 #if 0
1022         if (s->shutdown & SSL_SEND_SHUTDOWN)
1023                 {
1024                 s->rwstate=SSL_NOTHING;
1025                 return(0);
1026                 }
1027 #endif
1028         clear_sys_error();
1029         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1030
1031         /* This is an experimental flag that sends the
1032          * last handshake message in the same packet as the first
1033          * use data - used to see if it helps the TCP protocol during
1034          * session-id reuse */
1035         /* The second test is because the buffer may have been removed */
1036         if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
1037                 {
1038                 /* First time through, we write into the buffer */
1039                 if (s->s3->delay_buf_pop_ret == 0)
1040                         {
1041                         ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1042                                 (char *)buf,len);
1043                         if (ret <= 0) return(ret);
1044
1045                         s->s3->delay_buf_pop_ret=ret;
1046                         }
1047
1048                 s->rwstate=SSL_WRITING;
1049                 n=BIO_flush(s->wbio);
1050                 if (n <= 0) return(n);
1051                 s->rwstate=SSL_NOTHING;
1052
1053                 /* We have flushed the buffer, so remove it */
1054                 ssl_free_wbio_buffer(s);
1055                 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
1056
1057                 ret=s->s3->delay_buf_pop_ret;
1058                 s->s3->delay_buf_pop_ret=0;
1059                 }
1060         else
1061                 {
1062                 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1063                         (char *)buf,len);
1064                 if (ret <= 0) return(ret);
1065                 }
1066
1067         return(ret);
1068         }
1069
1070 int ssl3_read(s,buf,len)
1071 SSL *s;
1072 char *buf;
1073 int len;
1074         {
1075         int ret;
1076
1077         clear_sys_error();
1078         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1079         s->s3->in_read_app_data=1;
1080         ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
1081         if ((ret == -1) && (s->s3->in_read_app_data == 0))
1082                 {
1083                 ERR_get_error(); /* clear the error */
1084                 s->s3->in_read_app_data=0;
1085                 s->in_handshake++;
1086                 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
1087                 s->in_handshake--;
1088                 }
1089         else
1090                 s->s3->in_read_app_data=0;
1091
1092         return(ret);
1093         }
1094
1095 int ssl3_peek(s,buf,len)
1096 SSL *s;
1097 char *buf;
1098 int len;
1099         {
1100         SSL3_RECORD *rr;
1101         int n;
1102
1103         rr= &(s->s3->rrec);
1104         if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA))
1105                 {
1106                 n=ssl3_read(s,buf,1);
1107                 if (n <= 0) return(n);
1108                 rr->length++;
1109                 rr->off--;
1110                 }
1111
1112         if ((unsigned int)len > rr->length)
1113                 n=rr->length;
1114         else
1115                 n=len;
1116         memcpy(buf,&(rr->data[rr->off]),(unsigned int)n);
1117         return(n);
1118         }
1119
1120 int ssl3_renegotiate(s)
1121 SSL *s;
1122         {
1123         if (s->handshake_func == NULL)
1124                 return(1);
1125
1126         if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
1127                 return(0);
1128
1129         s->s3->renegotiate=1;
1130         return(1);
1131         }
1132
1133 int ssl3_renegotiate_check(s)
1134 SSL *s;
1135         {
1136         int ret=0;
1137
1138         if (s->s3->renegotiate)
1139                 {
1140                 if (    (s->s3->rbuf.left == 0) &&
1141                         (s->s3->wbuf.left == 0) &&
1142                         !SSL_in_init(s))
1143                         {
1144 /*
1145 if we are the server, and we have sent a 'RENEGOTIATE' message, we
1146 need to go to SSL_ST_ACCEPT.\1e
1147 */
1148                         /* SSL_ST_ACCEPT */
1149                         s->state=SSL_ST_RENEGOTIATE;
1150                         s->s3->renegotiate=0;
1151                         s->s3->num_renegotiations++;
1152                         s->s3->total_renegotiations++;
1153                         ret=1;
1154                         }
1155                 }
1156         return(ret);
1157         }
1158