if (init)
{
- memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
- sizeof(SSL_METHOD));
- SSLv2_client_data.ssl_connect=ssl2_connect;
- SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
- init=0;
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+
+ if (init)
+ {
+ memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv2_client_data.ssl_connect=ssl2_connect;
+ SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
+ init=0;
+ }
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
}
return(&SSLv2_client_data);
}
if (!BUF_MEM_grow(buf,
SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
{
+ if (buf == s->init_buf)
+ buf=NULL;
ret= -1;
goto end;
}
s->init_buf=buf;
+ buf=NULL;
s->init_num=0;
s->state=SSL2_ST_SEND_CLIENT_HELLO_A;
s->ctx->stats.sess_connect++;
}
end:
s->in_handshake--;
+ if (buf != NULL)
+ BUF_MEM_free(buf);
if (cb != NULL)
cb(s,SSL_CB_CONNECT_EXIT,ret);
return(ret);
}
s->s2->conn_id_length=s->s2->tmp.conn_id_length;
+ if (s->s2->conn_id_length > sizeof s->s2->conn_id)
+ {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
+ return -1;
+ }
memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
return(1);
}
/* make key_arg data */
i=EVP_CIPHER_iv_length(c);
sess->key_arg_length=i;
+ if (i > SSL_MAX_KEY_ARG_LENGTH)
+ {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
if (i > 0) RAND_pseudo_bytes(sess->key_arg,i);
/* make a master key */
sess->master_key_length=i;
if (i > 0)
{
+ if (i > (int)sizeof(sess->master_key))
+ {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
if (RAND_bytes(sess->master_key,i) <= 0)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
else
enc=i;
- if (i < enc)
+ if ((int)i < enc)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR);
d+=enc;
karg=sess->key_arg_length;
s2n(karg,p); /* key arg size */
+ if (karg > (int)sizeof(sess->key_arg))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
memcpy(d,sess->key_arg,(unsigned int)karg);
d+=karg;
{
p=(unsigned char *)s->init_buf->data;
*(p++)=SSL2_MT_CLIENT_FINISHED;
+ if (s->s2->conn_id_length > sizeof s->s2->conn_id)
+ {
+ SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A)
{
i=ssl2_read(s,(char *)&(buf[s->init_num]),
- SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num);
- if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+1-s->init_num))
+ SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num);
+ if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num))
return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
s->init_num += i;
if (s->msg_callback)
EVP_MD_CTX_init(&ctx);
EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL);
EVP_SignUpdate(&ctx,s->s2->key_material,
- (unsigned int)s->s2->key_material_length);
+ s->s2->key_material_length);
EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
n=i2d_X509(s->session->sess_cert->peer_key->x509,&p);
EVP_SignUpdate(&ctx,buf,(unsigned int)n);
s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
p += 1;
- if (memcmp(p,s->s2->challenge,(unsigned int)s->s2->challenge_length) != 0)
+ if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
* or bad things can happen */
/* ZZZZZZZZZZZZZ */
s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
- memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH);
+ memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH);
}
else
{
if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
{
- if (memcmp(buf,s->session->session_id,
- (unsigned int)s->session->session_id_length) != 0)
+ if ((s->session->session_id_length > sizeof s->session->session_id)
+ || (0 != memcmp(buf + 1, s->session->session_id,
+ (unsigned int)s->session->session_id_length)))
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
}
/* loads in the certificate from the server */
-int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data)
+int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
{
STACK_OF(X509) *sk=NULL;
EVP_PKEY *pkey=NULL;
projects / openssl.git / blobdiff