Fix ssl3_get_message handle message fragmentation correctly.

[openssl.git] / ssl / s2_enc.c

diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
index b915f099e55a73b4e94d106697b5dec03059d126..91e56eba916a1714989ead6a1a324de8f266e532 100644 (file)
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -1,5 +1,5 @@
 /* ssl/s2_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,23 +56,19 @@
  * [including the GNU Public Licence.]
  */
 
-#include <stdio.h>
 #include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+#include <stdio.h>
 
-#define RS     0
-#define WS     1
-
-int ssl2_enc_init(s, client)
-SSL *s;
-int client;
+int ssl2_enc_init(SSL *s, int client)
        {
        /* Max number of bytes needed */
        EVP_CIPHER_CTX *rs,*ws;
-       EVP_CIPHER *c;
-       EVP_MD *md;
+       const EVP_CIPHER *c;
+       const EVP_MD *md;
        int num;
 
-       if (!ssl_cipher_get_evp(s->session->cipher,&c,&md))
+       if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
                {
                ssl2_return_error(s,SSL2_PE_NO_CIPHER);
                SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
@@ -84,16 +80,19 @@ int client;
 
        if ((s->enc_read_ctx == NULL) &&
                ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
-               Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+               OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;
        if ((s->enc_write_ctx == NULL) &&
                ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
-               Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+               OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;
 
        rs= s->enc_read_ctx;
        ws= s->enc_write_ctx;
 
+       EVP_CIPHER_CTX_init(rs);
+       EVP_CIPHER_CTX_init(ws);
+
        num=c->key_len;
        s->s2->key_material_length=num*2;
 
@@ -112,11 +111,9 @@ err:
        }
 
 /* read/writes from s->s2->mac_data using length for encrypt and 
- * decrypt.  It sets the s->s2->padding, s->[rw]length and
- * s->s2->pad_data ptr if we are encrypting */
-void ssl2_enc(s,send)
-SSL *s;
-int send;
+ * decrypt.  It sets s->s2->padding and s->[rw]length
+ * if we are encrypting */
+void ssl2_enc(SSL *s, int send)
        {
        EVP_CIPHER_CTX *ds;
        unsigned long l;
@@ -146,10 +143,7 @@ int send;
        EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l);
        }
 
-void ssl2_mac(s, md,send)
-SSL *s;
-unsigned char *md;
-int send;
+void ssl2_mac(SSL *s, unsigned char *md, int send)
        {
        EVP_MD_CTX c;
        unsigned char sequence[4],*p,*sec,*act;
@@ -175,6 +169,7 @@ int send;
        l2n(seq,p);
 
        /* There has to be a MAC algorithm. */
+       EVP_MD_CTX_init(&c);
        EVP_DigestInit(&c,s->read_hash);
        EVP_DigestUpdate(&c,sec,
                EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
@@ -182,6 +177,12 @@ int send;
        /* the above line also does the pad data */
        EVP_DigestUpdate(&c,sequence,4); 
        EVP_DigestFinal(&c,md,NULL);
-       /* some would say I should zero the md context */
+       EVP_MD_CTX_cleanup(&c);
        }
+#else /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
 
+#endif