* [including the GNU Public Licence.]
*/
-#ifndef NO_RSA
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
#include <openssl/bio.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
-#include "ssl_locl.h"
#include <openssl/evp.h>
static SSL_METHOD *ssl2_get_server_method(int ver);
void (*cb)()=NULL;
int new_state,state;
- RAND_seed(&l,sizeof(l));
+ RAND_add(&l,sizeof(l),0);
ERR_clear_error();
clear_sys_error();
/* bad decrypt */
#if 1
/* If a bad decrypt, continue with protocol but with a
- * dud master secret */
+ * random master secret (Bleichenbacher attack) */
if ((i < 0) ||
((!is_export && (i != EVP_CIPHER_key_length(c)))
|| (is_export && ((i != ek) || (s->s2->tmp.clear+i !=
EVP_CIPHER_key_length(c))))))
{
+ ERR_clear_error();
if (is_export)
i=ek;
else
i=EVP_CIPHER_key_length(c);
- RAND_bytes(p,i);
+ RAND_pseudo_bytes(p,i);
}
#else
if (i < 0)
unsigned char *p;
STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */
+ STACK_OF(SSL_CIPHER) *prio, *allow;
int z;
/* This is a bit of a hack to check for the correct packet
&s->session->ciphers);
if (cs == NULL) goto mem_err;
- cl=ssl_get_ciphers_by_id(s);
+ cl=SSL_get_ciphers(s);
- for (z=0; z<sk_SSL_CIPHER_num(cs); z++)
+ if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
+ {
+ prio=sk_SSL_CIPHER_dup(cl);
+ if (prio == NULL) goto mem_err;
+ allow = cs;
+ }
+ else
+ {
+ prio = cs;
+ allow = cl;
+ }
+ for (z=0; z<sk_SSL_CIPHER_num(prio); z++)
{
- if (sk_SSL_CIPHER_find(cl,sk_SSL_CIPHER_value(cs,z)) < 0)
+ if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0)
{
- sk_SSL_CIPHER_delete(cs,z);
+ sk_SSL_CIPHER_delete(prio,z);
z--;
}
}
-
+ if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
+ {
+ sk_SSL_CIPHER_free(s->session->ciphers);
+ s->session->ciphers = prio;
+ }
/* s->session->ciphers should now have a list of
* ciphers that are on both the client and server.
* This list is ordered by the order the client sent
- * the ciphers.
+ * the ciphers or in the order of the server's preference
+ * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
*/
}
p+=s->s2->tmp.cipher_spec_length;
/* make and send conn_id */
s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */
s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH;
- RAND_bytes(s->s2->conn_id,(int)s->s2->conn_id_length);
+ RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length);
memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH);
d+=SSL2_CONNECTION_ID_LENGTH;
s->init_off=0;
}
/* SSL2_ST_SEND_SERVER_HELLO_B */
- /* If we are using TCP/IP, the performace is bad if we do 2
+ /* If we are using TCP/IP, the performance is bad if we do 2
* writes without a read between them. This occurs when
* Session-id reuse is used, so I will put in a buffering module
*/
p=(unsigned char *)s->init_buf->data;
*(p++)=SSL2_MT_REQUEST_CERTIFICATE;
*(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
- RAND_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+ RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
EVP_MD_CTX ctx;
EVP_PKEY *pkey=NULL;
+ EVP_MD_CTX_init(&ctx);
EVP_VerifyInit(&ctx,s->ctx->rsa_md5);
EVP_VerifyUpdate(&ctx,s->s2->key_material,
(unsigned int)s->s2->key_material_length);
EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
- buf2=(unsigned char *)Malloc((unsigned int)i);
+ buf2=OPENSSL_malloc((unsigned int)i);
if (buf2 == NULL)
{
SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
p2=buf2;
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
- Free(buf2);
+ OPENSSL_free(buf2);
pkey=X509_get_pubkey(x509);
if (pkey == NULL) goto end;
i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey);
EVP_PKEY_free(pkey);
- memset(&ctx,0,sizeof(ctx));
+ EVP_MD_CTX_cleanup(&ctx);
if (i)
{
SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB);
return(i);
}
-#else /* !NO_RSA */
+#else /* !OPENSSL_NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;
projects / openssl.git / blobdiff