projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add new function SSL_CTX_get_ssl_method().
[openssl.git]
/
ssl
/
s3_clnt.c
diff --git
a/ssl/s3_clnt.c
b/ssl/s3_clnt.c
index 24c180c4d7294a961463fe5a49a3fbdf6d9b9b28..5f547bb114ef455d9c203f8c14fd9f66a58b8c1e 100644
(file)
--- a/
ssl/s3_clnt.c
+++ b/
ssl/s3_clnt.c
@@
-688,7
+688,7
@@
int ssl3_client_hello(SSL *s)
unsigned char *buf;
unsigned char *p,*d;
int i;
unsigned char *buf;
unsigned char *p,*d;
int i;
- unsigned long
Time,
l;
+ unsigned long l;
#ifndef OPENSSL_NO_COMP
int j;
SSL_COMP *comp;
#ifndef OPENSSL_NO_COMP
int j;
SSL_COMP *comp;
@@
-768,12
+768,8
@@
int ssl3_client_hello(SSL *s)
i = 1;
if (i)
i = 1;
if (i)
- {
- Time=(unsigned long)time(NULL); /* Time */
- l2n(Time,p);
- RAND_pseudo_bytes(p,sizeof(s->s3->client_random)-4);
-
- }
+ ssl_fill_hello_random(s, 0, p,
+ sizeof(s->s3->client_random));
/* Do the message type and length last */
d=p= ssl_handshake_start(s);
/* Do the message type and length last */
d=p= ssl_handshake_start(s);
@@
-928,7
+924,7
@@
int ssl3_get_server_hello(SSL *s)
/* Hello verify request and/or server hello version may not
* match so set first packet if we're negotiating version.
*/
/* Hello verify request and/or server hello version may not
* match so set first packet if we're negotiating version.
*/
- if (
s->method->version == DTLS_ANY_VERSION
)
+ if (
SSL_IS_DTLS(s)
)
s->first_packet = 1;
n=s->method->ssl_get_message(s,
s->first_packet = 1;
n=s->method->ssl_get_message(s,
@@
-1660,7
+1656,7
@@
int ssl3_get_key_exchange(SSL *s)
;
#endif
#ifndef OPENSSL_NO_DH
;
#endif
#ifndef OPENSSL_NO_DH
- else if (alg_k & SSL_k
EDH
)
+ else if (alg_k & SSL_k
DHE
)
{
if ((dh=DH_new()) == NULL)
{
{
if ((dh=DH_new()) == NULL)
{
@@
-1738,7
+1734,7
@@
int ssl3_get_key_exchange(SSL *s)
#endif /* !OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
#endif /* !OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
- else if (alg_k & SSL_kE
ECDH
)
+ else if (alg_k & SSL_kE
CDHE
)
{
EC_GROUP *ngroup;
const EC_GROUP *group;
{
EC_GROUP *ngroup;
const EC_GROUP *group;
@@
-2585,7
+2581,7
@@
int ssl3_send_client_key_exchange(SSL *s)
}
#endif
#ifndef OPENSSL_NO_DH
}
#endif
#ifndef OPENSSL_NO_DH
- else if (alg_k & (SSL_k
EDH
|SSL_kDHr|SSL_kDHd))
+ else if (alg_k & (SSL_k
DHE
|SSL_kDHr|SSL_kDHd))
{
DH *dh_srvr,*dh_clnt;
SESS_CERT *scert = s->session->sess_cert;
{
DH *dh_srvr,*dh_clnt;
SESS_CERT *scert = s->session->sess_cert;
@@
-2689,7
+2685,7
@@
int ssl3_send_client_key_exchange(SSL *s)
#endif
#ifndef OPENSSL_NO_ECDH
#endif
#ifndef OPENSSL_NO_ECDH
- else if (alg_k & (SSL_kE
ECDH
|SSL_kECDHr|SSL_kECDHe))
+ else if (alg_k & (SSL_kE
CDHE
|SSL_kECDHr|SSL_kECDHe))
{
const EC_GROUP *srvr_group = NULL;
EC_KEY *tkey;
{
const EC_GROUP *srvr_group = NULL;
EC_KEY *tkey;
@@
-3473,7
+3469,7
@@
int ssl3_check_cert_and_algorithm(SSL *s)
}
#endif
#ifndef OPENSSL_NO_DH
}
#endif
#ifndef OPENSSL_NO_DH
- if ((alg_k & SSL_k
EDH
) &&
+ if ((alg_k & SSL_k
DHE
) &&
!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
@@
-3510,7
+3506,7
@@
int ssl3_check_cert_and_algorithm(SSL *s)
else
#endif
#ifndef OPENSSL_NO_DH
else
#endif
#ifndef OPENSSL_NO_DH
- if (alg_k & (SSL_k
EDH
|SSL_kDHr|SSL_kDHd))
+ if (alg_k & (SSL_k
DHE
|SSL_kDHr|SSL_kDHd))
{
if (dh == NULL
|| DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
{
if (dh == NULL
|| DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))