int ske_expected;
switch (st->hand_state) {
+ default:
+ break;
+
case TLS_ST_CW_CLNT_HELLO:
if (mt == SSL3_MT_SERVER_HELLO) {
st->hand_state = TLS_ST_CR_SRVR_HELLO;
return 1;
}
break;
-
- default:
- break;
}
err:
OSSL_STATEM *st = &s->statem;
switch (st->hand_state) {
+ default:
+ /* Shouldn't happen */
+ return WRITE_TRAN_ERROR;
+
case TLS_ST_OK:
/* Renegotiation - fall through */
case TLS_ST_BEFORE:
ossl_statem_set_in_init(s, 0);
return WRITE_TRAN_CONTINUE;
}
-
- default:
- /* Shouldn't happen */
- return WRITE_TRAN_ERROR;
}
}
OSSL_STATEM *st = &s->statem;
switch (st->hand_state) {
+ default:
+ /* No pre work to be done */
+ break;
+
case TLS_ST_CW_CLNT_HELLO:
s->shutdown = 0;
if (SSL_IS_DTLS(s)) {
return dtls_wait_for_dry(s);
#endif
}
- return WORK_FINISHED_CONTINUE;
+ break;
case TLS_ST_OK:
return tls_finish_handshake(s, wst);
-
- default:
- /* No pre work to be done */
- break;
}
return WORK_FINISHED_CONTINUE;
s->init_num = 0;
switch (st->hand_state) {
+ default:
+ /* No post work to be done */
+ break;
+
case TLS_ST_CW_CLNT_HELLO:
if (wst == WORK_MORE_A && statem_flush(s) != 1)
return WORK_MORE_A;
if (statem_flush(s) != 1)
return WORK_MORE_B;
break;
-
- default:
- /* No post work to be done */
- break;
}
return WORK_FINISHED_CONTINUE;
}
/*
- * Construct a message to be sent from the client to the server.
+ * Get the message construction function and message type for sending from the
+ * client
*
* Valid return values are:
* 1: Success
* 0: Error
*/
-int ossl_statem_client_construct_message(SSL *s)
+int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt,
+ confunc_f *confunc, int *mt)
{
OSSL_STATEM *st = &s->statem;
switch (st->hand_state) {
+ default:
+ /* Shouldn't happen */
+ return 0;
+
+ case TLS_ST_CW_CHANGE:
+ if (SSL_IS_DTLS(s))
+ *confunc = dtls_construct_change_cipher_spec;
+ else
+ *confunc = tls_construct_change_cipher_spec;
+ *mt = SSL3_MT_CHANGE_CIPHER_SPEC;
+ break;
+
case TLS_ST_CW_CLNT_HELLO:
- return tls_construct_client_hello(s);
+ *confunc = tls_construct_client_hello;
+ *mt = SSL3_MT_CLIENT_HELLO;
+ break;
case TLS_ST_CW_CERT:
- return tls_construct_client_certificate(s);
+ *confunc = tls_construct_client_certificate;
+ *mt = SSL3_MT_CERTIFICATE;
+ break;
case TLS_ST_CW_KEY_EXCH:
- return tls_construct_client_key_exchange(s);
+ *confunc = tls_construct_client_key_exchange;
+ *mt = SSL3_MT_CLIENT_KEY_EXCHANGE;
+ break;
case TLS_ST_CW_CERT_VRFY:
- return tls_construct_client_verify(s);
-
- case TLS_ST_CW_CHANGE:
- if (SSL_IS_DTLS(s))
- return dtls_construct_change_cipher_spec(s);
- else
- return tls_construct_change_cipher_spec(s);
+ *confunc = tls_construct_client_verify;
+ *mt = SSL3_MT_CERTIFICATE_VERIFY;
+ break;
#if !defined(OPENSSL_NO_NEXTPROTONEG)
case TLS_ST_CW_NEXT_PROTO:
- return tls_construct_next_proto(s);
+ *confunc = tls_construct_next_proto;
+ *mt = SSL3_MT_NEXT_PROTO;
+ break;
#endif
case TLS_ST_CW_FINISHED:
- return tls_construct_finished(s,
- s->method->
- ssl3_enc->client_finished_label,
- s->method->
- ssl3_enc->client_finished_label_len);
-
- default:
- /* Shouldn't happen */
+ *confunc = tls_construct_finished;
+ *mt = SSL3_MT_FINISHED;
break;
}
- return 0;
+ return 1;
}
/*
* Returns the maximum allowed length for the current message that we are
* reading. Excludes the message header.
*/
-unsigned long ossl_statem_client_max_message_size(SSL *s)
+size_t ossl_statem_client_max_message_size(SSL *s)
{
OSSL_STATEM *st = &s->statem;
switch (st->hand_state) {
+ default:
+ /* Shouldn't happen */
+ return 0;
+
case TLS_ST_CR_SRVR_HELLO:
return SERVER_HELLO_MAX_LENGTH;
case TLS_ST_CR_FINISHED:
return FINISHED_MAX_LENGTH;
-
- default:
- /* Shouldn't happen */
- break;
}
-
- return 0;
}
/*
OSSL_STATEM *st = &s->statem;
switch (st->hand_state) {
+ default:
+ /* Shouldn't happen */
+ return MSG_PROCESS_ERROR;
+
case TLS_ST_CR_SRVR_HELLO:
return tls_process_server_hello(s, pkt);
case TLS_ST_CR_FINISHED:
return tls_process_finished(s, pkt);
-
- default:
- /* Shouldn't happen */
- break;
}
-
- return MSG_PROCESS_ERROR;
}
/*
OSSL_STATEM *st = &s->statem;
switch (st->hand_state) {
+ default:
+ /* Shouldn't happen */
+ return WORK_ERROR;
+
case TLS_ST_CR_CERT_REQ:
return tls_prepare_client_certificate(s, wst);
ossl_statem_set_sctp_read_sock(s, 0);
return WORK_FINISHED_STOP;
#endif
-
- default:
- break;
}
-
- /* Shouldn't happen */
- return WORK_ERROR;
}
-int tls_construct_client_hello(SSL *s)
+int tls_construct_client_hello(SSL *s, WPACKET *pkt)
{
unsigned char *p;
int i;
SSL_COMP *comp;
#endif
SSL_SESSION *sess = s->session;
- WPACKET pkt;
- if (!WPACKET_init(&pkt, s->init_buf)
- || !WPACKET_set_max_size(&pkt, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ if (!WPACKET_set_max_size(pkt, SSL3_RT_MAX_PLAIN_LENGTH)) {
/* Should not happen */
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
/* Work out what SSL/TLS/DTLS version to use */
protverr = ssl_set_client_hello_version(s);
if (protverr != 0) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, protverr);
- goto err;
+ return 0;
}
if ((sess == NULL) || !ssl_version_supported(s, sess->ssl_version) ||
(!sess->session_id_length && !sess->tlsext_tick) ||
(sess->not_resumable)) {
if (!ssl_get_new_session(s, 0))
- goto err;
+ return 0;
}
/* else use the pre-loaded session */
i = 1;
if (i && ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random)) <= 0)
- goto err;
-
- if (!ssl_set_handshake_header2(s, &pkt, SSL3_MT_CLIENT_HELLO)) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
- }
+ return 0;
/*-
* version indicates the negotiated version: for example from
* client_version in client hello and not resetting it to
* the negotiated version.
*/
- if (!WPACKET_put_bytes(&pkt, s->client_version, 2)
- || !WPACKET_memcpy(&pkt, s->s3->client_random, SSL3_RANDOM_SIZE)) {
+ if (!WPACKET_put_bytes_u16(pkt, s->client_version)
+ || !WPACKET_memcpy(pkt, s->s3->client_random, SSL3_RANDOM_SIZE)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
/* Session ID */
else
i = s->session->session_id_length;
if (i > (int)sizeof(s->session->session_id)
- || !WPACKET_start_sub_packet_u8(&pkt)
- || (i != 0 && !WPACKET_memcpy(&pkt, s->session->session_id, i))
- || !WPACKET_close(&pkt)) {
+ || !WPACKET_start_sub_packet_u8(pkt)
+ || (i != 0 && !WPACKET_memcpy(pkt, s->session->session_id, i))
+ || !WPACKET_close(pkt)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
/* cookie stuff for DTLS */
if (SSL_IS_DTLS(s)) {
if (s->d1->cookie_len > sizeof(s->d1->cookie)
- || !WPACKET_sub_memcpy_u8(&pkt, s->d1->cookie,
+ || !WPACKET_sub_memcpy_u8(pkt, s->d1->cookie,
s->d1->cookie_len)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
}
/* Ciphers supported */
- if (!WPACKET_start_sub_packet_u16(&pkt)) {
+ if (!WPACKET_start_sub_packet_u16(pkt)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
/* ssl_cipher_list_to_bytes() raises SSLerr if appropriate */
- if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &pkt))
- goto err;
- if (!WPACKET_close(&pkt)) {
+ if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), pkt))
+ return 0;
+ if (!WPACKET_close(pkt)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
/* COMPRESSION */
- if (!WPACKET_start_sub_packet_u8(&pkt)) {
+ if (!WPACKET_start_sub_packet_u8(pkt)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
#ifndef OPENSSL_NO_COMP
if (ssl_allow_compression(s) && s->ctx->comp_methods) {
int compnum = sk_SSL_COMP_num(s->ctx->comp_methods);
for (i = 0; i < compnum; i++) {
comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
- if (!WPACKET_put_bytes(&pkt, comp->id, 1)) {
+ if (!WPACKET_put_bytes_u8(pkt, comp->id)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
}
}
#endif
/* Add the NULL method */
- if (!WPACKET_put_bytes(&pkt, 0, 1) || !WPACKET_close(&pkt)) {
+ if (!WPACKET_put_bytes_u8(pkt, 0) || !WPACKET_close(pkt)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
/* TLS extensions */
if (ssl_prepare_clienthello_tlsext(s) <= 0) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
- goto err;
+ return 0;
}
- if (!WPACKET_start_sub_packet_u16(&pkt)
+ if (!WPACKET_start_sub_packet_u16(pkt)
/*
* If extensions are of zero length then we don't even add the
* extensions length bytes
*/
- || !WPACKET_set_flags(&pkt, WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH)
- || !ssl_add_clienthello_tlsext(s, &pkt, &al)
- || !WPACKET_close(&pkt)) {
+ || !WPACKET_set_flags(pkt, WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH)
+ || !ssl_add_clienthello_tlsext(s, pkt, &al)
+ || !WPACKET_close(pkt)) {
ssl3_send_alert(s, SSL3_AL_FATAL, al);
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (!ssl_close_construct_packet(s, &pkt)) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
return 1;
- err:
- ossl_statem_set_error(s);
- WPACKET_cleanup(&pkt);
- return 0;
}
MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt)
SSLerr(SSL_F_TLS_CONSTRUCT_CKE_GOST, ERR_R_INTERNAL_ERROR);
goto err;
};
- /*
- * If we have client certificate, use its secret as peer key
- */
- if (s->s3->tmp.cert_req && s->cert->key->privatekey) {
- if (EVP_PKEY_derive_set_peer(pkey_ctx, s->cert->key->privatekey) <= 0) {
- /*
- * If there was an error - just ignore it. Ephemeral key
- * * would be used
- */
- ERR_clear_error();
- }
- }
/*
* Compute shared IV and store it in algorithm-specific context
* data
goto err;
}
- if (!WPACKET_put_bytes(pkt, V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED, 1)
- || (msglen >= 0x80 && !WPACKET_put_bytes(pkt, 0x81, 1))
+ if (!WPACKET_put_bytes_u8(pkt, V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)
+ || (msglen >= 0x80 && !WPACKET_put_bytes_u8(pkt, 0x81))
|| !WPACKET_sub_memcpy_u8(pkt, tmp, msglen)) {
*al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_CONSTRUCT_CKE_GOST, ERR_R_INTERNAL_ERROR);
goto err;
}
- /* Check if pubkey from client certificate was used */
- if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2,
- NULL) > 0) {
- /* Set flag "skip certificate verify" */
- s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
- }
EVP_PKEY_CTX_free(pkey_ctx);
s->s3->tmp.pms = pms;
s->s3->tmp.pmslen = pmslen;
#endif
}
-int tls_construct_client_key_exchange(SSL *s)
+int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt)
{
unsigned long alg_k;
int al = -1;
- WPACKET pkt;
-
- if (!WPACKET_init(&pkt, s->init_buf)) {
- /* Should not happen */
- SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (!ssl_set_handshake_header2(s, &pkt, SSL3_MT_CLIENT_KEY_EXCHANGE)) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
- }
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
if ((alg_k & SSL_PSK)
- && !tls_construct_cke_psk_preamble(s, &pkt, &al))
+ && !tls_construct_cke_psk_preamble(s, pkt, &al))
goto err;
if (alg_k & (SSL_kRSA | SSL_kRSAPSK)) {
- if (!tls_construct_cke_rsa(s, &pkt, &al))
+ if (!tls_construct_cke_rsa(s, pkt, &al))
goto err;
} else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {
- if (!tls_construct_cke_dhe(s, &pkt, &al))
+ if (!tls_construct_cke_dhe(s, pkt, &al))
goto err;
} else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) {
- if (!tls_construct_cke_ecdhe(s, &pkt, &al))
+ if (!tls_construct_cke_ecdhe(s, pkt, &al))
goto err;
} else if (alg_k & SSL_kGOST) {
- if (!tls_construct_cke_gost(s, &pkt, &al))
+ if (!tls_construct_cke_gost(s, pkt, &al))
goto err;
} else if (alg_k & SSL_kSRP) {
- if (!tls_construct_cke_srp(s, &pkt, &al))
+ if (!tls_construct_cke_srp(s, pkt, &al))
goto err;
- } else {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (!ssl_close_construct_packet(s, &pkt)) {
+ } else if (!(alg_k & SSL_kPSK)) {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
goto err;
OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen);
s->s3->tmp.psk = NULL;
#endif
- WPACKET_cleanup(&pkt);
- ossl_statem_set_error(s);
return 0;
}
return 0;
}
-int tls_construct_client_verify(SSL *s)
+int tls_construct_client_verify(SSL *s, WPACKET *pkt)
{
- unsigned char *p;
EVP_PKEY *pkey;
const EVP_MD *md = s->s3->tmp.md[s->cert->key - s->cert->pkeys];
- EVP_MD_CTX *mctx;
+ EVP_MD_CTX *mctx = NULL;
unsigned u = 0;
- unsigned long n = 0;
long hdatalen = 0;
void *hdata;
+ unsigned char *sig = NULL;
mctx = EVP_MD_CTX_new();
if (mctx == NULL) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
-
- p = ssl_handshake_start(s);
pkey = s->cert->key->privatekey;
hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
goto err;
}
- if (SSL_USE_SIGALGS(s)) {
- if (!tls12_get_sigandhash(p, pkey, md)) {
- SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- p += 2;
- n = 2;
+ if (SSL_USE_SIGALGS(s)&& !tls12_get_sigandhash(pkt, pkey, md)) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
}
#ifdef SSL_DEBUG
fprintf(stderr, "Using client alg %s\n", EVP_MD_name(md));
#endif
+ sig = OPENSSL_malloc(EVP_PKEY_size(pkey));
+ if (sig == NULL) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
if (!EVP_SignInit_ex(mctx, md, NULL)
|| !EVP_SignUpdate(mctx, hdata, hdatalen)
|| (s->version == SSL3_VERSION
&& !EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
s->session->master_key_length,
s->session->master_key))
- || !EVP_SignFinal(mctx, p + 2, &u, pkey)) {
+ || !EVP_SignFinal(mctx, sig, &u, pkey)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_EVP_LIB);
goto err;
}
if (pktype == NID_id_GostR3410_2001
|| pktype == NID_id_GostR3410_2012_256
|| pktype == NID_id_GostR3410_2012_512)
- BUF_reverse(p + 2, NULL, u);
+ BUF_reverse(sig, NULL, u);
}
#endif
- s2n(u, p);
- n += u + 2;
- /* Digest cached records and discard handshake buffer */
- if (!ssl3_digest_cached_records(s, 0))
- goto err;
- if (!ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_VERIFY, n)) {
+ if (!WPACKET_sub_memcpy_u16(pkt, sig, u)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
goto err;
}
+ /* Digest cached records and discard handshake buffer */
+ if (!ssl3_digest_cached_records(s, 0))
+ goto err;
+
+ OPENSSL_free(sig);
EVP_MD_CTX_free(mctx);
return 1;
err:
+ OPENSSL_free(sig);
EVP_MD_CTX_free(mctx);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return 0;
}
return WORK_ERROR;
}
-int tls_construct_client_certificate(SSL *s)
+int tls_construct_client_certificate(SSL *s, WPACKET *pkt)
{
- if (!ssl3_output_cert_chain(s,
- (s->s3->tmp.cert_req ==
- 2) ? NULL : s->cert->key)) {
+ if (!ssl3_output_cert_chain(s, pkt,
+ (s->s3->tmp.cert_req == 2) ? NULL
+ : s->cert->key)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
- ossl_statem_set_error(s);
return 0;
}
}
#ifndef OPENSSL_NO_NEXTPROTONEG
-int tls_construct_next_proto(SSL *s)
+int tls_construct_next_proto(SSL *s, WPACKET *pkt)
{
- unsigned int len, padding_len;
- unsigned char *d;
+ size_t len, padding_len;
+ unsigned char *padding = NULL;
len = s->next_proto_negotiated_len;
padding_len = 32 - ((len + 2) % 32);
- d = (unsigned char *)s->init_buf->data;
- d[4] = len;
- memcpy(d + 5, s->next_proto_negotiated, len);
- d[5 + len] = padding_len;
- memset(d + 6 + len, 0, padding_len);
- *(d++) = SSL3_MT_NEXT_PROTO;
- l2n3(2 + len + padding_len, d);
- s->init_num = 4 + 2 + len + padding_len;
- s->init_off = 0;
+
+ if (!WPACKET_sub_memcpy_u8(pkt, s->next_proto_negotiated, len)
+ || !WPACKET_sub_allocate_bytes_u8(pkt, padding_len, &padding)) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_NEXT_PROTO, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ memset(padding, 0, padding_len);
return 1;
+ err:
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ return 0;
}
#endif
projects / openssl.git / blobdiff