X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs2_srvr.c;h=811daa2e2cb8bc342ffd9bd135d22c655ffc39b1;hp=0112397e536d83390b9649134b1f7ed6ad8b0f6f;hb=aa82db4fb49e8e3da38e39861837117ce12256bf;hpb=b7896b3cb86d80206af14a14d69b0717786f2729 diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 0112397e53..811daa2e2c 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -1,5 +1,5 @@ /* ssl/s2_srvr.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -56,17 +56,15 @@ * [including the GNU Public Licence.] */ -#include -#ifdef NO_MD5 -#include "md5.h" -#endif -#include "bio.h" -#include "rand.h" -#include "objects.h" #include "ssl_locl.h" -#include "evp.h" +#ifndef NO_SSL2 +#include +#include +#include +#include +#include -#ifndef NOPROTO +static SSL_METHOD *ssl2_get_server_method(int ver); static int get_client_master_key(SSL *s); static int get_client_hello(SSL *s); static int server_hello(SSL *s); @@ -76,46 +74,33 @@ static int server_finish(SSL *s); static int request_certificate(SSL *s); static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, unsigned char *to,int padding); -#else -static int get_client_master_key(); -static int get_client_hello(); -static int server_hello(); -static int get_client_finished(); -static int server_verify(); -static int server_finish(); -static int request_certificate(); -static int ssl_rsa_private_decrypt(); -#endif - #define BREAK break -static SSL_METHOD *ssl2_get_server_method(ver) -int ver; +static SSL_METHOD *ssl2_get_server_method(int ver) { - if (ver == 2) + if (ver == SSL2_VERSION) return(SSLv2_server_method()); else return(NULL); } -SSL_METHOD *SSLv2_server_method() +SSL_METHOD *SSLv2_server_method(void) { static int init=1; static SSL_METHOD SSLv2_server_data; if (init) { - init=0; memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(), sizeof(SSL_METHOD)); SSLv2_server_data.ssl_accept=ssl2_accept; SSLv2_server_data.get_ssl_method=ssl2_get_server_method; + init=0; } return(&SSLv2_server_data); } -int ssl2_accept(s) -SSL *s; +int ssl2_accept(SSL *s) { unsigned long l=time(NULL); BUF_MEM *buf=NULL; @@ -124,9 +109,9 @@ SSL *s; void (*cb)()=NULL; int new_state,state; - RAND_seed((unsigned char *)&l,sizeof(l)); + RAND_add(&l,sizeof(l),0); ERR_clear_error(); - errno=0; + clear_sys_error(); if (s->info_callback != NULL) cb=s->info_callback; @@ -137,14 +122,13 @@ SSL *s; if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); s->in_handshake++; - if (((s->session == NULL) || (s->session->cert == NULL)) && - (s->cert == NULL)) + if (s->cert == NULL) { SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET); return(-1); } - errno=0; + clear_sys_error(); for (;;) { state=s->state; @@ -156,9 +140,10 @@ SSL *s; case SSL_ST_BEFORE|SSL_ST_ACCEPT: case SSL_ST_OK|SSL_ST_ACCEPT: + s->server=1; if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); - s->version=2; + s->version=SSL2_VERSION; s->type=SSL_ST_ACCEPT; buf=s->init_buf; @@ -169,7 +154,7 @@ SSL *s; { ret= -1; goto end; } s->init_buf=buf; s->init_num=0; - s->ctx->sess_accept++; + s->ctx->stats.sess_accept++; s->handshake_func=ssl2_accept; s->state=SSL2_ST_GET_CLIENT_HELLO_A; BREAK; @@ -296,26 +281,27 @@ SSL *s; case SSL_ST_OK: BUF_MEM_free(s->init_buf); + ssl_free_wbio_buffer(s); s->init_buf=NULL; s->init_num=0; /* ERR_clear_error();*/ ssl_update_cache(s,SSL_SESS_CACHE_SERVER); - s->ctx->sess_accept_good++; + s->ctx->stats.sess_accept_good++; /* s->server=1; */ ret=1; if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); goto end; - BREAK; + /* BREAK; */ default: SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE); ret= -1; goto end; - BREAK; + /* BREAK; */ } if ((cb != NULL) && (s->state != state)) @@ -333,14 +319,13 @@ end: return(ret); } -static int get_client_master_key(s) -SSL *s; +static int get_client_master_key(SSL *s) { - int export,i,n,keya,ek; + int is_export,i,n,keya,ek; unsigned char *p; SSL_CIPHER *cp; - EVP_CIPHER *c; - EVP_MD *md; + const EVP_CIPHER *c; + const EVP_MD *md; p=(unsigned char *)s->init_buf->data; if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) @@ -390,7 +375,7 @@ SSL *s; memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]), (unsigned int)keya); - if (s->session->cert->key->privatekey == NULL) + if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); @@ -400,9 +385,9 @@ SSL *s; &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); - export=(s->session->cipher->algorithms & SSL_EXP)?1:0; + is_export=SSL_C_IS_EXPORT(s->session->cipher); - if (!ssl_cipher_get_evp(s->session->cipher,&c,&md)) + if (!ssl_cipher_get_evp(s->session,&c,&md,NULL)) { ssl2_return_error(s,SSL2_PE_NO_CIPHER); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); @@ -411,7 +396,7 @@ SSL *s; if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) { - export=1; + is_export=1; ek=8; } else @@ -422,11 +407,11 @@ SSL *s; /* If a bad decrypt, continue with protocol but with a * dud master secret */ if ((i < 0) || - ((!export && (i != EVP_CIPHER_key_length(c))) - || ( export && ((i != ek) || (s->s2->tmp.clear+i != + ((!is_export && (i != EVP_CIPHER_key_length(c))) + || (is_export && ((i != ek) || (s->s2->tmp.clear+i != EVP_CIPHER_key_length(c)))))) { - if (export) + if (is_export) i=ek; else i=EVP_CIPHER_key_length(c); @@ -439,8 +424,8 @@ SSL *s; SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT); } /* incorrect number of key bytes for non export cipher */ - else if ((!export && (i != EVP_CIPHER_key_length(c))) - || ( export && ((i != ek) || (s->s2->tmp.clear+i != + else if ((!is_export && (i != EVP_CIPHER_key_length(c))) + || (is_export && ((i != ek) || (s->s2->tmp.clear+i != EVP_CIPHER_key_length(c))))) { error=1; @@ -453,19 +438,18 @@ SSL *s; } #endif - if (export) i+=s->s2->tmp.clear; + if (is_export) i+=s->s2->tmp.clear; s->session->master_key_length=i; memcpy(s->session->master_key,p,(unsigned int)i); return(1); } -static int get_client_hello(s) -SSL *s; +static int get_client_hello(SSL *s) { int i,n; unsigned char *p; - STACK *cs; /* a stack of SSL_CIPHERS */ - STACK *cl; /* the ones we want to use */ + STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */ + STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */ int z; /* This is a bit of a hack to check for the correct packet @@ -537,8 +521,8 @@ SSL *s; } else { - i=ssl_get_prev_session(s,s->s2->tmp.session_id_length, - &(p[s->s2->tmp.cipher_spec_length])); + i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]), + s->s2->tmp.session_id_length); if (i == 1) { /* previous session */ s->hit=1; @@ -573,11 +557,11 @@ SSL *s; cl=ssl_get_ciphers_by_id(s); - for (z=0; zinit_buf->data; if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) @@ -616,27 +599,52 @@ SSL *s; *(p++)=SSL2_MT_SERVER_HELLO; /* type */ hit=s->hit; *(p++)=(unsigned char)hit; +#if 1 + if (!hit) + { + if (s->session->sess_cert != NULL) + /* This can't really happen because get_client_hello + * has called ssl_get_new_session, which does not set + * sess_cert. */ + ssl_sess_cert_free(s->session->sess_cert); + s->session->sess_cert = ssl_sess_cert_new(); + if (s->session->sess_cert == NULL) + { + SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE); + return(-1); + } + } + /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL, + * depending on whether it survived in the internal cache + * or was retrieved from an external cache. + * If it is NULL, we cannot put any useful data in it anyway, + * so we don't touch it. + */ + +#else /* That's what used to be done when cert_st and sess_cert_st were + * the same. */ if (!hit) { /* else add cert to session */ CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT); - if (s->session->cert != NULL) - ssl_cert_free(s->session->cert); - s->session->cert=s->cert; + if (s->session->sess_cert != NULL) + ssl_cert_free(s->session->sess_cert); + s->session->sess_cert=s->cert; } else /* We have a session id-cache hit, if the * session-id has no certificate listed against * the 'cert' structure, grab the 'old' one * listed against the SSL connection */ { - if (s->session->cert == NULL) + if (s->session->sess_cert == NULL) { CRYPTO_add(&s->cert->references,1, CRYPTO_LOCK_SSL_CERT); - s->session->cert=s->cert; + s->session->sess_cert=s->cert; } } +#endif - if (s->session->cert == NULL) + if (s->cert == NULL) { ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE); SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED); @@ -656,9 +664,9 @@ SSL *s; /* put certificate type */ *(p++)=SSL2_CT_X509_CERTIFICATE; s2n(s->version,p); /* version */ - n=i2d_X509(s->cert->key->x509,NULL); + n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); s2n(n,p); /* certificate length */ - i2d_X509(s->cert->key->x509,&d); + i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d); n=0; /* lets send out the ciphers we like in the @@ -687,30 +695,13 @@ SSL *s; */ if (s->hit) { - BIO *buf; - - if (s->bbio == NULL) - { - buf=BIO_new(BIO_f_buffer()); - if (buf == NULL) - { - SSLerr(SSL_F_SERVER_HELLO,ERR_LIB_BUF); - return(-1); - } - s->bbio=buf; - } - else - buf=s->bbio; - - BIO_reset(buf); - s->wbio=BIO_push(buf,s->wbio); + if (!ssl_init_wbio_buffer(s,1)) return(-1); } return(ssl2_do_write(s)); } -static int get_client_finished(s) -SSL *s; +static int get_client_finished(SSL *s) { unsigned char *p; int i; @@ -752,8 +743,7 @@ SSL *s; return(1); } -static int server_verify(s) -SSL *s; +static int server_verify(SSL *s) { unsigned char *p; @@ -771,8 +761,7 @@ SSL *s; return(ssl2_do_write(s)); } -static int server_finish(s) -SSL *s; +static int server_finish(SSL *s) { unsigned char *p; @@ -795,14 +784,13 @@ SSL *s; } /* send the request and check the response */ -static int request_certificate(s) -SSL *s; +static int request_certificate(SSL *s) { unsigned char *p,*p2,*buf2; unsigned char *ccd; int i,j,ctype,ret= -1; X509 *x509=NULL; - STACK *sk=NULL; + STACK_OF(X509) *sk=NULL; ccd=s->s2->tmp.ccl; if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) @@ -891,7 +879,7 @@ SSL *s; goto msg_end; } - if (((sk=sk_new_null()) == NULL) || (!sk_push(sk,(char *)x509))) + if (((sk=sk_X509_new_null()) == NULL) || (!sk_X509_push(sk,x509))) { SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE); goto msg_end; @@ -904,12 +892,12 @@ SSL *s; EVP_MD_CTX ctx; EVP_PKEY *pkey=NULL; - EVP_VerifyInit(&ctx,EVP_md5()); + EVP_VerifyInit(&ctx,s->ctx->rsa_md5); EVP_VerifyUpdate(&ctx,s->s2->key_material, (unsigned int)s->s2->key_material_length); EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); - i=i2d_X509(s->session->cert->key->x509,NULL); + i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); buf2=(unsigned char *)Malloc((unsigned int)i); if (buf2 == NULL) { @@ -917,13 +905,14 @@ SSL *s; goto msg_end; } p2=buf2; - i=i2d_X509(s->session->cert->key->x509,&p2); + i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2); EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i); Free(buf2); pkey=X509_get_pubkey(x509); if (pkey == NULL) goto end; i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey); + EVP_PKEY_free(pkey); memset(&ctx,0,sizeof(ctx)); if (i) @@ -932,6 +921,7 @@ SSL *s; X509_free(s->session->peer); s->session->peer=x509; CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); + s->session->verify_result = s->verify_result; ret=1; goto end; } @@ -947,32 +937,28 @@ msg_end: ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); } end: - if (sk != NULL) sk_free(sk); - if (x509 != NULL) X509_free(x509); + sk_X509_free(sk); + X509_free(x509); return(ret); } -static int ssl_rsa_private_decrypt(c, len, from, to,padding) -CERT *c; -int len; -unsigned char *from; -unsigned char *to; -int padding; +static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, + unsigned char *to, int padding) { RSA *rsa; int i; - if ((c == NULL) || (c->key->privatekey == NULL)) + if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) { SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY); return(-1); } - if (c->key->privatekey->type != EVP_PKEY_RSA) + if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) { SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA); return(-1); } - rsa=c->key->privatekey->pkey.rsa; + rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa; /* we have the public key */ i=RSA_private_decrypt(len,from,to,rsa,padding); @@ -980,4 +966,10 @@ int padding; SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB); return(i); } +#else /* !NO_SSL2 */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif +#endif