Remove SSLv2 support
authorKurt Roeckx <kurt@roeckx.be>
Sun, 30 Nov 2014 14:35:22 +0000 (15:35 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Thu, 4 Dec 2014 10:55:03 +0000 (11:55 +0100)
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.

Reviewed-by: Richard Levitte <levitte@openssl.org>
69 files changed:
Configure
INSTALL.VMS
Netware/do_tests.pl
apps/ciphers.c
apps/s_cb.c
apps/s_client.c
apps/s_server.c
apps/s_time.c
crypto/err/openssl.ec
crypto/evp/c_alld.c
crypto/threads/mttest.c
demos/ssl/cli.cpp
doc/apps/ciphers.pod
doc/apps/s_client.pod
doc/apps/s_server.pod
doc/apps/s_time.pod
doc/apps/sess_id.pod
doc/ssl/SSL_CIPHER_get_name.pod
doc/ssl/SSL_CONF_cmd.pod
doc/ssl/SSL_CTX_new.pod
doc/ssl/SSL_CTX_set_cipher_list.pod
doc/ssl/SSL_CTX_set_generate_session_id.pod
doc/ssl/SSL_CTX_set_options.pod
doc/ssl/SSL_get_default_timeout.pod
doc/ssl/SSL_get_version.pod
doc/ssl/SSL_new.pod
doc/ssl/SSL_shutdown.pod
doc/ssl/ssl.pod
makevms.com
ms/test.bat
ms/testce.bat
ssl/Makefile
ssl/s23_clnt.c
ssl/s23_lib.c
ssl/s23_meth.c
ssl/s23_srvr.c
ssl/s2_clnt.c [deleted file]
ssl/s2_enc.c [deleted file]
ssl/s2_lib.c [deleted file]
ssl/s2_meth.c [deleted file]
ssl/s2_pkt.c [deleted file]
ssl/s2_srvr.c [deleted file]
ssl/s3_enc.c
ssl/s3_lib.c
ssl/ssl.h
ssl/ssl2.h
ssl/ssl_algs.c
ssl/ssl_asn1.c
ssl/ssl_cert.c
ssl/ssl_ciph.c
ssl/ssl_conf.c
ssl/ssl_err.c
ssl/ssl_lib.c
ssl/ssl_locl.h
ssl/ssl_sess.c
ssl/ssl_stat.c
ssl/ssl_task.c
ssl/ssl_txt.c
ssl/ssltest.c
ssl/t1_enc.c
ssl/t1_trce.c
test/Makefile
test/testsid.pem
test/testssl
test/testssl.com
util/bat.sh
util/mk1mf.pl
util/mkdef.pl
util/ssleay.num

index 708594a..5e9337c 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -847,7 +847,6 @@ PROCESS_ARGS:
                                {
                                if ($1 eq "ssl")
                                        {
-                                       $disabled{"ssl2"} = "option(ssl)";
                                        $disabled{"ssl3"} = "option(ssl)";
                                        }
                                elsif ($1 eq "tls")
@@ -1062,12 +1061,6 @@ if (defined($disabled{"ec"}))
        $disabled{"ecdh"} = "forced";
        }
 
-# SSL 2.0 requires MD5 and RSA
-if (defined($disabled{"md5"}) || defined($disabled{"rsa"}))
-       {
-       $disabled{"ssl2"} = "forced";
-       }
-
 # SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
 if (defined($disabled{"md5"}) || defined($disabled{"sha"})
     || (defined($disabled{"rsa"})
index e5d43a5..6a50e6f 100644 (file)
@@ -134,7 +134,7 @@ Currently, the logical names supported are:
                         will not be implemented.  Supported algorithms to
                         do this with are: RSA, DSA, DH, MD2, MD4, MD5, RIPEMD,
                         SHA, DES, MDC2, CR2, RC4, RC5, IDEA, BF, CAST, HMAC,
-                        SSL2.  So, for example, having the logical name
+                        SSL3.  So, for example, having the logical name
                         OPENSSL_NO_RSA with the value YES means that the
                         LIBCRYPTO.OLB library will not contain an RSA
                         implementation.
index ac482db..f8909a4 100644 (file)
@@ -270,22 +270,6 @@ sub ssl_tests
    print( OUT "\n========================================================\n");
    print( OUT "SSL TESTS:\n\n");
 
-   system("ssltest -ssl2 (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2:");
-   log_output("ssltest -ssl2", $outFile);
-
-   system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with server authentication:");
-   log_output("$ssltest -ssl2 -server_auth", $outFile);
-
-   system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with client authentication:");
-   log_output("$ssltest -ssl2 -client_auth", $outFile);
-
-   system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with both client and server authentication:");
-   log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile);
-
    system("ssltest -ssl3 (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3:");
    log_output("ssltest -ssl3", $outFile);
@@ -318,26 +302,10 @@ sub ssl_tests
    log_desc("Testing sslv2/sslv3 with both client and server authentication:");
    log_output("$ssltest -server_auth -client_auth", $outFile);
 
-   system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 via BIO pair:");
-   log_output("ssltest -bio_pair -ssl2", $outFile);
-
    system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
    log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);
 
-   system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with server authentication via BIO pair:");
-   log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile);
-
-   system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with client authentication via BIO pair:");
-   log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile);
-
-   system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
-   log_desc("Testing sslv2 with both client and server authentication via BIO pair:");
-   log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile);
-
    system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3 via BIO pair:");
    log_output("ssltest -bio_pair -ssl3", $outFile);
index 85760cd..7de7dd3 100644 (file)
@@ -73,7 +73,6 @@ static const char *ciphers_usage[]={
 "usage: ciphers args\n",
 " -v          - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
 " -V          - even more verbose\n",
-" -ssl2       - SSL2 mode\n",
 " -ssl3       - SSL3 mode\n",
 " -tls1       - TLS1 mode\n",
 NULL
@@ -130,10 +129,6 @@ int MAIN(int argc, char **argv)
                else if (strcmp(*argv,"-stdname") == 0)
                        stdname=verbose=1;
 #endif
-#ifndef OPENSSL_NO_SSL2
-               else if (strcmp(*argv,"-ssl2") == 0)
-                       meth=SSLv2_client_method();
-#endif
 #ifndef OPENSSL_NO_SSL3
                else if (strcmp(*argv,"-ssl3") == 0)
                        meth=SSLv3_client_method();
@@ -210,9 +205,7 @@ int MAIN(int argc, char **argv)
                                int id2 = (int)((id >> 8) & 0xffL);
                                int id3 = (int)(id & 0xffL);
                                
-                               if ((id & 0xff000000L) == 0x02000000L)
-                                       BIO_printf(STDout, "     0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */
-                               else if ((id & 0xff000000L) == 0x03000000L)
+                               if ((id & 0xff000000L) == 0x03000000L)
                                        BIO_printf(STDout, "          0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
                                else
                                        BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
index 0184125..f3892f9 100644 (file)
@@ -621,8 +621,6 @@ static const char *ssl_version_str(int version)
        {
        switch (version)
                {
-       case SSL2_VERSION:
-               return "SSL 2.0";
        case SSL3_VERSION:
                return "SSL 3.0";
        case TLS1_VERSION:
@@ -649,67 +647,6 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 
        str_version = ssl_version_str(version);
 
-       if (version == SSL2_VERSION)
-               {
-               str_details1 = "???";
-
-               if (len > 0)
-                       {
-                       switch (((const unsigned char*)buf)[0])
-                               {
-                               case 0:
-                                       str_details1 = ", ERROR:";
-                                       str_details2 = " ???";
-                                       if (len >= 3)
-                                               {
-                                               unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
-                                               
-                                               switch (err)
-                                                       {
-                                               case 0x0001:
-                                                       str_details2 = " NO-CIPHER-ERROR";
-                                                       break;
-                                               case 0x0002:
-                                                       str_details2 = " NO-CERTIFICATE-ERROR";
-                                                       break;
-                                               case 0x0004:
-                                                       str_details2 = " BAD-CERTIFICATE-ERROR";
-                                                       break;
-                                               case 0x0006:
-                                                       str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
-                                                       break;
-                                                       }
-                                               }
-
-                                       break;
-                               case 1:
-                                       str_details1 = ", CLIENT-HELLO";
-                                       break;
-                               case 2:
-                                       str_details1 = ", CLIENT-MASTER-KEY";
-                                       break;
-                               case 3:
-                                       str_details1 = ", CLIENT-FINISHED";
-                                       break;
-                               case 4:
-                                       str_details1 = ", SERVER-HELLO";
-                                       break;
-                               case 5:
-                                       str_details1 = ", SERVER-VERIFY";
-                                       break;
-                               case 6:
-                                       str_details1 = ", SERVER-FINISHED";
-                                       break;
-                               case 7:
-                                       str_details1 = ", REQUEST-CERTIFICATE";
-                                       break;
-                               case 8:
-                                       str_details1 = ", CLIENT-CERTIFICATE";
-                                       break;
-                               }
-                       }
-               }
-
        if (version == SSL3_VERSION ||
            version == TLS1_VERSION ||
            version == TLS1_1_VERSION ||
@@ -1829,11 +1766,6 @@ static int security_callback_debug(SSL *s, SSL_CTX *ctx,
        case SSL_SECOP_CURVE_CHECK:
                nm = "Check Curve";
                break;
-       case SSL_SECOP_SSL2_COMPAT:
-               BIO_puts(sdb->out, "SSLv2 compatible");
-               show_bits = 0;
-               nm = NULL;
-               break;
        case SSL_SECOP_VERSION:
                BIO_printf(sdb->out, "Version=%s", ssl_version_str(nid));
                show_bits = 0;
index cde7713..1a30ef2 100644 (file)
@@ -335,7 +335,6 @@ static void sc_usage(void)
        BIO_printf(bio_err," -srp_moregroups   - Tolerate other than the known g N values.\n");
        BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N);
 #endif
-       BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
 #ifndef OPENSSL_NO_SSL3_METHOD
        BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
 #endif
@@ -345,9 +344,8 @@ static void sc_usage(void)
        BIO_printf(bio_err," -dtls1        - just use DTLSv1\n");    
        BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n");
        BIO_printf(bio_err," -mtu          - set the link layer MTU\n");
-       BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
+       BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3 - turn off that protocol\n");
        BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
-       BIO_printf(bio_err," -serverpref   - Use server's cipher preferences (only SSLv2)\n");
        BIO_printf(bio_err," -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
        BIO_printf(bio_err,"                 command to see what is available\n");
        BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
@@ -912,10 +910,6 @@ static char *jpake_secret = NULL;
                        meth=TLSv1_client_method();
                        }
 #endif
-#ifndef OPENSSL_NO_SSL2
-               else if (strcmp(*argv,"-ssl2") == 0)
-                       meth=SSLv2_client_method();
-#endif
 #ifndef OPENSSL_NO_SSL3_METHOD
                else if (strcmp(*argv,"-ssl3") == 0)
                        meth=SSLv3_client_method();
@@ -2198,14 +2192,12 @@ end:
 static void print_stuff(BIO *bio, SSL *s, int full)
        {
        X509 *peer=NULL;
-       char *p;
-       static const char *space="                ";
        char buf[BUFSIZ];
        STACK_OF(X509) *sk;
        STACK_OF(X509_NAME) *sk2;
        const SSL_CIPHER *c;
        X509_NAME *xn;
-       int j,i;
+       int i;
 #ifndef OPENSSL_NO_COMP
        const COMP_METHOD *comp, *expansion;
 #endif
@@ -2267,34 +2259,6 @@ static void print_stuff(BIO *bio, SSL *s, int full)
                        {
                        BIO_printf(bio,"---\nNo client certificate CA names sent\n");
                        }
-               p=SSL_get_shared_ciphers(s,buf,sizeof buf);
-               if (p != NULL)
-                       {
-                       /* This works only for SSL 2.  In later protocol
-                        * versions, the client does not know what other
-                        * ciphers (in addition to the one to be used
-                        * in the current connection) the server supports. */
-
-                       BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
-                       j=i=0;
-                       while (*p)
-                               {
-                               if (*p == ':')
-                                       {
-                                       BIO_write(bio,space,15-j%25);
-                                       i++;
-                                       j=0;
-                                       BIO_write(bio,((i%3)?" ":"\n"),1);
-                                       }
-                               else
-                                       {
-                                       BIO_write(bio,p,1);
-                                       j++;
-                                       }
-                               p++;
-                               }
-                       BIO_write(bio,"\n",1);
-                       }
 
                ssl_print_sigalgs(bio, s);
                ssl_print_tmp_key(bio, s);
index d7d3ab2..504d3d9 100644 (file)
@@ -508,7 +508,6 @@ static void sv_usage(void)
        BIO_printf(bio_err," -srpvfile file      - The verifier file for SRP\n");
        BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n");
 #endif
-       BIO_printf(bio_err," -ssl2         - Just talk SSLv2\n");
 #ifndef OPENSSL_NO_SSL3_METHOD
        BIO_printf(bio_err," -ssl3         - Just talk SSLv3\n");
 #endif
@@ -520,7 +519,6 @@ static void sv_usage(void)
        BIO_printf(bio_err," -timeout      - Enable timeouts\n");
        BIO_printf(bio_err," -mtu          - Set link layer MTU\n");
        BIO_printf(bio_err," -chain        - Read a certificate chain\n");
-       BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
        BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
        BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
        BIO_printf(bio_err," -no_tls1_1    - Just disable TLSv1.1\n");
@@ -1406,13 +1404,6 @@ int MAIN(int argc, char *argv[])
                        { www=2; }
                else if (strcmp(*argv,"-HTTP") == 0)
                        { www=3; }
-#ifndef OPENSSL_NO_SSL2
-               else if (strcmp(*argv,"-ssl2") == 0)
-                       {
-                       no_ecdhe=1;
-                       meth=SSLv2_server_method();
-                       }
-#endif
 #ifndef OPENSSL_NO_SSL3_METHOD
                else if (strcmp(*argv,"-ssl3") == 0)
                        { meth=SSLv3_server_method(); }
@@ -1768,9 +1759,6 @@ bad:
                if(strlen(session_id_prefix) >= 32)
                        BIO_printf(bio_err,
 "warning: id_prefix is too long, only one new session will be possible\n");
-               else if(strlen(session_id_prefix) >= 16)
-                       BIO_printf(bio_err,
-"warning: id_prefix is too long if you use SSLv2\n");
                if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id))
                        {
                        BIO_printf(bio_err,"error setting 'id_prefix'\n");
@@ -1855,9 +1843,6 @@ bad:
                        if(strlen(session_id_prefix) >= 32)
                                BIO_printf(bio_err,
                                        "warning: id_prefix is too long, only one new session will be possible\n");
-                       else if(strlen(session_id_prefix) >= 16)
-                               BIO_printf(bio_err,
-                                       "warning: id_prefix is too long if you use SSLv2\n");
                        if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id))
                                {
                                BIO_printf(bio_err,"error setting 'id_prefix'\n");
index 81dad53..6542be2 100644 (file)
@@ -186,7 +186,6 @@ static void s_time_usage(void)
        printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
 #ifdef FIONBIO
        printf("-nbio         - Run with non-blocking IO\n");
-       printf("-ssl2         - Just use SSLv2\n");
        printf("-ssl3         - Just use SSLv3\n");
        printf("-bugs         - Turn on SSL bug compatibility\n");
        printf("-new          - Just time new connections\n");
@@ -282,10 +281,6 @@ static int parseArgs(int argc, char **argv)
                }
        else if(strcmp(*argv,"-bugs") == 0)
            st_bugs=1;
-#ifndef OPENSSL_NO_SSL2
-       else if(strcmp(*argv,"-ssl2") == 0)
-           s_time_meth=SSLv2_client_method();
-#endif
 #ifndef OPENSSL_NO_SSL3
        else if(strcmp(*argv,"-ssl3") == 0)
            s_time_meth=SSLv3_client_method();
@@ -430,8 +425,6 @@ int MAIN(int argc, char **argv)
                                ver='t';
                        else if (ver == SSL3_VERSION)
                                ver='3';
-                       else if (ver == SSL2_VERSION)
-                               ver='2';
                        else
                                ver='*';
                        }
@@ -523,8 +516,6 @@ next:
                                ver='t';
                        else if (ver == SSL3_VERSION)
                                ver='3';
-                       else if (ver == SSL2_VERSION)
-                               ver='2';
                        else
                                ver='*';
                        }
index 547796b..33005cc 100644 (file)
@@ -51,7 +51,6 @@ F RSAREF_F_RSA_PRIVATE_DECRYPT
 F RSAREF_F_RSA_PRIVATE_ENCRYPT
 F RSAREF_F_RSA_PUBLIC_DECRYPT
 F RSAREF_F_RSA_PUBLIC_ENCRYPT
-#F SSL_F_CLIENT_CERTIFICATE
 
 R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE         1010
 R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC             1020
index 311e1fe..99f9cd5 100644 (file)
@@ -69,7 +69,6 @@ void OpenSSL_add_all_digests(void)
 #endif
 #ifndef OPENSSL_NO_MD5
        EVP_add_digest(EVP_md5());
-       EVP_add_digest_alias(SN_md5,"ssl2-md5");
        EVP_add_digest_alias(SN_md5,"ssl3-md5");
 #endif
 #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
index eba7aa8..da2707e 100644 (file)
@@ -217,8 +217,6 @@ int main(int argc, char *argv[])
                        cache_stats=1;
                else if (strcmp(*argv,"-ssl3") == 0)
                        ssl_method=SSLv3_method();
-               else if (strcmp(*argv,"-ssl2") == 0)
-                       ssl_method=SSLv2_method();
                else if (strcmp(*argv,"-CApath") == 0)
                        {
                        if (--argc < 1) goto bad;
index 5b4406d..a5bee1c 100644 (file)
@@ -38,7 +38,7 @@ void main ()
   SSL_METHOD *meth;
 
   SSLeay_add_ssl_algorithms();
-  meth = SSLv2_client_method();
+  meth = SSLv23_client_method();
   SSL_load_error_strings();
   ctx = SSL_CTX_new (meth);                        CHK_NULL(ctx);
 
index 6bdc077..5f8dac4 100644 (file)
@@ -10,7 +10,6 @@ B<openssl> B<ciphers>
 [B<-s>]
 [B<-v>]
 [B<-V>]
-[B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
 [B<-stdname>]
@@ -35,12 +34,9 @@ not used then ciphers excluded by the security level will still be listed.
 =item B<-v>
 
 Verbose option. List ciphers with a complete description of
-protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
+protocol version, key exchange,
 authentication, encryption and mac algorithms used along with any key size
 restrictions and whether the algorithm is classed as an "export" cipher.
-Note that without the B<-v> option, ciphers may seem to appear twice
-in a cipher list; this is when similar ciphers are available for
-SSL v2 and for SSL v3/TLS v1.
 
 =item B<-V>
 
@@ -50,10 +46,6 @@ Like B<-v>, but include cipher suite codes in output (hex format).
 
 only include SSL v3 ciphers.
 
-=item B<-ssl2>
-
-only include SSL v2 ciphers.
-
 =item B<-tls1>
 
 only include TLS v1 ciphers.
@@ -259,9 +251,9 @@ keys.
 ciphers suites using FORTEZZA key exchange, authentication, encryption or all
 FORTEZZA algorithms. Not implemented.
 
-=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2>
+=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>
 
-TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note:
+TLS v1.2, TLS v1.0 or SSL v3.0 cipher suites respectively. Note:
 there are no ciphersuites specific to TLS v1.1.
 
 =item B<AES128>, B<AES256>, B<AES>
@@ -605,17 +597,6 @@ Note: these ciphers can also be used in SSL v3.
  TLS_PSK_WITH_AES_128_CBC_SHA              PSK-AES128-CBC-SHA
  TLS_PSK_WITH_AES_256_CBC_SHA              PSK-AES256-CBC-SHA
 
-=head2 Deprecated SSL v2.0 cipher suites.
-
- SSL_CK_RC4_128_WITH_MD5                 RC4-MD5
- SSL_CK_RC4_128_EXPORT40_WITH_MD5        EXP-RC4-MD5
- SSL_CK_RC2_128_CBC_WITH_MD5             RC2-MD5
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5    EXP-RC2-MD5
- SSL_CK_IDEA_128_CBC_WITH_MD5            IDEA-CBC-MD5
- SSL_CK_DES_64_CBC_WITH_MD5              DES-CBC-MD5
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5        DES-CBC3-MD5
-
-
 =head1 NOTES
 
 Some compiled versions of OpenSSL may not include all the ciphers
index 2057dc8..17308b4 100644 (file)
@@ -58,10 +58,8 @@ B<openssl> B<s_client>
 [B<-ign_eof>]
 [B<-no_ign_eof>]
 [B<-quiet>]
-[B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
-[B<-no_ssl2>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 [B<-no_tls1_1>]
@@ -248,11 +246,11 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
 
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-ssl3>, B<-tls1>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
 
 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+servers and permit them to use SSL v3 or TLS as appropriate.
 
 Unfortunately there are still ancient and broken servers in use which
 cannot handle this technique and will fail to connect. Some servers only
@@ -279,10 +277,6 @@ the server determines which cipher suite is used it should take the first
 supported cipher in the list sent by the client. See the B<ciphers>
 command for more information.
 
-=item B<-serverpref>
-
-use the server's cipher preferences; only used for SSLV2.
-
 =item B<-starttls protocol>
 
 send the protocol-specific message(s) to switch to TLS for communication.
@@ -373,8 +367,8 @@ would typically be used (https uses port 443). If the connection succeeds
 then an HTTP command can be given such as "GET /" to retrieve a web page.
 
 If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
-B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> options can be tried
+nothing obvious like no client certificate then the B<-bugs>,
+B<-ssl3>, B<-tls1>, B<-no_ssl3>, B<-no_tls1> options can be tried
 in case it is a buggy server. In particular you should play with these
 options B<before> submitting a bug report to an OpenSSL mailing list.
 
@@ -396,10 +390,6 @@ on the command line is no guarantee that the certificate works.
 If there are problems verifying a server certificate then the
 B<-showcerts> option can be used to show the whole chain.
 
-Since the SSLv23 client hello cannot include compression methods or extensions
-these will only be supported if its use is disabled, for example by using the
-B<-no_sslv2> option.
-
 The B<s_client> utility is a test tool and is designed to continue the
 handshake after any certificate verification errors. As a result it will
 accept any certificate chain (trusted or not) sent by the peer. None test
index 3085944..1cc965f 100644 (file)
@@ -64,10 +64,8 @@ B<openssl> B<s_server>
 [B<-serverpref>]
 [B<-quiet>]
 [B<-no_tmp_rsa>]
-[B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
-[B<-no_ssl2>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 [B<-no_dhe>]
@@ -279,11 +277,11 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
 
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
+=item B<-ssl3>, B<-tls1>, B<-no_ssl3>, B<-no_tls1>
 
 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+servers and permit them to use SSL v3 or TLS as appropriate.
 
 =item B<-bugs>
 
index 5a38aa2..b8dad09 100644 (file)
@@ -19,7 +19,6 @@ B<openssl> B<s_time>
 [B<-verify depth>]
 [B<-nbio>]
 [B<-time seconds>]
-[B<-ssl2>]
 [B<-ssl3>]
 [B<-bugs>]
 [B<-cipher cipherlist>]
@@ -92,18 +91,17 @@ specified, they are both on by default and executed in sequence.
 
 turns on non-blocking I/O.
 
-=item B<-ssl2>, B<-ssl3>
+=item B<-ssl3>
 
 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+servers and permit them to use SSL v3 or TLS as appropriate.
 The timing program is not as rich in options to turn protocols on and off as
 the L<s_client(1)|s_client(1)> program and may not connect to all servers.
 
 Unfortunately there are a lot of ancient and broken servers in use which
 cannot handle this technique and will fail to connect. Some servers only
-work if TLS is turned off with the B<-ssl3> option; others
-will only support SSL v2 and may need the B<-ssl2> option.
+work if TLS is turned off with the B<-ssl3> option.
 
 =item B<-bugs>
 
@@ -137,7 +135,7 @@ which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command
 for details.
 
 If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
+nothing obvious like no client certificate then the B<-bugs> and
 B<-ssl3> options can be tried
 in case it is a buggy server. In particular you should play with these
 options B<before> submitting a bug report to an OpenSSL mailing list.
index fb5ce12..a8b0ef0 100644 (file)
@@ -92,7 +92,7 @@ Theses are described below in more detail.
 
 =item B<Protocol>
 
-this is the protocol in use TLSv1, SSLv3 or SSLv2.
+this is the protocol in use TLSv1.2, TLSv1.1, TLSv1 or SSLv3.
 
 =item B<Cipher>
 
@@ -111,10 +111,6 @@ the session ID context in hex format.
 
 this is the SSL session master key.
 
-=item B<Key-Arg>
-
-the key argument, this is only used in SSL v2.
-
 =item B<Start Time>
 
 this is the session start time represented as an integer in standard Unix format.
index 2048bfb..ec7011e 100644 (file)
@@ -25,7 +25,7 @@ chosen algorithm. If B<cipher> is NULL, 0 is returned.
 
 SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol
 version that first defined the cipher.
-This is currently B<SSLv2> or B<TLSv1/SSLv3>.
+This is currently B<TLSv1/SSLv3>.
 In some cases it should possibly return "TLSv1.2" but does not;
 use SSL_CIPHER_description() instead.
 If B<cipher> is NULL, "(NONE)" is returned.
@@ -56,7 +56,7 @@ Textual representation of the cipher name.
 
 =item <protocol version>
 
-Protocol version: B<SSLv2>, B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are
+Protocol version: B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are
 flagged with SSLv3. No new ciphers were added by TLSv1.1.
 
 =item Kx=<key exchange>
index f96d8d9..90a20d6 100644 (file)
@@ -109,10 +109,10 @@ Attempts to use the file B<value> as the set of temporary DH parameters for
 the appropriate context. This option is only supported if certificate
 operations are permitted.
 
-=item B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
 
-Disables protocol support for SSLv2, SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2 
-by setting the corresponding options B<SSL_OP_NO_SSL2>, B<SSL_OP_NO_SSL3>,
+Disables protocol support for SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2 
+by setting the corresponding options B<SSL_OP_NO_SSL3>,
 B<SSL_OP_NO_TLS1>, B<SSL_OP_NO_TLS1_1> and B<SSL_OP_NO_TLS1_2> respectively.
 
 =item B<-bugs>
@@ -259,7 +259,7 @@ The supported versions of the SSL or TLS protocol.
 The B<value> argument is a comma separated list of supported protocols to
 enable or disable. If an protocol is preceded by B<-> that version is disabled.
 All versions are enabled by default, though applications may choose to
-explicitly disable some. Currently supported protocol values are B<SSLv2>,
+explicitly disable some. Currently supported protocol values are 
 B<SSLv3>, B<TLSv1>, B<TLSv1.1> and B<TLSv1.2>. The special value B<ALL> refers
 to all supported versions.
 
@@ -435,4 +435,7 @@ L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
 
 SSL_CONF_cmd() was first added to OpenSSL 1.0.2
 
+B<SSL_OP_NO_SSL2> doesn't have effect anymore since 1.1.0 but the define is kept
+for backward compatibility.
+
 =cut
index 7593cf6..0da3f7b 100644 (file)
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-SSL_CTX_new, SSLv2_method, SSLv2_server_method, SSLv2_client_method, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method - create a new SSL_CTX object as framework for TLS/SSL enabled functions
+SSL_CTX_new, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method - create a new SSL_CTX object as framework for TLS/SSL enabled functions
 
 =head1 SYNOPSIS
 
@@ -23,14 +23,6 @@ client only type. B<method> can be of the following types:
 
 =over 4
 
-=item SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)
-
-A TLS/SSL connection established with these methods will only understand
-the SSLv2 protocol. A client will send out SSLv2 client hello messages
-and will also indicate that it only understand SSLv2. A server will only
-understand SSLv2 client hello messages. The SSLv2 protocol is deprecated 
-and very broken: its use is B<strongly> discouraged.
-
 =item SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)
 
 A TLS/SSL connection established with these methods will only understand the
@@ -62,33 +54,25 @@ SSLv3 client hello messages.
 
 =item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
 
-A TLS/SSL connection established with these methods may understand the SSLv2,
+A TLS/SSL connection established with these methods may understand the
 SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.
 
-If the cipher list does not contain any SSLv2 ciphersuites (the default
-cipher list does not) or extensions are required (for example server name)
+If extensions are required (for example server name)
 a client will send out TLSv1 client hello messages including extensions and
 will indicate that it also understands TLSv1.1, TLSv1.2 and permits a
 fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2
 protocols. This is the best choice when compatibility is a concern.
 
-If any SSLv2 ciphersuites are included in the cipher list and no extensions
-are required then SSLv2 compatible client hellos will be used by clients and
-SSLv2 will be accepted by servers. This is B<not> recommended due to the
-insecurity of SSLv2 and the limited nature of the SSLv2 client hello
-prohibiting the use of extensions.
-
 =back
 
-The list of protocols available can later be limited using the SSL_OP_NO_SSLv2,
+The list of protocols available can later be limited using the
 SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2
 options of the SSL_CTX_set_options() or SSL_set_options() functions.
 Using these options it is possible to choose e.g. SSLv23_server_method() and
 be able to negotiate with all possible clients, but to only allow newer
 protocols like TLSv1, TLSv1.1 or TLS v1.2.
 
-Applications which never want to support SSLv2 (even is the cipher string
-is configured to use SSLv2 ciphersuites) can set SSL_OP_NO_SSLv2.
+Applications which never want to support SSLv3 can set SSL_OP_NO_SSLv3.
 
 SSL_CTX_new() initializes the list of ciphers, the session cache setting,
 the callbacks, the keys and certificates and the options to its default
@@ -111,6 +95,11 @@ The return value points to an allocated SSL_CTX object.
 
 =back
 
+=head1 HISTORY
+
+SSLv2_method, SSLv2_server_method and SSLv2_client_method where removed in
+OpenSSL 1.1.0.
+
 =head1 SEE ALSO
 
 L<SSL_CTX_free(3)|SSL_CTX_free(3)>, L<SSL_accept(3)|SSL_accept(3)>,
index 8b41917..c2c349f 100644 (file)
@@ -54,10 +54,6 @@ of 512 bits and the server is not configured to use temporary RSA
 keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated
 and the handshake will fail.
 
-If the cipher list does not contain any SSLv2 cipher suites (this is the
-default) then SSLv2 is effectively disabled and neither clients nor servers
-will attempt to use SSLv2.
-
 =head1 RETURN VALUES
 
 SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher
index 798e844..cd72572 100644 (file)
@@ -32,9 +32,8 @@ of the parent context of B<ssl>.
 
 When a new session is established between client and server, the server
 generates a session id. The session id is an arbitrary sequence of bytes.
-The length of the session id is 16 bytes for SSLv2 sessions and between
-1 and 32 bytes for SSLv3/TLSv1. The session id is not security critical
-but must be unique for the server. Additionally, the session id is
+The length of the session id is between 1 and 32 bytes.  The session id is not
+security critical but must be unique for the server. Additionally, the session id is
 transmitted in the clear when reusing the session so it must not contain
 sensitive information.
 
@@ -51,21 +50,14 @@ The callback is only allowed to generate a shorter id and reduce B<id_len>;
 the callback B<must never> increase B<id_len> or write to the location
 B<id> exceeding the given limit.
 
-If a SSLv2 session id is generated and B<id_len> is reduced, it will be
-restored after the callback has finished and the session id will be padded
-with 0x00. It is not recommended to change the B<id_len> for SSLv2 sessions.
-The callback can use the L<SSL_get_version(3)|SSL_get_version(3)> function
-to check, whether the session is of type SSLv2.
-
 The location B<id> is filled with 0x00 before the callback is called, so the
 callback may only fill part of the possible length and leave B<id_len>
 untouched while maintaining reproducibility.
 
 Since the sessions must be distinguished, session ids must be unique.
 Without the callback a random number is used, so that the probability
-of generating the same session id is extremely small (2^128 possible ids
-for an SSLv2 session, 2^256 for SSLv3/TLSv1). In order to assure the
-uniqueness of the generated session id, the callback must call
+of generating the same session id is extremely small (2^256 for SSLv3/TLSv1).
+In order to assure the uniqueness of the generated session id, the callback must call
 SSL_has_matching_session_id() and generate another id if a conflict occurs.
 If an id conflict is not resolved, the handshake will fail.
 If the application codes e.g. a unique host id, a unique process number, and
@@ -85,10 +77,6 @@ Collisions can also occur when using an external session cache, since
 the external cache is not tested with SSL_has_matching_session_id()
 and the same race condition applies.
 
-When calling SSL_has_matching_session_id() for an SSLv2 session with
-reduced B<id_len>, the match operation will be performed using the
-fixed length required and with a 0x00 padded id.
-
 The callback must return 0 if it cannot generate a session id for whatever
 reason and return 1 on success.
 
@@ -104,12 +92,6 @@ server id given, and will fill the rest with pseudo random bytes:
                               unsigned int *id_len)
       {
       unsigned int count = 0;
-      const char *version;
-
-      version = SSL_get_version(ssl);
-      if (!strcmp(version, "SSLv2"))
-         /* we must not change id_len */;
-
       do      {
               RAND_pseudo_bytes(id, *id_len);
               /* Prefix the session_id with the required prefix. NB: If our
index 65062ad..1594fb6 100644 (file)
@@ -63,18 +63,11 @@ The following B<bug workaround> options are available:
 
 =item SSL_OP_MICROSOFT_SESS_ID_BUG
 
-www.microsoft.com - when talking SSLv2, if session-id reuse is
-performed, the session-id passed back in the server-finished message
-is different from the one decided upon.
+As of OpenSSL 1.0.0 this option has no effect.
 
 =item SSL_OP_NETSCAPE_CHALLENGE_BUG
 
-Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
-challenge but then appears to only use 16 bytes when generating the
-encryption keys.  Using 16 bytes is ok but it should be ok to use 32.
-According to the SSLv3 spec, one should use 32 bytes for the challenge
-when operating in SSLv2/v3 compatibility mode, but as mentioned above,
-this breaks this server so 16 bytes is the way to go.
+As of OpenSSL 1.0.0 this option has no effect.
 
 =item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
 
index a648a9b..3a067fe 100644 (file)
@@ -24,7 +24,7 @@ L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, the hardcoded default
 timeout for the protocol will be used.
 
 SSL_get_default_timeout() return this hardcoded value, which is 300 seconds
-for all currently supported protocols (SSLv2, SSLv3, and TLSv1).
+for all currently supported protocols.
 
 =head1 RETURN VALUES
 
index 9ae6f25..b91bb47 100644 (file)
@@ -21,10 +21,6 @@ The following strings can be returned:
 
 =over 4
 
-=item SSLv2
-
-The connection uses the SSLv2 protocol.
-
 =item SSLv3
 
 The connection uses the SSLv3 protocol.
index 25300e9..f0774a5 100644 (file)
@@ -14,7 +14,7 @@ SSL_new - create a new SSL structure for a connection
 
 SSL_new() creates a new B<SSL> structure which is needed to hold the
 data for a TLS/SSL connection. The new structure inherits the settings
-of the underlying context B<ctx>: connection method (SSLv2/v3/TLSv1),
+of the underlying context B<ctx>: connection method,
 options, verification settings, timeout settings.
 
 =head1 RETURN VALUES
index efbff5a..b2bf9cb 100644 (file)
@@ -60,9 +60,7 @@ SSL_get_shutdown() (see also L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> call.
 
 It is therefore recommended, to check the return value of SSL_shutdown()
 and call SSL_shutdown() again, if the bidirectional shutdown is not yet
-complete (return value of the first call is 0). As the shutdown is not
-specially handled in the SSLv2 protocol, SSL_shutdown() will succeed on
-the first call.
+complete (return value of the first call is 0).
 
 The behaviour of SSL_shutdown() additionally depends on the underlying BIO. 
 
index 8d5b8c3..ceb9766 100644 (file)
@@ -45,8 +45,8 @@ structures:
 =item B<SSL_METHOD> (SSL Method)
 
 That's a dispatch structure describing the internal B<ssl> library
-methods/functions which implement the various protocol versions (SSLv1, SSLv2
-and TLSv1). It's needed to create an B<SSL_CTX>.
+methods/functions which implement the various protocol versions (SSLv3
+TLSv1, ...). It's needed to create an B<SSL_CTX>.
 
 =item B<SSL_CIPHER> (SSL Cipher)
 
@@ -105,8 +105,8 @@ it's already included by ssl.h>.
 
 =item B<ssl23.h>
 
-That's the sub header file dealing with the combined use of the SSLv2 and
-SSLv3 protocols.
+That's the sub header file dealing with the combined use of different
+protocol version.
 I<Usually you don't have to include it explicitly because
 it's already included by ssl.h>.
 
@@ -130,18 +130,6 @@ protocol methods defined in B<SSL_METHOD> structures.
 
 =over 4
 
-=item const SSL_METHOD *B<SSLv2_client_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
-
-=item const SSL_METHOD *B<SSLv2_server_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
-
-=item const SSL_METHOD *B<SSLv2_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
-
 =item const SSL_METHOD *B<SSLv3_client_method>(void);
 
 Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
@@ -189,7 +177,7 @@ I<alg_bits>) and the bits which are actually used (the return value).
 =item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher);
 
 Return the internal name of I<cipher> as a string. These are the various
-strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
+strings defined by the I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
 definitions in the header files.
 
 =item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher);
@@ -758,5 +746,8 @@ L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)>
 
 The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2
 
+B<SSLv2_client_method>, B<SSLv2_server_method> and B<SSLv2_method> where removed
+in OpenSSL 1.1.0.
+
 =cut
 
index d5a2526..37e1e3c 100755 (executable)
@@ -300,7 +300,6 @@ $ CONFIG_LOGICALS := AES,-
                     SHA512,-
                     SOCK,-
                     SRP,-
-                    SSL2,-
                     SSL_INTERN,-
                     STACK,-
                     STATIC_ENGINE,-
@@ -330,10 +329,8 @@ $! algos part.
 $ CONFIG_DISABLE_RULES := RIJNDAEL/AES;-
                          DES/MDC2;-
                          EC/ECDSA,ECDH;-
-                         MD5/SSL2,SSL3,TLS1;-
+                         MD5/SSL3,TLS1;-
                          SHA/SSL3,TLS1;-
-                         RSA/SSL2;-
-                         RSA,DSA/SSL2;-
                          DH/SSL3,TLS1;-
                          TLS1/TLSEXT;-
                          EC/GOST;-
index f490546..d0b6060 100755 (executable)
@@ -77,22 +77,6 @@ if errorlevel 1 goto done
 
 set SSL_TEST=ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -CAfile certCA.ss
 
-echo test sslv2
-ssltest -ssl2
-if errorlevel 1 goto done
-
-echo test sslv2 with server authentication
-%SSL_TEST% -ssl2 -server_auth
-if errorlevel 1 goto done
-
-echo test sslv2 with client authentication
-%SSL_TEST% -ssl2 -client_auth
-if errorlevel 1 goto done
-
-echo test sslv2 with both client and server authentication
-%SSL_TEST% -ssl2 -server_auth -client_auth
-if errorlevel 1 goto done
-
 echo test sslv3
 ssltest -ssl3
 if errorlevel 1 goto done
@@ -125,26 +109,10 @@ echo test sslv2/sslv3 with both client and server authentication
 %SSL_TEST% -server_auth -client_auth
 if errorlevel 1 goto done
 
-echo test sslv2 via BIO pair
-ssltest -bio_pair -ssl2
-if errorlevel 1 goto done
-
 echo test sslv2/sslv3 with 1024 bit DHE via BIO pair
 ssltest -bio_pair -dhe1024dsa -v
 if errorlevel 1 goto done
 
-echo test sslv2 with server authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl2 -server_auth
-if errorlevel 1 goto done
-
-echo test sslv2 with client authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl2 -client_auth
-if errorlevel 1 goto done
-
-echo test sslv2 with both client and server authentication via BIO pair
-%SSL_TEST% -bio_pair -ssl2 -server_auth -client_auth
-if errorlevel 1 goto done
-
 echo test sslv3 via BIO pair
 ssltest -bio_pair -ssl3
 if errorlevel 1 goto done
index 2ab010b..8de94a4 100644 (file)
@@ -123,22 +123,6 @@ cecopy ssltest.exe CE:\OpenSSL
 cecopy ..\apps\server.pem CE:\OpenSSL
 cecopy ..\apps\client.pem CE:\OpenSSL
 
-echo test sslv2
-cerun CE:\OpenSSL\ssltest -ssl2
-if errorlevel 1 goto done
-
-echo test sslv2 with server authentication
-cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
-echo test sslv2 with client authentication
-cerun CE:\OpenSSL\ssltest -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
-echo test sslv2 with both client and server authentication
-cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
 echo test sslv3
 cerun CE:\OpenSSL\ssltest -ssl3
 if errorlevel 1 goto done
@@ -171,26 +155,10 @@ echo test sslv2/sslv3 with both client and server authentication
 cerun CE:\OpenSSL\ssltest -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
 if errorlevel 1 goto done
 
-echo test sslv2 via BIO pair
-cerun CE:\OpenSSL\ssltest -bio_pair -ssl2
-if errorlevel 1 goto done
-
 echo test sslv2/sslv3 with 1024 bit DHE via BIO pair
 cerun CE:\OpenSSL\ssltest -bio_pair -dhe1024dsa -v
 if errorlevel 1 goto done
 
-echo test sslv2 with server authentication via BIO pair
-cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
-echo test sslv2 with client authentication via BIO pair
-cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
-echo test sslv2 with both client and server authentication via BIO pair
-cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
-if errorlevel 1 goto done
-
 echo test sslv3 via BIO pair
 cerun CE:\OpenSSL\ssltest -bio_pair -ssl3
 if errorlevel 1 goto done
index 739e1ea..ebbdedc 100644 (file)
@@ -21,7 +21,6 @@ APPS=
 LIB=$(TOP)/libssl.a
 SHARED_LIB= libssl$(SHLIB_EXT)
 LIBSRC=        \
-       s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
        s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c s3_cbc.c \
        s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
        t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c t1_ext.c \
@@ -32,7 +31,6 @@ LIBSRC=       \
        ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \
        bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c
 LIBOBJ= \
-       s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
        s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
        s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
        t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o t1_ext.o \
@@ -386,126 +384,6 @@ s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
 s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
 s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
 s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
-s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h
-s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
-s2_enc.o: ssl_locl.h
-s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h
-s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
-s2_meth.o: ssl_locl.h
-s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
-s2_pkt.o: ssl_locl.h
-s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s2_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s2_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s2_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s2_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_srvr.o: ../include/openssl/x509_vfy.h s2_srvr.c ssl_locl.h
 s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
 s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
 s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
index 42c3d68..37b3e23 100644 (file)
@@ -121,10 +121,6 @@ static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);
 static const SSL_METHOD *ssl23_get_client_method(int ver)
        {
-#ifndef OPENSSL_NO_SSL2
-       if (ver == SSL2_VERSION)
-               return(SSLv2_client_method());
-#endif
 #ifndef OPENSSL_NO_SSL3
        if (ver == SSL3_VERSION)
                return(SSLv3_client_method());
@@ -256,24 +252,6 @@ end:
        return(ret);
        }
 
-static int ssl23_no_ssl2_ciphers(SSL *s)
-       {
-       SSL_CIPHER *cipher;
-       STACK_OF(SSL_CIPHER) *ciphers;
-       int i;
-       ssl_set_client_disabled(s);
-       ciphers = SSL_get_ciphers(s);
-       for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++)
-               {
-               cipher = sk_SSL_CIPHER_value(ciphers, i);
-               if (ssl_cipher_disabled(s, cipher, SSL_SECOP_CIPHER_SUPPORTED))
-                       continue;
-               if (cipher->algorithm_ssl == SSL_SSLV2)
-                       return 0;
-               }
-       return 1;
-       }
-
 /* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
  * on failure, 1 on success. */
 int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
@@ -300,9 +278,8 @@ static int ssl23_client_hello(SSL *s)
        {
        unsigned char *buf;
        unsigned char *p,*d;
-       int i,ch_len;
+       int i;
        unsigned long l;
-       int ssl2_compat;
        int version = 0, version_major, version_minor;
        int al = 0;
 #ifndef OPENSSL_NO_COMP
@@ -312,13 +289,6 @@ static int ssl23_client_hello(SSL *s)
        int ret;
        unsigned long mask, options = s->options;
 
-       ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
-
-       if (ssl2_compat && !ssl_security(s, SSL_SECOP_SSL2_COMPAT, 0, 0, NULL))
-               ssl2_compat = 0;
-       if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
-               ssl2_compat = 0;
-
        /*
         * SSL_OP_NO_X disables all protocols above X *if* there are
         * some protocols below X enabled. This is required in order
@@ -331,9 +301,6 @@ static int ssl23_client_hello(SSL *s)
 #if !defined(OPENSSL_NO_SSL3)
                |SSL_OP_NO_SSLv3
 #endif
-#if !defined(OPENSSL_NO_SSL2)
-               |(ssl2_compat?SSL_OP_NO_SSLv2:0)
-#endif
                ;
 #if !defined(OPENSSL_NO_TLS1_2_CLIENT)
        version = TLS1_2_VERSION;
@@ -352,28 +319,6 @@ static int ssl23_client_hello(SSL *s)
                version = SSL3_VERSION;
        mask &= ~SSL_OP_NO_SSLv3;
 #endif
-#if !defined(OPENSSL_NO_SSL2)
-       if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
-               version = SSL2_VERSION;
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-       if (version != SSL2_VERSION)
-               {
-               /* have to disable SSL 2.0 compatibility if we need TLS extensions */
-
-               if (s->tlsext_hostname != NULL)
-                       ssl2_compat = 0;
-               if (s->tlsext_status_type != -1)
-                       ssl2_compat = 0;
-#ifdef TLSEXT_TYPE_opaque_prf_input
-               if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
-                       ssl2_compat = 0;
-#endif
-               if (s->cert->cli_ext.meths_count != 0)
-                       ssl2_compat = 0;
-               }
-#endif
 
        buf=(unsigned char *)s->init_buf->data;
        if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
@@ -424,11 +369,6 @@ static int ssl23_client_hello(SSL *s)
                        version_major = SSL3_VERSION_MAJOR;
                        version_minor = SSL3_VERSION_MINOR;
                        }
-               else if (version == SSL2_VERSION)
-                       {
-                       version_major = SSL2_VERSION_MAJOR;
-                       version_minor = SSL2_VERSION_MINOR;
-                       }
                else
                        {
                        SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
@@ -437,169 +377,105 @@ static int ssl23_client_hello(SSL *s)
 
                s->client_version = version;
 
-               if (ssl2_compat)
-                       {
-                       /* create SSL 2.0 compatible Client Hello */
+               /* create Client Hello in SSL 3.0/TLS 1.0 format */
 
-                       /* two byte record header will be written last */
-                       d = &(buf[2]);
-                       p = d + 9; /* leave space for message type, version, individual length fields */
+               /* do the record header (5 bytes) and handshake message header (4 bytes) last */
+               d = p = &(buf[9]);
+               
+               *(p++) = version_major;
+               *(p++) = version_minor;
 
-                       *(d++) = SSL2_MT_CLIENT_HELLO;
-                       *(d++) = version_major;
-                       *(d++) = version_minor;
-                       
-                       /* Ciphers supported */
-                       i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p,0);
-                       if (i == 0)
-                               {
-                               /* no ciphers */
-                               SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-                               return -1;
-                               }
-                       s2n(i,d);
-                       p+=i;
-                       
-                       /* put in the session-id length (zero since there is no reuse) */
-#if 0
-                       s->session->session_id_length=0;
-#endif
-                       s2n(0,d);
-
-                       if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-                               ch_len=SSL2_CHALLENGE_LENGTH;
-                       else
-                               ch_len=SSL2_MAX_CHALLENGE_LENGTH;
-
-                       /* write out sslv2 challenge */
-                       /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32),
-                          because it is one of SSL2_MAX_CHALLENGE_LENGTH (32)
-                          or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the
-                          check in for futurproofing */
-                       if (SSL3_RANDOM_SIZE < ch_len)
-                               i=SSL3_RANDOM_SIZE;
-                       else
-                               i=ch_len;
-                       s2n(i,d);
-                       memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
-                       if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
-                               return -1;
-
-                       memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-                       p+=i;
-
-                       i= p- &(buf[2]);
-                       buf[0]=((i>>8)&0xff)|0x80;
-                       buf[1]=(i&0xff);
-
-                       /* number of bytes to write */
-                       s->init_num=i+2;
-                       s->init_off=0;
-
-                       ssl3_finish_mac(s,&(buf[2]),i);
-                       }
-               else
-                       {
-                       /* create Client Hello in SSL 3.0/TLS 1.0 format */
-
-                       /* do the record header (5 bytes) and handshake message header (4 bytes) last */
-                       d = p = &(buf[9]);
-                       
-                       *(p++) = version_major;
-                       *(p++) = version_minor;
+               /* Random stuff */
+               memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+               p += SSL3_RANDOM_SIZE;
 
-                       /* Random stuff */
-                       memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
-                       p += SSL3_RANDOM_SIZE;
+               /* Session ID (zero since there is no reuse) */
+               *(p++) = 0;
 
-                       /* Session ID (zero since there is no reuse) */
-                       *(p++) = 0;
-
-                       /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
-                       i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char);
-                       if (i == 0)
-                               {
-                               SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-                               return -1;
-                               }
+               /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
+               i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char);
+               if (i == 0)
+                       {
+                       SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+                       return -1;
+                       }
 #ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
-                       /* Some servers hang if client hello > 256 bytes
-                        * as hack workaround chop number of supported ciphers
-                        * to keep it well below this if we use TLS v1.2
-                        */
-                       if (TLS1_get_version(s) >= TLS1_2_VERSION
-                               && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
-                               i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+               /* Some servers hang if client hello > 256 bytes
+                * as hack workaround chop number of supported ciphers
+                * to keep it well below this if we use TLS v1.2
+                */
+               if (TLS1_get_version(s) >= TLS1_2_VERSION
+                       && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+                       i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
 #endif
-                       s2n(i,p);
-                       p+=i;
+               s2n(i,p);
+               p+=i;
 
-                       /* COMPRESSION */
+               /* COMPRESSION */
 #ifdef OPENSSL_NO_COMP
-                       *(p++)=1;
+               *(p++)=1;
 #else
-                       if (!ssl_allow_compression(s) || !s->ctx->comp_methods)
-                               j=0;
-                       else
-                               j=sk_SSL_COMP_num(s->ctx->comp_methods);
-                       *(p++)=1+j;
-                       for (i=0; i<j; i++)
-                               {
-                               comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
-                               *(p++)=comp->id;
-                               }
+               if (!ssl_allow_compression(s) || !s->ctx->comp_methods)
+                       j=0;
+               else
+                       j=sk_SSL_COMP_num(s->ctx->comp_methods);
+               *(p++)=1+j;
+               for (i=0; i<j; i++)
+                       {
+                       comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
+                       *(p++)=comp->id;
+                       }
 #endif
-                       *(p++)=0; /* Add the NULL method */
+               *(p++)=0; /* Add the NULL method */
 
 #ifndef OPENSSL_NO_TLSEXT
-                       /* TLS extensions*/
-                       if (ssl_prepare_clienthello_tlsext(s) <= 0)
-                               {
-                               SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
-                               return -1;
-                               }
-                       if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL)
-                               {
-                               ssl3_send_alert(s,SSL3_AL_FATAL,al);
-                               SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
-                               return -1;
-                               }
+               /* TLS extensions*/
+               if (ssl_prepare_clienthello_tlsext(s) <= 0)
+                       {
+                       SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
+                       return -1;
+                       }
+               if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL)
+                       {
+                       ssl3_send_alert(s,SSL3_AL_FATAL,al);
+                       SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
+                       return -1;
+                       }
 #endif
-                       
-                       l = p-d;
+               
+               l = p-d;
 
-                       /* fill in 4-byte handshake header */
-                       d=&(buf[5]);
-                       *(d++)=SSL3_MT_CLIENT_HELLO;
-                       l2n3(l,d);
+               /* fill in 4-byte handshake header */
+               d=&(buf[5]);
+               *(d++)=SSL3_MT_CLIENT_HELLO;
+               l2n3(l,d);
 
-                       l += 4;
+               l += 4;
 
-                       if (l > SSL3_RT_MAX_PLAIN_LENGTH)
-                               {
-                               SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
-                               return -1;
-                               }
-                       
-                       /* fill in 5-byte record header */
-                       d=buf;
-                       *(d++) = SSL3_RT_HANDSHAKE;
-                       *(d++) = version_major;
-                       /* Some servers hang if we use long client hellos
-                        * and a record number > TLS 1.0.
-                        */
-                       if (TLS1_get_client_version(s) > TLS1_VERSION)
-                               *(d++) = 1;
-                       else
-                               *(d++) = version_minor;
-                       s2n((int)l,d);
-
-                       /* number of bytes to write */
-                       s->init_num=p-buf;
-                       s->init_off=0;
-
-                       ssl3_finish_mac(s,&(buf[5]), s->init_num - 5);
+               if (l > SSL3_RT_MAX_PLAIN_LENGTH)
+                       {
+                       SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
+                       return -1;
                        }
+               
+               /* fill in 5-byte record header */
+               d=buf;
+               *(d++) = SSL3_RT_HANDSHAKE;
+               *(d++) = version_major;
+               /* Some servers hang if we use long client hellos
+                * and a record number > TLS 1.0.
+                */
+               if (TLS1_get_client_version(s) > TLS1_VERSION)
+                       *(d++) = 1;
+               else
+                       *(d++) = version_minor;
+               s2n((int)l,d);
+
+               /* number of bytes to write */
+               s->init_num=p-buf;
+               s->init_off=0;
+
+               ssl3_finish_mac(s,&(buf[5]), s->init_num - 5);
 
                s->state=SSL23_ST_CW_CLNT_HELLO_B;
                s->init_off=0;
@@ -611,14 +487,8 @@ static int ssl23_client_hello(SSL *s)
        if ((ret >= 2) && s->msg_callback)
                {
                /* Client Hello has been sent; tell msg_callback */
-
-               if (ssl2_compat)
-                       s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg);
-               else
-                       {
-                       s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5, s, s->msg_callback_arg);
-                       s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);
-                       }
+               s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5, s, s->msg_callback_arg);
+               s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);
                }
 
        return ret;
@@ -638,78 +508,7 @@ static int ssl23_get_server_hello(SSL *s)
 
        memcpy(buf,p,n);
 
-       if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
-               (p[5] == 0x00) && (p[6] == 0x02))
-               {
-#ifdef OPENSSL_NO_SSL2
-               SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
-               goto err;
-#else
-               /* we are talking sslv2 */
-               /* we need to clean up the SSLv3 setup and put in the
-                * sslv2 stuff. */
-               int ch_len;
-
-               if (s->options & SSL_OP_NO_SSLv2)
-                       {
-                       SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
-                       goto err;
-                       }
-               if (s->s2 == NULL)
-                       {
-                       if (!ssl2_new(s))
-                               goto err;
-                       }
-               else
-                       ssl2_clear(s);
-
-               if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-                       ch_len=SSL2_CHALLENGE_LENGTH;
-               else
-                       ch_len=SSL2_MAX_CHALLENGE_LENGTH;
-
-               /* write out sslv2 challenge */
-               /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because
-                  it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
-                  SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
-                  futurproofing */
-               i=(SSL3_RANDOM_SIZE < ch_len)
-                       ?SSL3_RANDOM_SIZE:ch_len;
-               s->s2->challenge_length=i;
-               memcpy(s->s2->challenge,
-                       &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-
-               if (s->s3 != NULL) ssl3_free(s);
-
-               if (!BUF_MEM_grow_clean(s->init_buf,
-                       SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
-                       {
-                       SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
-                       goto err;
-                       }
-
-               s->state=SSL2_ST_GET_SERVER_HELLO_A;
-               if (!(s->client_version == SSL2_VERSION))
-                       /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
-                       s->s2->ssl2_rollback=1;
-
-               /* setup the 7 bytes we have read so we get them from
-                * the sslv2 buffer */
-               s->rstate=SSL_ST_READ_HEADER;
-               s->packet_length=n;
-               s->packet= &(s->s2->rbuf[0]);
-               memcpy(s->packet,buf,n);
-               s->s2->rbuf_left=n;
-               s->s2->rbuf_offs=0;
-
-               /* we have already written one */
-               s->s2->write_sequence=1;
-
-               s->method=SSLv2_client_method();
-               s->handshake_func=s->method->ssl_connect;
-#endif
-               }
-       else if (p[1] == SSL3_VERSION_MAJOR &&
+       if (p[1] == SSL3_VERSION_MAJOR &&
                 p[2] <= TLS1_2_VERSION_MINOR &&
                 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
                  (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2)))
index f3c29d1..9611599 100644 (file)
@@ -67,46 +67,26 @@ long ssl23_default_timeout(void)
 
 int ssl23_num_ciphers(void)
        {
-       return(ssl3_num_ciphers()
-#ifndef OPENSSL_NO_SSL2
-              + ssl2_num_ciphers()
-#endif
-           );
+       return(ssl3_num_ciphers());
        }
 
 const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
        {
-       unsigned int uu=ssl3_num_ciphers();
-
-       if (u < uu)
-               return(ssl3_get_cipher(u));
-       else
-#ifndef OPENSSL_NO_SSL2
-               return(ssl2_get_cipher(u-uu));
-#else
-               return(NULL);
-#endif
+       return(ssl3_get_cipher(u));
        }
 
 /* This function needs to check if the ciphers required are actually
  * available */
 const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
        {
-       const SSL_CIPHER *cp;
-
-       cp=ssl3_get_cipher_by_char(p);
-#ifndef OPENSSL_NO_SSL2
-       if (cp == NULL)
-               cp=ssl2_get_cipher_by_char(p);
-#endif
-       return(cp);
+       return(ssl3_get_cipher_by_char(p));
        }
 
 int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
        {
        long l;
 
-       /* We can write SSLv2 and SSLv3 ciphers */
+       /* We can write SSLv3 ciphers */
        /* but no ECC ciphers */
        if (c->algorithm_mkey == SSL_kECDHr ||
                c->algorithm_mkey == SSL_kECDHe ||
index 40eae0f..bf4736d 100644 (file)
 static const SSL_METHOD *ssl23_get_method(int ver);
 static const SSL_METHOD *ssl23_get_method(int ver)
        {
-#ifndef OPENSSL_NO_SSL2
-       if (ver == SSL2_VERSION)
-               return(SSLv2_method());
-       else
-#endif
 #ifndef OPENSSL_NO_SSL3
        if (ver == SSL3_VERSION)
                return(SSLv3_method());
index 858420d..cc91cc2 100644 (file)
@@ -123,10 +123,6 @@ static const SSL_METHOD *ssl23_get_server_method(int ver);
 int ssl23_get_client_hello(SSL *s);
 static const SSL_METHOD *ssl23_get_server_method(int ver)
        {
-#ifndef OPENSSL_NO_SSL2
-       if (ver == SSL2_VERSION)
-               return(SSLv2_server_method());
-#endif
 #ifndef OPENSSL_NO_SSL3
        if (ver == SSL3_VERSION)
                return(SSLv3_server_method());
@@ -236,7 +232,6 @@ end:
        return(ret);
        }
 
-
 int ssl23_get_client_hello(SSL *s)
        {
        char buf_space[11]; /* Request this many bytes in initial read.
@@ -283,8 +278,6 @@ int ssl23_get_client_hello(SSL *s)
                                {
                                v[0]=p[3]; v[1]=p[4];
                                /* SSLv2 */
-                               if (!(s->options & SSL_OP_NO_SSLv2))
-                                       type=1;
                                }
                        else if (p[3] == SSL3_VERSION_MAJOR)
                                {
@@ -317,10 +310,6 @@ int ssl23_get_client_hello(SSL *s)
                                                /* type=2; */
                                                s->state=SSL23_ST_SR_CLNT_HELLO_B;
                                                }
-                                       else if (!(s->options & SSL_OP_NO_SSLv2))
-                                               {
-                                               type=1;
-                                               }
                                        }
                                else if (!(s->options & SSL_OP_NO_SSLv3))
                                        {
@@ -328,9 +317,6 @@ int ssl23_get_client_hello(SSL *s)
                                        /* type=2; */
                                        s->state=SSL23_ST_SR_CLNT_HELLO_B;
                                        }
-                               else if (!(s->options & SSL_OP_NO_SSLv2))
-                                       type=1;
-
                                }
                        }
                else if ((p[0] == SSL3_RT_HANDSHAKE) &&
@@ -564,54 +550,6 @@ int ssl23_get_client_hello(SSL *s)
        /* imaginary new state (for program structure): */
        /* s->state = SSL23_SR_CLNT_HELLO_C */
 
-       if (type == 1)
-               {
-#ifdef OPENSSL_NO_SSL2
-               SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
-               goto err;
-#else
-               /* we are talking sslv2 */
-               /* we need to clean up the SSLv3/TLSv1 setup and put in the
-                * sslv2 stuff. */
-
-               if (s->s2 == NULL)
-                       {
-                       if (!ssl2_new(s))
-                               goto err;
-                       }
-               else
-                       ssl2_clear(s);
-
-               if (s->s3 != NULL) ssl3_free(s);
-
-               if (!BUF_MEM_grow_clean(s->init_buf,
-                       SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
-                       {
-                       goto err;
-                       }
-
-               s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-               if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
-                       s->s2->ssl2_rollback=0;
-               else
-                       /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
-                        * (SSL 3.0 draft/RFC 2246, App. E.2) */
-                       s->s2->ssl2_rollback=1;
-
-               /* setup the n bytes we have read so we get them from
-                * the sslv2 buffer */
-               s->rstate=SSL_ST_READ_HEADER;
-               s->packet_length=n;
-               s->packet= &(s->s2->rbuf[0]);
-               memcpy(s->packet,buf,n);
-               s->s2->rbuf_left=n;
-               s->s2->rbuf_offs=0;
-
-               s->method=SSLv2_server_method();
-               s->handshake_func=s->method->ssl_accept;
-#endif
-               }
-
        if ((type == 2) || (type == 3))
                {
                /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
@@ -655,8 +593,7 @@ int ssl23_get_client_hello(SSL *s)
 #endif
                s->handshake_func=s->method->ssl_accept;
                }
-       
-       if ((type < 1) || (type > 3))
+       else
                {
                /* bad, very bad */
                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
deleted file mode 100644 (file)
index fbbd529..0000000
+++ /dev/null
@@ -1,1132 +0,0 @@
-/* ssl/s2_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <openssl/rand.h>
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-static const SSL_METHOD *ssl2_get_client_method(int ver);
-static int get_server_finished(SSL *s);
-static int get_server_verify(SSL *s);
-static int get_server_hello(SSL *s);
-static int client_hello(SSL *s); 
-static int client_master_key(SSL *s);
-static int client_finished(SSL *s);
-static int client_certificate(SSL *s);
-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
-       unsigned char *to,int padding);
-#define BREAK  break
-
-static const SSL_METHOD *ssl2_get_client_method(int ver)
-       {
-       if (ver == SSL2_VERSION)
-               return(SSLv2_client_method());
-       else
-               return(NULL);
-       }
-
-IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
-                       ssl_undefined_function,
-                       ssl2_connect,
-                       ssl2_get_client_method)
-
-int ssl2_connect(SSL *s)
-       {
-       unsigned long l=(unsigned long)time(NULL);
-       BUF_MEM *buf=NULL;
-       int ret= -1;
-       void (*cb)(const SSL *ssl,int type,int val)=NULL;
-       int new_state,state;
-
-       RAND_add(&l,sizeof(l),0);
-       ERR_clear_error();
-       clear_sys_error();
-
-       if (s->info_callback != NULL)
-               cb=s->info_callback;
-       else if (s->ctx->info_callback != NULL)
-               cb=s->ctx->info_callback;
-
-       /* init things to blank */
-       s->in_handshake++;
-       if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
-
-       for (;;)
-               {
-               state=s->state;
-
-               switch (s->state)
-                       {
-               case SSL_ST_BEFORE:
-               case SSL_ST_CONNECT:
-               case SSL_ST_BEFORE|SSL_ST_CONNECT:
-               case SSL_ST_OK|SSL_ST_CONNECT:
-
-                       s->server=0;
-                       if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
-                       s->version=SSL2_VERSION;
-                       s->type=SSL_ST_CONNECT;
-
-                       buf=s->init_buf;
-                       if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
-                               {
-                               ret= -1;
-                               goto end;
-                               }
-                       if (!BUF_MEM_grow(buf,
-                               SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
-                               {
-                               if (buf == s->init_buf)
-                                       buf=NULL;
-                               ret= -1;
-                               goto end;
-                               }
-                       s->init_buf=buf;
-                       buf=NULL;
-                       s->init_num=0;
-                       s->state=SSL2_ST_SEND_CLIENT_HELLO_A;
-                       s->ctx->stats.sess_connect++;
-                       s->handshake_func=ssl2_connect;
-                       BREAK;
-
-               case SSL2_ST_SEND_CLIENT_HELLO_A:
-               case SSL2_ST_SEND_CLIENT_HELLO_B:
-                       s->shutdown=0;
-                       ret=client_hello(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       s->state=SSL2_ST_GET_SERVER_HELLO_A;
-                       BREAK;
-               
-               case SSL2_ST_GET_SERVER_HELLO_A:
-               case SSL2_ST_GET_SERVER_HELLO_B:
-                       ret=get_server_hello(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       if (!s->hit) /* new session */
-                               {
-                               s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
-                               BREAK; 
-                               }
-                       else
-                               {
-                               s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
-                               break;
-                               }
-       
-               case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
-               case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
-                       ret=client_master_key(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
-                       break;
-
-               case SSL2_ST_CLIENT_START_ENCRYPTION:
-                       /* Ok, we now have all the stuff needed to
-                        * start encrypting, so lets fire it up :-) */
-                       if (!ssl2_enc_init(s,1))
-                               {
-                               ret= -1;
-                               goto end;
-                               }
-                       s->s2->clear_text=0;
-                       s->state=SSL2_ST_SEND_CLIENT_FINISHED_A;
-                       break;
-
-               case SSL2_ST_SEND_CLIENT_FINISHED_A:
-               case SSL2_ST_SEND_CLIENT_FINISHED_B:
-                       ret=client_finished(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       s->state=SSL2_ST_GET_SERVER_VERIFY_A;
-                       break;
-
-               case SSL2_ST_GET_SERVER_VERIFY_A:
-               case SSL2_ST_GET_SERVER_VERIFY_B:
-                       ret=get_server_verify(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       s->state=SSL2_ST_GET_SERVER_FINISHED_A;
-                       break;
-
-               case SSL2_ST_GET_SERVER_FINISHED_A:
-               case SSL2_ST_GET_SERVER_FINISHED_B:
-                       ret=get_server_finished(s);
-                       if (ret <= 0) goto end;
-                       break;
-
-               case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
-               case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
-               case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
-               case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
-               case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
-                       ret=client_certificate(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       s->state=SSL2_ST_GET_SERVER_FINISHED_A;
-                       break;
-
-               case SSL_ST_OK:
-                       if (s->init_buf != NULL)
-                               {
-                               BUF_MEM_free(s->init_buf);
-                               s->init_buf=NULL;
-                               }
-                       s->init_num=0;
-               /*      ERR_clear_error();*/
-
-                       /* If we want to cache session-ids in the client
-                        * and we successfully add the session-id to the
-                        * cache, and there is a callback, then pass it out.
-                        * 26/11/96 - eay - only add if not a re-used session.
-                        */
-
-                       ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
-                       if (s->hit) s->ctx->stats.sess_hit++;
-
-                       ret=1;
-                       /* s->server=0; */
-                       s->ctx->stats.sess_connect_good++;
-
-                       if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
-
-                       goto end;
-                       /* break; */
-               default:
-                       SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE);
-                       return(-1);
-                       /* break; */
-                       }
-
-               if ((cb != NULL) && (s->state != state))
-                       {
-                       new_state=s->state;
-                       s->state=state;
-                       cb(s,SSL_CB_CONNECT_LOOP,1);
-                       s->state=new_state;
-                       }
-               }
-end:
-       s->in_handshake--;
-       if (buf != NULL)
-               BUF_MEM_free(buf);
-       if (cb != NULL) 
-               cb(s,SSL_CB_CONNECT_EXIT,ret);
-       return(ret);
-       }
-
-static int get_server_hello(SSL *s)
-       {
-       unsigned char *buf;
-       unsigned char *p;
-       int i,j;
-       unsigned long len;
-       STACK_OF(SSL_CIPHER) *sk=NULL,*cl, *prio, *allow;
-
-       buf=(unsigned char *)s->init_buf->data;
-       p=buf;
-       if (s->state == SSL2_ST_GET_SERVER_HELLO_A)
-               {
-               i=ssl2_read(s,(char *)&(buf[s->init_num]),11-s->init_num);
-               if (i < (11-s->init_num)) 
-                       return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
-               s->init_num = 11;
-
-               if (*(p++) != SSL2_MT_SERVER_HELLO)
-                       {
-                       if (p[-1] != SSL2_MT_ERROR)
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               SSLerr(SSL_F_GET_SERVER_HELLO,
-                                       SSL_R_READ_WRONG_PACKET_TYPE);
-                               }
-                       else
-                               SSLerr(SSL_F_GET_SERVER_HELLO,
-                                       SSL_R_PEER_ERROR);
-                       return(-1);
-                       }
-#if 0
-               s->hit=(*(p++))?1:0;
-               /* Some [PPC?] compilers fail to increment p in above
-                  statement, e.g. one provided with Rhapsody 5.5, but
-                  most recent example XL C 11.1 for AIX, even without
-                  optimization flag... */
-#else
-               s->hit=(*p)?1:0; p++;
-#endif
-               s->s2->tmp.cert_type= *(p++);
-               n2s(p,i);
-               if (i < s->version) s->version=i;
-               n2s(p,i); s->s2->tmp.cert_length=i;
-               n2s(p,i); s->s2->tmp.csl=i;
-               n2s(p,i); s->s2->tmp.conn_id_length=i;
-               s->state=SSL2_ST_GET_SERVER_HELLO_B;
-               }
-
-       /* SSL2_ST_GET_SERVER_HELLO_B */
-       len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length;
-       if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-               {
-               SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_MESSAGE_TOO_LONG);
-               return -1;
-               }
-       j = (int)len - s->init_num;
-       i = ssl2_read(s,(char *)&(buf[s->init_num]),j);
-       if (i != j) return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
-       if (s->msg_callback)
-               s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */
-
-       /* things are looking good */
-
-       p = buf + 11;
-       if (s->hit)
-               {
-               if (s->s2->tmp.cert_length != 0) 
-                       {
-                       SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
-                       return(-1);
-                       }
-               if (s->s2->tmp.cert_type != 0)
-                       {
-                       if (!(s->options &
-                               SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG))
-                               {
-                               SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
-                               return(-1);
-                               }
-                       }
-               if (s->s2->tmp.csl != 0)
-                       {
-                       SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
-                       return(-1);
-                       }
-               }
-       else
-               {
-#if 0
-               /* very bad */
-               memset(s->session->session_id,0,
-                       SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
-               s->session->session_id_length=0;
-#endif
-
-               /* we need to do this in case we were trying to reuse a 
-                * client session but others are already reusing it.
-                * If this was a new 'blank' session ID, the session-id
-                * length will still be 0 */
-               if (s->session->session_id_length > 0)
-                       {
-                       if (!ssl_get_new_session(s,0))
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               return(-1);
-                               }
-                       }
-
-               if (ssl2_set_certificate(s,s->s2->tmp.cert_type,
-                       s->s2->tmp.cert_length,p) <= 0)
-                       {
-                       ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
-                       return(-1);
-                       }
-               p+=s->s2->tmp.cert_length;
-
-               if (s->s2->tmp.csl == 0)
-                       {
-                       ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-                       SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_LIST);
-                       return(-1);
-                       }
-
-               /* We have just received a list of ciphers back from the
-                * server.  We need to get the ones that match, then select
-                * the one we want the most :-). */
-
-               /* load the ciphers */
-               sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl,
-                                           &s->session->ciphers);
-               p+=s->s2->tmp.csl;
-               if (sk == NULL)
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                       SSLerr(SSL_F_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
-                       return(-1);
-                       }
-
-               (void)sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
-
-               /* get the array of ciphers we will accept */
-               cl=SSL_get_ciphers(s);
-               (void)sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp);
-
-               /*
-                * If server preference flag set, choose the first
-                * (highest priority) cipher the server sends, otherwise
-                * client preference has priority.
-                */
-               if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
-                   {
-                   prio = sk;
-                   allow = cl;
-                   }
-               else
-                   {
-                   prio = cl;
-                   allow = sk;
-                   }
-               /* In theory we could have ciphers sent back that we
-                * don't want to use but that does not matter since we
-                * will check against the list we originally sent and
-                * for performance reasons we should not bother to match
-                * the two lists up just to check. */
-               for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
-                       {
-                       if (sk_SSL_CIPHER_find(allow,
-                                            sk_SSL_CIPHER_value(prio,i)) >= 0)
-                               break;
-                       }
-
-               if (i >= sk_SSL_CIPHER_num(prio))
-                       {
-                       ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-                       SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH);
-                       return(-1);
-                       }
-               s->session->cipher=sk_SSL_CIPHER_value(prio,i);
-
-
-               if (s->session->peer != NULL) /* can't happen*/
-                       {
-                       ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                       SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-                       return(-1);
-                       }
-
-               s->session->peer = s->session->sess_cert->peer_key->x509;
-               /* peer_key->x509 has been set by ssl2_set_certificate. */
-               CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
-               }
-
-       if (s->session->sess_cert == NULL 
-      || s->session->peer != s->session->sess_cert->peer_key->x509)
-               /* can't happen */
-               {
-               ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-               return(-1);
-               }
-               
-       s->s2->conn_id_length=s->s2->tmp.conn_id_length;
-       if (s->s2->conn_id_length > sizeof s->s2->conn_id)
-               {
-               ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
-               return -1;
-               }
-       memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
-       return(1);
-       }
-
-static int client_hello(SSL *s)
-       {
-       unsigned char *buf;
-       unsigned char *p,*d;
-/*     CIPHER **cipher;*/
-       int i,n,j;
-
-       buf=(unsigned char *)s->init_buf->data;
-       if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A)
-               {
-               if ((s->session == NULL) ||
-                       (s->session->ssl_version != s->version))
-                       {
-                       if (!ssl_get_new_session(s,0))
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               return(-1);
-                               }
-                       }
-               /* else use the pre-loaded session */
-
-               p=buf;                                  /* header */
-               d=p+9;                                  /* data section */
-               *(p++)=SSL2_MT_CLIENT_HELLO;            /* type */
-               s2n(SSL2_VERSION,p);                    /* version */
-               n=j=0;
-
-               n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d,0);
-               d+=n;
-
-               if (n == 0)
-                       {
-                       SSLerr(SSL_F_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-                       return(-1);
-                       }
-
-               s2n(n,p);                       /* cipher spec num bytes */
-
-               if ((s->session->session_id_length > 0) &&
-                       (s->session->session_id_length <=
-                       SSL2_MAX_SSL_SESSION_ID_LENGTH))
-                       {
-                       i=s->session->session_id_length;
-                       s2n(i,p);               /* session id length */
-                       memcpy(d,s->session->session_id,(unsigned int)i);
-                       d+=i;
-                       }
-               else
-                       {
-                       s2n(0,p);
-                       }
-
-               s->s2->challenge_length=SSL2_CHALLENGE_LENGTH;
-               s2n(SSL2_CHALLENGE_LENGTH,p);           /* challenge length */
-               /*challenge id data*/
-               if (RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0)
-                       return -1;
-               memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH);
-               d+=SSL2_CHALLENGE_LENGTH;
-
-               s->state=SSL2_ST_SEND_CLIENT_HELLO_B;
-               s->init_num=d-buf;
-               s->init_off=0;
-               }
-       /* SSL2_ST_SEND_CLIENT_HELLO_B */
-       return(ssl2_do_write(s));
-       }
-
-static int client_master_key(SSL *s)
-       {
-       unsigned char *buf;
-       unsigned char *p,*d;
-       int clear,enc,karg,i;
-       SSL_SESSION *sess;
-       const EVP_CIPHER *c;
-       const EVP_MD *md;
-
-       buf=(unsigned char *)s->init_buf->data;
-       if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A)
-               {
-
-               if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL, 0))
-                       {
-                       ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-                       SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
-                       return(-1);
-                       }
-               sess=s->session;
-               p=buf;
-               d=p+10;
-               *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
-
-               i=ssl_put_cipher_by_char(s,sess->cipher,p);
-               p+=i;
-
-               /* make key_arg data */
-               i=EVP_CIPHER_iv_length(c);
-               sess->key_arg_length=i;
-               if (i > SSL_MAX_KEY_ARG_LENGTH)
-                       {
-                       ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                       SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-                       return -1;
-                       }
-               if (i > 0)
-                       if (RAND_pseudo_bytes(sess->key_arg,i) <= 0)
-                               return -1;
-
-               /* make a master key */
-               i=EVP_CIPHER_key_length(c);
-               sess->master_key_length=i;
-               if (i > 0)
-                       {
-                       if (i > (int)sizeof(sess->master_key))
-                               {
-                               ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                               SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-                               return -1;
-                               }
-                       if (RAND_bytes(sess->master_key,i) <= 0)
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               return(-1);
-                               }
-                       }
-
-               if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
-                       enc=8;
-               else if (SSL_C_IS_EXPORT(sess->cipher))
-                       enc=5;
-               else
-                       enc=i;
-
-               if ((int)i < enc)
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                       SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR);
-                       return(-1);
-                       }
-               clear=i-enc;
-               s2n(clear,p);
-               memcpy(d,sess->master_key,(unsigned int)clear);
-               d+=clear;
-
-               enc=ssl_rsa_public_encrypt(sess->sess_cert,enc,
-                       &(sess->master_key[clear]),d,
-                       (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
-               if (enc <= 0)
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                       SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
-                       return(-1);
-                       }
-#ifdef PKCS1_CHECK
-               if (s->options & SSL_OP_PKCS1_CHECK_1) d[1]++;
-               if (s->options & SSL_OP_PKCS1_CHECK_2)
-                       sess->master_key[clear]++;
-#endif
-               s2n(enc,p);
-               d+=enc;
-               karg=sess->key_arg_length;      
-               s2n(karg,p); /* key arg size */
-               if (karg > (int)sizeof(sess->key_arg))
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                       SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-                       return -1;
-                       }
-               memcpy(d,sess->key_arg,(unsigned int)karg);
-               d+=karg;
-
-               s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
-               s->init_num=d-buf;
-               s->init_off=0;
-               }
-
-       /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
-       return(ssl2_do_write(s));
-       }
-
-static int client_finished(SSL *s)
-       {
-       unsigned char *p;
-
-       if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A)
-               {
-               p=(unsigned char *)s->init_buf->data;
-               *(p++)=SSL2_MT_CLIENT_FINISHED;
-               if (s->s2->conn_id_length > sizeof s->s2->conn_id)
-                       {
-                       SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
-                       return -1;
-                       }
-               memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
-
-               s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
-               s->init_num=s->s2->conn_id_length+1;
-               s->init_off=0;
-               }
-       return(ssl2_do_write(s));
-       }
-
-/* read the data and then respond */
-static int client_certificate(SSL *s)
-       {
-       unsigned char *buf;
-       unsigned char *p,*d;
-       int i;
-       unsigned int n;
-       int cert_ch_len;
-       unsigned char *cert_ch;
-
-       buf=(unsigned char *)s->init_buf->data;
-
-       /* We have a cert associated with the SSL, so attach it to
-        * the session if it does not have one */
-
-       if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A)
-               {
-               i=ssl2_read(s,(char *)&(buf[s->init_num]),
-                       SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num);
-               if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num))
-                       return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
-               s->init_num += i;
-               if (s->msg_callback)
-                       s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */
-
-               /* type=buf[0]; */
-               /* type eq x509 */
-               if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION)
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
-                       SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_AUTHENTICATION_TYPE);
-                       return(-1);
-                       }
-
-               if ((s->cert == NULL) ||
-                       (s->cert->key->x509 == NULL) ||
-                       (s->cert->key->privatekey == NULL))
-                       {
-                       s->state=SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
-                       }
-               else
-                       s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
-               }
-
-       cert_ch = buf + 2;
-       cert_ch_len = s->init_num - 2;
-
-       if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE)
-               {
-               X509 *x509=NULL;
-               EVP_PKEY *pkey=NULL;
-
-               /* If we get an error we need to
-                * ssl->rwstate=SSL_X509_LOOKUP;
-                * return(error);
-                * We should then be retried when things are ok and we
-                * can get a cert or not */
-
-               i=0;
-               if (s->ctx->client_cert_cb != NULL)
-                       {
-                       i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
-                       }
-
-               if (i < 0)
-                       {
-                       s->rwstate=SSL_X509_LOOKUP;
-                       return(-1);
-                       }
-               s->rwstate=SSL_NOTHING;
-
-               if ((i == 1) && (pkey != NULL) && (x509 != NULL))
-                       {
-                       s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
-                       if (    !SSL_use_certificate(s,x509) || 
-                               !SSL_use_PrivateKey(s,pkey))
-                               {
-                               i=0;
-                               }
-                       X509_free(x509);
-                       EVP_PKEY_free(pkey);
-                       }
-               else if (i == 1)
-                       {
-                       if (x509 != NULL) X509_free(x509);
-                       if (pkey != NULL) EVP_PKEY_free(pkey);
-                       SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
-                       i=0;
-                       }
-
-               if (i == 0)
-                       {
-                       /* We have no client certificate to respond with
-                        * so send the correct error message back */
-                       s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
-                       p=buf;
-                       *(p++)=SSL2_MT_ERROR;
-                       s2n(SSL2_PE_NO_CERTIFICATE,p);
-                       s->init_off=0;
-                       s->init_num=3;
-                       /* Write is done at the end */
-                       }
-               }
-
-       if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B)
-               {
-               return(ssl2_do_write(s));
-               }
-
-       if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C)
-               {
-               EVP_MD_CTX ctx;
-
-               /* ok, now we calculate the checksum
-                * do it first so we can reuse buf :-) */
-               p=buf;
-               EVP_MD_CTX_init(&ctx);
-               EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL);
-               EVP_SignUpdate(&ctx,s->s2->key_material,
-                              s->s2->key_material_length);
-               EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
-               i=i2d_X509(s->session->sess_cert->peer_key->x509,&p);
-               /* Don't update the signature if it fails - FIXME: probably should handle this better */
-               if(i > 0)
-                       EVP_SignUpdate(&ctx,buf,(unsigned int)i);
-
-               p=buf;
-               d=p+6;
-               *(p++)=SSL2_MT_CLIENT_CERTIFICATE;
-               *(p++)=SSL2_CT_X509_CERTIFICATE;
-               n=i2d_X509(s->cert->key->x509,&d);
-               s2n(n,p);
-
-               if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey))
-                       {
-                       /* this is not good.  If things have failed it
-                        * means there so something wrong with the key.
-                        * We will continue with a 0 length signature
-                        */
-                       }
-               EVP_MD_CTX_cleanup(&ctx);
-               s2n(n,p);
-               d+=n;
-
-               s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
-               s->init_num=d-buf;
-               s->init_off=0;
-               }
-       /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
-       return(ssl2_do_write(s));
-       }
-
-static int get_server_verify(SSL *s)
-       {
-       unsigned char *p;
-       int i, n, len;
-
-       p=(unsigned char *)s->init_buf->data;
-       if (s->state == SSL2_ST_GET_SERVER_VERIFY_A)
-               {
-               i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
-               if (i < (1-s->init_num)) 
-                       return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
-               s->init_num += i;
-
-               s->state= SSL2_ST_GET_SERVER_VERIFY_B;
-               if (*p != SSL2_MT_SERVER_VERIFY)
-                       {
-                       if (p[0] != SSL2_MT_ERROR)
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               SSLerr(SSL_F_GET_SERVER_VERIFY,
-                                       SSL_R_READ_WRONG_PACKET_TYPE);
-                               }
-                       else
-                               {
-                               SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_PEER_ERROR);
-                               /* try to read the error message */
-                               i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
-                               return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
-                               }
-                       return(-1);
-                       }
-               }
-       
-       p=(unsigned char *)s->init_buf->data;
-       len = 1 + s->s2->challenge_length;
-       n =  len - s->init_num;
-       i = ssl2_read(s,(char *)&(p[s->init_num]),n);
-       if (i < n)
-               return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
-       if (s->msg_callback)
-               s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
-       p += 1;
-
-       if (CRYPTO_memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
-               return(-1);
-               }
-       return(1);
-       }
-
-static int get_server_finished(SSL *s)
-       {
-       unsigned char *buf;
-       unsigned char *p;
-       int i, n, len;
-
-       buf=(unsigned char *)s->init_buf->data;
-       p=buf;
-       if (s->state == SSL2_ST_GET_SERVER_FINISHED_A)
-               {
-               i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num);
-               if (i < (1-s->init_num))
-                       return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
-               s->init_num += i;
-
-               if (*p == SSL2_MT_REQUEST_CERTIFICATE)
-                       {
-                       s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
-                       return(1);
-                       }
-               else if (*p != SSL2_MT_SERVER_FINISHED)
-                       {
-                       if (p[0] != SSL2_MT_ERROR)
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
-                               }
-                       else
-                               {
-                               SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR);
-                               /* try to read the error message */
-                               i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
-                               return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
-                               }
-                       return(-1);
-                       }
-               s->state=SSL2_ST_GET_SERVER_FINISHED_B;
-               }
-
-       len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
-       n = len - s->init_num;
-       i = ssl2_read(s,(char *)&(buf[s->init_num]), n);
-       if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */
-               return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
-       s->init_num += i;
-       if (s->msg_callback)
-               s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */
-
-       if (!s->hit) /* new session */
-               {
-               /* new session-id */
-               /* Make sure we were not trying to re-use an old SSL_SESSION
-                * or bad things can happen */
-               /* ZZZZZZZZZZZZZ */
-               s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
-               memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH);
-               }
-       else
-               {
-               if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
-                       {
-                       if ((s->session->session_id_length > sizeof s->session->session_id)
-                           || (0 != memcmp(buf + 1, s->session->session_id,
-                                           (unsigned int)s->session->session_id_length)))
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
-                               return(-1);
-                               }
-                       }
-               }
-       s->state = SSL_ST_OK;
-       return(1);
-       }
-
-/* loads in the certificate from the server */
-int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
-       {
-       STACK_OF(X509) *sk=NULL;
-       EVP_PKEY *pkey=NULL;
-       SESS_CERT *sc=NULL;
-       int i;
-       X509 *x509=NULL;
-       int ret=0;
-       
-       x509=d2i_X509(NULL,&data,(long)len);
-       if (x509 == NULL)
-               {
-               SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_X509_LIB);
-               goto err;
-               }
-
-       if ((sk=sk_X509_new_null()) == NULL || !sk_X509_push(sk,x509))
-               {
-               SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-               goto err;
-               }
-
-       i=ssl_verify_cert_chain(s,sk);
-               
-       if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0))
-               {
-               SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
-               goto err;
-               }
-       ERR_clear_error(); /* but we keep s->verify_result */
-       s->session->verify_result = s->verify_result;
-
-       if (i > 1)
-               {
-               SSLerr(SSL_F_SSL2_SET_CERTIFICATE, i);
-               goto err;
-               }
-
-       /* server's cert for this session */
-       sc=ssl_sess_cert_new();
-       if (sc == NULL)
-               {
-               ret= -1;
-               goto err;
-               }
-       if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert);
-       s->session->sess_cert=sc;
-
-       sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509=x509;
-       sc->peer_key= &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
-
-       pkey=X509_get_pubkey(x509);
-       x509=NULL;
-       if (pkey == NULL)
-               {
-               SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
-               goto err;
-               }
-       if (pkey->type != EVP_PKEY_RSA)
-               {
-               SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_PUBLIC_KEY_NOT_RSA);
-               goto err;
-               }
-
-       if (!ssl_set_peer_cert_type(sc,SSL2_CT_X509_CERTIFICATE))
-               goto err;
-       ret=1;
-err:
-       sk_X509_free(sk);
-       X509_free(x509);
-       EVP_PKEY_free(pkey);
-       return(ret);
-       }
-
-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
-            unsigned char *to, int padding)
-       {
-       EVP_PKEY *pkey=NULL;
-       int i= -1;
-
-       if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
-               ((pkey=X509_get_pubkey(sc->peer_key->x509)) == NULL))
-               {
-               SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY);
-               return(-1);
-               }
-       if (pkey->type != EVP_PKEY_RSA)
-               {
-               SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
-               goto end;
-               }
-
-       /* we have the public key */
-       i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding);
-       if (i < 0)
-               SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB);
-end:
-       EVP_PKEY_free(pkey);
-       return(i);
-       }
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
deleted file mode 100644 (file)
index 329006a..0000000
+++ /dev/null
@@ -1,197 +0,0 @@
-/* ssl/s2_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-
-int ssl2_enc_init(SSL *s, int client)
-       {
-       /* Max number of bytes needed */
-       EVP_CIPHER_CTX *rs,*ws;
-       const EVP_CIPHER *c;
-       const EVP_MD *md;
-       int num;
-
-       if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL, 0))
-               {
-               ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-               SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
-               return(0);
-               }
-       ssl_replace_hash(&s->read_hash,md);
-       ssl_replace_hash(&s->write_hash,md);
-
-       if ((s->enc_read_ctx == NULL) &&
-               ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
-               OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
-               goto err;
-
-       /* make sure it's intialized in case the malloc for enc_write_ctx fails
-        * and we exit with an error */
-       rs= s->enc_read_ctx;
-       EVP_CIPHER_CTX_init(rs);
-
-       if ((s->enc_write_ctx == NULL) &&
-               ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
-               OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
-               goto err;
-
-       ws= s->enc_write_ctx;
-       EVP_CIPHER_CTX_init(ws);
-
-       num=c->key_len;
-       s->s2->key_material_length=num*2;
-       OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
-
-       if (ssl2_generate_key_material(s) <= 0)
-               return 0;
-
-       OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
-       EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),
-               s->session->key_arg);
-       EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]),
-               s->session->key_arg);
-       s->s2->read_key=  &(s->s2->key_material[(client)?0:num]);
-       s->s2->write_key= &(s->s2->key_material[(client)?num:0]);
-       return(1);
-err:
-       SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE);
-       return(0);
-       }
-
-/* read/writes from s->s2->mac_data using length for encrypt and 
- * decrypt.  It sets s->s2->padding and s->[rw]length
- * if we are encrypting
- * Returns 0 on error and 1 on success */
-int ssl2_enc(SSL *s, int send)
-       {
-       EVP_CIPHER_CTX *ds;
-       unsigned long l;
-       int bs;
-
-       if (send)
-               {
-               ds=s->enc_write_ctx;
-               l=s->s2->wlength;
-               }
-       else
-               {
-               ds=s->enc_read_ctx;
-               l=s->s2->rlength;
-               }
-
-       /* check for NULL cipher */
-       if (ds == NULL) return 1;
-
-
-       bs=ds->cipher->block_size;
-       /* This should be using (bs-1) and bs instead of 7 and 8, but
-        * what the hell. */
-       if (bs == 8)
-               l=(l+7)/8*8;
-
-       if(EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l) < 1)
-               return 0;
-
-       return 1;
-       }
-
-void ssl2_mac(SSL *s, unsigned char *md, int send)
-       {
-       EVP_MD_CTX c;
-       unsigned char sequence[4],*p,*sec,*act;
-       unsigned long seq;
-       unsigned int len;
-
-       if (send)
-               {
-               seq=s->s2->write_sequence;
-               sec=s->s2->write_key;
-               len=s->s2->wact_data_length;
-               act=s->s2->wact_data;
-               }
-       else
-               {
-               seq=s->s2->read_sequence;
-               sec=s->s2->read_key;
-               len=s->s2->ract_data_length;
-               act=s->s2->ract_data;
-               }
-
-       p= &(sequence[0]);
-       l2n(seq,p);
-
-       /* There has to be a MAC algorithm. */
-       EVP_MD_CTX_init(&c);
-       EVP_MD_CTX_copy(&c, s->read_hash);
-       EVP_DigestUpdate(&c,sec,
-               EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
-       EVP_DigestUpdate(&c,act,len); 
-       /* the above line also does the pad data */
-       EVP_DigestUpdate(&c,sequence,4); 
-       EVP_DigestFinal_ex(&c,md,NULL);
-       EVP_MD_CTX_cleanup(&c);
-       }
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
deleted file mode 100644 (file)
index 41818dc..0000000
+++ /dev/null
@@ -1,555 +0,0 @@
-/* ssl/s2_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-
-const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT;
-
-#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
-
-/* list of available SSLv2 ciphers (sorted by id) */
-OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={
-#if 0
-/* NULL_WITH_MD5 v3 */
-       {
-       1,
-       SSL2_TXT_NULL_WITH_MD5,
-       SSL2_CK_NULL_WITH_MD5,
-       SSL_kRSA,
-       SSL_aRSA,
-       SSL_eNULL,
-       SSL_MD5,
-       SSL_SSLV2,
-       SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
-       0,
-       0,
-       0,
-       },
-#endif
-
-/* RC4_128_WITH_MD5 */
-       {
-       1,
-       SSL2_TXT_RC4_128_WITH_MD5,
-       SSL2_CK_RC4_128_WITH_MD5,
-       SSL_kRSA,
-       SSL_aRSA,
-       SSL_RC4,
-       SSL_MD5,
-       SSL_SSLV2,
-       SSL_NOT_EXP|SSL_MEDIUM,
-       0,
-       128,
-       128,
-       },
-
-/* RC4_128_EXPORT40_WITH_MD5 */
-       {
-       1,
-       SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
-       SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
-       SSL_kRSA,
-       SSL_aRSA,
-       SSL_RC4,
-       SSL_MD5,
-       SSL_SSLV2,
-       SSL_EXPORT|SSL_EXP40,
-       SSL2_CF_5_BYTE_ENC,
-       40,
-       128,
-       },
-
-/* RC2_128_CBC_WITH_MD5 */
-       {
-       1,
-       SSL2_TXT_RC2_128_CBC_WITH_MD5,
-       SSL2_CK_RC2_128_CBC_WITH_MD5,
-       SSL_kRSA,
-       SSL_aRSA,
-       SSL_RC2,
-       SSL_MD5,
-       SSL_SSLV2,
-       SSL_NOT_EXP|SSL_MEDIUM,
-       0,
-       128,
-       128,
-       },
-
-/* RC2_128_CBC_EXPORT40_WITH_MD5 */
-       {
-       1,
-       SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
-       SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
-       SSL_kRSA,
-       SSL_aRSA,
-       SSL_RC2,
-       SSL_MD5,
-       SSL_SSLV2,
-       SSL_EXPORT|SSL_EXP40,
-       SSL2_CF_5_BYTE_ENC,
-       40,
-       128,
-       },
-
-#ifndef OPENSSL_NO_IDEA
-/* IDEA_128_CBC_WITH_MD5 */
-       {
-       1,
-       SSL2_TXT_IDEA_128_CBC_WITH_MD5,
-       SSL2_CK_IDEA_128_CBC_WITH_MD5,
-       SSL_kRSA,
-       SSL_aRSA,
-       SSL_IDEA,
-       SSL_MD5,
-       SSL_SSLV2,
-       SSL_NOT_EXP|SSL_MEDIUM,
-       0,
-       128,
-       128,
-       },
-#endif
-
-/* DES_64_CBC_WITH_MD5 */
-       {
-       1,
-       SSL2_TXT_DES_64_CBC_WITH_MD5,
-       SSL2_CK_DES_64_CBC_WITH_MD5,
-       SSL_kRSA,
-       SSL_aRSA,
-       SSL_DES,
-       SSL_MD5,
-       SSL_SSLV2,
-       SSL_NOT_EXP|SSL_LOW,
-       0,
-       56,
-       56,
-       },
-
-/* DES_192_EDE3_CBC_WITH_MD5 */
-       {
-       1,
-       SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
-       SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
-       SSL_kRSA,
-       SSL_aRSA,
-       SSL_3DES,
-       SSL_MD5,
-       SSL_SSLV2,
-       SSL_NOT_EXP|SSL_HIGH,
-       0,
-       112,
-       168,
-       },
-
-#if 0
-/* RC4_64_WITH_MD5 */
-       {
-       1,
-       SSL2_TXT_RC4_64_WITH_MD5,
-       SSL2_CK_RC4_64_WITH_MD5,
-       SSL_kRSA,
-       SSL_aRSA,
-       SSL_RC4,
-       SSL_MD5,
-       SSL_SSLV2,
-       SSL_NOT_EXP|SSL_LOW,
-       SSL2_CF_8_BYTE_ENC,
-       64,
-       64,
-       },
-#endif
-
-#if 0
-/* NULL SSLeay (testing) */
-       {       
-       0,
-       SSL2_TXT_NULL,
-       SSL2_CK_NULL,
-       0,
-       0,
-       0,
-       0,
-       SSL_SSLV2,
-       SSL_STRONG_NONE,
-       0,
-       0,
-       0,
-       },
-#endif
-
-/* end of list :-) */
-       };
-
-long ssl2_default_timeout(void)
-       {
-       return(300);
-       }
-
-int ssl2_num_ciphers(void)
-       {
-       return(SSL2_NUM_CIPHERS);
-       }
-
-const SSL_CIPHER *ssl2_get_cipher(unsigned int u)
-       {
-       if (u < SSL2_NUM_CIPHERS)
-               return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u]));
-       else
-               return(NULL);
-       }
-
-int ssl2_pending(const SSL *s)
-       {
-       return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
-       }
-
-int ssl2_new(SSL *s)
-       {
-       SSL2_STATE *s2;
-
-       if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err;
-       memset(s2,0,sizeof *s2);
-
-#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
-#  error "assertion failed"
-#endif
-
-       if ((s2->rbuf=OPENSSL_malloc(
-               SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
-       /* wbuf needs one byte more because when using two-byte headers,
-        * we leave the first byte unused in do_ssl_write (s2_pkt.c) */
-       if ((s2->wbuf=OPENSSL_malloc(
-               SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err;
-       s->s2=s2;
-
-       ssl2_clear(s);
-       return(1);
-err:
-       if (s2 != NULL)
-               {
-               if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
-               if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
-               OPENSSL_free(s2);
-               }
-       return(0);
-       }
-
-void ssl2_free(SSL *s)
-       {
-       SSL2_STATE *s2;
-
-       if(s == NULL)
-           return;
-
-       s2=s->s2;
-       if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
-       if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
-       OPENSSL_cleanse(s2,sizeof *s2);
-       OPENSSL_free(s2);
-       s->s2=NULL;
-       }
-
-void ssl2_clear(SSL *s)
-       {
-       SSL2_STATE *s2;
-       unsigned char *rbuf,*wbuf;
-
-       s2=s->s2;
-
-       rbuf=s2->rbuf;
-       wbuf=s2->wbuf;
-
-       memset(s2,0,sizeof *s2);
-
-       s2->rbuf=rbuf;
-       s2->wbuf=wbuf;
-       s2->clear_text=1;
-       s->packet=s2->rbuf;
-       s->version=SSL2_VERSION;
-       s->packet_length=0;
-       }
-
-long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
-       {
-       int ret=0;
-
-       switch(cmd)
-               {
-       case SSL_CTRL_GET_SESSION_REUSED:
-               ret=s->hit;
-               break;
-       case SSL_CTRL_CHECK_PROTO_VERSION:
-               return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg);
-       default:
-               break;
-               }
-       return(ret);
-       }
-
-long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
-       {
-       return(0);
-       }
-
-long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-       {
-       return(0);
-       }
-
-long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
-       {
-       return(0);
-       }
-
-/* This function needs to check if the ciphers required are actually
- * available */
-const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
-       {
-       SSL_CIPHER c;
-       const SSL_CIPHER *cp;
-       unsigned long id;
-
-       id=0x02000000L|((unsigned long)p[0]<<16L)|
-               ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
-       c.id=id;
-       cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
-       return cp;
-       }
-
-int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-       {
-       long l;
-
-       if (p != NULL)
-               {
-               l=c->id;
-               if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV) return(0);
-               p[0]=((unsigned char)(l>>16L))&0xFF;
-               p[1]=((unsigned char)(l>> 8L))&0xFF;
-               p[2]=((unsigned char)(l     ))&0xFF;
-               }
-       return(3);
-       }
-
-int ssl2_generate_key_material(SSL *s)
-       {
-       unsigned int i;
-       EVP_MD_CTX ctx;
-       unsigned char *km;
-       unsigned char c='0';
-       const EVP_MD *md5;
-       int md_size;
-
-       md5 = EVP_md5();
-
-#ifdef CHARSET_EBCDIC
-       c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0',
-                               see SSLv2 docu */
-#endif
-       EVP_MD_CTX_init(&ctx);
-       km=s->s2->key_material;
-
-       if (s->session->master_key_length < 0 ||
-                       s->session->master_key_length > (int)sizeof(s->session->master_key))
-               {
-               SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
-               return 0;
-               }
-       md_size = EVP_MD_size(md5);
-       if (md_size < 0)
-           return 0;
-       for (i=0; i<s->s2->key_material_length; i += md_size)
-               {
-               if (((km - s->s2->key_material) + md_size) >
-                               (int)sizeof(s->s2->key_material))
-                       {
-                       /* EVP_DigestFinal_ex() below would write beyond buffer */
-                       SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
-                       return 0;
-                       }
-
-               EVP_DigestInit_ex(&ctx, md5, NULL);
-
-               OPENSSL_assert(s->session->master_key_length >= 0
-                   && s->session->master_key_length
-                   < (int)sizeof(s->session->master_key));
-               EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
-               EVP_DigestUpdate(&ctx,&c,1);
-               c++;
-               EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length);
-               EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length);
-               EVP_DigestFinal_ex(&ctx,km,NULL);
-               km += md_size;
-               }
-
-       EVP_MD_CTX_cleanup(&ctx);
-       return 1;
-       }
-
-void ssl2_return_error(SSL *s, int err)
-       {
-       if (!s->error)
-               {
-               s->error=3;
-               s->error_code=err;
-
-               ssl2_write_error(s);
-               }
-       }
-
-
-void ssl2_write_error(SSL *s)
-       {
-       unsigned char buf[3];
-       int i,error;
-
-       buf[0]=SSL2_MT_ERROR;
-       buf[1]=(s->error_code>>8)&0xff;
-       buf[2]=(s->error_code)&0xff;
-
-/*     state=s->rwstate;*/
-
-       error=s->error; /* number of bytes left to write */
-       s->error=0;
-       OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
-       i=ssl2_write(s,&(buf[3-error]),error);
-
-/*     if (i == error) s->rwstate=state; */
-
-       if (i < 0)
-               s->error=error;
-       else
-               {
-               s->error=error-i;
-
-               if (s->error == 0)
-                       if (s->msg_callback)
-                               s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */
-               }
-       }
-
-int ssl2_shutdown(SSL *s)
-       {
-       s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-       return(1);
-       }
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/ssl/s2_meth.c b/ssl/s2_meth.c
deleted file mode 100644 (file)
index f0e8ca5..0000000
+++ /dev/null
@@ -1,84 +0,0 @@
-/* ssl/s2_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <openssl/objects.h>
-
-static const SSL_METHOD *ssl2_get_method(int ver);
-static const SSL_METHOD *ssl2_get_method(int ver)
-       {
-       if (ver == SSL2_VERSION)
-               return(SSLv2_method());
-       else
-               return(NULL);
-       }
-
-IMPLEMENT_ssl2_meth_func(SSLv2_method,
-                        ssl2_accept,
-                        ssl2_connect,
-                        ssl2_get_method)
-
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
deleted file mode 100644 (file)
index acd61dc..0000000
+++ /dev/null
@@ -1,748 +0,0 @@
-/* ssl/s2_pkt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-
-static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
-static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
-static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
-static int ssl_mt_error(int n);
-
-
-/* SSL 2.0 imlementation for SSL_read/SSL_peek -
- * This routine will return 0 to len bytes, decrypted etc if required.
- */
-static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
-       {
-       int n;
-       unsigned char mac[MAX_MAC_SIZE];
-       unsigned char *p;
-       int i;
-       int mac_size;
-
- ssl2_read_again:
-       if (SSL_in_init(s) && !s->in_handshake)
-               {
-               n=s->handshake_func(s);
-               if (n < 0) return(n);
-               if (n == 0)
-                       {
-                       SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAILURE);
-                       return(-1);
-                       }
-               }
-
-       clear_sys_error();
-       s->rwstate=SSL_NOTHING;
-       if (len <= 0) return(len);
-
-       if (s->s2->ract_data_length != 0) /* read from buffer */
-               {
-               if (len > s->s2->ract_data_length)
-                       n=s->s2->ract_data_length;
-               else
-                       n=len;
-
-               memcpy(buf,s->s2->ract_data,(unsigned int)n);
-               if (!peek)
-                       {
-                       s->s2->ract_data_length-=n;
-                       s->s2->ract_data+=n;
-                       if (s->s2->ract_data_length == 0)
-                               s->rstate=SSL_ST_READ_HEADER;
-                       }
-
-               return(n);
-               }
-
-       /* s->s2->ract_data_length == 0
-        * 
-        * Fill the buffer, then goto ssl2_read_again.
-        */
-
-       if (s->rstate == SSL_ST_READ_HEADER)
-               {
-               if (s->first_packet)
-                       {
-                       n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
-                       if (n <= 0) return(n); /* error or non-blocking */
-                       s->first_packet=0;
-                       p=s->packet;
-                       if (!((p[0] & 0x80) && (
-                               (p[2] == SSL2_MT_CLIENT_HELLO) ||
-                               (p[2] == SSL2_MT_SERVER_HELLO))))
-                               {
-                               SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_NON_SSLV2_INITIAL_PACKET);
-                               return(-1);
-                               }
-                       }
-               else
-                       {
-                       n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
-                       if (n <= 0) return(n); /* error or non-blocking */
-                       }
-               /* part read stuff */
-
-               s->rstate=SSL_ST_READ_BODY;
-               p=s->packet;
-               /* Do header */
-               /*s->s2->padding=0;*/
-               s->s2->escape=0;
-               s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]);
-               if ((p[0] & TWO_BYTE_BIT))              /* Two byte header? */
-                       {
-                       s->s2->three_byte_header=0;
-                       s->s2->rlength&=TWO_BYTE_MASK;  
-                       }
-               else
-                       {
-                       s->s2->three_byte_header=1;
-                       s->s2->rlength&=THREE_BYTE_MASK;
-
-                       /* security >s2->escape */
-                       s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0;
-                       }
-               }
-
-       if (s->rstate == SSL_ST_READ_BODY)
-               {
-               n=s->s2->rlength+2+s->s2->three_byte_header;
-               if (n > (int)s->packet_length)
-                       {
-                       n-=s->packet_length;
-                       i=read_n(s,(unsigned int)n,(unsigned int)n,1);
-                       if (i <= 0) return(i); /* ERROR */
-                       }
-
-               p= &(s->packet[2]);
-               s->rstate=SSL_ST_READ_HEADER;
-               if (s->s2->three_byte_header)
-                       s->s2->padding= *(p++);
-               else    s->s2->padding=0;
-
-               /* Data portion */
-               if (s->s2->clear_text)
-                       {
-                       mac_size = 0;
-                       s->s2->mac_data=p;
-                       s->s2->ract_data=p;
-                       if (s->s2->padding)
-                               {
-                               SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING);
-                               return(-1);
-                               }
-                       }
-               else
-                       {
-                       mac_size=EVP_MD_CTX_size(s->read_hash);
-                       if (mac_size < 0)
-                               return -1;
-                       OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
-                       s->s2->mac_data=p;
-                       s->s2->ract_data= &p[mac_size];
-                       if (s->s2->padding + mac_size > s->s2->rlength)
-                               {
-                               SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING);
-                               return(-1);
-                               }
-                       }
-
-               s->s2->ract_data_length=s->s2->rlength;
-               /* added a check for length > max_size in case
-                * encryption was not turned on yet due to an error */
-               if ((!s->s2->clear_text) &&
-                       (s->s2->rlength >= (unsigned int)mac_size))
-                       {
-                       if(!ssl2_enc(s,0))
-                               {
-                               SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_DECRYPTION_FAILED);
-                               return(-1);
-                               }
-                       s->s2->ract_data_length-=mac_size;
-                       ssl2_mac(s,mac,0);
-                       s->s2->ract_data_length-=s->s2->padding;
-                       if (    (CRYPTO_memcmp(mac,s->s2->mac_data,mac_size) != 0) ||
-                               (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0))
-                               {
-                               SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE);
-                               return(-1);
-                               }
-                       }
-               INC32(s->s2->read_sequence); /* expect next number */
-               /* s->s2->ract_data is now available for processing */
-
-               /* Possibly the packet that we just read had 0 actual data bytes.
-                * (SSLeay/OpenSSL itself never sends such packets; see ssl2_write.)
-                * In this case, returning 0 would be interpreted by the caller
-                * as indicating EOF, so it's not a good idea.  Instead, we just
-                * continue reading; thus ssl2_read_internal may have to process
-                * multiple packets before it can return.
-                *
-                * [Note that using select() for blocking sockets *never* guarantees
-                * that the next SSL_read will not block -- the available
-                * data may contain incomplete packets, and except for SSL 2,
-                * renegotiation can confuse things even more.] */
-
-               goto ssl2_read_again; /* This should really be
-                                      * "return ssl2_read(s,buf,len)",
-                                      * but that would allow for
-                                      * denial-of-service attacks if a
-                                      * C compiler is used that does not
-                                      * recognize end-recursion. */
-               }
-       else
-               {
-               SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_STATE);
-                       return(-1);
-               }
-       }
-
-int ssl2_read(SSL *s, void *buf, int len)
-       {
-       return ssl2_read_internal(s, buf, len, 0);
-       }
-
-int ssl2_peek(SSL *s, void *buf, int len)
-       {
-       return ssl2_read_internal(s, buf, len, 1);
-       }
-
-static int read_n(SSL *s, unsigned int n, unsigned int max,
-            unsigned int extend)
-       {
-       int i,off,newb;
-
-       /* if there is stuff still in the buffer from a previous read,
-        * and there is more than we want, take some. */
-       if (s->s2->rbuf_left >= (int)n)
-               {
-               if (extend)
-                       s->packet_length+=n;
-               else
-                       {
-                       s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]);
-                       s->packet_length=n;
-                       }
-               s->s2->rbuf_left-=n;
-               s->s2->rbuf_offs+=n;
-               return(n);
-               }
-
-       if (!s->read_ahead) max=n;
-       if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2))
-               max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2;
-       
-
-       /* Else we want more than we have.
-        * First, if there is some left or we want to extend */
-       off=0;
-       if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend))
-               {
-               newb=s->s2->rbuf_left;
-               if (extend)
-                       {
-                       off=s->packet_length;
-                       if (s->packet != s->s2->rbuf)
-                               memcpy(s->s2->rbuf,s->packet,
-                                       (unsigned int)newb+off);
-                       }
-               else if (s->s2->rbuf_offs != 0)
-                       {
-                       memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]),
-                               (unsigned int)newb);
-                       s->s2->rbuf_offs=0;
-                       }
-               s->s2->rbuf_left=0;
-               }
-       else
-               newb=0;
-
-       /* off is the offset to start writing too.
-        * r->s2->rbuf_offs is the 'unread data', now 0. 
-        * newb is the number of new bytes so far
-        */
-       s->packet=s->s2->rbuf;
-       while (newb < (int)n)
-               {
-               clear_sys_error();
-               if (s->rbio != NULL)
-                       {
-                       s->rwstate=SSL_READING;
-                       i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]),
-                               max-newb);
-                       }
-               else
-                       {
-                       SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET);
-                       i= -1;
-                       }
-#ifdef PKT_DEBUG
-               if (s->debug & 0x01) sleep(1);
-#endif
-               if (i <= 0)
-                       {
-                       s->s2->rbuf_left+=newb;
-                       return(i);
-                       }
-               newb+=i;
-               }
-
-       /* record unread data */
-       if (newb > (int)n)
-               {
-               s->s2->rbuf_offs=n+off;
-               s->s2->rbuf_left=newb-n;
-               }
-       else
-               {
-               s->s2->rbuf_offs=0;
-               s->s2->rbuf_left=0;
-               }
-       if (extend)
-               s->packet_length+=n;
-       else
-               s->packet_length=n;
-       s->rwstate=SSL_NOTHING;
-       return(n);
-       }
-
-int ssl2_write(SSL *s, const void *_buf, int len)
-       {
-       const unsigned char *buf=_buf;
-       unsigned int n,tot;
-       int i;
-
-       if (SSL_in_init(s) && !s->in_handshake)
-               {
-               i=s->handshake_func(s);
-               if (i < 0) return(i);
-               if (i == 0)
-                       {
-                       SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
-                       return(-1);
-                       }
-               }
-
-       if (s->error)
-               {
-               ssl2_write_error(s);
-               if (s->error)
-                       return(-1);
-               }
-
-       clear_sys_error();
-       s->rwstate=SSL_NOTHING;
-       if (len <= 0) return(len);
-
-       tot=s->s2->wnum;
-       s->s2->wnum=0;
-
-       n=(len-tot);
-       for (;;)
-               {
-               i=n_do_ssl_write(s,&(buf[tot]),n);
-               if (i <= 0)
-                       {
-                       s->s2->wnum=tot;
-                       return(i);
-                       }
-               if ((i == (int)n) ||
-                       (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))
-                       {
-                       return(tot+i);
-                       }
-               
-               n-=i;
-               tot+=i;
-               }
-       }
-
-static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
-       {
-       int i;
-
-       /* s->s2->wpend_len != 0 MUST be true. */
-
-       /* check that they have given us the same buffer to
-        * write */
-       if ((s->s2->wpend_tot > (int)len) ||
-               ((s->s2->wpend_buf != buf) &&
-                !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)))
-               {
-               SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
-               return(-1);
-               }
-
-       for (;;)
-               {
-               clear_sys_error();
-               if (s->wbio != NULL)
-                       {
-                       s->rwstate=SSL_WRITING;
-                       i=BIO_write(s->wbio,
-                               (char *)&(s->s2->write_ptr[s->s2->wpend_off]),
-                               (unsigned int)s->s2->wpend_len);
-                       }
-               else
-                       {
-                       SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET);
-                       i= -1;
-                       }
-#ifdef PKT_DEBUG
-               if (s->debug & 0x01) sleep(1);
-#endif
-               if (i == s->s2->wpend_len)
-                       {
-                       s->s2->wpend_len=0;
-                       s->rwstate=SSL_NOTHING;
-                       return(s->s2->wpend_ret);
-                       }
-               else if (i <= 0)
-                       return(i);
-               s->s2->wpend_off+=i;
-               s->s2->wpend_len-=i;
-               }
-       }
-
-static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
-       {
-       unsigned int j,k,olen,p,bs;
-       int mac_size;
-       register unsigned char *pp;
-
-       olen=len;
-
-       /* first check if there is data from an encryption waiting to
-        * be sent - it must be sent because the other end is waiting.
-        * This will happen with non-blocking IO.  We print it and then
-        * return.
-        */
-       if (s->s2->wpend_len != 0) return(write_pending(s,buf,len));
-
-       /* set mac_size to mac size */
-       if (s->s2->clear_text)
-               mac_size=0;
-       else
-               {
-               mac_size=EVP_MD_CTX_size(s->write_hash);
-               if (mac_size < 0)
-                       return -1;
-               }
-
-       /* lets set the pad p */
-       if (s->s2->clear_text)
-               {
-               if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
-                       len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
-               p=0;
-               s->s2->three_byte_header=0;
-               /* len=len; */
-               }
-       else
-               {
-               bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
-               j=len+mac_size;
-               /* Two-byte headers allow for a larger record length than
-                * three-byte headers, but we can't use them if we need
-                * padding or if we have to set the escape bit. */
-               if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
-                       (!s->s2->escape))
-                       {
-                       if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
-                               j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
-                       /* set k to the max number of bytes with 2
-                        * byte header */
-                       k=j-(j%bs);
-                       /* how many data bytes? */
-                       len=k-mac_size; 
-                       s->s2->three_byte_header=0;
-                       p=0;
-                       }
-               else if ((bs <= 1) && (!s->s2->escape))
-                       {
-                       /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
-                        * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */
-                       s->s2->three_byte_header=0;
-                       p=0;
-                       }
-               else /* we may have to use a 3 byte header */
-                       {
-                       /* If s->s2->escape is not set, then
-                        * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
-                        * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */
-                       p=(j%bs);
-                       p=(p == 0)?0:(bs-p);
-                       if (s->s2->escape)
-                               {
-                               s->s2->three_byte_header=1;
-                               if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-                                       j=SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
-                               }
-                       else
-                               s->s2->three_byte_header=(p == 0)?0:1;
-                       }
-               }
-
-       /* Now
-        *      j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
-        * holds, and if s->s2->three_byte_header is set, then even
-        *      j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
-        */
-
-       /* mac_size is the number of MAC bytes
-        * len is the number of data bytes we are going to send
-        * p is the number of padding bytes
-        * (if it is a two-byte header, then p == 0) */
-
-       s->s2->wlength=len;
-       s->s2->padding=p;
-       s->s2->mac_data= &(s->s2->wbuf[3]);
-       s->s2->wact_data= &(s->s2->wbuf[3+mac_size]);
-       /* we copy the data into s->s2->wbuf */
-       memcpy(s->s2->wact_data,buf,len);
-       if (p)
-               memset(&(s->s2->wact_data[len]),0,p); /* arbitrary padding */
-
-       if (!s->s2->clear_text)
-               {
-               s->s2->wact_data_length=len+p;
-               ssl2_mac(s,s->s2->mac_data,1);
-               s->s2->wlength+=p+mac_size;
-               if(ssl2_enc(s,1) < 1)
-                       return -1;
-               }
-
-       /* package up the header */
-       s->s2->wpend_len=s->s2->wlength;
-       if (s->s2->three_byte_header) /* 3 byte header */
-               {
-               pp=s->s2->mac_data;
-               pp-=3;
-               pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8);
-               if (s->s2->escape) pp[0]|=SEC_ESC_BIT;
-               pp[1]=s->s2->wlength&0xff;
-               pp[2]=s->s2->padding;
-               s->s2->wpend_len+=3;
-               }
-       else
-               {
-               pp=s->s2->mac_data;
-               pp-=2;
-               pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT;
-               pp[1]=s->s2->wlength&0xff;
-               s->s2->wpend_len+=2;
-               }
-       s->s2->write_ptr=pp;
-       
-       INC32(s->s2->write_sequence); /* expect next number */
-
-       /* lets try to actually write the data */
-       s->s2->wpend_tot=olen;
-       s->s2->wpend_buf=buf;
-
-       s->s2->wpend_ret=len;
-
-       s->s2->wpend_off=0;
-       return(write_pending(s,buf,olen));
-       }
-
-int ssl2_part_read(SSL *s, unsigned long f, int i)
-       {
-       unsigned char *p;
-       int j;
-
-       if (i < 0)
-               {
-               /* ssl2_return_error(s); */
-               /* for non-blocking io,
-                * this is not necessarily fatal */
-               return(i);
-               }
-       else
-               {
-               s->init_num+=i;
-
-               /* Check for error.  While there are recoverable errors,
-                * this function is not called when those must be expected;
-                * any error detected here is fatal. */
-               if (s->init_num >= 3)
-                       {
-                       p=(unsigned char *)s->init_buf->data;
-                       if (p[0] == SSL2_MT_ERROR)
-                               {
-                               j=(p[1]<<8)|p[2];
-                               SSLerr((int)f,ssl_mt_error(j));
-                               s->init_num -= 3;
-                               if (s->init_num > 0)
-                                       memmove(p, p+3, s->init_num);
-                               }
-                       }
-
-               /* If it's not an error message, we have some error anyway --
-                * the message was shorter than expected.  This too is treated
-                * as fatal (at least if SSL_get_error is asked for its opinion). */
-               return(0);
-               }
-       }
-
-int ssl2_do_write(SSL *s)
-       {
-       int ret;
-
-       ret=ssl2_write(s,&s->init_buf->data[s->init_off],s->init_num);
-       if (ret == s->init_num)
-               {
-               if (s->msg_callback)
-                       s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
-               return(1);
-               }
-       if (ret < 0)
-               return(-1);
-       s->init_off+=ret;
-       s->init_num-=ret;
-       return(0);
-       }
-
-static int ssl_mt_error(int n)
-       {
-       int ret;
-
-       switch (n)
-               {
-       case SSL2_PE_NO_CIPHER:
-               ret=SSL_R_PEER_ERROR_NO_CIPHER;
-               break;
-       case SSL2_PE_NO_CERTIFICATE:
-               ret=SSL_R_PEER_ERROR_NO_CERTIFICATE;
-               break;
-       case SSL2_PE_BAD_CERTIFICATE:
-               ret=SSL_R_PEER_ERROR_CERTIFICATE;
-               break;
-       case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
-               ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
-               break;
-       default:
-               ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
-               break;
-               }
-       return(ret);
-       }
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
deleted file mode 100644 (file)
index 71f677b..0000000
+++ /dev/null
@@ -1,1154 +0,0 @@
-/* ssl/s2_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include <stdio.h>
-#include <openssl/bio.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-static const SSL_METHOD *ssl2_get_server_method(int ver);
-static int get_client_master_key(SSL *s);
-static int get_client_hello(SSL *s);
-static int server_hello(SSL *s); 
-static int get_client_finished(SSL *s);
-static int server_verify(SSL *s);
-static int server_finish(SSL *s);
-static int request_certificate(SSL *s);
-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
-       unsigned char *to,int padding);
-#define BREAK  break
-
-static const SSL_METHOD *ssl2_get_server_method(int ver)
-       {
-       if (ver == SSL2_VERSION)
-               return(SSLv2_server_method());
-       else
-               return(NULL);
-       }
-
-IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
-                       ssl2_accept,
-                       ssl_undefined_function,
-                       ssl2_get_server_method)
-
-int ssl2_accept(SSL *s)
-       {
-       unsigned long l=(unsigned long)time(NULL);
-       BUF_MEM *buf=NULL;
-       int ret= -1;
-       long num1;
-       void (*cb)(const SSL *ssl,int type,int val)=NULL;
-       int new_state,state;
-
-       RAND_add(&l,sizeof(l),0);
-       ERR_clear_error();
-       clear_sys_error();
-
-       if (s->info_callback != NULL)
-               cb=s->info_callback;
-       else if (s->ctx->info_callback != NULL)
-               cb=s->ctx->info_callback;
-
-       /* init things to blank */
-       s->in_handshake++;
-       if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
-
-       if (s->cert == NULL)
-               {
-               SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
-               return(-1);
-               }
-
-       clear_sys_error();
-       for (;;)
-               {
-               state=s->state;
-
-               switch (s->state)
-                       {
-               case SSL_ST_BEFORE:
-               case SSL_ST_ACCEPT:
-               case SSL_ST_BEFORE|SSL_ST_ACCEPT:
-               case SSL_ST_OK|SSL_ST_ACCEPT:
-
-                       s->server=1;
-                       if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
-
-                       s->version=SSL2_VERSION;
-                       s->type=SSL_ST_ACCEPT;
-
-                       buf=s->init_buf;
-                       if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
-                               { ret= -1; goto end; }
-                       if (!BUF_MEM_grow(buf,(int)
-                               SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
-                               { ret= -1; goto end; }
-                       s->init_buf=buf;
-                       s->init_num=0;
-                       s->ctx->stats.sess_accept++;
-                       s->handshake_func=ssl2_accept;
-                       s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-                       BREAK;
-
-               case SSL2_ST_GET_CLIENT_HELLO_A:
-               case SSL2_ST_GET_CLIENT_HELLO_B:
-               case SSL2_ST_GET_CLIENT_HELLO_C:
-                       s->shutdown=0;
-                       ret=get_client_hello(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       s->state=SSL2_ST_SEND_SERVER_HELLO_A;
-                       BREAK;
-
-               case SSL2_ST_SEND_SERVER_HELLO_A:
-               case SSL2_ST_SEND_SERVER_HELLO_B:
-                       ret=server_hello(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       if (!s->hit)
-                               {
-                               s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A;
-                               BREAK;
-                               }
-                       else
-                               {
-                               s->state=SSL2_ST_SERVER_START_ENCRYPTION;
-                               BREAK;
-                               }
-               case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
-               case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
-                       ret=get_client_master_key(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       s->state=SSL2_ST_SERVER_START_ENCRYPTION;
-                       BREAK;
-
-               case SSL2_ST_SERVER_START_ENCRYPTION:
-                       /* Ok we how have sent all the stuff needed to
-                        * start encrypting, the next packet back will
-                        * be encrypted. */
-                       if (!ssl2_enc_init(s,0))
-                               { ret= -1; goto end; }
-                       s->s2->clear_text=0;
-                       s->state=SSL2_ST_SEND_SERVER_VERIFY_A;
-                       BREAK;
-
-               case SSL2_ST_SEND_SERVER_VERIFY_A:
-               case SSL2_ST_SEND_SERVER_VERIFY_B:
-                       ret=server_verify(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       if (s->hit)
-                               {
-                               /* If we are in here, we have been
-                                * buffering the output, so we need to
-                                * flush it and remove buffering from
-                                * future traffic */
-                               s->state=SSL2_ST_SEND_SERVER_VERIFY_C;
-                               BREAK;
-                               }
-                       else
-                               {
-                               s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
-                               break;
-                               }
-
-               case SSL2_ST_SEND_SERVER_VERIFY_C:
-                       /* get the number of bytes to write */
-                       num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
-                       if (num1 > 0)
-                               {
-                               s->rwstate=SSL_WRITING;
-                               num1=BIO_flush(s->wbio);
-                               if (num1 <= 0) { ret= -1; goto end; }
-                               s->rwstate=SSL_NOTHING;
-                               }
-
-                       /* flushed and now remove buffering */
-                       s->wbio=BIO_pop(s->wbio);
-
-                       s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
-                       BREAK;
-
-               case SSL2_ST_GET_CLIENT_FINISHED_A:
-               case SSL2_ST_GET_CLIENT_FINISHED_B:
-                       ret=get_client_finished(s);
-                       if (ret <= 0)
-                               goto end;
-                       s->init_num=0;
-                       s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
-                       BREAK;
-
-               case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
-               case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
-               case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
-               case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
-                       /* don't do a 'request certificate' if we
-                        * don't want to, or we already have one, and
-                        * we only want to do it once. */
-                       if (!(s->verify_mode & SSL_VERIFY_PEER) ||
-                               ((s->session->peer != NULL) &&
-                               (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)))
-                               {
-                               s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
-                               break;
-                               }
-                       else
-                               {
-                               ret=request_certificate(s);
-                               if (ret <= 0) goto end;
-                               s->init_num=0;
-                               s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
-                               }
-                       BREAK;
-
-               case SSL2_ST_SEND_SERVER_FINISHED_A:
-               case SSL2_ST_SEND_SERVER_FINISHED_B:
-                       ret=server_finish(s);
-                       if (ret <= 0) goto end;
-                       s->init_num=0;
-                       s->state=SSL_ST_OK;
-                       break;
-
-               case SSL_ST_OK:
-                       BUF_MEM_free(s->init_buf);
-                       ssl_free_wbio_buffer(s);
-                       s->init_buf=NULL;
-                       s->init_num=0;
-               /*      ERR_clear_error();*/
-
-                       ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
-
-                       s->ctx->stats.sess_accept_good++;
-                       /* s->server=1; */
-                       ret=1;
-
-                       if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
-
-                       goto end;
-                       /* BREAK; */
-
-               default:
-                       SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE);
-                       ret= -1;
-                       goto end;
-                       /* BREAK; */
-                       }
-               
-               if ((cb != NULL) && (s->state != state))
-                       {
-                       new_state=s->state;
-                       s->state=state;
-                       cb(s,SSL_CB_ACCEPT_LOOP,1);
-                       s->state=new_state;
-                       }
-               }
-end:
-       s->in_handshake--;
-       if (cb != NULL)
-               cb(s,SSL_CB_ACCEPT_EXIT,ret);
-       return(ret);
-       }
-
-static int get_client_master_key(SSL *s)
-       {
-       int is_export,i,n,keya,ek;
-       unsigned long len;
-       unsigned char *p;
-       const SSL_CIPHER *cp;
-       const EVP_CIPHER *c;
-       const EVP_MD *md;
-
-       p=(unsigned char *)s->init_buf->data;
-       if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A)
-               {
-               i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num);
-
-               if (i < (10-s->init_num))
-                       return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
-               s->init_num = 10;
-
-               if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY)
-                       {
-                       if (p[-1] != SSL2_MT_ERROR)
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE);
-                               }
-                       else
-                               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
-                       return(-1);
-                       }
-
-               cp=ssl2_get_cipher_by_char(p);
-               if (cp == NULL)
-                       {
-                       ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-                       SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
-                       return(-1);
-                       }
-               s->session->cipher= cp;
-
-               p+=3;
-               n2s(p,i); s->s2->tmp.clear=i;
-               n2s(p,i); s->s2->tmp.enc=i;
-               n2s(p,i);
-               if(i > SSL_MAX_KEY_ARG_LENGTH)
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                       SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
-                       return -1;
-                       }
-               s->session->key_arg_length=i;
-               s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
-               }
-
-       /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
-       p=(unsigned char *)s->init_buf->data;
-       if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-               return -1;
-               }
-       keya=s->session->key_arg_length;
-       len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
-       if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_MESSAGE_TOO_LONG);
-               return -1;
-               }
-       n = (int)len - s->init_num;
-       i = ssl2_read(s,(char *)&(p[s->init_num]),n);
-       if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
-       if (s->msg_callback)
-               s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */
-       p += 10;
-
-       memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]),
-               (unsigned int)keya);
-
-       if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY);
-               return(-1);
-               }
-       i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc,
-               &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]),
-               (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
-
-       is_export=SSL_C_IS_EXPORT(s->session->cipher);
-       
-       if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL, 0))
-               {
-               ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
-               return(0);
-               }
-
-       if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
-               {
-               is_export=1;
-               ek=8;
-               }
-       else
-               ek=5;
-
-       /* bad decrypt */
-#if 1
-       /* If a bad decrypt, continue with protocol but with a
-        * random master secret (Bleichenbacher attack) */
-       if ((i < 0) ||
-               ((!is_export && (i != EVP_CIPHER_key_length(c)))
-               || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i !=
-                       (unsigned int)EVP_CIPHER_key_length(c))))))
-               {
-               ERR_clear_error();
-               if (is_export)
-                       i=ek;
-               else
-                       i=EVP_CIPHER_key_length(c);
-               if (RAND_pseudo_bytes(p,i) <= 0)
-                       return 0;
-               }
-#else
-       if (i < 0)
-               {
-               error=1;
-               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT);
-               }
-       /* incorrect number of key bytes for non export cipher */
-       else if ((!is_export && (i != EVP_CIPHER_key_length(c)))
-               || (is_export && ((i != ek) || (s->s2->tmp.clear+i !=
-                       EVP_CIPHER_key_length(c)))))
-               {
-               error=1;
-               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS);
-               }
-       if (error)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               return(-1);
-               }
-#endif
-
-       if (is_export) i+=s->s2->tmp.clear;
-
-       if (i > SSL_MAX_MASTER_KEY_LENGTH)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-               return -1;
-               }
-       s->session->master_key_length=i;
-       memcpy(s->session->master_key,p,(unsigned int)i);
-       return(1);
-       }
-
-static int get_client_hello(SSL *s)
-       {
-       int i,n;
-       unsigned long len;
-       unsigned char *p;
-       STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
-       STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */
-       STACK_OF(SSL_CIPHER) *prio, *allow;
-       int z;
-
-       /* This is a bit of a hack to check for the correct packet
-        * type the first time round. */
-       if (s->state == SSL2_ST_GET_CLIENT_HELLO_A)
-               {
-               s->first_packet=1;
-               s->state=SSL2_ST_GET_CLIENT_HELLO_B;
-               }
-
-       p=(unsigned char *)s->init_buf->data;
-       if (s->state == SSL2_ST_GET_CLIENT_HELLO_B)
-               {
-               i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num);
-               if (i < (9-s->init_num)) 
-                       return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
-               s->init_num = 9;
-       
-               if (*(p++) != SSL2_MT_CLIENT_HELLO)
-                       {
-                       if (p[-1] != SSL2_MT_ERROR)
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE);
-                               }
-                       else
-                               SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR);
-                       return(-1);
-                       }
-               n2s(p,i);
-               if (i < s->version) s->version=i;
-               n2s(p,i); s->s2->tmp.cipher_spec_length=i;
-               n2s(p,i); s->s2->tmp.session_id_length=i;
-               n2s(p,i); s->s2->challenge_length=i;
-               if (    (i < SSL2_MIN_CHALLENGE_LENGTH) ||
-                       (i > SSL2_MAX_CHALLENGE_LENGTH))
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                       SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH);
-                       return(-1);
-                       }
-               s->state=SSL2_ST_GET_CLIENT_HELLO_C;
-               }
-
-       /* SSL2_ST_GET_CLIENT_HELLO_C */
-       p=(unsigned char *)s->init_buf->data;
-       len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length;
-       if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_MESSAGE_TOO_LONG);
-               return -1;
-               }
-       n = (int)len - s->init_num;
-       i = ssl2_read(s,(char *)&(p[s->init_num]),n);
-       if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
-       if (s->msg_callback)
-               s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */
-       p += 9;
-
-       /* get session-id before cipher stuff so we can get out session
-        * structure if it is cached */
-       /* session-id */
-       if ((s->s2->tmp.session_id_length != 0) && 
-               (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH))
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH);
-               return(-1);
-               }
-
-       if (s->s2->tmp.session_id_length == 0)
-               {
-               if (!ssl_get_new_session(s,1))
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                       return(-1);
-                       }
-               }
-       else
-               {
-               i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]),
-                       s->s2->tmp.session_id_length, NULL);
-               if (i == 1)
-                       { /* previous session */
-                       s->hit=1;
-                       }
-               else if (i == -1)
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                       return(-1);
-                       }
-               else
-                       {
-                       if (s->cert == NULL)
-                               {
-                               ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
-                               SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET);
-                               return(-1);
-                               }
-
-                       if (!ssl_get_new_session(s,1))
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               return(-1);
-                               }
-                       }
-               }
-
-       if (!s->hit)
-               {
-               cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length,
-                       &s->session->ciphers);
-               if (cs == NULL) goto mem_err;
-
-               cl=SSL_get_ciphers(s);
-
-               if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
-                   {
-                   prio=sk_SSL_CIPHER_dup(cl);
-                   if (prio == NULL) goto mem_err;
-                   allow = cs;
-                   }
-               else
-                   {
-                   prio = cs;
-                   allow = cl;
-                   }
-               for (z=0; z<sk_SSL_CIPHER_num(prio); z++)
-                       {
-                       if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0)
-                               {
-                               (void)sk_SSL_CIPHER_delete(prio,z);
-                               z--;
-                               }
-                       }
-               if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
-                   {
-                   sk_SSL_CIPHER_free(s->session->ciphers);
-                   s->session->ciphers = prio;
-                   }
-               /* s->session->ciphers should now have a list of
-                * ciphers that are on both the client and server.
-                * This list is ordered by the order the client sent
-                * the ciphers or in the order of the server's preference
-                * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
-                */
-               }
-       p+=s->s2->tmp.cipher_spec_length;
-       /* done cipher selection */
-
-       /* session id extracted already */
-       p+=s->s2->tmp.session_id_length;
-
-       /* challenge */
-       if (s->s2->challenge_length > sizeof s->s2->challenge)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-               return -1;
-               }
-       memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
-       return(1);
-mem_err:
-       SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
-       return(0);
-       }
-
-static int server_hello(SSL *s)
-       {
-       unsigned char *p,*d;
-       int n,hit;
-
-       p=(unsigned char *)s->init_buf->data;
-       if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
-               {
-               d=p+11;
-               *(p++)=SSL2_MT_SERVER_HELLO;            /* type */
-               hit=s->hit;
-               *(p++)=(unsigned char)hit;
-#if 1
-               if (!hit)
-                       {
-                       if (s->session->sess_cert != NULL)
-                               /* This can't really happen because get_client_hello
-                                * has called ssl_get_new_session, which does not set
-                                * sess_cert. */
-                               ssl_sess_cert_free(s->session->sess_cert);
-                       s->session->sess_cert = ssl_sess_cert_new();
-                       if (s->session->sess_cert == NULL)
-                               {
-                               SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
-                               return(-1);
-                               }
-                       }
-               /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
-                * depending on whether it survived in the internal cache
-                * or was retrieved from an external cache.
-                * If it is NULL, we cannot put any useful data in it anyway,
-                * so we don't touch it.
-                */
-
-#else /* That's what used to be done when cert_st and sess_cert_st were
-          * the same. */
-               if (!hit)
-                       {                       /* else add cert to session */
-                       CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);
-                       if (s->session->sess_cert != NULL)
-                               ssl_cert_free(s->session->sess_cert);
-                       s->session->sess_cert=s->cert;          
-                       }
-               else    /* We have a session id-cache hit, if the
-                        * session-id has no certificate listed against
-                        * the 'cert' structure, grab the 'old' one
-                        * listed against the SSL connection */
-                       {
-                       if (s->session->sess_cert == NULL)
-                               {
-                               CRYPTO_add(&s->cert->references,1,
-                                       CRYPTO_LOCK_SSL_CERT);
-                               s->session->sess_cert=s->cert;
-                               }
-                       }
-#endif
-
-               if (s->cert == NULL)
-                       {
-                       ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
-                       SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED);
-                       return(-1);
-                       }
-
-               if (hit)
-                       {
-                       *(p++)=0;               /* no certificate type */
-                       s2n(s->version,p);      /* version */
-                       s2n(0,p);               /* cert len */
-                       s2n(0,p);               /* ciphers len */
-                       }
-               else
-                       {
-                       /* EAY EAY */
-                       /* put certificate type */
-                       *(p++)=SSL2_CT_X509_CERTIFICATE;
-                       s2n(s->version,p);      /* version */
-                       n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
-                       s2n(n,p);               /* certificate length */
-                       i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d);
-                       n=0;
-                       
-                       /* lets send out the ciphers we like in the
-                        * prefered order */
-                       n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
-                       d+=n;
-                       s2n(n,p);               /* add cipher length */
-                       }
-
-               /* make and send conn_id */
-               s2n(SSL2_CONNECTION_ID_LENGTH,p);       /* add conn_id length */
-               s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH;
-               if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0)
-                       return -1;
-               memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH);
-               d+=SSL2_CONNECTION_ID_LENGTH;
-
-               s->state=SSL2_ST_SEND_SERVER_HELLO_B;
-               s->init_num=d-(unsigned char *)s->init_buf->data;
-               s->init_off=0;
-               }
-       /* SSL2_ST_SEND_SERVER_HELLO_B */
-       /* If we are using TCP/IP, the performance is bad if we do 2
-        * writes without a read between them.  This occurs when
-        * Session-id reuse is used, so I will put in a buffering module
-        */
-       if (s->hit)
-               {
-               if (!ssl_init_wbio_buffer(s,1)) return(-1);
-               }
-       return(ssl2_do_write(s));
-       }
-
-static int get_client_finished(SSL *s)
-       {
-       unsigned char *p;
-       int i, n;
-       unsigned long len;
-
-       p=(unsigned char *)s->init_buf->data;
-       if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A)
-               {
-               i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
-               if (i < 1-s->init_num)
-                       return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
-               s->init_num += i;
-
-               if (*p != SSL2_MT_CLIENT_FINISHED)
-                       {
-                       if (*p != SSL2_MT_ERROR)
-                               {
-                               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                               SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
-                               }
-                       else
-                               {
-                               SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
-                               /* try to read the error message */
-                               i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
-                               return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
-                               }
-                       return(-1);
-                       }
-               s->state=SSL2_ST_GET_CLIENT_FINISHED_B;
-               }
-
-       /* SSL2_ST_GET_CLIENT_FINISHED_B */
-       if (s->s2->conn_id_length > sizeof s->s2->conn_id)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
-               return -1;
-               }
-       len = 1 + (unsigned long)s->s2->conn_id_length;
-       n = (int)len - s->init_num;
-       i = ssl2_read(s,(char *)&(p[s->init_num]),n);
-       if (i < n)
-               {
-               return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
-               }
-       if (s->msg_callback)
-               s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */
-       p += 1;
-       if (memcmp(p,s->s2->conn_id,s->s2->conn_id_length) != 0)
-               {
-               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-               SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT);
-               return(-1);
-               }
-       return(1);
-       }
-
-static int server_verify(SSL *s)
-       {
-       unsigned char *p;
-
-       if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A)
-               {
-               p=(unsigned char *)s->init_buf->data;
-               *(p++)=SSL2_MT_SERVER_VERIFY;
-               if (s->s2->challenge_length > sizeof s->s2->challenge)
-                       {
-                       SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
-                       return -1;
-                       }
-               memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length);
-               /* p+=s->s2->challenge_length; */
-
-               s->state=SSL2_ST_SEND_SERVER_VERIFY_B;
-               s->init_num=s->s2->challenge_length+1;
-               s->init_off=0;
-               }
-       return(ssl2_do_write(s));
-       }
-
-static int server_finish(SSL *s)
-       {
-       unsigned char *p;
-
-       if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A)
-               {
-               p=(unsigned char *)s->init_buf->data;
-               *(p++)=SSL2_MT_SERVER_FINISHED;
-
-               if (s->session->session_id_length > sizeof s->session->session_id)
-                       {
-                       SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
-                       return -1;
-                       }
-               memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length);
-               /* p+=s->session->session_id_length; */
-
-               s->state=SSL2_ST_SEND_SERVER_FINISHED_B;
-               s->init_num=s->session->session_id_length+1;
-               s->init_off=0;
-               }
-
-       /* SSL2_ST_SEND_SERVER_FINISHED_B */
-       return(ssl2_do_write(s));
-       }
-
-/* send the request and check the response */
-static int request_certificate(SSL *s)
-       {
-       const unsigned char *cp;
-       unsigned char *p,*p2,*buf2;
-       unsigned char *ccd;
-       int i,j,ctype,ret= -1;
-       unsigned long len;
-       X509 *x509=NULL;
-       STACK_OF(X509) *sk=NULL;
-
-       ccd=s->s2->tmp.ccl;
-       if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A)
-               {
-               p=(unsigned char *)s->init_buf->data;
-               *(p++)=SSL2_MT_REQUEST_CERTIFICATE;
-               *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
-               if (RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
-                       return -1;
-               memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
-
-               s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
-               s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2;
-               s->init_off=0;
-               }
-
-       if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B)
-               {
-               i=ssl2_do_write(s);
-               if (i <= 0)
-                       {
-                       ret=i;
-                       goto end;
-                       }
-
-               s->init_num=0;
-               s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
-               }
-
-       if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C)
-               {
-               p=(unsigned char *)s->init_buf->data;
-               i=ssl2_read(s,(char *)&(p[s->init_num]),6-s->init_num); /* try to read 6 octets ... */
-               if (i < 3-s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3
-                                       * (probably NO-CERTIFICATE-ERROR) */
-                       {
-                       ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
-                       goto end;
-                       }
-               s->init_num += i;
-
-               if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR))
-                       {
-                       n2s(p,i);
-                       if (i != SSL2_PE_NO_CERTIFICATE)
-                               {
-                               /* not the error message we expected -- let ssl2_part_read handle it */
-                               s->init_num -= 3;
-                               ret = ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE, 3);
-                               goto end;
-                               }
-
-                       if (s->msg_callback)
-                               s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */
-
-                       /* this is the one place where we can recover from an SSL 2.0 error */
-
-                       if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
-                               {
-                               ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
-                               SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-                               goto end;
-                               }
-                       ret=1;
-                       goto end;
-                       }
-               if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6))
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-                       SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ);
-                       goto end;
-                       }
-               if (s->init_num != 6)
-                       {
-                       SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
-                       goto end;
-                       }
-               
-               /* ok we have a response */
-               /* certificate type, there is only one right now. */
-               ctype= *(p++);
-               if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION)
-                       {
-                       ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
-                       SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT);
-                       goto end;
-                       }
-               n2s(p,i); s->s2->tmp.clen=i;
-               n2s(p,i); s->s2->tmp.rlen=i;
-               s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
-               }
-
-       /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
-       p=(unsigned char *)s->init_buf->data;
-       len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
-       if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-               {
-               SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_MESSAGE_TOO_LONG);
-               goto end;
-               }
-       j = (int)len - s->init_num;
-       i = ssl2_read(s,(char *)&(p[s->init_num]),j);
-       if (i < j) 
-               {
-               ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
-               goto end;
-               }
-       if (s->msg_callback)
-               s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */
-       p += 6;
-
-       cp = p;
-       x509=(X509 *)d2i_X509(NULL,&cp,(long)s->s2->tmp.clen);
-       if (x509 == NULL)
-               {
-               SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB);
-               goto msg_end;
-               }
-
-       if (((sk=sk_X509_new_null()) == NULL) || (!sk_X509_push(sk,x509)))
-               {
-               SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-               goto msg_end;
-               }
-
-       i=ssl_verify_cert_chain(s,sk);
-
-       if (i > 1)
-               {
-               SSLerr(SSL_F_REQUEST_CERTIFICATE, i);
-               goto msg_end;
-               }
-
-       if (i > 0)      /* we like the packet, now check the chksum */
-               {
-               EVP_MD_CTX ctx;
-               EVP_PKEY *pkey=NULL;
-
-               EVP_MD_CTX_init(&ctx);
-               if (!EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL)
-                   || !EVP_VerifyUpdate(&ctx,s->s2->key_material,
-                                        s->s2->key_material_length)
-                   || !EVP_VerifyUpdate(&ctx,ccd,
-                                        SSL2_MIN_CERT_CHALLENGE_LENGTH))
-                       goto msg_end;
-
-               i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
-               buf2=OPENSSL_malloc((unsigned int)i);
-               if (buf2 == NULL)
-                       {
-                       SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
-                       goto msg_end;
-                       }
-               p2=buf2;
-               i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
-               if (!EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i))
-                       {
-                       OPENSSL_free(buf2);
-                       goto msg_end;
-                       }
-               OPENSSL_free(buf2);
-
-               pkey=X509_get_pubkey(x509);
-               if (pkey == NULL) goto end;
-               i=EVP_VerifyFinal(&ctx,cp,s->s2->tmp.rlen,pkey);
-               EVP_PKEY_free(pkey);
-               EVP_MD_CTX_cleanup(&ctx);
-
-               if (i > 0)
-                       {
-                       if (s->session->peer != NULL)
-                               X509_free(s->session->peer);
-                       s->session->peer=x509;
-                       CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
-                       s->session->verify_result = s->verify_result;
-                       ret=1;
-                       goto end;
-                       }
-               else
-                       {
-                       SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM);
-                       goto msg_end;
-                       }
-               }
-       else
-               {
-msg_end:
-               ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
-               }
-end:
-       sk_X509_free(sk);
-       X509_free(x509);
-       return(ret);
-       }
-
-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
-            unsigned char *to, int padding)
-       {
-       RSA *rsa;
-       int i;
-
-       if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL))
-               {
-               SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY);
-               return(-1);
-               }
-       if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA)
-               {
-               SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
-               return(-1);
-               }
-       rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
-
-       /* we have the public key */
-       i=RSA_private_decrypt(len,from,to,rsa,padding);
-       if (i < 0)
-               SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB);
-       return(i);
-       }
-#else /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
index 63774bc..7765de1 100644 (file)
@@ -371,8 +371,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
                        }
                }
 
-       s->session->key_arg_length=0;
-
        EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
 
 #ifdef OPENSSL_SSL_TRACE_CRYPTO
index d670ff0..51a4ec3 100644 (file)
@@ -3946,8 +3946,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                                return s->version == TLS1_VERSION;
                        if (!(s->options & SSL_OP_NO_SSLv3))
                                return s->version == SSL3_VERSION;
-                       if (!(s->options & SSL_OP_NO_SSLv2))
-                               return s->version == SSL2_VERSION;
                        }
                return 0; /* Unexpected state; fail closed. */
 
index 104e4f1..388d400 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -177,16 +177,6 @@ extern "C" {
 #define SSL_SESSION_ASN1_VERSION 0x0001
 
 /* text strings for the ciphers */
-#define SSL_TXT_NULL_WITH_MD5          SSL2_TXT_NULL_WITH_MD5                  
-#define SSL_TXT_RC4_128_WITH_MD5       SSL2_TXT_RC4_128_WITH_MD5               
-#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5   
-#define SSL_TXT_RC2_128_CBC_WITH_MD5   SSL2_TXT_RC2_128_CBC_WITH_MD5           
-#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5   
-#define SSL_TXT_IDEA_128_CBC_WITH_MD5  SSL2_TXT_IDEA_128_CBC_WITH_MD5          
-#define SSL_TXT_DES_64_CBC_WITH_MD5    SSL2_TXT_DES_64_CBC_WITH_MD5            
-#define SSL_TXT_DES_64_CBC_WITH_SHA    SSL2_TXT_DES_64_CBC_WITH_SHA            
-#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5   
-#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA   
 
 /*    VRS Additional Kerberos5 entries
  */
@@ -305,7 +295,6 @@ extern "C" {
 #define SSL_TXT_SHA256         "SHA256"
 #define SSL_TXT_SHA384         "SHA384"
 
-#define SSL_TXT_SSLV2          "SSLv2"
 #define SSL_TXT_SSLV3          "SSLv3"
 #define SSL_TXT_TLSV1          "TLSv1"
 #define SSL_TXT_TLSV1_1                "TLSv1.1"
@@ -336,7 +325,7 @@ extern "C" {
 /* The following cipher list is used by default.
  * It also is substituted when an application-defined cipher list string
  * starts with 'DEFAULT'. */
-#define SSL_DEFAULT_CIPHER_LIST        "ALL:!aNULL:!eNULL:!SSLv2"
+#define SSL_DEFAULT_CIPHER_LIST        "ALL:!aNULL:!eNULL"
 /* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
  * starts with a reasonable order, and all we have to do for DEFAULT is
  * throwing out anonymous and unencrypted ciphersuites!
@@ -356,10 +345,6 @@ extern "C" {
 extern "C" {
 #endif
 
-#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
-#define OPENSSL_NO_SSL2
-#endif
-
 #define SSL_FILETYPE_ASN1      X509_FILETYPE_ASN1
 #define SSL_FILETYPE_PEM       X509_FILETYPE_PEM
 
@@ -498,9 +483,6 @@ struct ssl_session_st
        int ssl_version;        /* what ssl version session info is
                                 * being kept in here? */
 
-       /* only really used in SSLv2 */
-       unsigned int key_arg_length;
-       unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
        int master_key_length;
        unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
        /* session_id - valid? */
@@ -575,8 +557,6 @@ struct ssl_session_st
 
 #endif
 
-#define SSL_OP_MICROSOFT_SESS_ID_BUG                   0x00000001L
-#define SSL_OP_NETSCAPE_CHALLENGE_BUG                  0x00000002L
 /* Allow initial connection to servers that don't support RI */
 #define SSL_OP_LEGACY_SERVER_CONNECT                   0x00000004L
 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG                0x00000008L
@@ -591,6 +571,9 @@ struct ssl_session_st
 #define SSL_OP_MSIE_SSLV2_RSA_PADDING                  0x0
 /* Refers to ancient SSLREF and SSLv2, retained for compatibility */
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG             0x0
+/* Related to removed SSLv2 */
+#define SSL_OP_MICROSOFT_SESS_ID_BUG                   0x0
+#define SSL_OP_NETSCAPE_CHALLENGE_BUG                  0x0
 
 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
  * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
@@ -634,7 +617,7 @@ struct ssl_session_st
  * forbidden to prevent version rollback attacks. */
 #define SSL_OP_TLS_ROLLBACK_BUG                                0x00800000L
 
-#define SSL_OP_NO_SSLv2                                        0x01000000L
+#define SSL_OP_NO_SSLv2                                        0x00000000L
 #define SSL_OP_NO_SSLv3                                        0x02000000L
 #define SSL_OP_NO_TLSv1                                        0x04000000L
 #define SSL_OP_NO_TLSv1_2                              0x08000000L
@@ -643,7 +626,7 @@ struct ssl_session_st
 #define SSL_OP_NO_DTLSv1                               0x04000000L
 #define SSL_OP_NO_DTLSv1_2                             0x08000000L
 
-#define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|\
+#define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
        SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)
 
 /* These next two were never actually used for anything since SSLeay
@@ -868,11 +851,8 @@ int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key);
  * 'ssl' value they're passed by;
  *      SSL_has_matching_session_id(ssl, id, *id_len)
  * The length value passed in is set at the maximum size the session ID can be.
- * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
- * can alter this length to be less if desired, but under SSLv2 session IDs are
- * supposed to be fixed at 16 bytes so the id will be padded after the callback
- * returns in this case. It is also an error for the callback to set the size to
- * zero. */
+ * In SSLv3/TLSv1 it is 32 bytes. The callback can alter this length to be less
+ * if desired. It is also an error for the callback to set the size to zero. */
 typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
                                unsigned int *id_len);
 
@@ -982,7 +962,6 @@ struct ssl_ctx_st
 
        CRYPTO_EX_DATA ex_data;
 
-       const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
        const EVP_MD *md5;      /* For SSLv3/TLSv1 'ssl3-md5' */
        const EVP_MD *sha1;   /* For SSLv3/TLSv1 'ssl3->sha1' */
 
@@ -1363,7 +1342,6 @@ struct ssl_st
        unsigned char *packet;
        unsigned int packet_length;
 
-       struct ssl2_state_st *s2; /* SSLv2 variables */
        struct ssl3_state_st *s3; /* SSLv3 variables */
        struct dtls1_state_st *d1; /* DTLSv1 variables */
 
@@ -1423,7 +1401,7 @@ struct ssl_st
        /* Default generate session ID callback. */
        GEN_SESSION_CB generate_session_id;
 
-       /* Used in SSL2 and SSL3 */
+       /* Used in SSL3 */
        int verify_mode;        /* 0 don't care about verify failure.
                                 * 1 fail if verify fails */
        int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
@@ -2235,12 +2213,6 @@ const char *SSL_get_version(const SSL *s);
 /* This sets the 'default' SSL version that SSL_new() will create */
 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
 
-#ifndef OPENSSL_NO_SSL2
-const SSL_METHOD *SSLv2_method(void);          /* SSLv2 */
-const SSL_METHOD *SSLv2_server_method(void);   /* SSLv2 */
-const SSL_METHOD *SSLv2_client_method(void);   /* SSLv2 */
-#endif
-
 #ifndef OPENSSL_NO_SSL3_METHOD
 const SSL_METHOD *SSLv3_method(void);          /* SSLv3 */
 const SSL_METHOD *SSLv3_server_method(void);   /* SSLv3 */
@@ -2503,8 +2475,6 @@ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c);
 #define SSL_SECOP_CURVE_CHECK          (6 | SSL_SECOP_OTHER_CURVE)
 /* Temporary DH key */
 #define SSL_SECOP_TMP_DH               (7 | SSL_SECOP_OTHER_DH)
-/* Whether to use SSLv2 compatible client hello */
-#define SSL_SECOP_SSL2_COMPAT          (8 | SSL_SECOP_OTHER_NONE)
 /* SSL/TLS version */
 #define SSL_SECOP_VERSION              (9 | SSL_SECOP_OTHER_NONE)
 /* Session tickets */
@@ -2560,10 +2530,6 @@ void ERR_load_SSL_strings(void);
 
 /* Function codes. */
 #define SSL_F_CHECK_SUITEB_CIPHER_LIST                  331
-#define SSL_F_CLIENT_CERTIFICATE                        100
-#define SSL_F_CLIENT_FINISHED                           167
-#define SSL_F_CLIENT_HELLO                              101
-#define SSL_F_CLIENT_MASTER_KEY                                 102
 #define SSL_F_D2I_SSL_SESSION                           103
 #define SSL_F_DO_DTLS1_WRITE                            245
 #define SSL_F_DO_SSL3_WRITE                             104
@@ -2595,18 +2561,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_DTLS1_SEND_SERVER_HELLO                   266
 #define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE            267
 #define SSL_F_DTLS1_WRITE_APP_DATA_BYTES                268
-#define SSL_F_GET_CLIENT_FINISHED                       105
-#define SSL_F_GET_CLIENT_HELLO                          106
-#define SSL_F_GET_CLIENT_MASTER_KEY                     107
-#define SSL_F_GET_SERVER_FINISHED                       108
-#define SSL_F_GET_SERVER_HELLO                          109
-#define SSL_F_GET_SERVER_VERIFY                                 110
-#define SSL_F_I2D_SSL_SESSION                           111
-#define SSL_F_READ_N                                    112
-#define SSL_F_REQUEST_CERTIFICATE                       113
-#define SSL_F_SERVER_FINISH                             239
-#define SSL_F_SERVER_HELLO                              114
-#define SSL_F_SERVER_VERIFY                             240
 #define SSL_F_SSL23_ACCEPT                              115
 #define SSL_F_SSL23_CLIENT_HELLO                        116
 #define SSL_F_SSL23_CONNECT                             117
@@ -2615,15 +2569,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL23_PEEK                                237
 #define SSL_F_SSL23_READ                                120
 #define SSL_F_SSL23_WRITE                               121
-#define SSL_F_SSL2_ACCEPT                               122
-#define SSL_F_SSL2_CONNECT                              123
-#define SSL_F_SSL2_ENC_INIT                             124
-#define SSL_F_SSL2_GENERATE_KEY_MATERIAL                241
-#define SSL_F_SSL2_PEEK                                         234
-#define SSL_F_SSL2_READ                                         125
-#define SSL_F_SSL2_READ_INTERNAL                        236
-#define SSL_F_SSL2_SET_CERTIFICATE                      126
-#define SSL_F_SSL2_WRITE                                127
 #define SSL_F_SSL3_ACCEPT                               128
 #define SSL_F_SSL3_ADD_CERT_TO_BUF                      296
 #define SSL_F_SSL3_CALLBACK_CTRL                        233
@@ -2742,8 +2687,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT            281
 #define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT            282
 #define SSL_F_SSL_READ                                  223
-#define SSL_F_SSL_RSA_PRIVATE_DECRYPT                   187
-#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT                    188
 #define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT               320
 #define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT               321
 #define SSL_F_SSL_SESSION_NEW                           189
@@ -2790,15 +2733,12 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_TLS1_PRF                                  284
 #define SSL_F_TLS1_SETUP_KEY_BLOCK                      211
 #define SSL_F_TLS1_SET_SERVER_SIGALGS                   335
-#define SSL_F_WRITE_PENDING                             212
 
 /* Reason codes. */
 #define SSL_R_APP_DATA_IN_HANDSHAKE                     100
 #define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
 #define SSL_R_BAD_ALERT_RECORD                          101
-#define SSL_R_BAD_AUTHENTICATION_TYPE                   102
 #define SSL_R_BAD_CHANGE_CIPHER_SPEC                    103
-#define SSL_R_BAD_CHECKSUM                              104
 #define SSL_R_BAD_DATA                                  390
 #define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK             106
 #define SSL_R_BAD_DECOMPRESSION                                 107
@@ -2813,13 +2753,11 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_BAD_HANDSHAKE_LENGTH                      332
 #define SSL_R_BAD_HELLO_REQUEST                                 105
 #define SSL_R_BAD_LENGTH                                271
-#define SSL_R_BAD_MAC_DECODE                            113
 #define SSL_R_BAD_MAC_LENGTH                            333
 #define SSL_R_BAD_MESSAGE_TYPE                          114
 #define SSL_R_BAD_PACKET_LENGTH                                 115
 #define SSL_R_BAD_PROTOCOL_VERSION_NUMBER               116
 #define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH              316
-#define SSL_R_BAD_RESPONSE_ARGUMENT                     117
 #define SSL_R_BAD_RSA_DECRYPT                           118
 #define SSL_R_BAD_RSA_ENCRYPT                           119
 #define SSL_R_BAD_RSA_E_LENGTH                          120
@@ -2835,8 +2773,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_BAD_SRTP_MKI_VALUE                        352
 #define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST          353
 #define SSL_R_BAD_SSL_FILETYPE                          124
-#define SSL_R_BAD_SSL_SESSION_ID_LENGTH                         125
-#define SSL_R_BAD_STATE                                         126
 #define SSL_R_BAD_VALUE                                         384
 #define SSL_R_BAD_WRITE_RETRY                           127
 #define SSL_R_BIO_NOT_SET                               128
@@ -2850,17 +2786,14 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_CERTIFICATE_VERIFY_FAILED                         134
 #define SSL_R_CERT_CB_ERROR                             377
 #define SSL_R_CERT_LENGTH_MISMATCH                      135
-#define SSL_R_CHALLENGE_IS_DIFFERENT                    136
 #define SSL_R_CIPHER_CODE_WRONG_LENGTH                  137
 #define SSL_R_CIPHER_OR_HASH_UNAVAILABLE                138
-#define SSL_R_CIPHER_TABLE_SRC_ERROR                    139
 #define SSL_R_CLIENTHELLO_TLSEXT                        226
 #define SSL_R_COMPRESSED_LENGTH_TOO_LONG                140
 #define SSL_R_COMPRESSION_DISABLED                      343
 #define SSL_R_COMPRESSION_FAILURE                       141
 #define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE   307
 #define SSL_R_COMPRESSION_LIBRARY_ERROR                         142
-#define SSL_R_CONNECTION_ID_IS_DIFFERENT                143
 #define SSL_R_CONNECTION_TYPE_NOT_SET                   144
 #define SSL_R_COOKIE_MISMATCH                           308
 #define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED             145
@@ -2889,11 +2822,9 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION          356
 #define SSL_R_HTTPS_PROXY_REQUEST                       155
 #define SSL_R_HTTP_REQUEST                              156
-#define SSL_R_ILLEGAL_PADDING                           283
 #define SSL_R_ILLEGAL_SUITEB_DIGEST                     380
 #define SSL_R_INAPPROPRIATE_FALLBACK                    373
 #define SSL_R_INCONSISTENT_COMPRESSION                  340
-#define SSL_R_INVALID_CHALLENGE_LENGTH                  158
 #define SSL_R_INVALID_COMMAND                           280
 #define SSL_R_INVALID_COMPRESSION_ALGORITHM             341
 #define SSL_R_INVALID_NULL_CMD_NAME                     385
@@ -2903,8 +2834,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_INVALID_STATUS_RESPONSE                   328
 #define SSL_R_INVALID_TICKET_KEYS_LENGTH                325
 #define SSL_R_INVALID_TRUST                             279
-#define SSL_R_KEY_ARG_TOO_LONG                          284
-#define SSL_R_KEY_TOO_SMALL                             395
 #define SSL_R_KRB5                                      285
 #define SSL_R_KRB5_C_CC_PRINC                           286
 #define SSL_R_KRB5_C_GET_CRED                           287
@@ -2920,7 +2849,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_LENGTH_TOO_SHORT                          160
 #define SSL_R_LIBRARY_BUG                               274
 #define SSL_R_LIBRARY_HAS_NO_CIPHERS                    161
-#define SSL_R_MESSAGE_TOO_LONG                          296
 #define SSL_R_MISSING_DH_DSA_CERT                       162
 #define SSL_R_MISSING_DH_KEY                            163
 #define SSL_R_MISSING_DH_RSA_CERT                       164
@@ -2939,16 +2867,13 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_MISSING_TMP_RSA_PKEY                      173
 #define SSL_R_MISSING_VERIFY_MESSAGE                    174
 #define SSL_R_MULTIPLE_SGC_RESTARTS                     346
-#define SSL_R_NON_SSLV2_INITIAL_PACKET                  175
 #define SSL_R_NO_CERTIFICATES_RETURNED                  176
 #define SSL_R_NO_CERTIFICATE_ASSIGNED                   177
 #define SSL_R_NO_CERTIFICATE_RETURNED                   178
 #define SSL_R_NO_CERTIFICATE_SET                        179
-#define SSL_R_NO_CERTIFICATE_SPECIFIED                  180
 #define SSL_R_NO_CIPHERS_AVAILABLE                      181
 #define SSL_R_NO_CIPHERS_PASSED                                 182
 #define SSL_R_NO_CIPHERS_SPECIFIED                      183
-#define SSL_R_NO_CIPHER_LIST                            184
 #define SSL_R_NO_CIPHER_MATCH                           185
 #define SSL_R_NO_CLIENT_CERT_METHOD                     331
 #define SSL_R_NO_CLIENT_CERT_RECEIVED                   186
@@ -2956,10 +2881,8 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER          330
 #define SSL_R_NO_METHOD_SPECIFIED                       188
 #define SSL_R_NO_PEM_EXTENSIONS                                 389
-#define SSL_R_NO_PRIVATEKEY                             189
 #define SSL_R_NO_PRIVATE_KEY_ASSIGNED                   190
 #define SSL_R_NO_PROTOCOLS_AVAILABLE                    191
-#define SSL_R_NO_PUBLICKEY                              192
 #define SSL_R_NO_RENEGOTIATION                          339
 #define SSL_R_NO_REQUIRED_DIGEST                        324
 #define SSL_R_NO_SHARED_CIPHER                          193
@@ -2978,25 +2901,15 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_PARSE_TLSEXT                              227
 #define SSL_R_PATH_TOO_LONG                             270
 #define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE                 199
-#define SSL_R_PEER_ERROR                                200
-#define SSL_R_PEER_ERROR_CERTIFICATE                    201
-#define SSL_R_PEER_ERROR_NO_CERTIFICATE                         202
-#define SSL_R_PEER_ERROR_NO_CIPHER                      203
-#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE   204
 #define SSL_R_PEM_NAME_BAD_PREFIX                       391
 #define SSL_R_PEM_NAME_TOO_SHORT                        392
 #define SSL_R_PRE_MAC_LENGTH_TOO_LONG                   205
-#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS                 206
 #define SSL_R_PROTOCOL_IS_SHUTDOWN                      207
 #define SSL_R_PSK_IDENTITY_NOT_FOUND                    223
 #define SSL_R_PSK_NO_CLIENT_CB                          224
 #define SSL_R_PSK_NO_SERVER_CB                          225
-#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR                  208
-#define SSL_R_PUBLIC_KEY_IS_NOT_RSA                     209
-#define SSL_R_PUBLIC_KEY_NOT_RSA                        210
 #define SSL_R_READ_BIO_NOT_SET                          211
 #define SSL_R_READ_TIMEOUT_EXPIRED                      312
-#define SSL_R_READ_WRONG_PACKET_TYPE                    212
 #define SSL_R_RECORD_LENGTH_MISMATCH                    213
 #define SSL_R_RECORD_TOO_LARGE                          214
 #define SSL_R_RECORD_TOO_SMALL                          298
@@ -3005,13 +2918,9 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_RENEGOTIATION_MISMATCH                    337
 #define SSL_R_REQUIRED_CIPHER_MISSING                   215
 #define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING   342
-#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO                216
-#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO                  217
-#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO                218
 #define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING          345
 #define SSL_R_SERVERHELLO_TLSEXT                        275
 #define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED          277
-#define SSL_R_SHORT_READ                                219
 #define SSL_R_SIGNATURE_ALGORITHMS_ERROR                360
 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE     220
 #define SSL_R_SRP_A_CALC                                361
@@ -3019,7 +2928,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG     363
 #define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE           364
 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE              221
-#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG               299
 #define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT            321
 #define SSL_R_SSL3_EXT_INVALID_SERVERNAME               319
 #define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE          320
@@ -3044,7 +2952,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_SSL_SESSION_ID_CONFLICT                   302
 #define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG           273
 #define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH             303
-#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT               231
 #define SSL_R_TLSV1_ALERT_ACCESS_DENIED                         1049
 #define SSL_R_TLSV1_ALERT_DECODE_ERROR                  1050
 #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED             1021
@@ -3073,12 +2980,10 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER           235
 #define SSL_R_UNABLE_TO_DECODE_DH_CERTS                         236
 #define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS               313
-#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY              237
 #define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS              238
 #define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS            314
 #define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS      239
 #define SSL_R_UNABLE_TO_FIND_SSL_METHOD                         240
-#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES          241
 #define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES          242
 #define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES                 243
 #define SSL_R_UNEXPECTED_MESSAGE                        244
@@ -3106,12 +3011,10 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_UNSUPPORTED_STATUS_TYPE                   329
 #define SSL_R_USE_SRTP_NOT_NEGOTIATED                   369
 #define SSL_R_VERSION_TOO_LOW                           396
-#define SSL_R_WRITE_BIO_NOT_SET                                 260
 #define SSL_R_WRONG_CERTIFICATE_TYPE                    383
 #define SSL_R_WRONG_CIPHER_RETURNED                     261
 #define SSL_R_WRONG_CURVE                               378
 #define SSL_R_WRONG_MESSAGE_TYPE                        262
-#define SSL_R_WRONG_NUMBER_OF_KEY_BITS                  263
 #define SSL_R_WRONG_SIGNATURE_LENGTH                    264
 #define SSL_R_WRONG_SIGNATURE_SIZE                      265
 #define SSL_R_WRONG_SIGNATURE_TYPE                      370
index eb25dcb..5c6a238 100644 (file)
 extern "C" {
 #endif
 
-/* Protocol Version Codes */
 #define SSL2_VERSION           0x0002
-#define SSL2_VERSION_MAJOR     0x00
-#define SSL2_VERSION_MINOR     0x02
-/* #define SSL2_CLIENT_VERSION 0x0002 */
-/* #define SSL2_SERVER_VERSION 0x0002 */
 
-/* Protocol Message Codes */
-#define SSL2_MT_ERROR                  0
 #define SSL2_MT_CLIENT_HELLO           1
-#define SSL2_MT_CLIENT_MASTER_KEY      2
-#define SSL2_MT_CLIENT_FINISHED                3
-#define SSL2_MT_SERVER_HELLO           4
-#define SSL2_MT_SERVER_VERIFY          5
-#define SSL2_MT_SERVER_FINISHED                6
-#define SSL2_MT_REQUEST_CERTIFICATE    7
-#define SSL2_MT_CLIENT_CERTIFICATE     8
-
-/* Error Message Codes */
-#define SSL2_PE_UNDEFINED_ERROR                0x0000
-#define SSL2_PE_NO_CIPHER              0x0001
-#define SSL2_PE_NO_CERTIFICATE         0x0002
-#define SSL2_PE_BAD_CERTIFICATE                0x0004
-#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
-
-/* Cipher Kind Values */
-#define SSL2_CK_NULL_WITH_MD5                  0x02000000 /* v3 */
-#define SSL2_CK_RC4_128_WITH_MD5               0x02010080
-#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5      0x02020080
-#define SSL2_CK_RC2_128_CBC_WITH_MD5           0x02030080
-#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5  0x02040080
-#define SSL2_CK_IDEA_128_CBC_WITH_MD5          0x02050080
-#define SSL2_CK_DES_64_CBC_WITH_MD5            0x02060040
-#define SSL2_CK_DES_64_CBC_WITH_SHA            0x02060140 /* v3 */
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5      0x020700c0
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA      0x020701c0 /* v3 */
-#define SSL2_CK_RC4_64_WITH_MD5                        0x02080080 /* MS hack */
-#define SSL2_CK_DES_64_CFB64_WITH_MD5_1                0x02ff0800 /* SSLeay */
-#define SSL2_CK_NULL                           0x02ff0810 /* SSLeay */
-
-#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1       "DES-CFB-M1"
-#define SSL2_TXT_NULL_WITH_MD5                 "NULL-MD5"
-#define SSL2_TXT_RC4_128_WITH_MD5              "RC4-MD5"
-#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5     "EXP-RC4-MD5"
-#define SSL2_TXT_RC2_128_CBC_WITH_MD5          "RC2-CBC-MD5"
-#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
-#define SSL2_TXT_IDEA_128_CBC_WITH_MD5         "IDEA-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_MD5           "DES-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_SHA           "DES-CBC-SHA"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5     "DES-CBC3-MD5"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA     "DES-CBC3-SHA"
-#define SSL2_TXT_RC4_64_WITH_MD5               "RC4-64-MD5"
-
-#define SSL2_TXT_NULL                          "NULL"
-
-/* Flags for the SSL_CIPHER.algorithm2 field */
-#define SSL2_CF_5_BYTE_ENC                     0x01
-#define SSL2_CF_8_BYTE_ENC                     0x02
-
-/* Certificate Type Codes */
-#define SSL2_CT_X509_CERTIFICATE               0x01
-
-/* Authentication Type Code */
-#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION                0x01
-
-#define SSL2_MAX_SSL_SESSION_ID_LENGTH         32
-
-/* Upper/Lower Bounds */
-#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS     256
-#ifdef OPENSSL_SYS_MPE
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER   29998u
-#else
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER   32767u  /* 2^15-1 */
-#endif
-#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER   16383 /* 2^14-1 */
-
-#define SSL2_CHALLENGE_LENGTH  16
-/*#define SSL2_CHALLENGE_LENGTH        32 */
-#define SSL2_MIN_CHALLENGE_LENGTH      16
-#define SSL2_MAX_CHALLENGE_LENGTH      32
-#define SSL2_CONNECTION_ID_LENGTH      16
-#define SSL2_MAX_CONNECTION_ID_LENGTH  16
-#define SSL2_SSL_SESSION_ID_LENGTH     16
-#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
-#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
-#define SSL2_MAX_KEY_MATERIAL_LENGTH   24
-
-#ifndef HEADER_SSL_LOCL_H
-#define  CERT          char
-#endif
-
-#ifndef OPENSSL_NO_SSL_INTERN
-
-typedef struct ssl2_state_st
-       {
-       int three_byte_header;
-       int clear_text;         /* clear text */
-       int escape;             /* not used in SSLv2 */
-       int ssl2_rollback;      /* used if SSLv23 rolled back to SSLv2 */
-
-       /* non-blocking io info, used to make sure the same
-        * args were passwd */
-       unsigned int wnum;      /* number of bytes sent so far */
-       int wpend_tot;
-       const unsigned char *wpend_buf;
-
-       int wpend_off;  /* offset to data to write */
-       int wpend_len;  /* number of bytes passwd to write */
-       int wpend_ret;  /* number of bytes to return to caller */
-
-       /* buffer raw data */
-       int rbuf_left;
-       int rbuf_offs;
-       unsigned char *rbuf;
-       unsigned char *wbuf;
-
-       unsigned char *write_ptr;/* used to point to the start due to
-                                 * 2/3 byte header. */
-
-       unsigned int padding;
-       unsigned int rlength; /* passed to ssl2_enc */
-       int ract_data_length; /* Set when things are encrypted. */
-       unsigned int wlength; /* passed to ssl2_enc */
-       int wact_data_length; /* Set when things are decrypted. */
-       unsigned char *ract_data;
-       unsigned char *wact_data;
-       unsigned char *mac_data;
-
-       unsigned char *read_key;
-       unsigned char *write_key;
-
-               /* Stuff specifically to do with this SSL session */
-       unsigned int challenge_length;
-       unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
-       unsigned int conn_id_length;
-       unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
-       unsigned int key_material_length;
-       unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
-
-       unsigned long read_sequence;
-       unsigned long write_sequence;
-
-       struct  {
-               unsigned int conn_id_length;
-               unsigned int cert_type; 
-               unsigned int cert_length;
-               unsigned int csl; 
-               unsigned int clear;
-               unsigned int enc; 
-               unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
-               unsigned int cipher_spec_length;
-               unsigned int session_id_length;
-               unsigned int clen;
-               unsigned int rlen;
-               } tmp;
-       } SSL2_STATE;
-
-#endif
-
-/* SSLv2 */
-/* client */
-#define SSL2_ST_SEND_CLIENT_HELLO_A            (0x10|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_HELLO_B            (0x11|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_HELLO_A             (0x20|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_HELLO_B             (0x21|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A       (0x30|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B       (0x31|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_FINISHED_A         (0x40|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_FINISHED_B         (0x41|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A      (0x50|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B      (0x51|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C      (0x52|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D      (0x53|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_VERIFY_A            (0x60|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_VERIFY_B            (0x61|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_FINISHED_A          (0x70|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_FINISHED_B          (0x71|SSL_ST_CONNECT)
-#define SSL2_ST_CLIENT_START_ENCRYPTION                (0x80|SSL_ST_CONNECT)
-#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE    (0x90|SSL_ST_CONNECT)
-/* server */
-#define SSL2_ST_GET_CLIENT_HELLO_A             (0x10|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_HELLO_B             (0x11|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_HELLO_C             (0x12|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_HELLO_A            (0x20|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_HELLO_B            (0x21|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_MASTER_KEY_A                (0x30|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_MASTER_KEY_B                (0x31|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_A           (0x40|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_B           (0x41|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_C           (0x42|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_FINISHED_A          (0x50|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_FINISHED_B          (0x51|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_FINISHED_A         (0x60|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_FINISHED_B         (0x61|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A     (0x70|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B     (0x71|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C     (0x72|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D     (0x73|SSL_ST_ACCEPT)
-#define SSL2_ST_SERVER_START_ENCRYPTION                (0x80|SSL_ST_ACCEPT)
-#define SSL2_ST_X509_GET_SERVER_CERTIFICATE    (0x90|SSL_ST_ACCEPT)
 
 #ifdef  __cplusplus
 }
index d3646ae..c4bf750 100644 (file)
@@ -110,7 +110,6 @@ int SSL_library_init(void)
   
 #ifndef OPENSSL_NO_MD5
        EVP_add_digest(EVP_md5());
-       EVP_add_digest_alias(SN_md5,"ssl2-md5");
        EVP_add_digest_alias(SN_md5,"ssl3-md5");
 #endif
 #ifndef OPENSSL_NO_SHA
index 4775003..ba5f33d 100644 (file)
@@ -98,7 +98,6 @@ typedef struct ssl_session_asn1_st
        ASN1_OCTET_STRING master_key;
        ASN1_OCTET_STRING session_id;
        ASN1_OCTET_STRING session_id_context;
-       ASN1_OCTET_STRING key_arg;
 #ifndef OPENSSL_NO_KRB5
         ASN1_OCTET_STRING krb5_princ;
 #endif /* OPENSSL_NO_KRB5 */
@@ -165,19 +164,10 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
                l=in->cipher_id;
        else
                l=in->cipher->id;
-       if (in->ssl_version == SSL2_VERSION)
-               {
-               a.cipher.length=3;
-               buf[0]=((unsigned char)(l>>16L))&0xff;
-               buf[1]=((unsigned char)(l>> 8L))&0xff;
-               buf[2]=((unsigned char)(l     ))&0xff;
-               }
-       else
-               {
-               a.cipher.length=2;
-               buf[0]=((unsigned char)(l>>8L))&0xff;
-               buf[1]=((unsigned char)(l    ))&0xff;
-               }
+       a.cipher.length=2;
+       buf[0]=((unsigned char)(l>>8L))&0xff;
+       buf[1]=((unsigned char)(l    ))&0xff;
+
 
 #ifndef OPENSSL_NO_COMP
        if (in->compress_meth)
@@ -201,10 +191,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
        a.session_id_context.type=V_ASN1_OCTET_STRING;
        a.session_id_context.data=in->sid_ctx;
 
-       a.key_arg.length=in->key_arg_length;
-       a.key_arg.type=V_ASN1_OCTET_STRING;
-       a.key_arg.data=in->key_arg;
-
 #ifndef OPENSSL_NO_KRB5
        if (in->krb5_client_princ_len)
                {
@@ -291,8 +277,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
        if (in->krb5_client_princ_len)
                M_ASN1_I2D_len(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
 #endif /* OPENSSL_NO_KRB5 */
-       if (in->key_arg_length > 0)
-               M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
        if (in->time != 0L)
                M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
        if (in->timeout != 0L)
@@ -337,8 +321,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
        if (in->krb5_client_princ_len)
                M_ASN1_I2D_put(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
 #endif /* OPENSSL_NO_KRB5 */
-       if (in->key_arg_length > 0)
-               M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
        if (in->time != 0L)
                M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
        if (in->timeout != 0L)
@@ -403,20 +385,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
 
        os.data=NULL; os.length=0;
        M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
-       if (ssl_version == SSL2_VERSION)
-               {
-               if (os.length != 3)
-                       {
-                       c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
-                       c.line=__LINE__;
-                       goto err;
-                       }
-               id=0x02000000L|
-                       ((unsigned long)os.data[0]<<16L)|
-                       ((unsigned long)os.data[1]<< 8L)|
-                        (unsigned long)os.data[2];
-               }
-       else if ((ssl_version>>8) >= SSL3_VERSION_MAJOR)
+       if ((ssl_version>>8) >= SSL3_VERSION_MAJOR)
                {
                if (os.length != 2)
                        {
@@ -439,10 +408,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
        ret->cipher_id=id;
 
        M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
-       if ((ssl_version>>8) >= SSL3_V