From a3680c8f9c33d4190c367572645980ccdb9d5bbf Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 31 Mar 2015 13:57:46 +0100 Subject: [PATCH] Version negotiation rewrite cleanup Following the version negotiation rewrite all of the previous code that was dedicated to version negotiation can now be deleted - all six source files of it!! Reviewed-by: Kurt Roeckx --- apps/Makefile | 130 ++++---- include/openssl/ssl.h | 1 - include/openssl/ssl23.h | 84 ------ ssl/Makefile | 472 +++++++++++------------------ ssl/record/README | 16 +- ssl/record/rec_layer_s23.c | 114 ------- ssl/record/record.h | 2 - ssl/s23_clnt.c | 594 ------------------------------------- ssl/s23_lib.c | 165 ----------- ssl/s23_meth.c | 81 ----- ssl/s23_srvr.c | 582 ------------------------------------ ssl/s3_lib.c | 24 ++ ssl/ssl-lib.com | 1 - ssl/ssl_locl.h | 49 --- ssl/ssl_stat.c | 44 --- ssl/t1_lib.c | 8 +- test/Makefile | 20 +- 17 files changed, 283 insertions(+), 2104 deletions(-) delete mode 100644 include/openssl/ssl23.h delete mode 100644 ssl/record/rec_layer_s23.c delete mode 100644 ssl/s23_clnt.c delete mode 100644 ssl/s23_lib.c delete mode 100644 ssl/s23_meth.c delete mode 100644 ssl/s23_srvr.c diff --git a/apps/Makefile b/apps/Makefile index 9952b3d1f0..29bad61837 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -191,12 +191,12 @@ apps.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h apps.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h apps.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -apps.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -apps.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -apps.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -apps.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -apps.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -apps.o: ../include/openssl/x509v3.h apps.c apps.h progs.h +apps.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +apps.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +apps.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +apps.o: ../include/openssl/ui.h ../include/openssl/x509.h +apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h +apps.o: progs.h asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -244,11 +244,11 @@ ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h ciphers.o: ../include/openssl/sha.h ../include/openssl/srtp.h ciphers.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ciphers.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ciphers.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h -ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ciphers.o: ../include/openssl/x509v3.h apps.h ciphers.c progs.h +ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ciphers.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +ciphers.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +ciphers.o: ciphers.c progs.h cms.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h cms.o: ../include/openssl/buffer.h ../include/openssl/cms.h cms.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -428,11 +428,11 @@ engine.o: ../include/openssl/pem.h ../include/openssl/pem2.h engine.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h engine.o: ../include/openssl/sha.h ../include/openssl/srtp.h engine.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -engine.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -engine.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -engine.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h -engine.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -engine.o: ../include/openssl/x509v3.h apps.h engine.c progs.h +engine.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +engine.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +engine.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +engine.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +engine.o: engine.c progs.h errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h errstr.o: ../include/openssl/buffer.h ../include/openssl/comp.h errstr.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -448,11 +448,11 @@ errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h errstr.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h errstr.o: ../include/openssl/sha.h ../include/openssl/srtp.h errstr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -errstr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -errstr.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h -errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -errstr.o: ../include/openssl/x509v3.h apps.h errstr.c progs.h +errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +errstr.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +errstr.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +errstr.o: errstr.c progs.h gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -534,12 +534,11 @@ ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h ocsp.o: ../include/openssl/safestack.h ../include/openssl/sha.h ocsp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -ocsp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ocsp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ocsp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ocsp.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -ocsp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ocsp.c -ocsp.o: progs.h +ocsp.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c progs.h openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h openssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -555,12 +554,11 @@ openssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h openssl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h openssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h openssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -openssl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -openssl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -openssl.o: openssl.c progs.h s_apps.h +openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +openssl.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +openssl.o: ../include/openssl/x509v3.h apps.h openssl.c progs.h s_apps.h opt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h opt.o: ../include/openssl/buffer.h ../include/openssl/conf.h opt.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -783,12 +781,11 @@ s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h s_cb.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_cb.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -s_cb.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -s_cb.o: progs.h s_apps.h s_cb.c +s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +s_cb.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_cb.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s_cb.o: ../include/openssl/x509v3.h apps.h progs.h s_apps.h s_cb.c s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h s_client.o: ../include/openssl/comp.h ../include/openssl/conf.h @@ -805,12 +802,12 @@ s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h s_client.o: ../include/openssl/rand.h ../include/openssl/safestack.h s_client.o: ../include/openssl/sha.h ../include/openssl/srp.h s_client.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_client.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -s_client.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -s_client.o: progs.h s_apps.h s_client.c timeouts.h +s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +s_client.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_client.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s_client.o: ../include/openssl/x509v3.h apps.h progs.h s_apps.h s_client.c +s_client.o: timeouts.h s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h @@ -828,12 +825,12 @@ s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s_server.o: ../include/openssl/sha.h ../include/openssl/srp.h s_server.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_server.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -s_server.o: progs.h s_apps.h s_server.c timeouts.h +s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_server.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s_server.o: ../include/openssl/x509v3.h apps.h progs.h s_apps.h s_server.c +s_server.o: timeouts.h s_socket.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_socket.o: ../include/openssl/buffer.h ../include/openssl/comp.h s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -848,12 +845,11 @@ s_socket.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h s_socket.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_socket.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -s_socket.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -s_socket.o: progs.h s_apps.h s_socket.c +s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +s_socket.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_socket.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +s_socket.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s_socket.o: ../include/openssl/x509v3.h apps.h progs.h s_apps.h s_socket.c s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_time.o: ../include/openssl/buffer.h ../include/openssl/comp.h s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -869,11 +865,11 @@ s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h s_time.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h s_time.o: ../include/openssl/sha.h ../include/openssl/srtp.h s_time.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_time.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s_time.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h -s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -s_time.o: ../include/openssl/x509v3.h apps.h progs.h s_apps.h s_time.c +s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s_time.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +s_time.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +s_time.o: progs.h s_apps.h s_time.c sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h sess_id.o: ../include/openssl/buffer.h ../include/openssl/comp.h sess_id.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -889,11 +885,11 @@ sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h sess_id.o: ../include/openssl/sha.h ../include/openssl/srtp.h sess_id.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -sess_id.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -sess_id.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h -sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -sess_id.o: ../include/openssl/x509v3.h apps.h progs.h sess_id.c +sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +sess_id.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +sess_id.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +sess_id.o: progs.h sess_id.c smime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h smime.o: ../include/openssl/buffer.h ../include/openssl/conf.h smime.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 3f30bc2a88..c778624364 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -910,7 +910,6 @@ __owur int SSL_extension_supported(unsigned int ext_type); # include # include /* This is mostly sslv3 with a few tweaks */ # include /* Datagram TLS */ -# include # include /* Support for the use_srtp extension */ #ifdef __cplusplus diff --git a/include/openssl/ssl23.h b/include/openssl/ssl23.h deleted file mode 100644 index 9de4685af9..0000000000 --- a/include/openssl/ssl23.h +++ /dev/null @@ -1,84 +0,0 @@ -/* ssl/ssl23.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL23_H -# define HEADER_SSL23_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * client - */ -/* write to server */ -# define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT) -# define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT) -/* read from server */ -# define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT) -# define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT) - -/* server */ -/* read from client */ -# define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT) -# define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT) - -#ifdef __cplusplus -} -#endif -#endif diff --git a/ssl/Makefile b/ssl/Makefile index bb00516df7..eb3171eafb 100644 --- a/ssl/Makefile +++ b/ssl/Makefile @@ -19,7 +19,6 @@ SHARED_LIB= libssl$(SHLIB_EXT) LIBSRC= \ s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c record/rec_layer_s3.c \ s3_both.c s3_cbc.c s3_msg.c \ - s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c record/rec_layer_s23.c \ t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_ext.c \ d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c record/rec_layer_d1.c d1_msg.c \ d1_both.c d1_srtp.c \ @@ -31,7 +30,6 @@ LIBSRC= \ LIBOBJ= \ s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o record/rec_layer_s3.o \ s3_both.o s3_cbc.o s3_msg.o \ - s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o record/rec_layer_s23.o \ t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o t1_ext.o \ d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o record/rec_layer_d1.o d1_msg.o \ d1_both.o d1_srtp.o\ @@ -106,10 +104,10 @@ bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h bio_ssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h bio_ssl.o: ../include/openssl/sha.h ../include/openssl/srtp.h bio_ssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -bio_ssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -bio_ssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -bio_ssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h -bio_ssl.o: ../include/openssl/x509_vfy.h bio_ssl.c record/record.h ssl_locl.h +bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c +bio_ssl.o: record/record.h ssl_locl.h d1_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h d1_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -125,11 +123,10 @@ d1_both.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h d1_both.o: ../include/openssl/rand.h ../include/openssl/rsa.h d1_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h d1_both.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -d1_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -d1_both.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -d1_both.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -d1_both.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_both.c -d1_both.o: record/record.h ssl_locl.h +d1_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +d1_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h +d1_both.o: ../include/openssl/x509_vfy.h d1_both.c record/record.h ssl_locl.h d1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h d1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h @@ -147,10 +144,10 @@ d1_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h d1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h d1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -d1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -d1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -d1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -d1_clnt.o: ../include/openssl/x509_vfy.h d1_clnt.c record/record.h ssl_locl.h +d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c +d1_clnt.o: record/record.h ssl_locl.h d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h d1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -166,10 +163,10 @@ d1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h d1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h d1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -d1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -d1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -d1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h -d1_lib.o: ../include/openssl/x509_vfy.h d1_lib.c record/record.h ssl_locl.h +d1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +d1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +d1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_lib.c +d1_lib.o: record/record.h ssl_locl.h d1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h d1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -185,10 +182,10 @@ d1_meth.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h d1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_meth.o: ../include/openssl/sha.h ../include/openssl/srtp.h d1_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -d1_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -d1_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -d1_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h -d1_meth.o: ../include/openssl/x509_vfy.h d1_meth.c record/record.h ssl_locl.h +d1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +d1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +d1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_meth.c +d1_meth.o: record/record.h ssl_locl.h d1_msg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_msg.o: ../include/openssl/buffer.h ../include/openssl/comp.h d1_msg.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -204,10 +201,10 @@ d1_msg.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h d1_msg.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_msg.o: ../include/openssl/sha.h ../include/openssl/srtp.h d1_msg.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -d1_msg.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -d1_msg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -d1_msg.o: ../include/openssl/tls1.h ../include/openssl/x509.h -d1_msg.o: ../include/openssl/x509_vfy.h d1_msg.c record/record.h ssl_locl.h +d1_msg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +d1_msg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +d1_msg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_msg.c +d1_msg.o: record/record.h ssl_locl.h d1_srtp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_srtp.o: ../include/openssl/buffer.h ../include/openssl/comp.h d1_srtp.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -223,10 +220,10 @@ d1_srtp.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h d1_srtp.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_srtp.o: ../include/openssl/sha.h ../include/openssl/srtp.h d1_srtp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -d1_srtp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -d1_srtp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -d1_srtp.o: ../include/openssl/tls1.h ../include/openssl/x509.h -d1_srtp.o: ../include/openssl/x509_vfy.h d1_srtp.c record/record.h ssl_locl.h +d1_srtp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +d1_srtp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +d1_srtp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srtp.c +d1_srtp.o: record/record.h ssl_locl.h d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h d1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h @@ -244,10 +241,10 @@ d1_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h d1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h d1_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h d1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -d1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -d1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -d1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -d1_srvr.o: ../include/openssl/x509_vfy.h d1_srvr.c record/record.h ssl_locl.h +d1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c +d1_srvr.o: record/record.h ssl_locl.h dtls1_bitmap.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h dtls1_bitmap.o: ../include/openssl/buffer.h ../include/openssl/comp.h dtls1_bitmap.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -263,11 +260,10 @@ dtls1_bitmap.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h dtls1_bitmap.o: ../include/openssl/rsa.h ../include/openssl/safestack.h dtls1_bitmap.o: ../include/openssl/sha.h ../include/openssl/srtp.h dtls1_bitmap.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -dtls1_bitmap.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -dtls1_bitmap.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -dtls1_bitmap.o: ../include/openssl/tls1.h ../include/openssl/x509.h -dtls1_bitmap.o: ../include/openssl/x509_vfy.h dtls1_bitmap.c -dtls1_bitmap.o: record/../record/record.h record/../ssl_locl.h +dtls1_bitmap.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +dtls1_bitmap.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +dtls1_bitmap.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +dtls1_bitmap.o: dtls1_bitmap.c record/../record/record.h record/../ssl_locl.h dtls1_bitmap.o: record/dtls1_bitmap.c record/record_locl.h rec_layer_d1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h rec_layer_d1.o: ../include/openssl/buffer.h ../include/openssl/comp.h @@ -284,33 +280,12 @@ rec_layer_d1.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h rec_layer_d1.o: ../include/openssl/rand.h ../include/openssl/rsa.h rec_layer_d1.o: ../include/openssl/safestack.h ../include/openssl/sha.h rec_layer_d1.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -rec_layer_d1.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -rec_layer_d1.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -rec_layer_d1.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -rec_layer_d1.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -rec_layer_d1.o: rec_layer_d1.c record/../record/record.h record/../ssl_locl.h +rec_layer_d1.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +rec_layer_d1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +rec_layer_d1.o: ../include/openssl/tls1.h ../include/openssl/x509.h +rec_layer_d1.o: ../include/openssl/x509_vfy.h rec_layer_d1.c +rec_layer_d1.o: record/../record/record.h record/../ssl_locl.h rec_layer_d1.o: record/rec_layer_d1.c record/record_locl.h -rec_layer_s23.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -rec_layer_s23.o: ../include/openssl/buffer.h ../include/openssl/comp.h -rec_layer_s23.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -rec_layer_s23.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -rec_layer_s23.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -rec_layer_s23.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -rec_layer_s23.o: ../include/openssl/evp.h ../include/openssl/hmac.h -rec_layer_s23.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -rec_layer_s23.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -rec_layer_s23.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -rec_layer_s23.o: ../include/openssl/pem.h ../include/openssl/pem2.h -rec_layer_s23.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -rec_layer_s23.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -rec_layer_s23.o: ../include/openssl/sha.h ../include/openssl/srtp.h -rec_layer_s23.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -rec_layer_s23.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -rec_layer_s23.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -rec_layer_s23.o: ../include/openssl/tls1.h ../include/openssl/x509.h -rec_layer_s23.o: ../include/openssl/x509_vfy.h rec_layer_s23.c -rec_layer_s23.o: record/../record/record.h record/../ssl_locl.h -rec_layer_s23.o: record/rec_layer_s23.c rec_layer_s3.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h rec_layer_s3.o: ../include/openssl/buffer.h ../include/openssl/comp.h rec_layer_s3.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -326,90 +301,12 @@ rec_layer_s3.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h rec_layer_s3.o: ../include/openssl/rand.h ../include/openssl/rsa.h rec_layer_s3.o: ../include/openssl/safestack.h ../include/openssl/sha.h rec_layer_s3.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -rec_layer_s3.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -rec_layer_s3.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -rec_layer_s3.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -rec_layer_s3.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -rec_layer_s3.o: rec_layer_s3.c record/../record/record.h record/../ssl_locl.h +rec_layer_s3.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +rec_layer_s3.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +rec_layer_s3.o: ../include/openssl/tls1.h ../include/openssl/x509.h +rec_layer_s3.o: ../include/openssl/x509_vfy.h rec_layer_s3.c +rec_layer_s3.o: record/../record/record.h record/../ssl_locl.h rec_layer_s3.o: record/rec_layer_s3.c record/record_locl.h -s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s23_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s23_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s23_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s23_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s23_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s23_clnt.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s23_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s23_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s23_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s23_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h -s23_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s23_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s23_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s23_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s23_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s23_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -s23_clnt.o: record/record.h s23_clnt.c ssl_locl.h -s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s23_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s23_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s23_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s23_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s23_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s23_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s23_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s23_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s23_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s23_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s23_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s23_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h -s23_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s23_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s23_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s23_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s23_lib.o: ../include/openssl/x509_vfy.h record/record.h s23_lib.c ssl_locl.h -s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s23_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s23_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s23_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s23_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s23_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s23_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s23_meth.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s23_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s23_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s23_meth.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s23_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s23_meth.o: ../include/openssl/sha.h ../include/openssl/srtp.h -s23_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s23_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s23_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s23_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s23_meth.o: ../include/openssl/x509_vfy.h record/record.h s23_meth.c ssl_locl.h -s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s23_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s23_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s23_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s23_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s23_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s23_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s23_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s23_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s23_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s23_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s23_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h -s23_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s23_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s23_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s23_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s23_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s23_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -s23_srvr.o: record/record.h s23_srvr.c ssl_locl.h s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -425,11 +322,10 @@ s3_both.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h s3_both.o: ../include/openssl/rand.h ../include/openssl/rsa.h s3_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h s3_both.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s3_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_both.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_both.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_both.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -s3_both.o: record/record.h s3_both.c ssl_locl.h +s3_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_both.o: ../include/openssl/x509_vfy.h record/record.h s3_both.c ssl_locl.h s3_cbc.o: ../e_os.h ../include/internal/constant_time_locl.h s3_cbc.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_cbc.o: ../include/openssl/buffer.h ../include/openssl/comp.h @@ -446,11 +342,10 @@ s3_cbc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h s3_cbc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h s3_cbc.o: ../include/openssl/safestack.h ../include/openssl/sha.h s3_cbc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s3_cbc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_cbc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_cbc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_cbc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -s3_cbc.o: record/record.h s3_cbc.c ssl_locl.h +s3_cbc.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +s3_cbc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_cbc.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_cbc.o: ../include/openssl/x509_vfy.h record/record.h s3_cbc.c ssl_locl.h s3_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h s3_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h @@ -468,11 +363,10 @@ s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h s3_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -s3_clnt.o: record/record.h s3_clnt.c ssl_locl.h +s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_clnt.o: ../include/openssl/x509_vfy.h record/record.h s3_clnt.c ssl_locl.h s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s3_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h s3_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -488,11 +382,10 @@ s3_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h s3_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h s3_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h s3_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s3_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -s3_enc.o: record/record.h s3_enc.c ssl_locl.h +s3_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_enc.o: ../include/openssl/x509_vfy.h record/record.h s3_enc.c ssl_locl.h s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s3_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h s3_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h @@ -506,10 +399,10 @@ s3_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h s3_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h s3_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h s3_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s3_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h -s3_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_lib.o: ../include/openssl/rand.h ../include/openssl/rsa.h +s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h +s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h s3_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s3_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h s3_lib.o: ../include/openssl/x509_vfy.h record/record.h s3_lib.c ssl_locl.h @@ -528,10 +421,10 @@ s3_meth.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h s3_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s3_meth.o: ../include/openssl/sha.h ../include/openssl/srtp.h s3_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_meth.o: ../include/openssl/x509_vfy.h record/record.h s3_meth.c ssl_locl.h +s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s3_meth.o: record/record.h s3_meth.c ssl_locl.h s3_msg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s3_msg.o: ../include/openssl/buffer.h ../include/openssl/comp.h s3_msg.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -547,10 +440,10 @@ s3_msg.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h s3_msg.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s3_msg.o: ../include/openssl/sha.h ../include/openssl/srtp.h s3_msg.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_msg.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_msg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_msg.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_msg.o: ../include/openssl/x509_vfy.h record/record.h s3_msg.c ssl_locl.h +s3_msg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_msg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_msg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s3_msg.o: record/record.h s3_msg.c ssl_locl.h s3_srvr.o: ../e_os.h ../include/internal/constant_time_locl.h s3_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h s3_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h @@ -569,10 +462,10 @@ s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h s3_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_srvr.o: ../include/openssl/x509_vfy.h record/record.h s3_srvr.c ssl_locl.h +s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +s3_srvr.o: record/record.h s3_srvr.c ssl_locl.h ssl3_buffer.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl3_buffer.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl3_buffer.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -588,12 +481,11 @@ ssl3_buffer.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl3_buffer.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl3_buffer.o: ../include/openssl/sha.h ../include/openssl/srtp.h ssl3_buffer.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl3_buffer.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl3_buffer.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl3_buffer.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl3_buffer.o: ../include/openssl/x509_vfy.h record/../record/record.h -ssl3_buffer.o: record/../ssl_locl.h record/record_locl.h record/ssl3_buffer.c -ssl3_buffer.o: ssl3_buffer.c +ssl3_buffer.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl3_buffer.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl3_buffer.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl3_buffer.o: record/../record/record.h record/../ssl_locl.h +ssl3_buffer.o: record/record_locl.h record/ssl3_buffer.c ssl3_buffer.c ssl3_record.o: ../e_os.h ../include/internal/constant_time_locl.h ssl3_record.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl3_record.o: ../include/openssl/buffer.h ../include/openssl/comp.h @@ -610,12 +502,12 @@ ssl3_record.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl3_record.o: ../include/openssl/rand.h ../include/openssl/rsa.h ssl3_record.o: ../include/openssl/safestack.h ../include/openssl/sha.h ssl3_record.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -ssl3_record.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl3_record.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl3_record.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl3_record.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ssl3_record.o: record/../record/record.h record/../ssl_locl.h -ssl3_record.o: record/record_locl.h record/ssl3_record.c ssl3_record.c +ssl3_record.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +ssl3_record.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl3_record.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl3_record.o: ../include/openssl/x509_vfy.h record/../record/record.h +ssl3_record.o: record/../ssl_locl.h record/record_locl.h record/ssl3_record.c +ssl3_record.o: ssl3_record.c ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -631,10 +523,10 @@ ssl_algs.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl_algs.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_algs.o: ../include/openssl/sha.h ../include/openssl/srtp.h ssl_algs.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_algs.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_algs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_algs.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_algs.o: ../include/openssl/x509_vfy.h record/record.h ssl_algs.c ssl_locl.h +ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_algs.o: record/record.h ssl_algs.c ssl_locl.h ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1t.h ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h ssl_asn1.o: ../include/openssl/comp.h ../include/openssl/crypto.h @@ -650,11 +542,10 @@ ssl_asn1.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h ssl_asn1.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h ssl_asn1.o: ../include/openssl/safestack.h ../include/openssl/sha.h ssl_asn1.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -ssl_asn1.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_asn1.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_asn1.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_asn1.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ssl_asn1.o: record/record.h ssl_asn1.c ssl_locl.h +ssl_asn1.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_asn1.o: ../include/openssl/x509_vfy.h record/record.h ssl_asn1.c ssl_locl.h ssl_cert.o: ../e_os.h ../include/internal/o_dir.h ../include/openssl/asn1.h ssl_cert.o: ../include/openssl/bio.h ../include/openssl/bn.h ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/comp.h @@ -672,11 +563,10 @@ ssl_cert.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl_cert.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_cert.o: ../include/openssl/sha.h ../include/openssl/srtp.h ssl_cert.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_cert.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_cert.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_cert.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_cert.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h -ssl_cert.o: record/record.h ssl_cert.c ssl_locl.h +ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_cert.o: ../include/openssl/x509v3.h record/record.h ssl_cert.c ssl_locl.h ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_ciph.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -692,11 +582,10 @@ ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h ssl_ciph.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h ssl_ciph.o: ../include/openssl/safestack.h ../include/openssl/sha.h ssl_ciph.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ssl_ciph.o: record/record.h ssl_ciph.c ssl_locl.h +ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_ciph.o: ../include/openssl/x509_vfy.h record/record.h ssl_ciph.c ssl_locl.h ssl_conf.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_conf.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_conf.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -713,10 +602,10 @@ ssl_conf.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl_conf.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_conf.o: ../include/openssl/sha.h ../include/openssl/srtp.h ssl_conf.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_conf.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_conf.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_conf.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_conf.o: ../include/openssl/x509_vfy.h record/record.h ssl_conf.c ssl_locl.h +ssl_conf.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_conf.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_conf.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_conf.o: record/record.h ssl_conf.c ssl_locl.h ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_err.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_err.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h @@ -730,10 +619,10 @@ ssl_err.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h ssl_err.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h ssl_err.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c +ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +ssl_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_err.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_err.o: ../include/openssl/x509_vfy.h ssl_err.c ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_err2.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h @@ -747,10 +636,10 @@ ssl_err2.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h ssl_err2.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h ssl_err2.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c +ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_err2.o: ../include/openssl/x509_vfy.h ssl_err2.c ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -768,11 +657,11 @@ ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl_lib.o: ../include/openssl/rand.h ../include/openssl/rsa.h ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h ssl_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ssl_lib.o: ../include/openssl/x509v3.h record/record.h ssl_lib.c ssl_locl.h +ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h +ssl_lib.o: record/record.h ssl_lib.c ssl_locl.h ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_rsa.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -788,10 +677,10 @@ ssl_rsa.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl_rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_rsa.o: ../include/openssl/sha.h ../include/openssl/srtp.h ssl_rsa.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_rsa.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_rsa.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_rsa.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h ssl_rsa.c +ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_rsa.o: record/record.h ssl_locl.h ssl_rsa.c ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_sess.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -808,10 +697,10 @@ ssl_sess.o: ../include/openssl/pqueue.h ../include/openssl/rand.h ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_sess.o: ../include/openssl/sha.h ../include/openssl/srtp.h ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_sess.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h ssl_sess.c +ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_sess.o: record/record.h ssl_locl.h ssl_sess.c ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_stat.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -827,10 +716,10 @@ ssl_stat.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl_stat.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_stat.o: ../include/openssl/sha.h ../include/openssl/srtp.h ssl_stat.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_stat.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_stat.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_stat.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_stat.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h ssl_stat.c +ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_stat.o: record/record.h ssl_locl.h ssl_stat.c ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_txt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -846,10 +735,10 @@ ssl_txt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl_txt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_txt.o: ../include/openssl/sha.h ../include/openssl/srtp.h ssl_txt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_txt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_txt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_txt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_txt.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h ssl_txt.c +ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_txt.o: record/record.h ssl_locl.h ssl_txt.c ssl_utst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_utst.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_utst.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -865,10 +754,10 @@ ssl_utst.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ssl_utst.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ssl_utst.o: ../include/openssl/sha.h ../include/openssl/srtp.h ssl_utst.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssl_utst.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssl_utst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssl_utst.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssl_utst.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h ssl_utst.c +ssl_utst.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssl_utst.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssl_utst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssl_utst.o: record/record.h ssl_locl.h ssl_utst.c t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -884,11 +773,10 @@ t1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h t1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h t1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h t1_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -t1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -t1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -t1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -t1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -t1_clnt.o: record/record.h ssl_locl.h t1_clnt.c +t1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h +t1_clnt.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h t1_clnt.c t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h t1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h t1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -905,10 +793,10 @@ t1_enc.o: ../include/openssl/pqueue.h ../include/openssl/rand.h t1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h t1_enc.o: ../include/openssl/sha.h ../include/openssl/srtp.h t1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_enc.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h t1_enc.c +t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +t1_enc.o: record/record.h ssl_locl.h t1_enc.c t1_ext.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h t1_ext.o: ../include/openssl/buffer.h ../include/openssl/comp.h t1_ext.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -924,10 +812,10 @@ t1_ext.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h t1_ext.o: ../include/openssl/rsa.h ../include/openssl/safestack.h t1_ext.o: ../include/openssl/sha.h ../include/openssl/srtp.h t1_ext.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_ext.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_ext.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_ext.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_ext.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h t1_ext.c +t1_ext.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_ext.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_ext.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +t1_ext.o: record/record.h ssl_locl.h t1_ext.c t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h t1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h t1_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h @@ -945,11 +833,11 @@ t1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h t1_lib.o: ../include/openssl/rand.h ../include/openssl/rsa.h t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h t1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -t1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -t1_lib.o: ../include/openssl/x509v3.h record/record.h ssl_locl.h t1_lib.c +t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h +t1_lib.o: record/record.h ssl_locl.h t1_lib.c t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h t1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h t1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -965,10 +853,10 @@ t1_meth.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h t1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h t1_meth.o: ../include/openssl/sha.h ../include/openssl/srtp.h t1_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_meth.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h t1_meth.c +t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +t1_meth.o: record/record.h ssl_locl.h t1_meth.c t1_reneg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h t1_reneg.o: ../include/openssl/buffer.h ../include/openssl/comp.h t1_reneg.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -984,10 +872,10 @@ t1_reneg.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h t1_reneg.o: ../include/openssl/rsa.h ../include/openssl/safestack.h t1_reneg.o: ../include/openssl/sha.h ../include/openssl/srtp.h t1_reneg.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_reneg.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_reneg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_reneg.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_reneg.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h t1_reneg.c +t1_reneg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_reneg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_reneg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +t1_reneg.o: record/record.h ssl_locl.h t1_reneg.c t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h t1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -1003,11 +891,10 @@ t1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h t1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h t1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h t1_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -t1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -t1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -t1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -t1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -t1_srvr.o: record/record.h ssl_locl.h t1_srvr.c +t1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h +t1_srvr.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h t1_srvr.c t1_trce.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h t1_trce.o: ../include/openssl/buffer.h ../include/openssl/comp.h t1_trce.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -1023,10 +910,10 @@ t1_trce.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h t1_trce.o: ../include/openssl/rsa.h ../include/openssl/safestack.h t1_trce.o: ../include/openssl/sha.h ../include/openssl/srtp.h t1_trce.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -t1_trce.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -t1_trce.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -t1_trce.o: ../include/openssl/tls1.h ../include/openssl/x509.h -t1_trce.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h t1_trce.c +t1_trce.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +t1_trce.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +t1_trce.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +t1_trce.o: record/record.h ssl_locl.h t1_trce.c tls_srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h tls_srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h tls_srp.o: ../include/openssl/comp.h ../include/openssl/crypto.h @@ -1043,8 +930,7 @@ tls_srp.o: ../include/openssl/pqueue.h ../include/openssl/rand.h tls_srp.o: ../include/openssl/rsa.h ../include/openssl/safestack.h tls_srp.o: ../include/openssl/sha.h ../include/openssl/srp.h tls_srp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -tls_srp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -tls_srp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -tls_srp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -tls_srp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -tls_srp.o: record/record.h ssl_locl.h tls_srp.c +tls_srp.o: ../include/openssl/ssl2.h ../include/openssl/ssl3.h +tls_srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +tls_srp.o: ../include/openssl/tls1.h ../include/openssl/x509.h +tls_srp.o: ../include/openssl/x509_vfy.h record/record.h ssl_locl.h tls_srp.c diff --git a/ssl/record/README b/ssl/record/README index 6870b53138..987e9fd305 100644 --- a/ssl/record/README +++ b/ssl/record/README @@ -21,7 +21,7 @@ The source files map to components as follows: dtls1_bitmap.c -> DTLS1_BITMAP component ssl3_buffer.c -> SSL3_BUFFER component ssl3_record.c -> SSL3_RECORD component -rec_layer_s23.c, rec_layer_s3.c, rec_layer_d1.c -> RECORD_LAYER component +rec_layer_s3.c, rec_layer_d1.c -> RECORD_LAYER component The RECORD_LAYER component is a facade pattern, i.e. it provides a simplified interface to the record layer for the rest of libssl. The other 3 components are @@ -46,9 +46,6 @@ Conceptually it looks like this: | | | RECORD_LAYER | | | - | rec_layer_s23.c | - | ^ | - | | | | rec_layer_s3.c | | ^ | | _________|__________ | @@ -69,10 +66,9 @@ Conceptually it looks like this: |_______________| |_______________| |________________| -The three RECORD_LAYER source files build progressively on each other, i.e. -the simplest is rec_layer_s23.c. This provides the most basic functions used -for version negotiation. Next rec_layer_s3.c adds the SSL/TLS layer. Finally -rec_layer_d1.c builds off of the SSL/TLS code to provide DTLS specific -capabilities. It uses some DTLS specific RECORD_LAYER component members which -should only be accessed from rec_layer_d1.c. These are held in the +The two RECORD_LAYER source files build on each other, i.e. +the main one is rec_layer_s3.c which provides the core SSL/TLS layer. The second +one is rec_layer_d1.c which builds off of the SSL/TLS code to provide DTLS +specific capabilities. It uses some DTLS specific RECORD_LAYER component members +which should only be accessed from rec_layer_d1.c. These are held in the DTLS1_RECORD_LAYER struct. diff --git a/ssl/record/rec_layer_s23.c b/ssl/record/rec_layer_s23.c deleted file mode 100644 index eb09be1e3a..0000000000 --- a/ssl/record/rec_layer_s23.c +++ /dev/null @@ -1,114 +0,0 @@ -/* ssl/record/rec_layer_s23.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#define USE_SOCKETS -#include "../ssl_locl.h" -#include -#include - -int ssl23_write_bytes(SSL *s) -{ - int i, num, tot; - char *buf; - - buf = s->init_buf->data; - tot = s->init_off; - num = s->init_num; - for (;;) { - s->rwstate = SSL_WRITING; - i = BIO_write(s->wbio, &(buf[tot]), num); - if (i <= 0) { - s->init_off = tot; - s->init_num = num; - return (i); - } - s->rwstate = SSL_NOTHING; - if (i == num) - return (tot + i); - - num -= i; - tot += i; - } -} - -/* return regularly only when we have read (at least) 'n' bytes */ -int ssl23_read_bytes(SSL *s, int n) -{ - unsigned char *p; - int j; - - if (s->rlayer.packet_length < (unsigned int)n) { - p = s->rlayer.packet; - - for (;;) { - s->rwstate = SSL_READING; - j = BIO_read(s->rbio, - (char *)&(p[s->rlayer.packet_length]), - n - s->rlayer.packet_length); - if (j <= 0) - return (j); - s->rwstate = SSL_NOTHING; - s->rlayer.packet_length += j; - if (s->rlayer.packet_length >= (unsigned int)n) - return (s->rlayer.packet_length); - } - } - return (n); -} diff --git a/ssl/record/record.h b/ssl/record/record.h index a778998196..cf1607ccb4 100644 --- a/ssl/record/record.h +++ b/ssl/record/record.h @@ -328,8 +328,6 @@ int RECORD_LAYER_setup_comp_buffer(RECORD_LAYER *rl); int RECORD_LAYER_is_sslv2_record(RECORD_LAYER *rl); int RECORD_LAYER_get_rrec_length(RECORD_LAYER *rl); __owur int ssl3_pending(const SSL *s); -__owur int ssl23_read_bytes(SSL *s, int n); -__owur int ssl23_write_bytes(SSL *s); __owur int ssl3_write_bytes(SSL *s, int type, const void *buf, int len); __owur int do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment); diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c deleted file mode 100644 index 75a0582f95..0000000000 --- a/ssl/s23_clnt.c +++ /dev/null @@ -1,594 +0,0 @@ -/* ssl/s23_clnt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "ssl_locl.h" -#include -#include -#include -#include - -/*static const SSL_METHOD *ssl23_get_client_method(int ver);*/ -static int ssl23_client_hello(SSL *s); -static int ssl23_get_server_hello(SSL *s); - -/* -static const SSL_METHOD *ssl23_get_client_method(int ver) -{ -#ifndef OPENSSL_NO_SSL3 - if (ver == SSL3_VERSION) - return (SSLv3_client_method()); -#endif - if (ver == TLS1_VERSION) - return (TLSv1_client_method()); - else if (ver == TLS1_1_VERSION) - return (TLSv1_1_client_method()); - else if (ver == TLS1_2_VERSION) - return (TLSv1_2_client_method()); - else - return (NULL); -} -*/ - -int ssl23_connect(SSL *s) -{ - BUF_MEM *buf = NULL; - unsigned long Time = (unsigned long)time(NULL); - void (*cb) (const SSL *ssl, int type, int val) = NULL; - int ret = -1; - int new_state, state; - - RAND_add(&Time, sizeof(Time), 0); - ERR_clear_error(); - clear_sys_error(); - - if (s->info_callback != NULL) - cb = s->info_callback; - else if (s->ctx->info_callback != NULL) - cb = s->ctx->info_callback; - - s->in_handshake++; - if (!SSL_in_init(s) || SSL_in_before(s)) { - if (!SSL_clear(s)) - return -1; - } - - for (;;) { - state = s->state; - - switch (s->state) { - case SSL_ST_BEFORE: - case SSL_ST_CONNECT: - case SSL_ST_BEFORE | SSL_ST_CONNECT: - case SSL_ST_OK | SSL_ST_CONNECT: - - if (s->session != NULL) { - SSLerr(SSL_F_SSL23_CONNECT, - SSL_R_SSL23_DOING_SESSION_ID_REUSE); - ret = -1; - goto end; - } - s->server = 0; - if (cb != NULL) - cb(s, SSL_CB_HANDSHAKE_START, 1); - - /* s->version=TLS1_VERSION; */ - s->type = SSL_ST_CONNECT; - - if (s->init_buf == NULL) { - if ((buf = BUF_MEM_new()) == NULL) { - ret = -1; - goto end; - } - if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) { - ret = -1; - goto end; - } - s->init_buf = buf; - buf = NULL; - } - - if (!ssl3_setup_buffers(s)) { - ret = -1; - goto end; - } - - ssl3_init_finished_mac(s); - - s->state = SSL23_ST_CW_CLNT_HELLO_A; - s->ctx->stats.sess_connect++; - s->init_num = 0; - break; - - case SSL23_ST_CW_CLNT_HELLO_A: - case SSL23_ST_CW_CLNT_HELLO_B: - - s->shutdown = 0; - ret = ssl23_client_hello(s); - if (ret <= 0) - goto end; - s->state = SSL23_ST_CR_SRVR_HELLO_A; - s->init_num = 0; - - break; - - case SSL23_ST_CR_SRVR_HELLO_A: - case SSL23_ST_CR_SRVR_HELLO_B: - ret = ssl23_get_server_hello(s); - if (ret >= 0) - cb = NULL; - goto end; - /* break; */ - - default: - SSLerr(SSL_F_SSL23_CONNECT, SSL_R_UNKNOWN_STATE); - ret = -1; - goto end; - /* break; */ - } - - if (s->debug) { - (void)BIO_flush(s->wbio); - } - - if ((cb != NULL) && (s->state != state)) { - new_state = s->state; - s->state = state; - cb(s, SSL_CB_CONNECT_LOOP, 1); - s->state = new_state; - } - } - end: - s->in_handshake--; - BUF_MEM_free(buf); - if (cb != NULL) - cb(s, SSL_CB_CONNECT_EXIT, ret); - return (ret); -} - -/* - * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on - * failure, 1 on success. - */ -int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len) -{ - int send_time = 0; - - if (len < 4) - return 0; - if (server) - send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0; - else - send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0; - if (send_time) { - unsigned long Time = (unsigned long)time(NULL); - unsigned char *p = result; - l2n(Time, p); - return RAND_bytes(p, len - 4); - } else - return RAND_bytes(result, len); -} - -static int ssl23_client_hello(SSL *s) -{ - unsigned char *buf; - unsigned char *p, *d; - int i; - unsigned long l; - int version = 0, version_major, version_minor; - int al = 0; -#ifndef OPENSSL_NO_COMP - int j; - SSL_COMP *comp; -#endif - int ret; - unsigned long mask, options = s->options; - - /* - * SSL_OP_NO_X disables all protocols above X *if* there are - * some protocols below X enabled. This is required in order - * to maintain "version capability" vector contiguous. So - * that if application wants to disable TLS1.0 in favour of - * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the - * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. - */ - mask = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1 -#if !defined(OPENSSL_NO_SSL3) - | SSL_OP_NO_SSLv3 -#endif - ; -#if !defined(OPENSSL_NO_TLS1_2_CLIENT) - version = TLS1_2_VERSION; - - if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask) - version = TLS1_1_VERSION; -#else - version = TLS1_1_VERSION; -#endif - mask &= ~SSL_OP_NO_TLSv1_1; - if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask) - version = TLS1_VERSION; - mask &= ~SSL_OP_NO_TLSv1; -#if !defined(OPENSSL_NO_SSL3) - if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask) - version = SSL3_VERSION; - mask &= ~SSL_OP_NO_SSLv3; -#endif - - buf = (unsigned char *)s->init_buf->data; - if (s->state == SSL23_ST_CW_CLNT_HELLO_A) { - p = s->s3->client_random; - if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0) - return -1; - - if (version == TLS1_2_VERSION) { - version_major = TLS1_2_VERSION_MAJOR; - version_minor = TLS1_2_VERSION_MINOR; - } else if (tls1_suiteb(s)) { - SSLerr(SSL_F_SSL23_CLIENT_HELLO, - SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE); - return -1; - } else if (version == TLS1_1_VERSION) { - version_major = TLS1_1_VERSION_MAJOR; - version_minor = TLS1_1_VERSION_MINOR; - } else if (version == TLS1_VERSION) { - version_major = TLS1_VERSION_MAJOR; - version_minor = TLS1_VERSION_MINOR; - } else if (FIPS_mode()) { - SSLerr(SSL_F_SSL23_CLIENT_HELLO, - SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); - return -1; - } else if (version == SSL3_VERSION) { - version_major = SSL3_VERSION_MAJOR; - version_minor = SSL3_VERSION_MINOR; - } else { - SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_PROTOCOLS_AVAILABLE); - return (-1); - } - - s->client_version = version; - - /* create Client Hello in SSL 3.0/TLS 1.0 format */ - - /* - * do the record header (5 bytes) and handshake message header (4 - * bytes) last - */ - d = p = &(buf[9]); - - *(p++) = version_major; - *(p++) = version_minor; - - /* Random stuff */ - memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE); - p += SSL3_RANDOM_SIZE; - - /* Session ID (zero since there is no reuse) */ - *(p++) = 0; - - /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */ - i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), - ssl3_put_cipher_by_char); - if (i == 0) { - SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE); - return -1; - } -#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH - /* - * Some servers hang if client hello > 256 bytes as hack workaround - * chop number of supported ciphers to keep it well below this if we - * use TLS v1.2 - */ - if (TLS1_get_version(s) >= TLS1_2_VERSION - && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH) - i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1; -#endif - s2n(i, p); - p += i; - - /* COMPRESSION */ -#ifdef OPENSSL_NO_COMP - *(p++) = 1; -#else - if (!ssl_allow_compression(s) || !s->ctx->comp_methods) - j = 0; - else - j = sk_SSL_COMP_num(s->ctx->comp_methods); - *(p++) = 1 + j; - for (i = 0; i < j; i++) { - comp = sk_SSL_COMP_value(s->ctx->comp_methods, i); - *(p++) = comp->id; - } -#endif - *(p++) = 0; /* Add the NULL method */ - -#ifndef OPENSSL_NO_TLSEXT - /* TLS extensions */ - if (ssl_prepare_clienthello_tlsext(s) <= 0) { - SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); - return -1; - } - if ((p = - ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH, - &al)) == NULL) { - ssl3_send_alert(s, SSL3_AL_FATAL, al); - SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); - return -1; - } -#endif - - l = p - d; - - /* fill in 4-byte handshake header */ - d = &(buf[5]); - *(d++) = SSL3_MT_CLIENT_HELLO; - l2n3(l, d); - - l += 4; - - if (l > SSL3_RT_MAX_PLAIN_LENGTH) { - SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); - return -1; - } - - /* fill in 5-byte record header */ - d = buf; - *(d++) = SSL3_RT_HANDSHAKE; - *(d++) = version_major; - /* - * Some servers hang if we use long client hellos and a record number - * > TLS 1.0. - */ - if (TLS1_get_client_version(s) > TLS1_VERSION) - *(d++) = 1; - else - *(d++) = version_minor; - s2n((int)l, d); - - /* number of bytes to write */ - s->init_num = p - buf; - s->init_off = 0; - - ssl3_finish_mac(s, &(buf[5]), s->init_num - 5); - - s->state = SSL23_ST_CW_CLNT_HELLO_B; - s->init_off = 0; - } - - /* SSL3_ST_CW_CLNT_HELLO_B */ - ret = ssl23_write_bytes(s); - - if ((ret >= 2) && s->msg_callback) { - /* Client Hello has been sent; tell msg_callback */ - s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5, s, - s->msg_callback_arg); - s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data + 5, - ret - 5, s, s->msg_callback_arg); - } - - return ret; -} - -static int ssl23_get_server_hello(SSL *s) -{ - unsigned char buf[8]; - unsigned char *p; - int i; - int n; - - n = ssl23_read_bytes(s, 7); - - if (n != 7) - return (n); - p = RECORD_LAYER_get_packet(&s->rlayer); - - memcpy(buf, p, n); - - if (p[1] == SSL3_VERSION_MAJOR && - p[2] <= TLS1_2_VERSION_MINOR && - ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) || - (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) { - /* we have sslv3 or tls1 (server hello or alert) */ - -#ifndef OPENSSL_NO_SSL3 - if ((p[2] == SSL3_VERSION_MINOR) && !(s->options & SSL_OP_NO_SSLv3)) { - if (FIPS_mode()) { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, - SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); - goto err; - } - s->version = SSL3_VERSION; - s->method = SSLv3_client_method(); - } else -#endif - if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) { - s->version = TLS1_VERSION; - s->method = TLSv1_client_method(); - } else if ((p[2] == TLS1_1_VERSION_MINOR) && - !(s->options & SSL_OP_NO_TLSv1_1)) { - s->version = TLS1_1_VERSION; - s->method = TLSv1_1_client_method(); - } else if ((p[2] == TLS1_2_VERSION_MINOR) && - !(s->options & SSL_OP_NO_TLSv1_2)) { - s->version = TLS1_2_VERSION; - s->method = TLSv1_2_client_method(); - } else { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); - goto err; - } - - /* ensure that TLS_MAX_VERSION is up-to-date */ - OPENSSL_assert(s->version <= TLS_MAX_VERSION); - - if (!ssl_security(s, SSL_SECOP_VERSION, 0, s->version, NULL)) { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_VERSION_TOO_LOW); - goto err; - } - - if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) { - /* fatal alert */ - - void (*cb) (const SSL *ssl, int type, int val) = NULL; - int j; - - if (s->info_callback != NULL) - cb = s->info_callback; - else if (s->ctx->info_callback != NULL) - cb = s->ctx->info_callback; - - i = p[5]; - if (cb != NULL) { - j = (i << 8) | p[6]; - cb(s, SSL_CB_READ_ALERT, j); - } - - if (s->msg_callback) { - s->msg_callback(0, s->version, SSL3_RT_HEADER, p, 5, s, - s->msg_callback_arg); - s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s, - s->msg_callback_arg); - } - - s->rwstate = SSL_NOTHING; - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_AD_REASON_OFFSET + p[6]); - goto err; - } - - if (!ssl_init_wbio_buffer(s, 1)) - goto err; - - /* we are in this state */ - s->state = SSL3_ST_CR_SRVR_HELLO_A; - - /* - * put the 7 bytes we have read into the input buffer for SSLv3 - */ - if (!RECORD_LAYER_set_data(&s->rlayer, buf, n)) - goto err; - - s->handshake_func = s->method->ssl_connect; - } else { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL); - goto err; - } - s->init_num = 0; - - /* - * Since, if we are sending a ssl23 client hello, we are not reusing a - * session-id - */ - if (!ssl_get_new_session(s, 0)) - goto err; - - return (SSL_connect(s)); - err: - return (-1); -} diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c deleted file mode 100644 index 0c799418b1..0000000000 --- a/ssl/s23_lib.c +++ /dev/null @@ -1,165 +0,0 @@ -/* ssl/s23_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "ssl_locl.h" - -long ssl23_default_timeout(void) -{ - return (300); -} - -int ssl23_num_ciphers(void) -{ - return (ssl3_num_ciphers()); -} - -const SSL_CIPHER *ssl23_get_cipher(unsigned int u) -{ - return (ssl3_get_cipher(u)); -} - -/* - * This function needs to check if the ciphers required are actually - * available - */ -const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) -{ - return (ssl3_get_cipher_by_char(p)); -} - -int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) -{ - long l; - - /* We can write SSLv3 ciphers */ - /* but no ECC ciphers */ - if (c->algorithm_mkey == SSL_kECDHr || - c->algorithm_mkey == SSL_kECDHe || - c->algorithm_mkey == SSL_kEECDH || - c->algorithm_auth == SSL_aECDH || c->algorithm_auth == SSL_aECDSA) - return 0; - if (p != NULL) { - l = c->id; - p[0] = ((unsigned char)(l >> 16L)) & 0xFF; - p[1] = ((unsigned char)(l >> 8L)) & 0xFF; - p[2] = ((unsigned char)(l)) & 0xFF; - } - return (3); -} - -int ssl23_read(SSL *s, void *buf, int len) -{ - int n; - - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) { - n = s->handshake_func(s); - if (n < 0) - return (n); - if (n == 0) { - SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE); - return (-1); - } - return (SSL_read(s, buf, len)); - } else { - ssl_undefined_function(s); - return (-1); - } -} - -int ssl23_peek(SSL *s, void *buf, int len) -{ - int n; - - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) { - n = s->handshake_func(s); - if (n < 0) - return (n); - if (n == 0) { - SSLerr(SSL_F_SSL23_PEEK, SSL_R_SSL_HANDSHAKE_FAILURE); - return (-1); - } - return (SSL_peek(s, buf, len)); - } else { - ssl_undefined_function(s); - return (-1); - } -} - -int ssl23_write(SSL *s, const void *buf, int len) -{ - int n; - - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) { - n = s->handshake_func(s); - if (n < 0) - return (n); - if (n == 0) { - SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE); - return (-1); - } - return (SSL_write(s, buf, len)); - } else { - ssl_undefined_function(s); - return (-1); - } -} diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c deleted file mode 100644 index 6080fba150..0000000000 --- a/ssl/s23_meth.c +++ /dev/null @@ -1,81 +0,0 @@ -/* ssl/s23_meth.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "ssl_locl.h" - -/* -static const SSL_METHOD *ssl23_get_method(int ver); -static const SSL_METHOD *ssl23_get_method(int ver) -{ -#ifndef OPENSSL_NO_SSL3 - if (ver == SSL3_VERSION) - return (SSLv3_method()); - else -#endif - if (ver == TLS1_VERSION) - return (TLSv1_method()); - else if (ver == TLS1_1_VERSION) - return (TLSv1_1_method()); - else if (ver == TLS1_2_VERSION) - return (TLSv1_2_method()); - else - return (NULL); -}*/ - diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c deleted file mode 100644 index 58b89a6c93..0000000000 --- a/ssl/s23_srvr.c +++ /dev/null @@ -1,582 +0,0 @@ -/* ssl/s23_srvr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "ssl_locl.h" -#include -#include -#include -#include - -static const SSL_METHOD *ssl23_get_server_method(int ver); -int ssl23_get_client_hello(SSL *s); -static const SSL_METHOD *ssl23_get_server_method(int ver) -{ -#ifndef OPENSSL_NO_SSL3 - if (ver == SSL3_VERSION) - return (SSLv3_server_method()); -#endif - if (ver == TLS1_VERSION) - return (TLSv1_server_method()); - else if (ver == TLS1_1_VERSION) - return (TLSv1_1_server_method()); - else if (ver == TLS1_2_VERSION) - return (TLSv1_2_server_method()); - else - return (NULL); -} - - -int ssl23_accept(SSL *s) -{ - BUF_MEM *buf; - unsigned long Time = (unsigned long)time(NULL); - void (*cb) (const SSL *ssl, int type, int val) = NULL; - int ret = -1; - int new_state, state; - - RAND_add(&Time, sizeof(Time), 0); - ERR_clear_error(); - clear_sys_error(); - - if (s->info_callback != NULL) - cb = s->info_callback; - else if (s->ctx->info_callback != NULL) - cb = s->ctx->info_callback; - - s->in_handshake++; - if (!SSL_in_init(s) || SSL_in_before(s)) { - if (!SSL_clear(s)) - return -1; - } - - for (;;) { - state = s->state; - - switch (s->state) { - case SSL_ST_BEFORE: - case SSL_ST_ACCEPT: - case SSL_ST_BEFORE | SSL_ST_ACCEPT: - case SSL_ST_OK | SSL_ST_ACCEPT: - - s->server = 1; - if (cb != NULL) - cb(s, SSL_CB_HANDSHAKE_START, 1); - - /* s->version=SSL3_VERSION; */ - s->type = SSL_ST_ACCEPT; - - if (s->init_buf == NULL) { - if ((buf = BUF_MEM_new()) == NULL) { - ret = -1; - goto end; - } - if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) { - BUF_MEM_free(buf); - ret = -1; - goto end; - } - s->init_buf = buf; - } - - ssl3_init_finished_mac(s); - - s->state = SSL23_ST_SR_CLNT_HELLO_A; - s->ctx->stats.sess_accept++; - s->init_num = 0; - break; - - case SSL23_ST_SR_CLNT_HELLO_A: - case SSL23_ST_SR_CLNT_HELLO_B: - - s->shutdown = 0; - ret = ssl23_get_client_hello(s); - if (ret >= 0) - cb = NULL; - goto end; - /* break; */ - - default: - SSLerr(SSL_F_SSL23_ACCEPT, SSL_R_UNKNOWN_STATE); - ret = -1; - goto end; - /* break; */ - } - - if ((cb != NULL) && (s->state != state)) { - new_state = s->state; - s->state = state; - cb(s, SSL_CB_ACCEPT_LOOP, 1); - s->state = new_state; - } - } - end: - s->in_handshake--; - if (cb != NULL) - cb(s, SSL_CB_ACCEPT_EXIT, ret); - return (ret); -} - -int ssl23_get_client_hello(SSL *s) -{ - /*- - * Request this many bytes in initial read. - * We can detect SSL 3.0/TLS 1.0 Client Hellos - * ('type == 3') correctly only when the following - * is in a single record, which is not guaranteed by - * the protocol specification: - * Byte Content - * 0 type \ - * 1/2 version > record header - * 3/4 length / - * 5 msg_type \ - * 6-8 length > Client Hello message - * 9/10 client_version / - */ - unsigned char buf_space[11]; - unsigned char *buf = &(buf_space[0]); - unsigned char *p, *d, *d_len, *dd; - unsigned int i; - unsigned int csl, sil, cl; - int n = 0, j; - int type = 0; - int v[2]; - - if (s->state == SSL23_ST_SR_CLNT_HELLO_A) { - /* read the initial header */ - v[0] = v[1] = 0; - - if (!ssl3_setup_buffers(s)) - goto err; - - n = ssl23_read_bytes(s, sizeof buf_space); - if (n != sizeof buf_space) - return (n); /* n == -1 || n == 0 */ - - p = RECORD_LAYER_get_packet(&s->rlayer); - - memcpy(buf, p, n); - - if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) { - /* - * SSLv2 header - */ - if ((p[3] == 0x00) && (p[4] == 0x02)) { - v[0] = p[3]; - v[1] = p[4]; - /* SSLv2 */ - } else if (p[3] == SSL3_VERSION_MAJOR) { - v[0] = p[3]; - v[1] = p[4]; - /* SSLv3/TLSv1 */ - if (p[4] >= TLS1_VERSION_MINOR) { - if (p[4] >= TLS1_2_VERSION_MINOR && - !(s->options & SSL_OP_NO_TLSv1_2)) { - s->version = TLS1_2_VERSION; - s->state = SSL23_ST_SR_CLNT_HELLO_B; - } else if (p[4] >= TLS1_1_VERSION_MINOR && - !(s->options & SSL_OP_NO_TLSv1_1)) { - s->version = TLS1_1_VERSION; - /* - * type=2; - *//* - * done later to survive restarts - */ - s->state = SSL23_ST_SR_CLNT_HELLO_B; - } else if (!(s->options & SSL_OP_NO_TLSv1)) { - s->version = TLS1_VERSION; - /* - * type=2; - *//* - * done later to survive restarts - */ - s->state = SSL23_ST_SR_CLNT_HELLO_B; - } else if (!(s->options & SSL_OP_NO_SSLv3)) { - s->version = SSL3_VERSION; - /* type=2; */ - s->state = SSL23_ST_SR_CLNT_HELLO_B; - } - } else if (!(s->options & SSL_OP_NO_SSLv3)) { - s->version = SSL3_VERSION; - /* type=2; */ - s->state = SSL23_ST_SR_CLNT_HELLO_B; - } - } - } - /* p[4] < 5 ... silly record length? */ - else if ((p[0] == SSL3_RT_HANDSHAKE) && - (p[1] == SSL3_VERSION_MAJOR) && - (p[5] == SSL3_MT_CLIENT_HELLO) && ((p[3] == 0 && p[4] < 5) - || (p[9] >= p[1]))) { - /* - * SSLv3 or tls1 header - */ - - v[0] = p[1]; /* major version (= SSL3_VERSION_MAJOR) */ - /* - * We must look at client_version inside the Client Hello message - * to get the correct minor version. However if we have only a - * pathologically small fragment of the Client Hello message, this - * would be difficult, and we'd have to read more records to find - * out. No known SSL 3.0 client fragments ClientHello like this, - * so we simply reject such connections to avoid protocol version - * downgrade attacks. - */ - if (p[3] == 0 && p[4] < 6) { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_SMALL); - goto err; - } - /* - * if major version number > 3 set minor to a value which will - * use the highest version 3 we support. If TLS 2.0 ever appears - * we will need to revise this.... - */ - if (p[9] > SSL3_VERSION_MAJOR) - v[1] = 0xff; - else - v[1] = p[10]; /* minor version according to client_version */ - if (v[1] >= TLS1_VERSION_MINOR) { - if (v[1] >= TLS1_2_VERSION_MINOR && - !(s->options & SSL_OP_NO_TLSv1_2)) { - s->version = TLS1_2_VERSION; - type = 3; - } else if (v[1] >= TLS1_1_VERSION_MINOR && - !(s->options & SSL_OP_NO_TLSv1_1)) { - s->version = TLS1_1_VERSION; - type = 3; - } else if (!(s->options & SSL_OP_NO_TLSv1)) { - s->version = TLS1_VERSION; - type = 3; - } else if (!(s->options & SSL_OP_NO_SSLv3)) { - s->version = SSL3_VERSION; - type = 3; - } - } else { - /* client requests SSL 3.0 */ - if (!(s->options & SSL_OP_NO_SSLv3)) { - s->version = SSL3_VERSION; - type = 3; - } else if (!(s->options & SSL_OP_NO_TLSv1)) { - /* - * we won't be able to use TLS of course, but this will - * send an appropriate alert - */ - s->version = TLS1_VERSION; - type = 3; - } - } - } else if ((strncmp("GET ", (char *)p, 4) == 0) || - (strncmp("POST ", (char *)p, 5) == 0) || - (strncmp("HEAD ", (char *)p, 5) == 0) || - (strncmp("PUT ", (char *)p, 4) == 0)) { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTP_REQUEST); - goto err; - } else if (strncmp("CONNECT", (char *)p, 7) == 0) { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTPS_PROXY_REQUEST); - goto err; - } - } - - /* ensure that TLS_MAX_VERSION is up-to-date */ - OPENSSL_assert(s->version <= TLS_MAX_VERSION); - - if (s->version < TLS1_2_VERSION && tls1_suiteb(s)) { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, - SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE); - goto err; - } - - if (FIPS_mode() && (s->version < TLS1_VERSION)) { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, - SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); - goto err; - } - - if (!ssl_security(s, SSL_SECOP_VERSION, 0, s->version, NULL)) { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_VERSION_TOO_LOW); - goto err; - } - - if (s->state == SSL23_ST_SR_CLNT_HELLO_B) { - /* - * we have SSLv3/TLSv1 in an SSLv2 header (other cases skip this - * state) - */ - - type = 2; - p = RECORD_LAYER_get_packet(&s->rlayer); - v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ - v[1] = p[4]; - - /*- - * An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2 - * header is sent directly on the wire, not wrapped as a TLS - * record. It's format is: - * Byte Content - * 0-1 msg_length - * 2 msg_type - * 3-4 version - * 5-6 cipher_spec_length - * 7-8 session_id_length - * 9-10 challenge_length - * ... ... - */ - n = ((p[0] & 0x7f) << 8) | p[1]; - if (n > (1024 * 4)) { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_LARGE); - goto err; - } - if (n < 9) { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, - SSL_R_RECORD_LENGTH_MISMATCH); - goto err; - } - - j = ssl23_read_bytes(s, n + 2); - /* - * We previously read 11 bytes, so if j > 0, we must have j == n+2 == - * s->packet_length. We have at least 11 valid packet bytes. - */ - if (j <= 0) - return (j); - - ssl3_finish_mac(s, RECORD_LAYER_get_packet(&s->rlayer) + 2, - RECORD_LAYER_get_packet_length(&s->rlayer) - 2); - - /* CLIENT-HELLO */ - if (s->msg_callback) - s->msg_callback(0, SSL2_VERSION, 0, - RECORD_LAYER_get_packet(&s->rlayer) + 2, - RECORD_LAYER_get_packet_length(&s->rlayer) - 2, s, - s->msg_callback_arg); - - p = RECORD_LAYER_get_packet(&s->rlayer); - p += 5; - n2s(p, csl); - n2s(p, sil); - n2s(p, cl); - d = (unsigned char *)s->init_buf->data; - if ((csl + sil + cl + 11) - != RECORD_LAYER_get_packet_length(&s->rlayer)) { - /* We can't have TLS - * extensions in SSL - * 2.0 format * - * Client Hello, can - * we? Error - * condition should - * be * '>' - * otherweise */ - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, - SSL_R_RECORD_LENGTH_MISMATCH); - goto err; - } - - /* record header: msg_type ... */ - *(d++) = SSL3_MT_CLIENT_HELLO; - /* ... and length (actual value will be written later) */ - d_len = d; - d += 3; - - /* client_version */ - *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */ - *(d++) = v[1]; - - /* lets populate the random area */ - /* get the challenge_length */ - i = (cl > SSL3_RANDOM_SIZE) ? SSL3_RANDOM_SIZE : cl; - memset(d, 0, SSL3_RANDOM_SIZE); - memcpy(&(d[SSL3_RANDOM_SIZE - i]), &(p[csl + sil]), i); - d += SSL3_RANDOM_SIZE; - - /* no session-id reuse */ - *(d++) = 0; - - /* ciphers */ - j = 0; - dd = d; - d += 2; - for (i = 0; i < csl; i += 3) { - if (p[i] != 0) - continue; - *(d++) = p[i + 1]; - *(d++) = p[i + 2]; - j += 2; - } - s2n(j, dd); - - /* COMPRESSION */ - *(d++) = 1; - *(d++) = 0; - -#if 0 - /* copy any remaining data with may be extensions */ - p = p + csl + sil + cl; - while (p < s->packet + s->packet_length) { - *(d++) = *(p++); - } -#endif - - i = (d - (unsigned char *)s->init_buf->data) - 4; - l2n3((long)i, d_len); - - /* get the data reused from the init_buf */ - s->s3->tmp.reuse_message = 1; - s->s3->tmp.message_type = SSL3_MT_CLIENT_HELLO; - s->s3->tmp.message_size = i; - } - - /* imaginary new state (for program structure): */ - /* s->state = SSL23_SR_CLNT_HELLO_C */ - - if ((type == 2) || (type == 3)) { - /* - * we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) - */ - const SSL_METHOD *new_method; - new_method = ssl23_get_server_method(s->version); - if (new_method == NULL) { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL); - goto err; - } - s->method = new_method; - - if (!ssl_init_wbio_buffer(s, 1)) - goto err; - - /* we are in this state */ - s->state = SSL3_ST_SR_CLNT_HELLO_A; - - if (type == 3) { - /* - * put the 'n' bytes we have read into the input buffer for SSLv3 - */ - if (!RECORD_LAYER_set_data(&s->rlayer, buf, n)) - goto err; - } else { - if (!RECORD_LAYER_set_data(&s->rlayer, NULL, 0)) - goto err; - } - s->handshake_func = s->method->ssl_accept; - } else { - /* bad, very bad */ - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL); - goto err; - } - s->init_num = 0; - - if (buf != buf_space) - OPENSSL_free(buf); - return (SSL_accept(s)); - err: - if (buf != buf_space) - OPENSSL_free(buf); - return (-1); -} diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index d3265f676e..1a67e4ed2a 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -155,6 +155,7 @@ #ifndef OPENSSL_NO_DH # include #endif +#include const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT; @@ -4238,3 +4239,26 @@ long ssl_get_algorithm2(SSL *s) return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; return alg2; } + +/* + * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on + * failure, 1 on success. + */ +int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len) +{ + int send_time = 0; + + if (len < 4) + return 0; + if (server) + send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0; + else + send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0; + if (send_time) { + unsigned long Time = (unsigned long)time(NULL); + unsigned char *p = result; + l2n(Time, p); + return RAND_bytes(p, len - 4); + } else + return RAND_bytes(result, len); +} diff --git a/ssl/ssl-lib.com b/ssl/ssl-lib.com index 9a20b547bd..eae876a630 100644 --- a/ssl/ssl-lib.com +++ b/ssl/ssl-lib.com @@ -208,7 +208,6 @@ $! $! Define The Different SSL "library" Files. $! $ LIB_SSL = "s3_meth, s3_srvr, s3_clnt, s3_lib, s3_enc,s3_pkt,s3_both,s3_cbc,"+ - - "s23_meth,s23_srvr,s23_clnt,s23_lib, s23_pkt,"+ - "t1_meth, t1_srvr, t1_clnt, t1_lib, t1_enc, t1_ext,"+ - "d1_meth, d1_srvr, d1_clnt, d1_lib, d1_pkt,"+ - "d1_both,d1_srtp,"+ - diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 641fe20b52..0f8a4c8480 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1816,43 +1816,6 @@ const SSL_METHOD *func_name(void) \ return &func_name##_data; \ } -# define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \ -const SSL_METHOD *func_name(void) \ - { \ - static const SSL_METHOD func_name##_data= { \ - TLS1_2_VERSION, \ - tls1_new, \ - tls1_clear, \ - tls1_free, \ - s_accept, \ - s_connect, \ - ssl23_read, \ - ssl23_peek, \ - ssl23_write, \ - ssl_undefined_function, \ - ssl_undefined_function, \ - ssl_ok, \ - ssl3_get_message, \ - ssl3_read_bytes, \ - ssl3_write_bytes, \ - ssl3_dispatch_alert, \ - ssl3_ctrl, \ - ssl3_ctx_ctrl, \ - ssl23_get_cipher_by_char, \ - ssl23_put_cipher_by_char, \ - ssl_undefined_const_function, \ - ssl23_num_ciphers, \ - ssl23_get_cipher, \ - s_get_meth, \ - ssl23_default_timeout, \ - &TLSv1_2_enc_data, \ - ssl_undefined_void_function, \ - ssl3_callback_ctrl, \ - ssl3_ctx_callback_ctrl, \ - }; \ - return &func_name##_data; \ - } - # define IMPLEMENT_dtls1_meth_func(version, func_name, s_accept, s_connect, \ s_get_meth, enc_data) \ const SSL_METHOD *func_name(void) \ @@ -2024,15 +1987,6 @@ __owur long ssl3_default_timeout(void); __owur int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len); __owur int ssl3_handshake_write(SSL *s); -__owur int ssl23_num_ciphers(void); -__owur const SSL_CIPHER *ssl23_get_cipher(unsigned int u); -__owur int ssl23_read(SSL *s, void *buf, int len); -__owur int ssl23_peek(SSL *s, void *buf, int len); -__owur int ssl23_write(SSL *s, const void *buf, int len); -__owur int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); -__owur const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p); -__owur long ssl23_default_timeout(void); - __owur int ssl_allow_compression(SSL *s); __owur long tls1_default_timeout(void); @@ -2106,9 +2060,6 @@ __owur int ssl3_get_cert_verify(SSL *s); __owur int ssl3_get_next_proto(SSL *s); # endif -__owur int ssl23_accept(SSL *s); -__owur int ssl23_connect(SSL *s); - __owur int tls1_new(SSL *s); void tls1_free(SSL *s); void tls1_clear(SSL *s); diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c index 76b550cda3..f59553bad0 100644 --- a/ssl/ssl_stat.c +++ b/ssl/ssl_stat.c @@ -302,28 +302,6 @@ const char *SSL_state_string_long(const SSL *s) break; #endif -/* SSLv2/v3 compatibility states */ -/* client */ - case SSL23_ST_CW_CLNT_HELLO_A: - str = "SSLv2/v3 write client hello A"; - break; - case SSL23_ST_CW_CLNT_HELLO_B: - str = "SSLv2/v3 write client hello B"; - break; - case SSL23_ST_CR_SRVR_HELLO_A: - str = "SSLv2/v3 read server hello A"; - break; - case SSL23_ST_CR_SRVR_HELLO_B: - str = "SSLv2/v3 read server hello B"; - break; -/* server */ - case SSL23_ST_SR_CLNT_HELLO_A: - str = "SSLv2/v3 read client hello A"; - break; - case SSL23_ST_SR_CLNT_HELLO_B: - str = "SSLv2/v3 read client hello B"; - break; - /* DTLS */ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str = "DTLS1 read hello verify request A"; @@ -535,28 +513,6 @@ const char *SSL_state_string(const SSL *s) break; #endif -/* SSLv2/v3 compatibility states */ -/* client */ - case SSL23_ST_CW_CLNT_HELLO_A: - str = "23WCHA"; - break; - case SSL23_ST_CW_CLNT_HELLO_B: - str = "23WCHB"; - break; - case SSL23_ST_CR_SRVR_HELLO_A: - str = "23RSHA"; - break; - case SSL23_ST_CR_SRVR_HELLO_B: - str = "23RSHA"; - break; -/* server */ - case SSL23_ST_SR_CLNT_HELLO_A: - str = "23RCHA"; - break; - case SSL23_ST_SR_CLNT_HELLO_B: - str = "23RCHB"; - break; - /* DTLS */ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str = "DRCHVA"; diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 9d90c1cb48..af0be02f0c 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1458,13 +1458,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, */ if (s->options & SSL_OP_TLSEXT_PADDING) { int hlen = ret - (unsigned char *)s->init_buf->data; - /* - * The code in s23_clnt.c to build ClientHello messages includes the - * 5-byte record header in the buffer, while the code in s3_clnt.c - * does not. - */ - if (s->state == SSL23_ST_CW_CLNT_HELLO_A) - hlen -= 5; + if (hlen > 0xff && hlen < 0x200) { hlen = 0x200 - hlen; if (hlen >= 4) diff --git a/test/Makefile b/test/Makefile index 6c973ad2b6..691249b24d 100644 --- a/test/Makefile +++ b/test/Makefile @@ -741,11 +741,11 @@ heartbeat_test.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h heartbeat_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h heartbeat_test.o: ../include/openssl/sha.h ../include/openssl/srtp.h heartbeat_test.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -heartbeat_test.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -heartbeat_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -heartbeat_test.o: ../include/openssl/tls1.h ../include/openssl/x509.h -heartbeat_test.o: ../include/openssl/x509_vfy.h ../ssl/record/record.h -heartbeat_test.o: ../ssl/ssl_locl.h heartbeat_test.c testutil.h +heartbeat_test.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +heartbeat_test.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +heartbeat_test.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +heartbeat_test.o: ../ssl/record/record.h ../ssl/ssl_locl.h heartbeat_test.c +heartbeat_test.o: testutil.h hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h @@ -849,11 +849,11 @@ ssltest.o: ../include/openssl/rand.h ../include/openssl/rsa.h ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h ssltest.o: ../include/openssl/srp.h ../include/openssl/srtp.h ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -ssltest.o: ../include/openssl/tls1.h ../include/openssl/x509.h -ssltest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h -ssltest.o: ../ssl/record/record.h ../ssl/ssl_locl.h ssltest.c +ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssltest.o: ../include/openssl/x509v3.h ../ssl/record/record.h ../ssl/ssl_locl.h +ssltest.o: ssltest.c testutil.o: ../e_os.h ../include/openssl/e_os2.h testutil.o: ../include/openssl/opensslconf.h testutil.c testutil.h v3nametest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -- 2.34.1