Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(655)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: openssl/ssl/d1_srvr.c

Issue 9254031: Upgrade chrome's OpenSSL to same version Android ships with. (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/
Patch Set: '' Created 8 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « openssl/ssl/d1_pkt.c ('k') | openssl/ssl/dtls1.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* ssl/d1_srvr.c */ 1 /* ssl/d1_srvr.c */
2 /* 2 /*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
5 */ 5 */
6 /* ==================================================================== 6 /* ====================================================================
7 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. 7 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
8 * 8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
11 * are met: 11 * are met:
12 * 12 *
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
15 * 15 *
16 * 2. Redistributions in binary form must reproduce the above copyright 16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in 17 * notice, this list of conditions and the following disclaimer in
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after
114 */ 114 */
115 115
116 #include <stdio.h> 116 #include <stdio.h>
117 #include "ssl_locl.h" 117 #include "ssl_locl.h"
118 #include <openssl/buffer.h> 118 #include <openssl/buffer.h>
119 #include <openssl/rand.h> 119 #include <openssl/rand.h>
120 #include <openssl/objects.h> 120 #include <openssl/objects.h>
121 #include <openssl/evp.h> 121 #include <openssl/evp.h>
122 #include <openssl/x509.h> 122 #include <openssl/x509.h>
123 #include <openssl/md5.h> 123 #include <openssl/md5.h>
124 #include <openssl/bn.h>
124 #ifndef OPENSSL_NO_DH 125 #ifndef OPENSSL_NO_DH
125 #include <openssl/dh.h> 126 #include <openssl/dh.h>
126 #endif 127 #endif
127 128
128 static SSL_METHOD *dtls1_get_server_method(int ver); 129 static const SSL_METHOD *dtls1_get_server_method(int ver);
129 static int dtls1_send_hello_verify_request(SSL *s); 130 static int dtls1_send_hello_verify_request(SSL *s);
130 131
131 static SSL_METHOD *dtls1_get_server_method(int ver) 132 static const SSL_METHOD *dtls1_get_server_method(int ver)
132 { 133 {
133 if (ver == DTLS1_VERSION) 134 if (ver == DTLS1_VERSION)
134 return(DTLSv1_server_method()); 135 return(DTLSv1_server_method());
135 else 136 else
136 return(NULL); 137 return(NULL);
137 } 138 }
138 139
139 IMPLEMENT_dtls1_meth_func(DTLSv1_server_method, 140 IMPLEMENT_dtls1_meth_func(DTLSv1_server_method,
140 dtls1_accept, 141 dtls1_accept,
141 ssl_undefined_function, 142 ssl_undefined_function,
142 dtls1_get_server_method) 143 dtls1_get_server_method)
143 144
144 int dtls1_accept(SSL *s) 145 int dtls1_accept(SSL *s)
145 { 146 {
146 BUF_MEM *buf; 147 BUF_MEM *buf;
147 » unsigned long l,Time=(unsigned long)time(NULL); 148 » unsigned long Time=(unsigned long)time(NULL);
148 void (*cb)(const SSL *ssl,int type,int val)=NULL; 149 void (*cb)(const SSL *ssl,int type,int val)=NULL;
150 unsigned long alg_k;
149 int ret= -1; 151 int ret= -1;
150 int new_state,state,skip=0; 152 int new_state,state,skip=0;
153 int listen;
151 154
152 RAND_add(&Time,sizeof(Time),0); 155 RAND_add(&Time,sizeof(Time),0);
153 ERR_clear_error(); 156 ERR_clear_error();
154 clear_sys_error(); 157 clear_sys_error();
155 158
156 if (s->info_callback != NULL) 159 if (s->info_callback != NULL)
157 cb=s->info_callback; 160 cb=s->info_callback;
158 else if (s->ctx->info_callback != NULL) 161 else if (s->ctx->info_callback != NULL)
159 cb=s->ctx->info_callback; 162 cb=s->ctx->info_callback;
163
164 listen = s->d1->listen;
160 165
161 /* init things to blank */ 166 /* init things to blank */
162 s->in_handshake++; 167 s->in_handshake++;
163 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 168 if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
164 169
170 s->d1->listen = listen;
171
165 if (s->cert == NULL) 172 if (s->cert == NULL)
166 { 173 {
167 SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_NO_CERTIFICATE_SET); 174 SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
168 return(-1); 175 return(-1);
169 } 176 }
170 177
171 for (;;) 178 for (;;)
172 { 179 {
173 state=s->state; 180 state=s->state;
174 181
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after
264 if (ret <= 0) goto end; 271 if (ret <= 0) goto end;
265 dtls1_stop_timer(s); 272 dtls1_stop_timer(s);
266 273
267 if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCH ANGE)) 274 if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCH ANGE))
268 s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A; 275 s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
269 else 276 else
270 s->state = SSL3_ST_SW_SRVR_HELLO_A; 277 s->state = SSL3_ST_SW_SRVR_HELLO_A;
271 278
272 s->init_num=0; 279 s->init_num=0;
273 280
281 /* Reflect ClientHello sequence to remain stateless whil e listening */
282 if (listen)
283 {
284 memcpy(s->s3->write_sequence, s->s3->read_sequen ce, sizeof(s->s3->write_sequence));
285 }
286
274 /* If we're just listening, stop here */ 287 /* If we're just listening, stop here */
275 » » » if (s->d1->listen && s->state == SSL3_ST_SW_SRVR_HELLO_A ) 288 » » » if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A)
276 { 289 {
277 ret = 2; 290 ret = 2;
278 s->d1->listen = 0; 291 s->d1->listen = 0;
292 /* Set expected sequence numbers
293 * to continue the handshake.
294 */
295 s->d1->handshake_read_seq = 2;
296 s->d1->handshake_write_seq = 1;
297 s->d1->next_handshake_write_seq = 1;
279 goto end; 298 goto end;
280 } 299 }
281 300
282 break; 301 break;
283 302
284 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: 303 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
285 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: 304 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
286 305
287 dtls1_start_timer(s);
288 ret = dtls1_send_hello_verify_request(s); 306 ret = dtls1_send_hello_verify_request(s);
289 if ( ret <= 0) goto end; 307 if ( ret <= 0) goto end;
290 s->state=SSL3_ST_SW_FLUSH; 308 s->state=SSL3_ST_SW_FLUSH;
291 s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A; 309 s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
292 310
293 » » » /* HelloVerifyRequests resets Finished MAC */ 311 » » » /* HelloVerifyRequest resets Finished MAC */
294 » » » if (s->client_version != DTLS1_BAD_VER) 312 » » » if (s->version != DTLS1_BAD_VER)
295 ssl3_init_finished_mac(s); 313 ssl3_init_finished_mac(s);
296 break; 314 break;
297 315
298 case SSL3_ST_SW_SRVR_HELLO_A: 316 case SSL3_ST_SW_SRVR_HELLO_A:
299 case SSL3_ST_SW_SRVR_HELLO_B: 317 case SSL3_ST_SW_SRVR_HELLO_B:
300 s->new_session = 2; 318 s->new_session = 2;
301 dtls1_start_timer(s); 319 dtls1_start_timer(s);
302 ret=dtls1_send_server_hello(s); 320 ret=dtls1_send_server_hello(s);
303 if (ret <= 0) goto end; 321 if (ret <= 0) goto end;
304 322
305 #ifndef OPENSSL_NO_TLSEXT 323 #ifndef OPENSSL_NO_TLSEXT
306 if (s->hit) 324 if (s->hit)
307 { 325 {
308 if (s->tlsext_ticket_expected) 326 if (s->tlsext_ticket_expected)
309 s->state=SSL3_ST_SW_SESSION_TICKET_A; 327 s->state=SSL3_ST_SW_SESSION_TICKET_A;
310 else 328 else
311 s->state=SSL3_ST_SW_CHANGE_A; 329 s->state=SSL3_ST_SW_CHANGE_A;
312 } 330 }
313 #else 331 #else
314 if (s->hit) 332 if (s->hit)
315 s->state=SSL3_ST_SW_CHANGE_A; 333 s->state=SSL3_ST_SW_CHANGE_A;
316 #endif 334 #endif
317 else 335 else
318 s->state=SSL3_ST_SW_CERT_A; 336 s->state=SSL3_ST_SW_CERT_A;
319 s->init_num=0; 337 s->init_num=0;
320 break; 338 break;
321 339
322 case SSL3_ST_SW_CERT_A: 340 case SSL3_ST_SW_CERT_A:
323 case SSL3_ST_SW_CERT_B: 341 case SSL3_ST_SW_CERT_B:
324 » » » /* Check if it is anon DH */ 342 » » » /* Check if it is anon DH or normal PSK */
325 » » » if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) 343 » » » if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
344 » » » » && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL _kPSK))
326 { 345 {
327 dtls1_start_timer(s); 346 dtls1_start_timer(s);
328 ret=dtls1_send_server_certificate(s); 347 ret=dtls1_send_server_certificate(s);
329 if (ret <= 0) goto end; 348 if (ret <= 0) goto end;
330 #ifndef OPENSSL_NO_TLSEXT 349 #ifndef OPENSSL_NO_TLSEXT
331 if (s->tlsext_status_expected) 350 if (s->tlsext_status_expected)
332 s->state=SSL3_ST_SW_CERT_STATUS_A; 351 s->state=SSL3_ST_SW_CERT_STATUS_A;
333 else 352 else
334 s->state=SSL3_ST_SW_KEY_EXCH_A; 353 s->state=SSL3_ST_SW_KEY_EXCH_A;
335 } 354 }
336 else 355 else
337 { 356 {
338 skip = 1; 357 skip = 1;
339 s->state=SSL3_ST_SW_KEY_EXCH_A; 358 s->state=SSL3_ST_SW_KEY_EXCH_A;
340 } 359 }
341 #else 360 #else
342 } 361 }
343 else 362 else
344 skip=1; 363 skip=1;
345 364
346 s->state=SSL3_ST_SW_KEY_EXCH_A; 365 s->state=SSL3_ST_SW_KEY_EXCH_A;
347 #endif 366 #endif
348 s->init_num=0; 367 s->init_num=0;
349 break; 368 break;
350 369
351 case SSL3_ST_SW_KEY_EXCH_A: 370 case SSL3_ST_SW_KEY_EXCH_A:
352 case SSL3_ST_SW_KEY_EXCH_B: 371 case SSL3_ST_SW_KEY_EXCH_B:
353 » » » l=s->s3->tmp.new_cipher->algorithms; 372 » » » alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
354 373
355 /* clear this, it may get reset by 374 /* clear this, it may get reset by
356 * send_server_key_exchange */ 375 * send_server_key_exchange */
357 if ((s->options & SSL_OP_EPHEMERAL_RSA) 376 if ((s->options & SSL_OP_EPHEMERAL_RSA)
358 #ifndef OPENSSL_NO_KRB5 377 #ifndef OPENSSL_NO_KRB5
359 » » » » && !(l & SSL_KRB5) 378 » » » » && !(alg_k & SSL_kKRB5)
360 #endif /* OPENSSL_NO_KRB5 */ 379 #endif /* OPENSSL_NO_KRB5 */
361 ) 380 )
362 /* option SSL_OP_EPHEMERAL_RSA sends temporary R SA key 381 /* option SSL_OP_EPHEMERAL_RSA sends temporary R SA key
363 * even when forbidden by protocol specs 382 * even when forbidden by protocol specs
364 * (handshake may fail as clients are not requir ed to 383 * (handshake may fail as clients are not requir ed to
365 * be able to handle this) */ 384 * be able to handle this) */
366 s->s3->tmp.use_rsa_tmp=1; 385 s->s3->tmp.use_rsa_tmp=1;
367 else 386 else
368 s->s3->tmp.use_rsa_tmp=0; 387 s->s3->tmp.use_rsa_tmp=0;
369 388
370 » » » /* only send if a DH key exchange, fortezza or 389 » » » /* only send if a DH key exchange or
371 * RSA but we have a sign only certificate */ 390 * RSA but we have a sign only certificate */
372 if (s->s3->tmp.use_rsa_tmp 391 if (s->s3->tmp.use_rsa_tmp
373 » » » || (l & (SSL_DH|SSL_kFZA)) 392 » » » /* PSK: send ServerKeyExchange if PSK identity
374 » » » || ((l & SSL_kRSA) 393 » » » * hint if provided */
394 #ifndef OPENSSL_NO_PSK
395 » » » || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
396 #endif
397 » » » || (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
398 » » » || (alg_k & SSL_kEECDH)
399 » » » || ((alg_k & SSL_kRSA)
375 && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL 400 && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
376 || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) 401 || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
377 && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY _RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher) 402 && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY _RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
378 ) 403 )
379 ) 404 )
380 ) 405 )
381 ) 406 )
382 { 407 {
383 dtls1_start_timer(s); 408 dtls1_start_timer(s);
384 ret=dtls1_send_server_key_exchange(s); 409 ret=dtls1_send_server_key_exchange(s);
(...skipping 10 matching lines...) Expand all
395 case SSL3_ST_SW_CERT_REQ_B: 420 case SSL3_ST_SW_CERT_REQ_B:
396 if (/* don't request cert unless asked for it: */ 421 if (/* don't request cert unless asked for it: */
397 !(s->verify_mode & SSL_VERIFY_PEER) || 422 !(s->verify_mode & SSL_VERIFY_PEER) ||
398 /* if SSL_VERIFY_CLIENT_ONCE is set, 423 /* if SSL_VERIFY_CLIENT_ONCE is set,
399 * don't request cert during re-negotiation: */ 424 * don't request cert during re-negotiation: */
400 ((s->session->peer != NULL) && 425 ((s->session->peer != NULL) &&
401 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) || 426 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
402 /* never request cert in anonymous ciphersuites 427 /* never request cert in anonymous ciphersuites
403 * (see section "Certificate request" in SSL 3 d rafts 428 * (see section "Certificate request" in SSL 3 d rafts
404 * and in RFC 2246): */ 429 * and in RFC 2246): */
405 » » » » ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) && 430 » » » » ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aN ULL) &&
406 /* ... except when the application insists on v erification 431 /* ... except when the application insists on v erification
407 * (against the specs, but s3_clnt.c accepts th is for SSL 3) */ 432 * (against the specs, but s3_clnt.c accepts th is for SSL 3) */
408 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_C ERT)) || 433 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_C ERT)) ||
409 /* never request cert in Kerberos ciphersuites */ 434 » » » » /* never request cert in Kerberos ciphersuites */
410 (s->s3->tmp.new_cipher->algorithms & SSL_aKRB5)) 435 » » » » (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKR B5)
436 » » » » /* With normal PSK Certificates and
437 » » » » * Certificate Requests are omitted */
438 » » » » || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_ kPSK))
411 { 439 {
412 /* no cert request */ 440 /* no cert request */
413 skip=1; 441 skip=1;
414 s->s3->tmp.cert_request=0; 442 s->s3->tmp.cert_request=0;
415 s->state=SSL3_ST_SW_SRVR_DONE_A; 443 s->state=SSL3_ST_SW_SRVR_DONE_A;
416 } 444 }
417 else 445 else
418 { 446 {
419 s->s3->tmp.cert_request=1; 447 s->s3->tmp.cert_request=1;
420 dtls1_start_timer(s); 448 dtls1_start_timer(s);
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after
472 break; 500 break;
473 501
474 case SSL3_ST_SR_KEY_EXCH_A: 502 case SSL3_ST_SR_KEY_EXCH_A:
475 case SSL3_ST_SR_KEY_EXCH_B: 503 case SSL3_ST_SR_KEY_EXCH_B:
476 ret=ssl3_get_client_key_exchange(s); 504 ret=ssl3_get_client_key_exchange(s);
477 if (ret <= 0) goto end; 505 if (ret <= 0) goto end;
478 dtls1_stop_timer(s); 506 dtls1_stop_timer(s);
479 s->state=SSL3_ST_SR_CERT_VRFY_A; 507 s->state=SSL3_ST_SR_CERT_VRFY_A;
480 s->init_num=0; 508 s->init_num=0;
481 509
482 » » » /* We need to get hashes here so if there is 510 » » » if (ret == 2)
483 » » » * a client cert, it can be verified */ 511 » » » » {
484 » » » s->method->ssl3_enc->cert_verify_mac(s, 512 » » » » /* For the ECDH ciphersuites when
485 » » » » &(s->s3->finish_dgst1), 513 » » » » * the client sends its ECDH pub key in
486 » » » » &(s->s3->tmp.cert_verify_md[0])); 514 » » » » * a certificate, the CertificateVerify
487 » » » s->method->ssl3_enc->cert_verify_mac(s, 515 » » » » * message is not sent.
488 » » » » &(s->s3->finish_dgst2), 516 » » » » */
489 » » » » &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH])) ; 517 » » » » s->state=SSL3_ST_SR_FINISHED_A;
518 » » » » s->init_num = 0;
519 » » » » }
520 » » » else
521 » » » » {
522 » » » » s->state=SSL3_ST_SR_CERT_VRFY_A;
523 » » » » s->init_num=0;
490 524
525 /* We need to get hashes here so if there is
526 * a client cert, it can be verified */
527 s->method->ssl3_enc->cert_verify_mac(s,
528 NID_md5,
529 &(s->s3->tmp.cert_verify_md[0]));
530 s->method->ssl3_enc->cert_verify_mac(s,
531 NID_sha1,
532 &(s->s3->tmp.cert_verify_md[MD5_DIGEST_L ENGTH]));
533 }
491 break; 534 break;
492 535
493 case SSL3_ST_SR_CERT_VRFY_A: 536 case SSL3_ST_SR_CERT_VRFY_A:
494 case SSL3_ST_SR_CERT_VRFY_B: 537 case SSL3_ST_SR_CERT_VRFY_B:
495 538
496 s->d1->change_cipher_spec_ok = 1; 539 s->d1->change_cipher_spec_ok = 1;
497 /* we should decide if we expected this one */ 540 /* we should decide if we expected this one */
498 ret=ssl3_get_cert_verify(s); 541 ret=ssl3_get_cert_verify(s);
499 if (ret <= 0) goto end; 542 if (ret <= 0) goto end;
500 dtls1_stop_timer(s); 543 dtls1_stop_timer(s);
(...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after
679 int dtls1_send_hello_verify_request(SSL *s) 722 int dtls1_send_hello_verify_request(SSL *s)
680 { 723 {
681 unsigned int msg_len; 724 unsigned int msg_len;
682 unsigned char *msg, *buf, *p; 725 unsigned char *msg, *buf, *p;
683 726
684 if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) 727 if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A)
685 { 728 {
686 buf = (unsigned char *)s->init_buf->data; 729 buf = (unsigned char *)s->init_buf->data;
687 730
688 msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]); 731 msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
689 » » if (s->client_version == DTLS1_BAD_VER) 732 » » *(p++) = s->version >> 8;
690 » » » *(p++) = DTLS1_BAD_VER>>8, 733 » » *(p++) = s->version & 0xFF;
691 » » » *(p++) = DTLS1_BAD_VER&0xff;
692 » » else
693 » » » *(p++) = s->version >> 8,
694 » » » *(p++) = s->version & 0xFF;
695 734
696 if (s->ctx->app_gen_cookie_cb == NULL || 735 if (s->ctx->app_gen_cookie_cb == NULL ||
697 s->ctx->app_gen_cookie_cb(s, s->d1->cookie, 736 s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
698 &(s->d1->cookie_len)) == 0) 737 &(s->d1->cookie_len)) == 0)
699 { 738 {
700 SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,ERR_R_INTER NAL_ERROR); 739 SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,ERR_R_INTER NAL_ERROR);
701 return 0; 740 return 0;
702 } 741 }
703 742
704 *(p++) = (unsigned char) s->d1->cookie_len; 743 *(p++) = (unsigned char) s->d1->cookie_len;
705 memcpy(p, s->d1->cookie, s->d1->cookie_len); 744 memcpy(p, s->d1->cookie, s->d1->cookie_len);
706 p += s->d1->cookie_len; 745 p += s->d1->cookie_len;
707 msg_len = p - msg; 746 msg_len = p - msg;
708 747
709 dtls1_set_message_header(s, buf, 748 dtls1_set_message_header(s, buf,
710 DTLS1_MT_HELLO_VERIFY_REQUEST, msg_len, 0, msg_len); 749 DTLS1_MT_HELLO_VERIFY_REQUEST, msg_len, 0, msg_len);
711 750
712 s->state=DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B; 751 s->state=DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
713 /* number of bytes to write */ 752 /* number of bytes to write */
714 s->init_num=p-buf; 753 s->init_num=p-buf;
715 s->init_off=0; 754 s->init_off=0;
716
717 /* buffer the message to handle re-xmits */
718 dtls1_buffer_message(s, 0);
719 } 755 }
720 756
721 /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */ 757 /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
722 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); 758 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
723 } 759 }
724 760
725 int dtls1_send_server_hello(SSL *s) 761 int dtls1_send_server_hello(SSL *s)
726 { 762 {
727 unsigned char *buf; 763 unsigned char *buf;
728 unsigned char *p,*d; 764 unsigned char *p,*d;
729 int i; 765 int i;
730 unsigned int sl; 766 unsigned int sl;
731 unsigned long l,Time; 767 unsigned long l,Time;
732 768
733 if (s->state == SSL3_ST_SW_SRVR_HELLO_A) 769 if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
734 { 770 {
735 buf=(unsigned char *)s->init_buf->data; 771 buf=(unsigned char *)s->init_buf->data;
736 p=s->s3->server_random; 772 p=s->s3->server_random;
737 Time=(unsigned long)time(NULL); /* Time */ 773 Time=(unsigned long)time(NULL); /* Time */
738 l2n(Time,p); 774 l2n(Time,p);
739 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); 775 RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
740 /* Do the message type and length last */ 776 /* Do the message type and length last */
741 d=p= &(buf[DTLS1_HM_HEADER_LENGTH]); 777 d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
742 778
743 » » if (s->client_version == DTLS1_BAD_VER) 779 » » *(p++)=s->version>>8;
744 » » » *(p++)=DTLS1_BAD_VER>>8, 780 » » *(p++)=s->version&0xff;
745 » » » *(p++)=DTLS1_BAD_VER&0xff;
746 » » else
747 » » » *(p++)=s->version>>8,
748 » » » *(p++)=s->version&0xff;
749 781
750 /* Random stuff */ 782 /* Random stuff */
751 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); 783 memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
752 p+=SSL3_RANDOM_SIZE; 784 p+=SSL3_RANDOM_SIZE;
753 785
754 /* now in theory we have 3 options to sending back the 786 /* now in theory we have 3 options to sending back the
755 * session id. If it is a re-use, we send back the 787 * session id. If it is a re-use, we send back the
756 * old session-id, if it is a new session, we send 788 * old session-id, if it is a new session, we send
757 * back the new session-id or we send back a 0 length 789 * back the new session-id or we send back a 0 length
758 * session-id if we want it to be single use. 790 * session-id if we want it to be single use.
(...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after
844 #ifndef OPENSSL_NO_RSA 876 #ifndef OPENSSL_NO_RSA
845 unsigned char *q; 877 unsigned char *q;
846 int j,num; 878 int j,num;
847 RSA *rsa; 879 RSA *rsa;
848 unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; 880 unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
849 unsigned int u; 881 unsigned int u;
850 #endif 882 #endif
851 #ifndef OPENSSL_NO_DH 883 #ifndef OPENSSL_NO_DH
852 DH *dh=NULL,*dhp; 884 DH *dh=NULL,*dhp;
853 #endif 885 #endif
886 #ifndef OPENSSL_NO_ECDH
887 EC_KEY *ecdh=NULL, *ecdhp;
888 unsigned char *encodedPoint = NULL;
889 int encodedlen = 0;
890 int curve_id = 0;
891 BN_CTX *bn_ctx = NULL;
892 #endif
854 EVP_PKEY *pkey; 893 EVP_PKEY *pkey;
855 unsigned char *p,*d; 894 unsigned char *p,*d;
856 int al,i; 895 int al,i;
857 unsigned long type; 896 unsigned long type;
858 int n; 897 int n;
859 CERT *cert; 898 CERT *cert;
860 BIGNUM *r[4]; 899 BIGNUM *r[4];
861 int nr[4],kn; 900 int nr[4],kn;
862 BUF_MEM *buf; 901 BUF_MEM *buf;
863 EVP_MD_CTX md_ctx; 902 EVP_MD_CTX md_ctx;
864 903
865 EVP_MD_CTX_init(&md_ctx); 904 EVP_MD_CTX_init(&md_ctx);
866 if (s->state == SSL3_ST_SW_KEY_EXCH_A) 905 if (s->state == SSL3_ST_SW_KEY_EXCH_A)
867 { 906 {
868 » » type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK; 907 » » type=s->s3->tmp.new_cipher->algorithm_mkey;
869 cert=s->cert; 908 cert=s->cert;
870 909
871 buf=s->init_buf; 910 buf=s->init_buf;
872 911
873 r[0]=r[1]=r[2]=r[3]=NULL; 912 r[0]=r[1]=r[2]=r[3]=NULL;
874 n=0; 913 n=0;
875 #ifndef OPENSSL_NO_RSA 914 #ifndef OPENSSL_NO_RSA
876 if (type & SSL_kRSA) 915 if (type & SSL_kRSA)
877 { 916 {
878 rsa=cert->rsa_tmp; 917 rsa=cert->rsa_tmp;
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after
952 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHA NGE,ERR_R_DH_LIB); 991 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHA NGE,ERR_R_DH_LIB);
953 goto err; 992 goto err;
954 } 993 }
955 } 994 }
956 r[0]=dh->p; 995 r[0]=dh->p;
957 r[1]=dh->g; 996 r[1]=dh->g;
958 r[2]=dh->pub_key; 997 r[2]=dh->pub_key;
959 } 998 }
960 else 999 else
961 #endif 1000 #endif
1001 #ifndef OPENSSL_NO_ECDH
1002 if (type & SSL_kEECDH)
1003 {
1004 const EC_GROUP *group;
1005
1006 ecdhp=cert->ecdh_tmp;
1007 if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL))
1008 {
1009 ecdhp=s->cert->ecdh_tmp_cb(s,
1010 SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
1011 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cip her));
1012 }
1013 if (ecdhp == NULL)
1014 {
1015 al=SSL_AD_HANDSHAKE_FAILURE;
1016 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_ R_MISSING_TMP_ECDH_KEY);
1017 goto f_err;
1018 }
1019
1020 if (s->s3->tmp.ecdh != NULL)
1021 {
1022 EC_KEY_free(s->s3->tmp.ecdh);
1023 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR _R_INTERNAL_ERROR);
1024 goto err;
1025 }
1026
1027 /* Duplicate the ECDH structure. */
1028 if (ecdhp == NULL)
1029 {
1030 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_ R_ECDH_LIB);
1031 goto err;
1032 }
1033 if ((ecdh = EC_KEY_dup(ecdhp)) == NULL)
1034 {
1035 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_ R_ECDH_LIB);
1036 goto err;
1037 }
1038
1039 s->s3->tmp.ecdh=ecdh;
1040 if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
1041 (EC_KEY_get0_private_key(ecdh) == NULL) ||
1042 (s->options & SSL_OP_SINGLE_ECDH_USE))
1043 {
1044 if(!EC_KEY_generate_key(ecdh))
1045 {
1046 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
1047 goto err;
1048 }
1049 }
1050
1051 if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
1052 (EC_KEY_get0_public_key(ecdh) == NULL) ||
1053 (EC_KEY_get0_private_key(ecdh) == NULL))
1054 {
1055 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_ R_ECDH_LIB);
1056 goto err;
1057 }
1058
1059 if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
1060 (EC_GROUP_get_degree(group) > 163))
1061 {
1062 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_ R_ECGROUP_TOO_LARGE_FOR_CIPHER);
1063 goto err;
1064 }
1065
1066 /* XXX: For now, we only support ephemeral ECDH
1067 * keys over named (not generic) curves. For
1068 * supported named curves, curve_id is non-zero.
1069 */
1070 if ((curve_id =
1071 tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)) )
1072 == 0)
1073 {
1074 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_ R_UNSUPPORTED_ELLIPTIC_CURVE);
1075 goto err;
1076 }
1077
1078 /* Encode the public key.
1079 * First check the size of encoding and
1080 * allocate memory accordingly.
1081 */
1082 encodedlen = EC_POINT_point2oct(group,
1083 EC_KEY_get0_public_key(ecdh),
1084 POINT_CONVERSION_UNCOMPRESSED,
1085 NULL, 0, NULL);
1086
1087 encodedPoint = (unsigned char *)
1088 OPENSSL_malloc(encodedlen*sizeof(unsigned char));
1089 bn_ctx = BN_CTX_new();
1090 if ((encodedPoint == NULL) || (bn_ctx == NULL))
1091 {
1092 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_ R_MALLOC_FAILURE);
1093 goto err;
1094 }
1095
1096
1097 encodedlen = EC_POINT_point2oct(group,
1098 EC_KEY_get0_public_key(ecdh),
1099 POINT_CONVERSION_UNCOMPRESSED,
1100 encodedPoint, encodedlen, bn_ctx);
1101
1102 if (encodedlen == 0)
1103 {
1104 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_ R_ECDH_LIB);
1105 goto err;
1106 }
1107
1108 BN_CTX_free(bn_ctx); bn_ctx=NULL;
1109
1110 /* XXX: For now, we only support named (not
1111 * generic) curves in ECDH ephemeral key exchanges.
1112 * In this situation, we need four additional bytes
1113 * to encode the entire ServerECDHParams
1114 * structure.
1115 */
1116 n = 4 + encodedlen;
1117
1118 /* We'll generate the serverKeyExchange message
1119 * explicitly so we can set these to NULLs
1120 */
1121 r[0]=NULL;
1122 r[1]=NULL;
1123 r[2]=NULL;
1124 r[3]=NULL;
1125 }
1126 else
1127 #endif /* !OPENSSL_NO_ECDH */
1128 #ifndef OPENSSL_NO_PSK
1129 if (type & SSL_kPSK)
1130 {
1131 /* reserve size for record length and PSK identi ty hint*/
1132 n+=2+strlen(s->ctx->psk_identity_hint);
1133 }
1134 else
1135 #endif /* !OPENSSL_NO_PSK */
962 { 1136 {
963 al=SSL_AD_HANDSHAKE_FAILURE; 1137 al=SSL_AD_HANDSHAKE_FAILURE;
964 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOW N_KEY_EXCHANGE_TYPE); 1138 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOW N_KEY_EXCHANGE_TYPE);
965 goto f_err; 1139 goto f_err;
966 } 1140 }
967 for (i=0; r[i] != NULL; i++) 1141 for (i=0; r[i] != NULL; i++)
968 { 1142 {
969 nr[i]=BN_num_bytes(r[i]); 1143 nr[i]=BN_num_bytes(r[i]);
970 n+=2+nr[i]; 1144 n+=2+nr[i];
971 } 1145 }
972 1146
973 » » if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) 1147 » » if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
1148 » » » && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
974 { 1149 {
975 if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher)) 1150 if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
976 == NULL) 1151 == NULL)
977 { 1152 {
978 al=SSL_AD_DECODE_ERROR; 1153 al=SSL_AD_DECODE_ERROR;
979 goto f_err; 1154 goto f_err;
980 } 1155 }
981 kn=EVP_PKEY_size(pkey); 1156 kn=EVP_PKEY_size(pkey);
982 } 1157 }
983 else 1158 else
(...skipping 10 matching lines...) Expand all
994 d=(unsigned char *)s->init_buf->data; 1169 d=(unsigned char *)s->init_buf->data;
995 p= &(d[DTLS1_HM_HEADER_LENGTH]); 1170 p= &(d[DTLS1_HM_HEADER_LENGTH]);
996 1171
997 for (i=0; r[i] != NULL; i++) 1172 for (i=0; r[i] != NULL; i++)
998 { 1173 {
999 s2n(nr[i],p); 1174 s2n(nr[i],p);
1000 BN_bn2bin(r[i],p); 1175 BN_bn2bin(r[i],p);
1001 p+=nr[i]; 1176 p+=nr[i];
1002 } 1177 }
1003 1178
1179 #ifndef OPENSSL_NO_ECDH
1180 if (type & SSL_kEECDH)
1181 {
1182 /* XXX: For now, we only support named (not generic) cur ves.
1183 * In this situation, the serverKeyExchange message has:
1184 * [1 byte CurveType], [2 byte CurveName]
1185 * [1 byte length of encoded point], followed by
1186 * the actual encoded point itself
1187 */
1188 *p = NAMED_CURVE_TYPE;
1189 p += 1;
1190 *p = 0;
1191 p += 1;
1192 *p = curve_id;
1193 p += 1;
1194 *p = encodedlen;
1195 p += 1;
1196 memcpy((unsigned char*)p,
1197 (unsigned char *)encodedPoint,
1198 encodedlen);
1199 OPENSSL_free(encodedPoint);
1200 p += encodedlen;
1201 }
1202 #endif
1203
1204 #ifndef OPENSSL_NO_PSK
1205 if (type & SSL_kPSK)
1206 {
1207 /* copy PSK identity hint */
1208 s2n(strlen(s->ctx->psk_identity_hint), p);
1209 strncpy((char *)p, s->ctx->psk_identity_hint, strlen(s-> ctx->psk_identity_hint));
1210 p+=strlen(s->ctx->psk_identity_hint);
1211 }
1212 #endif
1213
1004 /* not anonymous */ 1214 /* not anonymous */
1005 if (pkey != NULL) 1215 if (pkey != NULL)
1006 { 1216 {
1007 /* n is the length of the params, they start at 1217 /* n is the length of the params, they start at
1008 * &(d[DTLS1_HM_HEADER_LENGTH]) and p points to the spac e 1218 * &(d[DTLS1_HM_HEADER_LENGTH]) and p points to the spac e
1009 * at the end. */ 1219 * at the end. */
1010 #ifndef OPENSSL_NO_RSA 1220 #ifndef OPENSSL_NO_RSA
1011 if (pkey->type == EVP_PKEY_RSA) 1221 if (pkey->type == EVP_PKEY_RSA)
1012 { 1222 {
1013 q=md_buf; 1223 q=md_buf;
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
1047 (unsigned int *)&i,pkey)) 1257 (unsigned int *)&i,pkey))
1048 { 1258 {
1049 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHA NGE,ERR_LIB_DSA); 1259 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHA NGE,ERR_LIB_DSA);
1050 goto err; 1260 goto err;
1051 } 1261 }
1052 s2n(i,p); 1262 s2n(i,p);
1053 n+=i+2; 1263 n+=i+2;
1054 } 1264 }
1055 else 1265 else
1056 #endif 1266 #endif
1267 #if !defined(OPENSSL_NO_ECDSA)
1268 if (pkey->type == EVP_PKEY_EC)
1269 {
1270 /* let's do ECDSA */
1271 EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
1272 EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0] ),SSL3_RANDOM_SIZE);
1273 EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0] ),SSL3_RANDOM_SIZE);
1274 EVP_SignUpdate(&md_ctx,&(d[DTLS1_HM_HEADER_LENGT H]),n);
1275 if (!EVP_SignFinal(&md_ctx,&(p[2]),
1276 (unsigned int *)&i,pkey))
1277 {
1278 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHA NGE,ERR_LIB_ECDSA);
1279 goto err;
1280 }
1281 s2n(i,p);
1282 n+=i+2;
1283 }
1284 else
1285 #endif
1057 { 1286 {
1058 /* Is this error check actually needed? */ 1287 /* Is this error check actually needed? */
1059 al=SSL_AD_HANDSHAKE_FAILURE; 1288 al=SSL_AD_HANDSHAKE_FAILURE;
1060 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_ R_UNKNOWN_PKEY_TYPE); 1289 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_ R_UNKNOWN_PKEY_TYPE);
1061 goto f_err; 1290 goto f_err;
1062 } 1291 }
1063 } 1292 }
1064 1293
1065 d = dtls1_set_message_header(s, d, 1294 d = dtls1_set_message_header(s, d,
1066 SSL3_MT_SERVER_KEY_EXCHANGE, n, 0, n); 1295 SSL3_MT_SERVER_KEY_EXCHANGE, n, 0, n);
1067 1296
1068 /* we should now have things packed up, so lets send 1297 /* we should now have things packed up, so lets send
1069 * it off */ 1298 * it off */
1070 s->init_num=n+DTLS1_HM_HEADER_LENGTH; 1299 s->init_num=n+DTLS1_HM_HEADER_LENGTH;
1071 s->init_off=0; 1300 s->init_off=0;
1072 1301
1073 /* buffer the message to handle re-xmits */ 1302 /* buffer the message to handle re-xmits */
1074 dtls1_buffer_message(s, 0); 1303 dtls1_buffer_message(s, 0);
1075 } 1304 }
1076 1305
1077 s->state = SSL3_ST_SW_KEY_EXCH_B; 1306 s->state = SSL3_ST_SW_KEY_EXCH_B;
1078 EVP_MD_CTX_cleanup(&md_ctx); 1307 EVP_MD_CTX_cleanup(&md_ctx);
1079 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); 1308 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
1080 f_err: 1309 f_err:
1081 ssl3_send_alert(s,SSL3_AL_FATAL,al); 1310 ssl3_send_alert(s,SSL3_AL_FATAL,al);
1082 err: 1311 err:
1312 #ifndef OPENSSL_NO_ECDH
1313 if (encodedPoint != NULL) OPENSSL_free(encodedPoint);
1314 BN_CTX_free(bn_ctx);
1315 #endif
1083 EVP_MD_CTX_cleanup(&md_ctx); 1316 EVP_MD_CTX_cleanup(&md_ctx);
1084 return(-1); 1317 return(-1);
1085 } 1318 }
1086 1319
1087 int dtls1_send_certificate_request(SSL *s) 1320 int dtls1_send_certificate_request(SSL *s)
1088 { 1321 {
1089 unsigned char *p,*d; 1322 unsigned char *p,*d;
1090 int i,j,nl,off,n; 1323 int i,j,nl,off,n;
1091 STACK_OF(X509_NAME) *sk=NULL; 1324 STACK_OF(X509_NAME) *sk=NULL;
1092 X509_NAME *name; 1325 X509_NAME *name;
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after
1186 } 1419 }
1187 1420
1188 int dtls1_send_server_certificate(SSL *s) 1421 int dtls1_send_server_certificate(SSL *s)
1189 { 1422 {
1190 unsigned long l; 1423 unsigned long l;
1191 X509 *x; 1424 X509 *x;
1192 1425
1193 if (s->state == SSL3_ST_SW_CERT_A) 1426 if (s->state == SSL3_ST_SW_CERT_A)
1194 { 1427 {
1195 x=ssl_get_server_send_cert(s); 1428 x=ssl_get_server_send_cert(s);
1196 » » if (x == NULL && 1429 » » if (x == NULL)
1197 /* VRS: allow null cert if auth == KRB5 */
1198 (s->s3->tmp.new_cipher->algorithms
1199 & (SSL_MKEY_MASK|SSL_AUTH_MASK))
1200 != (SSL_aKRB5|SSL_kKRB5))
1201 { 1430 {
1202 » » » SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,ERR_R_INTERNA L_ERROR); 1431 » » » /* VRS: allow null cert if auth == KRB5 */
1203 » » » return(0); 1432 » » » if ((s->s3->tmp.new_cipher->algorithm_mkey != SSL_kKRB5) ||
1433 » » » (s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) )
1434 » » » » {
1435 » » » » SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,ERR_R _INTERNAL_ERROR);
1436 » » » » return(0);
1437 » » » » }
1204 } 1438 }
1205 1439
1206 l=dtls1_output_cert_chain(s,x); 1440 l=dtls1_output_cert_chain(s,x);
1207 s->state=SSL3_ST_SW_CERT_B; 1441 s->state=SSL3_ST_SW_CERT_B;
1208 s->init_num=(int)l; 1442 s->init_num=(int)l;
1209 s->init_off=0; 1443 s->init_off=0;
1210 1444
1211 /* buffer the message to handle re-xmits */ 1445 /* buffer the message to handle re-xmits */
1212 dtls1_buffer_message(s, 0); 1446 dtls1_buffer_message(s, 0);
1213 } 1447 }
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after
1320 SSL3_MT_NEWSESSION_TICKET, msg_len, 0, msg_len); 1554 SSL3_MT_NEWSESSION_TICKET, msg_len, 0, msg_len);
1321 1555
1322 /* buffer the message to handle re-xmits */ 1556 /* buffer the message to handle re-xmits */
1323 dtls1_buffer_message(s, 0); 1557 dtls1_buffer_message(s, 0);
1324 } 1558 }
1325 1559
1326 /* SSL3_ST_SW_SESSION_TICKET_B */ 1560 /* SSL3_ST_SW_SESSION_TICKET_B */
1327 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); 1561 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
1328 } 1562 }
1329 #endif 1563 #endif
OLDNEW
« no previous file with comments | « openssl/ssl/d1_pkt.c ('k') | openssl/ssl/dtls1.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698