OLD | NEW |
1 /* ssl/s23_srvr.c */ | 1 /* ssl/s23_srvr.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
51 * SUCH DAMAGE. | 51 * SUCH DAMAGE. |
52 * | 52 * |
53 * The licence and distribution terms for any publically available version or | 53 * The licence and distribution terms for any publically available version or |
54 * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
55 * copied and put under another distribution licence | 55 * copied and put under another distribution licence |
56 * [including the GNU Public Licence.] | 56 * [including the GNU Public Licence.] |
57 */ | 57 */ |
58 /* ==================================================================== | 58 /* ==================================================================== |
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. |
60 * | 60 * |
61 * Redistribution and use in source and binary forms, with or without | 61 * Redistribution and use in source and binary forms, with or without |
62 * modification, are permitted provided that the following conditions | 62 * modification, are permitted provided that the following conditions |
63 * are met: | 63 * are met: |
64 * | 64 * |
65 * 1. Redistributions of source code must retain the above copyright | 65 * 1. Redistributions of source code must retain the above copyright |
66 * notice, this list of conditions and the following disclaimer. | 66 * notice, this list of conditions and the following disclaimer. |
67 * | 67 * |
68 * 2. Redistributions in binary form must reproduce the above copyright | 68 * 2. Redistributions in binary form must reproduce the above copyright |
69 * notice, this list of conditions and the following disclaimer in | 69 * notice, this list of conditions and the following disclaimer in |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
109 * | 109 * |
110 */ | 110 */ |
111 | 111 |
112 #include <stdio.h> | 112 #include <stdio.h> |
113 #include "ssl_locl.h" | 113 #include "ssl_locl.h" |
114 #include <openssl/buffer.h> | 114 #include <openssl/buffer.h> |
115 #include <openssl/rand.h> | 115 #include <openssl/rand.h> |
116 #include <openssl/objects.h> | 116 #include <openssl/objects.h> |
117 #include <openssl/evp.h> | 117 #include <openssl/evp.h> |
118 | 118 |
119 static SSL_METHOD *ssl23_get_server_method(int ver); | 119 static const SSL_METHOD *ssl23_get_server_method(int ver); |
120 int ssl23_get_client_hello(SSL *s); | 120 int ssl23_get_client_hello(SSL *s); |
121 static SSL_METHOD *ssl23_get_server_method(int ver) | 121 static const SSL_METHOD *ssl23_get_server_method(int ver) |
122 { | 122 { |
123 #ifndef OPENSSL_NO_SSL2 | 123 #ifndef OPENSSL_NO_SSL2 |
124 if (ver == SSL2_VERSION) | 124 if (ver == SSL2_VERSION) |
125 return(SSLv2_server_method()); | 125 return(SSLv2_server_method()); |
126 #endif | 126 #endif |
127 if (ver == SSL3_VERSION) | 127 if (ver == SSL3_VERSION) |
128 return(SSLv3_server_method()); | 128 return(SSLv3_server_method()); |
129 else if (ver == TLS1_VERSION) | 129 else if (ver == TLS1_VERSION) |
130 return(TLSv1_server_method()); | 130 return(TLSv1_server_method()); |
131 else | 131 else |
(...skipping 254 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
386 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST); | 386 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST); |
387 goto err; | 387 goto err; |
388 } | 388 } |
389 else if (strncmp("CONNECT",(char *)p,7) == 0) | 389 else if (strncmp("CONNECT",(char *)p,7) == 0) |
390 { | 390 { |
391 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_RE
QUEST); | 391 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_RE
QUEST); |
392 goto err; | 392 goto err; |
393 } | 393 } |
394 } | 394 } |
395 | 395 |
396 #ifdef OPENSSL_FIPS | |
397 if (FIPS_mode() && (s->version < TLS1_VERSION)) | |
398 { | |
399 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, | |
400 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); | |
401 goto err; | |
402 } | |
403 #endif | |
404 | |
405 if (s->state == SSL23_ST_SR_CLNT_HELLO_B) | 396 if (s->state == SSL23_ST_SR_CLNT_HELLO_B) |
406 { | 397 { |
407 /* we have SSLv3/TLSv1 in an SSLv2 header | 398 /* we have SSLv3/TLSv1 in an SSLv2 header |
408 * (other cases skip this state) */ | 399 * (other cases skip this state) */ |
409 | 400 |
410 type=2; | 401 type=2; |
411 p=s->packet; | 402 p=s->packet; |
412 v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ | 403 v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ |
413 v[1] = p[4]; | 404 v[1] = p[4]; |
414 | 405 |
| 406 /* The SSL2 protocol allows n to be larger, just pick |
| 407 * a reasonable buffer size. */ |
| 408 #if SSL3_RT_DEFAULT_PACKET_SIZE < 1024*4 - SSL3_RT_DEFAULT_WRITE_OVERHEAD |
| 409 #error "SSL3_RT_DEFAULT_PACKET_SIZE is too small." |
| 410 #endif |
415 n=((p[0]&0x7f)<<8)|p[1]; | 411 n=((p[0]&0x7f)<<8)|p[1]; |
416 » » if (n > (1024*4)) | 412 » » if (n > SSL3_RT_DEFAULT_PACKET_SIZE - 2) |
417 { | 413 { |
418 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LAR
GE); | 414 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LAR
GE); |
419 goto err; | 415 goto err; |
420 } | 416 } |
421 | 417 |
422 j=ssl23_read_bytes(s,n+2); | 418 j=ssl23_read_bytes(s,n+2); |
423 if (j <= 0) return(j); | 419 if (j <= 0) return(j); |
424 | 420 |
425 ssl3_finish_mac(s, s->packet+2, s->packet_length-2); | 421 ssl3_finish_mac(s, s->packet+2, s->packet_length-2); |
426 if (s->msg_callback) | 422 if (s->msg_callback) |
427 s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->pack
et_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */ | 423 s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->pack
et_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */ |
428 | 424 |
429 p=s->packet; | 425 p=s->packet; |
430 p+=5; | 426 p+=5; |
431 n2s(p,csl); | 427 n2s(p,csl); |
432 n2s(p,sil); | 428 n2s(p,sil); |
433 n2s(p,cl); | 429 n2s(p,cl); |
434 d=(unsigned char *)s->init_buf->data; | 430 d=(unsigned char *)s->init_buf->data; |
435 » » if ((csl+sil+cl+11) != s->packet_length) | 431 » » if ((csl+sil+cl+11) != s->packet_length) /* We can't have TLS ex
tensions in SSL 2.0 format |
| 432 » » * Client Hello, can we
? Error condition should be |
| 433 » » * '>' otherweise */ |
436 { | 434 { |
437 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_
MISMATCH); | 435 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_
MISMATCH); |
438 goto err; | 436 goto err; |
439 } | 437 } |
440 | 438 |
441 /* record header: msg_type ... */ | 439 /* record header: msg_type ... */ |
442 *(d++) = SSL3_MT_CLIENT_HELLO; | 440 *(d++) = SSL3_MT_CLIENT_HELLO; |
443 /* ... and length (actual value will be written later) */ | 441 /* ... and length (actual value will be written later) */ |
444 d_len = d; | 442 d_len = d; |
445 d += 3; | 443 d += 3; |
(...skipping 22 matching lines...) Expand all Loading... |
468 *(d++)=p[i+1]; | 466 *(d++)=p[i+1]; |
469 *(d++)=p[i+2]; | 467 *(d++)=p[i+2]; |
470 j+=2; | 468 j+=2; |
471 } | 469 } |
472 s2n(j,dd); | 470 s2n(j,dd); |
473 | 471 |
474 /* COMPRESSION */ | 472 /* COMPRESSION */ |
475 *(d++)=1; | 473 *(d++)=1; |
476 *(d++)=0; | 474 *(d++)=0; |
477 | 475 |
| 476 #if 0 |
| 477 /* copy any remaining data with may be extensions */ |
| 478 p = p+csl+sil+cl; |
| 479 while (p < s->packet+s->packet_length) |
| 480 { |
| 481 *(d++)=*(p++); |
| 482 } |
| 483 #endif |
| 484 |
478 i = (d-(unsigned char *)s->init_buf->data) - 4; | 485 i = (d-(unsigned char *)s->init_buf->data) - 4; |
479 l2n3((long)i, d_len); | 486 l2n3((long)i, d_len); |
480 | 487 |
481 /* get the data reused from the init_buf */ | 488 /* get the data reused from the init_buf */ |
482 s->s3->tmp.reuse_message=1; | 489 s->s3->tmp.reuse_message=1; |
483 s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; | 490 s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; |
484 s->s3->tmp.message_size=i; | 491 s->s3->tmp.message_size=i; |
485 } | 492 } |
486 | 493 |
487 /* imaginary new state (for program structure): */ | 494 /* imaginary new state (for program structure): */ |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
543 | 550 |
544 /* we are in this state */ | 551 /* we are in this state */ |
545 s->state=SSL3_ST_SR_CLNT_HELLO_A; | 552 s->state=SSL3_ST_SR_CLNT_HELLO_A; |
546 | 553 |
547 if (type == 3) | 554 if (type == 3) |
548 { | 555 { |
549 /* put the 'n' bytes we have read into the input buffer | 556 /* put the 'n' bytes we have read into the input buffer |
550 * for SSLv3 */ | 557 * for SSLv3 */ |
551 s->rstate=SSL_ST_READ_HEADER; | 558 s->rstate=SSL_ST_READ_HEADER; |
552 s->packet_length=n; | 559 s->packet_length=n; |
| 560 if (s->s3->rbuf.buf == NULL) |
| 561 if (!ssl3_setup_read_buffer(s)) |
| 562 goto err; |
| 563 |
553 s->packet= &(s->s3->rbuf.buf[0]); | 564 s->packet= &(s->s3->rbuf.buf[0]); |
554 memcpy(s->packet,buf,n); | 565 memcpy(s->packet,buf,n); |
555 s->s3->rbuf.left=n; | 566 s->s3->rbuf.left=n; |
556 s->s3->rbuf.offset=0; | 567 s->s3->rbuf.offset=0; |
557 } | 568 } |
558 else | 569 else |
559 { | 570 { |
560 s->packet_length=0; | 571 s->packet_length=0; |
561 s->s3->rbuf.left=0; | 572 s->s3->rbuf.left=0; |
562 s->s3->rbuf.offset=0; | 573 s->s3->rbuf.offset=0; |
(...skipping 16 matching lines...) Expand all Loading... |
579 goto err; | 590 goto err; |
580 } | 591 } |
581 s->init_num=0; | 592 s->init_num=0; |
582 | 593 |
583 if (buf != buf_space) OPENSSL_free(buf); | 594 if (buf != buf_space) OPENSSL_free(buf); |
584 return(SSL_accept(s)); | 595 return(SSL_accept(s)); |
585 err: | 596 err: |
586 if (buf != buf_space) OPENSSL_free(buf); | 597 if (buf != buf_space) OPENSSL_free(buf); |
587 return(-1); | 598 return(-1); |
588 } | 599 } |
OLD | NEW |