Upgrade chrome's OpenSSL to same version Android ships with.

openssl/ssl/s2_clnt.c

 /* ssl/s2_clnt.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
  * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
@@ skipping 99 matching lines @@
  */
 
 #include "ssl_locl.h"
 #ifndef OPENSSL_NO_SSL2
 #include <stdio.h>
 #include <openssl/rand.h>
 #include <openssl/buffer.h>
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 
-static SSL_METHOD *ssl2_get_client_method(int ver);
+static const SSL_METHOD *ssl2_get_client_method(int ver);
 static int get_server_finished(SSL *s);
 static int get_server_verify(SSL *s);
 static int get_server_hello(SSL *s);
 static int client_hello(SSL *s); 
 static int client_master_key(SSL *s);
 static int client_finished(SSL *s);
 static int client_certificate(SSL *s);
 static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
         unsigned char *to,int padding);
 #define BREAK   break
 
-static SSL_METHOD *ssl2_get_client_method(int ver)
+static const SSL_METHOD *ssl2_get_client_method(int ver)
         {
         if (ver == SSL2_VERSION)
                 return(SSLv2_client_method());
         else
                 return(NULL);
         }
 
 IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
                         ssl_undefined_function,
                         ssl2_connect,
@@ skipping 471 matching lines @@
         unsigned char *p,*d;
         int clear,enc,karg,i;
         SSL_SESSION *sess;
         const EVP_CIPHER *c;
         const EVP_MD *md;
 
         buf=(unsigned char *)s->init_buf->data;
         if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A)
                 {
 
-                if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
+                if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))
                         {
                         ssl2_return_error(s,SSL2_PE_NO_CIPHER);
                         SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
                         return(-1);
                         }
                 sess=s->session;
                 p=buf;
                 d=p+10;
                 *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
 
@@ skipping 221 matching lines @@
                 EVP_MD_CTX ctx;
 
                 /* ok, now we calculate the checksum
                  * do it first so we can reuse buf :-) */
                 p=buf;
                 EVP_MD_CTX_init(&ctx);
                 EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL);
                 EVP_SignUpdate(&ctx,s->s2->key_material,
                                s->s2->key_material_length);
                 EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
-                n=i2d_X509(s->session->sess_cert->peer_key->x509,&p);
-                EVP_SignUpdate(&ctx,buf,(unsigned int)n);
+                i=i2d_X509(s->session->sess_cert->peer_key->x509,&p);
+                /* Don't update the signature if it fails - FIXME: probably should handle this better */
+                if(i > 0)
+                        EVP_SignUpdate(&ctx,buf,(unsigned int)i);
 
                 p=buf;
                 d=p+6;
                 *(p++)=SSL2_MT_CLIENT_CERTIFICATE;
                 *(p++)=SSL2_CT_X509_CERTIFICATE;
                 n=i2d_X509(s->cert->key->x509,&d);
                 s2n(n,p);
 
                 if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey))
                         {
@@ skipping 236 matching lines @@
         EVP_PKEY_free(pkey);
         return(i);
         }
 #else /* !OPENSSL_NO_SSL2 */
 
 # if PEDANTIC
 static void *dummy=&dummy;
 # endif
 
 #endif