OLD | NEW |
1 /* ssl/s2_clnt.c */ | 1 /* ssl/s2_clnt.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
110 */ | 110 */ |
111 | 111 |
112 #include "ssl_locl.h" | 112 #include "ssl_locl.h" |
113 #ifndef OPENSSL_NO_SSL2 | 113 #ifndef OPENSSL_NO_SSL2 |
114 #include <stdio.h> | 114 #include <stdio.h> |
115 #include <openssl/rand.h> | 115 #include <openssl/rand.h> |
116 #include <openssl/buffer.h> | 116 #include <openssl/buffer.h> |
117 #include <openssl/objects.h> | 117 #include <openssl/objects.h> |
118 #include <openssl/evp.h> | 118 #include <openssl/evp.h> |
119 | 119 |
120 static SSL_METHOD *ssl2_get_client_method(int ver); | 120 static const SSL_METHOD *ssl2_get_client_method(int ver); |
121 static int get_server_finished(SSL *s); | 121 static int get_server_finished(SSL *s); |
122 static int get_server_verify(SSL *s); | 122 static int get_server_verify(SSL *s); |
123 static int get_server_hello(SSL *s); | 123 static int get_server_hello(SSL *s); |
124 static int client_hello(SSL *s); | 124 static int client_hello(SSL *s); |
125 static int client_master_key(SSL *s); | 125 static int client_master_key(SSL *s); |
126 static int client_finished(SSL *s); | 126 static int client_finished(SSL *s); |
127 static int client_certificate(SSL *s); | 127 static int client_certificate(SSL *s); |
128 static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, | 128 static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, |
129 unsigned char *to,int padding); | 129 unsigned char *to,int padding); |
130 #define BREAK break | 130 #define BREAK break |
131 | 131 |
132 static SSL_METHOD *ssl2_get_client_method(int ver) | 132 static const SSL_METHOD *ssl2_get_client_method(int ver) |
133 { | 133 { |
134 if (ver == SSL2_VERSION) | 134 if (ver == SSL2_VERSION) |
135 return(SSLv2_client_method()); | 135 return(SSLv2_client_method()); |
136 else | 136 else |
137 return(NULL); | 137 return(NULL); |
138 } | 138 } |
139 | 139 |
140 IMPLEMENT_ssl2_meth_func(SSLv2_client_method, | 140 IMPLEMENT_ssl2_meth_func(SSLv2_client_method, |
141 ssl_undefined_function, | 141 ssl_undefined_function, |
142 ssl2_connect, | 142 ssl2_connect, |
(...skipping 471 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
614 unsigned char *p,*d; | 614 unsigned char *p,*d; |
615 int clear,enc,karg,i; | 615 int clear,enc,karg,i; |
616 SSL_SESSION *sess; | 616 SSL_SESSION *sess; |
617 const EVP_CIPHER *c; | 617 const EVP_CIPHER *c; |
618 const EVP_MD *md; | 618 const EVP_MD *md; |
619 | 619 |
620 buf=(unsigned char *)s->init_buf->data; | 620 buf=(unsigned char *)s->init_buf->data; |
621 if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) | 621 if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) |
622 { | 622 { |
623 | 623 |
624 » » if (!ssl_cipher_get_evp(s->session,&c,&md,NULL)) | 624 » » if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL)) |
625 { | 625 { |
626 ssl2_return_error(s,SSL2_PE_NO_CIPHER); | 626 ssl2_return_error(s,SSL2_PE_NO_CIPHER); |
627 SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CI
PHER_FUNCTIONS); | 627 SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CI
PHER_FUNCTIONS); |
628 return(-1); | 628 return(-1); |
629 } | 629 } |
630 sess=s->session; | 630 sess=s->session; |
631 p=buf; | 631 p=buf; |
632 d=p+10; | 632 d=p+10; |
633 *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */ | 633 *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */ |
634 | 634 |
(...skipping 221 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
856 EVP_MD_CTX ctx; | 856 EVP_MD_CTX ctx; |
857 | 857 |
858 /* ok, now we calculate the checksum | 858 /* ok, now we calculate the checksum |
859 * do it first so we can reuse buf :-) */ | 859 * do it first so we can reuse buf :-) */ |
860 p=buf; | 860 p=buf; |
861 EVP_MD_CTX_init(&ctx); | 861 EVP_MD_CTX_init(&ctx); |
862 EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL); | 862 EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL); |
863 EVP_SignUpdate(&ctx,s->s2->key_material, | 863 EVP_SignUpdate(&ctx,s->s2->key_material, |
864 s->s2->key_material_length); | 864 s->s2->key_material_length); |
865 EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); | 865 EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); |
866 » » n=i2d_X509(s->session->sess_cert->peer_key->x509,&p); | 866 » » i=i2d_X509(s->session->sess_cert->peer_key->x509,&p); |
867 » » EVP_SignUpdate(&ctx,buf,(unsigned int)n); | 867 » » /* Don't update the signature if it fails - FIXME: probably shou
ld handle this better */ |
| 868 » » if(i > 0) |
| 869 » » » EVP_SignUpdate(&ctx,buf,(unsigned int)i); |
868 | 870 |
869 p=buf; | 871 p=buf; |
870 d=p+6; | 872 d=p+6; |
871 *(p++)=SSL2_MT_CLIENT_CERTIFICATE; | 873 *(p++)=SSL2_MT_CLIENT_CERTIFICATE; |
872 *(p++)=SSL2_CT_X509_CERTIFICATE; | 874 *(p++)=SSL2_CT_X509_CERTIFICATE; |
873 n=i2d_X509(s->cert->key->x509,&d); | 875 n=i2d_X509(s->cert->key->x509,&d); |
874 s2n(n,p); | 876 s2n(n,p); |
875 | 877 |
876 if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey)) | 878 if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey)) |
877 { | 879 { |
(...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1114 EVP_PKEY_free(pkey); | 1116 EVP_PKEY_free(pkey); |
1115 return(i); | 1117 return(i); |
1116 } | 1118 } |
1117 #else /* !OPENSSL_NO_SSL2 */ | 1119 #else /* !OPENSSL_NO_SSL2 */ |
1118 | 1120 |
1119 # if PEDANTIC | 1121 # if PEDANTIC |
1120 static void *dummy=&dummy; | 1122 static void *dummy=&dummy; |
1121 # endif | 1123 # endif |
1122 | 1124 |
1123 #endif | 1125 #endif |
OLD | NEW |