| OLD | NEW |
|---|
| 1 /* ssl/s2_lib.c */ | 1 /* ssl/s2_lib.c */ |
| 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 * All rights reserved. | 3 * All rights reserved. |
| 4 * | 4 * |
| 5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
| 6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
| 7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
| 8 * | 8 * |
| 9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
| 10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 * SUCH DAMAGE. | 51 * SUCH DAMAGE. |
| 52 * | 52 * |
| 53 * The licence and distribution terms for any publically available version or | 53 * The licence and distribution terms for any publically available version or |
| 54 * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 * copied and put under another distribution licence | 55 * copied and put under another distribution licence |
| 56 * [including the GNU Public Licence.] | 56 * [including the GNU Public Licence.] |
| 57 */ | 57 */ |
| 58 /* ==================================================================== |
| 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. |
| 60 * |
| 61 * Redistribution and use in source and binary forms, with or without |
| 62 * modification, are permitted provided that the following conditions |
| 63 * are met: |
| 64 * |
| 65 * 1. Redistributions of source code must retain the above copyright |
| 66 * notice, this list of conditions and the following disclaimer. |
| 67 * |
| 68 * 2. Redistributions in binary form must reproduce the above copyright |
| 69 * notice, this list of conditions and the following disclaimer in |
| 70 * the documentation and/or other materials provided with the |
| 71 * distribution. |
| 72 * |
| 73 * 3. All advertising materials mentioning features or use of this |
| 74 * software must display the following acknowledgment: |
| 75 * "This product includes software developed by the OpenSSL Project |
| 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" |
| 77 * |
| 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
| 79 * endorse or promote products derived from this software without |
| 80 * prior written permission. For written permission, please contact |
| 81 * openssl-core@openssl.org. |
| 82 * |
| 83 * 5. Products derived from this software may not be called "OpenSSL" |
| 84 * nor may "OpenSSL" appear in their names without prior written |
| 85 * permission of the OpenSSL Project. |
| 86 * |
| 87 * 6. Redistributions of any form whatsoever must retain the following |
| 88 * acknowledgment: |
| 89 * "This product includes software developed by the OpenSSL Project |
| 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" |
| 91 * |
| 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
| 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
| 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
| 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
| 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 103 * OF THE POSSIBILITY OF SUCH DAMAGE. |
| 104 * ==================================================================== |
| 105 * |
| 106 * This product includes cryptographic software written by Eric Young |
| 107 * (eay@cryptsoft.com). This product includes software written by Tim |
| 108 * Hudson (tjh@cryptsoft.com). |
| 109 * |
| 110 */ |
| 58 | 111 |
| 59 #include "ssl_locl.h" | 112 #include "ssl_locl.h" |
| 60 #ifndef OPENSSL_NO_SSL2 | 113 #ifndef OPENSSL_NO_SSL2 |
| 61 #include <stdio.h> | 114 #include <stdio.h> |
| 62 #include <openssl/objects.h> | 115 #include <openssl/objects.h> |
| 63 #include <openssl/evp.h> | 116 #include <openssl/evp.h> |
| 64 #include <openssl/md5.h> | 117 #include <openssl/md5.h> |
| 65 | 118 |
| 66 const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT; | 119 const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT; |
| 67 | 120 |
| 68 #define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) | 121 #define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) |
| 69 | 122 |
| 70 /* list of available SSLv2 ciphers (sorted by id) */ | 123 /* list of available SSLv2 ciphers (sorted by id) */ |
| 71 OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={ | 124 OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={ |
| 125 #if 0 |
| 72 /* NULL_WITH_MD5 v3 */ | 126 /* NULL_WITH_MD5 v3 */ |
| 73 #if 0 | |
| 74 { | 127 { |
| 75 1, | 128 1, |
| 76 SSL2_TXT_NULL_WITH_MD5, | 129 SSL2_TXT_NULL_WITH_MD5, |
| 77 SSL2_CK_NULL_WITH_MD5, | 130 SSL2_CK_NULL_WITH_MD5, |
| 78 » SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2, | 131 » SSL_kRSA, |
| 132 » SSL_aRSA, |
| 133 » SSL_eNULL, |
| 134 » SSL_MD5, |
| 135 » SSL_SSLV2, |
| 79 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE, | 136 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE, |
| 80 0, | 137 0, |
| 81 0, | 138 0, |
| 82 0, | 139 0, |
| 83 SSL_ALL_CIPHERS, | |
| 84 SSL_ALL_STRENGTHS, | |
| 85 }, | 140 }, |
| 86 #endif | 141 #endif |
| 142 |
| 87 /* RC4_128_WITH_MD5 */ | 143 /* RC4_128_WITH_MD5 */ |
| 88 { | 144 { |
| 89 1, | 145 1, |
| 90 SSL2_TXT_RC4_128_WITH_MD5, | 146 SSL2_TXT_RC4_128_WITH_MD5, |
| 91 SSL2_CK_RC4_128_WITH_MD5, | 147 SSL2_CK_RC4_128_WITH_MD5, |
| 92 » SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2, | 148 » SSL_kRSA, |
| 149 » SSL_aRSA, |
| 150 » SSL_RC4, |
| 151 » SSL_MD5, |
| 152 » SSL_SSLV2, |
| 93 SSL_NOT_EXP|SSL_MEDIUM, | 153 SSL_NOT_EXP|SSL_MEDIUM, |
| 94 0, | 154 0, |
| 95 128, | 155 128, |
| 96 128, | 156 128, |
| 97 SSL_ALL_CIPHERS, | |
| 98 SSL_ALL_STRENGTHS, | |
| 99 }, | 157 }, |
| 158 |
| 100 /* RC4_128_EXPORT40_WITH_MD5 */ | 159 /* RC4_128_EXPORT40_WITH_MD5 */ |
| 101 { | 160 { |
| 102 1, | 161 1, |
| 103 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, | 162 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, |
| 104 SSL2_CK_RC4_128_EXPORT40_WITH_MD5, | 163 SSL2_CK_RC4_128_EXPORT40_WITH_MD5, |
| 105 » SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2, | 164 » SSL_kRSA, |
| 165 » SSL_aRSA, |
| 166 » SSL_RC4, |
| 167 » SSL_MD5, |
| 168 » SSL_SSLV2, |
| 106 SSL_EXPORT|SSL_EXP40, | 169 SSL_EXPORT|SSL_EXP40, |
| 107 SSL2_CF_5_BYTE_ENC, | 170 SSL2_CF_5_BYTE_ENC, |
| 108 40, | 171 40, |
| 109 128, | 172 128, |
| 110 SSL_ALL_CIPHERS, | |
| 111 SSL_ALL_STRENGTHS, | |
| 112 }, | 173 }, |
| 174 |
| 113 /* RC2_128_CBC_WITH_MD5 */ | 175 /* RC2_128_CBC_WITH_MD5 */ |
| 114 { | 176 { |
| 115 1, | 177 1, |
| 116 SSL2_TXT_RC2_128_CBC_WITH_MD5, | 178 SSL2_TXT_RC2_128_CBC_WITH_MD5, |
| 117 SSL2_CK_RC2_128_CBC_WITH_MD5, | 179 SSL2_CK_RC2_128_CBC_WITH_MD5, |
| 118 » SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2, | 180 » SSL_kRSA, |
| 181 » SSL_aRSA, |
| 182 » SSL_RC2, |
| 183 » SSL_MD5, |
| 184 » SSL_SSLV2, |
| 119 SSL_NOT_EXP|SSL_MEDIUM, | 185 SSL_NOT_EXP|SSL_MEDIUM, |
| 120 0, | 186 0, |
| 121 128, | 187 128, |
| 122 128, | 188 128, |
| 123 SSL_ALL_CIPHERS, | |
| 124 SSL_ALL_STRENGTHS, | |
| 125 }, | 189 }, |
| 190 |
| 126 /* RC2_128_CBC_EXPORT40_WITH_MD5 */ | 191 /* RC2_128_CBC_EXPORT40_WITH_MD5 */ |
| 127 { | 192 { |
| 128 1, | 193 1, |
| 129 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, | 194 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, |
| 130 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, | 195 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, |
| 131 » SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2, | 196 » SSL_kRSA, |
| 197 » SSL_aRSA, |
| 198 » SSL_RC2, |
| 199 » SSL_MD5, |
| 200 » SSL_SSLV2, |
| 132 SSL_EXPORT|SSL_EXP40, | 201 SSL_EXPORT|SSL_EXP40, |
| 133 SSL2_CF_5_BYTE_ENC, | 202 SSL2_CF_5_BYTE_ENC, |
| 134 40, | 203 40, |
| 135 128, | 204 128, |
| 136 SSL_ALL_CIPHERS, | |
| 137 SSL_ALL_STRENGTHS, | |
| 138 }, | 205 }, |
| 206 |
| 207 #ifndef OPENSSL_NO_IDEA |
| 139 /* IDEA_128_CBC_WITH_MD5 */ | 208 /* IDEA_128_CBC_WITH_MD5 */ |
| 140 #ifndef OPENSSL_NO_IDEA | |
| 141 { | 209 { |
| 142 1, | 210 1, |
| 143 SSL2_TXT_IDEA_128_CBC_WITH_MD5, | 211 SSL2_TXT_IDEA_128_CBC_WITH_MD5, |
| 144 SSL2_CK_IDEA_128_CBC_WITH_MD5, | 212 SSL2_CK_IDEA_128_CBC_WITH_MD5, |
| 145 » SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_SSLV2, | 213 » SSL_kRSA, |
| 214 » SSL_aRSA, |
| 215 » SSL_IDEA, |
| 216 » SSL_MD5, |
| 217 » SSL_SSLV2, |
| 146 SSL_NOT_EXP|SSL_MEDIUM, | 218 SSL_NOT_EXP|SSL_MEDIUM, |
| 147 0, | 219 0, |
| 148 128, | 220 128, |
| 149 128, | 221 128, |
| 150 SSL_ALL_CIPHERS, | |
| 151 SSL_ALL_STRENGTHS, | |
| 152 }, | 222 }, |
| 153 #endif | 223 #endif |
| 224 |
| 154 /* DES_64_CBC_WITH_MD5 */ | 225 /* DES_64_CBC_WITH_MD5 */ |
| 155 { | 226 { |
| 156 1, | 227 1, |
| 157 SSL2_TXT_DES_64_CBC_WITH_MD5, | 228 SSL2_TXT_DES_64_CBC_WITH_MD5, |
| 158 SSL2_CK_DES_64_CBC_WITH_MD5, | 229 SSL2_CK_DES_64_CBC_WITH_MD5, |
| 159 » SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2, | 230 » SSL_kRSA, |
| 231 » SSL_aRSA, |
| 232 » SSL_DES, |
| 233 » SSL_MD5, |
| 234 » SSL_SSLV2, |
| 160 SSL_NOT_EXP|SSL_LOW, | 235 SSL_NOT_EXP|SSL_LOW, |
| 161 0, | 236 0, |
| 162 56, | 237 56, |
| 163 56, | 238 56, |
| 164 SSL_ALL_CIPHERS, | |
| 165 SSL_ALL_STRENGTHS, | |
| 166 }, | 239 }, |
| 240 |
| 167 /* DES_192_EDE3_CBC_WITH_MD5 */ | 241 /* DES_192_EDE3_CBC_WITH_MD5 */ |
| 168 { | 242 { |
| 169 1, | 243 1, |
| 170 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, | 244 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, |
| 171 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, | 245 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, |
| 172 » SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2, | 246 » SSL_kRSA, |
| 247 » SSL_aRSA, |
| 248 » SSL_3DES, |
| 249 » SSL_MD5, |
| 250 » SSL_SSLV2, |
| 173 SSL_NOT_EXP|SSL_HIGH, | 251 SSL_NOT_EXP|SSL_HIGH, |
| 174 0, | 252 0, |
| 175 168, | 253 168, |
| 176 168, | 254 168, |
| 177 SSL_ALL_CIPHERS, | |
| 178 SSL_ALL_STRENGTHS, | |
| 179 }, | 255 }, |
| 256 |
| 257 #if 0 |
| 180 /* RC4_64_WITH_MD5 */ | 258 /* RC4_64_WITH_MD5 */ |
| 181 #if 0 | |
| 182 { | 259 { |
| 183 1, | 260 1, |
| 184 SSL2_TXT_RC4_64_WITH_MD5, | 261 SSL2_TXT_RC4_64_WITH_MD5, |
| 185 SSL2_CK_RC4_64_WITH_MD5, | 262 SSL2_CK_RC4_64_WITH_MD5, |
| 186 » SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2, | 263 » SSL_kRSA, |
| 264 » SSL_aRSA, |
| 265 » SSL_RC4, |
| 266 » SSL_MD5, |
| 267 » SSL_SSLV2, |
| 187 SSL_NOT_EXP|SSL_LOW, | 268 SSL_NOT_EXP|SSL_LOW, |
| 188 SSL2_CF_8_BYTE_ENC, | 269 SSL2_CF_8_BYTE_ENC, |
| 189 64, | 270 64, |
| 190 64, | 271 64, |
| 191 SSL_ALL_CIPHERS, | |
| 192 SSL_ALL_STRENGTHS, | |
| 193 }, | 272 }, |
| 194 #endif | 273 #endif |
| 274 |
| 275 #if 0 |
| 195 /* NULL SSLeay (testing) */ | 276 /* NULL SSLeay (testing) */ |
| 196 #if 0 | |
| 197 { | 277 { |
| 198 0, | 278 0, |
| 199 SSL2_TXT_NULL, | 279 SSL2_TXT_NULL, |
| 200 SSL2_CK_NULL, | 280 SSL2_CK_NULL, |
| 201 0, | 281 0, |
| 282 0, |
| 283 0, |
| 284 0, |
| 285 SSL_SSLV2, |
| 202 SSL_STRONG_NONE, | 286 SSL_STRONG_NONE, |
| 203 0, | 287 0, |
| 204 0, | 288 0, |
| 205 0, | 289 0, |
| 206 SSL_ALL_CIPHERS, | |
| 207 SSL_ALL_STRENGTHS, | |
| 208 }, | 290 }, |
| 209 #endif | 291 #endif |
| 210 | 292 |
| 211 /* end of list :-) */ | 293 /* end of list :-) */ |
| 212 }; | 294 }; |
| 213 | 295 |
| 214 long ssl2_default_timeout(void) | 296 long ssl2_default_timeout(void) |
| 215 { | 297 { |
| 216 return(300); | 298 return(300); |
| 217 } | 299 } |
| 218 | 300 |
| 219 IMPLEMENT_ssl2_meth_func(sslv2_base_method, | |
| 220 ssl_undefined_function, | |
| 221 ssl_undefined_function, | |
| 222 ssl_bad_method) | |
| 223 | |
| 224 int ssl2_num_ciphers(void) | 301 int ssl2_num_ciphers(void) |
| 225 { | 302 { |
| 226 return(SSL2_NUM_CIPHERS); | 303 return(SSL2_NUM_CIPHERS); |
| 227 } | 304 } |
| 228 | 305 |
| 229 SSL_CIPHER *ssl2_get_cipher(unsigned int u) | 306 const SSL_CIPHER *ssl2_get_cipher(unsigned int u) |
| 230 { | 307 { |
| 231 if (u < SSL2_NUM_CIPHERS) | 308 if (u < SSL2_NUM_CIPHERS) |
| 232 return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u])); | 309 return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u])); |
| 233 else | 310 else |
| 234 return(NULL); | 311 return(NULL); |
| 235 } | 312 } |
| 236 | 313 |
| 237 int ssl2_pending(const SSL *s) | 314 int ssl2_pending(const SSL *s) |
| 238 { | 315 { |
| 239 return SSL_in_init(s) ? 0 : s->s2->ract_data_length; | 316 return SSL_in_init(s) ? 0 : s->s2->ract_data_length; |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 330 return(0); | 407 return(0); |
| 331 } | 408 } |
| 332 | 409 |
| 333 long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) | 410 long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) |
| 334 { | 411 { |
| 335 return(0); | 412 return(0); |
| 336 } | 413 } |
| 337 | 414 |
| 338 /* This function needs to check if the ciphers required are actually | 415 /* This function needs to check if the ciphers required are actually |
| 339 * available */ | 416 * available */ |
| 340 SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) | 417 const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) |
| 341 { | 418 { |
| 342 » SSL_CIPHER c,*cp; | 419 » SSL_CIPHER c; |
| 420 » const SSL_CIPHER *cp; |
| 343 unsigned long id; | 421 unsigned long id; |
| 344 | 422 |
| 345 id=0x02000000L|((unsigned long)p[0]<<16L)| | 423 id=0x02000000L|((unsigned long)p[0]<<16L)| |
| 346 ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; | 424 ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; |
| 347 c.id=id; | 425 c.id=id; |
| 348 » cp = (SSL_CIPHER *)OBJ_bsearch((char *)&c, | 426 » cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS); |
| 349 » » (char *)ssl2_ciphers, | |
| 350 » » SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER), | |
| 351 » » FP_ICC ssl_cipher_id_cmp); | |
| 352 if ((cp == NULL) || (cp->valid == 0)) | 427 if ((cp == NULL) || (cp->valid == 0)) |
| 353 return NULL; | 428 return NULL; |
| 354 else | 429 else |
| 355 return cp; | 430 return cp; |
| 356 } | 431 } |
| 357 | 432 |
| 358 int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) | 433 int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) |
| 359 { | 434 { |
| 360 long l; | 435 long l; |
| 361 | 436 |
| 362 if (p != NULL) | 437 if (p != NULL) |
| 363 { | 438 { |
| 364 l=c->id; | 439 l=c->id; |
| 365 if ((l & 0xff000000) != 0x02000000) return(0); | 440 if ((l & 0xff000000) != 0x02000000) return(0); |
| 366 p[0]=((unsigned char)(l>>16L))&0xFF; | 441 p[0]=((unsigned char)(l>>16L))&0xFF; |
| 367 p[1]=((unsigned char)(l>> 8L))&0xFF; | 442 p[1]=((unsigned char)(l>> 8L))&0xFF; |
| 368 p[2]=((unsigned char)(l ))&0xFF; | 443 p[2]=((unsigned char)(l ))&0xFF; |
| 369 } | 444 } |
| 370 return(3); | 445 return(3); |
| 371 } | 446 } |
| 372 | 447 |
| 373 int ssl2_generate_key_material(SSL *s) | 448 int ssl2_generate_key_material(SSL *s) |
| 374 { | 449 { |
| 375 unsigned int i; | 450 unsigned int i; |
| 376 EVP_MD_CTX ctx; | 451 EVP_MD_CTX ctx; |
| 377 unsigned char *km; | 452 unsigned char *km; |
| 378 unsigned char c='0'; | 453 unsigned char c='0'; |
| 379 const EVP_MD *md5; | 454 const EVP_MD *md5; |
| 455 int md_size; |
| 380 | 456 |
| 381 md5 = EVP_md5(); | 457 md5 = EVP_md5(); |
| 382 | 458 |
| 383 #ifdef CHARSET_EBCDIC | 459 #ifdef CHARSET_EBCDIC |
| 384 c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', | 460 c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', |
| 385 see SSLv2 docu */ | 461 see SSLv2 docu */ |
| 386 #endif | 462 #endif |
| 387 EVP_MD_CTX_init(&ctx); | 463 EVP_MD_CTX_init(&ctx); |
| 388 km=s->s2->key_material; | 464 km=s->s2->key_material; |
| 389 | 465 |
| 390 if (s->session->master_key_length < 0 || | 466 if (s->session->master_key_length < 0 || |
| 391 s->session->master_key_length > (int)sizeof(s->session->
master_key)) | 467 s->session->master_key_length > (int)sizeof(s->session->
master_key)) |
| 392 { | 468 { |
| 393 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); | 469 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); |
| 394 return 0; | 470 return 0; |
| 395 } | 471 } |
| 396 | 472 » md_size = EVP_MD_size(md5); |
| 397 » for (i=0; i<s->s2->key_material_length; i += EVP_MD_size(md5)) | 473 » if (md_size < 0) |
| 474 » return 0; |
| 475 » for (i=0; i<s->s2->key_material_length; i += md_size) |
| 398 { | 476 { |
| 399 » » if (((km - s->s2->key_material) + EVP_MD_size(md5)) > | 477 » » if (((km - s->s2->key_material) + md_size) > |
| 400 (int)sizeof(s->s2->key_material)) | 478 (int)sizeof(s->s2->key_material)) |
| 401 { | 479 { |
| 402 /* EVP_DigestFinal_ex() below would write beyond buffer
*/ | 480 /* EVP_DigestFinal_ex() below would write beyond buffer
*/ |
| 403 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_
ERROR); | 481 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_
ERROR); |
| 404 return 0; | 482 return 0; |
| 405 } | 483 } |
| 406 | 484 |
| 407 EVP_DigestInit_ex(&ctx, md5, NULL); | 485 EVP_DigestInit_ex(&ctx, md5, NULL); |
| 408 | 486 |
| 409 OPENSSL_assert(s->session->master_key_length >= 0 | 487 OPENSSL_assert(s->session->master_key_length >= 0 |
| 410 && s->session->master_key_length | 488 && s->session->master_key_length |
| 411 < (int)sizeof(s->session->master_key)); | 489 < (int)sizeof(s->session->master_key)); |
| 412 EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_
key_length); | 490 EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_
key_length); |
| 413 EVP_DigestUpdate(&ctx,&c,1); | 491 EVP_DigestUpdate(&ctx,&c,1); |
| 414 c++; | 492 c++; |
| 415 EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length); | 493 EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length); |
| 416 EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length); | 494 EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length); |
| 417 EVP_DigestFinal_ex(&ctx,km,NULL); | 495 EVP_DigestFinal_ex(&ctx,km,NULL); |
| 418 » » km += EVP_MD_size(md5); | 496 » » km += md_size; |
| 419 } | 497 } |
| 420 | 498 |
| 421 EVP_MD_CTX_cleanup(&ctx); | 499 EVP_MD_CTX_cleanup(&ctx); |
| 422 return 1; | 500 return 1; |
| 423 } | 501 } |
| 424 | 502 |
| 425 void ssl2_return_error(SSL *s, int err) | 503 void ssl2_return_error(SSL *s, int err) |
| 426 { | 504 { |
| 427 if (!s->error) | 505 if (!s->error) |
| 428 { | 506 { |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 469 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); | 547 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); |
| 470 return(1); | 548 return(1); |
| 471 } | 549 } |
| 472 #else /* !OPENSSL_NO_SSL2 */ | 550 #else /* !OPENSSL_NO_SSL2 */ |
| 473 | 551 |
| 474 # if PEDANTIC | 552 # if PEDANTIC |
| 475 static void *dummy=&dummy; | 553 static void *dummy=&dummy; |
| 476 # endif | 554 # endif |
| 477 | 555 |
| 478 #endif | 556 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9254031:
Upgrade chrome's OpenSSL to same version Android ships with. (Closed)
Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/