OLD | NEW |
1 /* ssl/s2_pkt.c */ | 1 /* ssl/s2_pkt.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
109 * | 109 * |
110 */ | 110 */ |
111 | 111 |
112 #include "ssl_locl.h" | 112 #include "ssl_locl.h" |
113 #ifndef OPENSSL_NO_SSL2 | 113 #ifndef OPENSSL_NO_SSL2 |
114 #include <stdio.h> | 114 #include <stdio.h> |
115 #include <errno.h> | 115 #include <errno.h> |
116 #define USE_SOCKETS | 116 #define USE_SOCKETS |
117 | 117 |
118 static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); | 118 static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); |
119 static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); | 119 static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); |
120 static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); | 120 static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); |
121 static int ssl_mt_error(int n); | 121 static int ssl_mt_error(int n); |
122 | 122 |
123 | 123 |
124 /* SSL 2.0 imlementation for SSL_read/SSL_peek - | 124 /* SSL 2.0 imlementation for SSL_read/SSL_peek - |
125 * This routine will return 0 to len bytes, decrypted etc if required. | 125 * This routine will return 0 to len bytes, decrypted etc if required. |
126 */ | 126 */ |
127 static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) | 127 static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) |
128 { | 128 { |
129 int n; | 129 int n; |
130 unsigned char mac[MAX_MAC_SIZE]; | 130 unsigned char mac[MAX_MAC_SIZE]; |
131 unsigned char *p; | 131 unsigned char *p; |
132 int i; | 132 int i; |
133 » unsigned int mac_size; | 133 » int mac_size; |
134 | 134 |
135 ssl2_read_again: | 135 ssl2_read_again: |
136 if (SSL_in_init(s) && !s->in_handshake) | 136 if (SSL_in_init(s) && !s->in_handshake) |
137 { | 137 { |
138 n=s->handshake_func(s); | 138 n=s->handshake_func(s); |
139 if (n < 0) return(n); | 139 if (n < 0) return(n); |
140 if (n == 0) | 140 if (n == 0) |
141 { | 141 { |
142 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAIL
URE); | 142 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAIL
URE); |
143 return(-1); | 143 return(-1); |
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
239 s->s2->mac_data=p; | 239 s->s2->mac_data=p; |
240 s->s2->ract_data=p; | 240 s->s2->ract_data=p; |
241 if (s->s2->padding) | 241 if (s->s2->padding) |
242 { | 242 { |
243 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PA
DDING); | 243 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PA
DDING); |
244 return(-1); | 244 return(-1); |
245 } | 245 } |
246 } | 246 } |
247 else | 247 else |
248 { | 248 { |
249 » » » mac_size=EVP_MD_size(s->read_hash); | 249 » » » mac_size=EVP_MD_CTX_size(s->read_hash); |
| 250 » » » if (mac_size < 0) |
| 251 » » » » return -1; |
250 OPENSSL_assert(mac_size <= MAX_MAC_SIZE); | 252 OPENSSL_assert(mac_size <= MAX_MAC_SIZE); |
251 s->s2->mac_data=p; | 253 s->s2->mac_data=p; |
252 s->s2->ract_data= &p[mac_size]; | 254 s->s2->ract_data= &p[mac_size]; |
253 if (s->s2->padding + mac_size > s->s2->rlength) | 255 if (s->s2->padding + mac_size > s->s2->rlength) |
254 { | 256 { |
255 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PA
DDING); | 257 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PA
DDING); |
256 return(-1); | 258 return(-1); |
257 } | 259 } |
258 } | 260 } |
259 | 261 |
260 s->s2->ract_data_length=s->s2->rlength; | 262 s->s2->ract_data_length=s->s2->rlength; |
261 /* added a check for length > max_size in case | 263 /* added a check for length > max_size in case |
262 * encryption was not turned on yet due to an error */ | 264 * encryption was not turned on yet due to an error */ |
263 if ((!s->s2->clear_text) && | 265 if ((!s->s2->clear_text) && |
264 » » » (s->s2->rlength >= mac_size)) | 266 » » » (s->s2->rlength >= (unsigned int)mac_size)) |
265 { | 267 { |
266 ssl2_enc(s,0); | 268 ssl2_enc(s,0); |
267 s->s2->ract_data_length-=mac_size; | 269 s->s2->ract_data_length-=mac_size; |
268 ssl2_mac(s,mac,0); | 270 ssl2_mac(s,mac,0); |
269 s->s2->ract_data_length-=s->s2->padding; | 271 s->s2->ract_data_length-=s->s2->padding; |
270 if ( (memcmp(mac,s->s2->mac_data, | 272 if ( (memcmp(mac,s->s2->mac_data, |
271 (unsigned int)mac_size) != 0) || | 273 (unsigned int)mac_size) != 0) || |
272 (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc
_read_ctx) != 0)) | 274 (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc
_read_ctx) != 0)) |
273 { | 275 { |
274 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DE
CODE); | 276 SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DE
CODE); |
(...skipping 165 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
440 clear_sys_error(); | 442 clear_sys_error(); |
441 s->rwstate=SSL_NOTHING; | 443 s->rwstate=SSL_NOTHING; |
442 if (len <= 0) return(len); | 444 if (len <= 0) return(len); |
443 | 445 |
444 tot=s->s2->wnum; | 446 tot=s->s2->wnum; |
445 s->s2->wnum=0; | 447 s->s2->wnum=0; |
446 | 448 |
447 n=(len-tot); | 449 n=(len-tot); |
448 for (;;) | 450 for (;;) |
449 { | 451 { |
450 » » i=do_ssl_write(s,&(buf[tot]),n); | 452 » » i=n_do_ssl_write(s,&(buf[tot]),n); |
451 if (i <= 0) | 453 if (i <= 0) |
452 { | 454 { |
453 s->s2->wnum=tot; | 455 s->s2->wnum=tot; |
454 return(i); | 456 return(i); |
455 } | 457 } |
456 if ((i == (int)n) || | 458 if ((i == (int)n) || |
457 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) | 459 (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) |
458 { | 460 { |
459 return(tot+i); | 461 return(tot+i); |
460 } | 462 } |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
504 s->rwstate=SSL_NOTHING; | 506 s->rwstate=SSL_NOTHING; |
505 return(s->s2->wpend_ret); | 507 return(s->s2->wpend_ret); |
506 } | 508 } |
507 else if (i <= 0) | 509 else if (i <= 0) |
508 return(i); | 510 return(i); |
509 s->s2->wpend_off+=i; | 511 s->s2->wpend_off+=i; |
510 s->s2->wpend_len-=i; | 512 s->s2->wpend_len-=i; |
511 } | 513 } |
512 } | 514 } |
513 | 515 |
514 static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) | 516 static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) |
515 { | 517 { |
516 » unsigned int j,k,olen,p,mac_size,bs; | 518 » unsigned int j,k,olen,p,bs; |
| 519 » int mac_size; |
517 register unsigned char *pp; | 520 register unsigned char *pp; |
518 | 521 |
519 olen=len; | 522 olen=len; |
520 | 523 |
521 /* first check if there is data from an encryption waiting to | 524 /* first check if there is data from an encryption waiting to |
522 * be sent - it must be sent because the other end is waiting. | 525 * be sent - it must be sent because the other end is waiting. |
523 * This will happen with non-blocking IO. We print it and then | 526 * This will happen with non-blocking IO. We print it and then |
524 * return. | 527 * return. |
525 */ | 528 */ |
526 if (s->s2->wpend_len != 0) return(write_pending(s,buf,len)); | 529 if (s->s2->wpend_len != 0) return(write_pending(s,buf,len)); |
527 | 530 |
528 /* set mac_size to mac size */ | 531 /* set mac_size to mac size */ |
529 if (s->s2->clear_text) | 532 if (s->s2->clear_text) |
530 mac_size=0; | 533 mac_size=0; |
531 else | 534 else |
532 » » mac_size=EVP_MD_size(s->write_hash); | 535 » » { |
| 536 » » mac_size=EVP_MD_CTX_size(s->write_hash); |
| 537 » » if (mac_size < 0) |
| 538 » » » return -1; |
| 539 » » } |
533 | 540 |
534 /* lets set the pad p */ | 541 /* lets set the pad p */ |
535 if (s->s2->clear_text) | 542 if (s->s2->clear_text) |
536 { | 543 { |
537 if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) | 544 if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) |
538 len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; | 545 len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; |
539 p=0; | 546 p=0; |
540 s->s2->three_byte_header=0; | 547 s->s2->three_byte_header=0; |
541 /* len=len; */ | 548 /* len=len; */ |
542 } | 549 } |
(...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
728 } | 735 } |
729 return(ret); | 736 return(ret); |
730 } | 737 } |
731 #else /* !OPENSSL_NO_SSL2 */ | 738 #else /* !OPENSSL_NO_SSL2 */ |
732 | 739 |
733 # if PEDANTIC | 740 # if PEDANTIC |
734 static void *dummy=&dummy; | 741 static void *dummy=&dummy; |
735 # endif | 742 # endif |
736 | 743 |
737 #endif | 744 #endif |
OLD | NEW |