OLD | NEW |
1 /* ssl/t1_lib.c */ | 1 /* ssl/t1_lib.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 643 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
654 | 654 |
655 if(ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) | 655 if(ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) |
656 { | 656 { |
657 SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_
ERROR); | 657 SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_
ERROR); |
658 return NULL; | 658 return NULL; |
659 } | 659 } |
660 ret += el; | 660 ret += el; |
661 } | 661 } |
662 #endif | 662 #endif |
663 | 663 |
| 664 /* Add padding to workaround bugs in F5 terminators. |
| 665 * See https://tools.ietf.org/html/draft-agl-tls-padding-02 */ |
| 666 { |
| 667 int hlen = ret - (unsigned char *)s->init_buf->data; |
| 668 /* The code in s23_clnt.c to build ClientHello messages includes the |
| 669 * 5-byte record header in the buffer, while the code in s3_clnt.c does |
| 670 * not. */ |
| 671 if (s->state == SSL23_ST_CW_CLNT_HELLO_A) |
| 672 hlen -= 5; |
| 673 if (hlen > 0xff && hlen < 0x200) |
| 674 { |
| 675 hlen = 0x200 - hlen; |
| 676 if (hlen >= 4) |
| 677 hlen -= 4; |
| 678 else |
| 679 hlen = 0; |
| 680 |
| 681 s2n(TLSEXT_TYPE_padding, ret); |
| 682 s2n(hlen, ret); |
| 683 memset(ret, 0, hlen); |
| 684 ret += hlen; |
| 685 } |
| 686 } |
| 687 |
| 688 |
664 if ((extdatalen = ret-p-2)== 0) | 689 if ((extdatalen = ret-p-2)== 0) |
665 return p; | 690 return p; |
666 | 691 |
667 s2n(extdatalen,p); | 692 s2n(extdatalen,p); |
668 return ret; | 693 return ret; |
669 } | 694 } |
670 | 695 |
671 unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
r *limit) | 696 unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
r *limit) |
672 { | 697 { |
673 int extdatalen=0; | 698 int extdatalen=0; |
(...skipping 1982 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2656 continue; | 2681 continue; |
2657 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); | 2682 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); |
2658 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); | 2683 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); |
2659 EVP_DigestUpdate(md, temp_digest, temp_digest_len); | 2684 EVP_DigestUpdate(md, temp_digest, temp_digest_len); |
2660 } | 2685 } |
2661 EVP_MD_CTX_cleanup(&ctx); | 2686 EVP_MD_CTX_cleanup(&ctx); |
2662 | 2687 |
2663 return 1; | 2688 return 1; |
2664 } | 2689 } |
2665 #endif | 2690 #endif |
OLD | NEW |