projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
So, I discovered that if you have your $PATH set so a ld different from
[oweals/openssl.git]
/
ssl
/
s23_clnt.c
diff --git
a/ssl/s23_clnt.c
b/ssl/s23_clnt.c
index 386ebe3f8eedae92a55f0c17432a383ad1af49f0..019e9aecee0e2b46f0daf18270f65ac62b8c3ad5 100644
(file)
--- a/
ssl/s23_clnt.c
+++ b/
ssl/s23_clnt.c
@@
-57,19
+57,21
@@
*/
#include <stdio.h>
*/
#include <stdio.h>
+#include "ssl_locl.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
-#include "ssl_locl.h"
static SSL_METHOD *ssl23_get_client_method(int ver);
static int ssl23_client_hello(SSL *s);
static int ssl23_get_server_hello(SSL *s);
static SSL_METHOD *ssl23_get_client_method(int ver)
{
static SSL_METHOD *ssl23_get_client_method(int ver);
static int ssl23_client_hello(SSL *s);
static int ssl23_get_server_hello(SSL *s);
static SSL_METHOD *ssl23_get_client_method(int ver)
{
+#ifndef OPENSSL_NO_SSL2
if (ver == SSL2_VERSION)
return(SSLv2_client_method());
if (ver == SSL2_VERSION)
return(SSLv2_client_method());
+#endif
if (ver == SSL3_VERSION)
return(SSLv3_client_method());
else if (ver == TLS1_VERSION)
if (ver == SSL3_VERSION)
return(SSLv3_client_method());
else if (ver == TLS1_VERSION)
@@
-98,11
+100,11
@@
int ssl23_connect(SSL *s)
{
BUF_MEM *buf;
unsigned long Time=time(NULL);
{
BUF_MEM *buf;
unsigned long Time=time(NULL);
- void (*cb)()=NULL;
+ void (*cb)(
const SSL *ssl,int type,int val
)=NULL;
int ret= -1;
int new_state,state;
int ret= -1;
int new_state,state;
- RAND_
seed(&Time,sizeof(Time)
);
+ RAND_
add(&Time,sizeof(Time),0
);
ERR_clear_error();
clear_sys_error();
ERR_clear_error();
clear_sys_error();
@@
-111,8
+113,8
@@
int ssl23_connect(SSL *s)
else if (s->ctx->info_callback != NULL)
cb=s->ctx->info_callback;
else if (s->ctx->info_callback != NULL)
cb=s->ctx->info_callback;
- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->in_handshake++;
s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
for (;;)
{
for (;;)
{
@@
-186,7
+188,7
@@
int ssl23_connect(SSL *s)
/* break; */
}
/* break; */
}
- if (s->debug)
BIO_flush(s->wbio);
+ if (s->debug)
{ (void)BIO_flush(s->wbio); }
if ((cb != NULL) && (s->state != state))
{
if ((cb != NULL) && (s->state != state))
{
@@
-209,6
+211,7
@@
static int ssl23_client_hello(SSL *s)
unsigned char *buf;
unsigned char *p,*d;
int i,ch_len;
unsigned char *buf;
unsigned char *p,*d;
int i,ch_len;
+ int ret;
buf=(unsigned char *)s->init_buf->data;
if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
buf=(unsigned char *)s->init_buf->data;
if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
@@
-222,7
+225,7
@@
static int ssl23_client_hello(SSL *s)
#endif
p=s->s3->client_random;
#endif
p=s->s3->client_random;
- RAND_bytes(p,SSL3_RANDOM_SIZE);
+ RAND_
pseudo_
bytes(p,SSL3_RANDOM_SIZE);
/* Do the message type and length last */
d= &(buf[2]);
/* Do the message type and length last */
d= &(buf[2]);
@@
-283,7
+286,7
@@
static int ssl23_client_hello(SSL *s)
i=ch_len;
s2n(i,d);
memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
i=ch_len;
s2n(i,d);
memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
- RAND_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+ RAND_
pseudo_
bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
p+=i;
memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
p+=i;
@@
-300,14
+303,18
@@
static int ssl23_client_hello(SSL *s)
}
/* SSL3_ST_CW_CLNT_HELLO_B */
}
/* SSL3_ST_CW_CLNT_HELLO_B */
- return(ssl23_write_bytes(s));
+ ret = ssl23_write_bytes(s);
+ if (ret >= 2)
+ if (s->msg_callback)
+ s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+ return ret;
}
static int ssl23_get_server_hello(SSL *s)
{
char buf[8];
unsigned char *p;
}
static int ssl23_get_server_hello(SSL *s)
{
char buf[8];
unsigned char *p;
- int i
,ch_len
;
+ int i;
int n;
n=ssl23_read_bytes(s,7);
int n;
n=ssl23_read_bytes(s,7);
@@
-320,9
+327,14
@@
static int ssl23_get_server_hello(SSL *s)
if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
(p[5] == 0x00) && (p[6] == 0x02))
{
if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
(p[5] == 0x00) && (p[6] == 0x02))
{
+#ifdef OPENSSL_NO_SSL2
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+ goto err;
+#else
/* we are talking sslv2 */
/* we need to clean up the SSLv3 setup and put in the
* sslv2 stuff. */
/* we are talking sslv2 */
/* we need to clean up the SSLv3 setup and put in the
* sslv2 stuff. */
+ int ch_len;
if (s->options & SSL_OP_NO_SSLv2)
{
if (s->options & SSL_OP_NO_SSLv2)
{
@@
-359,7
+371,9
@@
static int ssl23_get_server_hello(SSL *s)
}
s->state=SSL2_ST_GET_SERVER_HELLO_A;
}
s->state=SSL2_ST_GET_SERVER_HELLO_A;
- s->s2->ssl2_rollback=1;
+ if (!(s->client_version == SSL2_VERSION))
+ /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
+ s->s2->ssl2_rollback=1;
/* setup the 5 bytes we have read so we get them from
* the sslv2 buffer */
/* setup the 5 bytes we have read so we get them from
* the sslv2 buffer */
@@
-375,6
+389,7
@@
static int ssl23_get_server_hello(SSL *s)
s->method=SSLv2_client_method();
s->handshake_func=s->method->ssl_connect;
s->method=SSLv2_client_method();
s->handshake_func=s->method->ssl_connect;
+#endif
}
else if ((p[0] == SSL3_RT_HANDSHAKE) &&
(p[1] == SSL3_VERSION_MAJOR) &&
}
else if ((p[0] == SSL3_RT_HANDSHAKE) &&
(p[1] == SSL3_VERSION_MAJOR) &&
@@
-425,7
+440,7
@@
static int ssl23_get_server_hello(SSL *s)
(p[3] == 0) &&
(p[4] == 2))
{
(p[3] == 0) &&
(p[4] == 2))
{
- void (*cb)()=NULL;
+ void (*cb)(
const SSL *ssl,int type,int val
)=NULL;
int j;
/* An alert */
int j;
/* An alert */