projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Tidy up CRYPTO_EX_DATA structures.
[oweals/openssl.git]
/
ssl
/
s3_srvr.c
diff --git
a/ssl/s3_srvr.c
b/ssl/s3_srvr.c
index 1a4a98bbd7ef05c4e79394dad1e3d71c39b6fe32..d6158dbc65e76c03e4e32dd5f3ac023d3ef75ca3 100644
(file)
--- a/
ssl/s3_srvr.c
+++ b/
ssl/s3_srvr.c
@@
-113,7
+113,7
@@
int ssl3_accept(SSL *s)
int ret= -1;
int new_state,state,skip=0;
int ret= -1;
int new_state,state,skip=0;
- RAND_
seed(&Time,sizeof(Time)
);
+ RAND_
add(&Time,sizeof(Time),0
);
ERR_clear_error();
clear_sys_error();
ERR_clear_error();
clear_sys_error();
@@
-270,8
+270,8
@@
int ssl3_accept(SSL *s)
|| (l & (SSL_DH|SSL_kFZA))
|| ((l & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
|| (l & (SSL_DH|SSL_kFZA))
|| ((l & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
- || (SSL_
IS_EXPORT(l
)
- && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_
EXPORT_PKEYLENGTH(l
)
+ || (SSL_
C_IS_EXPORT(s->s3->tmp.new_cipher
)
+ && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_
C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher
)
)
)
)
)
)
)
@@
-368,10
+368,10
@@
int ssl3_accept(SSL *s)
* a client cert, it can be verified */
s->method->ssl3_enc->cert_verify_mac(s,
&(s->s3->finish_dgst1),
* a client cert, it can be verified */
s->method->ssl3_enc->cert_verify_mac(s,
&(s->s3->finish_dgst1),
- &(s->s3->tmp.
finish
_md[0]));
+ &(s->s3->tmp.
cert_verify
_md[0]));
s->method->ssl3_enc->cert_verify_mac(s,
&(s->s3->finish_dgst2),
s->method->ssl3_enc->cert_verify_mac(s,
&(s->s3->finish_dgst2),
- &(s->s3->tmp.
finish
_md[MD5_DIGEST_LENGTH]));
+ &(s->s3->tmp.
cert_verify
_md[MD5_DIGEST_LENGTH]));
break;
break;
@@
-503,7
+503,7
@@
static int ssl3_send_hello_request(SSL *s)
if (s->state == SSL3_ST_SW_HELLO_REQ_A)
{
p=(unsigned char *)s->init_buf->data;
if (s->state == SSL3_ST_SW_HELLO_REQ_A)
{
p=(unsigned char *)s->init_buf->data;
- *(p++)=SSL3_MT_
CLIENT
_REQUEST;
+ *(p++)=SSL3_MT_
HELLO
_REQUEST;
*(p++)=0;
*(p++)=0;
*(p++)=0;
*(p++)=0;
*(p++)=0;
*(p++)=0;
@@
-816,7
+816,7
@@
static int ssl3_send_server_hello(SSL *s)
p=s->s3->server_random;
Time=time(NULL); /* Time */
l2n(Time,p);
p=s->s3->server_random;
Time=time(NULL); /* Time */
l2n(Time,p);
- RAND_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+ RAND_
pseudo_
bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
/* Do the message type and length last */
d=p= &(buf[4]);
/* Do the message type and length last */
d=p= &(buf[4]);
@@
-900,6
+900,7
@@
static int ssl3_send_server_key_exchange(SSL *s)
int j,num;
RSA *rsa;
unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
int j,num;
RSA *rsa;
unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+ unsigned int u;
#endif
#ifndef NO_DH
DH *dh,*dhp;
#endif
#ifndef NO_DH
DH *dh,*dhp;
@@
-907,7
+908,6
@@
static int ssl3_send_server_key_exchange(SSL *s)
EVP_PKEY *pkey;
unsigned char *p,*d;
int al,i;
EVP_PKEY *pkey;
unsigned char *p,*d;
int al,i;
- unsigned int u;
unsigned long type;
int n;
CERT *cert;
unsigned long type;
int n;
CERT *cert;
@@
-1292,7
+1292,7
@@
static int ssl3_get_client_key_exchange(SSL *s)
{
p[0]=(s->version>>8);
p[1]=(s->version & 0xff);
{
p[0]=(s->version>>8);
p[1]=(s->version & 0xff);
- RAND_bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
+ RAND_
pseudo_
bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
i=SSL_MAX_MASTER_KEY_LENGTH;
}
/* else, an SSLeay bug, ssl only server, tls client */
i=SSL_MAX_MASTER_KEY_LENGTH;
}
/* else, an SSLeay bug, ssl only server, tls client */
@@
-1484,7
+1484,7
@@
static int ssl3_get_cert_verify(SSL *s)
#ifndef NO_RSA
if (pkey->type == EVP_PKEY_RSA)
{
#ifndef NO_RSA
if (pkey->type == EVP_PKEY_RSA)
{
- i=RSA_verify(NID_md5_sha1, s->s3->tmp.
finish
_md,
+ i=RSA_verify(NID_md5_sha1, s->s3->tmp.
cert_verify
_md,
MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i,
pkey->pkey.rsa);
if (i < 0)
MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i,
pkey->pkey.rsa);
if (i < 0)
@@
-1506,7
+1506,7
@@
static int ssl3_get_cert_verify(SSL *s)
if (pkey->type == EVP_PKEY_DSA)
{
j=DSA_verify(pkey->save_type,
if (pkey->type == EVP_PKEY_DSA)
{
j=DSA_verify(pkey->save_type,
- &(s->s3->tmp.
finish
_md[MD5_DIGEST_LENGTH]),
+ &(s->s3->tmp.
cert_verify
_md[MD5_DIGEST_LENGTH]),
SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
if (j <= 0)
{
SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
if (j <= 0)
{