*/
#include <stdio.h>
+#include "ssl_locl.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
-#include "ssl_locl.h"
static SSL_METHOD *ssl23_get_client_method(int ver);
static int ssl23_client_hello(SSL *s);
static int ssl23_get_server_hello(SSL *s);
static SSL_METHOD *ssl23_get_client_method(int ver)
{
+#ifndef OPENSSL_NO_SSL2
if (ver == SSL2_VERSION)
return(SSLv2_client_method());
+#endif
if (ver == SSL3_VERSION)
return(SSLv3_client_method());
else if (ver == TLS1_VERSION)
{
BUF_MEM *buf;
unsigned long Time=time(NULL);
- void (*cb)()=NULL;
+ void (*cb)(const SSL *ssl,int type,int val)=NULL;
int ret= -1;
int new_state,state;
- RAND_seed(&Time,sizeof(Time));
+ RAND_add(&Time,sizeof(Time),0);
ERR_clear_error();
clear_sys_error();
else if (s->ctx->info_callback != NULL)
cb=s->ctx->info_callback;
- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->in_handshake++;
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
for (;;)
{
/* break; */
}
- if (s->debug) BIO_flush(s->wbio);
+ if (s->debug) { (void)BIO_flush(s->wbio); }
if ((cb != NULL) && (s->state != state))
{
unsigned char *buf;
unsigned char *p,*d;
int i,ch_len;
+ int ret;
buf=(unsigned char *)s->init_buf->data;
if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
#endif
p=s->s3->client_random;
- RAND_bytes(p,SSL3_RANDOM_SIZE);
+ RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
/* Do the message type and length last */
d= &(buf[2]);
i=ch_len;
s2n(i,d);
memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
- RAND_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+ RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
p+=i;
}
/* SSL3_ST_CW_CLNT_HELLO_B */
- return(ssl23_write_bytes(s));
+ ret = ssl23_write_bytes(s);
+ if (ret >= 2)
+ if (s->msg_callback)
+ s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+ return ret;
}
static int ssl23_get_server_hello(SSL *s)
{
char buf[8];
unsigned char *p;
- int i,ch_len;
+ int i;
int n;
n=ssl23_read_bytes(s,7);
if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
(p[5] == 0x00) && (p[6] == 0x02))
{
+#ifdef OPENSSL_NO_SSL2
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+ goto err;
+#else
/* we are talking sslv2 */
/* we need to clean up the SSLv3 setup and put in the
* sslv2 stuff. */
+ int ch_len;
if (s->options & SSL_OP_NO_SSLv2)
{
}
s->state=SSL2_ST_GET_SERVER_HELLO_A;
- s->s2->ssl2_rollback=1;
+ if (!(s->client_version == SSL2_VERSION))
+ /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
+ s->s2->ssl2_rollback=1;
/* setup the 5 bytes we have read so we get them from
* the sslv2 buffer */
s->method=SSLv2_client_method();
s->handshake_func=s->method->ssl_connect;
+#endif
}
else if ((p[0] == SSL3_RT_HANDSHAKE) &&
(p[1] == SSL3_VERSION_MAJOR) &&
(p[3] == 0) &&
(p[4] == 2))
{
- void (*cb)()=NULL;
+ void (*cb)(const SSL *ssl,int type,int val)=NULL;
int j;
/* An alert */