Use appropriate versions of SSL3_ENC_METHOD

[oweals/openssl.git] / ssl / s3_lib.c

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index f3acb8a96a94906b2e4b70d5357aef6f9d0c2cd5..c026c7b697b3af20d509a306c1b10f00f990973e 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2918,6 +2918,10 @@ SSL3_ENC_METHOD SSLv3_enc_data={
        (int (*)(SSL *, unsigned char *, size_t, const char *,
                 size_t, const unsigned char *, size_t,
                 int use_context))ssl_undefined_function,
+       0,
+       SSL3_HM_HEADER_LENGTH,
+       ssl3_set_handshake_header,
+       ssl3_handshake_write
        };
 
 long ssl3_default_timeout(void)
@@ -2948,6 +2952,20 @@ int ssl3_pending(const SSL *s)
        return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
        }
 
+void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
+       {
+       unsigned char *p = (unsigned char *)s->init_buf->data;
+       *(p++) = htype;
+       l2n3(len, p);
+       s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
+       s->init_off = 0;
+       }
+
+int ssl3_handshake_write(SSL *s)
+       {
+       return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
+       }
+
 int ssl3_new(SSL *s)
        {
        SSL3_STATE *s3;
@@ -3066,7 +3084,10 @@ void ssl3_clear(SSL *s)
                s->s3->tlsext_custom_types = NULL;
                }
        s->s3->tlsext_custom_types_count = 0;   
-#endif
+#ifndef OPENSSL_NO_EC
+       s->s3->is_probably_safari = 0;
+#endif /* !OPENSSL_NO_EC */
+#endif /* !OPENSSL_NO_TLSEXT */
 
        rp = s->s3->rbuf.buf;
        wp = s->s3->wbuf.buf;
@@ -4129,6 +4150,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
                ii=sk_SSL_CIPHER_find(allow,c);
                if (ii >= 0)
                        {
+#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
+                       if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
+                               {
+                               if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
+                               continue;
+                               }
+#endif
                        ret=sk_SSL_CIPHER_value(allow,ii);
                        break;
                        }
@@ -4457,4 +4485,4 @@ long ssl_get_algorithm2(SSL *s)
                return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
        return alg2;
        }
-               
+