int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
{
- int num,len,i;
+ int num,i;
char *p;
*argc=0;
*argv=NULL;
- len=strlen(buf);
i=0;
if (arg->count == 0)
{
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DH *dh=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DH *dh=NULL;
int i,badops=0,text=0;
#ifndef OPENSSL_NO_DSA
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (g && !num)
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DSA *dsa=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (need_rand)
if (C)
{
unsigned char *data;
- int l,len,bits_p,bits_q,bits_g;
+ int l,len,bits_p;
len=BN_num_bytes(dsa->p);
bits_p=BN_num_bits(dsa->p);
- bits_q=BN_num_bits(dsa->q);
- bits_g=BN_num_bits(dsa->g);
data=(unsigned char *)OPENSSL_malloc(len+20);
if (data == NULL)
{
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
int ret = 1;
EC_KEY *eckey = NULL;
const EC_GROUP *group;
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
char *infile = NULL, *outfile = NULL, *prog;
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
char *engine = NULL;
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (list_curves)
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
static const char magic[]="Salted__";
char mbuf[sizeof magic-1];
char *strbuf=NULL;
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
int MAIN(int argc, char **argv)
{
BN_GENCB cb;
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
out=BIO_new(BIO_s_file());
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
PKCS7 *p7=NULL;
int i,badops=0;
BIO *in=NULL,*out=NULL;
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
EVP_PKEY *pkey=NULL;
int badarg = 0;
#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
char *engine=NULL;
#endif
int ret = 1;
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (infile)
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
{
char *buf=NULL;
int ret=1;
- int i,j,k,blank,dot;
+ int i,j,k,dot;
SSL *con;
const SSL_CIPHER *c;
BIO *io,*ssl_bio,*sbio;
- long total_bytes;
buf=OPENSSL_malloc(bufsize);
if (buf == NULL) return(0);
SSL_set_msg_callback_arg(con, bio_s_out);
}
- blank=0;
for (;;)
{
if (hack)
BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
}
/* send the file */
- total_bytes=0;
for (;;)
{
i=BIO_read(file,buf,bufsize);
{
int ret=0;
struct sockaddr_in server;
- int s= -1,i;
+ int s= -1;
if (!ssl_sock_init()) return(0);
}
/* Make it 128 for linux */
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
- i=0;
*sock=s;
ret=1;
err:
static int do_accept(int acc_sock, int *sock, char **host)
{
- int ret,i;
+ int ret;
struct hostent *h1,*h2;
static struct sockaddr_in from;
int len;
BIO_printf(bio_err,"gethostbyname failure\n");
return(0);
}
- i=0;
if (h2->h_addrtype != AF_INET)
{
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
unsigned char *buf=NULL,*buf2=NULL;
int mret=1;
long count=0,save_count=0;
unsigned char DES_iv[8];
unsigned char iv[2*MAX_BLOCK_SIZE/8];
#ifndef OPENSSL_NO_DES
- DES_cblock *buf_as_des_cblock = NULL;
static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
BIO_printf(bio_err,"out of memory\n");
goto end;
}
-#ifndef OPENSSL_NO_DES
- buf_as_des_cblock = (DES_cblock *)buf;
-#endif
if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
{
BIO_printf(bio_err,"out of memory\n");
BIO_printf(bio_err,"no engine given\n");
goto end;
}
- e = setup_engine(bio_err, *argv, 0);
+ setup_engine(bio_err, *argv, 0);
/* j will be increased again further down. We just
don't want speed to confuse an engine with an
algorithm, especially when none is given (which
if (reqfile)
{
EVP_PKEY *pkey;
- X509_CINF *ci;
BIO *in;
if (!sign_flag && !CA_flag)
print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
if ((x=X509_new()) == NULL) goto end;
- ci=x->cert_info;
if (sno == NULL)
{
{
ASN1_INTEGER *ret=NULL;
const unsigned char *p;
- unsigned char *to,*s;
+ unsigned char *s;
long len;
int inf,tag,xclass;
int i;
i=ERR_R_MALLOC_FAILURE;
goto err;
}
- to=s;
ret->type=V_ASN1_INTEGER;
if(len) {
if ((*p == 0) && (len != 1))
int sgckey)
{
RSA *ret=NULL;
- const unsigned char *p, *kp;
+ const unsigned char *p;
NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
p = *pp;
ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
goto err;
}
- kp = enckey->enckey->digest->data;
if (cb == NULL)
cb=EVP_read_pw_string;
if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
STACK_OF(X509_REVOKED) *rev;
X509_REVOKED *r;
long l;
- int i, n;
+ int i;
char *p;
BIO_printf(out, "Certificate Revocation List (CRL):\n");
else BIO_printf(out,"NONE");
BIO_printf(out,"\n");
- n=X509_CRL_get_ext_count(x);
X509V3_extensions_print(out, "CRL extensions",
x->crl->extensions, 0, 8);
int i;
int otag;
int ret = 0;
- ASN1_VALUE *pchval, **pchptr, *ptmpval;
+ ASN1_VALUE **pchptr, *ptmpval;
if (!pval)
return 0;
if (aux && aux->asn1_cb)
goto err;
}
/* CHOICE type, try each possibility in turn */
- pchval = NULL;
p = *in;
for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
{
static int nbiof_read(BIO *b, char *out, int outl)
{
- NBIO_TEST *nt;
int ret=0;
#if 1
int num;
if (out == NULL) return(0);
if (b->next_bio == NULL) return(0);
- nt=(NBIO_TEST *)b->ptr;
BIO_clear_retry_flags(b);
#if 1
int BIO_free(BIO *a)
{
- int ret=0,i;
+ int i;
if (a == NULL) return(0);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
- ret=a->method->destroy(a);
+ a->method->destroy(a);
OPENSSL_free(a);
return(1);
}
static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
{
- BIO *dbio;
int *ip;
long ret=1;
BIO_ACCEPT *data;
ret=(long)data->bind_mode;
break;
case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
-/* if (data->param_port) EAY EAY
+/* dbio=(BIO *)ptr;
+ if (data->param_port) EAY EAY
BIO_set_port(dbio,data->param_port);
if (data->param_hostname)
BIO_set_hostname(dbio,data->param_hostname);
int tna, int tnb, BN_ULONG *t)
{
int i,j,n2=n*2;
- int c1,c2,neg,zero;
+ int c1,c2,neg;
BN_ULONG ln,lo,*p;
# ifdef BN_COUNT
/* r=(a[0]-a[1])*(b[1]-b[0]) */
c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
- zero=neg=0;
+ neg=0;
switch (c1*3+c2)
{
case -4:
bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
break;
case -3:
- zero=1;
/* break; */
case -2:
bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
case -1:
case 0:
case 1:
- zero=1;
/* break; */
case 2:
bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */
neg=1;
break;
case 3:
- zero=1;
/* break; */
case 4:
bn_sub_part_words(t, a, &(a[n]),tna,n-tna);
{
if (i >= -1 && i <= 1)
{
- int sav_j =0;
/* Find out the power of two lower or equal
to the longest of the two numbers */
if (i >= 0)
{
j = BN_num_bits_word((BN_ULONG)bl);
}
- sav_j = j;
j = 1<<(j-1);
assert(j <= al || j <= bl);
k = j+j;
v->value=(char *)sk;
vv=lh_CONF_VALUE_insert(conf->data,v);
- assert(vv == NULL);
+ OPENSSL_assert(vv == NULL);
ok=1;
err:
if (!ok)
int bufnum=0,i,ii;
BUF_MEM *buff=NULL;
char *s,*p,*end;
- int again,n;
+ int again;
long eline=0;
char btmp[DECIMAL_SIZE(eline)+1];
CONF_VALUE *v=NULL,*tv;
CONF_VALUE *sv=NULL;
char *section=NULL,*buf;
- STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
char *start,*psection,*pname;
void *h = (void *)(conf->data);
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
bufnum=0;
again=0;
buf=buff->data;
clear_comments(conf, buf);
- n=strlen(buf);
s=eat_ws(conf, buf);
if (IS_EOF(conf,*s)) continue; /* blank line */
if (*s == '[')
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
continue;
}
else
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- ts=(STACK_OF(CONF_VALUE) *)tv->value;
}
else
- {
tv=sv;
- ts=section_sk;
- }
#if 1
if (_CONF_add_string(conf, tv, v) == 0)
{
static void clear_comments(CONF *conf, char *p)
{
- char *to;
-
- to=p;
for (;;)
{
if (IS_FCOMMENT(conf,*p))
BIGNUM *r0,*W,*X,*c,*test;
BIGNUM *g=NULL,*q=NULL,*p=NULL;
BN_MONT_CTX *mont=NULL;
- int i, k,n=0,b,m=0, qsize = qbits >> 3;
+ int i, k, n=0, m=0, qsize = qbits >> 3;
int counter=0;
int r=0;
BN_CTX *ctx=NULL;
/* "offset = 2" */
n=(bits-1)/160;
- b=(bits-1)-n*160;
for (;;)
{
int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
{
- const ECDH_METHOD *mtmp;
ECDH_DATA *ecdh;
ecdh = ecdh_check(eckey);
if (ecdh == NULL)
return 0;
- mtmp = ecdh->meth;
#if 0
+ mtmp = ecdh->meth;
if (mtmp->finish)
mtmp->finish(eckey);
#endif
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
{
- const ECDSA_METHOD *mtmp;
ECDSA_DATA *ecdsa;
ecdsa = ecdsa_check(eckey);
if (ecdsa == NULL)
return 0;
- mtmp = ecdsa->meth;
#ifndef OPENSSL_NO_ENGINE
if (ecdsa->engine)
{
int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl)
{
- int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
+ int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,exp_nl;
unsigned char *d;
n=ctx->num;
* lines. We process the line and then need to
* accept the '\n' */
if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
- tmp2=v;
if (n > 0)
{
v=EVP_DecodeBlock(out,d,n);
int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
{
- int j;
unsigned int i;
unsigned char buf[EVP_MAX_MD_SIZE];
- j=EVP_MD_block_size(ctx->md);
-
if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i))
goto err;
if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx))
{
int i, ret = 0;
long l;
- unsigned char *p;
OCSP_CERTID *cid = NULL;
OCSP_BASICRESP *br = NULL;
OCSP_RESPID *rid = NULL;
return 1;
}
- p = ASN1_STRING_data(rb->response);
i = ASN1_STRING_length(rb->response);
if (!(br = OCSP_response_get1_basic(o))) goto err;
rd = br->tbsResponseData;
int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
{
- int o;
const EVP_CIPHER *enc=NULL;
char *p,c;
char **header_pp = &header;
header++;
}
*header='\0';
- o=OBJ_sn2nid(p);
cipher->cipher=enc=EVP_get_cipherbyname(p);
*header=c;
header++;
{
const unsigned char *p = *in;
- unsigned int pvk_magic, keytype, is_encrypted;
+ unsigned int pvk_magic, is_encrypted;
if (skip_magic)
{
if (length < 20)
}
/* Skip reserved */
p += 4;
- keytype = read_ledword(&p);
+ /*keytype = */read_ledword(&p);
is_encrypted = read_ledword(&p);
*psaltlen = read_ledword(&p);
*pkeylen = read_ledword(&p);
static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
pem_password_cb *cb, void *u)
{
- int outlen = 24, noinc, pklen;
+ int outlen = 24, pklen;
unsigned char *p, *salt = NULL;
if (enclevel)
outlen += PVK_SALTLEN;
if (!out)
return outlen;
if (*out)
- {
p = *out;
- noinc = 0;
- }
else
{
p = OPENSSL_malloc(outlen);
return -1;
}
*out = p;
- noinc = 1;
}
write_ledword(&p, MS_PVKMAGIC);
X509_ALGOR *enc_alg=NULL;
STACK_OF(X509_ALGOR) *md_sk=NULL;
STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
- X509_ALGOR *xalg=NULL;
PKCS7_RECIP_INFO *ri=NULL;
i=OBJ_obj2nid(p7->type);
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
goto err;
}
- xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
break;
case NID_pkcs7_enveloped:
rsk=p7->d.enveloped->recipientinfo;
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
goto err;
}
- xalg=p7->d.enveloped->enc_data->algorithm;
break;
default:
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
{
int i;
- ASN1_OBJECT *objtmp;
PKCS7_ENC_CONTENT *ec;
i=OBJ_obj2nid(p7->type);
PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
return(0);
}
- objtmp = OBJ_nid2obj(i);
ec->cipher = cipher;
return 1;
pitem *
pqueue_find(pqueue_s *pq, unsigned char *prio64be)
{
- pitem *next, *prev = NULL;
+ pitem *next;
pitem *found = NULL;
if ( pq->items == NULL)
return NULL;
- for ( next = pq->items; next->next != NULL;
- prev = next, next = next->next)
+ for ( next = pq->items; next->next != NULL; next = next->next)
{
if ( memcmp(next->priority, prio64be,8) == 0)
{
const char *RAND_file_name(char *buf, size_t size)
{
char *s=NULL;
- int ok = 0;
#ifdef __OpenBSD__
struct stat sb;
#endif
BUF_strlcat(buf,"/",size);
#endif
BUF_strlcat(buf,RFILE,size);
- ok = 1;
}
else
buf[0] = '\0'; /* no file name */
const X509_POLICY_CACHE *cache)
{
int i;
- X509_POLICY_LEVEL *last;
X509_POLICY_DATA *data;
- last = curr - 1;
+
for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++)
{
data = sk_X509_POLICY_DATA_value(cache->data, i);
ASN1_STRING *params = ASN1_STRING_new();
GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
int pkey_param_nid = NID_undef;
- int cipher_param_nid = NID_undef;
+
if (!params || !gkp)
{
GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
{
case NID_id_GostR3410_2001:
pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)key)));
- cipher_param_nid = get_encryption_params(NULL)->nid;
break;
case NID_id_GostR3410_94:
pkey_param_nid = (int) gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
params=NULL;
goto err;
}
- cipher_param_nid = get_encryption_params(NULL)->nid;
break;
}
gkp->key_params = OBJ_nid2obj(pkey_param_nid);
static int hwcrhk_rsa_finish(RSA *rsa)
{
HWCryptoHook_RSAKeyHandle *hptr;
- int ret;
+
hptr = RSA_get_ex_data(rsa, hndidx_rsa);
if (hptr)
{
- ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
+ p_hwcrhk_RSAUnloadKey(*hptr, NULL);
OPENSSL_free(hptr);
RSA_set_ex_data(rsa, hndidx_rsa, NULL);
}
SW_PARAM sw_param;
SW_STATUS sw_status;
SW_LARGENUMBER arg, res;
- unsigned char *ptr;
BN_CTX *ctx;
BIGNUM *dsa_p = NULL;
BIGNUM *dsa_q = NULL;
goto err;
}
/* Convert the response */
- ptr = (unsigned char *)result->d;
if((to_return = DSA_SIG_new()) == NULL)
goto err;
to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx)
{
int y_len,
- m_len,
fd;
- m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1;
y_len = BN_num_bits(p) + BN_num_bits(q);
/* Check if hardware can't handle this argument. */
item = pqueue_peek(s->d1->unprocessed_rcds.q);
if (item)
{
- DTLS1_RECORD_DATA *rdata;
- rdata = (DTLS1_RECORD_DATA *)item->data;
-
/* Check if epoch is current. */
if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
return(1); /* Nothing to do. */
int ssl_major,ssl_minor;
int i,n;
SSL3_RECORD *rr;
- SSL_SESSION *sess;
unsigned char *p = NULL;
unsigned short version;
DTLS1_BITMAP *bitmap;
unsigned int is_next_epoch;
rr= &(s->s3->rrec);
- sess=s->session;
/* The epoch may have changed. If so, process all the
* pending records. This is a non-blocking operation. */
* available */
const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
{
- SSL_CIPHER c;
const SSL_CIPHER *cp;
- unsigned long id;
- int n;
- n=ssl3_num_ciphers();
- id=0x03000000|((unsigned long)p[0]<<16L)|
- ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
- c.id=id;
cp=ssl3_get_cipher_by_char(p);
#ifndef OPENSSL_NO_SSL2
if (cp == NULL)
{
unsigned char *p,*d;
int n,hit;
- STACK_OF(SSL_CIPHER) *sk;
p=(unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
/* lets send out the ciphers we like in the
* prefered order */
- sk= s->session->ciphers;
n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
d+=n;
s2n(n,p); /* add cipher length */
int ssl3_change_cipher_state(SSL *s, int which)
{
- unsigned char *p,*key_block,*mac_secret;
+ unsigned char *p,*mac_secret;
unsigned char exp_key[EVP_MAX_KEY_LENGTH];
unsigned char exp_iv[EVP_MAX_IV_LENGTH];
unsigned char *ms,*key,*iv,*er1,*er2;
else
comp=s->s3->tmp.new_compression->method;
#endif
- key_block=s->s3->tmp.key_block;
if (which & SSL3_CC_READ)
{
SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
long length)
{
- int version,ssl_version=0,i;
+ int ssl_version=0,i;
long id;
ASN1_INTEGER ai,*aip;
ASN1_OCTET_STRING os,*osp;
ai.data=NULL; ai.length=0;
M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER);
- version=(int)ASN1_INTEGER_get(aip);
if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
/* we don't care about the version right now :-) */
const SSL_CIPHER **ca_list)
{
unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength;
- const char *l, *start, *buf;
+ const char *l, *buf;
int j, multi, found, rule, retval, ok, buflen;
unsigned long cipher_id = 0;
char ch;
alg_ssl = 0;
algo_strength = 0;
- start=l;
for (;;)
{
ch = *l;
int is_export,pkl,kl;
const char *ver,*exp_str;
const char *kx,*au,*enc,*mac;
- unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2,alg_s;
+ unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2;
#ifdef KSSL_DEBUG
static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
#else
alg_mac = cipher->algorithm_mac;
alg_ssl = cipher->algorithm_ssl;
- alg_s=cipher->algo_strength;
alg2=cipher->algorithm2;
is_export=SSL_C_IS_EXPORT(cipher);
/* THIS NEEDS CLEANING UP */
X509 *ssl_get_server_send_cert(SSL *s)
{
- unsigned long alg_k,alg_a,mask_k,mask_a;
+ unsigned long alg_k,alg_a;
CERT *c;
- int i,is_export;
+ int i;
c=s->cert;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
- is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
- if (is_export)
- {
- mask_k = c->export_mask_k;
- mask_a = c->export_mask_a;
- }
- else
- {
- mask_k = c->mask_k;
- mask_a = c->mask_a;
- }
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
alg_a = s->s3->tmp.new_cipher->algorithm_auth;
BIO *c_bio=NULL;
BIO *s_bio=NULL;
int c_r,c_w,s_r,s_w;
- int c_want,s_want;
int i,j;
int done=0;
int c_write,s_write;
c_r=0; s_r=1;
c_w=1; s_w=0;
- c_want=W_WRITE;
- s_want=0;
c_write=1,s_write=0;
/* We can always do writes */
const void *seed5, int seed5_len,
unsigned char *out, int olen)
{
- int chunk,n;
+ int chunk;
unsigned int j;
HMAC_CTX ctx;
HMAC_CTX ctx_tmp;
if (!HMAC_Final(&ctx,A1,&A1_len))
goto err;
- n=0;
for (;;)
{
if (!HMAC_Init_ex(&ctx,NULL,0,NULL,NULL)) /* re-init */
int tls1_change_cipher_state(SSL *s, int which)
{
static const unsigned char empty[]="";
- unsigned char *p,*key_block,*mac_secret;
+ unsigned char *p,*mac_secret;
unsigned char *exp_label;
unsigned char tmp1[EVP_MAX_KEY_LENGTH];
unsigned char tmp2[EVP_MAX_KEY_LENGTH];
unsigned char iv1[EVP_MAX_IV_LENGTH*2];
unsigned char iv2[EVP_MAX_IV_LENGTH*2];
- unsigned char *ms,*key,*iv,*er1,*er2;
+ unsigned char *ms,*key,*iv;
int client_write;
EVP_CIPHER_CTX *dd;
const EVP_CIPHER *c;
#ifndef OPENSSL_NO_COMP
comp=s->s3->tmp.new_compression;
#endif
- key_block=s->s3->tmp.key_block;
#ifdef KSSL_DEBUG
printf("tls1_change_cipher_state(which= %d) w/\n", which);
cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
k=EVP_CIPHER_iv_length(c);
- er1= &(s->s3->client_random[0]);
- er2= &(s->s3->server_random[0]);
if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
(which == SSL3_CHANGE_CIPHER_SERVER_READ))
{
int tls1_mac(SSL *ssl, unsigned char *md, int send)
{
SSL3_RECORD *rec;
- unsigned char *mac_sec,*seq;
+ unsigned char *seq;
EVP_MD_CTX *hash;
size_t md_size;
int i;
if (send)
{
rec= &(ssl->s3->wrec);
- mac_sec= &(ssl->s3->write_mac_secret[0]);
seq= &(ssl->s3->write_sequence[0]);
hash=ssl->write_hash;
}
else
{
rec= &(ssl->s3->rrec);
- mac_sec= &(ssl->s3->read_mac_secret[0]);
seq= &(ssl->s3->read_sequence[0]);
hash=ssl->read_hash;
}
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
{
+ unsigned short length;
unsigned short type;
unsigned short size;
- unsigned short len;
unsigned char *data = *p;
int tlsext_servername = 0;
int renegotiate_seen = 0;
if (data >= (d+n-2))
goto ri_check;
- n2s(data,len);
+ n2s(data,length);
+ if (data+length != d+n)
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
while(data <= (d+n-4))
{