diff options
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/Makefile.ssl | 98 | ||||
| -rw-r--r-- | ssl/bio_ssl.c | 432 | ||||
| -rw-r--r-- | ssl/bio_ssl.orig.c | 440 | ||||
| -rw-r--r-- | ssl/build | 6 | ||||
| -rw-r--r-- | ssl/changes.ssl | 10 | ||||
| -rw-r--r-- | ssl/f | 40 | ||||
| -rw-r--r-- | ssl/readme | 277 | ||||
| -rw-r--r-- | ssl/s23_clnt.c | 444 | ||||
| -rw-r--r-- | ssl/s23_lib.c | 232 | ||||
| -rw-r--r-- | ssl/s23_meth.c | 90 | ||||
| -rw-r--r-- | ssl/s23_pkt.c | 120 | ||||
| -rw-r--r-- | ssl/s23_srvr.c | 474 | ||||
| -rw-r--r-- | ssl/s2_clnt.c | 982 | ||||
| -rw-r--r-- | ssl/s2_enc.c | 187 | ||||
| -rw-r--r-- | ssl/s2_lib.c | 455 | ||||
| -rw-r--r-- | ssl/s2_meth.c | 88 | ||||
| -rw-r--r-- | ssl/s2_pkt.c | 651 | ||||
| -rw-r--r-- | ssl/s2_srvr.c | 983 | ||||
| -rw-r--r-- | ssl/s3_both.c | 444 | ||||
| -rw-r--r-- | ssl/s3_clnt.c | 1642 | ||||
| -rw-r--r-- | ssl/s3_enc.c | 481 | ||||
| -rw-r--r-- | ssl/s3_lib.c | 915 | ||||
| -rw-r--r-- | ssl/s3_meth.c | 88 | ||||
| -rw-r--r-- | ssl/s3_pkt.c | 963 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 1629 | ||||
| -rw-r--r-- | ssl/ssl.c | 162 | ||||
| -rw-r--r-- | ssl/ssl.err | 272 | ||||
| -rw-r--r-- | ssl/ssl.h | 1290 | ||||
| -rw-r--r-- | ssl/ssl2.h | 263 | ||||
| -rw-r--r-- | ssl/ssl23.h | 83 | ||||
| -rw-r--r-- | ssl/ssl3.h | 417 | ||||
| -rw-r--r-- | ssl/ssl_algs.c | 99 | ||||
| -rw-r--r-- | ssl/ssl_asn1.c | 313 | ||||
| -rw-r--r-- | ssl/ssl_cert.c | 326 | ||||
| -rw-r--r-- | ssl/ssl_ciph.c | 721 | ||||
| -rw-r--r-- | ssl/ssl_err.c | 350 | ||||
| -rw-r--r-- | ssl/ssl_err2.c | 70 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 1433 | ||||
| -rw-r--r-- | ssl/ssl_locl.h | 520 | ||||
| -rw-r--r-- | ssl/ssl_rsa.c | 840 | ||||
| -rw-r--r-- | ssl/ssl_sess.c | 425 | ||||
| -rw-r--r-- | ssl/ssl_stat.c | 457 | ||||
| -rw-r--r-- | ssl/ssl_task.c | 359 | ||||
| -rw-r--r-- | ssl/ssl_txt.c | 133 | ||||
| -rw-r--r-- | ssl/ssltest.c | 635 | ||||
| -rw-r--r-- | ssl/zz | 402 |
46 files changed, 21741 insertions, 0 deletions
diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl new file mode 100644 index 0000000000..f6f40e44fc --- /dev/null +++ b/ssl/Makefile.ssl @@ -0,0 +1,98 @@ +# +# SSLeay/ssl/Makefile +# + +DIR= ssl +TOP= .. +CC= cc +INCLUDES= -I../crypto -I../include +CFLAG=-g +INSTALLTOP=/usr/local/ssl +MAKE= make -f Makefile.ssl +MAKEDEPEND= makedepend -f Makefile.ssl +MAKEFILE= Makefile.ssl +AR= ar r + +CFLAGS= $(INCLUDES) $(CFLAG) + +ERR=ssl +ERRC=ssl_err +GENERAL=Makefile README +TEST=ssltest.c +APPS= + +LIB=$(TOP)/libssl.a +LIBSRC= \ + s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c \ + s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c \ + s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ + ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ + ssl_ciph.c ssl_stat.c ssl_rsa.c \ + ssl_asn1.c ssl_txt.c ssl_algs.c \ + bio_ssl.c $(ERRC).c +LIBOBJ= \ + s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_pkt.o s2_enc.o \ + s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_pkt.o s3_enc.o s3_both.o \ + s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \ + ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ + ssl_ciph.o ssl_stat.o ssl_rsa.o \ + ssl_asn1.o ssl_txt.o ssl_algs.o \ + bio_ssl.o $(ERRC).o + +SRC= $(LIBSRC) + +EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h +HEADER= $(EXHEADER) ssl_locl.h + +ALL= $(GENERAL) $(SRC) $(HEADER) + +top: + (cd ..; $(MAKE) DIRS=$(DIR) all) + +all: lib + +lib: $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) + sh $(TOP)/util/ranlib.sh $(LIB) + @touch lib + +files: + perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO + +links: + /bin/rm -f Makefile + $(TOP)/util/point.sh Makefile.ssl Makefile ; + $(TOP)/util/mklink.sh ../include $(EXHEADER) + $(TOP)/util/mklink.sh ../test $(TEST) + $(TOP)/util/mklink.sh ../apps $(APPS) + +install: + @for i in $(EXHEADER) ; \ + do \ + (cp $$i $(INSTALLTOP)/include/$$i; \ + chmod 644 $(INSTALLTOP)/include/$$i ); \ + done; + +tags: + ctags $(SRC) + +tests: + +lint: + lint -DLINT $(INCLUDES) $(SRC)>fluff + +depend: + $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC) + +dclean: + perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new + mv -f Makefile.new $(MAKEFILE) + +clean: + /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + +errors: + perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h + perl ../crypto/err/err_genc.pl $(ERR).h $(ERRC).c + +# DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c new file mode 100644 index 0000000000..6c0babaf30 --- /dev/null +++ b/ssl/bio_ssl.c @@ -0,0 +1,432 @@ +/* ssl/bio_ssl.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <string.h> +#include <errno.h> +#include "bio.h" +#include "err.h" +#include "ssl.h" + +#ifndef NOPROTO +static int ssl_write(BIO *h,char *buf,int num); +static int ssl_read(BIO *h,char *buf,int size); +static int ssl_puts(BIO *h,char *str); +static long ssl_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int ssl_new(BIO *h); +static int ssl_free(BIO *data); +#else +static int ssl_write(); +static int ssl_read(); +static int ssl_puts(); +static long ssl_ctrl(); +static int ssl_new(); +static int ssl_free(); +#endif + +static BIO_METHOD methods_sslp= + { + BIO_TYPE_SSL,"ssl", + ssl_write, + ssl_read, + ssl_puts, + NULL, /* ssl_gets, */ + ssl_ctrl, + ssl_new, + ssl_free, + }; + +BIO_METHOD *BIO_f_ssl() + { + return(&methods_sslp); + } + +static int ssl_new(bi) +BIO *bi; + { + bi->init=0; + bi->ptr=NULL; /* The SSL structure */ + bi->flags=0; + return(1); + } + +static int ssl_free(a) +BIO *a; + { + if (a == NULL) return(0); + if (a->ptr != NULL) SSL_shutdown((SSL *)a->ptr); + if (a->shutdown) + { + if (a->init) SSL_free((SSL *)a->ptr); + a->init=0; + a->flags=0; + a->ptr=NULL; + } + return(1); + } + +static int ssl_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=1; + int inflags,outflags; + SSL *ssl; + int retry_reason=0; + + if (out == NULL) return(0); + ssl=(SSL *)b->ptr; + + inflags=outflags=b->flags; + + outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY); + + if (!SSL_is_init_finished(ssl)) + { + ret=SSL_do_handshake(ssl); +#if 0 + if (ret > 0) + { + outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); + ret= -1; + goto end; + } +#endif + } + if (ret > 0) + ret=SSL_read(ssl,out,outl); + + switch (SSL_get_error(ssl,ret)) + { + case SSL_ERROR_NONE: + if (ret <= 0) break; + break; + case SSL_ERROR_WANT_READ: + outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_WRITE: + outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_X509_LOOKUP: + outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); + retry_reason=BIO_RR_SSL_X509_LOOKUP; + break; + case SSL_ERROR_WANT_CONNECT: + outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); + retry_reason=BIO_RR_CONNECT; + break; + case SSL_ERROR_SYSCALL: + case SSL_ERROR_SSL: + case SSL_ERROR_ZERO_RETURN: + default: + break; + } + + b->retry_reason=retry_reason; + b->flags=outflags; + return(ret); + } + +static int ssl_write(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret; + int inflags,outflags,retry_reason=0; + SSL *ssl; + + if (out == NULL) return(0); + ssl=(SSL *)b->ptr; + + inflags=outflags=b->flags; + + outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY); + + ret=SSL_do_handshake(ssl); + if (ret > 0) + ret=SSL_write(ssl,out,outl); + + switch (SSL_get_error(ssl,ret)) + { + case SSL_ERROR_NONE: + if (ret <= 0) break; + break; + case SSL_ERROR_WANT_WRITE: + outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_READ: + outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_X509_LOOKUP: + outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); + retry_reason=BIO_RR_SSL_X509_LOOKUP; + break; + case SSL_ERROR_WANT_CONNECT: + outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); + retry_reason=BIO_RR_CONNECT; + case SSL_ERROR_SYSCALL: + case SSL_ERROR_SSL: + default: + break; + } + + b->retry_reason=retry_reason; + b->flags=outflags; + return(ret); + } + +static long ssl_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + SSL **sslp,*ssl; + BIO *dbio,*bio; + long ret=1; + + ssl=(SSL *)b->ptr; + switch (cmd) + { + case BIO_CTRL_RESET: + SSL_shutdown(ssl); + + if (ssl->handshake_func == ssl->method->ssl_connect) + SSL_set_connect_state(ssl); + else if (ssl->handshake_func == ssl->method->ssl_accept) + SSL_set_accept_state(ssl); + + SSL_clear(ssl); + + if (b->next_bio != NULL) + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + else if (ssl->rbio != NULL) + ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); + else + ret=1; + break; + case BIO_CTRL_EOF: + case BIO_CTRL_INFO: + ret=0; + break; + case BIO_C_SSL_MODE: + if (num) /* client mode */ + SSL_set_connect_state(ssl); + else + SSL_set_accept_state(ssl); + break; + case BIO_C_SET_SSL: + ssl_free(b); + b->shutdown=(int)num; + b->ptr=ptr; + ssl=(SSL *)ptr; + bio=SSL_get_rbio(ssl); + if (bio != NULL) + { + if (b->next_bio != NULL) + BIO_push(bio,b->next_bio); + b->next_bio=bio; + } + b->init=1; + break; + case BIO_C_GET_SSL: + if (ptr != NULL) + { + sslp=(SSL **)ptr; + *sslp=ssl; + } + break; + case BIO_CTRL_GET_CLOSE: + ret=b->shutdown; + break; + case BIO_CTRL_SET_CLOSE: + b->shutdown=(int)num; + break; + case BIO_CTRL_WPENDING: + ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); + break; + case BIO_CTRL_PENDING: + ret=SSL_pending(ssl); + if (ret == 0) + ret=BIO_pending(ssl->rbio); + break; + case BIO_CTRL_FLUSH: + BIO_clear_retry_flags(b); + ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); + BIO_copy_next_retry(b); + break; + case BIO_CTRL_PUSH: + if (b->next_bio != NULL) + { + SSL_set_bio(ssl,b->next_bio,b->next_bio); + b->next_bio->references++; + } + break; + case BIO_CTRL_POP: + /* ugly bit of a hack */ + if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */ + { + BIO_free_all(ssl->wbio); + } + ssl->wbio=NULL; + ssl->rbio=NULL; + break; + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + + b->retry_reason=0; + ret=(int)SSL_do_handshake(ssl); + + switch (SSL_get_error(ssl,(int)ret)) + { + case SSL_ERROR_WANT_READ: + BIO_set_flags(b, + BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_WRITE: + BIO_set_flags(b, + BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_CONNECT: + BIO_set_flags(b, + BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); + b->retry_reason=b->next_bio->retry_reason; + break; + default: + break; + } + break; + case BIO_CTRL_DUP: + dbio=(BIO *)ptr; + if (dbio->ptr != NULL) + SSL_free((SSL *)dbio->ptr); + dbio->ptr=(char *)SSL_dup(ssl); + ret=(dbio->ptr != NULL); + break; + default: + return(0); + break; + } + return(ret); + } + +static int ssl_puts(bp,str) +BIO *bp; +char *str; + { + int n,ret; + + n=strlen(str); + ret=BIO_write(bp,str,n); + return(ret); + } + +BIO *BIO_new_ssl(ctx,client) +SSL_CTX *ctx; +int client; + { + BIO *ret; + SSL *ssl; + + if ((ret=BIO_new(BIO_f_ssl())) == NULL) + return(NULL); + if ((ssl=SSL_new(ctx)) == NULL) + { + BIO_free(ret); + return(NULL); + } + if (client) + SSL_set_connect_state(ssl); + else + SSL_set_accept_state(ssl); + + BIO_set_ssl(ret,ssl,BIO_CLOSE); + return(ret); + } + +int BIO_ssl_copy_session_id(t,f) +BIO *t,*f; + { + t=BIO_find_type(t,BIO_TYPE_SSL); + f=BIO_find_type(f,BIO_TYPE_SSL); + if ((t == NULL) || (f == NULL)) + return(0); + if ((t->ptr == NULL) || (f->ptr == NULL)) + return(0); + SSL_copy_session_id((SSL *)t->ptr,(SSL *)f->ptr); + return(1); + } + +void BIO_ssl_shutdown(b) +BIO *b; + { + SSL *s; + + while (b != NULL) + { + if (b->method->type == BIO_TYPE_SSL) + { + s=(SSL *)b->ptr; + SSL_shutdown(s); + break; + } + b=b->next_bio; + } + } diff --git a/ssl/bio_ssl.orig.c b/ssl/bio_ssl.orig.c new file mode 100644 index 0000000000..25147d12e7 --- /dev/null +++ b/ssl/bio_ssl.orig.c @@ -0,0 +1,440 @@ +/* ssl/bio_ssl.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <string.h> +#include <errno.h> +#include "bio.h" +#include "err.h" +#include "ssl.h" + +#ifndef NOPROTO +static int ssl_write(BIO *h,char *buf,int num); +static int ssl_read(BIO *h,char *buf,int size); +static int ssl_puts(BIO *h,char *str); +static long ssl_ctrl(BIO *h,int cmd,long arg1,char *arg2); +static int ssl_new(BIO *h); +static int ssl_free(BIO *data); +#else +static int ssl_write(); +static int ssl_read(); +static int ssl_puts(); +static long ssl_ctrl(); +static int ssl_new(); +static int ssl_free(); +#endif + +static BIO_METHOD methods_sslp= + { + BIO_TYPE_SSL,"ssl", + ssl_write, + ssl_read, + ssl_puts, + NULL, /* ssl_gets, */ + ssl_ctrl, + ssl_new, + ssl_free, + }; + +BIO_METHOD *BIO_f_ssl() + { + return(&methods_sslp); + } + +static int ssl_new(bi) +BIO *bi; + { + bi->init=0; + bi->ptr=NULL; /* The SSL structure */ + bi->flags=0; + return(1); + } + +static int ssl_free(a) +BIO *a; + { + if (a == NULL) return(0); + if (a->ptr != NULL) SSL_shutdown((SSL *)a->ptr); + if (a->shutdown) + { + if (a->init) SSL_free((SSL *)a->ptr); + a->init=0; + a->flags=0; + a->ptr=NULL; + } + return(1); + } + +static int ssl_read(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret=1,dr,dw; + int inflags,outflags; + SSL *ssl; + int retry_reason=0; + + if (out == NULL) return(0); + ssl=(SSL *)b->ptr; + + inflags=outflags=b->flags; + + dr=inflags&BIO_FLAGS_PROTOCOL_DELAYED_READ; + dw=inflags&BIO_FLAGS_PROTOCOL_DELAYED_WRITE; + + outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_WRITE| + BIO_FLAGS_PROTOCOL_DELAYED_READ); + + if (!SSL_is_init_finished(ssl)) + { + ret=SSL_do_handshake(ssl); +#if 0 + if (ret > 0) + { + outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_READ|dw); + ret= -1; + goto end; + } +#endif + } + if (ret > 0) + ret=SSL_read(ssl,out,outl); + + switch (SSL_get_error(ssl,ret)) + { + case SSL_ERROR_NONE: + if (ret <= 0) break; + if (dw) + outflags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_READ: + outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_READ|dw); + break; + case SSL_ERROR_WANT_WRITE: + outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_READ|dw); + break; + case SSL_ERROR_WANT_X509_LOOKUP: + outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_READ|dw); + retry_reason=BIO_RR_SSL_X509_LOOKUP; + break; + case SSL_ERROR_WANT_CONNECT: + outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_READ|dw); + retry_reason=BIO_RR_CONNECT; + break; + case SSL_ERROR_SYSCALL: + case SSL_ERROR_SSL: + case SSL_ERROR_ZERO_RETURN: + default: + break; + } + + b->retry_reason=retry_reason; + b->flags=outflags; + return(ret); + } + +static int ssl_write(b,out,outl) +BIO *b; +char *out; +int outl; + { + int ret,dr,dw; + int inflags,outflags,retry_reason=0; + SSL *ssl; + + if (out == NULL) return(0); + ssl=(SSL *)b->ptr; + + inflags=outflags=b->flags; + + dr=inflags&BIO_FLAGS_PROTOCOL_DELAYED_READ; + dw=inflags&BIO_FLAGS_PROTOCOL_DELAYED_WRITE; + + outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_WRITE| + BIO_FLAGS_PROTOCOL_DELAYED_READ); + + ret=SSL_do_handshake(ssl); + if (ret > 0) + ret=SSL_write(ssl,out,outl); + + switch (SSL_get_error(ssl,ret)) + { + case SSL_ERROR_NONE: + if (ret <= 0) break; + if (dr) + outflags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_WRITE: + outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr); + break; + case SSL_ERROR_WANT_READ: + outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr); + break; + case SSL_ERROR_WANT_X509_LOOKUP: + outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr); + retry_reason=BIO_RR_SSL_X509_LOOKUP; + break; + case SSL_ERROR_WANT_CONNECT: + outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY| + BIO_FLAGS_PROTOCOL_DELAYED_READ|dw); + retry_reason=BIO_RR_CONNECT; + case SSL_ERROR_SYSCALL: + case SSL_ERROR_SSL: + default: + break; + } + + b->retry_reason=retry_reason; + b->flags=outflags; + return(ret); + } + +static long ssl_ctrl(b,cmd,num,ptr) +BIO *b; +int cmd; +long num; +char *ptr; + { + SSL **sslp,*ssl; + BIO *dbio,*bio; + long ret=1; + + ssl=(SSL *)b->ptr; + switch (cmd) + { + case BIO_CTRL_RESET: + SSL_shutdown(ssl); + + if (ssl->handshake_func == ssl->method->ssl_connect) + SSL_set_connect_state(ssl); + else if (ssl->handshake_func == ssl->method->ssl_accept) + SSL_set_accept_state(ssl); + + SSL_clear(ssl); + + if (b->next_bio != NULL) + ret=BIO_ctrl(b->next_bio,cmd,num,ptr); + else if (ssl->rbio != NULL) + ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); + else + ret=1; + break; + case BIO_CTRL_EOF: + case BIO_CTRL_INFO: + ret=0; + break; + case BIO_C_SSL_MODE: + if (num) /* client mode */ + SSL_set_connect_state(ssl); + else + SSL_set_accept_state(ssl); + break; + case BIO_C_SET_SSL: + ssl_free(b); + b->shutdown=(int)num; + b->ptr=ptr; + ssl=(SSL *)ptr; + bio=SSL_get_rbio(ssl); + if (bio != NULL) + { + if (b->next_bio != NULL) + BIO_push(bio,b->next_bio); + b->next_bio=bio; + } + b->init=1; + break; + case BIO_C_GET_SSL: + if (ptr != NULL) + { + sslp=(SSL **)ptr; + *sslp=ssl; + } + break; + case BIO_CTRL_GET_CLOSE: + ret=b->shutdown; + break; + case BIO_CTRL_SET_CLOSE: + b->shutdown=(int)num; + break; + case BIO_CTRL_WPENDING: + ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); + break; + case BIO_CTRL_PENDING: + ret=SSL_pending(ssl); + if (ret == 0) + ret=BIO_pending(ssl->rbio); + break; + case BIO_CTRL_FLUSH: + BIO_clear_retry_flags(b); + ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); + BIO_copy_next_retry(b); + break; + case BIO_CTRL_PUSH: + if (b->next_bio != NULL) + { + SSL_set_bio(ssl,b->next_bio,b->next_bio); + b->next_bio->references++; + } + break; + case BIO_CTRL_POP: + /* ugly bit of a hack */ + if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */ + { + BIO_free_all(ssl->wbio); + } + ssl->wbio=NULL; + ssl->rbio=NULL; + break; + case BIO_C_DO_STATE_MACHINE: + BIO_clear_retry_flags(b); + + b->retry_reason=0; + ret=(int)SSL_do_handshake(ssl); + + switch (SSL_get_error(ssl,ret)) + { + case SSL_ERROR_WANT_READ: + BIO_set_flags(b, + BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_WRITE: + BIO_set_flags(b, + BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); + break; + case SSL_ERROR_WANT_CONNECT: + BIO_set_flags(b, + BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); + b->retry_reason=b->next_bio->retry_reason; + break; + default: + break; + } + break; + case BIO_CTRL_DUP: + dbio=(BIO *)ptr; + if (dbio->ptr != NULL) + SSL_free((SSL *)dbio->ptr); + dbio->ptr=(char *)SSL_dup(ssl); + ret=(dbio->ptr != NULL); + break; + default: + return(0); + break; + } + return(ret); + } + +static int ssl_puts(bp,str) +BIO *bp; +char *str; + { + int n,ret; + + n=strlen(str); + ret=BIO_write(bp,str,n); + return(ret); + } + +BIO *BIO_new_ssl(ctx,client) +SSL_CTX *ctx; +int client; + { + BIO *ret; + SSL *ssl; + + if ((ret=BIO_new(BIO_f_ssl())) == NULL) + return(NULL); + if ((ssl=SSL_new(ctx)) == NULL) + { + BIO_free(ret); + return(NULL); + } + if (client) + SSL_set_connect_state(ssl); + else + SSL_set_accept_state(ssl); + + BIO_set_ssl(ret,ssl,BIO_CLOSE); + return(ret); + } + +int BIO_ssl_copy_session_id(t,f) +BIO *t,*f; + { + t=BIO_find_type(t,BIO_TYPE_SSL); + f=BIO_find_type(f,BIO_TYPE_SSL); + if ((t == NULL) || (f == NULL)) + return(0); + if ((t->ptr == NULL) || (f->ptr == NULL)) + return(0); + SSL_copy_session_id((SSL *)t->ptr,(SSL *)f->ptr); + return(1); + } + + diff --git a/ssl/build b/ssl/build new file mode 100644 index 0000000000..d3308356b3 --- /dev/null +++ b/ssl/build @@ -0,0 +1,6 @@ +#!/bin/sh +for i in BUILD_SSLV23 BUILD_SSLV2 BUILD_SSLV3 BUILD_SSL_COMMON BUILD_SSL_BIO BUILD_SSL_OPTIONAL +do +time gcc -D$i -o $i.o -c -I. -I../include -O3 -fomit-frame-pointer ssl.c +done + diff --git a/ssl/changes.ssl b/ssl/changes.ssl new file mode 100644 index 0000000000..ab94b95aa0 --- /dev/null +++ b/ssl/changes.ssl @@ -0,0 +1,10 @@ + +Must do a +SSL_init_eay_ciphers(); +before calls to SSL_CTX_new() + +SSL_CTX *SSL_CTX_new(void ) -> SSL_CTX *SSL_CTX_new(SSL_METHOD *meth); + +SSL_CTX_set_cert_verify_cb -> the callback is now +int callback(char *arg,SSL *s,X509 *xs,STACK *cert_chain); +where the 'cert_chain' has been added. @@ -0,0 +1,40 @@ +/* return the actual cipher being used */ +char *SSL_CIPHER_get_name(c) +SSL_CIPHER *c; + { + if (c != NULL) + return(c->name); + return("UNKNOWN"); + } + +/* number of bits for symetric cipher */ +int SSL_CIPHER_get_bits(c,alg_bits) +SSL_CIPHER *c; +int *alg_bits; + { + int ret=0,a=0; + EVP_CIPHER *enc; + + if (c != NULL) + { + if (!ssl_cipher_get_evp(c,&enc,NULL)) + return(0); + + a=EVP_CIPHER_key_length(enc)*8; + + if (s->session->cipher->algorithms & SSL_EXP) + { + if (c->algorithm2 & SSL2_CF_8_BYTE_ENC) + ret=64; + else + ret=40; + } + else + ret=a; + } + + if (alg_bits != NULL) *alg_bits=a; + + return(ret); + } + diff --git a/ssl/readme b/ssl/readme new file mode 100644 index 0000000000..ca174848a1 --- /dev/null +++ b/ssl/readme @@ -0,0 +1,277 @@ +22 Jun 1996 +This file belongs in ../apps, but I'll leave it here because it deals +with SSL :-) It is rather dated but it gives you an idea of how +things work. +=== + +17 Jul 1995 +I have been changing things quite a bit and have not fully updated +this file, so take what you read with a grain of salt +eric +=== +The s_client and s_server programs can be used to test SSL capable +IP/port addresses and the verification of the X509 certificates in use +by these services. I strongly advise having a look at the code to get +an idea of how to use the authentication under SSLeay. Any feedback +on changes and improvements would be greatly accepted. + +This file will probably be gibberish unless you have read +rfc1421, rfc1422, rfc1423 and rfc1424 which describe PEM +authentication. + +A Brief outline (and examples) how to use them to do so. + +NOTE: +The environment variable SSL_CIPER is used to specify the prefered +cipher to use, play around with setting it's value to combinations of +RC4-MD5, EXP-RC4-MD5, CBC-DES-MD5, CBC3-DES-MD5, CFB-DES-NULL +in a : separated list. + +This directory contains 3 X509 certificates which can be used by these programs. +client.pem: a file containing a certificate and private key to be used + by s_client. +server.pem :a file containing a certificate and private key to be used + by s_server. +eay1024.pem:the certificate used to sign client.pem and server.pem. + This would be your CA's certificate. There is also a link + from the file a8556381.0 to eay1024.PEM. The value a8556381 + is returned by 'x509 -hash -noout <eay1024.pem' and is the + value used by X509 verification routines to 'find' this + certificte when search a directory for it. + [the above is not true any more, the CA cert is + ../certs/testca.pem which is signed by ../certs/mincomca.pem] + +When testing the s_server, you may get +bind: Address already in use +errors. These indicate the port is still being held by the unix +kernel and you are going to have to wait for it to let go of it. If +this is the case, remember to use the port commands on the s_server and +s_client to talk on an alternative port. + +===== +s_client. +This program can be used to connect to any IP/hostname:port that is +talking SSL. Once connected, it will attempt to authenticate the +certificate it was passed and if everything works as expected, a 2 +directional channel will be open. Any text typed will be sent to the +other end. type Q<cr> to exit. Flags are as follows. +-host arg : Arg is the host or IP address to connect to. +-port arg : Arg is the port to connect to (https is 443). +-verify arg : Turn on authentication of the server certificate. + : Arg specifies the 'depth', this will covered below. +-cert arg : The optional certificate to use. This certificate + : will be returned to the server if the server + : requests it for client authentication. +-key arg : The private key that matches the certificate + : specified by the -cert option. If this is not + : specified (but -cert is), the -cert file will be + : searched for the Private key. Both files are + : assumed to be in PEM format. +-CApath arg : When to look for certificates when 'verifying' the + : certificate from the server. +-CAfile arg : A file containing certificates to be used for + : 'verifying' the server certificate. +-reconnect : Once a connection has been made, drop it and + : reconnect with same session-id. This is for testing :-). + +The '-verify n' parameter specifies not only to verify the servers +certificate but to also only take notice of 'n' levels. The best way +to explain is to show via examples. +Given +s_server -cert server.PEM is running. + +s_client + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server + issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify error:num=1:unable to get issuer certificate + verify return:1 + CIPHER is CBC-DES-MD5 +What has happened is that the 'SSLeay demo server' certificate's +issuer ('CA') could not be found but because verify is not on, we +don't care and the connection has been made anyway. It is now 'up' +using CBC-DES-MD5 mode. This is an unauthenticate secure channel. +You may not be talking to the right person but the data going to them +is encrypted. + +s_client -verify 0 + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server + issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify error:num=1:unable to get issuer certificate + verify return:1 + CIPHER is CBC-DES-MD5 +We are 'verifying' but only to depth 0, so since the 'SSLeay demo server' +certificate passed the date and checksum, we are happy to proceed. + +s_client -verify 1 + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server + issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify error:num=1:unable to get issuer certificate + verify return:0 + ERROR + verify error:unable to get issuer certificate +In this case we failed to make the connection because we could not +authenticate the certificate because we could not find the +'CA' certificate. + +s_client -verify 1 -CAfile eay1024.PEM + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server + verify return:1 + depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify return:1 + CIPHER is CBC-DES-MD5 +We loaded the certificates from the file eay1024.PEM. Everything +checked out and so we made the connection. + +s_client -verify 1 -CApath . + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server + verify return:1 + depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify return:1 + CIPHER is CBC-DES-MD5 +We looked in out local directory for issuer certificates and 'found' +a8556381.0 and so everything is ok. + +It is worth noting that 'CA' is a self certified certificate. If you +are passed one of these, it will fail to 'verify' at depth 0 because +we need to lookup the certifier of a certificate from some information +that we trust and keep locally. + +SSL_CIPHER=CBC3-DES-MD5:RC4-MD5 +export SSL_CIPHER +s_client -verify 10 -CApath . -reconnect + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server + verify return:1 + depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify return:1 + drop the connection and reconnect with the same session id + CIPHER is CBC3-DES-MD5 +This has done a full connection and then re-estabished it with the +same session id but a new socket. No RSA stuff occures on the second +connection. Note that we said we would prefer to use CBC3-DES-MD5 +encryption and so, since the server supports it, we are. + +===== +s_server +This program accepts SSL connections on a specified port +Once connected, it will estabish an SSL connection and optionaly +attempt to authenticate the client. A 2 directional channel will be +open. Any text typed will be sent to the other end. Type Q<cr> to exit. +Flags are as follows. +-port arg : Arg is the port to listen on. +-verify arg : Turn on authentication of the client if they have a + : certificate. Arg specifies the 'depth'. +-Verify arg : Turn on authentication of the client. If they don't + : have a valid certificate, drop the connection. +-cert arg : The certificate to use. This certificate + : will be passed to the client. If it is not + : specified, it will default to server.PEM +-key arg : The private key that matches the certificate + : specified by the -cert option. If this is not + : specified (but -cert is), the -cert file will be + : searched for the Private key. Both files are + : assumed to be in PEM format. Default is server.PEM +-CApath arg : When to look for certificates when 'verifying' the + : certificate from the client. +-CAfile arg : A file containing certificates to be used for + : 'verifying' the client certificate. + +For the following 'demo' I will specify the s_server command and +the s_client command and then list the output from the s_server. +s_server +s_client + CONNECTED + CIPHER is CBC-DES-MD5 +Everything up and running + +s_server -verify 0 +s_client + CONNECTED + CIPHER is CBC-DES-MD5 +Ok since no certificate was returned and we don't care. + +s_server -verify 0 +./s_client -cert client.PEM + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client + issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify error:num=1:unable to get issuer certificate + verify return:1 + CIPHER is CBC-DES-MD5 +Ok since we were only verifying to level 0 + +s_server -verify 4 +s_client -cert client.PEM + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client + issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify error:num=1:unable to get issuer certificate + verify return:0 + ERROR + verify error:unable to get issuer certificate +Bad because we could not authenticate the returned certificate. + +s_server -verify 4 -CApath . +s_client -cert client.PEM + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client + verify return:1 + depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify return:1 + CIPHER is CBC-DES-MD5 +Ok because we could authenticate the returned certificate :-). + +s_server -Verify 0 -CApath . +s_client + CONNECTED + ERROR + SSL error:function is:REQUEST_CERTIFICATE + :error is :client end did not return a certificate +Error because no certificate returned. + +s_server -Verify 4 -CApath . +s_client -cert client.PEM + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client + verify return:1 + depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify return:1 + CIPHER is CBC-DES-MD5 +Full authentication of the client. + +So in summary to do full authentication of both ends +s_server -Verify 9 -CApath . +s_client -cert client.PEM -CApath . -verify 9 +From the server side + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client + verify return:1 + depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify return:1 + CIPHER is CBC-DES-MD5 +From the client side + CONNECTED + depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server + verify return:1 + depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA + verify return:1 + CIPHER is CBC-DES-MD5 + +For general probing of the 'internet https' servers for the +distribution area, run +s_client -host www.netscape.com -port 443 -verify 4 -CApath ../rsa/hash +Then enter +GET / +and you should be talking to the https server on that host. + +www.rsa.com was refusing to respond to connections on 443 when I was +testing. + +have fun :-). + +eric diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c new file mode 100644 index 0000000000..57d3623f3f --- /dev/null +++ b/ssl/s23_clnt.c @@ -0,0 +1,444 @@ +/* ssl/s23_clnt.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "ssl_locl.h" + +#define BREAK break + +#ifndef NOPROTO +static int ssl23_client_hello(SSL *s); +static int ssl23_get_server_hello(SSL *s); +#else +static int ssl23_client_hello(); +static int ssl23_get_server_hello(); +#endif + +static SSL_METHOD *ssl23_get_client_method(ver) +int ver; + { + if (ver == 2) + return(SSLv2_client_method()); + else if (ver == 3) + return(SSLv3_client_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv23_client_method() + { + static int init=1; + static SSL_METHOD SSLv23_client_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv23_client_data, + (char *)sslv23_base_method(),sizeof(SSL_METHOD)); + SSLv23_client_data.ssl_connect=ssl23_connect; + SSLv23_client_data.get_ssl_method=ssl23_get_client_method; + } + return(&SSLv23_client_data); + } + +int ssl23_connect(s) +SSL *s; + { + BUF_MEM *buf; + unsigned long Time=time(NULL); + void (*cb)()=NULL; + int ret= -1; + int new_state,state; + + RAND_seed((unsigned char *)&Time,sizeof(Time)); + ERR_clear_error(); + errno=0; + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + + for (;;) + { + state=s->state; + + switch(s->state) + { + case SSL_ST_BEFORE: + case SSL_ST_CONNECT: + case SSL_ST_BEFORE|SSL_ST_CONNECT: + case SSL_ST_OK|SSL_ST_CONNECT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + s->version=3; + s->type=SSL_ST_CONNECT; + + if (s->init_buf == NULL) + { + if ((buf=BUF_MEM_new()) == NULL) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + } + + if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } + + ssl3_init_finished_mac(s); + + s->state=SSL23_ST_CW_CLNT_HELLO_A; + s->ctx->sess_connect++; + s->init_num=0; + break; + + case SSL23_ST_CW_CLNT_HELLO_A: + case SSL23_ST_CW_CLNT_HELLO_B: + + s->shutdown=0; + ret=ssl23_client_hello(s); + if (ret <= 0) goto end; + s->state=SSL23_ST_CR_SRVR_HELLO_A; + s->init_num=0; + + break; + + case SSL23_ST_CR_SRVR_HELLO_A: + case SSL23_ST_CR_SRVR_HELLO_B: + ret=ssl23_get_server_hello(s); + if (ret >= 0) cb=NULL; + goto end; + break; + + default: + SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + /* break; */ + } + + if (s->debug) BIO_flush(s->wbio); + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_CONNECT_LOOP,1); + s->state=new_state; + } + } +end: + s->in_handshake--; + if (cb != NULL) + cb(s,SSL_CB_CONNECT_EXIT,ret); + return(ret); + } + + +static int ssl23_client_hello(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p,*d; + int i,ch_len; + + buf=(unsigned char *)s->init_buf->data; + if (s->state == SSL23_ST_CW_CLNT_HELLO_A) + { +#if 0 + /* don't reuse session-id's */ + if (!ssl_get_new_session(s,0)) + { + return(-1); + } +#endif + + p=s->s3->client_random; + RAND_bytes(p,SSL3_RANDOM_SIZE); + + /* Do the message type and length last */ + d= &(buf[2]); + p=d+9; + + *(d++)=SSL2_MT_CLIENT_HELLO; + *(d++)=SSL3_VERSION_MAJOR; + *(d++)=SSL3_VERSION_MINOR; + + /* Ciphers supported */ + i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p); + if (i == 0) + { + /* no ciphers */ + SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); + return(-1); + } + s2n(i,d); + p+=i; + + /* put in the session-id, zero since there is no + * reuse. */ +#if 0 + s->session->session_id_length=0; +#endif + s2n(0,d); + + if (s->ctx->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) + ch_len=SSL2_CHALLENGE_LENGTH; + else + ch_len=SSL2_MAX_CHALLENGE_LENGTH; + + /* write out sslv2 challenge */ + if (SSL3_RANDOM_SIZE < ch_len) + i=SSL3_RANDOM_SIZE; + else + i=ch_len; + s2n(i,d); + memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); + RAND_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); + memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); + p+=i; + + i= p- &(buf[2]); + buf[0]=((i>>8)&0xff)|0x80; + buf[1]=(i&0xff); + + s->state=SSL23_ST_CW_CLNT_HELLO_B; + /* number of bytes to write */ + s->init_num=i+2; + s->init_off=0; + + ssl3_finish_mac(s,&(buf[2]),i); + } + + /* SSL3_ST_CW_CLNT_HELLO_B */ + return(ssl23_write_bytes(s)); + } + +static int ssl23_get_server_hello(s) +SSL *s; + { + char buf[8]; + unsigned char *p; + int i,ch_len; + int n; + BIO *bbio; + + n=ssl23_read_bytes(s,7); + + if (n != 7) return(n); + p=s->packet; + + memcpy(buf,p,n); + + if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && + (p[5] == 0x00) && (p[6] == 0x02)) + { + /* we are talking sslv2 */ + /* we need to clean up the SSLv3 setup and put in the + * sslv2 stuff. */ + + if (s->s2 == NULL) + { + if (!ssl2_new(s)) + goto err; + } + else + ssl2_clear(s); + + if (s->ctx->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) + ch_len=SSL2_CHALLENGE_LENGTH; + else + ch_len=SSL2_MAX_CHALLENGE_LENGTH; + + /* write out sslv2 challenge */ + i=(SSL3_RANDOM_SIZE < ch_len) + ?SSL3_RANDOM_SIZE:ch_len; + s->s2->challenge_length=i; + memcpy(s->s2->challenge, + &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); + + if (s->s3 != NULL) ssl3_free(s); + + if (!BUF_MEM_grow(s->init_buf, + SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) + { + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); + goto err; + } + + s->state=SSL2_ST_GET_SERVER_HELLO_A; + s->s2->ssl2_rollback=1; + + /* setup the 5 bytes we have read so we get them from + * the sslv2 buffer */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s2->rbuf[0]); + memcpy(s->packet,buf,n); + s->s2->rbuf_left=n; + s->s2->rbuf_offs=0; + + /* we have already written one */ + s->s2->write_sequence=1; + + s->method=SSLv2_client_method(); + s->handshake_func=s->method->ssl_connect; + } + else if ((p[0] == SSL3_RT_HANDSHAKE) && + (p[1] == SSL3_VERSION_MAJOR) && + (p[2] == SSL3_VERSION_MINOR) && + (p[5] == SSL3_MT_SERVER_HELLO)) + { + /* we have sslv3 */ + + if (s->bbio == NULL) + { + bbio=BIO_new(BIO_f_buffer()); + if (bbio == NULL) + { + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); + goto err; + } + s->bbio=bbio; + } + else + bbio=s->bbio; + + BIO_reset(bbio); + if (!BIO_set_write_buffer_size(bbio,16*1024)) + { + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); + goto err; + } + + /* start the buffering */ + s->wbio=BIO_push(s->bbio,s->wbio); + + /* we are in this state */ + s->state=SSL3_ST_CR_SRVR_HELLO_A; + + /* put the 5 bytes we have read into the input buffer + * for SSLv3 */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s3->rbuf.buf[0]); + memcpy(s->packet,buf,n); + s->s3->rbuf.left=n; + s->s3->rbuf.offset=0; + + s->method=SSLv3_client_method(); + s->handshake_func=s->method->ssl_connect; + } + else if ((p[0] == SSL3_RT_ALERT) && + (p[1] == SSL3_VERSION_MAJOR) && + (p[2] == SSL3_VERSION_MINOR) && + (p[3] == 0) && + (p[4] == 2)) + { + void (*cb)()=NULL; + int j; + + /* An alert */ + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + i=p[5]; + if (cb != NULL) + { + j=(i<<8)|p[6]; + cb(s,SSL_CB_READ_ALERT,j); + } + + s->rwstate=SSL_NOTHING; + SSLerr(SSL_F_SSL3_READ_BYTES,1000+p[6]); + goto err; + } + else + { + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL); + goto err; + } + s->init_num=0; + + /* Since, if we are sending a ssl23 client hello, we are not + * reusing a session-id */ + if (!ssl_get_new_session(s,0)) + goto err; + + s->first_packet=1; + return(SSL_connect(s)); +err: + return(-1); + } + diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c new file mode 100644 index 0000000000..ff19adc119 --- /dev/null +++ b/ssl/s23_lib.c @@ -0,0 +1,232 @@ +/* ssl/s23_lib.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "objects.h" +#include "ssl_locl.h" + +#ifndef NOPROTO +static int ssl23_num_ciphers(void ); +static SSL_CIPHER *ssl23_get_cipher(unsigned int u); +static int ssl23_read(SSL *s, char *buf, int len); +static int ssl23_write(SSL *s, char *buf, int len); +static long ssl23_default_timeout(void ); +static int ssl23_put_cipher_by_char(SSL_CIPHER *c, unsigned char *p); +static SSL_CIPHER *ssl23_get_cipher_by_char(unsigned char *p); +#else +static int ssl23_num_ciphers(); +static SSL_CIPHER *ssl23_get_cipher(); +static int ssl23_read(); +static int ssl23_write(); +static long ssl23_default_timeout(); +static int ssl23_put_cipher_by_char(); +static SSL_CIPHER *ssl23_get_cipher_by_char(); +#endif + +char *SSL23_version_str="SSLv2/3 compatablity part of SSLeay 0.7.0 30-Jan-1997"; + +static SSL_METHOD SSLv23_data= { + 3, + ssl3_new, + ssl3_clear, + ssl3_free, + ssl_undefined_function, + ssl_undefined_function, + ssl23_read, + ssl_undefined_function, + ssl23_write, + ssl_undefined_function, + ssl_undefined_function, + ssl3_ctrl, + ssl3_ctx_ctrl, + ssl23_get_cipher_by_char, + ssl23_put_cipher_by_char, + ssl_undefined_function, + ssl23_num_ciphers, + ssl23_get_cipher, + ssl_bad_method, + ssl23_default_timeout, + }; + +static long ssl23_default_timeout() + { + return(300); + } + +SSL_METHOD *sslv23_base_method() + { + return(&SSLv23_data); + } + +static int ssl23_num_ciphers() + { + return(ssl3_num_ciphers()+ssl2_num_ciphers()); + } + +static SSL_CIPHER *ssl23_get_cipher(u) +unsigned int u; + { + unsigned int uu=ssl3_num_ciphers(); + + if (u < uu) + return(ssl3_get_cipher(u)); + else + return(ssl2_get_cipher(u-uu)); + } + +/* This function needs to check if the ciphers required are actually + * available */ +static SSL_CIPHER *ssl23_get_cipher_by_char(p) +unsigned char *p; + { + SSL_CIPHER c,*cp; + unsigned long id; + int n; + + n=ssl3_num_ciphers(); + id=0x03000000|((unsigned long)p[0]<<16L)| + ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; + c.id=id; + cp=ssl3_get_cipher_by_char(p); + if (cp == NULL) + cp=ssl2_get_cipher_by_char(p); + return(cp); + } + +static int ssl23_put_cipher_by_char(c,p) +SSL_CIPHER *c; +unsigned char *p; + { + long l; + + /* We can write SSLv2 and SSLv3 ciphers */ + if (p != NULL) + { + l=c->id; + p[0]=((unsigned char)(l>>16L))&0xFF; + p[1]=((unsigned char)(l>> 8L))&0xFF; + p[2]=((unsigned char)(l ))&0xFF; + } + return(3); + } + +static int ssl23_read(s,buf,len) +SSL *s; +char *buf; +int len; + { + int n; + +#if 0 + if (s->shutdown & SSL_RECEIVED_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + return(0); + } +#endif + errno=0; + if (SSL_in_init(s) && (!s->in_handshake)) + { + n=s->handshake_func(s); + if (n < 0) return(n); + if (n == 0) + { + SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + return(SSL_read(s,buf,len)); + } + else + { + ssl_undefined_function(s); + return(-1); + } + } + +static int ssl23_write(s,buf,len) +SSL *s; +char *buf; +int len; + { + int n; + +#if 0 + if (s->shutdown & SSL_SENT_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + return(0); + } +#endif + errno=0; + if (SSL_in_init(s) && (!s->in_handshake)) + { + n=s->handshake_func(s); + if (n < 0) return(n); + if (n == 0) + { + SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + return(SSL_write(s,buf,len)); + } + else + { + ssl_undefined_function(s); + return(-1); + } + } diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c new file mode 100644 index 0000000000..dbe282bfd0 --- /dev/null +++ b/ssl/s23_meth.c @@ -0,0 +1,90 @@ +/* ssl/s23_meth.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "objects.h" +#include "ssl_locl.h" + +static SSL_METHOD *ssl23_get_method(ver) +int ver; + { + if (ver == 2) + return(SSLv23_method()); + else if (ver == 3) + return(SSLv3_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv23_method() + { + static int init=1; + static SSL_METHOD SSLv23_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(), + sizeof(SSL_METHOD)); + SSLv23_data.ssl_connect=ssl23_connect; + SSLv23_data.ssl_accept=ssl23_accept; + SSLv23_data.get_ssl_method=ssl23_get_method; + } + return(&SSLv23_data); + } + diff --git a/ssl/s23_pkt.c b/ssl/s23_pkt.c new file mode 100644 index 0000000000..e9b2add0b8 --- /dev/null +++ b/ssl/s23_pkt.c @@ -0,0 +1,120 @@ +/* ssl/s23_pkt.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <errno.h> +#define USE_SOCKETS +#include "evp.h" +#include "buffer.h" +#include "ssl_locl.h" + +int ssl23_write_bytes(s) +SSL *s; + { + int i,num,tot; + char *buf; + + buf=s->init_buf->data; + tot=s->init_off; + num=s->init_num; + for (;;) + { + s->rwstate=SSL_WRITING; + i=BIO_write(s->wbio,&(buf[tot]),num); + if (i < 0) + { + s->init_off=tot; + s->init_num=num; + return(i); + } + s->rwstate=SSL_NOTHING; + if (i == num) return(tot+i); + + num-=i; + tot+=i; + } + } + +/* only return when we have read 'n' bytes */ +int ssl23_read_bytes(s,n) +SSL *s; +int n; + { + unsigned char *p; + int j; + + if (s->packet_length < (unsigned int)n) + { + p=s->packet; + + for (;;) + { + s->rwstate=SSL_READING; + j=BIO_read(s->rbio,(char *)&(p[s->packet_length]), + n-s->packet_length); + if (j <= 0) + return(j); + s->rwstate=SSL_NOTHING; + s->packet_length+=j; + if (s->packet_length >= (unsigned int)n) + return(s->packet_length); + } + } + return(n); + } + diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c new file mode 100644 index 0000000000..398f005821 --- /dev/null +++ b/ssl/s23_srvr.c @@ -0,0 +1,474 @@ +/* ssl/s23_srvr.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "ssl_locl.h" + +#define BREAK break + +#ifndef NOPROTO +int ssl23_get_client_hello(SSL *s); +#else +int ssl23_get_client_hello(); +#endif + +static SSL_METHOD *ssl23_get_server_method(ver) +int ver; + { + if (ver == 2) + return(SSLv2_server_method()); + else if (ver == 3) + return(SSLv3_server_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv23_server_method() + { + static int init=1; + static SSL_METHOD SSLv23_server_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv23_server_data, + (char *)sslv23_base_method(),sizeof(SSL_METHOD)); + SSLv23_server_data.ssl_accept=ssl23_accept; + SSLv23_server_data.get_ssl_method=ssl23_get_server_method; + } + return(&SSLv23_server_data); + } + +int ssl23_accept(s) +SSL *s; + { + BUF_MEM *buf; + unsigned long Time=time(NULL); + void (*cb)()=NULL; + int ret= -1; + int new_state,state; + + RAND_seed((unsigned char *)&Time,sizeof(Time)); + ERR_clear_error(); + errno=0; + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + + for (;;) + { + state=s->state; + + switch(s->state) + { + case SSL_ST_BEFORE: + case SSL_ST_ACCEPT: + case SSL_ST_BEFORE|SSL_ST_ACCEPT: + case SSL_ST_OK|SSL_ST_ACCEPT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + s->version=3; + s->type=SSL_ST_ACCEPT; + + if (s->init_buf == NULL) + { + if ((buf=BUF_MEM_new()) == NULL) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + } + + ssl3_init_finished_mac(s); + + s->state=SSL23_ST_SR_CLNT_HELLO_A; + s->ctx->sess_accept++; + s->init_num=0; + break; + + case SSL23_ST_SR_CLNT_HELLO_A: + case SSL23_ST_SR_CLNT_HELLO_B: + + s->shutdown=0; + ret=ssl23_get_client_hello(s); + if (ret >= 0) cb=NULL; + goto end; + break; + + default: + SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + /* break; */ + } + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_ACCEPT_LOOP,1); + s->state=new_state; + } + } +end: + if (cb != NULL) + cb(s,SSL_CB_ACCEPT_EXIT,ret); + s->in_handshake--; + return(ret); + } + + +int ssl23_get_client_hello(s) +SSL *s; + { + char buf_space[8]; + char *buf= &(buf_space[0]); + unsigned char *p,*d,*dd; + unsigned int i; + unsigned int csl,sil,cl; + int n=0,j; + BIO *bbio; + int type=0,use_sslv2_strong=0; + + /* read the initial header */ + if (s->state == SSL23_ST_SR_CLNT_HELLO_A) + { + if (!ssl3_setup_buffers(s)) goto err; + + n=ssl23_read_bytes(s,7); + if (n != 7) return(n); + + p=s->packet; + + memcpy(buf,p,n); + + if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) + { + /* SSLv2 header */ + if ((p[3] == 0x00) && (p[4] == 0x02)) + { + /* SSLv2 */ + type=1; + } + else if (p[3] == SSL3_VERSION_MAJOR) + { + if (s->ctx->options & SSL_OP_NON_EXPORT_FIRST) + { + STACK *sk; + SSL_CIPHER *c; + int ne2,ne3; + + j=((p[0]&0x7f)<<8)|p[1]; + if (j > (1024*4)) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); + goto err; + } + + n=ssl23_read_bytes(s,j+2); + if (n <= 0) return(n); + p=s->packet; + + if ((buf=Malloc(n)) == NULL) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); + goto err; + } + memcpy(buf,p,n); + + p+=5; + n2s(p,csl); + p+=4; + + sk=ssl_bytes_to_cipher_list( + s,p,csl,NULL); + if (sk != NULL) + { + ne2=ne3=0; + for (j=0; j<sk_num(sk); j++) + { + c=(SSL_CIPHER *)sk_value(sk,j); + if (!(c->algorithms & SSL_EXP)) + { + if ((c->id>>24L) == 2L) + ne2=1; + else + ne3=1; + } + } + if (ne2 && !ne3) + { + type=1; + use_sslv2_strong=1; + goto next_bit; + } + } + } + /* SSLv3 */ + s->state=SSL23_ST_SR_CLNT_HELLO_B; + } + } + else if ((p[0] == SSL3_RT_HANDSHAKE) && + (p[1] == SSL3_VERSION_MAJOR) && + (p[5] == SSL3_MT_CLIENT_HELLO)) + { + /* true SSLv3 */ + type=3; + } + /* I will not introduce error codes since that will probably + * disrupt the error codes alread allocated and could play + * havoc with dynamic allocation. Upgrade to 0.9.x :-) + */ + else if ((strncmp("GET ", (char *)p,4) == 0) || + (strncmp("POST ",(char *)p,5) == 0) || + (strncmp("HEAD ",(char *)p,5) == 0) || + (strncmp("PUT ", (char *)p,4) == 0)) + { + goto err; + } + else if (strncmp("CONNECT",(char *)p,7) == 0) + { + goto err; + } + } + +next_bit: + if (s->state == SSL23_ST_SR_CLNT_HELLO_B) + { + /* we have a SSLv3 in a SSLv2 header */ + type=2; + p=s->packet; + n=((p[0]&0x7f)<<8)|p[1]; + if (n > (1024*4)) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); + goto err; + } + + j=ssl23_read_bytes(s,n+2); + if (j <= 0) return(j); + + ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2); + + p=s->packet; + p+=5; + n2s(p,csl); + n2s(p,sil); + n2s(p,cl); + d=(unsigned char *)s->init_buf->data; + if ((csl+sil+cl+11) != s->packet_length) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH); + goto err; + } + + *(d++)=SSL3_VERSION_MAJOR; + *(d++)=SSL3_VERSION_MINOR; + + /* lets populate the random area */ + /* get the chalenge_length */ + i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl; + memset(d,0,SSL3_RANDOM_SIZE); + memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i); + d+=SSL3_RANDOM_SIZE; + + /* no session-id reuse */ + *(d++)=0; + + /* ciphers */ + j=0; + dd=d; + d+=2; + for (i=0; i<csl; i+=3) + { + if (p[i] != 0) continue; + *(d++)=p[i+1]; + *(d++)=p[i+2]; + j+=2; + } + s2n(j,dd); + + /* compression */ + *(d++)=1; + *(d++)=0; + + i=(d-(unsigned char *)s->init_buf->data); + + /* get the data reused from the init_buf */ + s->s3->tmp.reuse_message=1; + s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; + s->s3->tmp.message_size=i; + } + + if (type == 1) + { + /* we are talking sslv2 */ + /* we need to clean up the SSLv3 setup and put in the + * sslv2 stuff. */ + + if (s->s2 == NULL) + { + if (!ssl2_new(s)) + goto err; + } + else + ssl2_clear(s); + + if (s->s3 != NULL) ssl3_free(s); + + if (!BUF_MEM_grow(s->init_buf, + SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) + { + goto err; + } + + s->state=SSL2_ST_GET_CLIENT_HELLO_A; + if ((s->ctx->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || + use_sslv2_strong) + s->s2->ssl2_rollback=0; + else + s->s2->ssl2_rollback=1; + + /* setup the 5 bytes we have read so we get them from + * the sslv2 buffer */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s2->rbuf[0]); + memcpy(s->packet,buf,n); + s->s2->rbuf_left=n; + s->s2->rbuf_offs=0; + + s->method=SSLv2_server_method(); + s->handshake_func=s->method->ssl_accept; + } + + if ((type == 2) || (type == 3)) + { + /* we have sslv3 */ + + if (s->bbio == NULL) + { + bbio=BIO_new(BIO_f_buffer()); + if (bbio == NULL) + goto err; + s->bbio=bbio; + } + else + bbio=s->bbio; + BIO_reset(bbio); + if (!BIO_set_write_buffer_size(bbio,16*1024)) + goto err; + s->wbio=BIO_push(bbio,s->wbio); + + /* we are in this state */ + s->state=SSL3_ST_SR_CLNT_HELLO_A; + + if (type == 3) + { + /* put the 'n' bytes we have read into the input buffer + * for SSLv3 */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s3->rbuf.buf[0]); + memcpy(s->packet,buf,n); + s->s3->rbuf.left=n; + s->s3->rbuf.offset=0; + } + else + { + s->packet_length=0; + s->s3->rbuf.left=0; + s->s3->rbuf.offset=0; + } + + s->method=SSLv3_server_method(); + s->handshake_func=s->method->ssl_accept; + } + + if ((type < 1) || (type > 3)) + { + /* bad, very bad */ + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); + goto err; + } + s->init_num=0; + + if (buf != buf_space) Free(buf); + s->first_packet=1; + return(SSL_accept(s)); +err: + if (buf != buf_space) Free(buf); + return(-1); + } + diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c new file mode 100644 index 0000000000..67578a45ad --- /dev/null +++ b/ssl/s2_clnt.c @@ -0,0 +1,982 @@ +/* ssl/s2_clnt.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#ifndef NO_MD5 +#include "md5.h" +#endif +#include "rand.h" +#include "buffer.h" +#include "objects.h" +#include "ssl_locl.h" +#include "evp.h" + +#ifndef NOPROTO +static int get_server_finished(SSL *s); +static int get_server_verify(SSL *s); +static int get_server_hello(SSL *s); +static int client_hello(SSL *s); +static int client_master_key(SSL *s); +static int client_finished(SSL *s); +static int client_certificate(SSL *s); +static int ssl_rsa_public_encrypt(CERT *c, int len, unsigned char *from, + unsigned char *to,int padding); +#else +static int get_server_finished(); +static int get_server_verify(); +static int get_server_hello(); +static int client_hello(); +static int client_master_key(); +static int client_finished(); +static int client_certificate(); +static int ssl_rsa_public_encrypt(); +#endif + +#define BREAK break + +static SSL_METHOD *ssl2_get_client_method(ver) +int ver; + { + if (ver == 2) + return(SSLv2_client_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv2_client_method() + { + static int init=1; + static SSL_METHOD SSLv2_client_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(), + sizeof(SSL_METHOD)); + SSLv2_client_data.ssl_connect=ssl2_connect; + SSLv2_client_data.get_ssl_method=ssl2_get_client_method; + } + return(&SSLv2_client_data); + } + +int ssl2_connect(s) +SSL *s; + { + unsigned long l=time(NULL); + BUF_MEM *buf=NULL; + int ret= -1; + void (*cb)()=NULL; + int new_state,state; + + RAND_seed((unsigned char *)&l,sizeof(l)); + ERR_clear_error(); + errno=0; + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + /* init things to blank */ + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + + for (;;) + { + state=s->state; + + switch (s->state) + { + case SSL_ST_BEFORE: + case SSL_ST_CONNECT: + case SSL_ST_BEFORE|SSL_ST_CONNECT: + case SSL_ST_OK|SSL_ST_CONNECT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + s->version=2; + s->type=SSL_ST_CONNECT; + + buf=s->init_buf; + if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf, + SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + s->init_num=0; + s->state=SSL2_ST_SEND_CLIENT_HELLO_A; + s->ctx->sess_connect++; + s->handshake_func=ssl2_connect; + BREAK; + + case SSL2_ST_SEND_CLIENT_HELLO_A: + case SSL2_ST_SEND_CLIENT_HELLO_B: + s->shutdown=0; + ret=client_hello(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL2_ST_GET_SERVER_HELLO_A; + BREAK; + + case SSL2_ST_GET_SERVER_HELLO_A: + case SSL2_ST_GET_SERVER_HELLO_B: + ret=get_server_hello(s); + if (ret <= 0) goto end; + s->init_num=0; + if (!s->hit) /* new session */ + { + s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_A; + BREAK; + } + else + { + s->state=SSL2_ST_CLIENT_START_ENCRYPTION; + break; + } + + case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: + case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: + ret=client_master_key(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL2_ST_CLIENT_START_ENCRYPTION; + break; + + case SSL2_ST_CLIENT_START_ENCRYPTION: + /* Ok, we now have all the stuff needed to + * start encrypting, so lets fire it up :-) */ + if (!ssl2_enc_init(s,1)) + { + ret= -1; + goto end; + } + s->s2->clear_text=0; + s->state=SSL2_ST_SEND_CLIENT_FINISHED_A; + break; + + case SSL2_ST_SEND_CLIENT_FINISHED_A: + case SSL2_ST_SEND_CLIENT_FINISHED_B: + ret=client_finished(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL2_ST_GET_SERVER_VERIFY_A; + break; + + case SSL2_ST_GET_SERVER_VERIFY_A: + case SSL2_ST_GET_SERVER_VERIFY_B: + ret=get_server_verify(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL2_ST_GET_SERVER_FINISHED_A; + break; + + case SSL2_ST_GET_SERVER_FINISHED_A: + case SSL2_ST_GET_SERVER_FINISHED_B: + ret=get_server_finished(s); + if (ret <= 0) goto end; + break; + + case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: + case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: + case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: + case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: + case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: + ret=client_certificate(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL2_ST_GET_SERVER_FINISHED_A; + break; + + case SSL_ST_OK: + BUF_MEM_free(s->init_buf); + s->init_buf=NULL; + s->init_num=0; + /* ERR_clear_error();*/ + + /* If we want to cache session-ids in the client + * and we sucessfully add the session-id to the + * cache, and there is a callback, then pass it out. + * 26/11/96 - eay - only add if not a re-used session. + */ + + ssl_update_cache(s,SSL_SESS_CACHE_CLIENT); + + ret=1; + /* s->server=0; */ + s->ctx->sess_connect_good++; + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); + + goto end; + break; + default: + SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE); + return(-1); + /* break; */ + } + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_CONNECT_LOOP,1); + s->state=new_state; + } + } +end: + s->in_handshake--; + if (cb != NULL) + cb(s,SSL_CB_CONNECT_EXIT,ret); + return(ret); + } + +static int get_server_hello(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p; + int i,j; + STACK *sk,*cl; + + buf=(unsigned char *)s->init_buf->data; + p=buf; + if (s->state == SSL2_ST_GET_SERVER_HELLO_A) + { + i=ssl2_read(s,(char *)&(buf[s->init_num]),11-s->init_num); + if (i < (11-s->init_num)) + return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i)); + + if (*(p++) != SSL2_MT_SERVER_HELLO) + { + if (p[-1] != SSL2_MT_ERROR) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_SERVER_HELLO, + SSL_R_READ_WRONG_PACKET_TYPE); + } + else + SSLerr(SSL_F_GET_SERVER_HELLO, + SSL_R_PEER_ERROR); + return(-1); + } + s->hit=(*(p++))?1:0; + s->s2->tmp.cert_type= *(p++); + n2s(p,i); + if (i < s->version) s->version=i; + n2s(p,i); s->s2->tmp.cert_length=i; + n2s(p,i); s->s2->tmp.csl=i; + n2s(p,i); s->s2->tmp.conn_id_length=i; + s->state=SSL2_ST_GET_SERVER_HELLO_B; + s->init_num=0; + } + + /* SSL2_ST_GET_SERVER_HELLO_B */ + j=s->s2->tmp.cert_length+s->s2->tmp.csl+s->s2->tmp.conn_id_length + - s->init_num; + i=ssl2_read(s,(char *)&(buf[s->init_num]),j); + if (i != j) return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i)); + + /* things are looking good */ + + p=buf; + if (s->hit) + { + if (s->s2->tmp.cert_length != 0) + { + SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_LENGTH_NOT_ZERO); + return(-1); + } + if (s->s2->tmp.cert_type != 0) + { + if (!(s->ctx->options & + SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) + { + SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO); + return(-1); + } + } + if (s->s2->tmp.csl != 0) + { + SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CIPHER_LIST_NOT_ZERO); + return(-1); + } + } + else + { +#ifdef undef + /* very bad */ + memset(s->session->session_id,0, + SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES); + s->session->session_id_length=0; + */ +#endif + + /* we need to do this incase we were trying to reuse a + * client session but others are already reusing it. + * If this was a new 'blank' session ID, the session-id + * length will still be 0 */ + if (s->session->session_id_length > 0) + { + if (!ssl_get_new_session(s,0)) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + return(-1); + } + } + + if (ssl2_set_certificate(s,s->s2->tmp.cert_type, + s->s2->tmp.cert_length,p) <= 0) + { + ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); + return(-1); + } + p+=s->s2->tmp.cert_length; + + if (s->s2->tmp.csl == 0) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_LIST); + return(-1); + } + + /* We have just received a list of ciphers back from the + * server. We need to get the ones that match, then select + * the one we want the most :-). */ + + /* load the ciphers */ + sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl, + &s->session->ciphers); + p+=s->s2->tmp.csl; + if (sk == NULL) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE); + return(-1); + } + + sk_set_cmp_func(sk,ssl_cipher_ptr_id_cmp); + + /* get the array of ciphers we will accept */ + cl=ssl_get_ciphers_by_id(s); + + /* In theory we could have ciphers sent back that we + * don't want to use but that does not matter since we + * will check against the list we origionally sent and + * for performance reasons we should not bother to match + * the two lists up just to check. */ + for (i=0; i<sk_num(cl); i++) + { + if (sk_find(sk,sk_value(cl,i)) >= 0) + break; + } + + if (i >= sk_num(cl)) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH); + return(-1); + } + s->session->cipher=(SSL_CIPHER *)sk_value(cl,i); + } + + if ((s->session != NULL) && (s->session->peer != NULL)) + X509_free(s->session->peer); + + /* hmmm, can we have the problem of the other session with this + * cert, Free's it before we increment the reference count. */ + CRYPTO_w_lock(CRYPTO_LOCK_X509); + s->session->peer=s->session->cert->key->x509; + s->session->peer->references++; + CRYPTO_w_unlock(CRYPTO_LOCK_X509); + + s->s2->conn_id_length=s->s2->tmp.conn_id_length; + memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); + return(1); + } + +static int client_hello(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p,*d; +/* CIPHER **cipher;*/ + int i,n,j; + + buf=(unsigned char *)s->init_buf->data; + if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) + { + if ((s->session == NULL) || + (s->session->ssl_version != s->version)) + { + if (!ssl_get_new_session(s,0)) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + return(-1); + } + } + /* else use the pre-loaded session */ + + p=buf; /* header */ + d=p+9; /* data section */ + *(p++)=SSL2_MT_CLIENT_HELLO; /* type */ + s2n(SSL2_CLIENT_VERSION,p); /* version */ + n=j=0; + + n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d); + d+=n; + + if (n == 0) + { + SSLerr(SSL_F_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); + return(-1); + } + + s2n(n,p); /* cipher spec num bytes */ + + if ((s->session->session_id_length > 0) && + (s->session->session_id_length <= + SSL2_MAX_SSL_SESSION_ID_LENGTH)) + { + i=s->session->session_id_length; + s2n(i,p); /* session id length */ + memcpy(d,s->session->session_id,(unsigned int)i); + d+=i; + } + else + { + s2n(0,p); + } + + s->s2->challenge_length=SSL2_CHALLENGE_LENGTH; + s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */ + /*challenge id data*/ + RAND_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH); + memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH); + d+=SSL2_CHALLENGE_LENGTH; + + s->state=SSL2_ST_SEND_CLIENT_HELLO_B; + s->init_num=d-buf; + s->init_off=0; + } + /* SSL2_ST_SEND_CLIENT_HELLO_B */ + return(ssl2_do_write(s)); + } + +static int client_master_key(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p,*d; + int clear,enc,karg,i; + SSL_SESSION *sess; + EVP_CIPHER *c; + EVP_MD *md; + + buf=(unsigned char *)s->init_buf->data; + if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) + { + + if (!ssl_cipher_get_evp(s->session->cipher,&c,&md)) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); + return(-1); + } + sess=s->session; + p=buf; + d=p+10; + *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */ + + i=ssl_put_cipher_by_char(s,sess->cipher,p); + p+=i; + + /* make key_arg data */ + i=EVP_CIPHER_iv_length(c); + sess->key_arg_length=i; + if (i > 0) RAND_bytes(sess->key_arg,i); + + /* make a master key */ + i=EVP_CIPHER_key_length(c); + sess->master_key_length=i; + if (i > 0) RAND_bytes(sess->master_key,i); + + if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) + enc=8; + else if (sess->cipher->algorithms & SSL_EXP) + enc=5; + else + enc=i; + + if (i < enc) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR); + return(-1); + } + clear=i-enc; + s2n(clear,p); + memcpy(d,sess->master_key,(unsigned int)clear); + d+=clear; + + enc=ssl_rsa_public_encrypt(sess->cert,enc, + &(sess->master_key[clear]),d, + (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); + if (enc <= 0) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR); + return(-1); + } + s2n(enc,p); + d+=enc; + karg=sess->key_arg_length; + s2n(karg,p); /* key arg size */ + memcpy(d,sess->key_arg,(unsigned int)karg); + d+=karg; + + s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B; + s->init_num=d-buf; + s->init_off=0; + } + + /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */ + return(ssl2_do_write(s)); + } + +static int client_finished(s) +SSL *s; + { + unsigned char *p; + + if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) + { + p=(unsigned char *)s->init_buf->data; + *(p++)=SSL2_MT_CLIENT_FINISHED; + memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length); + + s->state=SSL2_ST_SEND_CLIENT_FINISHED_B; + s->init_num=s->s2->conn_id_length+1; + s->init_off=0; + } + return(ssl2_do_write(s)); + } + +/* read the data and then respond */ +static int client_certificate(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p,*d; + int i; + unsigned int n; + int cert_ch_len=0; + unsigned char *cert_ch; + + buf=(unsigned char *)s->init_buf->data; + cert_ch= &(buf[2]); + + /* We have a cert associated with the SSL, so attach it to + * the session if it does not have one */ + + if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) + { + i=ssl2_read(s,(char *)&(buf[s->init_num]), + SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num); + if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+1-s->init_num)) + return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i)); + + /* type=buf[0]; */ + /* type eq x509 */ + if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) + { + ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); + SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_AUTHENTICATION_TYPE); + return(-1); + } + cert_ch_len=i-1; + + if ((s->cert == NULL) || + (s->cert->key->x509 == NULL) || + (s->cert->key->privatekey == NULL)) + { + s->state=SSL2_ST_X509_GET_CLIENT_CERTIFICATE; + } + else + s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C; + } + + if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) + { + X509 *x509=NULL; + EVP_PKEY *pkey=NULL; + + /* If we get an error we need to + * ssl->rwstate=SSL_X509_LOOKUP; + * return(error); + * We should then be retried when things are ok and we + * can get a cert or not */ + + i=0; + if (s->ctx->client_cert_cb != NULL) + { + i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); + } + + if (i < 0) + { + s->rwstate=SSL_X509_LOOKUP; + return(-1); + } + s->rwstate=SSL_NOTHING; + + if ((i == 1) && (pkey != NULL) && (x509 != NULL)) + { + s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C; + if ( !SSL_use_certificate(s,x509) || + !SSL_use_PrivateKey(s,pkey)) + { + i=0; + } + X509_free(x509); + EVP_PKEY_free(pkey); + } + else if (i == 1) + { + if (x509 != NULL) X509_free(x509); + if (pkey != NULL) EVP_PKEY_free(pkey); + SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); + i=0; + } + + if (i == 0) + { + /* We have no client certificate to respond with + * so send the correct error message back */ + s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_B; + p=buf; + *(p++)=SSL2_MT_ERROR; + s2n(SSL2_PE_NO_CERTIFICATE,p); + s->init_off=0; + s->init_num=3; + /* Write is done at the end */ + } + } + + if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) + { + return(ssl2_do_write(s)); + } + + if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) + { + EVP_MD_CTX ctx; + + /* ok, now we calculate the checksum + * do it first so we can reuse buf :-) */ + p=buf; + EVP_SignInit(&ctx,EVP_md5()); + EVP_SignUpdate(&ctx,s->s2->key_material, + (unsigned int)s->s2->key_material_length); + EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); + n=i2d_X509(s->session->cert->key->x509,&p); + EVP_SignUpdate(&ctx,buf,(unsigned int)n); + + p=buf; + d=p+6; + *(p++)=SSL2_MT_CLIENT_CERTIFICATE; + *(p++)=SSL2_CT_X509_CERTIFICATE; + n=i2d_X509(s->cert->key->x509,&d); + s2n(n,p); + + if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey)) + { + /* this is not good. If things have failed it + * means there so something wrong with the key. + * We will contiune with a 0 length signature + */ + } + memset(&ctx,0,sizeof(ctx)); + s2n(n,p); + d+=n; + + s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_D; + s->init_num=d-buf; + s->init_off=0; + } + /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */ + return(ssl2_do_write(s)); + } + +static int get_server_verify(s) +SSL *s; + { + unsigned char *p; + int i; + + p=(unsigned char *)s->init_buf->data; + if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) + { + i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); + if (i < (1-s->init_num)) + return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i)); + + s->state= SSL2_ST_GET_SERVER_VERIFY_B; + s->init_num=0; + if (*p != SSL2_MT_SERVER_VERIFY) + { + if (p[0] != SSL2_MT_ERROR) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_SERVER_VERIFY, + SSL_R_READ_WRONG_PACKET_TYPE); + } + else + SSLerr(SSL_F_GET_SERVER_VERIFY, + SSL_R_PEER_ERROR); + return(-1); + } + } + + p=(unsigned char *)s->init_buf->data; + i=ssl2_read(s,(char *)&(p[s->init_num]), + (unsigned int)s->s2->challenge_length-s->init_num); + if (i < ((int)s->s2->challenge_length-s->init_num)) + return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i)); + if (memcmp(p,s->s2->challenge,(unsigned int)s->s2->challenge_length) != 0) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT); + return(-1); + } + return(1); + } + +static int get_server_finished(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p; + int i; + + buf=(unsigned char *)s->init_buf->data; + p=buf; + if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) + { + i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num); + if (i < (1-s->init_num)) + return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i)); + s->init_num=i; + if (*p == SSL2_MT_REQUEST_CERTIFICATE) + { + s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_A; + return(1); + } + else if (*p != SSL2_MT_SERVER_FINISHED) + { + if (p[0] != SSL2_MT_ERROR) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE); + } + else + SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR); + return(-1); + } + s->state=SSL_ST_OK; + s->init_num=0; + } + + i=ssl2_read(s,(char *)&(buf[s->init_num]), + SSL2_SSL_SESSION_ID_LENGTH-s->init_num); + if (i < (SSL2_SSL_SESSION_ID_LENGTH-s->init_num)) + return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i)); + + if (!s->hit) /* new session */ + { + /* new session-id */ + s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; + memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH); + } + else + { + if (!(s->ctx->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) + { + if (memcmp(buf,s->session->session_id, + (unsigned int)s->session->session_id_length) != 0) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT); + return(-1); + } + } + } + return(1); + } + +/* loads in the certificate from the server */ +int ssl2_set_certificate(s, type, len, data) +SSL *s; +int type; +int len; +unsigned char *data; + { + STACK *sk=NULL; + EVP_PKEY *pkey=NULL; + CERT *c=NULL; + int i; + X509 *x509=NULL; + int ret=0; + + x509=d2i_X509(NULL,&data,(long)len); + if (x509 == NULL) + { + SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_X509_LIB); + goto err; + } + + if (((sk=sk_new_null()) == NULL) || + (!sk_push(sk,(char *)x509))) + { + SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto err; + } + + i=ssl_verify_cert_chain(s,sk); + + if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)) + { + SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED); + goto err; + } + + /* cert for ssl */ + c=ssl_cert_new(); + if (c == NULL) + { + ret= -1; + goto err; + } + + /* cert for session */ + if (s->session->cert) ssl_cert_free(s->session->cert); + s->session->cert=c; + +/* c->cert_type=type; */ + + c->pkeys[SSL_PKEY_RSA_ENC].x509=x509; + c->key= &(c->pkeys[SSL_PKEY_RSA_ENC]); + + pkey=X509_get_pubkey(x509); + x509=NULL; + if (pkey == NULL) + { + SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY); + goto err; + } + if (pkey->type != EVP_PKEY_RSA) + { + SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_PUBLIC_KEY_NOT_RSA); + goto err; + } + + if (!ssl_set_cert_type(c,SSL2_CT_X509_CERTIFICATE)) + goto err; + ret=1; +err: + if (sk != NULL) sk_free(sk); + if (x509 != NULL) X509_free(x509); + return(ret); + } + +static int ssl_rsa_public_encrypt(c, len, from, to, padding) +CERT *c; +int len; +unsigned char *from; +unsigned char *to; +int padding; + { + EVP_PKEY *pkey=NULL; + int i= -1; + + if ((c == NULL) || (c->key->x509 == NULL) || + ((pkey=X509_get_pubkey(c->key->x509)) == NULL)) + { + SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY); + return(-1); + } + if (pkey->type != EVP_PKEY_RSA) + { + SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA); + goto end; + } + + /* we have the public key */ + i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding); + if (i < 0) + SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB); +end: + return(i); + } + diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c new file mode 100644 index 0000000000..b915f099e5 --- /dev/null +++ b/ssl/s2_enc.c @@ -0,0 +1,187 @@ +/* ssl/s2_enc.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "ssl_locl.h" + +#define RS 0 +#define WS 1 + +int ssl2_enc_init(s, client) +SSL *s; +int client; + { + /* Max number of bytes needed */ + EVP_CIPHER_CTX *rs,*ws; + EVP_CIPHER *c; + EVP_MD *md; + int num; + + if (!ssl_cipher_get_evp(s->session->cipher,&c,&md)) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); + return(0); + } + + s->read_hash=md; + s->write_hash=md; + + if ((s->enc_read_ctx == NULL) && + ((s->enc_read_ctx=(EVP_CIPHER_CTX *) + Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + goto err; + if ((s->enc_write_ctx == NULL) && + ((s->enc_write_ctx=(EVP_CIPHER_CTX *) + Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + goto err; + + rs= s->enc_read_ctx; + ws= s->enc_write_ctx; + + num=c->key_len; + s->s2->key_material_length=num*2; + + ssl2_generate_key_material(s); + + EVP_EncryptInit(ws,c,&(s->s2->key_material[(client)?num:0]), + s->session->key_arg); + EVP_DecryptInit(rs,c,&(s->s2->key_material[(client)?0:num]), + s->session->key_arg); + s->s2->read_key= &(s->s2->key_material[(client)?0:num]); + s->s2->write_key= &(s->s2->key_material[(client)?num:0]); + return(1); +err: + SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE); + return(0); + } + +/* read/writes from s->s2->mac_data using length for encrypt and + * decrypt. It sets the s->s2->padding, s->[rw]length and + * s->s2->pad_data ptr if we are encrypting */ +void ssl2_enc(s,send) +SSL *s; +int send; + { + EVP_CIPHER_CTX *ds; + unsigned long l; + int bs; + + if (send) + { + ds=s->enc_write_ctx; + l=s->s2->wlength; + } + else + { + ds=s->enc_read_ctx; + l=s->s2->rlength; + } + + /* check for NULL cipher */ + if (ds == NULL) return; + + + bs=ds->cipher->block_size; + /* This should be using (bs-1) and bs instead of 7 and 8, but + * what the hell. */ + if (bs == 8) + l=(l+7)/8*8; + + EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l); + } + +void ssl2_mac(s, md,send) +SSL *s; +unsigned char *md; +int send; + { + EVP_MD_CTX c; + unsigned char sequence[4],*p,*sec,*act; + unsigned long seq; + unsigned int len; + + if (send) + { + seq=s->s2->write_sequence; + sec=s->s2->write_key; + len=s->s2->wact_data_length; + act=s->s2->wact_data; + } + else + { + seq=s->s2->read_sequence; + sec=s->s2->read_key; + len=s->s2->ract_data_length; + act=s->s2->ract_data; + } + + p= &(sequence[0]); + l2n(seq,p); + + /* There has to be a MAC algorithm. */ + EVP_DigestInit(&c,s->read_hash); + EVP_DigestUpdate(&c,sec, + EVP_CIPHER_CTX_key_length(s->enc_read_ctx)); + EVP_DigestUpdate(&c,act,len); + /* the above line also does the pad data */ + EVP_DigestUpdate(&c,sequence,4); + EVP_DigestFinal(&c,md,NULL); + /* some would say I should zero the md context */ + } + diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c new file mode 100644 index 0000000000..fb91582217 --- /dev/null +++ b/ssl/s2_lib.c @@ -0,0 +1,455 @@ +/* ssl/s2_lib.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "rsa.h" +#include "objects.h" +#include "ssl_locl.h" + +#ifndef NOPROTO +static int ssl2_ok(SSL *s); +static long ssl2_default_timeout(void ); +#else +static int ssl2_ok(); +static long ssl2_default_timeout(); +#endif + +char *ssl2_version_str="SSLv2 part of SSLeay 0.8.1b 29-Jun-1998"; + +#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) + +SSL_CIPHER ssl2_ciphers[]={ +/* NULL_WITH_MD5 v3 */ +#if 0 + { + 1, + SSL2_TXT_NULL_WITH_MD5, + SSL2_CK_NULL_WITH_MD5, + SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_EXP|SSL_SSLV2, + 0, + SSL_ALL_CIPHERS, + }, +#endif +/* RC4_128_EXPORT40_WITH_MD5 */ + { + 1, + SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, + SSL2_CK_RC4_128_EXPORT40_WITH_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP|SSL_SSLV2, + SSL2_CF_5_BYTE_ENC, + SSL_ALL_CIPHERS, + }, +/* RC4_128_WITH_MD5 */ + { + 1, + SSL2_TXT_RC4_128_WITH_MD5, + SSL2_CK_RC4_128_WITH_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM, + 0, + SSL_ALL_CIPHERS, + }, +/* RC2_128_CBC_EXPORT40_WITH_MD5 */ + { + 1, + SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, + SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP|SSL_SSLV2, + SSL2_CF_5_BYTE_ENC, + SSL_ALL_CIPHERS, + }, +/* RC2_128_CBC_WITH_MD5 */ + { + 1, + SSL2_TXT_RC2_128_CBC_WITH_MD5, + SSL2_CK_RC2_128_CBC_WITH_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM, + 0, + SSL_ALL_CIPHERS, + }, +/* IDEA_128_CBC_WITH_MD5 */ + { + 1, + SSL2_TXT_IDEA_128_CBC_WITH_MD5, + SSL2_CK_IDEA_128_CBC_WITH_MD5, + SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM, + 0, + SSL_ALL_CIPHERS, + }, +/* DES_64_CBC_WITH_MD5 */ + { + 1, + SSL2_TXT_DES_64_CBC_WITH_MD5, + SSL2_CK_DES_64_CBC_WITH_MD5, + SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* DES_64_CBC_WITH_SHA */ +#if 0 + { + 1, + SSL2_TXT_DES_64_CBC_WITH_SHA, + SSL2_CK_DES_64_CBC_WITH_SHA, + SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA0|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +#endif +/* DES_192_EDE3_CBC_WITH_MD5 */ + { + 1, + SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, + SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, + SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, +/* DES_192_EDE3_CBC_WITH_SHA */ +#if 0 + { + 1, + SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA, + SSL2_CK_DES_192_EDE3_CBC_WITH_SHA, + SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_SHA0|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, +#endif +/* RC4_64_WITH_MD5 */ +#if 1 + { + 1, + SSL2_TXT_RC4_64_WITH_MD5, + SSL2_CK_RC4_64_WITH_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2|SSL_LOW, + SSL2_CF_8_BYTE_ENC, + SSL_ALL_CIPHERS, + }, +#endif +/* NULL SSLeay (testing) */ +#if 0 + { + 0, + SSL2_TXT_NULL, + SSL2_CK_NULL, + 0, + SSL_ALL_CIPHERS, + }, +#endif + +/* end of list :-) */ + }; + +static SSL_METHOD SSLv2_data= { + 2, + ssl2_new, /* local */ + ssl2_clear, /* local */ + ssl2_free, /* local */ + ssl_undefined_function, + ssl_undefined_function, + ssl2_read, + ssl2_peek, + ssl2_write, + ssl2_shutdown, + ssl2_ok, + ssl2_ctrl, /* local */ + ssl2_ctx_ctrl, /* local */ + ssl2_get_cipher_by_char, + ssl2_put_cipher_by_char, + ssl2_pending, + ssl2_num_ciphers, + ssl2_get_cipher, + ssl_bad_method, + ssl2_default_timeout, + }; + +static long ssl2_default_timeout() + { + return(300); + } + +SSL_METHOD *sslv2_base_method() + { + return(&SSLv2_data); + } + +int ssl2_num_ciphers() + { + return(SSL2_NUM_CIPHERS); + } + +SSL_CIPHER *ssl2_get_cipher(u) +unsigned int u; + { + if (u < SSL2_NUM_CIPHERS) + return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u])); + else + return(NULL); + } + +int ssl2_pending(s) +SSL *s; + { + return(s->s2->ract_data_length); + } + +int ssl2_new(s) +SSL *s; + { + SSL2_CTX *s2; + + if ((s2=(SSL2_CTX *)Malloc(sizeof(SSL2_CTX))) == NULL) goto err; + + if ((s2->rbuf=(unsigned char *)Malloc( + SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; + if ((s2->wbuf=(unsigned char *)Malloc( + SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; + s->s2=s2; + + ssl2_clear(s); + return(1); +err: + if (s2 != NULL) + { + if (s2->wbuf != NULL) Free(s2->wbuf); + if (s2->rbuf != NULL) Free(s2->rbuf); + Free(s2); + } + return(0); + } + +void ssl2_free(s) +SSL *s; + { + SSL2_CTX *s2; + + s2=s->s2; + if (s2->rbuf != NULL) Free(s2->rbuf); + if (s2->wbuf != NULL) Free(s2->wbuf); + memset(s2,0,sizeof(SSL2_CTX)); + Free(s2); + s->s2=NULL; + } + +void ssl2_clear(s) +SSL *s; + { + SSL2_CTX *s2; + unsigned char *rbuf,*wbuf; + + s2=s->s2; + + rbuf=s2->rbuf; + wbuf=s2->wbuf; + + memset(s2,0,sizeof(SSL2_CTX)); + + s2->rbuf=rbuf; + s2->wbuf=wbuf; + s2->clear_text=1; + s2->first_packet=0; + s->packet=s2->rbuf; + s->version=2; + s->packet_length=0; + } + +long ssl2_ctrl(s,cmd,larg,parg) +SSL *s; +int cmd; +long larg; +char *parg; + { + return(0); + } + +long ssl2_ctx_ctrl(ctx,cmd,larg,parg) +SSL_CTX *ctx; +int cmd; +long larg; +char *parg; + { + return(0); + } + +/* This function needs to check if the ciphers required are actually + * available */ +SSL_CIPHER *ssl2_get_cipher_by_char(p) +unsigned char *p; + { + static int init=1; + static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS]; + SSL_CIPHER c,*cp= &c,**cpp; + unsigned long id; + int i; + + if (init) + { + init=0; + + for (i=0; i<SSL2_NUM_CIPHERS; i++) + sorted[i]= &(ssl2_ciphers[i]); + + qsort( (char *)sorted, + SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *), + FP_ICC ssl_cipher_ptr_id_cmp); + } + + id=0x02000000L|((unsigned long)p[0]<<16L)| + ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; + c.id=id; + cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp, + (char *)sorted, + SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *), + (int (*)())ssl_cipher_ptr_id_cmp); + if ((cpp == NULL) || !(*cpp)->valid) + return(NULL); + else + return(*cpp); + } + +int ssl2_put_cipher_by_char(c,p) +SSL_CIPHER *c; +unsigned char *p; + { + long l; + + if (p != NULL) + { + l=c->id; + if ((l & 0xff000000) != 0x02000000) return(0); + p[0]=((unsigned char)(l>>16L))&0xFF; + p[1]=((unsigned char)(l>> 8L))&0xFF; + p[2]=((unsigned char)(l ))&0xFF; + } + return(3); + } + +void ssl2_generate_key_material(s) +SSL *s; + { + unsigned int i; + MD5_CTX ctx; + unsigned char *km; + unsigned char c='0'; + + km=s->s2->key_material; + for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) + { + MD5_Init(&ctx); + + MD5_Update(&ctx,s->session->master_key,s->session->master_key_length); + MD5_Update(&ctx,(unsigned char *)&c,1); + c++; + MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length); + MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length); + MD5_Final(km,&ctx); + km+=MD5_DIGEST_LENGTH; + } + } + +void ssl2_return_error(s,err) +SSL *s; +int err; + { + if (!s->error) + { + s->error=3; + s->error_code=err; + + ssl2_write_error(s); + } + } + + +void ssl2_write_error(s) +SSL *s; + { + char buf[3]; + int i,error; + + buf[0]=SSL2_MT_ERROR; + buf[1]=(s->error_code>>8)&0xff; + buf[2]=(s->error_code)&0xff; + +/* state=s->rwstate;*/ + error=s->error; + s->error=0; + i=ssl2_write(s,&(buf[3-error]),error); +/* if (i == error) s->rwstate=state; */ + + if (i < 0) + s->error=error; + else if (i != s->error) + s->error=error-i; + /* else + s->error=0; */ + } + +static int ssl2_ok(s) +SSL *s; + { + return(1); + } + +int ssl2_shutdown(s) +SSL *s; + { + s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); + return(1); + } + diff --git a/ssl/s2_meth.c b/ssl/s2_meth.c new file mode 100644 index 0000000000..0b8c2acb48 --- /dev/null +++ b/ssl/s2_meth.c @@ -0,0 +1,88 @@ +/* ssl/s2_meth.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "objects.h" +#include "ssl_locl.h" + +static SSL_METHOD *ssl2_get_method(ver) +int ver; + { + if (ver == 2) + return(SSLv2_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv2_method() + { + static int init=1; + static SSL_METHOD SSLv2_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(), + sizeof(SSL_METHOD)); + SSLv2_data.ssl_connect=ssl2_connect; + SSLv2_data.ssl_accept=ssl2_accept; + SSLv2_data.get_ssl_method=ssl2_get_method; + } + return(&SSLv2_data); + } + diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c new file mode 100644 index 0000000000..84bea33e2e --- /dev/null +++ b/ssl/s2_pkt.c @@ -0,0 +1,651 @@ +/* ssl/s2_pkt.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <errno.h> +#define USE_SOCKETS +#include "ssl_locl.h" + +/* SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_NO_CIPHER); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_NO_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_UNKNOWN_REMOTE_ERROR_TYPE); + */ + +#ifndef NOPROTO +static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); +static int do_ssl_write(SSL *s, const char *buf, unsigned int len); +static int write_pending(SSL *s, const char *buf, unsigned int len); +static int ssl_mt_error(int n); +#else +static int read_n(); +static int do_ssl_write(); +static int write_pending(); +static int ssl_mt_error(); +#endif + +int ssl2_peek(s,buf,len) +SSL *s; +char *buf; +int len; + { + int ret; + + ret=ssl2_read(s,buf,len); + if (ret > 0) + { + s->s2->ract_data_length+=ret; + s->s2->ract_data-=ret; + } + return(ret); + } + +/* SSL_read - + * This routine will return 0 to len bytes, decrypted etc if required. + */ +int ssl2_read(s, buf, len) +SSL *s; +char *buf; +int len; + { + int n; + unsigned char mac[MAX_MAC_SIZE]; + unsigned char *p; + int i; + unsigned int mac_size=0; + + if (SSL_in_init(s) && !s->in_handshake) + { + n=s->handshake_func(s); + if (n < 0) return(n); + if (n == 0) + { + SSLerr(SSL_F_SSL2_READ,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + } + + errno=0; + s->rwstate=SSL_NOTHING; + if (len <= 0) return(len); + + if (s->s2->ract_data_length != 0) /* read from buffer */ + { + if (len > s->s2->ract_data_length) + n=s->s2->ract_data_length; + else + n=len; + + memcpy(buf,s->s2->ract_data,(unsigned int)n); + s->s2->ract_data_length-=n; + s->s2->ract_data+=n; + if (s->s2->ract_data_length == 0) + s->rstate=SSL_ST_READ_HEADER; + return(n); + } + + if (s->rstate == SSL_ST_READ_HEADER) + { + if (s->first_packet) + { + n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0); + if (n <= 0) return(n); /* error or non-blocking */ + s->first_packet=0; + p=s->packet; + if (!((p[0] & 0x80) && ( + (p[2] == SSL2_MT_CLIENT_HELLO) || + (p[2] == SSL2_MT_SERVER_HELLO)))) + { + SSLerr(SSL_F_SSL2_READ,SSL_R_NON_SSLV2_INITIAL_PACKET); + return(-1); + } + } + else + { + n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0); + if (n <= 0) return(n); /* error or non-blocking */ + } + /* part read stuff */ + + s->rstate=SSL_ST_READ_BODY; + p=s->packet; + /* Do header */ + /*s->s2->padding=0;*/ + s->s2->escape=0; + s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]); + if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */ + { + s->s2->three_byte_header=0; + s->s2->rlength&=TWO_BYTE_MASK; + } + else + { + s->s2->three_byte_header=1; + s->s2->rlength&=THREE_BYTE_MASK; + + /* security >s2->escape */ + s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0; + } + } + + if (s->rstate == SSL_ST_READ_BODY) + { + n=s->s2->rlength+2+s->s2->three_byte_header; + if (n > (int)s->packet_length) + { + n-=s->packet_length; + i=read_n(s,(unsigned int)n,(unsigned int)n,1); + if (i <= 0) return(i); /* ERROR */ + } + + p= &(s->packet[2]); + s->rstate=SSL_ST_READ_HEADER; + if (s->s2->three_byte_header) + s->s2->padding= *(p++); + else s->s2->padding=0; + + /* Data portion */ + if (s->s2->clear_text) + { + s->s2->mac_data=p; + s->s2->ract_data=p; + s->s2->pad_data=NULL; + } + else + { + mac_size=EVP_MD_size(s->read_hash); + s->s2->mac_data=p; + s->s2->ract_data= &p[mac_size]; + s->s2->pad_data= &p[mac_size+ + s->s2->rlength-s->s2->padding]; + } + + s->s2->ract_data_length=s->s2->rlength; + /* added a check for length > max_size in case + * encryption was not turned on yet due to an error */ + if ((!s->s2->clear_text) && + (s->s2->rlength >= mac_size)) + { + ssl2_enc(s,0); + s->s2->ract_data_length-=mac_size; + ssl2_mac(s,mac,0); + s->s2->ract_data_length-=s->s2->padding; + if ( (memcmp(mac,s->s2->mac_data, + (unsigned int)mac_size) != 0) || + (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) + { + SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_MAC_DECODE); + return(SSL_RWERR_BAD_MAC_DECODE); + } + } + INC32(s->s2->read_sequence); /* expect next number */ + /* s->s2->ract_data is now available for processing */ + + /* If a 0 byte packet was sent, return 0, otherwise + * we play havoc with people using select with + * blocking sockets. Let them handle a packet at a time, + * they should really be using non-blocking sockets. */ + if (s->s2->ract_data_length == 0) + return(0); + return(ssl2_read(s,buf,len)); + } + else + { + SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_STATE); + return(SSL_RWERR_INTERNAL_ERROR); + } + } + +static int read_n(s, n, max, extend) +SSL *s; +unsigned int n; +unsigned int max; +unsigned int extend; + { + int i,off,newb; + + /* if there is stuff still in the buffer from a previous read, + * and there is more than we want, take some. */ + if (s->s2->rbuf_left >= (int)n) + { + if (extend) + s->packet_length+=n; + else + { + s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]); + s->packet_length=n; + } + s->s2->rbuf_left-=n; + s->s2->rbuf_offs+=n; + return(n); + } + + if (!s->read_ahead) max=n; + if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) + max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2; + + + /* Else we want more than we have. + * First, if there is some left or we want to extend */ + off=0; + if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) + { + newb=s->s2->rbuf_left; + if (extend) + { + off=s->packet_length; + if (s->packet != s->s2->rbuf) + memcpy(s->s2->rbuf,s->packet, + (unsigned int)newb+off); + } + else if (s->s2->rbuf_offs != 0) + { + memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]), + (unsigned int)newb); + s->s2->rbuf_offs=0; + } + s->s2->rbuf_left=0; + } + else + newb=0; + + /* off is the offset to start writing too. + * r->s2->rbuf_offs is the 'unread data', now 0. + * newb is the number of new bytes so far + */ + s->packet=s->s2->rbuf; + while (newb < (int)n) + { + errno=0; + if (s->rbio != NULL) + { + s->rwstate=SSL_READING; + i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]), + max-newb); + } + else + { + SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET); + i= -1; + } +#ifdef PKT_DEBUG + if (s->debug & 0x01) sleep(1); +#endif + if (i <= 0) + { + s->s2->rbuf_left+=newb; + return(i); + } + newb+=i; + } + + /* record unread data */ + if (newb > (int)n) + { + s->s2->rbuf_offs=n+off; + s->s2->rbuf_left=newb-n; + } + else + { + s->s2->rbuf_offs=0; + s->s2->rbuf_left=0; + } + if (extend) + s->packet_length+=n; + else + s->packet_length=n; + s->rwstate=SSL_NOTHING; + return(n); + } + +int ssl2_write(s, buf, len) +SSL *s; +const char *buf; +int len; + { + unsigned int n,tot; + int i; + + if (SSL_in_init(s) && !s->in_handshake) + { + i=s->handshake_func(s); + if (i < 0) return(i); + if (i == 0) + { + SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + } + + if (s->error) + { + ssl2_write_error(s); + if (s->error) + return(-1); + } + + errno=0; + s->rwstate=SSL_NOTHING; + if (len <= 0) return(len); + + tot=s->s2->wnum; + s->s2->wnum=0; + + n=(len-tot); + for (;;) + { + i=do_ssl_write(s,&(buf[tot]),n); + if (i <= 0) + { + s->s2->wnum=tot; + return(i); + } + if (i == (int)n) return(tot+i); + + n-=i; + tot+=i; + } + } + +static int write_pending(s,buf,len) +SSL *s; +const char *buf; +unsigned int len; + { + int i; + + /* s->s2->wpend_len != 0 MUST be true. */ + + /* check that they have given us the same buffer to + * write */ + if ((s->s2->wpend_tot != (int)len) || (s->s2->wpend_buf != buf)) + { + SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); + return(SSL_RWERR_BAD_WRITE_RETRY); + } + + for (;;) + { + errno=0; + if (s->wbio != NULL) + { + s->rwstate=SSL_WRITING; + i=BIO_write(s->wbio, + (char *)&(s->s2->write_ptr[s->s2->wpend_off]), + (unsigned int)s->s2->wpend_len); + } + else + { + SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET); + i= -1; + } +#ifdef PKT_DEBUG + if (s->debug & 0x01) sleep(1); +#endif + if (i == s->s2->wpend_len) + { + s->s2->wpend_len=0; + s->rwstate=SSL_NOTHING; + return(s->s2->wpend_ret); + } + else if (i <= 0) + return(i); + s->s2->wpend_off+=i; + s->s2->wpend_len-=i; + } + } + +static int do_ssl_write(s, buf, len) +SSL *s; +const char *buf; +unsigned int len; + { + unsigned int j,k,olen,p,mac_size,bs; + register unsigned char *pp; + + olen=len; + + /* first check if there is data from an encryption waiting to + * be sent - it must be sent because the other end is waiting. + * This will happen with non-blocking IO. We print it and then + * return. + */ + if (s->s2->wpend_len != 0) return(write_pending(s,buf,len)); + + /* set mac_size to mac size */ + if (s->s2->clear_text) + mac_size=0; + else + mac_size=EVP_MD_size(s->write_hash); + + /* lets set the pad p */ + if (s->s2->clear_text) + { + if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) + len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; + p=0; + s->s2->three_byte_header=0; + /* len=len; */ + } + else + { + bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx); + j=len+mac_size; + if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) && + (!s->s2->escape)) + { + if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) + j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; + /* set k to the max number of bytes with 2 + * byte header */ + k=j-(j%bs); + /* how many data bytes? */ + len=k-mac_size; + s->s2->three_byte_header=0; + p=0; + } + else if ((bs <= 1) && (!s->s2->escape)) + { + /* len=len; */ + s->s2->three_byte_header=0; + p=0; + } + else /* 3 byte header */ + { + /*len=len; */ + p=(j%bs); + p=(p == 0)?0:(bs-p); + if (s->s2->escape) + s->s2->three_byte_header=1; + else + s->s2->three_byte_header=(p == 0)?0:1; + } + } + /* mac_size is the number of MAC bytes + * len is the number of data bytes we are going to send + * p is the number of padding bytes + * if p == 0, it is a 2 byte header */ + + s->s2->wlength=len; + s->s2->padding=p; + s->s2->mac_data= &(s->s2->wbuf[3]); + s->s2->wact_data= &(s->s2->wbuf[3+mac_size]); + /* we copy the data into s->s2->wbuf */ + memcpy(s->s2->wact_data,buf,len); +#ifdef PURIFY + if (p) + memset(&(s->s2->wact_data[len]),0,p); +#endif + + if (!s->s2->clear_text) + { + s->s2->wact_data_length=len+p; + ssl2_mac(s,s->s2->mac_data,1); + s->s2->wlength+=p+mac_size; + ssl2_enc(s,1); + } + + /* package up the header */ + s->s2->wpend_len=s->s2->wlength; + if (s->s2->three_byte_header) /* 3 byte header */ + { + pp=s->s2->mac_data; + pp-=3; + pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8); + if (s->s2->escape) pp[0]|=SEC_ESC_BIT; + pp[1]=s->s2->wlength&0xff; + pp[2]=s->s2->padding; + s->s2->wpend_len+=3; + } + else + { + pp=s->s2->mac_data; + pp-=2; + pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT; + pp[1]=s->s2->wlength&0xff; + s->s2->wpend_len+=2; + } + s->s2->write_ptr=pp; + + INC32(s->s2->write_sequence); /* expect next number */ + + /* lets try to actually write the data */ + s->s2->wpend_tot=olen; + s->s2->wpend_buf=(char *)buf; + + s->s2->wpend_ret=len; + + s->s2->wpend_off=0; + return(write_pending(s,buf,olen)); + } + +int ssl2_part_read(s,f,i) +SSL *s; +unsigned long f; +int i; + { + unsigned char *p; + int j; + + /* check for error */ + if ((s->init_num == 0) && (i >= 3)) + { + p=(unsigned char *)s->init_buf->data; + if (p[0] == SSL2_MT_ERROR) + { + j=(p[1]<<8)|p[2]; + SSLerr((int)f,ssl_mt_error(j)); + } + } + + if (i < 0) + { + /* ssl2_return_error(s); */ + /* for non-blocking io, + * this is not fatal */ + return(i); + } + else + { + s->init_num+=i; + return(0); + } + } + +int ssl2_do_write(s) +SSL *s; + { + int ret; + + ret=ssl2_write(s,(char *)&(s->init_buf->data[s->init_off]), + s->init_num); + if (ret == s->init_num) + return(1); + if (ret < 0) + return(-1); + s->init_off+=ret; + s->init_num-=ret; + return(0); + } + +static int ssl_mt_error(n) +int n; + { + int ret; + + switch (n) + { + case SSL2_PE_NO_CIPHER: + ret=SSL_R_PEER_ERROR_NO_CIPHER; + break; + case SSL2_PE_NO_CERTIFICATE: + ret=SSL_R_PEER_ERROR_NO_CERTIFICATE; + break; + case SSL2_PE_BAD_CERTIFICATE: + ret=SSL_R_PEER_ERROR_CERTIFICATE; + break; + case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE: + ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE; + break; + default: + ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE; + break; + } + return(ret); + } diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c new file mode 100644 index 0000000000..0112397e53 --- /dev/null +++ b/ssl/s2_srvr.c @@ -0,0 +1,983 @@ +/* ssl/s2_srvr.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#ifdef NO_MD5 +#include "md5.h" +#endif +#include "bio.h" +#include "rand.h" +#include "objects.h" +#include "ssl_locl.h" +#include "evp.h" + +#ifndef NOPROTO +static int get_client_master_key(SSL *s); +static int get_client_hello(SSL *s); +static int server_hello(SSL *s); +static int get_client_finished(SSL *s); +static int server_verify(SSL *s); +static int server_finish(SSL *s); +static int request_certificate(SSL *s); +static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, + unsigned char *to,int padding); +#else +static int get_client_master_key(); +static int get_client_hello(); +static int server_hello(); +static int get_client_finished(); +static int server_verify(); +static int server_finish(); +static int request_certificate(); +static int ssl_rsa_private_decrypt(); +#endif + +#define BREAK break + +static SSL_METHOD *ssl2_get_server_method(ver) +int ver; + { + if (ver == 2) + return(SSLv2_server_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv2_server_method() + { + static int init=1; + static SSL_METHOD SSLv2_server_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(), + sizeof(SSL_METHOD)); + SSLv2_server_data.ssl_accept=ssl2_accept; + SSLv2_server_data.get_ssl_method=ssl2_get_server_method; + } + return(&SSLv2_server_data); + } + +int ssl2_accept(s) +SSL *s; + { + unsigned long l=time(NULL); + BUF_MEM *buf=NULL; + int ret= -1; + long num1; + void (*cb)()=NULL; + int new_state,state; + + RAND_seed((unsigned char *)&l,sizeof(l)); + ERR_clear_error(); + errno=0; + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + /* init things to blank */ + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + + if (((s->session == NULL) || (s->session->cert == NULL)) && + (s->cert == NULL)) + { + SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET); + return(-1); + } + + errno=0; + for (;;) + { + state=s->state; + + switch (s->state) + { + case SSL_ST_BEFORE: + case SSL_ST_ACCEPT: + case SSL_ST_BEFORE|SSL_ST_ACCEPT: + case SSL_ST_OK|SSL_ST_ACCEPT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + s->version=2; + s->type=SSL_ST_ACCEPT; + + buf=s->init_buf; + if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) + { ret= -1; goto end; } + if (!BUF_MEM_grow(buf,(int) + SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) + { ret= -1; goto end; } + s->init_buf=buf; + s->init_num=0; + s->ctx->sess_accept++; + s->handshake_func=ssl2_accept; + s->state=SSL2_ST_GET_CLIENT_HELLO_A; + BREAK; + + case SSL2_ST_GET_CLIENT_HELLO_A: + case SSL2_ST_GET_CLIENT_HELLO_B: + case SSL2_ST_GET_CLIENT_HELLO_C: + s->shutdown=0; + ret=get_client_hello(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL2_ST_SEND_SERVER_HELLO_A; + BREAK; + + case SSL2_ST_SEND_SERVER_HELLO_A: + case SSL2_ST_SEND_SERVER_HELLO_B: + ret=server_hello(s); + if (ret <= 0) goto end; + s->init_num=0; + if (!s->hit) + { + s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A; + BREAK; + } + else + { + s->state=SSL2_ST_SERVER_START_ENCRYPTION; + BREAK; + } + case SSL2_ST_GET_CLIENT_MASTER_KEY_A: + case SSL2_ST_GET_CLIENT_MASTER_KEY_B: + ret=get_client_master_key(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL2_ST_SERVER_START_ENCRYPTION; + BREAK; + + case SSL2_ST_SERVER_START_ENCRYPTION: + /* Ok we how have sent all the stuff needed to + * start encrypting, the next packet back will + * be encrypted. */ + if (!ssl2_enc_init(s,0)) + { ret= -1; goto end; } + s->s2->clear_text=0; + s->state=SSL2_ST_SEND_SERVER_VERIFY_A; + BREAK; + + case SSL2_ST_SEND_SERVER_VERIFY_A: + case SSL2_ST_SEND_SERVER_VERIFY_B: + ret=server_verify(s); + if (ret <= 0) goto end; + s->init_num=0; + if (s->hit) + { + /* If we are in here, we have been + * buffering the output, so we need to + * flush it and remove buffering from + * future traffic */ + s->state=SSL2_ST_SEND_SERVER_VERIFY_C; + BREAK; + } + else + { + s->state=SSL2_ST_GET_CLIENT_FINISHED_A; + break; + } + + case SSL2_ST_SEND_SERVER_VERIFY_C: + /* get the number of bytes to write */ + num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); + if (num1 != 0) + { + s->rwstate=SSL_WRITING; + num1=BIO_flush(s->wbio); + if (num1 <= 0) { ret= -1; goto end; } + s->rwstate=SSL_NOTHING; + } + + /* flushed and now remove buffering */ + s->wbio=BIO_pop(s->wbio); + + s->state=SSL2_ST_GET_CLIENT_FINISHED_A; + BREAK; + + case SSL2_ST_GET_CLIENT_FINISHED_A: + case SSL2_ST_GET_CLIENT_FINISHED_B: + ret=get_client_finished(s); + if (ret <= 0) + goto end; + s->init_num=0; + s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A; + BREAK; + + case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: + case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: + case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: + case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: + /* don't do a 'request certificate' if we + * don't want to, or we already have one, and + * we only want to do it once. */ + if (!(s->verify_mode & SSL_VERIFY_PEER) || + ((s->session->peer != NULL) && + (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) + { + s->state=SSL2_ST_SEND_SERVER_FINISHED_A; + break; + } + else + { + ret=request_certificate(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL2_ST_SEND_SERVER_FINISHED_A; + } + BREAK; + + case SSL2_ST_SEND_SERVER_FINISHED_A: + case SSL2_ST_SEND_SERVER_FINISHED_B: + ret=server_finish(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL_ST_OK; + break; + + case SSL_ST_OK: + BUF_MEM_free(s->init_buf); + s->init_buf=NULL; + s->init_num=0; + /* ERR_clear_error();*/ + + ssl_update_cache(s,SSL_SESS_CACHE_SERVER); + + s->ctx->sess_accept_good++; + /* s->server=1; */ + ret=1; + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); + + goto end; + BREAK; + + default: + SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + BREAK; + } + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_ACCEPT_LOOP,1); + s->state=new_state; + } + } +end: + s->in_handshake--; + if (cb != NULL) + cb(s,SSL_CB_ACCEPT_EXIT,ret); + return(ret); + } + +static int get_client_master_key(s) +SSL *s; + { + int export,i,n,keya,ek; + unsigned char *p; + SSL_CIPHER *cp; + EVP_CIPHER *c; + EVP_MD *md; + + p=(unsigned char *)s->init_buf->data; + if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) + { + i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num); + + if (i < (10-s->init_num)) + return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); + if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) + { + if (p[-1] != SSL2_MT_ERROR) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE); + } + else + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, + SSL_R_PEER_ERROR); + return(-1); + } + + cp=ssl2_get_cipher_by_char(p); + if (cp == NULL) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, + SSL_R_NO_CIPHER_MATCH); + return(-1); + } + s->session->cipher= cp; + + p+=3; + n2s(p,i); s->s2->tmp.clear=i; + n2s(p,i); s->s2->tmp.enc=i; + n2s(p,i); s->session->key_arg_length=i; + s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B; + s->init_num=0; + } + + /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ + p=(unsigned char *)s->init_buf->data; + keya=s->session->key_arg_length; + n=s->s2->tmp.clear+s->s2->tmp.enc+keya - s->init_num; + i=ssl2_read(s,(char *)&(p[s->init_num]),n); + if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); + + memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]), + (unsigned int)keya); + + if (s->session->cert->key->privatekey == NULL) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); + return(-1); + } + i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, + &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), + (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); + + export=(s->session->cipher->algorithms & SSL_EXP)?1:0; + + if (!ssl_cipher_get_evp(s->session->cipher,&c,&md)) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); + return(0); + } + + if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) + { + export=1; + ek=8; + } + else + ek=5; + + /* bad decrypt */ +#if 1 + /* If a bad decrypt, continue with protocol but with a + * dud master secret */ + if ((i < 0) || + ((!export && (i != EVP_CIPHER_key_length(c))) + || ( export && ((i != ek) || (s->s2->tmp.clear+i != + EVP_CIPHER_key_length(c)))))) + { + if (export) + i=ek; + else + i=EVP_CIPHER_key_length(c); + RAND_bytes(p,i); + } +#else + if (i < 0) + { + error=1; + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT); + } + /* incorrect number of key bytes for non export cipher */ + else if ((!export && (i != EVP_CIPHER_key_length(c))) + || ( export && ((i != ek) || (s->s2->tmp.clear+i != + EVP_CIPHER_key_length(c))))) + { + error=1; + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS); + } + if (error) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + return(-1); + } +#endif + + if (export) i+=s->s2->tmp.clear; + s->session->master_key_length=i; + memcpy(s->session->master_key,p,(unsigned int)i); + return(1); + } + +static int get_client_hello(s) +SSL *s; + { + int i,n; + unsigned char *p; + STACK *cs; /* a stack of SSL_CIPHERS */ + STACK *cl; /* the ones we want to use */ + int z; + + /* This is a bit of a hack to check for the correct packet + * type the first time round. */ + if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) + { + s->first_packet=1; + s->state=SSL2_ST_GET_CLIENT_HELLO_B; + } + + p=(unsigned char *)s->init_buf->data; + if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) + { + i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num); + if (i < (9-s->init_num)) + return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i)); + + if (*(p++) != SSL2_MT_CLIENT_HELLO) + { + if (p[-1] != SSL2_MT_ERROR) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE); + } + else + SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); + return(-1); + } + n2s(p,i); + if (i < s->version) s->version=i; + n2s(p,i); s->s2->tmp.cipher_spec_length=i; + n2s(p,i); s->s2->tmp.session_id_length=i; + n2s(p,i); s->s2->challenge_length=i; + if ( (i < SSL2_MIN_CHALLENGE_LENGTH) || + (i > SSL2_MAX_CHALLENGE_LENGTH)) + { + SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH); + return(-1); + } + s->state=SSL2_ST_GET_CLIENT_HELLO_C; + s->init_num=0; + } + + /* SSL2_ST_GET_CLIENT_HELLO_C */ + p=(unsigned char *)s->init_buf->data; + n=s->s2->tmp.cipher_spec_length+s->s2->challenge_length+ + s->s2->tmp.session_id_length-s->init_num; + i=ssl2_read(s,(char *)&(p[s->init_num]),n); + if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i)); + + /* get session-id before cipher stuff so we can get out session + * structure if it is cached */ + /* session-id */ + if ((s->s2->tmp.session_id_length != 0) && + (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH); + return(-1); + } + + if (s->s2->tmp.session_id_length == 0) + { + if (!ssl_get_new_session(s,1)) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + return(-1); + } + } + else + { + i=ssl_get_prev_session(s,s->s2->tmp.session_id_length, + &(p[s->s2->tmp.cipher_spec_length])); + if (i == 1) + { /* previous session */ + s->hit=1; + } + else if (i == -1) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + return(-1); + } + else + { + if (s->cert == NULL) + { + ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE); + SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET); + return(-1); + } + + if (!ssl_get_new_session(s,1)) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + return(-1); + } + } + } + + if (!s->hit) + { + cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length, + &s->session->ciphers); + if (cs == NULL) goto mem_err; + + cl=ssl_get_ciphers_by_id(s); + + for (z=0; z<sk_num(cs); z++) + { + if (sk_find(cl,sk_value(cs,z)) < 0) + { + sk_delete(cs,z); + z--; + } + } + + /* s->session->ciphers should now have a list of + * ciphers that are on both the client and server. + * This list is ordered by the order the client sent + * the ciphers. + */ + } + p+=s->s2->tmp.cipher_spec_length; + /* done cipher selection */ + + /* session id extracted already */ + p+=s->s2->tmp.session_id_length; + + /* challenge */ + memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length); + return(1); +mem_err: + SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); + return(0); + } + +static int server_hello(s) +SSL *s; + { + unsigned char *p,*d; + int n,hit; + STACK *sk; + + p=(unsigned char *)s->init_buf->data; + if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) + { + d=p+11; + *(p++)=SSL2_MT_SERVER_HELLO; /* type */ + hit=s->hit; + *(p++)=(unsigned char)hit; + if (!hit) + { /* else add cert to session */ + CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT); + if (s->session->cert != NULL) + ssl_cert_free(s->session->cert); + s->session->cert=s->cert; + } + else /* We have a session id-cache hit, if the + * session-id has no certificate listed against + * the 'cert' structure, grab the 'old' one + * listed against the SSL connection */ + { + if (s->session->cert == NULL) + { + CRYPTO_add(&s->cert->references,1, + CRYPTO_LOCK_SSL_CERT); + s->session->cert=s->cert; + } + } + + if (s->session->cert == NULL) + { + ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE); + SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED); + return(-1); + } + + if (hit) + { + *(p++)=0; /* no certificate type */ + s2n(s->version,p); /* version */ + s2n(0,p); /* cert len */ + s2n(0,p); /* ciphers len */ + } + else + { + /* EAY EAY */ + /* put certificate type */ + *(p++)=SSL2_CT_X509_CERTIFICATE; + s2n(s->version,p); /* version */ + n=i2d_X509(s->cert->key->x509,NULL); + s2n(n,p); /* certificate length */ + i2d_X509(s->cert->key->x509,&d); + n=0; + + /* lets send out the ciphers we like in the + * prefered order */ + sk= s->session->ciphers; + n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d); + d+=n; + s2n(n,p); /* add cipher length */ + } + + /* make and send conn_id */ + s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */ + s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH; + RAND_bytes(s->s2->conn_id,(int)s->s2->conn_id_length); + memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH); + d+=SSL2_CONNECTION_ID_LENGTH; + + s->state=SSL2_ST_SEND_SERVER_HELLO_B; + s->init_num=d-(unsigned char *)s->init_buf->data; + s->init_off=0; + } + /* SSL2_ST_SEND_SERVER_HELLO_B */ + /* If we are using TCP/IP, the performace is bad if we do 2 + * writes without a read between them. This occurs when + * Session-id reuse is used, so I will put in a buffering module + */ + if (s->hit) + { + BIO *buf; + + if (s->bbio == NULL) + { + buf=BIO_new(BIO_f_buffer()); + if (buf == NULL) + { + SSLerr(SSL_F_SERVER_HELLO,ERR_LIB_BUF); + return(-1); + } + s->bbio=buf; + } + else + buf=s->bbio; + + BIO_reset(buf); + s->wbio=BIO_push(buf,s->wbio); + } + + return(ssl2_do_write(s)); + } + +static int get_client_finished(s) +SSL *s; + { + unsigned char *p; + int i; + + p=(unsigned char *)s->init_buf->data; + if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) + { + i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); + if (i < 1-s->init_num) + return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i)); + + if (*p != SSL2_MT_CLIENT_FINISHED) + { + if (*p != SSL2_MT_ERROR) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE); + } + else + SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR); + return(-1); + } + s->init_num=0; + s->state=SSL2_ST_GET_CLIENT_FINISHED_B; + } + + /* SSL2_ST_GET_CLIENT_FINISHED_B */ + i=ssl2_read(s,(char *)&(p[s->init_num]),s->s2->conn_id_length-s->init_num); + if (i < (int)s->s2->conn_id_length-s->init_num) + { + return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i)); + } + if (memcmp(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length) != 0) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT); + return(-1); + } + return(1); + } + +static int server_verify(s) +SSL *s; + { + unsigned char *p; + + if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) + { + p=(unsigned char *)s->init_buf->data; + *(p++)=SSL2_MT_SERVER_VERIFY; + memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); + /* p+=s->s2->challenge_length; */ + + s->state=SSL2_ST_SEND_SERVER_VERIFY_B; + s->init_num=s->s2->challenge_length+1; + s->init_off=0; + } + return(ssl2_do_write(s)); + } + +static int server_finish(s) +SSL *s; + { + unsigned char *p; + + if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) + { + p=(unsigned char *)s->init_buf->data; + *(p++)=SSL2_MT_SERVER_FINISHED; + + memcpy(p,s->session->session_id, + (unsigned int)s->session->session_id_length); + /* p+=s->session->session_id_length; */ + + s->state=SSL2_ST_SEND_SERVER_FINISHED_B; + s->init_num=s->session->session_id_length+1; + s->init_off=0; + } + + /* SSL2_ST_SEND_SERVER_FINISHED_B */ + return(ssl2_do_write(s)); + } + +/* send the request and check the response */ +static int request_certificate(s) +SSL *s; + { + unsigned char *p,*p2,*buf2; + unsigned char *ccd; + int i,j,ctype,ret= -1; + X509 *x509=NULL; + STACK *sk=NULL; + + ccd=s->s2->tmp.ccl; + if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) + { + p=(unsigned char *)s->init_buf->data; + *(p++)=SSL2_MT_REQUEST_CERTIFICATE; + *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION; + RAND_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); + memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); + + s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B; + s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2; + s->init_off=0; + } + + if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) + { + i=ssl2_do_write(s); + if (i <= 0) + { + ret=i; + goto end; + } + + s->init_num=0; + s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C; + } + + if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) + { + p=(unsigned char *)s->init_buf->data; + i=ssl2_read(s,(char *)&(p[s->init_num]),6-s->init_num); + if (i < 3) + { + ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i); + goto end; + } + + if ((*p == SSL2_MT_ERROR) && (i >= 3)) + { + n2s(p,i); + if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) + { + ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); + SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); + goto end; + } + ret=1; + goto end; + } + if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (i < 6)) + { + ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ); + goto end; + } + /* ok we have a response */ + /* certificate type, there is only one right now. */ + ctype= *(p++); + if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) + { + ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); + SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT); + goto end; + } + n2s(p,i); s->s2->tmp.clen=i; + n2s(p,i); s->s2->tmp.rlen=i; + s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D; + s->init_num=0; + } + + /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */ + p=(unsigned char *)s->init_buf->data; + j=s->s2->tmp.clen+s->s2->tmp.rlen-s->init_num; + i=ssl2_read(s,(char *)&(p[s->init_num]),j); + if (i < j) + { + ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i); + goto end; + } + + x509=(X509 *)d2i_X509(NULL,&p,(long)s->s2->tmp.clen); + if (x509 == NULL) + { + SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB); + goto msg_end; + } + + if (((sk=sk_new_null()) == NULL) || (!sk_push(sk,(char *)x509))) + { + SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto msg_end; + } + + i=ssl_verify_cert_chain(s,sk); + + if (i) /* we like the packet, now check the chksum */ + { + EVP_MD_CTX ctx; + EVP_PKEY *pkey=NULL; + + EVP_VerifyInit(&ctx,EVP_md5()); + EVP_VerifyUpdate(&ctx,s->s2->key_material, + (unsigned int)s->s2->key_material_length); + EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); + + i=i2d_X509(s->session->cert->key->x509,NULL); + buf2=(unsigned char *)Malloc((unsigned int)i); + if (buf2 == NULL) + { + SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto msg_end; + } + p2=buf2; + i=i2d_X509(s->session->cert->key->x509,&p2); + EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i); + Free(buf2); + + pkey=X509_get_pubkey(x509); + if (pkey == NULL) goto end; + i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey); + memset(&ctx,0,sizeof(ctx)); + + if (i) + { + if (s->session->peer != NULL) + X509_free(s->session->peer); + s->session->peer=x509; + CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); + ret=1; + goto end; + } + else + { + SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM); + goto msg_end; + } + } + else + { +msg_end: + ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); + } +end: + if (sk != NULL) sk_free(sk); + if (x509 != NULL) X509_free(x509); + return(ret); + } + +static int ssl_rsa_private_decrypt(c, len, from, to,padding) +CERT *c; +int len; +unsigned char *from; +unsigned char *to; +int padding; + { + RSA *rsa; + int i; + + if ((c == NULL) || (c->key->privatekey == NULL)) + { + SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY); + return(-1); + } + if (c->key->privatekey->type != EVP_PKEY_RSA) + { + SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA); + return(-1); + } + rsa=c->key->privatekey->pkey.rsa; + + /* we have the public key */ + i=RSA_private_decrypt(len,from,to,rsa,padding); + if (i < 0) + SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB); + return(i); + } + diff --git a/ssl/s3_both.c b/ssl/s3_both.c new file mode 100644 index 0000000000..1d710eef2e --- /dev/null +++ b/ssl/s3_both.c @@ -0,0 +1,444 @@ +/* ssl/s3_both.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" +#include "ssl_locl.h" + +#define BREAK break + +/* SSL3err(SSL_F_SSL3_GET_FINISHED,SSL_R_EXCESSIVE_MESSAGE_SIZE); + */ + +unsigned char ssl3_server_finished_const[4]= + {SSL3_MD_SERVER_FINISHED_CONST}; +unsigned char ssl3_client_finished_const[4]= + {SSL3_MD_CLIENT_FINISHED_CONST}; + +int ssl3_send_finished(s,a,b,sender) +SSL *s; +int a; +int b; +unsigned char *sender; + { + unsigned char *p,*d; + int i; + unsigned long l; + + if (s->state == a) + { + d=(unsigned char *)s->init_buf->data; + p= &(d[4]); + + i=ssl3_final_finish_mac(s,&(s->s3->finish_dgst1),sender,p); + p+=i; + l=i; + i=ssl3_final_finish_mac(s,&(s->s3->finish_dgst2),sender,p); + l+=i; + + *(d++)=SSL3_MT_FINISHED; + l2n3(l,d); + s->init_num=(int)l+4; + s->init_off=0; + + s->state=b; + } + + /* SSL3_ST_SEND_xxxxxx_HELLO_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +int ssl3_get_finished(s,a,b,sender) +SSL *s; +int a; +int b; +unsigned char *sender; + { + int al,i,j,ok; + long n; + unsigned char *p; + + /* the mac has already been generated when we received the + * change cipher spec message and is in s->s3->tmp.in_dgst[12] + */ + + n=ssl3_get_message(s, + a, + b, + SSL3_MT_FINISHED, + 64, /* should actually be 36+4 :-) */ + &ok); + + if (!ok) return((int)n); + + /* If this occurs if we has missed a message */ + if (!s->s3->change_cipher_spec) + { + al=SSL3_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS); + goto f_err; + } + s->s3->change_cipher_spec=0; + + p=(unsigned char *)s->init_buf->data; + + i=EVP_MD_CTX_size(&(s->s3->finish_dgst1)); + j=EVP_MD_CTX_size(&(s->s3->finish_dgst2)); + + if ((i+j) != n) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH); + goto f_err; + } + + if ( (memcmp( p, &(s->s3->tmp.finish_md1[0]),i) != 0) || + (memcmp(&(p[i]),&(s->s3->tmp.finish_md2[0]),j) != 0)) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED); + goto f_err; + } + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + return(0); + } + +/* for these 2 messages, we need to + * ssl->enc_read_ctx re-init + * ssl->s3->read_sequence zero + * ssl->s3->read_mac_secret re-init + * ssl->session->read_sym_enc assign + * ssl->session->read_compression assign + * ssl->session->read_hash assign + */ +int ssl3_send_change_cipher_spec(s,a,b) +SSL *s; +int a,b; + { + unsigned char *p; + + if (s->state == a) + { + p=(unsigned char *)s->init_buf->data; + *p=SSL3_MT_CCS; + s->init_num=1; + s->init_off=0; + + s->state=b; + } + + /* SSL3_ST_CW_CHANGE_B */ + return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC)); + } + +unsigned long ssl3_output_cert_chain(s,x) +SSL *s; +X509 *x; + { + unsigned char *p; + int n,i; + unsigned long l=7; + BUF_MEM *buf; + X509_STORE_CTX xs_ctx; + X509_OBJECT obj; + + X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL); + + buf=s->init_buf; + for (;;) + { + n=i2d_X509(x,NULL); + if (!BUF_MEM_grow(buf,(int)(n+l+3))) + { + SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); + return(0); + } + p=(unsigned char *)&(buf->data[l]); + l2n3(n,p); + i2d_X509(x,&p); + l+=n+3; + if (X509_NAME_cmp(X509_get_subject_name(x), + X509_get_issuer_name(x)) == 0) break; + + i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509, + X509_get_issuer_name(x),&obj); + if (i <= 0) break; + x=obj.data.x509; + /* Count is one too high since the X509_STORE_get uped the + * ref count */ + X509_free(x); + } + + X509_STORE_CTX_cleanup(&xs_ctx); + + l-=7; + p=(unsigned char *)&(buf->data[4]); + l2n3(l,p); + l+=3; + p=(unsigned char *)&(buf->data[0]); + *(p++)=SSL3_MT_CERTIFICATE; + l2n3(l,p); + l+=4; + return(l); + } + +long ssl3_get_message(s,st1,stn,mt,max,ok) +SSL *s; +int st1,stn,mt; +long max; +int *ok; + { + unsigned char *p; + unsigned long l; + long n; + int i,al; + + if (s->s3->tmp.reuse_message) + { + s->s3->tmp.reuse_message=0; + if ((mt >= 0) && (s->s3->tmp.message_type != mt)) + { + al=SSL3_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE); + goto f_err; + } + *ok=1; + return((int)s->s3->tmp.message_size); + } + + p=(unsigned char *)s->init_buf->data; + + if (s->state == st1) + { + i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE, + (char *)&(p[s->init_num]), + 4-s->init_num); + if (i < (4-s->init_num)) + { + *ok=0; + return(ssl3_part_read(s,i)); + } + + if ((mt >= 0) && (*p != mt)) + { + al=SSL3_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE); + goto f_err; + } + s->s3->tmp.message_type= *(p++); + + n2l3(p,l); + if (l > (unsigned long)max) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE); + goto f_err; + } + if (l && !BUF_MEM_grow(s->init_buf,(int)l)) + { + SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB); + goto err; + } + s->s3->tmp.message_size=l; + s->state=stn; + + s->init_num=0; + } + + /* next state (stn) */ + p=(unsigned char *)s->init_buf->data; + n=s->s3->tmp.message_size; + if (n > 0) + { + i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE, + (char *)&(p[s->init_num]),(int)n); + if (i != (int)n) + { + *ok=0; + return(ssl3_part_read(s,i)); + } + } + *ok=1; + return(n); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + *ok=0; + return(-1); + } + +int ssl_cert_type(x,pkey) +X509 *x; +EVP_PKEY *pkey; + { + EVP_PKEY *pk; + int ret= -1,i,j; + + if (pkey == NULL) + pk=X509_get_pubkey(x); + else + pk=pkey; + if (pk == NULL) goto err; + + i=pk->type; + if (i == EVP_PKEY_RSA) + { + ret=SSL_PKEY_RSA_ENC; + if (x != NULL) + { + j=X509_get_ext_count(x); + /* check to see if this is a signing only certificate */ + /* EAY EAY EAY EAY */ + } + } + else if (i == EVP_PKEY_DSA) + { + ret=SSL_PKEY_DSA_SIGN; + } + else if (i == EVP_PKEY_DH) + { + /* if we just have a key, we needs to be guess */ + + if (x == NULL) + ret=SSL_PKEY_DH_DSA; + else + { + j=X509_get_signature_type(x); + if (j == EVP_PKEY_RSA) + ret=SSL_PKEY_DH_RSA; + else if (j== EVP_PKEY_DSA) + ret=SSL_PKEY_DH_DSA; + else ret= -1; + } + } + else + ret= -1; + +err: + return(ret); + } + +int ssl_verify_alarm_type(type) +int type; + { + int al; + + switch(type) + { + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: + + case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: + case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: + case X509_V_ERR_CERT_SIGNATURE_FAILURE: + case X509_V_ERR_CERT_NOT_YET_VALID: + case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: + case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: + case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: + case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: + case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: + al=SSL3_AD_BAD_CERTIFICATE; + break; + case X509_V_ERR_CERT_HAS_EXPIRED: + al=SSL3_AD_CERTIFICATE_EXPIRED; + break; + default: + al=SSL3_AD_CERTIFICATE_UNKNOWN; + break; + } + return(al); + } + +int ssl3_setup_buffers(s) +SSL *s; + { + unsigned char *p; + unsigned int extra; + + if (s->s3->rbuf.buf == NULL) + { + if (s->ctx->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) + extra=SSL3_RT_MAX_EXTRA; + else + extra=0; + if ((p=(unsigned char *)Malloc(SSL3_RT_MAX_PACKET_SIZE+extra)) + == NULL) + goto err; + s->s3->rbuf.buf=p; + } + + if (s->s3->wbuf.buf == NULL) + { + if ((p=(unsigned char *)Malloc(SSL3_RT_MAX_PACKET_SIZE)) + == NULL) + goto err; + s->s3->wbuf.buf=p; + } + s->packet= &(s->s3->rbuf.buf[0]); + return(1); +err: + SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE); + return(0); + } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c new file mode 100644 index 0000000000..4f551d20e9 --- /dev/null +++ b/ssl/s3_clnt.c @@ -0,0 +1,1642 @@ +/* ssl/s3_clnt.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "ssl_locl.h" + +#define BREAK break +/* SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_SERVER_DONE,ERR_R_MALLOC_FAILURE); +SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); + */ + +#ifndef NOPROTO +static int ssl3_client_hello(SSL *s); +static int ssl3_get_server_hello(SSL *s); +static int ssl3_get_certificate_request(SSL *s); +static int ca_dn_cmp(X509_NAME **a,X509_NAME **b); +static int ssl3_get_server_done(SSL *s); +static int ssl3_send_client_verify(SSL *s); +static int ssl3_send_client_certificate(SSL *s); +static int ssl3_send_client_key_exchange(SSL *s); +static int ssl3_get_key_exchange(SSL *s); +static int ssl3_get_server_certificate(SSL *s); +static int ssl3_check_cert_and_algorithm(SSL *s); +#else +static int ssl3_client_hello(); +static int ssl3_get_server_hello(); +static int ssl3_get_certificate_request(); +static int ca_dn_cmp(); +static int ssl3_get_server_done(); +static int ssl3_send_client_verify(); +static int ssl3_send_client_certificate(); +static int ssl3_send_client_key_exchange(); +static int ssl3_get_key_exchange(); +static int ssl3_get_server_certificate(); +static int ssl3_check_cert_and_algorithm(); +#endif + +static SSL_METHOD *ssl3_get_client_method(ver) +int ver; + { + if (ver == 3) + return(SSLv3_client_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv3_client_method() + { + static int init=1; + static SSL_METHOD SSLv3_client_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), + sizeof(SSL_METHOD)); + SSLv3_client_data.ssl_connect=ssl3_connect; + SSLv3_client_data.get_ssl_method=ssl3_get_client_method; + } + return(&SSLv3_client_data); + } + +int ssl3_connect(s) +SSL *s; + { + BUF_MEM *buf; + unsigned long Time=time(NULL),l; + long num1; + void (*cb)()=NULL; + int ret= -1; + BIO *bbio,*under; + int new_state,state,skip=0;; + + RAND_seed((unsigned char *)&Time,sizeof(Time)); + ERR_clear_error(); + errno=0; + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + + for (;;) + { + state=s->state; + + switch(s->state) + { + case SSL_ST_RENEGOTIATE: + s->new_session=1; + s->state=SSL_ST_CONNECT; + /* break */ + case SSL_ST_BEFORE: + case SSL_ST_CONNECT: + case SSL_ST_BEFORE|SSL_ST_CONNECT: + case SSL_ST_OK|SSL_ST_CONNECT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + s->version=3; + s->type=SSL_ST_CONNECT; + + if (s->init_buf == NULL) + { + if ((buf=BUF_MEM_new()) == NULL) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + } + + if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } + + /* setup buffing BIO */ + if (s->bbio == NULL) + { + bbio=BIO_new(BIO_f_buffer()); + if (bbio == NULL) + { + SSLerr(SSL_F_SSL3_CONNECT,ERR_LIB_BUF); + ret= -1; + goto end; + } + s->bbio=bbio; + } + else + bbio=s->bbio; + + BIO_reset(bbio); + if (!BIO_set_write_buffer_size(bbio,16*1024)) + { + SSLerr(SSL_F_SSL3_CONNECT,ERR_LIB_BUF); + ret= -1; + goto end; + } + + /* don't push the buffering BIO quite yet */ + + ssl3_init_finished_mac(s); + + s->state=SSL3_ST_CW_CLNT_HELLO_A; + s->ctx->sess_connect++; + s->init_num=0; + break; + + case SSL3_ST_CW_CLNT_HELLO_A: + case SSL3_ST_CW_CLNT_HELLO_B: + + s->shutdown=0; + ret=ssl3_client_hello(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CR_SRVR_HELLO_A; + s->init_num=0; + + /* turn on buffering for the next lot of output */ + s->wbio=BIO_push(s->bbio,s->wbio); + + break; + + case SSL3_ST_CR_SRVR_HELLO_A: + case SSL3_ST_CR_SRVR_HELLO_B: + ret=ssl3_get_server_hello(s); + if (ret <= 0) goto end; + if (s->hit) + s->state=SSL3_ST_CR_FINISHED_A; + else + s->state=SSL3_ST_CR_CERT_A; + s->init_num=0; + break; + + case SSL3_ST_CR_CERT_A: + case SSL3_ST_CR_CERT_B: + /* Check if it is anon DH */ + if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) + { + ret=ssl3_get_server_certificate(s); + if (ret <= 0) goto end; + } + else + skip=1; + s->state=SSL3_ST_CR_KEY_EXCH_A; + s->init_num=0; + break; + + case SSL3_ST_CR_KEY_EXCH_A: + case SSL3_ST_CR_KEY_EXCH_B: + ret=ssl3_get_key_exchange(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CR_CERT_REQ_A; + s->init_num=0; + + /* at this point we check that we have the + * required stuff from the server */ + if (!ssl3_check_cert_and_algorithm(s)) + { + ret= -1; + goto end; + } + break; + + case SSL3_ST_CR_CERT_REQ_A: + case SSL3_ST_CR_CERT_REQ_B: + ret=ssl3_get_certificate_request(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CR_SRVR_DONE_A; + s->init_num=0; + break; + + case SSL3_ST_CR_SRVR_DONE_A: + case SSL3_ST_CR_SRVR_DONE_B: + ret=ssl3_get_server_done(s); + if (ret <= 0) goto end; + if (s->s3->tmp.cert_req) + s->state=SSL3_ST_CW_CERT_A; + else + s->state=SSL3_ST_CW_KEY_EXCH_A; + s->init_num=0; + + break; + + case SSL3_ST_CW_CERT_A: + case SSL3_ST_CW_CERT_B: + case SSL3_ST_CW_CERT_C: + ret=ssl3_send_client_certificate(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CW_KEY_EXCH_A; + s->init_num=0; + break; + + case SSL3_ST_CW_KEY_EXCH_A: + case SSL3_ST_CW_KEY_EXCH_B: + ret=ssl3_send_client_key_exchange(s); + if (ret <= 0) goto end; + l=s->s3->tmp.new_cipher->algorithms; + /* EAY EAY EAY need to check for DH fix cert + * sent back */ + if ((s->s3->tmp.cert_req) && 1) + { + s->state=SSL3_ST_CW_CERT_VRFY_A; + } + else + { + s->state=SSL3_ST_CW_CHANGE_A; + s->s3->change_cipher_spec=0; + } + + s->init_num=0; + break; + + case SSL3_ST_CW_CERT_VRFY_A: + case SSL3_ST_CW_CERT_VRFY_B: + ret=ssl3_send_client_verify(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_CW_CHANGE_A; + s->init_num=0; + s->s3->change_cipher_spec=0; + break; + + case SSL3_ST_CW_CHANGE_A: + case SSL3_ST_CW_CHANGE_B: + ret=ssl3_send_change_cipher_spec(s, + SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B); + if (ret <= 0) goto end; + s->state=SSL3_ST_CW_FINISHED_A; + s->init_num=0; + + s->session->cipher=s->s3->tmp.new_cipher; + if (!ssl3_setup_key_block(s)) + { + ret= -1; + goto end; + } + + if (!ssl3_change_cipher_state(s, + SSL3_CHANGE_CIPHER_CLIENT_WRITE)) + { + ret= -1; + goto end; + } + + break; + + case SSL3_ST_CW_FINISHED_A: + case SSL3_ST_CW_FINISHED_B: + ret=ssl3_send_finished(s, + SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B, + &(ssl3_client_finished_const[0])); + if (ret <= 0) goto end; + s->state=SSL3_ST_CW_FLUSH; + + /* clear flags */ + s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; + if (s->hit) + { + s->s3->tmp.next_state=SSL_ST_OK; + if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) + { + s->state=SSL_ST_OK; + s->s3->flags|=SSL3_FLAGS_POP_BUFFER; + s->s3->delay_buf_pop_ret=0; + } + } + else + { + s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A; + } + s->init_num=0; + break; + + case SSL3_ST_CR_FINISHED_A: + case SSL3_ST_CR_FINISHED_B: + + ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A, + SSL3_ST_CR_FINISHED_B, + &(ssl3_server_finished_const[0])); + if (ret <= 0) goto end; + + if (s->hit) + s->state=SSL3_ST_CW_CHANGE_A; + else + s->state=SSL_ST_OK; + s->init_num=0; + break; + + case SSL3_ST_CW_FLUSH: + /* number of bytes to be flushed */ + num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); + if (num1 > 0) + { + s->rwstate=SSL_WRITING; + num1=BIO_flush(s->wbio); + if (num1 <= 0) { ret= -1; goto end; } + s->rwstate=SSL_NOTHING; + } + + s->state=s->s3->tmp.next_state; + break; + + case SSL_ST_OK: + /* clean a few things up */ + ssl3_cleanup_key_block(s); + + BUF_MEM_free(s->init_buf); + s->init_buf=NULL; + + if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER)) + { + /* remove buffering */ + under=BIO_pop(s->wbio); + if (under != NULL) + s->wbio=under; + else + abort(); /* ok */ + + BIO_free(s->bbio); + s->bbio=NULL; + } + /* else do it later */ + + s->init_num=0; + s->new_session=0; + + ssl_update_cache(s,SSL_SESS_CACHE_CLIENT); + + ret=1; + /* s->server=0; */ + s->handshake_func=ssl3_connect; + s->ctx->sess_connect_good++; + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); + + goto end; + break; + + default: + SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + /* break; */ + } + + /* did we do anything */ + if (!s->s3->tmp.reuse_message && !skip) + { + if (s->debug) BIO_flush(s->wbio); + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_CONNECT_LOOP,1); + s->state=new_state; + } + } + skip=0; + } +end: + if (cb != NULL) + cb(s,SSL_CB_CONNECT_EXIT,ret); + s->in_handshake--; + return(ret); + } + + +static int ssl3_client_hello(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p,*d; + int i; + unsigned long Time,l; + + buf=(unsigned char *)s->init_buf->data; + if (s->state == SSL3_ST_CW_CLNT_HELLO_A) + { + if ((s->session == NULL) || + (s->session->ssl_version != s->version)) + { + if (!ssl_get_new_session(s,0)) + goto err; + } + /* else use the pre-loaded session */ + + p=s->s3->client_random; + Time=time(NULL); /* Time */ + l2n(Time,p); + RAND_bytes(&(p[4]),SSL3_RANDOM_SIZE-sizeof(Time)); + + /* Do the message type and length last */ + d=p= &(buf[4]); + + *(p++)=SSL3_VERSION_MAJOR; + *(p++)=SSL3_VERSION_MINOR; + + /* Random stuff */ + memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + + /* Session ID */ + if (s->new_session) + i=0; + else + i=s->session->session_id_length; + *(p++)=i; + if (i != 0) + { + memcpy(p,s->session->session_id,i); + p+=i; + } + + /* Ciphers supported */ + i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2])); + if (i == 0) + { + SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); + goto err; + } + s2n(i,p); + p+=i; + + /* hardwire in the NULL compression algorithm. */ + *(p++)=1; + *(p++)=0; + + l=(p-d); + d=buf; + *(d++)=SSL3_MT_CLIENT_HELLO; + l2n3(l,d); + + s->state=SSL3_ST_CW_CLNT_HELLO_B; + /* number of bytes to write */ + s->init_num=p-buf; + s->init_off=0; + } + + /* SSL3_ST_CW_CLNT_HELLO_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +err: + return(-1); + } + +static int ssl3_get_server_hello(s) +SSL *s; + { + STACK *sk; + SSL_CIPHER *c; + unsigned char *p,*d; + int i,al,ok; + unsigned int j; + long n; + + n=ssl3_get_message(s, + SSL3_ST_CR_SRVR_HELLO_A, + SSL3_ST_CR_SRVR_HELLO_B, + SSL3_MT_SERVER_HELLO, + 300, /* ?? */ + &ok); + + if (!ok) return((int)n); + d=p=(unsigned char *)s->init_buf->data; + + if ((p[0] != SSL3_VERSION_MAJOR) && (p[1] != SSL3_VERSION_MINOR)) + { + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION); + goto err; + } + p+=2; + + /* load the server hello data */ + /* load the server random */ + memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + + /* get the session-id */ + j= *(p++); + + if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) + { + /* SSLref returns 16 :-( */ + if (j < SSL2_SSL_SESSION_ID_LENGTH) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); + goto f_err; + } + } + if (j == 0) + { + s->hit=0; + memset(s->session->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); + s->session->session_id_length=0; + } + else if ((j == s->session->session_id_length) && + (memcmp(p,s->session->session_id,j) == 0)) + s->hit=1; + else + { + memcpy(s->session->session_id,p,j); + s->session->session_id_length=j; + s->hit=0; + } + p+=j; + c=ssl_get_cipher_by_char(s,p); + if (c == NULL) + { + /* unknown cipher */ + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED); + goto f_err; + } + p+=ssl_put_cipher_by_char(s,NULL,NULL); + + sk=ssl_get_ciphers_by_id(s); + i=sk_find(sk,(char *)c); + if (i < 0) + { + /* we did not say we would use this cipher */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED); + goto f_err; + } + + if (s->hit && (s->session->cipher != c)) + { + if (!(s->ctx->options & + SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); + goto f_err; + } + } + s->s3->tmp.new_cipher=c; + + /* lets get the compression algorithm */ + j= *(p++); + if (j != 0) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); + goto f_err; + } + + if (p != (d+n)) + { + /* wrong packet length */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH); + goto err; + } + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(-1); + } + +static int ssl3_get_server_certificate(s) +SSL *s; + { + int al,i,ok,ret= -1; + unsigned long n,nc,llen,l; + X509 *x=NULL; + unsigned char *p,*d,*q; + STACK *sk=NULL; + CERT *c; + EVP_PKEY *pkey=NULL; + + n=ssl3_get_message(s, + SSL3_ST_CR_CERT_A, + SSL3_ST_CR_CERT_B, + -1, +#if defined(MSDOS) && !defined(WIN32) + 1024*30, /* 30k max cert list :-) */ +#else + 1024*100, /* 100k max cert list :-) */ +#endif + &ok); + + if (!ok) return((int)n); + + if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) + { + s->s3->tmp.reuse_message=1; + return(1); + } + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) + { + al=SSL3_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE); + goto f_err; + } + d=p=(unsigned char *)s->init_buf->data; + + if ((sk=sk_new_null()) == NULL) + { + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto err; + } + + n2l3(p,llen); + if (llen+3 != n) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH); + goto f_err; + } + for (nc=0; nc<llen; ) + { + n2l3(p,l); + if ((l+nc+3) > llen) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); + goto f_err; + } + + q=p; + x=d2i_X509(NULL,&q,l); + if (x == NULL) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB); + goto f_err; + } + if (q != (p+l)) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); + goto f_err; + } + if (!sk_push(sk,(char *)x)) + { + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto err; + } + x=NULL; + nc+=l+3; + p=q; + } + + i=ssl_verify_cert_chain(s,sk); + if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)) + { + al=ssl_verify_alarm_type(s->verify_result); + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED); + goto f_err; + } + + c=ssl_cert_new(); + if (c == NULL) goto err; + + if (s->session->cert) ssl_cert_free(s->session->cert); + s->session->cert=c; + + c->cert_chain=sk; + x=(X509 *)sk_value(sk,0); + sk=NULL; + + pkey=X509_get_pubkey(x); + + if (EVP_PKEY_missing_parameters(pkey)) + { + x=NULL; + al=SSL3_AL_FATAL; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS); + goto f_err; + } + + i=ssl_cert_type(x,pkey); + if (i < 0) + { + x=NULL; + al=SSL3_AL_FATAL; + SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNKNOWN_CERTIFICATE_TYPE); + goto f_err; + } + + c->cert_type=i; + x->references++; + if (c->pkeys[i].x509 != NULL) + X509_free(c->pkeys[i].x509); + c->pkeys[i].x509=x; + c->key= &(c->pkeys[i]); + + if ((s->session != NULL) && (s->session->peer != NULL)) + X509_free(s->session->peer); + x->references++; + s->session->peer=x; + + x=NULL; + ret=1; + + if (0) + { +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + } +err: + if (x != NULL) X509_free(x); + if (sk != NULL) sk_pop_free(sk,X509_free); + return(ret); + } + +static int ssl3_get_key_exchange(s) +SSL *s; + { +#ifndef NO_RSA + unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2]; +#endif + EVP_MD_CTX md_ctx; + unsigned char *param,*p; + int al,i,j,param_len,ok; + long n,alg; + EVP_PKEY *pkey=NULL; + RSA *rsa=NULL; + DH *dh=NULL; + + n=ssl3_get_message(s, + SSL3_ST_CR_KEY_EXCH_A, + SSL3_ST_CR_KEY_EXCH_B, + -1, + 1024*8, /* ?? */ + &ok); + + if (!ok) return((int)n); + + if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) + { + s->s3->tmp.reuse_message=1; + return(1); + } + + param=p=(unsigned char *)s->init_buf->data; + + if (s->session->cert != NULL) + { +#ifndef NO_RSA + if (s->session->cert->rsa_tmp != NULL) + { + RSA_free(s->session->cert->rsa_tmp); + s->session->cert->rsa_tmp=NULL; + } +#endif +#ifndef NO_DH + if (s->session->cert->dh_tmp) + { + DH_free(s->session->cert->dh_tmp); + s->session->cert->dh_tmp=NULL; + } +#endif + } + else + { + s->session->cert=ssl_cert_new(); + } + + param_len=0; + alg=s->s3->tmp.new_cipher->algorithms; + +#ifndef NO_RSA + if (alg & SSL_kRSA) + { + if ((rsa=RSA_new()) == NULL) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); + goto err; + } + n2s(p,i); + param_len=i+2; + if (param_len > n) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH); + goto f_err; + } + if (!(rsa->n=BN_bin2bn(p,i,rsa->n))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + + n2s(p,i); + param_len+=i+2; + if (param_len > n) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH); + goto f_err; + } + if (!(rsa->e=BN_bin2bn(p,i,rsa->e))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + n-=param_len; + +/* s->session->cert->rsa_tmp=rsa;*/ + /* this should be because we are using an export cipher */ + if (alg & SSL_aRSA) + pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509); + else + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + s->session->cert->rsa_tmp=rsa; + } + else +#endif +#ifndef NO_DH + if (alg & SSL_kEDH) + { + if ((dh=DH_new()) == NULL) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + n2s(p,i); + param_len=i+2; + if (param_len > n) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH); + goto f_err; + } + if (!(dh->p=BN_bin2bn(p,i,NULL))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + + n2s(p,i); + param_len+=i+2; + if (param_len > n) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH); + goto f_err; + } + if (!(dh->g=BN_bin2bn(p,i,NULL))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + + n2s(p,i); + param_len+=i+2; + if (param_len > n) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH); + goto f_err; + } + if (!(dh->pub_key=BN_bin2bn(p,i,NULL))) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); + goto err; + } + p+=i; + n-=param_len; + +#ifndef NO_RSA + if (alg & SSL_aRSA) + pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509); + else +#endif +#ifndef NO_DSA + if (alg & SSL_aDSS) + pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_DSA_SIGN].x509); +#endif + /* else anonymous DH, so no certificate or pkey. */ + + s->session->cert->dh_tmp=dh; + } + else if ((alg & SSL_kDHr) || (alg & SSL_kDHd)) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER); + goto f_err; + } +#endif + + /* p points to the next byte, there are 'n' bytes left */ + + + /* if it was signed, check the signature */ + if (pkey != NULL) + { + n2s(p,i); + n-=2; + j=EVP_PKEY_size(pkey); + + if ((i != n) || (n > j) || (n <= 0)) + { + /* wrong packet length */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH); + goto err; + } + +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + int num; + + j=0; + q=md_buf; + for (num=2; num > 0; num--) + { + EVP_DigestInit(&md_ctx,(num == 2)?EVP_md5():EVP_sha1()); + EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&md_ctx,param,param_len); + EVP_DigestFinal(&md_ctx,q,(unsigned int *)&i); + q+=i; + j+=i; + } + i=RSA_public_decrypt((int)n,p,p,pkey->pkey.rsa, + RSA_PKCS1_PADDING); + if (i <= 0) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); + goto f_err; + } + if ((j != i) || (memcmp(p,md_buf,i) != 0)) + { + /* bad signature */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE); + goto f_err; + } + } + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + /* lets do DSS */ + EVP_VerifyInit(&md_ctx,EVP_dss1()); + EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); + EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); + EVP_VerifyUpdate(&md_ctx,param,param_len); + if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey)) + { + /* bad signature */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE); + goto f_err; + } + } + else +#endif + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + } + else + { + /* still data left over */ + if (!(alg & SSL_aNULL)) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + if (n != 0) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE); + goto f_err; + } + } + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(-1); + } + +static int ssl3_get_certificate_request(s) +SSL *s; + { + int ok,ret=0; + unsigned long n,nc; + unsigned int llen,l,ctype_num,i; + X509_NAME *xn=NULL; + unsigned char *p,*d,*q; + STACK *ca_sk=NULL; + + n=ssl3_get_message(s, + SSL3_ST_CR_CERT_REQ_A, + SSL3_ST_CR_CERT_REQ_B, + -1, +#if defined(MSDOS) && !defined(WIN32) + 1024*30, /* 30k max cert list :-) */ +#else + 1024*100, /* 100k max cert list :-) */ +#endif + &ok); + + if (!ok) return((int)n); + + s->s3->tmp.cert_req=0; + + if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) + { + s->s3->tmp.reuse_message=1; + return(1); + } + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE); + goto err; + } + + d=p=(unsigned char *)s->init_buf->data; + + if ((ca_sk=sk_new(ca_dn_cmp)) == NULL) + { + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE); + goto err; + } + + /* get the certificate types */ + ctype_num= *(p++); + if (ctype_num > SSL3_CT_NUMBER) + ctype_num=SSL3_CT_NUMBER; + for (i=0; i<ctype_num; i++) + s->s3->tmp.ctype[i]= p[i]; + p+=ctype_num; + + /* get the CA RDNs */ + n2s(p,llen); + if ((llen+ctype_num+2+1) != n) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH); + goto err; + } + + for (nc=0; nc<llen; ) + { + n2s(p,l); + if ((l+nc+2) > llen) + { + if ((s->ctx->options & SSL_OP_NETSCAPE_CA_DN_BUG)) + goto cont; /* netscape bugs */ + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG); + goto err; + } + + q=p; + + if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL) + { + /* If netscape tollerance is on, ignore errors */ + if (s->ctx->options & SSL_OP_NETSCAPE_CA_DN_BUG) + goto cont; + else + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB); + goto err; + } + } + + if (q != (p+l)) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH); + goto err; + } + if (!sk_push(ca_sk,(char *)xn)) + { + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE); + goto err; + } + + p+=l; + nc+=l+2; + } + + if (0) + { +cont: + ERR_clear_error(); + } + + /* we should setup a certficate to return.... */ + s->s3->tmp.cert_req=1; + s->s3->tmp.ctype_num=ctype_num; + if (s->s3->tmp.ca_names != NULL) + sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free); + s->s3->tmp.ca_names=ca_sk; + ca_sk=NULL; + + ret=1; +err: + if (ca_sk != NULL) sk_pop_free(ca_sk,X509_NAME_free); + return(ret); + } + +static int ca_dn_cmp(a,b) +X509_NAME **a,**b; + { + return(X509_NAME_cmp(*a,*b)); + } + +static int ssl3_get_server_done(s) +SSL *s; + { + int ok,ret=0; + long n; + + n=ssl3_get_message(s, + SSL3_ST_CR_SRVR_DONE_A, + SSL3_ST_CR_SRVR_DONE_B, + SSL3_MT_SERVER_DONE, + 30, /* should be very small, like 0 :-) */ + &ok); + + if (!ok) return((int)n); + if (n > 0) + { + /* should contain no data */ + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER); + SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH); + } + ret=1; + return(ret); + } + +static int ssl3_send_client_key_exchange(s) +SSL *s; + { + unsigned char *p,*d; + int n; + unsigned long l; + EVP_PKEY *pkey=NULL; + + if (s->state == SSL3_ST_CW_KEY_EXCH_A) + { + d=(unsigned char *)s->init_buf->data; + p= &(d[4]); + + l=s->s3->tmp.new_cipher->algorithms; + +#ifndef NO_RSA + if (l & SSL_kRSA) + { + RSA *rsa; + unsigned char tmp_buf[48]; + + if (s->session->cert->rsa_tmp != NULL) + rsa=s->session->cert->rsa_tmp; + else + { + pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509); + if ((pkey == NULL) || + (pkey->type != EVP_PKEY_RSA) || + (pkey->pkey.rsa == NULL)) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + rsa=pkey->pkey.rsa; + } + + tmp_buf[0]=SSL3_VERSION_MAJOR; + tmp_buf[1]=SSL3_VERSION_MINOR; + RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2); + + s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; + + n=RSA_public_encrypt(48,tmp_buf,p,rsa, + RSA_PKCS1_PADDING); + if (n <= 0) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT); + goto err; + } + + s->session->master_key_length= + ssl3_generate_master_secret(s, + s->session->master_key, + tmp_buf,48); + memset(tmp_buf,0,48); + } + else +#endif +#ifndef NO_DH + if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) + { + DH *dh_srvr,*dh_clnt; + + if (s->session->cert->dh_tmp != NULL) + dh_srvr=s->session->cert->dh_tmp; + else + { + /* we get them from the cert */ + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_HANDSHAKE_FAILURE); + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS); + goto err; + } + + /* generate a new random key */ + if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + if (!DH_generate_key(dh_clnt)) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + + /* use the 'p' output buffer for the DH key, but + * make sure to clear it out afterwards */ + n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt); + if (n <= 0) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + + /* generate master key from the result */ + s->session->master_key_length= + ssl3_generate_master_secret(s, + s->session->master_key,p,n); + /* clean up */ + memset(p,0,n); + + /* send off the data */ + n=BN_num_bytes(dh_clnt->pub_key); + s2n(n,p); + BN_bn2bin(dh_clnt->pub_key,p); + n+=2; + + DH_free(dh_clnt); + + /* perhaps clean things up a bit EAY EAY EAY EAY*/ + } + else +#endif + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_HANDSHAKE_FAILURE); + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); + goto err; + } + + *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE; + l2n3(n,d); + + s->state=SSL3_ST_CW_KEY_EXCH_B; + /* number of bytes to write */ + s->init_num=n+4; + s->init_off=0; + } + + /* SSL3_ST_CW_KEY_EXCH_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +err: + return(-1); + } + +static int ssl3_send_client_verify(s) +SSL *s; + { + unsigned char *p,*d; + unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; + EVP_PKEY *pkey; + int i=0,j; + unsigned long n; + + if (s->state == SSL3_ST_CW_CERT_VRFY_A) + { + d=(unsigned char *)s->init_buf->data; + p= &(d[4]); + pkey=s->cert->key->privatekey; + + ssl3_final_finish_mac(s,&(s->s3->finish_dgst2), + NULL,&(data[MD5_DIGEST_LENGTH])); + +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + ssl3_final_finish_mac(s,&(s->s3->finish_dgst1), + NULL,&(data[0])); + i=RSA_private_encrypt( + MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, + data,&(p[2]),pkey->pkey.rsa, + RSA_PKCS1_PADDING); + if (i <= 0) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB); + goto err; + } + s2n(i,p); + n=i+2; + } + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + if (!DSA_sign(pkey->save_type, + &(data[MD5_DIGEST_LENGTH]), + SHA_DIGEST_LENGTH,&(p[2]), + (unsigned int *)&j,pkey->pkey.dsa)) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB); + goto err; + } + s2n(j,p); + n=j+2; + } + else +#endif + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,SSL_R_INTERNAL_ERROR); + goto err; + } + *(d++)=SSL3_MT_CERTIFICATE_VERIFY; + l2n3(n,d); + + s->init_num=(int)n+4; + s->init_off=0; + } + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +err: + return(-1); + } + +static int ssl3_send_client_certificate(s) +SSL *s; + { + X509 *x509=NULL; + EVP_PKEY *pkey=NULL; + int i; + unsigned long l; + + if (s->state == SSL3_ST_CW_CERT_A) + { + if ((s->cert == NULL) || + (s->cert->key->x509 == NULL) || + (s->cert->key->privatekey == NULL)) + s->state=SSL3_ST_CW_CERT_B; + else + s->state=SSL3_ST_CW_CERT_C; + } + + /* We need to get a client cert */ + if (s->state == SSL3_ST_CW_CERT_B) + { + /* If we get an error, we need to + * ssl->rwstate=SSL_X509_LOOKUP; return(-1); + * We then get retied later */ + i=0; + if (s->ctx->client_cert_cb != NULL) + i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); + if (i < 0) + { + s->rwstate=SSL_X509_LOOKUP; + return(-1); + } + s->rwstate=SSL_NOTHING; + if ((i == 1) && (pkey != NULL) && (x509 != NULL)) + { + s->state=SSL3_ST_CW_CERT_B; + if ( !SSL_use_certificate(s,x509) || + !SSL_use_PrivateKey(s,pkey)) + i=0; + } + else if (i == 1) + { + i=0; + SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); + } + + if (x509 != NULL) X509_free(x509); + if (pkey != NULL) EVP_PKEY_free(pkey); + if (i == 0) + { + s->s3->tmp.cert_req=0; + ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_NO_CERTIFICATE); + return(1); + } + + /* Ok, we have a cert */ + s->state=SSL3_ST_CW_CERT_C; + } + + if (s->state == SSL3_ST_CW_CERT_C) + { + s->state=SSL3_ST_CW_CERT_D; + l=ssl3_output_cert_chain(s,s->cert->key->x509); + s->init_num=(int)l; + s->init_off=0; + } + /* SSL3_ST_CW_CERT_D */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +#define has_bits(i,m) (((i)&(m)) == (m)) + +static int ssl3_check_cert_and_algorithm(s) +SSL *s; + { + int i,idx; + long algs; + EVP_PKEY *pkey=NULL; + CERT *c; + RSA *rsa; + DH *dh; + + c=s->session->cert; + + if (c == NULL) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_INTERNAL_ERROR); + goto err; + } + + algs=s->s3->tmp.new_cipher->algorithms; + + /* we don't have a certificate */ + if (algs & (SSL_aDH|SSL_aNULL)) + return(1); + + rsa=s->session->cert->rsa_tmp; + dh=s->session->cert->dh_tmp; + + /* This is the passed certificate */ + + idx=c->cert_type; + pkey=X509_get_pubkey(c->pkeys[idx].x509); + i=X509_certificate_type(c->pkeys[idx].x509,pkey); + + + /* Check that we have a certificate if we require one */ + if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT); + goto f_err; + } +#ifndef NO_DSA + else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT); + goto f_err; + } +#endif + + if ((algs & SSL_kRSA) && + !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL))) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT); + goto f_err; + } +#ifndef NO_DH + else if ((algs & SSL_kEDH) && + !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY); + goto f_err; + } + else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT); + goto f_err; + } +#ifndef NO_DSA + else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT); + goto f_err; + } +#endif +#endif + + if ((algs & SSL_EXP) && !has_bits(i,EVP_PKT_EXP)) + { +#ifndef NO_RSA + if (algs & SSL_kRSA) + { + if ((rsa == NULL) || (RSA_size(rsa) > 512)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY); + goto f_err; + } + } + else +#endif +#ifndef NO_DH + if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) + { + if ((dh == NULL) || (DH_size(dh) > 512)) + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY); + goto f_err; + } + } + else +#endif + { + SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); + goto f_err; + } + } + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_HANDSHAKE_FAILURE); +err: + return(0); + } + diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c new file mode 100644 index 0000000000..f1cd25e3d3 --- /dev/null +++ b/ssl/s3_enc.c @@ -0,0 +1,481 @@ +/* ssl/s3_enc.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "evp.h" +#include "ssl_locl.h" + +static unsigned char ssl3_pad_1[48]={ + 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36, + 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36, + 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36, + 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36, + 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36, + 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36 }; + +static unsigned char ssl3_pad_2[48]={ + 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c, + 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c, + 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c, + 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c, + 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c, + 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c }; + +int ssl3_change_cipher_state(s,which) +SSL *s; +int which; + { + unsigned char *p,*key_block,*mac_secret; + unsigned char exp_key[EVP_MAX_KEY_LENGTH]; + unsigned char exp_iv[EVP_MAX_KEY_LENGTH]; + unsigned char *ms,*key,*iv,*er1,*er2; + EVP_CIPHER_CTX *dd; + EVP_CIPHER *c; + SSL_COMPRESSION *comp; + EVP_MD *m; + MD5_CTX md; + int exp,n,i,j,k; + + exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0; + c=s->s3->tmp.new_sym_enc; + m=s->s3->tmp.new_hash; + comp=s->s3->tmp.new_compression; + key_block=s->s3->tmp.key_block; + + if (which & SSL3_CC_READ) + { + if ((s->enc_read_ctx == NULL) && + ((s->enc_read_ctx=(EVP_CIPHER_CTX *) + Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + goto err; + dd= s->enc_read_ctx; + s->read_hash=m; + s->read_compression=comp; + memset(&(s->s3->read_sequence[0]),0,8); + mac_secret= &(s->s3->read_mac_secret[0]); + } + else + { + if ((s->enc_write_ctx == NULL) && + ((s->enc_write_ctx=(EVP_CIPHER_CTX *) + Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + goto err; + dd= s->enc_write_ctx; + s->write_hash=m; + s->write_compression=comp; + memset(&(s->s3->write_sequence[0]),0,8); + mac_secret= &(s->s3->write_mac_secret[0]); + } + + p=s->s3->tmp.key_block; + i=EVP_MD_size(m); + j=(exp)?5:EVP_CIPHER_key_length(c); + k=EVP_CIPHER_iv_length(c); + if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || + (which == SSL3_CHANGE_CIPHER_SERVER_READ)) + { + ms= &(p[ 0]); n=i+i; + key= &(p[ n]); n+=j+j; + iv= &(p[ n]); n+=k+k; + er1= &(s->s3->client_random[0]); + er2= &(s->s3->server_random[0]); + } + else + { + n=i; + ms= &(p[ n]); n+=i+j; + key= &(p[ n]); n+=j+k; + iv= &(p[ n]); n+=k; + er1= &(s->s3->server_random[0]); + er2= &(s->s3->client_random[0]); + } + + if (n > s->s3->tmp.key_block_length) + { + SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_INTERNAL_ERROR); + goto err2; + } + + memcpy(mac_secret,ms,i); + if (exp) + { + /* In here I set both the read and write key/iv to the + * same value since only the correct one will be used :-). + */ + MD5_Init(&md); + MD5_Update(&md,key,j); + MD5_Update(&md,er1,SSL3_RANDOM_SIZE); + MD5_Update(&md,er2,SSL3_RANDOM_SIZE); + MD5_Final(&(exp_key[0]),&md); + key= &(exp_key[0]); + + MD5_Init(&md); + MD5_Update(&md,er1,SSL3_RANDOM_SIZE); + MD5_Update(&md,er2,SSL3_RANDOM_SIZE); + MD5_Final(&(exp_iv[0]),&md); + iv= &(exp_iv[0]); + } + + s->session->key_arg_length=k; + if (k > 0) + memcpy(&(s->session->key_arg[0]),iv,k); + + EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); + memset(&(exp_key[0]),0,sizeof(exp_key)); + memset(&(exp_iv[0]),0,sizeof(exp_iv)); + return(1); +err: + SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE); +err2: + return(0); + } + +int ssl3_setup_key_block(s) +SSL *s; + { + unsigned char *p; + EVP_CIPHER *c; + EVP_MD *hash; + int num,exp; + + if (s->s3->tmp.key_block_length != 0) + return(1); + + if (!ssl_cipher_get_evp(s->session->cipher,&c,&hash)) + { + SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE); + return(0); + } + + s->s3->tmp.new_sym_enc=c; + s->s3->tmp.new_hash=hash; + + exp=(s->session->cipher->algorithms & SSL_EXPORT)?1:0; + + num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c); + num*=2; + + ssl3_cleanup_key_block(s); + + if ((p=(unsigned char *)Malloc(num)) == NULL) + goto err; + + s->s3->tmp.key_block_length=num; + s->s3->tmp.key_block=p; + + ssl3_generate_key_block(s,p,num); + + return(1); +err: + SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE); + return(0); + } + +void ssl3_cleanup_key_block(s) +SSL *s; + { + if (s->s3->tmp.key_block != NULL) + { + memset(s->s3->tmp.key_block,0, + s->s3->tmp.key_block_length); + Free(s->s3->tmp.key_block); + s->s3->tmp.key_block=NULL; + } + s->s3->tmp.key_block_length=0; + } + +int ssl3_enc(s,send) +SSL *s; +int send; + { + SSL3_RECORD *rec; + EVP_CIPHER_CTX *ds; + unsigned long l; + int bs,i; + EVP_CIPHER *enc; + SSL_COMPRESSION *comp; + + if (send) + { + ds=s->enc_write_ctx; + rec= &(s->s3->wrec); + if (s->enc_write_ctx == NULL) + { enc=NULL; comp=NULL; } + else + { + enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx); + comp=s->write_compression; + } + } + else + { + ds=s->enc_read_ctx; + rec= &(s->s3->rrec); + if (s->enc_read_ctx == NULL) + { enc=NULL; comp=NULL; } + else + { + enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); + comp=s->read_compression; + } + } + + if ((s->session == NULL) || (ds == NULL) || + ((enc == NULL) && (comp == NULL))) + { + memcpy(rec->data,rec->input,rec->length); + rec->input=rec->data; + } + else + { + l=rec->length; + bs=EVP_CIPHER_block_size(ds->cipher); + + /* This should be using (bs-1) and bs instead of 7 and 8 */ + if ((bs != 1) && send) + { + i=bs-((int)l%bs); + + /* we need to add 'i-1' padding bytes */ + l+=i; + rec->length+=i; + rec->input[l-1]=(i-1); + } + + EVP_Cipher(ds,rec->data,rec->input,l); + + if ((bs != 1) && !send) + { + i=rec->data[l-1]+1; + if (i > bs) + { + SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); + ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_BAD_RECORD_MAC); + return(0); + } + rec->length-=i; + } + } + return(1); + } + +void ssl3_init_finished_mac(s) +SSL *s; + { + EVP_DigestInit(&(s->s3->finish_dgst1),EVP_md5()); + EVP_DigestInit(&(s->s3->finish_dgst2),EVP_sha1()); + } + +void ssl3_finish_mac(s,buf,len) +SSL *s; +unsigned char *buf; +int len; + { + EVP_DigestUpdate(&(s->s3->finish_dgst1),buf,len); + EVP_DigestUpdate(&(s->s3->finish_dgst2),buf,len); + } + +int ssl3_final_finish_mac(s,in_ctx,sender,p) +SSL *s; +EVP_MD_CTX *in_ctx; +unsigned char *sender; +unsigned char *p; + { + unsigned int ret; + int npad,n; + unsigned int i; + unsigned char md_buf[EVP_MAX_MD_SIZE]; + EVP_MD_CTX ctx; + + memcpy(&ctx,in_ctx,sizeof(EVP_MD_CTX)); + + n=EVP_MD_CTX_size(&ctx); + npad=(48/n)*n; + + if (sender != NULL) + EVP_DigestUpdate(&ctx,sender,4); + EVP_DigestUpdate(&ctx,s->session->master_key, + s->session->master_key_length); + EVP_DigestUpdate(&ctx,ssl3_pad_1,npad); + EVP_DigestFinal(&ctx,md_buf,&i); + + EVP_DigestInit(&ctx,EVP_MD_CTX_type(&ctx)); + EVP_DigestUpdate(&ctx,s->session->master_key, + s->session->master_key_length); + EVP_DigestUpdate(&ctx,ssl3_pad_2,npad); + EVP_DigestUpdate(&ctx,md_buf,i); + EVP_DigestFinal(&ctx,p,&ret); + + memset(&ctx,0,sizeof(EVP_MD_CTX)); + + return((int)ret); + } + +int ssl3_mac(ssl,md,send) +SSL *ssl; +unsigned char *md; +int send; + { + SSL3_RECORD *rec; + unsigned char *mac_sec,*seq; + EVP_MD_CTX md_ctx; + EVP_MD *hash; + unsigned char *p,rec_char; + unsigned int md_size; + int npad,i; + + if (send) + { + rec= &(ssl->s3->wrec); + mac_sec= &(ssl->s3->write_mac_secret[0]); + seq= &(ssl->s3->write_sequence[0]); + hash=ssl->write_hash; + } + else + { + rec= &(ssl->s3->rrec); + mac_sec= &(ssl->s3->read_mac_secret[0]); + seq= &(ssl->s3->read_sequence[0]); + hash=ssl->read_hash; + } + + md_size=EVP_MD_size(hash); + npad=(48/md_size)*md_size; + +#ifdef MAC_DEBUG +printf("npad=%d md_size=%d",npad,md_size); +printf("\nmsec="); +for (i=0; i<md_size; i++) printf("%02X ",mac_sec[i]); +printf("\npad1="); +for (i=0; i<npad; i++) printf("%02X ",ssl3_pad_1[i]); +printf("\nseq ="); +for (i=0; i<8; i++) printf("%02X ",seq[i]); +printf("\nreqt=%02X len=%04X\n",rec->type,rec->length); +for (i=0; i<rec->length; i++) printf("%02X",rec->input[i]); +printf("\n"); +#endif + + /* Chop the digest off the end :-) */ + + EVP_DigestInit( &md_ctx,hash); + EVP_DigestUpdate(&md_ctx,mac_sec,md_size); + EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad); + EVP_DigestUpdate(&md_ctx,seq,8); + rec_char=rec->type; + EVP_DigestUpdate(&md_ctx,&rec_char,1); + p=md; + s2n(rec->length,p); + EVP_DigestUpdate(&md_ctx,md,2); + EVP_DigestUpdate(&md_ctx,rec->input,rec->length); + EVP_DigestFinal( &md_ctx,md,NULL); + + EVP_DigestInit( &md_ctx,hash); + EVP_DigestUpdate(&md_ctx,mac_sec,md_size); + EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad); + EVP_DigestUpdate(&md_ctx,md,md_size); + EVP_DigestFinal( &md_ctx,md,&md_size); + + for (i=7; i>=0; i--) + if (++seq[i]) break; + +#ifdef MAC_DEBUG +printf("md="); +for (i=0; i<md_size; i++) printf("%02X ",md[i]); +printf("\n"); +#endif + + return(md_size); + } + +int ssl3_generate_master_secret(s,out,p,len) +SSL *s; +unsigned char *out; +unsigned char *p; +int len; + { + static unsigned char *salt[3]={ + (unsigned char *)"A", + (unsigned char *)"BB", + (unsigned char *)"CCC", + }; + unsigned char buf[EVP_MAX_MD_SIZE]; + EVP_MD_CTX ctx; + int i,ret=0; + unsigned int n; + + for (i=0; i<3; i++) + { + EVP_DigestInit(&ctx,EVP_sha1()); + EVP_DigestUpdate(&ctx,salt[i],strlen((char *)salt[i])); + EVP_DigestUpdate(&ctx,p,len); + EVP_DigestUpdate(&ctx,&(s->s3->client_random[0]), + SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&ctx,&(s->s3->server_random[0]), + SSL3_RANDOM_SIZE); + EVP_DigestFinal(&ctx,buf,&n); + + EVP_DigestInit(&ctx,EVP_md5()); + EVP_DigestUpdate(&ctx,p,len); + EVP_DigestUpdate(&ctx,buf,n); + EVP_DigestFinal(&ctx,out,&n); + out+=n; + ret+=n; + } + return(ret); + } + diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c new file mode 100644 index 0000000000..b7bac8e10f --- /dev/null +++ b/ssl/s3_lib.c @@ -0,0 +1,915 @@ +/* ssl/s3_lib.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "objects.h" +#include "ssl_locl.h" + +char *ssl3_version_str="SSLv3 part of SSLeay 0.8.1b 29-Jun-1998"; + +#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) + +#ifndef NOPROTO +static long ssl3_default_timeout(void ); +#else +static long ssl3_default_timeout(); +#endif + +SSL_CIPHER ssl3_ciphers[]={ +/* The RSA ciphers */ +/* Cipher 01 */ + { + 1, + SSL3_TXT_RSA_NULL_MD5, + SSL3_CK_RSA_NULL_MD5, + SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 02 */ + { + 1, + SSL3_TXT_RSA_NULL_SHA, + SSL3_CK_RSA_NULL_SHA, + SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* anon DH */ +/* Cipher 17 */ + { + 1, + SSL3_TXT_ADH_RC4_40_MD5, + SSL3_CK_ADH_RC4_40_MD5, + SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 18 */ + { + 1, + SSL3_TXT_ADH_RC4_128_MD5, + SSL3_CK_ADH_RC4_128_MD5, + SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 19 */ + { + 1, + SSL3_TXT_ADH_DES_40_CBC_SHA, + SSL3_CK_ADH_DES_40_CBC_SHA, + SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 1A */ + { + 1, + SSL3_TXT_ADH_DES_64_CBC_SHA, + SSL3_CK_ADH_DES_64_CBC_SHA, + SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 1B */ + { + 1, + SSL3_TXT_ADH_DES_196_CBC_SHA, + SSL3_CK_ADH_DES_196_CBC_SHA, + SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* RSA again */ +/* Cipher 03 */ + { + 1, + SSL3_TXT_RSA_RC4_40_MD5, + SSL3_CK_RSA_RC4_40_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 04 */ + { + 1, + SSL3_TXT_RSA_RC4_128_MD5, + SSL3_CK_RSA_RC4_128_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 05 */ + { + 1, + SSL3_TXT_RSA_RC4_128_SHA, + SSL3_CK_RSA_RC4_128_SHA, + SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 06 */ + { + 1, + SSL3_TXT_RSA_RC2_40_MD5, + SSL3_CK_RSA_RC2_40_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 07 */ + { + 1, + SSL3_TXT_RSA_IDEA_128_SHA, + SSL3_CK_RSA_IDEA_128_SHA, + SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 08 */ + { + 1, + SSL3_TXT_RSA_DES_40_CBC_SHA, + SSL3_CK_RSA_DES_40_CBC_SHA, + SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 09 */ + { + 1, + SSL3_TXT_RSA_DES_64_CBC_SHA, + SSL3_CK_RSA_DES_64_CBC_SHA, + SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0A */ + { + 1, + SSL3_TXT_RSA_DES_192_CBC3_SHA, + SSL3_CK_RSA_DES_192_CBC3_SHA, + SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, + +/* The DH ciphers */ +/* Cipher 0B */ + { + 0, + SSL3_TXT_DH_DSS_DES_40_CBC_SHA, + SSL3_CK_DH_DSS_DES_40_CBC_SHA, + SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0C */ + { + 0, + SSL3_TXT_DH_DSS_DES_64_CBC_SHA, + SSL3_CK_DH_DSS_DES_64_CBC_SHA, + SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0D */ + { + 0, + SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, + SSL3_CK_DH_DSS_DES_192_CBC3_SHA, + SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0E */ + { + 0, + SSL3_TXT_DH_RSA_DES_40_CBC_SHA, + SSL3_CK_DH_RSA_DES_40_CBC_SHA, + SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 0F */ + { + 0, + SSL3_TXT_DH_RSA_DES_64_CBC_SHA, + SSL3_CK_DH_RSA_DES_64_CBC_SHA, + SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 10 */ + { + 0, + SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, + SSL3_CK_DH_RSA_DES_192_CBC3_SHA, + SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, + +/* The Ephemeral DH ciphers */ +/* Cipher 11 */ + { + 1, + SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, + SSL3_CK_EDH_DSS_DES_40_CBC_SHA, + SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 12 */ + { + 1, + SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, + SSL3_CK_EDH_DSS_DES_64_CBC_SHA, + SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 13 */ + { + 1, + SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, + SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, + SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 14 */ + { + 1, + SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, + SSL3_CK_EDH_RSA_DES_40_CBC_SHA, + SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 15 */ + { + 1, + SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, + SSL3_CK_EDH_RSA_DES_64_CBC_SHA, + SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + 0, + SSL_ALL_CIPHERS, + }, +/* Cipher 16 */ + { + 1, + SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, + SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, + SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + 0, + SSL_ALL_CIPHERS, + }, + +/* Fortezza */ +/* Cipher 1C */ + { + 0, + SSL3_TXT_FZA_DMS_NULL_SHA, + SSL3_CK_FZA_DMS_NULL_SHA, + SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* Cipher 1D */ + { + 0, + SSL3_TXT_FZA_DMS_FZA_SHA, + SSL3_CK_FZA_DMS_FZA_SHA, + SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* Cipher 1E */ + { + 0, + SSL3_TXT_FZA_DMS_RC4_SHA, + SSL3_CK_FZA_DMS_RC4_SHA, + SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + 0, + SSL_ALL_CIPHERS, + }, + +/* end of list */ + }; + +static SSL_METHOD SSLv3_data= { + 3, + ssl3_new, + ssl3_clear, + ssl3_free, + ssl_undefined_function, + ssl_undefined_function, + ssl3_read, + ssl3_peek, + ssl3_write, + ssl3_shutdown, + ssl3_renegotiate, + ssl3_ctrl, + ssl3_ctx_ctrl, + ssl3_get_cipher_by_char, + ssl3_put_cipher_by_char, + ssl3_pending, + ssl3_num_ciphers, + ssl3_get_cipher, + ssl_bad_method, + ssl3_default_timeout, + }; + +static long ssl3_default_timeout() + { + /* 2 hours, the 24 hours mentioned in the SSLv3 spec + * is way too long for http, the cache would over fill */ + return(60*60*2); + } + +SSL_METHOD *sslv3_base_method() + { + return(&SSLv3_data); + } + +int ssl3_num_ciphers() + { + return(SSL3_NUM_CIPHERS); + } + +SSL_CIPHER *ssl3_get_cipher(u) +unsigned int u; + { + if (u < SSL3_NUM_CIPHERS) + return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u])); + else + return(NULL); + } + +/* The problem is that it may not be the correct record type */ +int ssl3_pending(s) +SSL *s; + { + return(s->s3->rrec.length); + } + +int ssl3_new(s) +SSL *s; + { + SSL3_CTX *s3; + + if ((s3=(SSL3_CTX *)Malloc(sizeof(SSL3_CTX))) == NULL) goto err; + + s->s3=s3; + s->s3->tmp.ca_names=NULL; + s->s3->tmp.key_block=NULL; + s->s3->rbuf.buf=NULL; + s->s3->wbuf.buf=NULL; + + ssl3_clear(s); + return(1); +err: + return(0); + } + +void ssl3_free(s) +SSL *s; + { + ssl3_cleanup_key_block(s); + if (s->s3->rbuf.buf != NULL) + Free(s->s3->rbuf.buf); + if (s->s3->wbuf.buf != NULL) + Free(s->s3->wbuf.buf); +#ifndef NO_DH + if (s->s3->tmp.dh != NULL) + DH_free(s->s3->tmp.dh); +#endif + if (s->s3->tmp.ca_names != NULL) + sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free); + memset(s->s3,0,sizeof(SSL3_CTX)); + Free(s->s3); + s->s3=NULL; + } + +void ssl3_clear(s) +SSL *s; + { + unsigned char *rp,*wp; + + ssl3_cleanup_key_block(s); + if (s->s3->tmp.ca_names != NULL) + sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free); + + rp=s->s3->rbuf.buf; + wp=s->s3->wbuf.buf; + + memset(s->s3,0,sizeof(SSL3_CTX)); + if (rp != NULL) + { + s->packet= &(s->s3->rbuf.buf[0]); + s->s3->rbuf.buf=rp; + s->s3->wbuf.buf=wp; + } + else + s->packet=NULL; + s->packet_length=0; + s->version=3; + } + +long ssl3_ctrl(s,cmd,larg,parg) +SSL *s; +int cmd; +long larg; +char *parg; + { + return(0); + } + +long ssl3_ctx_ctrl(ctx,cmd,larg,parg) +SSL_CTX *ctx; +int cmd; +long larg; +char *parg; + { + CERT *cert; + + cert=ctx->default_cert; + + switch (cmd) + { +#ifndef NO_RSA + case SSL_CTRL_NEED_TMP_RSA: + if ( (cert->rsa_tmp == NULL) && + ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || + (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))) + ) + return(1); + else + return(0); + break; + case SSL_CTRL_SET_TMP_RSA: + { + RSA *rsa; + int i; + + rsa=(RSA *)parg; + i=1; + if (rsa == NULL) + i=0; + else + { + if ((rsa=RSAPrivateKey_dup(rsa)) == NULL) + i=0; + } + if (!i) + { + SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB); + return(0); + } + else + { + if (cert->rsa_tmp != NULL) + RSA_free(cert->rsa_tmp); + cert->rsa_tmp=rsa; + return(1); + } + } + break; + case SSL_CTRL_SET_TMP_RSA_CB: + cert->rsa_tmp_cb=(RSA *(*)())parg; + break; +#endif +#ifndef NO_DH + case SSL_CTRL_SET_TMP_DH: + { + DH *new=NULL,*dh; + + dh=(DH *)parg; + if ( ((new=DHparams_dup(dh)) == NULL) || + (!DH_generate_key(new))) + { + SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); + if (new != NULL) DH_free(new); + return(0); + } + else + { + if (cert->dh_tmp != NULL) + DH_free(cert->dh_tmp); + cert->dh_tmp=new; + return(1); + } + } + break; + case SSL_CTRL_SET_TMP_DH_CB: + cert->dh_tmp_cb=(DH *(*)())parg; + break; +#endif + default: + return(0); + } + return(1); + } + +/* This function needs to check if the ciphers required are actually + * available */ +SSL_CIPHER *ssl3_get_cipher_by_char(p) +unsigned char *p; + { + static int init=1; + static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS]; + SSL_CIPHER c,*cp= &c,**cpp; + unsigned long id; + int i; + + if (init) + { + init=0; + + for (i=0; i<SSL3_NUM_CIPHERS; i++) + sorted[i]= &(ssl3_ciphers[i]); + + qsort( (char *)sorted, + SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *), + FP_ICC ssl_cipher_ptr_id_cmp); + } + + id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1]; + c.id=id; + cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp, + (char *)sorted, + SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *), + (int (*)())ssl_cipher_ptr_id_cmp); + if ((cpp == NULL) || !(*cpp)->valid) + return(NULL); + else + return(*cpp); + } + +int ssl3_put_cipher_by_char(c,p) +SSL_CIPHER *c; +unsigned char *p; + { + long l; + + if (p != NULL) + { + l=c->id; + if ((l & 0xff000000) != 0x03000000) return(0); + p[0]=((unsigned char)(l>> 8L))&0xFF; + p[1]=((unsigned char)(l ))&0xFF; + } + return(2); + } + +void ssl3_generate_key_block(s,km,num) +SSL *s; +unsigned char *km; +int num; + { + MD5_CTX m5; + SHA_CTX s1; + unsigned char buf[8],smd[SHA_DIGEST_LENGTH]; + unsigned char c='A'; + int i,j,k; + + k=0; + for (i=0; i<num; i+=MD5_DIGEST_LENGTH) + { + k++; + for (j=0; j<k; j++) + buf[j]=c; + c++; + SHA1_Init( &s1); + SHA1_Update(&s1,buf,k); + SHA1_Update(&s1,s->session->master_key, + s->session->master_key_length); + SHA1_Update(&s1,s->s3->server_random,SSL3_RANDOM_SIZE); + SHA1_Update(&s1,s->s3->client_random,SSL3_RANDOM_SIZE); + SHA1_Final( smd,&s1); + + MD5_Init( &m5); + MD5_Update(&m5,s->session->master_key, + s->session->master_key_length); + MD5_Update(&m5,smd,SHA_DIGEST_LENGTH); + if ((i+MD5_DIGEST_LENGTH) > num) + { + MD5_Final(smd,&m5); + memcpy(km,smd,(num-i)); + } + else + MD5_Final(km,&m5); + + km+=MD5_DIGEST_LENGTH; + } + memset(smd,0,SHA_DIGEST_LENGTH); + } + +int ssl3_part_read(s,i) +SSL *s; +int i; + { + s->rwstate=SSL_READING; + + if (i < 0) + { + return(i); + } + else + { + s->init_num+=i; + return(0); + } + } + +SSL_CIPHER *ssl3_choose_cipher(s,have,pref) +SSL *s; +STACK *have,*pref; + { + SSL_CIPHER *c,*ret=NULL; + int i,j,ok; + CERT *cert; + unsigned long alg,mask,emask; + + /* Lets see which ciphers we can supported */ + if (s->cert != NULL) + cert=s->cert; + else + cert=s->ctx->default_cert; + + ssl_set_cert_masks(cert); + mask=cert->mask; + emask=cert->export_mask; + + sk_set_cmp_func(pref,ssl_cipher_ptr_id_cmp); + + for (i=0; i<sk_num(have); i++) + { + c=(SSL_CIPHER *)sk_value(have,i); + alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK); + if (alg & SSL_EXPORT) + { + ok=((alg & emask) == alg)?1:0; +#ifdef CIPHER_DEBUG + printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name); +#endif + } + else + { + ok=((alg & mask) == alg)?1:0; +#ifdef CIPHER_DEBUG + printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name); +#endif + } + + if (!ok) continue; + + j=sk_find(pref,(char *)c); + if (j >= 0) + { + ret=(SSL_CIPHER *)sk_value(pref,j); + break; + } + } + return(ret); + } + +int ssl3_get_req_cert_type(s,p) +SSL *s; +unsigned char *p; + { + int ret=0; + unsigned long alg; + + alg=s->s3->tmp.new_cipher->algorithms; + +#ifndef NO_DH + if (alg & (SSL_kDHr|SSL_kEDH)) + { +#ifndef NO_RSA + p[ret++]=SSL3_CT_RSA_FIXED_DH; +#endif +#ifndef NO_DSA + p[ret++]=SSL3_CT_DSS_FIXED_DH; +#endif + } + if (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)) + { +#ifndef NO_RSA + p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH; +#endif +#ifndef NO_DSA + p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH; +#endif + } +#endif /* !NO_DH */ +#ifndef NO_RSA + p[ret++]=SSL3_CT_RSA_SIGN; +#endif +/* p[ret++]=SSL3_CT_DSS_SIGN; */ + return(ret); + } + +int ssl3_shutdown(s) +SSL *s; + { + + /* Don't do anything much if we have not done the handshake or + * we don't want to send messages :-) */ + if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) + { + s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); + return(1); + } + + if (!(s->shutdown & SSL_SENT_SHUTDOWN)) + { + s->shutdown|=SSL_SENT_SHUTDOWN; +#if 1 + ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_CLOSE_NOTIFY); +#endif + /* our shutdown alert has been sent now, and if it still needs + * to be written, s->s3->alert_dispatch will be true */ + } + else if (s->s3->alert_dispatch) + { + /* resend it if not sent */ +#if 1 + ssl3_dispatch_alert(s); +#endif + } + else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) + { + /* If we are waiting for a close from our peer, we are closed */ + ssl3_read_bytes(s,0,NULL,0); + } + + if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && + !s->s3->alert_dispatch) + return(1); + else + return(0); + } + +int ssl3_write(s,buf,len) +SSL *s; +const char *buf; +int len; + { + int ret,n; + BIO *under; + +#if 0 + if (s->shutdown & SSL_SEND_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + return(0); + } +#endif + errno=0; + + /* This is an experimental flag that sends the + * last handshake message in the same packet as the first + * use data - used to see if it helps the TCP protocol during + * session-id reuse */ + /* The second test is because the buffer may have been removed */ + if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) + { + /* First time through, we write into the buffer */ + if (s->s3->delay_buf_pop_ret == 0) + { + ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA, + (char *)buf,len); + if (ret <= 0) return(ret); + + s->s3->delay_buf_pop_ret=ret; + } + + s->rwstate=SSL_WRITING; + n=BIO_flush(s->wbio); + if (n <= 0) return(n); + s->rwstate=SSL_NOTHING; + + /* We have flushed the buffer */ + under=BIO_pop(s->wbio); + s->wbio=under; + BIO_free(s->bbio); + s->bbio=NULL; + ret=s->s3->delay_buf_pop_ret; + s->s3->delay_buf_pop_ret=0; + + s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; + } + else + { + ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA, + (char *)buf,len); + if (ret <= 0) return(ret); + } + return(ret); + } + +int ssl3_read(s,buf,len) +SSL *s; +char *buf; +int len; + { + errno=0; + return(ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len)); + } + +int ssl3_peek(s,buf,len) +SSL *s; +char *buf; +int len; + { + SSL3_RECORD *rr; + int n; + + rr= &(s->s3->rrec); + if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA)) + return(0); + + if ((unsigned int)len > rr->length) + n=rr->length; + else + n=len; + memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); + return(n); + } + +int ssl3_renegotiate(s) +SSL *s; + { + if (s->handshake_func == NULL) + return(1); + + if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) + return(0); + + if (!SSL_in_init(s)) + s->state=SSL_ST_RENEGOTIATE; + return(1); + } + diff --git a/ssl/s3_meth.c b/ssl/s3_meth.c new file mode 100644 index 0000000000..4762b21442 --- /dev/null +++ b/ssl/s3_meth.c @@ -0,0 +1,88 @@ +/* ssl/s3_meth.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "objects.h" +#include "ssl_locl.h" + +static SSL_METHOD *ssl3_get_method(ver) +int ver; + { + if (ver == 3) + return(SSLv3_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv3_method() + { + static int init=1; + static SSL_METHOD SSLv3_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(), + sizeof(SSL_METHOD)); + SSLv3_data.ssl_connect=ssl3_connect; + SSLv3_data.ssl_accept=ssl3_accept; + SSLv3_data.get_ssl_method=ssl3_get_method; + } + return(&SSLv3_data); + } + diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c new file mode 100644 index 0000000000..3be69ef138 --- /dev/null +++ b/ssl/s3_pkt.c @@ -0,0 +1,963 @@ +/* ssl/s3_pkt.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <errno.h> +#define USE_SOCKETS +#include "evp.h" +#include "buffer.h" +#include "ssl_locl.h" + +/* SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_BAD_RECORD_MAC); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_NO_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_BAD_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN); + * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER); + */ + +#ifndef NOPROTO +static int do_ssl3_write(SSL *s, int type, char *buf, unsigned int len); +static int ssl3_write_pending(SSL *s, int type, char *buf, unsigned int len); +static int ssl3_get_record(SSL *s); +static int do_compress(SSL *ssl); +static int do_uncompress(SSL *ssl); +#else +static int do_ssl3_write(); +static int ssl3_write_pending(); +static int ssl3_get_record(); +static int do_compress(); +static int do_uncompress(); +#endif + +static int ssl3_read_n(s,n,max,extend) +SSL *s; +int n; +int max; +int extend; + { + int i,off,newb; + + /* if there is stuff still in the buffer from a previous read, + * and there is more than we want, take some. */ + if (s->s3->rbuf.left >= (int)n) + { + if (extend) + s->packet_length+=n; + else + { + s->packet= &(s->s3->rbuf.buf[s->s3->rbuf.offset]); + s->packet_length=n; + } + s->s3->rbuf.left-=n; + s->s3->rbuf.offset+=n; + return(n); + } + + /* else we need to read more data */ + if (!s->read_ahead) max=n; + if (max > SSL3_RT_MAX_PACKET_SIZE) + max=SSL3_RT_MAX_PACKET_SIZE; + + /* First check if there is some left or we want to extend */ + off=0; + if ( (s->s3->rbuf.left != 0) || + ((s->packet_length != 0) && extend)) + { + newb=s->s3->rbuf.left; + if (extend) + { + /* Copy bytes back to the front of the buffer + * Take the bytes already pointed to by 'packet' + * and take the extra ones on the end. */ + off=s->packet_length; + if (s->packet != s->s3->rbuf.buf) + memcpy(s->s3->rbuf.buf,s->packet,newb+off); + } + else if (s->s3->rbuf.offset != 0) + { /* so the data is not at the start of the buffer */ + memcpy(s->s3->rbuf.buf, + &(s->s3->rbuf.buf[s->s3->rbuf.offset]),newb); + s->s3->rbuf.offset=0; + } + + s->s3->rbuf.left=0; + } + else + newb=0; + + /* So we now have 'newb' bytes at the front of + * s->s3->rbuf.buf and need to read some more in on the end + * We start reading into the buffer at 's->s3->rbuf.offset' + */ + s->packet=s->s3->rbuf.buf; + + while (newb < n) + { + errno=0; + if (s->rbio != NULL) + { + s->rwstate=SSL_READING; + i=BIO_read(s->rbio, + (char *)&(s->s3->rbuf.buf[off+newb]), + max-newb); + } + else + { + SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET); + i= -1; + } + + if (i <= 0) + { + s->s3->rbuf.left+=newb; + return(i); + } + newb+=i; + } + + /* record used data read */ + if (newb > n) + { + s->s3->rbuf.offset=n+off; + s->s3->rbuf.left=newb-n; + } + else + { + s->s3->rbuf.offset=0; + s->s3->rbuf.left=0; + } + + if (extend) + s->packet_length+=n; + else + s->packet_length+=n; + return(n); + } + +/* Call this to get a new input record. + * It will return <= 0 if more data is needed, normally due to an error + * or non-blocking IO. + * When it finishes, one packet has been decoded and can be found in + * ssl->s3->rrec.type - is the type of record + * ssl->s3->rrec.data, - data + * ssl->s3->rrec.length, - number of bytes + */ +static int ssl3_get_record(s) +SSL *s; + { + int ssl_major,ssl_minor,al; + int n,i,ret= -1; + SSL3_BUFFER *rb; + SSL3_RECORD *rr; + SSL_SESSION *sess; + unsigned char *p; + unsigned char md[EVP_MAX_MD_SIZE]; + short version; + unsigned int mac_size; + int clear=0,extra; + + rr= &(s->s3->rrec); + rb= &(s->s3->rbuf); + sess=s->session; + + if (s->ctx->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) + extra=SSL3_RT_MAX_EXTRA; + else + extra=0; + +again: + /* check if we have the header */ + if ( (s->rstate != SSL_ST_READ_BODY) || + (s->packet_length < SSL3_RT_HEADER_LENGTH)) + { + n=ssl3_read_n(s,SSL3_RT_HEADER_LENGTH, + SSL3_RT_MAX_PACKET_SIZE,0); + if (n <= 0) return(n); /* error or non-blocking */ + s->rstate=SSL_ST_READ_BODY; + + p=s->packet; + + /* Pull apart the header into the SSL3_RECORD */ + rr->type= *(p++); + ssl_major= *(p++); + ssl_minor= *(p++); + version=(ssl_major<<8)|ssl_minor; + n2s(p,rr->length); + + /* Lets check version */ + if (s->first_packet) + { + s->first_packet=0; + } + else + { + if ( (ssl_major != SSL3_VERSION_MAJOR) || + (ssl_minor != SSL3_VERSION_MINOR)) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); + goto f_err; + } + } + + if (s->version != SSL3_VERSION_MAJOR) + { + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_INTERNAL_ERROR); + goto err; + } + + if (rr->length > + (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG); + goto f_err; + } + + s->rstate=SSL_ST_READ_BODY; + } + + /* get and decode the data */ + if (s->rstate == SSL_ST_READ_BODY) + { + if (rr->length > (s->packet_length-SSL3_RT_HEADER_LENGTH)) + { + i=rr->length; + /*-(s->packet_length-SSL3_RT_HEADER_LENGTH); */ + n=ssl3_read_n(s,i,i,1); + if (n <= 0) return(n); /* error or non-blocking io */ + } + s->rstate=SSL_ST_READ_HEADER; + } + + /* At this point, we have the data in s->packet and there should be + * s->packet_length bytes, we must not 'overrun' this buffer :-) + * One of the following functions will copy the data from the + * s->packet buffer */ + + rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]); + + /* ok, we can now read from 's->packet' data into 'rr' + * rr->input points at rr->length bytes, which + * need to be copied into rr->data by either + * the decryption or by the decompression + * When the data is 'copied' into the rr->data buffer, + * rr->input will be pointed at the new buffer */ + + /* Set the state for the following operations */ + s->rstate=SSL_ST_READ_HEADER; + + /* We now have - encrypted [ MAC [ compressed [ plain ] ] ] + * rr->length bytes of encrypted compressed stuff. */ + + /* check is not needed I belive */ + if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG); + goto f_err; + } + + /* decrypt in place in 'rr->input' */ + rr->data=rr->input; + + if (!ssl3_enc(s,0)) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + goto f_err; + } + + /* r->length is now the compressed data plus mac */ + if ( (sess == NULL) || + (s->enc_read_ctx == NULL) || + (s->read_hash == NULL)) + clear=1; + + if (!clear) + { + mac_size=EVP_MD_size(s->read_hash); + + if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG); + goto f_err; + } + /* check MAC for rr->input' */ + if (rr->length < mac_size) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + rr->length-=mac_size; + i=ssl3_mac(s,md,0); + if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0) + { + al=SSL3_AD_BAD_RECORD_MAC; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_MAC_DECODE); + ret=SSL_RWERR_BAD_MAC_DECODE; + goto f_err; + } + } + + /* r->length is now just compressed */ + if ((sess != NULL) && (sess->read_compression != NULL)) + { + if (rr->length > + (unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG); + goto f_err; + } + if (!do_uncompress(s)) + { + al=SSL3_AD_DECOMPRESSION_FAILURE; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION); + goto f_err; + } + } + + if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra) + { + al=SSL3_AD_DECOMPRESSION_FAILURE; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG); + goto f_err; + } + + rr->off=0; + /* So at this point the following is true + * ssl->s3->rrec.type is the type of record + * ssl->s3->rrec.length == number of bytes in record + * ssl->s3->rrec.off == offset to first valid byte + * ssl->s3->rrec.data == where to take bytes from, increment + * after use :-). + */ + + /* we have pulled in a full packet so zero things */ + s->packet_length=0; + + /* just read a 0 length packet */ + if (rr->length == 0) goto again; + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(ret); + } + +static int do_uncompress(ssl) +SSL *ssl; + { + return(1); + } + +static int do_compress(ssl) +SSL *ssl; + { + return(1); + } + +/* Call this write a data + * It will return <= 0 if not all data has been sent or non-blocking IO. + */ +int ssl3_write_bytes(s,type,buf,len) +SSL *s; +int type; +char *buf; +int len; + { + unsigned int tot,n,nw; + int i; + + s->rwstate=SSL_NOTHING; + tot=s->s3->wnum; + s->s3->wnum=0; + + if (SSL_in_init(s) && !s->in_handshake) + { + i=s->handshake_func(s); + if (i < 0) return(i); + if (i == 0) + { + SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + } + + n=(len-tot); + for (;;) + { + if (n > SSL3_RT_MAX_PLAIN_LENGTH) + nw=SSL3_RT_MAX_PLAIN_LENGTH; + else + nw=n; + + i=do_ssl3_write(s,type,&(buf[tot]),nw); + if (i <= 0) + { + s->s3->wnum=tot; + return(i); + } + + if (type == SSL3_RT_HANDSHAKE) + ssl3_finish_mac(s,(unsigned char *)&(buf[tot]),i); + + if (i == (int)n) return(tot+i); + + n-=i; + tot+=i; + } + } + +static int do_ssl3_write(s,type,buf,len) +SSL *s; +int type; +char *buf; +unsigned int len; + { + unsigned char *p,*plen; + int i,mac_size,clear=0; + SSL3_RECORD *wr; + SSL3_BUFFER *wb; + SSL_SESSION *sess; + + /* first check is there is a SSL3_RECORD still being written + * out. This will happen with non blocking IO */ + if (s->s3->wbuf.left != 0) + return(ssl3_write_pending(s,type,buf,len)); + + /* If we have an alert to send, lets send it */ + if (s->s3->alert_dispatch) + { + i=ssl3_dispatch_alert(s); + if (i <= 0) + return(i); + /* if it went, fall through and send more stuff */ + } + + if (len <= 0) return(len); + + wr= &(s->s3->wrec); + wb= &(s->s3->wbuf); + sess=s->session; + + if ( (sess == NULL) || + (s->enc_write_ctx == NULL) || + (s->write_hash == NULL)) + clear=1; + + if (clear) + mac_size=0; + else + mac_size=EVP_MD_size(s->write_hash); + + p=wb->buf; + + /* write the header */ + *(p++)=type&0xff; + wr->type=type; + + *(p++)=SSL3_VERSION_MAJOR; + *(p++)=SSL3_VERSION_MINOR; + + /* record where we are to write out packet length */ + plen=p; + p+=2; + + /* lets setup the record stuff. */ + wr->data=p; + wr->length=(int)len; + wr->input=(unsigned char *)buf; + + /* we now 'read' from wr->input, wr->length bytes into + * wr->data */ + + /* first we compress */ + if ((sess != NULL) && (sess->write_compression != NULL)) + { + if (!do_compress(s)) + { + SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE); + goto err; + } + } + else + { + memcpy(wr->data,wr->input,wr->length); + wr->input=wr->data; + } + + /* we should still have the output to wr->data and the input + * from wr->input. Length should be wr->length. + * wr->data still points in the wb->buf */ + + if (mac_size != 0) + { + ssl3_mac(s,&(p[wr->length]),1); + wr->length+=mac_size; + wr->input=p; + wr->data=p; + } + + /* ssl3_enc can only have an error on read */ + ssl3_enc(s,1); + + /* record length after mac and block padding */ + s2n(wr->length,plen); + + /* we should now have + * wr->data pointing to the encrypted data, which is + * wr->length long */ + wr->type=type; /* not needed but helps for debugging */ + wr->length+=SSL3_RT_HEADER_LENGTH; + + /* Now lets setup wb */ + wb->left=wr->length; + wb->offset=0; + + s->s3->wpend_tot=len; + s->s3->wpend_buf=buf; + s->s3->wpend_type=type; + s->s3->wpend_ret=len; + + /* we now just need to write the buffer */ + return(ssl3_write_pending(s,type,buf,len)); +err: + return(-1); + } + +/* if s->s3->wbuf.left != 0, we need to call this */ +static int ssl3_write_pending(s,type,buf,len) +SSL *s; +int type; +char *buf; +unsigned int len; + { + int i; + + if ((s->s3->wpend_tot != (int)len) || (s->s3->wpend_buf != buf) + || (s->s3->wpend_type != type)) + { + SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); + return(SSL_RWERR_BAD_WRITE_RETRY); + } + + for (;;) + { + errno=0; + if (s->wbio != NULL) + { + s->rwstate=SSL_WRITING; + i=BIO_write(s->wbio, + (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]), + (unsigned int)s->s3->wbuf.left); + } + else + { + SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET); + i= -1; + } + if (i == s->s3->wbuf.left) + { + s->s3->wbuf.left=0; + s->rwstate=SSL_NOTHING; + return(s->s3->wpend_ret); + } + else if (i <= 0) + return(i); + s->s3->wbuf.offset+=i; + s->s3->wbuf.left-=i; + } + } + +int ssl3_read_bytes(s,type,buf,len) +SSL *s; +int type; +char *buf; +int len; + { + int al,i,j,n,ret; + SSL3_RECORD *rr; + unsigned char *sender; + void (*cb)()=NULL; + + if (s->s3->rbuf.buf == NULL) /* Not initalised yet */ + if (!ssl3_setup_buffers(s)) + return(-1); + + if (!s->in_handshake && SSL_in_before(s)) + { + i=s->handshake_func(s); + if (i < 0) return(i); + if (i == 0) + { + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + } +start: + s->rwstate=SSL_NOTHING; + + /* s->s3->rrec.type - is the type of record + * s->s3->rrec.data, - data + * s->s3->rrec.off, - ofset into 'data' for next read + * s->s3->rrec.length, - number of bytes. */ + rr= &(s->s3->rrec); + + /* get new packet */ + if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) + { + ret=ssl3_get_record(s); + if (ret <= 0) return(ret); + } + + /* we now have a packet which can be read and processed */ + + if (s->s3->change_cipher_spec && (rr->type != SSL3_RT_HANDSHAKE)) + { + al=SSL3_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED); + goto err; + } + + /* If the other end has shutdown, throw anything we read away */ + if (s->shutdown & SSL_RECEIVED_SHUTDOWN) + { + rr->length=0; + s->rwstate=SSL_NOTHING; + return(0); + } + + /* Check for an incoming 'Client Request' message */ + if ((rr->type == SSL3_RT_HANDSHAKE) && (rr->length == 4) && + (rr->data[0] == SSL3_MT_CLIENT_REQUEST) && + (s->session != NULL) && (s->session->cipher != NULL)) + { + if ((rr->data[1] != 0) || (rr->data[2] != 0) || + (rr->data[3] != 0)) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CLIENT_REQUEST); + goto err; + } + + if (SSL_is_init_finished(s) && + !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + { + ssl3_renegotiate(s); + n=s->handshake_func(s); + if (n < 0) return(n); + if (n == 0) + { + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + } + rr->length=0; +/* ZZZ */ goto start; + } + + /* if it is not the type we want, or we have shutdown and want + * the peer shutdown */ + if ((rr->type != type) || (s->shutdown & SSL_SENT_SHUTDOWN)) + { + if (rr->type == SSL3_RT_ALERT) + { + if ((rr->length != 2) || (rr->off != 0)) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_ALERT_RECORD); + goto f_err; + } + + i=rr->data[0]; + n=rr->data[1]; + + /* clear from buffer */ + rr->length=0; + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (cb != NULL) + { + j=(i<<8)|n; + cb(s,SSL_CB_READ_ALERT,j); + } + + if (i == 1) + { + s->s3->warn_alert=n; + if (n == SSL3_AD_CLOSE_NOTIFY) + { + s->shutdown|=SSL_RECEIVED_SHUTDOWN; + return(0); + } + } + else if (i == 2) + { + s->rwstate=SSL_NOTHING; + s->s3->fatal_alert=n; + SSLerr(SSL_F_SSL3_READ_BYTES,1000+n); + s->shutdown|=SSL_RECEIVED_SHUTDOWN; + SSL_CTX_remove_session(s->ctx,s->session); + return(0); + } + else + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE); + goto f_err; + } + + rr->length=0; + goto start; + } + + if (s->shutdown & SSL_SENT_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + rr->length=0; + return(0); + } + + if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) + { + if ( (rr->length != 1) || (rr->off != 0) || + (rr->data[0] != SSL3_MT_CCS)) + { + i=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); + goto err; + } + + rr->length=0; + + s->s3->change_cipher_spec=1; + + if (s->state & SSL_ST_ACCEPT) + i=SSL3_CHANGE_CIPHER_SERVER_READ; + else + i=SSL3_CHANGE_CIPHER_CLIENT_READ; + + if (s->s3->tmp.key_block == NULL) + { + s->session->cipher=s->s3->tmp.new_cipher; + if (!ssl3_setup_key_block(s)) + goto err; + } + + if (!ssl3_change_cipher_state(s,i)) + goto err; + + /* we have to record the message digest at + * this point so we can get it before we read + * the finished message */ + sender=(s->state & SSL_ST_CONNECT) + ?&(ssl3_server_finished_const[0]) + :&(ssl3_client_finished_const[0]); + + ssl3_final_finish_mac(s,&(s->s3->finish_dgst1), + sender,&(s->s3->tmp.finish_md1[0])); + ssl3_final_finish_mac(s,&(s->s3->finish_dgst2), + sender,&(s->s3->tmp.finish_md2[0])); + + goto start; + } + + /* else we have a handshake */ + if ((rr->type == SSL3_RT_HANDSHAKE) && + !s->in_handshake) + { + if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && + !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + { + s->state=SSL_ST_BEFORE; + s->new_session=1; + } + n=s->handshake_func(s); + if (n < 0) return(n); + if (n == 0) + { + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); + return(-1); + } + goto start; + } + + al=SSL3_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD); + goto f_err; + } + + /* make sure that we are not getting application data when we + * are doing a handshake for the first time */ + if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && + (s->enc_read_ctx == NULL)) + { + al=SSL3_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE); + goto f_err; + } + + if (len <= 0) return(len); + + if ((unsigned int)len > rr->length) + n=rr->length; + else + n=len; + + memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); + rr->length-=n; + rr->off+=n; + if (rr->length <= 0) + s->rstate=SSL_ST_READ_HEADER; + + if (type == SSL3_RT_HANDSHAKE) + ssl3_finish_mac(s,(unsigned char *)buf,n); + return(n); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(-1); + } + +int ssl3_do_write(s,type) +SSL *s; +int type; + { + int ret; + + ret=ssl3_write_bytes(s,type,(char *) + &(s->init_buf->data[s->init_off]),s->init_num); + if (ret == s->init_num) + return(1); + if (ret < 0) return(-1); + s->init_off+=ret; + s->init_num-=ret; + return(0); + } + +void ssl3_send_alert(s,level,desc) +SSL *s; +int level; +int desc; + { + /* If a fatal one, remove from cache */ + if ((level == 2) && (s->session != NULL)) + SSL_CTX_remove_session(s->ctx,s->session); + + s->s3->alert_dispatch=1; + s->s3->send_alert[0]=level; + s->s3->send_alert[1]=desc; + if (s->s3->wbuf.left == 0) /* data still being written out */ + ssl3_dispatch_alert(s); + /* else data is still being written out, we will get written + * some time in the future */ + } + +int ssl3_dispatch_alert(s) +SSL *s; + { + int i,j; + void (*cb)()=NULL; + + s->s3->alert_dispatch=0; + i=do_ssl3_write(s,SSL3_RT_ALERT,&(s->s3->send_alert[0]),2); + if (i <= 0) + { + s->s3->alert_dispatch=1; + } + else + { + /* If it is important, send it now. If the message + * does not get sent due to non-blocking IO, we will + * not worry too much. */ + if (s->s3->send_alert[0] == SSL3_AL_FATAL) + BIO_flush(s->wbio); + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (cb != NULL) + { + j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1]; + cb(s,SSL_CB_WRITE_ALERT,j); + } + } + return(i); + } + diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c new file mode 100644 index 0000000000..ebff57506f --- /dev/null +++ b/ssl/s3_srvr.c @@ -0,0 +1,1629 @@ +/* ssl/s3_srvr.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#define REUSE_CIPHER_BUG + +#include <stdio.h> +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" +#include "ssl_locl.h" + +#define BREAK break +/* SSLerr(SSL_F_SSL3_ACCEPT,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_MALLOC_FAILURE); + * SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE); + */ + +#ifndef NOPROTO +static int ssl3_get_client_hello(SSL *s); +static int ssl3_send_server_hello(SSL *s); +static int ssl3_send_server_key_exchange(SSL *s); +static int ssl3_send_certificate_request(SSL *s); +static int ssl3_send_server_done(SSL *s); +static int ssl3_get_cert_verify(SSL *s); +static int ssl3_get_client_key_exchange(SSL *s); +static int ssl3_get_client_certificate(SSL *s); +static int ssl3_send_hello_request(SSL *s); + +#else + +static int ssl3_get_client_hello(); +static int ssl3_send_server_hello(); +static int ssl3_send_server_key_exchange(); +static int ssl3_send_certificate_request(); +static int ssl3_send_server_done(); +static int ssl3_get_cert_verify(); +static int ssl3_get_client_key_exchange(); +static int ssl3_get_client_certificate(); +static int ssl3_send_hello_request(); +static SSL_METHOD *ssl3_get_server_method(); + +#endif + +static SSL_METHOD *ssl3_get_server_method(ver) +int ver; + { + if (ver == 3) + return(SSLv3_server_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv3_server_method() + { + static int init=1; + static SSL_METHOD SSLv3_server_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(), + sizeof(SSL_METHOD)); + SSLv3_server_data.ssl_accept=ssl3_accept; + SSLv3_server_data.get_ssl_method=ssl3_get_server_method; + } + return(&SSLv3_server_data); + } + +int ssl3_accept(s) +SSL *s; + { + BUF_MEM *buf; + unsigned long l,Time=time(NULL); + void (*cb)()=NULL; + long num1; + int ret= -1; + CERT *ct; + BIO *bbio,*under; + int new_state,state,skip=0; + + RAND_seed((unsigned char *)&Time,sizeof(Time)); + ERR_clear_error(); + errno=0; + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + /* init things to blank */ + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + +#ifdef undef + /* FIX THIS EAY EAY EAY */ + /* we don't actually need a cert, we just need a cert or a DH_tmp */ + if (((s->session == NULL) || (s->session->cert == NULL)) && + (s->cert == NULL)) + { + SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET); + ret= -1; + goto end; + } +#endif + + for (;;) + { + state=s->state; + + switch (s->state) + { + case SSL_ST_RENEGOTIATE: + s->new_session=1; + /* s->state=SSL_ST_ACCEPT; */ + + case SSL_ST_BEFORE: + case SSL_ST_ACCEPT: + case SSL_ST_BEFORE|SSL_ST_ACCEPT: + case SSL_ST_OK|SSL_ST_ACCEPT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + s->version=3; + s->type=SSL_ST_ACCEPT; + + if (s->init_buf == NULL) + { + if ((buf=BUF_MEM_new()) == NULL) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + } + + if (!ssl3_setup_buffers(s)) + { + ret= -1; + goto end; + } + + /* Ok, we now need to push on a buffering BIO so that + * the output is sent in a way that TCP likes :-) + */ + if (s->bbio == NULL) + { + bbio=BIO_new(BIO_f_buffer()); + if (bbio == NULL) + { + SSLerr(SSL_F_SSL3_ACCEPT,ERR_LIB_BUF); + ret= -1; + goto end; + } + s->bbio=bbio; + } + else + bbio=s->bbio; + BIO_reset(bbio); + if (!BIO_set_write_buffer_size(bbio,16*1024)) + { + SSLerr(SSL_F_SSL3_ACCEPT,ERR_LIB_BUF); + ret= -1; + goto end; + } + + s->wbio=BIO_push(bbio,s->wbio); + + s->ctx->sess_accept++; + s->init_num=0; + + if (s->state != SSL_ST_RENEGOTIATE) + { + s->state=SSL3_ST_SR_CLNT_HELLO_A; + ssl3_init_finished_mac(s); + } + else + { + s->state=SSL3_ST_SW_HELLO_REQ_A; + } + break; + + case SSL3_ST_SW_HELLO_REQ_A: + case SSL3_ST_SW_HELLO_REQ_B: + + s->shutdown=0; + ret=ssl3_send_hello_request(s); + if (ret <= 0) goto end; + s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C; + s->state=SSL3_ST_SW_FLUSH; + s->init_num=0; + + ssl3_init_finished_mac(s); + break; + + case SSL3_ST_SW_HELLO_REQ_C: + /* remove buffering on output */ + under=BIO_pop(s->wbio); + if (under != NULL) + s->wbio=under; + else + abort(); /* ok */ + BIO_free(s->bbio); + s->bbio=NULL; + + s->state=SSL_ST_OK; + ret=1; + goto end; + break; + + case SSL3_ST_SR_CLNT_HELLO_A: + case SSL3_ST_SR_CLNT_HELLO_B: + case SSL3_ST_SR_CLNT_HELLO_C: + + s->shutdown=0; + ret=ssl3_get_client_hello(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_SW_SRVR_HELLO_A; + s->init_num=0; + break; + + case SSL3_ST_SW_SRVR_HELLO_A: + case SSL3_ST_SW_SRVR_HELLO_B: + ret=ssl3_send_server_hello(s); + if (ret <= 0) goto end; + + if (s->hit) + s->state=SSL3_ST_SW_CHANGE_A; + else + s->state=SSL3_ST_SW_CERT_A; + s->init_num=0; + break; + + case SSL3_ST_SW_CERT_A: + case SSL3_ST_SW_CERT_B: + /* Check if it is anon DH */ + if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) + { + ret=ssl3_send_server_certificate(s); + if (ret <= 0) goto end; + } + else + skip=1; + s->state=SSL3_ST_SW_KEY_EXCH_A; + s->init_num=0; + break; + + case SSL3_ST_SW_KEY_EXCH_A: + case SSL3_ST_SW_KEY_EXCH_B: + l=s->s3->tmp.new_cipher->algorithms; + if (s->session->cert == NULL) + { + if (s->cert != NULL) + { + CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT); + s->session->cert=s->cert; + } + else + { + CRYPTO_add(&s->ctx->default_cert->references,1,CRYPTO_LOCK_SSL_CERT); + s->session->cert=s->ctx->default_cert; + } + } + ct=s->session->cert; + + /* clear this, it may get reset by + * send_server_key_exchange */ + if (s->ctx->options & SSL_OP_EPHEMERAL_RSA) + s->s3->tmp.use_rsa_tmp=1; + else + s->s3->tmp.use_rsa_tmp=0; + + /* only send if a DH key exchange, fortezza or + * RSA but we have a sign only certificate */ + if ( s->s3->tmp.use_rsa_tmp || + (l & (SSL_DH|SSL_kFZA)) || + ((l & SSL_kRSA) && + ((ct->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)|| + ((l & SSL_EXPORT) && + (EVP_PKEY_size(ct->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > 512) + ) + ) + ) + ) + { + ret=ssl3_send_server_key_exchange(s); + if (ret <= 0) goto end; + } + else + skip=1; + + s->state=SSL3_ST_SW_CERT_REQ_A; + s->init_num=0; + break; + + case SSL3_ST_SW_CERT_REQ_A: + case SSL3_ST_SW_CERT_REQ_B: + if (!(s->verify_mode & SSL_VERIFY_PEER) || + ((s->session->peer != NULL) && + (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) + { + /* no cert request */ + skip=1; + s->state=SSL3_ST_SW_SRVR_DONE_A; + } + else + { + ret=ssl3_send_certificate_request(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_SW_SRVR_DONE_A; + s->init_num=0; + } + break; + + case SSL3_ST_SW_SRVR_DONE_A: + case SSL3_ST_SW_SRVR_DONE_B: + ret=ssl3_send_server_done(s); + if (ret <= 0) goto end; + s->s3->tmp.next_state=SSL3_ST_SR_CERT_A; + s->state=SSL3_ST_SW_FLUSH; + s->init_num=0; + break; + + case SSL3_ST_SW_FLUSH: + /* number of bytes to be flushed */ + num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); + if (num1 > 0) + { + s->rwstate=SSL_WRITING; + num1=BIO_flush(s->wbio); + if (num1 <= 0) { ret= -1; goto end; } + s->rwstate=SSL_NOTHING; + } + + s->state=s->s3->tmp.next_state; + break; + + case SSL3_ST_SR_CERT_A: + case SSL3_ST_SR_CERT_B: + /* could be sent for a DH cert, even if we + * have not asked for it :-) */ + ret=ssl3_get_client_certificate(s); + if (ret <= 0) goto end; + s->init_num=0; + s->state=SSL3_ST_SR_KEY_EXCH_A; + break; + + case SSL3_ST_SR_KEY_EXCH_A: + case SSL3_ST_SR_KEY_EXCH_B: + ret=ssl3_get_client_key_exchange(s); + if (ret <= 0) goto end; + s->state=SSL3_ST_SR_CERT_VRFY_A; + s->init_num=0; + + /* We need to get hashes here so if there is + * a client cert, it can be verified */ + ssl3_final_finish_mac(s,&(s->s3->finish_dgst1), + NULL,&(s->s3->tmp.finish_md1[0])); + ssl3_final_finish_mac(s,&(s->s3->finish_dgst2), + NULL,&(s->s3->tmp.finish_md2[0])); + + break; + + case SSL3_ST_SR_CERT_VRFY_A: + case SSL3_ST_SR_CERT_VRFY_B: + + /* we should decide if we expected this one */ + ret=ssl3_get_cert_verify(s); + if (ret <= 0) goto end; + + s->state=SSL3_ST_SR_FINISHED_A; + s->init_num=0; + break; + + case SSL3_ST_SR_FINISHED_A: + case SSL3_ST_SR_FINISHED_B: + ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A, + SSL3_ST_SR_FINISHED_B, + &(ssl3_client_finished_const[0])); + if (ret <= 0) goto end; + if (s->hit) + s->state=SSL_ST_OK; + else + s->state=SSL3_ST_SW_CHANGE_A; + s->init_num=0; + break; + + case SSL3_ST_SW_CHANGE_A: + case SSL3_ST_SW_CHANGE_B: + + s->session->cipher=s->s3->tmp.new_cipher; + if (!ssl3_setup_key_block(s)) { ret= -1; goto end; } + + ret=ssl3_send_change_cipher_spec(s, + SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B); + + if (ret <= 0) goto end; + s->state=SSL3_ST_SW_FINISHED_A; + s->init_num=0; + + if (!ssl3_change_cipher_state(s, + SSL3_CHANGE_CIPHER_SERVER_WRITE)) + { + ret= -1; + goto end; + } + + break; + + case SSL3_ST_SW_FINISHED_A: + case SSL3_ST_SW_FINISHED_B: + ret=ssl3_send_finished(s, + SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B, + &(ssl3_server_finished_const[0])); + if (ret <= 0) goto end; + s->state=SSL3_ST_SW_FLUSH; + if (s->hit) + s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A; + else + s->s3->tmp.next_state=SSL_ST_OK; + s->init_num=0; + break; + + case SSL_ST_OK: + /* clean a few things up */ + ssl3_cleanup_key_block(s); + + BUF_MEM_free(s->init_buf); + s->init_buf=NULL; + + /* remove buffering on output */ + under=BIO_pop(s->wbio); + if (under != NULL) + s->wbio=under; + else + abort(); /* ok */ + BIO_free(s->bbio); + s->bbio=NULL; + + s->new_session=0; + s->init_num=0; + + ssl_update_cache(s,SSL_SESS_CACHE_SERVER); + + s->ctx->sess_accept_good++; + /* s->server=1; */ + s->handshake_func=ssl3_accept; + ret=1; + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); + + goto end; + break; + + default: + SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + break; + } + + if (!s->s3->tmp.reuse_message && !skip) + { + if (s->debug) BIO_flush(s->wbio); + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_ACCEPT_LOOP,1); + s->state=new_state; + } + } + skip=0; + } +end: + /* BIO_flush(s->wbio); */ + + if (cb != NULL) + cb(s,SSL_CB_ACCEPT_EXIT,ret); + s->in_handshake--; + return(ret); + } + +static int ssl3_send_hello_request(s) +SSL *s; + { + unsigned char *p; + + if (s->state == SSL3_ST_SW_HELLO_REQ_A) + { + p=(unsigned char *)s->init_buf->data; + *(p++)=SSL3_MT_CLIENT_REQUEST; + *(p++)=0; + *(p++)=0; + *(p++)=0; + + s->state=SSL3_ST_SW_HELLO_REQ_B; + /* number of bytes to write */ + s->init_num=4; + s->init_off=0; + } + + /* SSL3_ST_SW_HELLO_REQ_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +static int ssl3_get_client_hello(s) +SSL *s; + { + int i,j,ok,al,ret= -1; + long n; + unsigned long id; + unsigned char *p,*d; + SSL_CIPHER *c; + STACK *ciphers=NULL; + + if (s->state == SSL3_ST_SR_CLNT_HELLO_A) + { + s->first_packet=1; + s->state=SSL3_ST_SR_CLNT_HELLO_B; + } + n=ssl3_get_message(s, + SSL3_ST_SR_CLNT_HELLO_B, + SSL3_ST_SR_CLNT_HELLO_C, + SSL3_MT_CLIENT_HELLO, + SSL3_RT_MAX_PLAIN_LENGTH, + &ok); + + if (!ok) return((int)n); + d=p=(unsigned char *)s->init_buf->data; + + if (p[0] != SSL3_VERSION_MAJOR) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_WRONG_SSL_VERSION); + goto err; + } + p+=2; + + /* load the client random */ + memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + + /* get the session-id */ + j= *(p++); + + s->hit=0; + if (j == 0) + { + if (!ssl_get_new_session(s,1)) + goto err; + } + else + { + i=ssl_get_prev_session(s,j,p); + if (i == 1) + { /* previous session */ + s->hit=1; + } + else + { + if (!ssl_get_new_session(s,1)) + goto err; + } + } + + p+=j; + n2s(p,i); + if ((i == 0) && (j != 0)) + { + /* we need a cipher if we are not resuming a session */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED); + goto f_err; + } + if ((i+p) > (d+n)) + { + /* not enough data */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH); + goto f_err; + } + if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers)) + == NULL)) + { + goto err; + } + p+=i; + + /* If it is a hit, check that the cipher is in the list */ + if ((s->hit) && (i > 0)) + { + j=0; + id=s->session->cipher->id; + + for (i=0; i<sk_num(ciphers); i++) + { + c=(SSL_CIPHER *)sk_value(ciphers,i); + if (c->id == id) + { + j=1; + break; + } + } + if (j == 0) + { + if ((s->ctx->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_num(ciphers) == 1)) + { + /* Very bad for multi-threading.... */ + s->session->cipher= + (SSL_CIPHER *)sk_value(ciphers,0); + } + else + { + /* we need to have the cipher in the cipher + * list if we are asked to reuse it */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING); + goto f_err; + } + } + } + + /* compression */ + i= *(p++); + for (j=0; j<i; j++) + if (p[j] == 0) break; + + p+=i; + if (j >= i) + { + /* no compress */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED); + goto f_err; + } + + if (p > (d+n)) + { + /* wrong number of bytes, + * there could be more to follow */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH); + goto f_err; + } + + /* do nothing with compression */ + + /* Given s->session->ciphers and ssl_get_ciphers_by_id(s), we must + * pick a cipher */ + + if (!s->hit) + { + if (s->session->ciphers != NULL) + sk_free(s->session->ciphers); + s->session->ciphers=ciphers; + if (ciphers == NULL) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED); + goto f_err; + } + ciphers=NULL; + c=ssl3_choose_cipher(s,s->session->ciphers, + ssl_get_ciphers_by_id(s)); + + if (c == NULL) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); + goto f_err; + } + s->s3->tmp.new_cipher=c; + } + else + { + /* Session-id reuse */ +#ifdef REUSE_CIPHER_BUG + STACK *sk; + SSL_CIPHER *nc=NULL; + SSL_CIPHER *ec=NULL; + + if (s->ctx->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG) + { + sk=s->session->ciphers; + for (i=0; i<sk_num(sk); i++) + { + c=(SSL_CIPHER *)sk_value(sk,i); + if (c->algorithms & SSL_eNULL) + nc=c; + if (c->algorithms & SSL_EXP) + ec=c; + } + if (nc != NULL) + s->s3->tmp.new_cipher=nc; + else if (ec != NULL) + s->s3->tmp.new_cipher=ec; + else + s->s3->tmp.new_cipher=s->session->cipher; + } + else +#endif + s->s3->tmp.new_cipher=s->session->cipher; + } + + /* we now have the following setup. + * client_random + * cipher_list - our prefered list of ciphers + * ciphers - the clients prefered list of ciphers + * compression - basically ignored right now + * ssl version is set - sslv3 + * s->session - The ssl session has been setup. + * s->hit - sesson reuse flag + * s->tmp.new_cipher - the new cipher to use. + */ + + ret=1; + if (0) + { +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + } +err: + if (ciphers != NULL) sk_free(ciphers); + return(ret); + } + +static int ssl3_send_server_hello(s) +SSL *s; + { + unsigned char *buf; + unsigned char *p,*d; + int i,sl; + unsigned long l,Time; + + if (s->state == SSL3_ST_SW_SRVR_HELLO_A) + { + buf=(unsigned char *)s->init_buf->data; + p=s->s3->server_random; + Time=time(NULL); /* Time */ + l2n(Time,p); + RAND_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); + /* Do the message type and length last */ + d=p= &(buf[4]); + + *(p++)=SSL3_VERSION_MAJOR; + *(p++)=SSL3_VERSION_MINOR; + + /* Random stuff */ + memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); + p+=SSL3_RANDOM_SIZE; + + /* now in theory we have 3 options to sending back the + * session id. If it is a re-use, we send back the + * old session-id, if it is a new session, we send + * back the new session-id or we send back a 0 length + * session-id if we want it to be single use. + * Currently I will not implement the '0' length session-id + */ + + sl=s->session->session_id_length; + *(p++)=sl; + memcpy(p,s->session->session_id,sl); + p+=sl; + + /* put the cipher */ + i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p); + p+=i; + + /* put the compression method */ + *(p++)=0; + + /* do the header */ + l=(p-d); + d=buf; + *(d++)=SSL3_MT_SERVER_HELLO; + l2n3(l,d); + + s->state=SSL3_ST_CW_CLNT_HELLO_B; + /* number of bytes to write */ + s->init_num=p-buf; + s->init_off=0; + } + + /* SSL3_ST_CW_CLNT_HELLO_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +static int ssl3_send_server_done(s) +SSL *s; + { + unsigned char *p; + + if (s->state == SSL3_ST_SW_SRVR_DONE_A) + { + p=(unsigned char *)s->init_buf->data; + + /* do the header */ + *(p++)=SSL3_MT_SERVER_DONE; + *(p++)=0; + *(p++)=0; + *(p++)=0; + + s->state=SSL3_ST_SW_SRVR_DONE_B; + /* number of bytes to write */ + s->init_num=4; + s->init_off=0; + } + + /* SSL3_ST_CW_CLNT_HELLO_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } + +static int ssl3_send_server_key_exchange(s) +SSL *s; + { +#ifndef NO_RSA + unsigned char *q; + int j,num; + RSA *rsa; + unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; +#endif +#ifndef NO_DH + DH *dh,*dhp; +#endif + EVP_PKEY *pkey; + unsigned char *p,*d; + int al,i; + unsigned long type; + int n; + CERT *cert; + BIGNUM *r[4]; + int nr[4],kn; + BUF_MEM *buf; + EVP_MD_CTX md_ctx; + + if (s->state == SSL3_ST_SW_KEY_EXCH_A) + { + type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK; + cert=s->session->cert; + + buf=s->init_buf; + + r[0]=r[1]=r[2]=r[3]=NULL; + n=0; +#ifndef NO_RSA + if (type & SSL_kRSA) + { + rsa=cert->rsa_tmp; + if ((rsa == NULL) && (s->ctx->default_cert->rsa_tmp_cb != NULL)) + { + rsa=s->ctx->default_cert->rsa_tmp_cb(s, + (s->s3->tmp.new_cipher->algorithms| + SSL_NOT_EXP)?0:1); + CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); + cert->rsa_tmp=rsa; + } + if (rsa == NULL) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY); + goto f_err; + } + r[0]=rsa->n; + r[1]=rsa->e; + s->s3->tmp.use_rsa_tmp=1; + } + else +#endif +#ifndef NO_DH + if (type & SSL_kEDH) + { + dhp=cert->dh_tmp; + if ((dhp == NULL) && (cert->dh_tmp_cb != NULL)) + dhp=cert->dh_tmp_cb(s, + (s->s3->tmp.new_cipher->algorithms| + SSL_NOT_EXP)?0:1); + if (dhp == NULL) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY); + goto f_err; + } + if ((dh=DHparams_dup(dhp)) == NULL) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + + s->s3->tmp.dh=dh; + if (((dhp->pub_key == NULL) || + (dhp->priv_key == NULL) || + (s->ctx->options & SSL_OP_SINGLE_DH_USE)) && + (!DH_generate_key(dh))) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + else + { + dh->pub_key=BN_dup(dhp->pub_key); + dh->priv_key=BN_dup(dhp->priv_key); + if ((dh->pub_key == NULL) || + (dh->priv_key == NULL)) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + } + r[0]=dh->p; + r[1]=dh->g; + r[2]=dh->pub_key; + } + else +#endif + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); + goto f_err; + } + for (i=0; r[i] != NULL; i++) + { + nr[i]=BN_num_bytes(r[i]); + n+=2+nr[i]; + } + + if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) + { + if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher)) + == NULL) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + goto f_err; + } + kn=EVP_PKEY_size(pkey); + } + else + { + pkey=NULL; + kn=0; + } + + if (!BUF_MEM_grow(buf,n+4+kn)) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF); + goto err; + } + d=(unsigned char *)s->init_buf->data; + p= &(d[4]); + + for (i=0; r[i] != NULL; i++) + { + s2n(nr[i],p); + BN_bn2bin(r[i],p); + p+=nr[i]; + } + + /* not anonymous */ + if (pkey != NULL) + { + /* n is the length of the params, they start at &(d[4]) + * and p points to the space at the end. */ +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + q=md_buf; + j=0; + for (num=2; num > 0; num--) + { + EVP_DigestInit(&md_ctx,(num == 2)?EVP_md5():EVP_sha1()); + EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); + EVP_DigestUpdate(&md_ctx,&(d[4]),n); + EVP_DigestFinal(&md_ctx,q, + (unsigned int *)&i); + q+=i; + j+=i; + } + i=RSA_private_encrypt(j,md_buf,&(p[2]), + pkey->pkey.rsa,RSA_PKCS1_PADDING); + if (i <= 0) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA); + goto err; + } + s2n(i,p); + n+=i+2; + } + else +#endif +#if !defined(NO_DSA) + if (pkey->type == EVP_PKEY_DSA) + { + /* lets do DSS */ + EVP_SignInit(&md_ctx,EVP_dss1()); + EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); + EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); + EVP_SignUpdate(&md_ctx,&(d[4]),n); + if (!EVP_SignFinal(&md_ctx,&(p[2]), + (unsigned int *)&i,pkey)) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA); + goto err; + } + s2n(i,p); + n+=i+2; + } + else +#endif + { + /* Is this error check actually needed? */ + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE); + goto f_err; + } + } + + *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE; + l2n3(n,d); + + /* we should now have things packed up, so lets send + * it off */ + s->init_num=n+4; + s->init_off=0; + } + + /* SSL3_ST_SW_KEY_EXCH_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(-1); + } + +static int ssl3_send_certificate_request(s) +SSL *s; + { + unsigned char *p,*d; + int i,j,nl,off,n; + STACK *sk=NULL; + X509_NAME *name; + BUF_MEM *buf; + + if (s->state == SSL3_ST_SW_CERT_REQ_A) + { + buf=s->init_buf; + + d=p=(unsigned char *)&(buf->data[4]); + + /* get the list of acceptable cert types */ + p++; + n=ssl3_get_req_cert_type(s,p); + d[0]=n; + p+=n; + n++; + + off=n; + p+=2; + n+=2; + + sk=SSL_get_client_CA_list(s); + nl=0; + if (sk != NULL) + { + for (i=0; i<sk_num(sk); i++) + { + name=(X509_NAME *)sk_value(sk,i); + j=i2d_X509_NAME(name,NULL); + if (!BUF_MEM_grow(buf,4+n+j+2)) + { + SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB); + goto err; + } + p=(unsigned char *)&(buf->data[4+n]); + if (!(s->ctx->options & SSL_OP_NETSCAPE_CA_DN_BUG)) + { + s2n(j,p); + i2d_X509_NAME(name,&p); + n+=2+j; + nl+=2+j; + } + else + { + d=p; + i2d_X509_NAME(name,&p); + j-=2; s2n(j,d); j+=2; + n+=j; + nl+=j; + } + } + } + /* else no CA names */ + p=(unsigned char *)&(buf->data[4+off]); + s2n(nl,p); + + d=(unsigned char *)buf->data; + *(d++)=SSL3_MT_CERTIFICATE_REQUEST; + l2n3(n,d); + + /* we should now have things packed up, so lets send + * it off */ + + s->init_num=n+4; + s->init_off=0; + } + + /* SSL3_ST_SW_CERT_REQ_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); +err: + return(-1); + } + +static int ssl3_get_client_key_exchange(s) +SSL *s; + { + int i,al,ok; + long n; + unsigned long l; + unsigned char *p; + RSA *rsa=NULL; + BIGNUM *pub=NULL; + EVP_PKEY *pkey=NULL; + DH *dh_srvr; + + n=ssl3_get_message(s, + SSL3_ST_SR_KEY_EXCH_A, + SSL3_ST_SR_KEY_EXCH_B, + SSL3_MT_CLIENT_KEY_EXCHANGE, + 400, /* ???? */ + &ok); + + if (!ok) return((int)n); + p=(unsigned char *)s->init_buf->data; + + l=s->s3->tmp.new_cipher->algorithms; + +#ifndef NO_RSA + if (l & SSL_kRSA) + { + /* FIX THIS UP EAY EAY EAY EAY */ + if (s->s3->tmp.use_rsa_tmp) + { + if ((s->session->cert != NULL) && + (s->session->cert->rsa_tmp != NULL)) + rsa=s->session->cert->rsa_tmp; + else if ((s->ctx->default_cert != NULL) && + (s->ctx->default_cert->rsa_tmp != NULL)) + rsa=s->ctx->default_cert->rsa_tmp; + /* Don't do a callback because rsa_tmp should + * be sent already */ + if (rsa == NULL) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY); + goto f_err; + + } + } + else + { + pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey; + if ( (pkey == NULL) || + (pkey->type != EVP_PKEY_RSA) || + (pkey->pkey.rsa == NULL)) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE); + goto f_err; + } + rsa=pkey->pkey.rsa; + } + + i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING); +#if 1 + /* If a bad decrypt, use a dud master key */ + if ((i != SSL_MAX_MASTER_KEY_LENGTH) || + (p[0] != 3) || + (p[1] != 0)) + { + p[0]=3; + p[1]=0; + RAND_bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2); + i=SSL_MAX_MASTER_KEY_LENGTH; + } +#else + if (i != SSL_MAX_MASTER_KEY_LENGTH) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); + goto f_err; + } + + if ((p[0] != (s->version>>8)) || (p[1] != (s->version & 0xff))) + { + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); + goto f_err; + } +#endif + + s->session->master_key_length= + ssl3_generate_master_secret(s, + s->session->master_key, + p,i); + memset(p,0,i); + } + else +#endif +#ifndef NO_DH + if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) + { + + n2s(p,i); + if (n != i+2) + { + if (!(s->ctx->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); + goto err; + } + else + { + p-=2; + i=(int)n; + } + } + + if (n == 0L) /* the parameters are in the cert */ + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS); + goto f_err; + } + else + { + if (s->s3->tmp.dh == NULL) + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY); + goto f_err; + } + else + dh_srvr=s->s3->tmp.dh; + } + + pub=BN_bin2bn(p,i,NULL); + if (pub == NULL) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB); + goto err; + } + i=DH_compute_key(p,pub,dh_srvr); + + if (i <= 0) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); + goto err; + } + + DH_free(s->s3->tmp.dh); + s->s3->tmp.dh=NULL; + + BN_clear_free(pub); + pub=NULL; + s->session->master_key_length= + ssl3_generate_master_secret(s, + s->session->master_key,p,i); + } + else +#endif + { + al=SSL3_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE); + goto f_err; + } + + return(1); +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); +err: + return(-1); + } + +static int ssl3_get_cert_verify(s) +SSL *s; + { + EVP_PKEY *pkey=NULL; + unsigned char *p; + int al,ok,ret=0; + long n; + int type=0,i,j; + X509 *peer; + + n=ssl3_get_message(s, + SSL3_ST_SR_CERT_VRFY_A, + SSL3_ST_SR_CERT_VRFY_B, + -1, + 512, /* 512? */ + &ok); + + if (!ok) return((int)n); + + if (s->session->peer != NULL) + { + peer=s->session->peer; + pkey=X509_get_pubkey(peer); + type=X509_certificate_type(peer,pkey); + } + else + { + peer=NULL; + pkey=NULL; + } + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY) + { + s->s3->tmp.reuse_message=1; + if ((peer != NULL) && (type | EVP_PKT_SIGN)) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE); + al=SSL3_AD_UNEXPECTED_MESSAGE; + goto f_err; + } + ret=1; + goto end; + } + + if (peer == NULL) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED); + al=SSL3_AD_UNEXPECTED_MESSAGE; + goto f_err; + } + + if (!(type & EVP_PKT_SIGN)) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE); + al=SSL3_AD_ILLEGAL_PARAMETER; + goto f_err; + } + + if (s->s3->change_cipher_spec) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY); + al=SSL3_AD_UNEXPECTED_MESSAGE; + goto f_err; + } + + /* we now have a signature that we need to verify */ + p=(unsigned char *)s->init_buf->data; + n2s(p,i); + n-=2; + if (i > n) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH); + al=SSL3_AD_ILLEGAL_PARAMETER; + goto f_err; + } + + j=EVP_PKEY_size(pkey); + if ((i > j) || (n > j) || (n <= 0)) + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE); + al=SSL3_AD_ILLEGAL_PARAMETER; + goto f_err; + } + +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + i=RSA_public_decrypt(i,p,p,pkey->pkey.rsa,RSA_PKCS1_PADDING); + if (i < 0) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT); + goto f_err; + } + if ((i != (MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH)) || + memcmp(&(s->s3->tmp.finish_md1[0]), + p,MD5_DIGEST_LENGTH) || + memcmp(&(s->s3->tmp.finish_md2[0]), + &(p[MD5_DIGEST_LENGTH]),SHA_DIGEST_LENGTH)) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE); + goto f_err; + } + } + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + j=DSA_verify(pkey->save_type,s->s3->tmp.finish_md2, + SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa); + if (j <= 0) + { + /* bad signature */ + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE); + goto f_err; + } + } + else +#endif + { + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_INTERNAL_ERROR); + al=SSL3_AD_UNSUPPORTED_CERTIFICATE; + goto f_err; + } + + + ret=1; + if (0) + { +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + } +end: + return(ret); + } + +static int ssl3_get_client_certificate(s) +SSL *s; + { + int i,ok,al,ret= -1; + X509 *x=NULL; + unsigned long l,nc,llen,n; + unsigned char *p,*d,*q; + STACK *sk=NULL; + + n=ssl3_get_message(s, + SSL3_ST_SR_CERT_A, + SSL3_ST_SR_CERT_B, + -1, +#if defined(MSDOS) && !defined(WIN32) + 1024*30, /* 30k max cert list :-) */ +#else + 1024*100, /* 100k max cert list :-) */ +#endif + &ok); + + if (!ok) return((int)n); + + if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) + { + if ( (s->verify_mode & SSL_VERIFY_PEER) && + (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); + al=SSL3_AD_NO_CERTIFICATE; + goto f_err; + } + s->s3->tmp.reuse_message=1; + return(1); + } + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) + { + al=SSL3_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE); + goto f_err; + } + d=p=(unsigned char *)s->init_buf->data; + + if ((sk=sk_new_null()) == NULL) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto err; + } + + n2l3(p,llen); + if (llen+3 != n) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH); + goto f_err; + } + for (nc=0; nc<llen; ) + { + n2l3(p,l); + if ((l+nc+3) > llen) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); + goto f_err; + } + + q=p; + x=d2i_X509(NULL,&p,l); + if (x == NULL) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB); + goto err; + } + if (p != (q+l)) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); + goto f_err; + } + if (!sk_push(sk,(char *)x)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE); + goto err; + } + x=NULL; + nc+=l+3; + } + + if (sk_num(sk) <= 0) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_PASSED); + goto f_err; + } + i=ssl_verify_cert_chain(s,sk); + if (!i) + { + al=ssl_verify_alarm_type(s->verify_result); + SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED); + goto f_err; + } + + /* This should not be needed */ + if (s->session->peer != NULL) + X509_free(s->session->peer); + + s->session->peer=(X509 *)sk_shift(sk); + + ret=1; + if (0) + { +f_err: + ssl3_send_alert(s,SSL3_AL_FATAL,al); + } +err: + if (x != NULL) X509_free(x); + if (sk != NULL) sk_pop_free(sk,X509_free); + return(ret); + } + +int ssl3_send_server_certificate(s) +SSL *s; + { + unsigned long l; + X509 *x; + + if (s->state == SSL3_ST_SW_CERT_A) + { + x=ssl_get_server_send_cert(s); + if (x == NULL) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR); + return(0); + } + + l=ssl3_output_cert_chain(s,x); + s->state=SSL3_ST_SW_CERT_B; + s->init_num=(int)l; + s->init_off=0; + } + + /* SSL3_ST_SW_CERT_B */ + return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); + } diff --git a/ssl/ssl.c b/ssl/ssl.c new file mode 100644 index 0000000000..fcc29b0e45 --- /dev/null +++ b/ssl/ssl.c @@ -0,0 +1,162 @@ +/* ssl/ssl.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#define USE_SOCKETS +#include "../e_os.h" + +#include "buffer.h" +#include "stack.h" +#include "lhash.h" + +#include "bio.h" +#include "err.h" + +#include "bn.h" + +#include "rand.h" +#include "conf.h" +#include "txt_db.h" + +#include "err.h" +#include "evp.h" + +#include "x509.h" +#include "pkcs7.h" +#include "pem.h" +#include "asn1.h" +#include "objects.h" + +#include "ssl_locl.h" + +#if !(BUILD_SSLV23) && !defined(BUILD_SSLV2) && !defined(BUILD_SSLV3) && !defined(BUILD_SSL_COMMON) && !defined(BUILD_SSL_BIO) && !defined(BUILD_SSL_OPTIONAL) +#define BUILD_SSLV23 +#define BUILD_SSLV2 +#define BUILD_SSLV3 +#define BUILD_SSL_COMMON +#define BUILD_SSL_BIO +#define BUILD_SSL_OPTIONAL +#endif + +#ifdef NO_RSA +#undef BUILD_SSLV2 +#undef BUILD_SSLV23 +#endif + +#ifdef NO_SSL2 +#undef BUILD_SSLV2 +#undef BUILD_SSLV23 +#endif + +#ifdef NO_SSL3 +#undef BUILD_SSL3 +#undef BUILD_SSLV23 +#endif + +#ifdef BUILD_SSLV23 +#include "s23_clnt.c" +#include "s23_srvr.c" +#include "s23_pkt.c" +#include "s23_lib.c" +#include "s23_meth.c" +#endif + +#ifdef BUILD_SSLV2 +#include "s2_clnt.c" +#include "s2_srvr.c" +#include "s2_pkt.c" +#include "s2_enc.c" +#include "s2_lib.c" +#include "s2_meth.c" +#endif + +#ifdef BUILD_SSLV3 +#include "s3_clnt.c" +#include "s3_both.c" +#include "s3_srvr.c" +#include "s3_pkt.c" +#include "s3_enc.c" +#include "s3_lib.c" +#include "s3_meth.c" +#endif + +#ifdef BUILD_SSL_COMMON +#include "ssl_lib.c" +#include "ssl_algs.c" +#include "ssl_cert.c" +#include "ssl_ciph.c" +#include "ssl_sess.c" +#include "ssl_rsa.c" +#endif + +/* Extra things */ +#ifdef BUILD_SSL_BIO +#include "bio_ssl.c" +#endif + +#ifdef BUILD_SSL_OPTIONAL +#include "ssl_asn1.c" +#include "ssl_txt.c" +#include "ssl_stat.c" +#include "ssl_err.c" +#include "ssl_err2.c" +#endif + diff --git a/ssl/ssl.err b/ssl/ssl.err new file mode 100644 index 0000000000..f3bc5d37ab --- /dev/null +++ b/ssl/ssl.err @@ -0,0 +1,272 @@ +/* Error codes for the SSL functions. */ + +/* Function codes. */ +#define SSL_F_CLIENT_CERTIFICATE 100 +#define SSL_F_CLIENT_HELLO 101 +#define SSL_F_CLIENT_MASTER_KEY 102 +#define SSL_F_D2I_SSL_SESSION 103 +#define SSL_F_DO_SSL3_WRITE 104 +#define SSL_F_GET_CLIENT_FINISHED 105 +#define SSL_F_GET_CLIENT_HELLO 106 +#define SSL_F_GET_CLIENT_MASTER_KEY 107 +#define SSL_F_GET_SERVER_FINISHED 108 +#define SSL_F_GET_SERVER_HELLO 109 +#define SSL_F_GET_SERVER_VERIFY 110 +#define SSL_F_I2D_SSL_SESSION 111 +#define SSL_F_READ_N 112 +#define SSL_F_REQUEST_CERTIFICATE 113 +#define SSL_F_SERVER_HELLO 114 +#define SSL_F_SSL23_ACCEPT 115 +#define SSL_F_SSL23_CLIENT_HELLO 116 +#define SSL_F_SSL23_CONNECT 117 +#define SSL_F_SSL23_GET_CLIENT_HELLO 118 +#define SSL_F_SSL23_GET_SERVER_HELLO 119 +#define SSL_F_SSL23_READ 120 +#define SSL_F_SSL23_WRITE 121 +#define SSL_F_SSL2_ACCEPT 122 +#define SSL_F_SSL2_CONNECT 123 +#define SSL_F_SSL2_ENC_INIT 124 +#define SSL_F_SSL2_READ 125 +#define SSL_F_SSL2_SET_CERTIFICATE 126 +#define SSL_F_SSL2_WRITE 127 +#define SSL_F_SSL3_ACCEPT 128 +#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 +#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 +#define SSL_F_SSL3_CLIENT_HELLO 131 +#define SSL_F_SSL3_CONNECT 132 +#define SSL_F_SSL3_CTX_CTRL 133 +#define SSL_F_SSL3_ENC 134 +#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 +#define SSL_F_SSL3_GET_CERT_VERIFY 136 +#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137 +#define SSL_F_SSL3_GET_CLIENT_HELLO 138 +#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139 +#define SSL_F_SSL3_GET_FINISHED 140 +#define SSL_F_SSL3_GET_KEY_EXCHANGE 141 +#define SSL_F_SSL3_GET_MESSAGE 142 +#define SSL_F_SSL3_GET_RECORD 143 +#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 +#define SSL_F_SSL3_GET_SERVER_DONE 145 +#define SSL_F_SSL3_GET_SERVER_HELLO 146 +#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 +#define SSL_F_SSL3_READ_BYTES 148 +#define SSL_F_SSL3_READ_N 149 +#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150 +#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151 +#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152 +#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153 +#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154 +#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155 +#define SSL_F_SSL3_SETUP_BUFFERS 156 +#define SSL_F_SSL3_SETUP_KEY_BLOCK 157 +#define SSL_F_SSL3_WRITE_BYTES 158 +#define SSL_F_SSL3_WRITE_PENDING 159 +#define SSL_F_SSL_BAD_METHOD 160 +#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 +#define SSL_F_SSL_CERT_NEW 162 +#define SSL_F_SSL_CHECK_PRIVATE_KEY 163 +#define SSL_F_SSL_CREATE_CIPHER_LIST 164 +#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 165 +#define SSL_F_SSL_CTX_NEW 166 +#define SSL_F_SSL_CTX_SET_SSL_VERSION 167 +#define SSL_F_SSL_CTX_USE_CERTIFICATE 168 +#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 169 +#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 170 +#define SSL_F_SSL_CTX_USE_PRIVATEKEY 171 +#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 172 +#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 173 +#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 174 +#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 175 +#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 176 +#define SSL_F_SSL_DO_HANDSHAKE 177 +#define SSL_F_SSL_GET_NEW_SESSION 178 +#define SSL_F_SSL_GET_SERVER_SEND_CERT 179 +#define SSL_F_SSL_GET_SIGN_PKEY 180 +#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 181 +#define SSL_F_SSL_NEW 182 +#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 183 +#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 184 +#define SSL_F_SSL_SESSION_NEW 185 +#define SSL_F_SSL_SESSION_PRINT_FP 186 +#define SSL_F_SSL_SET_FD 187 +#define SSL_F_SSL_SET_PKEY 188 +#define SSL_F_SSL_SET_RFD 189 +#define SSL_F_SSL_SET_SESSION 190 +#define SSL_F_SSL_SET_WFD 191 +#define SSL_F_SSL_UNDEFINED_FUNCTION 192 +#define SSL_F_SSL_USE_CERTIFICATE 193 +#define SSL_F_SSL_USE_CERTIFICATE_ASN1 194 +#define SSL_F_SSL_USE_CERTIFICATE_FILE 195 +#define SSL_F_SSL_USE_PRIVATEKEY 196 +#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 197 +#define SSL_F_SSL_USE_PRIVATEKEY_FILE 198 +#define SSL_F_SSL_USE_RSAPRIVATEKEY 199 +#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 200 +#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 201 +#define SSL_F_SSL_WRITE 202 +#define SSL_F_WRITE_PENDING 203 + +/* Reason codes. */ +#define SSL_R_APP_DATA_IN_HANDSHAKE 100 +#define SSL_R_BAD_ALERT_RECORD 101 +#define SSL_R_BAD_AUTHENTICATION_TYPE 102 +#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 +#define SSL_R_BAD_CHECKSUM 104 +#define SSL_R_BAD_CLIENT_REQUEST 105 +#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 +#define SSL_R_BAD_DECOMPRESSION 107 +#define SSL_R_BAD_DH_G_LENGTH 108 +#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 +#define SSL_R_BAD_DH_P_LENGTH 110 +#define SSL_R_BAD_DIGEST_LENGTH 111 +#define SSL_R_BAD_DSA_SIGNATURE 112 +#define SSL_R_BAD_MAC_DECODE 113 +#define SSL_R_BAD_MESSAGE_TYPE 114 +#define SSL_R_BAD_PACKET_LENGTH 115 +#define SSL_R_BAD_RESPONSE_ARGUMENT 116 +#define SSL_R_BAD_RSA_DECRYPT 117 +#define SSL_R_BAD_RSA_ENCRYPT 118 +#define SSL_R_BAD_RSA_E_LENGTH 119 +#define SSL_R_BAD_RSA_MODULUS_LENGTH 120 +#define SSL_R_BAD_RSA_SIGNATURE 121 +#define SSL_R_BAD_SIGNATURE 122 +#define SSL_R_BAD_SSL_FILETYPE 123 +#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 124 +#define SSL_R_BAD_STATE 125 +#define SSL_R_BAD_WRITE_RETRY 126 +#define SSL_R_BIO_NOT_SET 127 +#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 128 +#define SSL_R_BN_LIB 129 +#define SSL_R_CA_DN_LENGTH_MISMATCH 130 +#define SSL_R_CA_DN_TOO_LONG 131 +#define SSL_R_CCS_RECEIVED_EARLY 132 +#define SSL_R_CERTIFICATE_VERIFY_FAILED 133 +#define SSL_R_CERT_LENGTH_MISMATCH 134 +#define SSL_R_CHALLENGE_IS_DIFFERENT 135 +#define SSL_R_CIPHER_CODE_WRONG_LENGTH 136 +#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 137 +#define SSL_R_CIPHER_TABLE_SRC_ERROR 138 +#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 139 +#define SSL_R_COMPRESSION_FAILURE 140 +#define SSL_R_CONNECTION_ID_IS_DIFFERENT 141 +#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 142 +#define SSL_R_DATA_LENGTH_TOO_LONG 143 +#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 144 +#define SSL_R_DIGEST_CHECK_FAILED 145 +#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 146 +#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 147 +#define SSL_R_EXCESSIVE_MESSAGE_SIZE 148 +#define SSL_R_EXTRA_DATA_IN_MESSAGE 149 +#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 150 +#define SSL_R_INTERNAL_ERROR 151 +#define SSL_R_INVALID_CHALLENGE_LENGTH 152 +#define SSL_R_LENGTH_MISMATCH 153 +#define SSL_R_LENGTH_TOO_SHORT 154 +#define SSL_R_LIBRARY_HAS_NO_CIPHERS 155 +#define SSL_R_MISSING_DH_DSA_CERT 156 +#define SSL_R_MISSING_DH_KEY 157 +#define SSL_R_MISSING_DH_RSA_CERT 158 +#define SSL_R_MISSING_DSA_SIGNING_CERT 159 +#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 160 +#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 161 +#define SSL_R_MISSING_RSA_CERTIFICATE 162 +#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 163 +#define SSL_R_MISSING_RSA_SIGNING_CERT 164 +#define SSL_R_MISSING_TMP_DH_KEY 165 +#define SSL_R_MISSING_TMP_RSA_KEY 166 +#define SSL_R_MISSING_TMP_RSA_PKEY 167 +#define SSL_R_MISSING_VERIFY_MESSAGE 168 +#define SSL_R_NON_SSLV2_INITIAL_PACKET 169 +#define SSL_R_NO_CERTIFICATES_PASSED 170 +#define SSL_R_NO_CERTIFICATE_ASSIGNED 171 +#define SSL_R_NO_CERTIFICATE_RETURNED 172 +#define SSL_R_NO_CERTIFICATE_SET 173 +#define SSL_R_NO_CERTIFICATE_SPECIFIED 174 +#define SSL_R_NO_CIPHERS_AVAILABLE 175 +#define SSL_R_NO_CIPHERS_PASSED 176 +#define SSL_R_NO_CIPHERS_SPECIFIED 177 +#define SSL_R_NO_CIPHER_LIST 178 +#define SSL_R_NO_CIPHER_MATCH 179 +#define SSL_R_NO_CLIENT_CERT_RECEIVED 180 +#define SSL_R_NO_COMPRESSION_SPECIFIED 181 +#define SSL_R_NO_PRIVATEKEY 182 +#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 183 +#define SSL_R_NO_PUBLICKEY 184 +#define SSL_R_NO_SHARED_CIPHER 185 +#define SSL_R_NULL_SSL_CTX 186 +#define SSL_R_NULL_SSL_METHOD_PASSED 187 +#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 188 +#define SSL_R_PACKET_LENGTH_TOO_LONG 189 +#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 190 +#define SSL_R_PEER_ERROR 191 +#define SSL_R_PEER_ERROR_CERTIFICATE 192 +#define SSL_R_PEER_ERROR_NO_CERTIFICATE 193 +#define SSL_R_PEER_ERROR_NO_CIPHER 194 +#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 195 +#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 196 +#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 197 +#define SSL_R_PROTOCOL_IS_SHUTDOWN 198 +#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 199 +#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 200 +#define SSL_R_PUBLIC_KEY_NOT_RSA 201 +#define SSL_R_READ_BIO_NOT_SET 202 +#define SSL_R_READ_WRONG_PACKET_TYPE 203 +#define SSL_R_RECORD_LENGTH_MISMATCH 204 +#define SSL_R_RECORD_TOO_LARGE 205 +#define SSL_R_REQUIRED_CIPHER_MISSING 206 +#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 207 +#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 208 +#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 209 +#define SSL_R_SHORT_READ 210 +#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 211 +#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 212 +#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 +#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 +#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 +#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 +#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 +#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 +#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 +#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 +#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 213 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 214 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 215 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 216 +#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 +#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 217 +#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 +#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 218 +#define SSL_R_SSL_HANDSHAKE_FAILURE 219 +#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 220 +#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 221 +#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 222 +#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 223 +#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 224 +#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 225 +#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 226 +#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 227 +#define SSL_R_UNEXPECTED_MESSAGE 228 +#define SSL_R_UNEXPECTED_RECORD 229 +#define SSL_R_UNKNOWN_ALERT_TYPE 230 +#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 231 +#define SSL_R_UNKNOWN_CIPHER_RETURNED 232 +#define SSL_R_UNKNOWN_CIPHER_TYPE 233 +#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 234 +#define SSL_R_UNKNOWN_PKEY_TYPE 235 +#define SSL_R_UNKNOWN_PROTOCOL 236 +#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 237 +#define SSL_R_UNKNOWN_SSL_VERSION 238 +#define SSL_R_UNKNOWN_STATE 239 +#define SSL_R_UNSUPPORTED_CIPHER 240 +#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 241 +#define SSL_R_UNSUPPORTED_SSL_VERSION 242 +#define SSL_R_WRITE_BIO_NOT_SET 243 +#define SSL_R_WRONG_CIPHER_RETURNED 244 +#define SSL_R_WRONG_MESSAGE_TYPE 245 +#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 246 +#define SSL_R_WRONG_SIGNATURE_LENGTH 247 +#define SSL_R_WRONG_SIGNATURE_SIZE 248 +#define SSL_R_WRONG_SSL_VERSION 249 +#define SSL_R_WRONG_VERSION_NUMBER 250 +#define SSL_R_X509_LIB 251 diff --git a/ssl/ssl.h b/ssl/ssl.h new file mode 100644 index 0000000000..594295d5e0 --- /dev/null +++ b/ssl/ssl.h @@ -0,0 +1,1290 @@ +/* ssl/ssl.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL_H +#define HEADER_SSL_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* SSLeay version number for ASN.1 encoding of the session information */ +/* Version 0 - initial version + * Version 1 - added the optional peer certificate + */ +#define SSL_SESSION_ASN1_VERSION 0x0001 + +/* text strings for the ciphers */ +#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5 +#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5 +#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 +#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5 +#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 +#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5 +#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5 +#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA +#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 +#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA + +#define SSL_MAX_SSL_SESSION_ID_LENGTH 32 + +#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8) +#define SSL_MAX_KEY_ARG_LENGTH 8 +#define SSL_MAX_MASTER_KEY_LENGTH 48 + +/* These are used to specify which ciphers to use and not to use */ +#define SSL_TXT_LOW "LOW" +#define SSL_TXT_MEDIUM "MEDIUM" +#define SSL_TXT_HIGH "HIGH" +#define SSL_TXT_kFZA "kFZA" +#define SSL_TXT_aFZA "aFZA" +#define SSL_TXT_eFZA "eFZA" +#define SSL_TXT_FZA "FZA" + +#define SSL_TXT_aNULL "aNULL" +#define SSL_TXT_eNULL "eNULL" +#define SSL_TXT_NULL "NULL" + +#define SSL_TXT_kRSA "kRSA" +#define SSL_TXT_kDHr "kDHr" +#define SSL_TXT_kDHd "kDHd" +#define SSL_TXT_kEDH "kEDH" +#define SSL_TXT_aRSA "aRSA" +#define SSL_TXT_aDSS "aDSS" +#define SSL_TXT_aDH "aDH" +#define SSL_TXT_DSS "DSS" +#define SSL_TXT_DH "DH" +#define SSL_TXT_EDH "EDH" +#define SSL_TXT_ADH "ADH" +#define SSL_TXT_RSA "RSA" +#define SSL_TXT_DES "DES" +#define SSL_TXT_3DES "3DES" +#define SSL_TXT_RC4 "RC4" +#define SSL_TXT_RC2 "RC2" +#define SSL_TXT_IDEA "IDEA" +#define SSL_TXT_MD5 "MD5" +#define SSL_TXT_SHA0 "SHA0" +#define SSL_TXT_SHA1 "SHA1" +#define SSL_TXT_SHA "SHA" +#define SSL_TXT_EXP "EXP" +#define SSL_TXT_EXPORT "EXPORT" +#define SSL_TXT_SSLV2 "SSLv2" +#define SSL_TXT_SSLV3 "SSLv3" +#define SSL_TXT_ALL "ALL" + +/* 'DEFAULT' at the start of the cipher list insert the following string + * in addition to this being the default cipher string */ +#ifndef NO_RSA +#define SSL_DEFAULT_CIPHER_LIST "!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP" +#else +#define SSL_ALLOW_ADH +#define SSL_DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:ADH+3DES:ADH+RC4:ADH+DES:+EXP" +#endif + +#define SSL_SENT_SHUTDOWN 1 +#define SSL_RECEIVED_SHUTDOWN 2 +#define SSL_CTX_set_quiet_shutdown(ctx,y) ((ctx)->quiet_shutdown=(y)); +#define SSL_CTX_get_quiet_shutdown(ctx) ((ctx)->quiet_shutdown); +#define SSL_set_quiet_shutdown(s,y) ((s)->quiet_shutdown=(y)); +#define SSL_get_quiet_shutdown(s) ((s)->quiet_shutdown); +#define SSL_set_shutdown(s,mode) ((s)->shutdown=(mode)) +#define SSL_get_shutdown(s) ((s)->shutdown) +#define SSL_version(s) ((s)->version) + +#include "buffer.h" +#include "bio.h" +#include "x509.h" + +#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 +#define SSL_FILETYPE_PEM X509_FILETYPE_PEM + +typedef struct ssl_st *ssl_crock_st; + +/* used to hold info on the particular ciphers used */ +typedef struct ssl_cipher_st + { + int valid; + char *name; /* text name */ + unsigned long id; /* id, 4 bytes, first is version */ + unsigned long algorithms; /* what ciphers are used */ + unsigned long algorithm2; /* Extra flags */ + unsigned long mask; /* used for matching */ + } SSL_CIPHER; + +/* Used to hold functions for SSLv2 or SSLv3 functions */ +typedef struct ssl_method_st + { + int version; + int (*ssl_new)(); + void (*ssl_clear)(); + void (*ssl_free)(); + int (*ssl_accept)(); + int (*ssl_connect)(); + int (*ssl_read)(); + int (*ssl_peek)(); + int (*ssl_write)(); + int (*ssl_shutdown)(); + int (*ssl_renegotiate)(); + long (*ssl_ctrl)(); + long (*ssl_ctx_ctrl)(); + SSL_CIPHER *(*get_cipher_by_char)(); + int (*put_cipher_by_char)(); + int (*ssl_pending)(); + int (*num_ciphers)(); + SSL_CIPHER *(*get_cipher)(); + struct ssl_method_st *(*get_ssl_method)(); + long (*get_timeout)(); + } SSL_METHOD; + +typedef struct ssl_compression_st + { + char *stuff; + } SSL_COMPRESSION; + +/* Lets make this into an ASN.1 type structure as follows + * SSL_SESSION_ID ::= SEQUENCE { + * version INTEGER, -- structure version number + * SSLversion INTEGER, -- SSL version number + * Cipher OCTET_STRING, -- the 3 byte cipher ID + * Session_ID OCTET_STRING, -- the Session ID + * Master_key OCTET_STRING, -- the master key + * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument + * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time + * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds + * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate + * } + * Look in ssl/ssl_asn1.c for more details + * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). + */ +typedef struct ssl_session_st + { + int ssl_version; /* what ssl version session info is + * being kept in here? */ + + /* only really used in SSLv2 */ + unsigned int key_arg_length; + unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH]; + int master_key_length; + unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH]; + /* session_id - valid? */ + unsigned int session_id_length; + unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; + + int not_resumable; + + /* The cert is the certificate used to establish this connection */ + struct cert_st /* CERT */ *cert; + + /* This is the cert for the other end. On servers, it will be + * the same as cert->x509 */ + X509 *peer; + + int references; + long timeout; + long time; + + SSL_COMPRESSION *read_compression; + SSL_COMPRESSION *write_compression; + + SSL_CIPHER *cipher; + unsigned long cipher_id; /* when ASN.1 loaded, this + * needs to be used to load + * the 'cipher' structure */ + + STACK /* SSL_CIPHER */ *ciphers; /* shared ciphers? */ + + char *app_data; /* application specific data */ + } SSL_SESSION; + +#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L +#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L +#define SSL_OP_NETSCAPE_CA_DN_BUG 0x00000004L +#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L +#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L +#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L +#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L +#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L + +/* If set, only use tmp_dh parameters once */ +#define SSL_OP_SINGLE_DH_USE 0x00100000L +/* Set to also use the tmp_rsa key when doing RSA operations. */ +#define SSL_OP_EPHEMERAL_RSA 0x00200000L + +#define SSL_OP_NON_EXPORT_FIRST 0x40000000L +#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L +#define SSL_OP_ALL 0x000FFFFFL + +#define SSL_CTX_set_options(ctx,op) ((ctx)->options|=(op)) + +/* Normally you will only use these if your application wants to use + * the certificate store in other places, perhaps PKCS7 */ +#define SSL_CTX_get_cert_store(ctx) ((ctx)->cert_store) +#define SSL_CTX_set_cert_store(ctx,cs) \ + (X509_STORE_free((ctx)->cert_store),(ctx)->cert_store=(cs)) + + +typedef struct ssl_ctx_st + { + SSL_METHOD *method; + unsigned long options; + + STACK /* SSL_CIPHER */ *cipher_list; + /* same as above but sorted for lookup */ + STACK /* SSL_CIPHER */ *cipher_list_by_id; + + struct x509_store_st /* X509_STORE */ *cert_store; + struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSION's */ + + /* This can have one of 2 values, ored together, + * SSL_SESS_CACHE_CLIENT, + * SSL_SESS_CACHE_SERVER, + * Default is SSL_SESSION_CACHE_SERVER, which means only + * SSL_accept which cache SSL_SESSIONS. */ + int session_cache_mode; + + /* If timeout is not 0, it is the default timeout value set + * when SSL_new() is called. This has been put in to make + * life easier to set things up */ + long session_timeout; + + /* If this callback is not null, it will be called each + * time a session id is added to the cache. If this function + * returns 1, it means that the callback will do a + * SSL_SESSION_free() when it has finished using it. Otherwise, + * on 0, it means the callback has finished with it. + * If remove_session_cb is not null, it will be called when + * a session-id is removed from the cache. Again, a return + * of 0 mens that SSLeay should not SSL_SESSION_free() since + * the application is doing something with it. */ +#ifndef NOPROTO + int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess); + void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess); + SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, + unsigned char *data,int len,int *copy); +#else + int (*new_session_cb)(); + void (*remove_session_cb)(); + SSL_SESSION *(*get_session_cb)(); +#endif + + int sess_connect; /* SSL new (expensive) connection - started */ + int sess_connect_good; /* SSL new (expensive) connection - finished */ + int sess_accept; /* SSL new (expensive) accept - started */ + int sess_accept_good; /* SSL new (expensive) accept - finished */ + int sess_miss; /* session lookup misses */ + int sess_timeout; /* session reuse attempt on timeouted session */ + int sess_hit; /* session reuse actually done */ + int sess_cb_hit; /* session-id that was not in the cache was + * passed back via the callback. This + * indicates that the application is supplying + * session-id's from other processes - + * spooky :-) */ + + int references; + + void (*info_callback)(); + + /* if defined, these override the X509_verify_cert() calls */ + int (*app_verify_callback)(); + char *app_verify_arg; + + /* default values to use in SSL structures */ + struct cert_st /* CERT */ *default_cert; + int default_read_ahead; + int default_verify_mode; + int (*default_verify_callback)(); + + /* Default password callback. */ + int (*default_passwd_callback)(); + + /* get client cert callback */ + int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */); + + /* what we put in client requests */ + STACK *client_CA; + + int quiet_shutdown; + + char *app_data; + } SSL_CTX; + +#define SSL_SESS_CACHE_OFF 0x00 +#define SSL_SESS_CACHE_CLIENT 0x01 +#define SSL_SESS_CACHE_SERVER 0x02 +#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) +#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x80 + +#define SSL_session_reused(s) ((s)->hit) + +#define SSL_CTX_sessions(ctx) ((ctx)->sessions) +/* You will need to include lhash.h to access the following #define */ +#define SSL_CTX_sess_number(ctx) ((ctx)->sessions->num_items) +#define SSL_CTX_sess_connect(ctx) ((ctx)->sess_connect) +#define SSL_CTX_sess_connect_good(ctx) ((ctx)->sess_connect_good) +#define SSL_CTX_sess_accept(ctx) ((ctx)->sess_accept) +#define SSL_CTX_sess_accept_good(ctx) ((ctx)->sess_accept_good) +#define SSL_CTX_sess_hits(ctx) ((ctx)->sess_hit) +#define SSL_CTX_sess_cb_hits(ctx) ((ctx)->sess_cb_hit) +#define SSL_CTX_sess_misses(ctx) ((ctx)->sess_miss) +#define SSL_CTX_sess_timeouts(ctx) ((ctx)->sess_timeout) + +#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb)) +#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb) +#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb)) +#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb) +#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb)) +#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb) +#define SSL_CTX_set_session_cache_mode(ctx,m) ((ctx)->session_cache_mode=(m)) +#define SSL_CTX_get_session_cache_mode(ctx) ((ctx)->session_cache_mode) +#define SSL_CTX_set_timeout(ctx,t) ((ctx)->session_timeout=(t)) +#define SSL_CTX_get_timeout(ctx) ((ctx)->session_timeout) + +#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb)) +#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback) +#define SSL_CTX_set_default_read_ahead(ctx,m) (((ctx)->default_read_ahead)=(m)) + +#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb)) +#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb) + +#define SSL_NOTHING 1 +#define SSL_WRITING 2 +#define SSL_READING 3 +#define SSL_X509_LOOKUP 4 + +/* These will only be used when doing non-blocking IO */ +#define SSL_want(s) ((s)->rwstate) +#define SSL_want_nothing(s) ((s)->rwstate == SSL_NOTHING) +#define SSL_want_read(s) ((s)->rwstate == SSL_READING) +#define SSL_want_write(s) ((s)->rwstate == SSL_WRITING) +#define SSL_want_x509_lookup(s) ((s)->rwstate == SSL_X509_LOOKUP) + +typedef struct ssl_st + { + /* procol version + * 2 for SSLv2 + * 3 for SSLv3 + * -3 for SSLv3 but accept SSLv2 */ + int version; + int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ + + SSL_METHOD *method; /* SSLv3 */ + + /* There are 2 BIO's even though they are normally both the + * same. This is so data can be read and written to different + * handlers */ + +#ifdef HEADER_BIO_H + BIO *rbio; /* used by SSL_read */ + BIO *wbio; /* used by SSL_write */ + BIO *bbio; /* used during session-id reuse to concatinate + * messages */ +#else + char *rbio; /* used by SSL_read */ + char *wbio; /* used by SSL_write */ + char *bbio; +#endif + /* This holds a variable that indicates what we were doing + * when a 0 or -1 is returned. This is needed for + * non-blocking IO so we know what request needs re-doing when + * in SSL_accept or SSL_connect */ + int rwstate; + + /* true when we are actually in SSL_accept() or SSL_connect() */ + int in_handshake; + int (*handshake_func)(); + +/* int server;*/ /* are we the server side? */ + + int new_session;/* 1 if we are to use a new session */ + int quiet_shutdown;/* don't send shutdown packets */ + int shutdown; /* we have shut things down, 0x01 sent, 0x02 + * for received */ + int state; /* where we are */ + int rstate; /* where we are when reading */ + + BUF_MEM *init_buf; /* buffer used during init */ + int init_num; /* amount read/written */ + int init_off; /* amount read/written */ + + /* used internally to point at a raw packet */ + unsigned char *packet; + unsigned int packet_length; + + struct ssl2_ctx_st *s2; /* SSLv2 variables */ + struct ssl3_ctx_st *s3; /* SSLv3 variables */ + + int read_ahead; /* Read as many input bytes as possible */ + int hit; /* reusing a previous session */ + + /* crypto */ + STACK /* SSL_CIPHER */ *cipher_list; + STACK /* SSL_CIPHER */ *cipher_list_by_id; + + /* These are the ones being used, the ones is SSL_SESSION are + * the ones to be 'copied' into these ones */ + + EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ + EVP_MD *read_hash; /* used for mac generation */ + SSL_COMPRESSION *read_compression; /* compression */ + + EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ + EVP_MD *write_hash; /* used for mac generation */ + SSL_COMPRESSION *write_compression; /* compression */ + + /* session info */ + + /* client cert? */ + /* This is used to hold the server certificate used */ + struct cert_st /* CERT */ *cert; + + /* This can also be in the session once a session is established */ + SSL_SESSION *session; + + /* Used in SSL2 and SSL3 */ + int verify_mode; /* 0 don't care about verify failure. + * 1 fail if verify fails */ + int (*verify_callback)(); /* fail if callback returns 0 */ + void (*info_callback)(); /* optional informational callback */ + + int error; /* error bytes to be written */ + int error_code; /* actual code */ + + SSL_CTX *ctx; + /* set this flag to 1 and a sleep(1) is put into all SSL_read() + * and SSL_write() calls, good for nbio debuging :-) */ + int debug; + + /* extra application data */ + int verify_result; + char *app_data; + + /* for server side, keep the list of CA_dn we can use */ + STACK /* X509_NAME */ *client_CA; + + int first_packet; + } SSL; + +#include "ssl2.h" +#include "ssl3.h" +#include "ssl23.h" + +/* application stuff */ +#define SSL_set_verify_result(s,arg) ((s)->verify_result=(long)arg) +#define SSL_get_verify_result(s) ((s)->verify_result) +#define SSL_set_app_data(s,arg) ((s)->app_data=(char *)arg) +#define SSL_get_app_data(s) ((s)->app_data) + +#define SSL_SESSION_set_app_data(s,arg) ((s)->app_data=(char *)arg) +#define SSL_SESSION_get_app_data(s) ((s)->app_data) + +#define SSL_CTX_set_app_data(ctx,arg) ((ctx)->app_data=(char *)arg) +#define SSL_CTX_get_app_data(ctx) ((ctx)->app_data) + +/* The following are the possible values for ssl->state are are + * used to indicate where we are upto in the SSL connection establishment. + * The macros that follow are about the only things you should need to use + * and even then, only when using non-blocking IO. + * It can also be useful to work out where you were when the connection + * failed */ + +#define SSL_state(a) ((a)->state) +#define SSL_ST_CONNECT 0x1000 +#define SSL_ST_ACCEPT 0x2000 +#define SSL_ST_MASK 0x0FFF +#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT) +#define SSL_ST_BEFORE 0x4000 +#define SSL_ST_OK 0x03 +#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) + +/* SSL info callback functions */ +#define SSL_set_info_callback(ssl,cb) ((ssl)->info_callback=(cb)) +#define SSL_get_info_callback(ssl) ((ssl)->info_callback) + +#define SSL_CB_LOOP 0x01 +#define SSL_CB_EXIT 0x02 +#define SSL_CB_READ 0x04 +#define SSL_CB_WRITE 0x08 +#define SSL_CB_ALERT 0x4000 /* used in callback */ +#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ) +#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE) +#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP) +#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT) +#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP) +#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT) +#define SSL_CB_HANDSHAKE_START 0x10 +#define SSL_CB_HANDSHAKE_DONE 0x20 + +/* Is the SSL_connection established? */ +#define SSL_is_init_finished(a) ((a)->state == SSL_ST_OK) +#define SSL_in_init(a) ((a)->state&SSL_ST_INIT) +#define SSL_in_before(a) ((a)->state&SSL_ST_BEFORE) +#define SSL_in_connect_init(a) ((a)->state&SSL_ST_CONNECT) +#define SSL_in_accept_init(a) ((a)->state&SSL_ST_ACCEPT) + +/* The following 2 states are kept in ssl->rstate when reads fail, + * you should not need these */ +#define SSL_ST_READ_HEADER 0xF0 +#define SSL_ST_READ_BODY 0xF1 +#define SSL_ST_READ_DONE 0xF2 + +/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options + * are 'ored' with SSL_VERIFY_PEER if they are desired */ +#define SSL_VERIFY_NONE 0x00 +#define SSL_VERIFY_PEER 0x01 +#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 +#define SSL_VERIFY_CLIENT_ONCE 0x04 + +#define SSL_RWERR_BAD_WRITE_RETRY (-2) +#define SSL_RWERR_BAD_MAC_DECODE (-3) +#define SSL_RWERR_INTERNAL_ERROR (-4) /* should not get this one */ +#define SSL_RWERR_WRONG_RECORD_TYPE (-5) /* used internally */ + +#define SSL_CTX_set_default_verify_paths(ctx) \ + X509_STORE_set_default_paths((ctx)->cert_store) +#define SSL_CTX_load_verify_locations(ctx,CAfile,CApath) \ + X509_STORE_load_locations((ctx)->cert_store,\ + (CAfile),(CApath)) + +#define SSL_get_session(s) ((s)->session) +#define SSL_get_SSL_CTX(s) ((s)->ctx) + +/* this is for backward compatablility */ +#if 0 /* NEW_SSLEAY */ +#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c) +#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n) +#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b)) +#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b)) +#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b)) +#endif +/* More backward compatablity */ +#define SSL_get_cipher(s) \ + SSL_CIPHER_get_name(SSL_get_current_cipher(s)) +#define SSL_get_cipher_bits(s,np) \ + SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np) +#define SSL_get_cipher_version(s) \ + SSL_CIPHER_get_version(SSL_get_current_cipher(s)) +#define SSL_get_cipher_name(s) \ + SSL_CIPHER_get_name(SSL_get_current_cipher(s)) + +/* VMS linker has a 31 char name limit */ +#define SSL_CTX_set_cert_verify_callback(a,b,c) \ + SSL_CTX_set_cert_verify_cb((a),(b),(c)) + +#if 1 /*SSLEAY_MACROS*/ +#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \ + (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \ + (bp),(unsigned char **)(s_id)) +#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \ + bp,(unsigned char *)s_id) +#define PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \ + (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb) +#define PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb) +#define PEM_write_SSL_SESSION(fp,x) \ + PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \ + PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL) +#define PEM_write_bio_SSL_SESSION(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \ + PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL) +#endif + +#define SSL_ERROR_NONE 0 +#define SSL_ERROR_SSL 1 +#define SSL_ERROR_WANT_READ 2 +#define SSL_ERROR_WANT_WRITE 3 +#define SSL_ERROR_WANT_X509_LOOKUP 4 +#define SSL_ERROR_SYSCALL 5 /* look at errno */ +#define SSL_ERROR_ZERO_RETURN 6 +#define SSL_ERROR_WANT_CONNECT 7 + +#define SSL_CTRL_NEED_TMP_RSA 1 +#define SSL_CTRL_SET_TMP_RSA 2 +#define SSL_CTRL_SET_TMP_DH 3 +#define SSL_CTRL_SET_TMP_RSA_CB 4 +#define SSL_CTRL_SET_TMP_DH_CB 5 + +#define SSL_CTX_need_tmp_RSA(ctx) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL) +#define SSL_CTX_set_tmp_rsa(ctx,rsa) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa) +#define SSL_CTX_set_tmp_dh(ctx,dh) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh) + +/* For the next 2, the callbacks are + * RSA *tmp_rsa_cb(int export) + * DH *tmp_dh_cb(int export) + */ +#define SSL_CTX_set_tmp_rsa_callback(ctx,cb) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb) +#define SSL_CTX_set_tmp_dh_callback(ctx,dh) \ + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)cb) + +#ifndef NOPROTO + +#ifdef HEADER_BIO_H +BIO_METHOD *BIO_f_ssl(void); +BIO *BIO_new_ssl(SSL_CTX *ctx,int client); +int BIO_ssl_copy_session_id(BIO *to,BIO *from); +void BIO_ssl_shutdown(BIO *ssl_bio); + +#endif + +int SSL_CTX_set_cipher_list(SSL_CTX *,char *str); +SSL_CTX *SSL_CTX_new(SSL_METHOD *meth); +void SSL_CTX_free(SSL_CTX *); +void SSL_clear(SSL *s); +void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm); + +SSL_CIPHER *SSL_get_current_cipher(SSL *s); +int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits); +char * SSL_CIPHER_get_version(SSL_CIPHER *c); +char * SSL_CIPHER_get_name(SSL_CIPHER *c); + +int SSL_get_fd(SSL *s); +char * SSL_get_cipher_list(SSL *s,int n); +char * SSL_get_shared_ciphers(SSL *s, char *buf, int len); +int SSL_get_read_ahead(SSL * s); +int SSL_pending(SSL *s); +#ifndef NO_SOCK +int SSL_set_fd(SSL *s, int fd); +int SSL_set_rfd(SSL *s, int fd); +int SSL_set_wfd(SSL *s, int fd); +#endif +#ifdef HEADER_BIO_H +void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio); +BIO * SSL_get_rbio(SSL *s); +BIO * SSL_get_wbio(SSL *s); +#endif +int SSL_set_cipher_list(SSL *s, char *str); +void SSL_set_read_ahead(SSL *s, int yes); +int SSL_get_verify_mode(SSL *s); +int (*SSL_get_verify_callback(SSL *s))(); +void SSL_set_verify(SSL *s, int mode, int (*callback) ()); +int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); +int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len); +int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type); +int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); +int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len); +int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type); +int SSL_use_certificate(SSL *ssl, X509 *x); +int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d); +int SSL_use_certificate_file(SSL *ssl, char *file, int type); +void ERR_load_SSL_strings(void ); +void SSL_load_error_strings(void ); +char * SSL_state_string(SSL *s); +char * SSL_rstate_string(SSL *s); +char * SSL_state_string_long(SSL *s); +char * SSL_rstate_string_long(SSL *s); +long SSL_get_time(SSL_SESSION *s); +long SSL_set_time(SSL_SESSION *s, long t); +long SSL_get_timeout(SSL_SESSION *s); +long SSL_set_timeout(SSL_SESSION *s, long t); +void SSL_copy_session_id(SSL *to,SSL *from); + +SSL_SESSION *SSL_SESSION_new(void); +#ifndef WIN16 +int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses); +#endif +#ifdef HEADER_BIO_H +int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses); +#endif +void SSL_SESSION_free(SSL_SESSION *ses); +int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp); +int SSL_set_session(SSL *to, SSL_SESSION *session); +int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); +int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c); +SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length); + +#ifdef HEADER_X509_H +X509 * SSL_get_peer_certificate(SSL *s); +#endif + +STACK * SSL_get_peer_cert_chain(SSL *s); + +int SSL_CTX_get_verify_mode(SSL_CTX *ctx); +int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(); +void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*callback)()); +void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(),char *arg); +int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); +int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len); +int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type); +int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); +int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx, + unsigned char *d, long len); +int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type); +int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); +int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d); +int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type); + +void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)()); + +int SSL_CTX_check_private_key(SSL_CTX *ctx); +int SSL_check_private_key(SSL *ctx); + +SSL * SSL_new(SSL_CTX *ctx); +void SSL_clear(SSL *s); +void SSL_free(SSL *ssl); +int SSL_accept(SSL *ssl); +int SSL_connect(SSL *ssl); +int SSL_read(SSL *ssl,char *buf,int num); +int SSL_peek(SSL *ssl,char *buf,int num); +int SSL_write(SSL *ssl,char *buf,int num); +long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg); +long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg); + +int SSL_get_error(SSL *s,int ret_code); +char * SSL_get_version(SSL *s); + +/* This sets the 'default' SSL version that SSL_new() will create */ +int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth); + +SSL_METHOD *SSLv2_method(void); /* sslv2 */ +SSL_METHOD *SSLv2_server_method(void); /* sslv2 */ +SSL_METHOD *SSLv2_client_method(void); /* sslv2 */ + +SSL_METHOD *SSLv3_method(void); /* sslv3 */ +SSL_METHOD *SSLv3_server_method(void); /* sslv3 */ +SSL_METHOD *SSLv3_client_method(void); /* sslv3 */ + +SSL_METHOD *SSLv23_method(void); /* sslv3 but can rollback to v2 */ +SSL_METHOD *SSLv23_server_method(void); /* sslv3 but can rollback to v2 */ +SSL_METHOD *SSLv23_client_method(void); /* sslv3 but can rollback to v2 */ + +STACK *SSL_get_ciphers(SSL *s); + +int SSL_do_handshake(SSL *s); +int SSL_renegotiate(SSL *s); +int SSL_shutdown(SSL *s); + +SSL_METHOD *SSL_get_ssl_method(SSL *s); +int SSL_set_ssl_method(SSL *s,SSL_METHOD *method); +char *SSL_alert_type_string_long(int value); +char *SSL_alert_type_string(int value); +char *SSL_alert_desc_string_long(int value); +char *SSL_alert_desc_string(int value); + +STACK *SSL_load_client_CA_file(char *file); +void SSL_set_client_CA_list(SSL *s, STACK *list); +void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list); +STACK *SSL_get_client_CA_list(SSL *s); +STACK *SSL_CTX_get_client_CA_list(SSL_CTX *s); +int SSL_add_client_CA(SSL *ssl,X509 *x); +int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x); + +void SSL_set_connect_state(SSL *s); +void SSL_set_accept_state(SSL *s); + +long SSL_get_default_timeout(SSL *s); + +void SSLeay_add_ssl_algorithms(void ); + +char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size); +STACK *SSL_dup_CA_list(STACK *sk); + +SSL *SSL_dup(SSL *ssl); + +X509 *SSL_get_certificate(SSL *ssl); +/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl); + +#else + +BIO_METHOD *BIO_f_ssl(); +BIO *BIO_new_ssl(); +int BIO_ssl_copy_session_id(); +void BIO_ssl_shutdown(); + +int SSL_CTX_set_cipher_list(); +SSL_CTX *SSL_CTX_new(); +void SSL_CTX_free(); +void SSL_clear(); +void SSL_CTX_flush_sessions(); + +SSL_CIPHER *SSL_get_current_cipher(); +int SSL_CIPHER_get_bits(); +char * SSL_CIPHER_get_version(); +char * SSL_CIPHER_get_name(); + +int SSL_get_fd(); +char * SSL_get_cipher_list(); +char * SSL_get_shared_ciphers(); +int SSL_get_read_ahead(); +int SSL_pending(); +#ifndef NO_SOCK +int SSL_set_fd(); +int SSL_set_rfd(); +int SSL_set_wfd(); +#endif +#ifdef HEADER_BIO_H +void SSL_set_bio(); +BIO * SSL_get_rbio(); +BIO * SSL_get_wbio(); +#endif +int SSL_set_cipher_list(); +void SSL_set_read_ahead(); +int SSL_get_verify_mode(); + +void SSL_set_verify(); +int SSL_use_RSAPrivateKey(); +int SSL_use_RSAPrivateKey_ASN1(); +int SSL_use_RSAPrivateKey_file(); +int SSL_use_PrivateKey(); +int SSL_use_PrivateKey_ASN1(); +int SSL_use_PrivateKey_file(); +int SSL_use_certificate(); +int SSL_use_certificate_ASN1(); +int SSL_use_certificate_file(); +void ERR_load_SSL_strings(); +void SSL_load_error_strings(); +char * SSL_state_string(); +char * SSL_rstate_string(); +char * SSL_state_string_long(); +char * SSL_rstate_string_long(); +long SSL_get_time(); +long SSL_set_time(); +long SSL_get_timeout(); +long SSL_set_timeout(); +void SSL_copy_session_id(); + +SSL_SESSION *SSL_SESSION_new(); +#ifndef WIN16 +int SSL_SESSION_print_fp(); +#endif +#ifdef HEADER_BIO_H +int SSL_SESSION_print(); +#endif +void SSL_SESSION_free(); +int i2d_SSL_SESSION(); +int SSL_set_session(); +int SSL_CTX_add_session(); +int SSL_CTX_remove_session(); +SSL_SESSION *d2i_SSL_SESSION(); + +#ifdef HEADER_X509_H +X509 * SSL_get_peer_certificate(); +#endif + +STACK * SSL_get_peer_cert_chain(); + +int SSL_CTX_get_verify_mode(); +int (*SSL_CTX_get_verify_callback())(); +void SSL_CTX_set_verify(); +void SSL_CTX_set_cert_verify_cb(); +int SSL_CTX_use_RSAPrivateKey(); +int SSL_CTX_use_RSAPrivateKey_ASN1(); +int SSL_CTX_use_RSAPrivateKey_file(); +int SSL_CTX_use_PrivateKey(); +int SSL_CTX_use_PrivateKey_ASN1(); +int SSL_CTX_use_PrivateKey_file(); +int SSL_CTX_use_certificate(); +int SSL_CTX_use_certificate_ASN1(); +int SSL_CTX_use_certificate_file(); + +void SSL_CTX_set_default_passwd_cb(); + +int SSL_CTX_check_private_key(); +int SSL_check_private_key(); + +SSL * SSL_new(); +void SSL_clear(); +void SSL_free(); +int SSL_accept(); +int SSL_connect(); +int SSL_read(); +int SSL_peek(); +int SSL_write(); +long SSL_ctrl(); +long SSL_CTX_ctrl(); + +int SSL_get_error(); +char * SSL_get_version(); + +int SSL_CTX_set_ssl_version(); + +SSL_METHOD *SSLv2_method(); +SSL_METHOD *SSLv2_server_method(); +SSL_METHOD *SSLv2_client_method(); + +SSL_METHOD *SSLv3_method(); +SSL_METHOD *SSLv3_server_method(); +SSL_METHOD *SSLv3_client_method(); + +SSL_METHOD *SSLv23_method(); +SSL_METHOD *SSLv23_server_method(); +SSL_METHOD *SSLv23_client_method(); + +STACK *SSL_get_ciphers(); + +int SSL_do_handshake(); +int SSL_renegotiate(); +int SSL_shutdown(); + +SSL_METHOD *SSL_get_ssl_method(); +int SSL_set_ssl_method(); +char *SSL_alert_type_string_long(); +char *SSL_alert_type_string(); +char *SSL_alert_desc_string_long(); +char *SSL_alert_desc_string(); + +STACK *SSL_load_client_CA_file(); +void SSL_set_client_CA_list(); +void SSL_CTX_set_client_CA_list(); +STACK *SSL_get_client_CA_list(); +STACK *SSL_CTX_get_client_CA_list(); +int SSL_add_client_CA(); +int SSL_CTX_add_client_CA(); + +void SSL_set_connect_state(); +void SSL_set_accept_state(); + +long SSL_get_default_timeout(); + +void SSLeay_add_ssl_algorithms(); + +char *SSL_CIPHER_description(); +STACK *SSL_dup_CA_list(); + +SSL *SSL_dup(); + +X509 *SSL_get_certificate(); +/* EVP * */ struct evp_pkey_st *SSL_get_privatekey(); + +#ifdef this_is_for_mk1mf_pl +EVP *SSL_get_privatekey(); +#endif + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the SSL functions. */ + +/* Function codes. */ +#define SSL_F_CLIENT_CERTIFICATE 100 +#define SSL_F_CLIENT_HELLO 101 +#define SSL_F_CLIENT_MASTER_KEY 102 +#define SSL_F_D2I_SSL_SESSION 103 +#define SSL_F_DO_SSL3_WRITE 104 +#define SSL_F_GET_CLIENT_FINISHED 105 +#define SSL_F_GET_CLIENT_HELLO 106 +#define SSL_F_GET_CLIENT_MASTER_KEY 107 +#define SSL_F_GET_SERVER_FINISHED 108 +#define SSL_F_GET_SERVER_HELLO 109 +#define SSL_F_GET_SERVER_VERIFY 110 +#define SSL_F_I2D_SSL_SESSION 111 +#define SSL_F_READ_N 112 +#define SSL_F_REQUEST_CERTIFICATE 113 +#define SSL_F_SERVER_HELLO 114 +#define SSL_F_SSL23_ACCEPT 115 +#define SSL_F_SSL23_CLIENT_HELLO 116 +#define SSL_F_SSL23_CONNECT 117 +#define SSL_F_SSL23_GET_CLIENT_HELLO 118 +#define SSL_F_SSL23_GET_SERVER_HELLO 119 +#define SSL_F_SSL23_READ 120 +#define SSL_F_SSL23_WRITE 121 +#define SSL_F_SSL2_ACCEPT 122 +#define SSL_F_SSL2_CONNECT 123 +#define SSL_F_SSL2_ENC_INIT 124 +#define SSL_F_SSL2_READ 125 +#define SSL_F_SSL2_SET_CERTIFICATE 126 +#define SSL_F_SSL2_WRITE 127 +#define SSL_F_SSL3_ACCEPT 128 +#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 +#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 +#define SSL_F_SSL3_CLIENT_HELLO 131 +#define SSL_F_SSL3_CONNECT 132 +#define SSL_F_SSL3_CTX_CTRL 133 +#define SSL_F_SSL3_ENC 134 +#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 +#define SSL_F_SSL3_GET_CERT_VERIFY 136 +#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137 +#define SSL_F_SSL3_GET_CLIENT_HELLO 138 +#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139 +#define SSL_F_SSL3_GET_FINISHED 140 +#define SSL_F_SSL3_GET_KEY_EXCHANGE 141 +#define SSL_F_SSL3_GET_MESSAGE 142 +#define SSL_F_SSL3_GET_RECORD 143 +#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 +#define SSL_F_SSL3_GET_SERVER_DONE 145 +#define SSL_F_SSL3_GET_SERVER_HELLO 146 +#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 +#define SSL_F_SSL3_READ_BYTES 148 +#define SSL_F_SSL3_READ_N 149 +#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150 +#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151 +#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152 +#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153 +#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154 +#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155 +#define SSL_F_SSL3_SETUP_BUFFERS 156 +#define SSL_F_SSL3_SETUP_KEY_BLOCK 157 +#define SSL_F_SSL3_WRITE_BYTES 158 +#define SSL_F_SSL3_WRITE_PENDING 159 +#define SSL_F_SSL_BAD_METHOD 160 +#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 +#define SSL_F_SSL_CERT_NEW 162 +#define SSL_F_SSL_CHECK_PRIVATE_KEY 163 +#define SSL_F_SSL_CREATE_CIPHER_LIST 164 +#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 165 +#define SSL_F_SSL_CTX_NEW 166 +#define SSL_F_SSL_CTX_SET_SSL_VERSION 167 +#define SSL_F_SSL_CTX_USE_CERTIFICATE 168 +#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 169 +#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 170 +#define SSL_F_SSL_CTX_USE_PRIVATEKEY 171 +#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 172 +#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 173 +#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 174 +#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 175 +#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 176 +#define SSL_F_SSL_DO_HANDSHAKE 177 +#define SSL_F_SSL_GET_NEW_SESSION 178 +#define SSL_F_SSL_GET_SERVER_SEND_CERT 179 +#define SSL_F_SSL_GET_SIGN_PKEY 180 +#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 181 +#define SSL_F_SSL_NEW 182 +#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 183 +#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 184 +#define SSL_F_SSL_SESSION_NEW 185 +#define SSL_F_SSL_SESSION_PRINT_FP 186 +#define SSL_F_SSL_SET_FD 187 +#define SSL_F_SSL_SET_PKEY 188 +#define SSL_F_SSL_SET_RFD 189 +#define SSL_F_SSL_SET_SESSION 190 +#define SSL_F_SSL_SET_WFD 191 +#define SSL_F_SSL_UNDEFINED_FUNCTION 192 +#define SSL_F_SSL_USE_CERTIFICATE 193 +#define SSL_F_SSL_USE_CERTIFICATE_ASN1 194 +#define SSL_F_SSL_USE_CERTIFICATE_FILE 195 +#define SSL_F_SSL_USE_PRIVATEKEY 196 +#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 197 +#define SSL_F_SSL_USE_PRIVATEKEY_FILE 198 +#define SSL_F_SSL_USE_RSAPRIVATEKEY 199 +#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 200 +#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 201 +#define SSL_F_SSL_WRITE 202 +#define SSL_F_WRITE_PENDING 203 + +/* Reason codes. */ +#define SSL_R_APP_DATA_IN_HANDSHAKE 100 +#define SSL_R_BAD_ALERT_RECORD 101 +#define SSL_R_BAD_AUTHENTICATION_TYPE 102 +#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 +#define SSL_R_BAD_CHECKSUM 104 +#define SSL_R_BAD_CLIENT_REQUEST 105 +#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 +#define SSL_R_BAD_DECOMPRESSION 107 +#define SSL_R_BAD_DH_G_LENGTH 108 +#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 +#define SSL_R_BAD_DH_P_LENGTH 110 +#define SSL_R_BAD_DIGEST_LENGTH 111 +#define SSL_R_BAD_DSA_SIGNATURE 112 +#define SSL_R_BAD_MAC_DECODE 113 +#define SSL_R_BAD_MESSAGE_TYPE 114 +#define SSL_R_BAD_PACKET_LENGTH 115 +#define SSL_R_BAD_RESPONSE_ARGUMENT 116 +#define SSL_R_BAD_RSA_DECRYPT 117 +#define SSL_R_BAD_RSA_ENCRYPT 118 +#define SSL_R_BAD_RSA_E_LENGTH 119 +#define SSL_R_BAD_RSA_MODULUS_LENGTH 120 +#define SSL_R_BAD_RSA_SIGNATURE 121 +#define SSL_R_BAD_SIGNATURE 122 +#define SSL_R_BAD_SSL_FILETYPE 123 +#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 124 +#define SSL_R_BAD_STATE 125 +#define SSL_R_BAD_WRITE_RETRY 126 +#define SSL_R_BIO_NOT_SET 127 +#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 128 +#define SSL_R_BN_LIB 129 +#define SSL_R_CA_DN_LENGTH_MISMATCH 130 +#define SSL_R_CA_DN_TOO_LONG 131 +#define SSL_R_CCS_RECEIVED_EARLY 132 +#define SSL_R_CERTIFICATE_VERIFY_FAILED 133 +#define SSL_R_CERT_LENGTH_MISMATCH 134 +#define SSL_R_CHALLENGE_IS_DIFFERENT 135 +#define SSL_R_CIPHER_CODE_WRONG_LENGTH 136 +#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 137 +#define SSL_R_CIPHER_TABLE_SRC_ERROR 138 +#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 139 +#define SSL_R_COMPRESSION_FAILURE 140 +#define SSL_R_CONNECTION_ID_IS_DIFFERENT 141 +#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 142 +#define SSL_R_DATA_LENGTH_TOO_LONG 143 +#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 144 +#define SSL_R_DIGEST_CHECK_FAILED 145 +#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 146 +#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 147 +#define SSL_R_EXCESSIVE_MESSAGE_SIZE 148 +#define SSL_R_EXTRA_DATA_IN_MESSAGE 149 +#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 150 +#define SSL_R_INTERNAL_ERROR 151 +#define SSL_R_INVALID_CHALLENGE_LENGTH 152 +#define SSL_R_LENGTH_MISMATCH 153 +#define SSL_R_LENGTH_TOO_SHORT 154 +#define SSL_R_LIBRARY_HAS_NO_CIPHERS 155 +#define SSL_R_MISSING_DH_DSA_CERT 156 +#define SSL_R_MISSING_DH_KEY 157 +#define SSL_R_MISSING_DH_RSA_CERT 158 +#define SSL_R_MISSING_DSA_SIGNING_CERT 159 +#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 160 +#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 161 +#define SSL_R_MISSING_RSA_CERTIFICATE 162 +#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 163 +#define SSL_R_MISSING_RSA_SIGNING_CERT 164 +#define SSL_R_MISSING_TMP_DH_KEY 165 +#define SSL_R_MISSING_TMP_RSA_KEY 166 +#define SSL_R_MISSING_TMP_RSA_PKEY 167 +#define SSL_R_MISSING_VERIFY_MESSAGE 168 +#define SSL_R_NON_SSLV2_INITIAL_PACKET 169 +#define SSL_R_NO_CERTIFICATES_PASSED 170 +#define SSL_R_NO_CERTIFICATE_ASSIGNED 171 +#define SSL_R_NO_CERTIFICATE_RETURNED 172 +#define SSL_R_NO_CERTIFICATE_SET 173 +#define SSL_R_NO_CERTIFICATE_SPECIFIED 174 +#define SSL_R_NO_CIPHERS_AVAILABLE 175 +#define SSL_R_NO_CIPHERS_PASSED 176 +#define SSL_R_NO_CIPHERS_SPECIFIED 177 +#define SSL_R_NO_CIPHER_LIST 178 +#define SSL_R_NO_CIPHER_MATCH 179 +#define SSL_R_NO_CLIENT_CERT_RECEIVED 180 +#define SSL_R_NO_COMPRESSION_SPECIFIED 181 +#define SSL_R_NO_PRIVATEKEY 182 +#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 183 +#define SSL_R_NO_PUBLICKEY 184 +#define SSL_R_NO_SHARED_CIPHER 185 +#define SSL_R_NULL_SSL_CTX 186 +#define SSL_R_NULL_SSL_METHOD_PASSED 187 +#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 188 +#define SSL_R_PACKET_LENGTH_TOO_LONG 189 +#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 190 +#define SSL_R_PEER_ERROR 191 +#define SSL_R_PEER_ERROR_CERTIFICATE 192 +#define SSL_R_PEER_ERROR_NO_CERTIFICATE 193 +#define SSL_R_PEER_ERROR_NO_CIPHER 194 +#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 195 +#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 196 +#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 197 +#define SSL_R_PROTOCOL_IS_SHUTDOWN 198 +#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 199 +#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 200 +#define SSL_R_PUBLIC_KEY_NOT_RSA 201 +#define SSL_R_READ_BIO_NOT_SET 202 +#define SSL_R_READ_WRONG_PACKET_TYPE 203 +#define SSL_R_RECORD_LENGTH_MISMATCH 204 +#define SSL_R_RECORD_TOO_LARGE 205 +#define SSL_R_REQUIRED_CIPHER_MISSING 206 +#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 207 +#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 208 +#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 209 +#define SSL_R_SHORT_READ 210 +#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 211 +#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 212 +#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 +#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 +#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 +#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 +#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 +#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 +#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 +#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 +#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 213 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 214 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 215 +#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 216 +#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 +#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 217 +#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 +#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 218 +#define SSL_R_SSL_HANDSHAKE_FAILURE 219 +#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 220 +#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 221 +#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 222 +#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 223 +#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 224 +#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 225 +#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 226 +#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 227 +#define SSL_R_UNEXPECTED_MESSAGE 228 +#define SSL_R_UNEXPECTED_RECORD 229 +#define SSL_R_UNKNOWN_ALERT_TYPE 230 +#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 231 +#define SSL_R_UNKNOWN_CIPHER_RETURNED 232 +#define SSL_R_UNKNOWN_CIPHER_TYPE 233 +#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 234 +#define SSL_R_UNKNOWN_PKEY_TYPE 235 +#define SSL_R_UNKNOWN_PROTOCOL 236 +#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 237 +#define SSL_R_UNKNOWN_SSL_VERSION 238 +#define SSL_R_UNKNOWN_STATE 239 +#define SSL_R_UNSUPPORTED_CIPHER 240 +#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 241 +#define SSL_R_UNSUPPORTED_SSL_VERSION 242 +#define SSL_R_WRITE_BIO_NOT_SET 243 +#define SSL_R_WRONG_CIPHER_RETURNED 244 +#define SSL_R_WRONG_MESSAGE_TYPE 245 +#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 246 +#define SSL_R_WRONG_SIGNATURE_LENGTH 247 +#define SSL_R_WRONG_SIGNATURE_SIZE 248 +#define SSL_R_WRONG_SSL_VERSION 249 +#define SSL_R_WRONG_VERSION_NUMBER 250 +#define SSL_R_X509_LIB 251 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/ssl/ssl2.h b/ssl/ssl2.h new file mode 100644 index 0000000000..db353f5841 --- /dev/null +++ b/ssl/ssl2.h @@ -0,0 +1,263 @@ +/* ssl/ssl2.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL2_H +#define HEADER_SSL2_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* Protocol Version Codes */ +#define SSL2_CLIENT_VERSION 0x0002 +#define SSL2_SERVER_VERSION 0x0002 + +/* Protocol Message Codes */ +#define SSL2_MT_ERROR 0 +#define SSL2_MT_CLIENT_HELLO 1 +#define SSL2_MT_CLIENT_MASTER_KEY 2 +#define SSL2_MT_CLIENT_FINISHED 3 +#define SSL2_MT_SERVER_HELLO 4 +#define SSL2_MT_SERVER_VERIFY 5 +#define SSL2_MT_SERVER_FINISHED 6 +#define SSL2_MT_REQUEST_CERTIFICATE 7 +#define SSL2_MT_CLIENT_CERTIFICATE 8 + +/* Error Message Codes */ +#define SSL2_PE_UNDEFINED_ERROR 0x0000 +#define SSL2_PE_NO_CIPHER 0x0001 +#define SSL2_PE_NO_CERTIFICATE 0x0002 +#define SSL2_PE_BAD_CERTIFICATE 0x0004 +#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006 + +/* Cipher Kind Values */ +#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */ +#define SSL2_CK_RC4_128_WITH_MD5 0x02010080 +#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080 +#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080 +#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080 +#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080 +#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040 +#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */ +#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0 +#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */ +#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */ + +#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */ +#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */ + +#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1" +#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5" +#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5" +#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5" +#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5" +#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5" +#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5" +#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5" +#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA" +#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5" +#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA" +#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5" + +#define SSL2_TXT_NULL "NULL" + +/* Flags for the SSL_CIPHER.algorithm2 field */ +#define SSL2_CF_5_BYTE_ENC 0x01 +#define SSL2_CF_8_BYTE_ENC 0x02 + +/* Certificate Type Codes */ +#define SSL2_CT_X509_CERTIFICATE 0x01 + +/* Authentication Type Code */ +#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01 + +#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32 + +/* Upper/Lower Bounds */ +#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256 +#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)32767 +#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /**/ + +#define SSL2_CHALLENGE_LENGTH 16 +/*#define SSL2_CHALLENGE_LENGTH 32 */ +#define SSL2_MIN_CHALLENGE_LENGTH 16 +#define SSL2_MAX_CHALLENGE_LENGTH 32 +#define SSL2_CONNECTION_ID_LENGTH 16 +#define SSL2_MAX_CONNECTION_ID_LENGTH 16 +#define SSL2_SSL_SESSION_ID_LENGTH 16 +#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32 +#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16 +#define SSL2_MAX_KEY_MATERIAL_LENGTH 24 + +#ifndef HEADER_SSL_LOCL_H +#define CERT char +#endif + +typedef struct ssl2_ctx_st + { + int first_packet; /* enable first packet checking in server */ + int three_byte_header; + int clear_text; /* clear text */ + int escape; /* not used in SSLv2 */ + int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */ + + /* non-blocking io info, used to make sure the same + * args were passwd */ + unsigned int wnum; /* number of bytes sent so far */ + int wpend_tot; + char *wpend_buf; + + int wpend_off; /* offset to data to write */ + int wpend_len; /* number of bytes passwd to write */ + int wpend_ret; /* number of bytes to return to caller */ + + /* buffer raw data */ + int rbuf_left; + int rbuf_offs; + unsigned char *rbuf; + unsigned char *wbuf; + + unsigned char *write_ptr;/* used to point to the start due to + * 2/3 byte header. */ + + unsigned int padding; + unsigned int rlength; /* passed to ssl2_enc */ + int ract_data_length; /* Set when things are encrypted. */ + unsigned int wlength; /* passed to ssl2_enc */ + int wact_data_length; /* Set when things are decrypted. */ + unsigned char *ract_data; + unsigned char *wact_data; + unsigned char *mac_data; + unsigned char *pad_data; + + unsigned char *read_key; + unsigned char *write_key; + + /* Stuff specifically to do with this SSL session */ + unsigned int challenge_length; + unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH]; + unsigned int conn_id_length; + unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH]; + unsigned int key_material_length; + unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2]; + + unsigned long read_sequence; + unsigned long write_sequence; + + struct { + unsigned int conn_id_length; + unsigned int cert_type; + unsigned int cert_length; + int csl; + int clear; + unsigned int enc; + unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH]; + int cipher_spec_length; + unsigned int session_id_length; + unsigned int clen; + unsigned int rlen; + } tmp; + } SSL2_CTX; + +/* SSLv2 */ +/* client */ +#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT) +#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT) +#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT) +/* server */ +#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT) +#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT) +#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT) + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/ssl/ssl23.h b/ssl/ssl23.h new file mode 100644 index 0000000000..6e6f26bbb3 --- /dev/null +++ b/ssl/ssl23.h @@ -0,0 +1,83 @@ +/* ssl/ssl23.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL23_H +#define HEADER_SSL23_H + +#ifdef __cplusplus +extern "C" { +#endif + +/*client */ +/* write to server */ +#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT) +#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT) +/* read from server */ +#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT) +#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT) + +/* server */ +/* read from client */ +#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT) +#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT) + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/ssl/ssl3.h b/ssl/ssl3.h new file mode 100644 index 0000000000..9675ec2d7d --- /dev/null +++ b/ssl/ssl3.h @@ -0,0 +1,417 @@ +/* ssl/ssl3.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL3_H +#define HEADER_SSL3_H + +#include "buffer.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define SSL3_CK_RSA_NULL_MD5 0x03000001 +#define SSL3_CK_RSA_NULL_SHA 0x03000002 +#define SSL3_CK_RSA_RC4_40_MD5 0x03000003 +#define SSL3_CK_RSA_RC4_128_MD5 0x03000004 +#define SSL3_CK_RSA_RC4_128_SHA 0x03000005 +#define SSL3_CK_RSA_RC2_40_MD5 0x03000006 +#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007 +#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008 +#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009 +#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A + +#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B +#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C +#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D +#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E +#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F +#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010 + +#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011 +#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012 +#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013 +#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 +#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 +#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 + +#define SSL3_CK_ADH_RC4_40_MD5 0x03000017 +#define SSL3_CK_ADH_RC4_128_MD5 0x03000018 +#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 +#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A +#define SSL3_CK_ADH_DES_196_CBC_SHA 0x0300001B + +#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C +#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D +#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E + +#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" +#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" +#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" +#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" +#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" +#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" +#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-MD5" +#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA" +#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA" +#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA" + +#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA" +#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA" +#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA" +#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA" +#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA" +#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA" + +#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA" +#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA" +#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA" +#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC" +#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" +#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" + +#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" +#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" +#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" +#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" +#define SSL3_TXT_ADH_DES_196_CBC_SHA "ADH-DES-CBC3-SHA" + +#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA" +#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" +#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" + +#define SSL3_SSL_SESSION_ID_LENGTH 32 +#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 + +#define SSL3_MASTER_SECRET_SIZE 48 +#define SSL3_RANDOM_SIZE 32 +#define SSL3_SESSION_ID_SIZE 32 +#define SSL3_RT_HEADER_LENGTH 5 + +/* Due to MS stuffing up, this can change.... */ +#if defined(WIN16) || (defined(MSDOS) && !defined(WIN32)) +#define SSL3_RT_MAX_EXTRA (14000) +#else +#define SSL3_RT_MAX_EXTRA (16384) +#endif + +#define SSL3_RT_MAX_PLAIN_LENGTH 16384 +#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH) +#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH) +#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) +#define SSL3_RT_MAX_DATA_SIZE (1024*1024) + +/* the states that a SSL3_RECORD can be in + * For SSL_read it goes + * rbuf->ENCODED -> read + * ENCODED -> we need to decode everything - call decode_record + */ + +#define SSL3_RS_BLANK 1 +#define SSL3_RS_DATA + +#define SSL3_RS_ENCODED 2 +#define SSL3_RS_READ_MORE 3 +#define SSL3_RS_WRITE_MORE +#define SSL3_RS_PLAIN 3 +#define SSL3_RS_PART_READ 4 +#define SSL3_RS_PART_WRITE 5 + +#define SSL3_MD_CLIENT_FINISHED_CONST 0x43,0x4C,0x4E,0x54 +#define SSL3_MD_SERVER_FINISHED_CONST 0x53,0x52,0x56,0x52 + +#define SSL3_VERSION 0x0300 +#define SSL3_VERSION_MAJOR 0x03 +#define SSL3_VERSION_MINOR 0x00 + +#define SSL3_RT_CHANGE_CIPHER_SPEC 20 +#define SSL3_RT_ALERT 21 +#define SSL3_RT_HANDSHAKE 22 +#define SSL3_RT_APPLICATION_DATA 23 + +#define SSL3_AL_WARNING 1 +#define SSL3_AL_FATAL 2 + +#define SSL3_AD_CLOSE_NOTIFY 0 +#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */ +#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */ +#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */ +#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */ +#define SSL3_AD_NO_CERTIFICATE 41 +#define SSL3_AD_BAD_CERTIFICATE 42 +#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 +#define SSL3_AD_CERTIFICATE_REVOKED 44 +#define SSL3_AD_CERTIFICATE_EXPIRED 45 +#define SSL3_AD_CERTIFICATE_UNKNOWN 46 +#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */ + +typedef struct ssl3_record_st + { +/*r */ int type; /* type of record */ +/* */ /*int state;*/ /* any data in it? */ +/*rw*/ unsigned int length; /* How many bytes available */ +/*r */ unsigned int off; /* read/write offset into 'buf' */ +/*rw*/ unsigned char *data; /* pointer to the record data */ +/*rw*/ unsigned char *input; /* where the decode bytes are */ +/*rw*/ unsigned char *comp; /* only used with decompression */ + } SSL3_RECORD; + +typedef struct ssl3_buffer_st + { +/*r */ int total; /* used in non-blocking writes */ +/*r */ int wanted; /* how many more bytes we need */ +/*rw*/ int left; /* how many bytes left */ +/*rw*/ int offset; /* where to 'copy from' */ +/*rw*/ unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes */ + } SSL3_BUFFER; + +typedef struct ssl3_compression_st { + int nothing; + } SSL3_COMPRESSION; + +#define SSL3_CT_RSA_SIGN 1 +#define SSL3_CT_DSS_SIGN 2 +#define SSL3_CT_RSA_FIXED_DH 3 +#define SSL3_CT_DSS_FIXED_DH 4 +#define SSL3_CT_RSA_EPHEMERAL_DH 5 +#define SSL3_CT_DSS_EPHEMERAL_DH 6 +#define SSL3_CT_FORTEZZA_DMS 20 +#define SSL3_CT_NUMBER 7 + +#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 +#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 +#define SSL3_FLAGS_POP_BUFFER 0x0004 + +typedef struct ssl3_ctx_st + { + long flags; + int delay_buf_pop_ret; + + unsigned char read_sequence[8]; + unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; + unsigned char write_sequence[8]; + unsigned char write_mac_secret[EVP_MAX_MD_SIZE]; + + unsigned char server_random[SSL3_RANDOM_SIZE]; + unsigned char client_random[SSL3_RANDOM_SIZE]; + + SSL3_BUFFER rbuf; /* read IO goes into here */ + SSL3_BUFFER wbuf; /* write IO goes into here */ + SSL3_RECORD rrec; /* each decoded record goes in here */ + SSL3_RECORD wrec; /* goes out from here */ + /* Used by ssl3_read_n to point + * to input data packet */ + + /* partial write - check the numbers match */ + unsigned int wnum; /* number of bytes sent so far */ + int wpend_tot; /* number bytes written */ + int wpend_type; + int wpend_ret; /* number of bytes submitted */ + char *wpend_buf; + + /* used during startup, digest all incoming/outgoing packets */ + EVP_MD_CTX finish_dgst1; + EVP_MD_CTX finish_dgst2; + + /* this is set whenerver we see a change_cipher_spec message + * come in when we are not looking for one */ + int change_cipher_spec; + + int warn_alert; + int fatal_alert; + /* we alow one fatal and one warning alert to be outstanding, + * send close alert via the warning alert */ + int alert_dispatch; + char send_alert[2]; + + struct { + unsigned char finish_md1[EVP_MAX_MD_SIZE]; + unsigned char finish_md2[EVP_MAX_MD_SIZE]; + + unsigned long message_size; + int message_type; + + /* used to hold the new cipher we are going to use */ + SSL_CIPHER *new_cipher; + DH *dh; + + /* used when SSL_ST_FLUSH_DATA is entered */ + int next_state; + + int reuse_message; + + /* used for certificate requests */ + int cert_req; + int ctype_num; + char ctype[SSL3_CT_NUMBER]; + STACK *ca_names; + + int use_rsa_tmp; + + int key_block_length; + unsigned char *key_block; + + EVP_CIPHER *new_sym_enc; + EVP_MD *new_hash; + SSL_COMPRESSION *new_compression; + } tmp; + } SSL3_CTX; + +/* SSLv3 */ +/*client */ +/* extra state */ +#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) +/* write to server */ +#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) +#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) +/* read from server */ +#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) +#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) +#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) +#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) +#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) +#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT) +#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT) +#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT) +#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT) +#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT) +/* write to server */ +#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT) +#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT) +#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT) +#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) +#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) +#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) +#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) +#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) +/* read from server */ +#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT) +#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) +#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) +#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) + +/* server */ +/* extra state */ +#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT) +/* read from client */ +#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) +/* write to client */ +#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) +#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) +#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) +#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT) +#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT) +#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT) +#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT) +#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT) +#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT) +/* read from client */ +#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT) +#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT) +#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) +#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) +#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) +#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) +/* write to client */ +#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT) +#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) +#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) +#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) + +#define SSL3_MT_CLIENT_REQUEST 0 +#define SSL3_MT_CLIENT_HELLO 1 +#define SSL3_MT_SERVER_HELLO 2 +#define SSL3_MT_CERTIFICATE 11 +#define SSL3_MT_SERVER_KEY_EXCHANGE 12 +#define SSL3_MT_CERTIFICATE_REQUEST 13 +#define SSL3_MT_SERVER_DONE 14 +#define SSL3_MT_CERTIFICATE_VERIFY 15 +#define SSL3_MT_CLIENT_KEY_EXCHANGE 16 +#define SSL3_MT_FINISHED 20 + +#define SSL3_MT_CCS 1 + +/* These are used when changing over to a new cipher */ +#define SSL3_CC_READ 0x01 +#define SSL3_CC_WRITE 0x02 +#define SSL3_CC_CLIENT 0x10 +#define SSL3_CC_SERVER 0x20 +#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE) +#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ) +#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ) +#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE) + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c new file mode 100644 index 0000000000..36b03335bb --- /dev/null +++ b/ssl/ssl_algs.c @@ -0,0 +1,99 @@ +/* ssl/ssl_algs.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "objects.h" +#include "lhash.h" +#include "ssl_locl.h" + +void SSLeay_add_ssl_algorithms() + { +#ifndef NO_DES + EVP_add_cipher(EVP_des_cbc()); + EVP_add_cipher(EVP_des_ede3_cbc()); +#endif +#ifndef NO_IDEA + EVP_add_cipher(EVP_idea_cbc()); +#endif +#ifndef NO_RC4 + EVP_add_cipher(EVP_rc4()); +#endif +#ifndef NO_RC2 + EVP_add_cipher(EVP_rc2_cbc()); +#endif + +#ifndef NO_MD2 + EVP_add_digest(EVP_md2()); +#endif +#ifndef NO_MD5 + EVP_add_digest(EVP_md5()); +#endif +#ifndef NO_SHA1 + EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ +#endif +#if !defined(NO_SHA1) && !defined(NO_DSA) + EVP_add_digest(EVP_dss1()); /* DSA with sha1 */ +#endif + + /* If you want support for phased out ciphers, add the following */ +#if 0 + EVP_add_digest(EVP_sha()); + EVP_add_digest(EVP_dss()); +#endif + } + diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c new file mode 100644 index 0000000000..873497a877 --- /dev/null +++ b/ssl/ssl_asn1.c @@ -0,0 +1,313 @@ +/* ssl/ssl_asn1.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <stdlib.h> +#include "asn1_mac.h" +#include "objects.h" +#include "ssl_locl.h" + +typedef struct ssl_session_asn1_st + { + ASN1_INTEGER version; + ASN1_INTEGER ssl_version; + ASN1_OCTET_STRING cipher; + ASN1_OCTET_STRING master_key; + ASN1_OCTET_STRING session_id; + ASN1_OCTET_STRING key_arg; + ASN1_INTEGER time; + ASN1_INTEGER timeout; + } SSL_SESSION_ASN1; + +/* + * SSLerr(SSL_F_I2D_SSL_SESSION,SSL_R_CIPHER_CODE_WRONG_LENGTH); + * SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNSUPPORTED_CIPHER); + */ + +int i2d_SSL_SESSION(in,pp) +SSL_SESSION *in; +unsigned char **pp; + { +#define LSIZE2 (sizeof(long)*2) + int v1=0,v2=0,v3=0; + unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2]; + unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2]; + long l; + SSL_SESSION_ASN1 a; + M_ASN1_I2D_vars(in); + + if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0))) + return(0); + + /* Note that I cheat in the following 2 assignments. I know + * that if the ASN1_INTERGER passed to ASN1_INTEGER_set + * is > sizeof(long)+1, the buffer will not be re-Malloc()ed. + * This is a bit evil but makes things simple, no dynamic allocation + * to clean up :-) */ + a.version.length=LSIZE2; + a.version.type=V_ASN1_INTEGER; + a.version.data=ibuf1; + ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION); + + a.ssl_version.length=LSIZE2; + a.ssl_version.type=V_ASN1_INTEGER; + a.ssl_version.data=ibuf2; + ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version); + + a.cipher.type=V_ASN1_OCTET_STRING; + a.cipher.data=buf; + + if (in->cipher == NULL) + l=in->cipher_id; + else + l=in->cipher->id; + if (in->ssl_version == 2) + { + a.cipher.length=3; + buf[0]=((unsigned char)(l>>16L))&0xff; + buf[1]=((unsigned char)(l>> 8L))&0xff; + buf[2]=((unsigned char)(l ))&0xff; + } + else + { + a.cipher.length=2; + buf[0]=((unsigned char)(l>>8L))&0xff; + buf[1]=((unsigned char)(l ))&0xff; + } + + a.master_key.length=in->master_key_length; + a.master_key.type=V_ASN1_OCTET_STRING; + a.master_key.data=in->master_key; + + a.session_id.length=in->session_id_length; + a.session_id.type=V_ASN1_OCTET_STRING; + a.session_id.data=in->session_id; + + a.key_arg.length=in->key_arg_length; + a.key_arg.type=V_ASN1_OCTET_STRING; + a.key_arg.data=in->key_arg; + + if (in->time != 0L) + { + a.time.length=LSIZE2; + a.time.type=V_ASN1_INTEGER; + a.time.data=ibuf3; + ASN1_INTEGER_set(&(a.time),in->time); + } + + if (in->timeout != 0L) + { + a.timeout.length=LSIZE2; + a.timeout.type=V_ASN1_INTEGER; + a.timeout.data=ibuf4; + ASN1_INTEGER_set(&(a.timeout),in->timeout); + } + + M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER); + M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER); + M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING); + M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING); + M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING); + if (in->key_arg_length > 0) + M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING); + if (in->time != 0L) + M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1); + if (in->timeout != 0L) + M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2); + if (in->peer != NULL) + M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3); + + M_ASN1_I2D_seq_total(); + + M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER); + M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER); + M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING); + M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING); + M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING); + if (in->key_arg_length > 0) + M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0); + if (in->time != 0L) + M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1); + if (in->timeout != 0L) + M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2); + if (in->peer != NULL) + M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3); + + M_ASN1_I2D_finish(); + } + +SSL_SESSION *d2i_SSL_SESSION(a,pp,length) +SSL_SESSION **a; +unsigned char **pp; +long length; + { + int version,ssl_version=0,i; + long id; + ASN1_INTEGER ai,*aip; + ASN1_OCTET_STRING os,*osp; + M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new); + + aip= &ai; + osp= &os; + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + + ai.data=NULL; ai.length=0; + M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER); + version=(int)ASN1_INTEGER_get(aip); + if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; } + + /* we don't care about the version right now :-) */ + M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER); + ssl_version=(int)ASN1_INTEGER_get(aip); + ret->ssl_version=ssl_version; + if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; } + + os.data=NULL; os.length=0; + M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); + if (ssl_version == 2) + { + if (os.length != 3) + { + c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH; + goto err; + } + id=0x02000000L| + ((unsigned long)os.data[0]<<16L)| + ((unsigned long)os.data[1]<< 8L)| + (unsigned long)os.data[2]; + } + else if (ssl_version == 3) + { + if (os.length != 2) + { + c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH; + goto err; + } + id=0x03000000L| + ((unsigned long)os.data[0]<<8L)| + (unsigned long)os.data[1]; + } + else + { + SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION); + return(NULL); + } + + ret->cipher=NULL; + ret->cipher_id=id; + + M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); + if (ssl_version == 3) + i=SSL3_MAX_SSL_SESSION_ID_LENGTH; + else /* if (ssl_version == 2) */ + i=SSL2_MAX_SSL_SESSION_ID_LENGTH; + + if (os.length > i) + os.length=i; + + ret->session_id_length=os.length; + memcpy(ret->session_id,os.data,os.length); + + M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); + if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH) + ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; + else + ret->master_key_length=os.length; + memcpy(ret->master_key,os.data,ret->master_key_length); + + os.length=0; + M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING); + if (os.length > SSL_MAX_KEY_ARG_LENGTH) + ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH; + else + ret->key_arg_length=os.length; + memcpy(ret->key_arg,os.data,ret->key_arg_length); + if (os.data != NULL) Free(os.data); + + ai.length=0; + M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1); + if (ai.data != NULL) + { + ret->time=ASN1_INTEGER_get(aip); + Free(ai.data); ai.data=NULL; ai.length=0; + } + else + ret->time=time(NULL); + + ai.length=0; + M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2); + if (ai.data != NULL) + { + ret->timeout=ASN1_INTEGER_get(aip); + Free(ai.data); ai.data=NULL; ai.length=0; + } + else + ret->timeout=3; + + if (ret->peer != NULL) + { + X509_free(ret->peer); + ret->peer=NULL; + } + M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3); + + M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION); + } + diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c new file mode 100644 index 0000000000..0c040d9cf3 --- /dev/null +++ b/ssl/ssl_cert.c @@ -0,0 +1,326 @@ +/* ssl/ssl_cert.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "objects.h" +#include "bio.h" +#include "pem.h" +#include "ssl_locl.h" + +CERT *ssl_cert_new() + { + CERT *ret; + + ret=(CERT *)Malloc(sizeof(CERT)); + if (ret == NULL) + { + SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + memset(ret,0,sizeof(CERT)); +/* + ret->valid=0; + ret->mask=0; + ret->export_mask=0; + ret->cert_type=0; + ret->key->x509=NULL; + ret->key->publickey=NULL; + ret->key->privatekey=NULL; */ + + ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]); + ret->references=1; + + return(ret); + } + +void ssl_cert_free(c) +CERT *c; + { + int i; + + i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT); + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"ssl_cert_free, bad reference count\n"); + abort(); /* ok */ + } +#endif + +#ifndef NO_RSA + if (c->rsa_tmp) RSA_free(c->rsa_tmp); +#endif +#ifndef NO_DH + if (c->dh_tmp) DH_free(c->dh_tmp); +#endif + + for (i=0; i<SSL_PKEY_NUM; i++) + { + if (c->pkeys[i].x509 != NULL) + X509_free(c->pkeys[i].x509); + if (c->pkeys[i].privatekey != NULL) + EVP_PKEY_free(c->pkeys[i].privatekey); +#if 0 + if (c->pkeys[i].publickey != NULL) + EVP_PKEY_free(c->pkeys[i].publickey); +#endif + } + if (c->cert_chain != NULL) + sk_pop_free(c->cert_chain,X509_free); + Free(c); + } + +int ssl_set_cert_type(c, type) +CERT *c; +int type; + { + c->cert_type=type; + return(1); + } + +int ssl_verify_cert_chain(s,sk) +SSL *s; +STACK *sk; + { + X509 *x; + int i; + X509_STORE_CTX ctx; + + if ((sk == NULL) || (sk_num(sk) == 0)) + return(0); + + x=(X509 *)sk_value(sk,0); + X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk); + X509_STORE_CTX_set_app_data(&ctx,(char *)s); + + if (s->ctx->app_verify_callback != NULL) + i=s->ctx->app_verify_callback(&ctx); + else + i=X509_verify_cert(&ctx); + + X509_STORE_CTX_cleanup(&ctx); + s->verify_result=ctx.error; + + return(i); + } + +static void set_client_CA_list(ca_list,list) +STACK **ca_list; +STACK *list; + { + if (*ca_list != NULL) + sk_pop_free(*ca_list,X509_NAME_free); + + *ca_list=list; + } + +STACK *SSL_dup_CA_list(sk) +STACK *sk; + { + int i; + STACK *ret; + X509_NAME *name; + + ret=sk_new_null(); + for (i=0; i<sk_num(sk); i++) + { + name=X509_NAME_dup((X509_NAME *)sk_value(sk,i)); + if ((name == NULL) || !sk_push(ret,(char *)name)) + { + sk_pop_free(ret,X509_NAME_free); + return(NULL); + } + } + return(ret); + } + +void SSL_set_client_CA_list(s,list) +SSL *s; +STACK *list; + { + set_client_CA_list(&(s->client_CA),list); + } + +void SSL_CTX_set_client_CA_list(ctx,list) +SSL_CTX *ctx; +STACK *list; + { + set_client_CA_list(&(ctx->client_CA),list); + } + +STACK *SSL_CTX_get_client_CA_list(ctx) +SSL_CTX *ctx; + { + return(ctx->client_CA); + } + +STACK *SSL_get_client_CA_list(s) +SSL *s; + { + if (s->type == SSL_ST_CONNECT) + { /* we are in the client */ + if ((s->version == 3) && (s->s3 != NULL)) + return(s->s3->tmp.ca_names); + else + return(NULL); + } + else + { + if (s->client_CA != NULL) + return(s->client_CA); + else + return(s->ctx->client_CA); + } + } + +static int add_client_CA(sk,x) +STACK **sk; +X509 *x; + { + X509_NAME *name; + + if (x == NULL) return(0); + if ((*sk == NULL) && ((*sk=sk_new_null()) == NULL)) + return(0); + + if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL) + return(0); + + if (!sk_push(*sk,(char *)name)) + { + X509_NAME_free(name); + return(0); + } + return(1); + } + +int SSL_add_client_CA(ssl,x) +SSL *ssl; +X509 *x; + { + return(add_client_CA(&(ssl->client_CA),x)); + } + +int SSL_CTX_add_client_CA(ctx,x) +SSL_CTX *ctx; +X509 *x; + { + return(add_client_CA(&(ctx->client_CA),x)); + } + +static int name_cmp(a,b) +X509_NAME **a,**b; + { + return(X509_NAME_cmp(*a,*b)); + } + +STACK *SSL_load_client_CA_file(file) +char *file; + { + BIO *in; + X509 *x=NULL; + X509_NAME *xn=NULL; + STACK *ret,*sk; + + ret=sk_new(NULL); + sk=sk_new(name_cmp); +#ifdef WIN16 + in=BIO_new(BIO_s_file_internal_w16()); +#else + in=BIO_new(BIO_s_file()); +#endif + if ((ret == NULL) || (sk == NULL) || (in == NULL)) + { + SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE); + goto err; + } + + if (!BIO_read_filename(in,file)) + goto err; + + for (;;) + { + if (PEM_read_bio_X509(in,&x,NULL) == NULL) + break; + if ((xn=X509_get_subject_name(x)) == NULL) goto err; + /* check for duplicates */ + xn=X509_NAME_dup(xn); + if (xn == NULL) goto err; + if (sk_find(sk,(char *)xn) >= 0) + X509_NAME_free(xn); + else + { + sk_push(sk,(char *)xn); + sk_push(ret,(char *)xn); + } + } + + if (0) + { +err: + if (ret != NULL) sk_pop_free(ret,X509_NAME_free); + ret=NULL; + } + if (sk != NULL) sk_free(sk); + if (in != NULL) BIO_free(in); + if (x != NULL) X509_free(x); + return(ret); + } + + diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c new file mode 100644 index 0000000000..9fed3ad59a --- /dev/null +++ b/ssl/ssl_ciph.c @@ -0,0 +1,721 @@ +/* ssl/ssl_ciph.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "objects.h" +#include "ssl_locl.h" + +#define SSL_ENC_DES_IDX 0 +#define SSL_ENC_3DES_IDX 1 +#define SSL_ENC_RC4_IDX 2 +#define SSL_ENC_RC2_IDX 3 +#define SSL_ENC_IDEA_IDX 4 +#define SSL_ENC_eFZA_IDX 5 +#define SSL_ENC_NULL_IDX 6 +#define SSL_ENC_NUM_IDX 7 + +static EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ + NULL,NULL,NULL,NULL,NULL,NULL, + }; + +#define SSL_MD_MD5_IDX 0 +#define SSL_MD_SHA0_IDX 1 +#define SSL_MD_SHA1_IDX 2 +#define SSL_MD_NUM_IDX 3 +static EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={ + NULL,NULL,NULL, + }; + +typedef struct cipher_sort_st + { + SSL_CIPHER *cipher; + int pref; + } CIPHER_SORT; + +#define CIPHER_ADD 1 +#define CIPHER_KILL 2 +#define CIPHER_DEL 3 +#define CIPHER_ORDER 4 + +typedef struct cipher_choice_st + { + int type; + unsigned long algorithms; + unsigned long mask; + STACK *order; + } CIPHER_CHOICE; + +static SSL_CIPHER cipher_aliases[]={ + {0,SSL_TXT_ALL, 0,SSL_ALL, 0,SSL_ALL}, /* must be first */ + {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_DH, 0,SSL_DH, 0,SSL_MKEY_MASK}, + {0,SSL_TXT_EDH, 0,SSL_EDH, 0,SSL_MKEY_MASK|SSL_AUTH_MASK}, + + {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,SSL_AUTH_MASK}, + {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,SSL_AUTH_MASK}, + {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,SSL_AUTH_MASK}, + {0,SSL_TXT_aNULL,0,SSL_aNULL,0,SSL_AUTH_MASK}, + {0,SSL_TXT_aDH, 0,SSL_aDH, 0,SSL_AUTH_MASK}, + {0,SSL_TXT_DSS, 0,SSL_DSS, 0,SSL_AUTH_MASK}, + + {0,SSL_TXT_DES, 0,SSL_DES, 0,SSL_ENC_MASK}, + {0,SSL_TXT_3DES,0,SSL_3DES, 0,SSL_ENC_MASK}, + {0,SSL_TXT_RC4, 0,SSL_RC4, 0,SSL_ENC_MASK}, + {0,SSL_TXT_RC2, 0,SSL_RC2, 0,SSL_ENC_MASK}, + {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,SSL_ENC_MASK}, + {0,SSL_TXT_eNULL,0,SSL_eNULL,0,SSL_ENC_MASK}, + {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,SSL_ENC_MASK}, + + {0,SSL_TXT_MD5, 0,SSL_MD5, 0,SSL_MAC_MASK}, + {0,SSL_TXT_SHA0,0,SSL_SHA0, 0,SSL_MAC_MASK}, + {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,SSL_MAC_MASK}, + {0,SSL_TXT_SHA, 0,SSL_SHA, 0,SSL_MAC_MASK}, + + {0,SSL_TXT_NULL,0,SSL_NULL, 0,SSL_ENC_MASK}, + {0,SSL_TXT_RSA, 0,SSL_RSA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK}, + {0,SSL_TXT_ADH, 0,SSL_ADH, 0,SSL_AUTH_MASK|SSL_MKEY_MASK}, + {0,SSL_TXT_FZA, 0,SSL_FZA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK}, + + {0,SSL_TXT_EXP, 0,SSL_EXP, 0,SSL_EXP_MASK}, + {0,SSL_TXT_EXPORT,0,SSL_EXPORT,0,SSL_EXP_MASK}, + {0,SSL_TXT_SSLV2,0,SSL_SSLV2,0,SSL_SSL_MASK}, + {0,SSL_TXT_SSLV3,0,SSL_SSLV3,0,SSL_SSL_MASK}, + {0,SSL_TXT_LOW, 0,SSL_LOW,0,SSL_STRONG_MASK}, + {0,SSL_TXT_MEDIUM,0,SSL_MEDIUM,0,SSL_STRONG_MASK}, + {0,SSL_TXT_HIGH, 0,SSL_HIGH,0,SSL_STRONG_MASK}, + }; + +static int init_ciphers=1; +static void load_ciphers(); + +static int cmp_by_name(a,b) +SSL_CIPHER **a,**b; + { + return(strcmp((*a)->name,(*b)->name)); + } + +static void load_ciphers() + { + init_ciphers=0; + ssl_cipher_methods[SSL_ENC_DES_IDX]= + EVP_get_cipherbyname(SN_des_cbc); + ssl_cipher_methods[SSL_ENC_3DES_IDX]= + EVP_get_cipherbyname(SN_des_ede3_cbc); + ssl_cipher_methods[SSL_ENC_RC4_IDX]= + EVP_get_cipherbyname(SN_rc4); + ssl_cipher_methods[SSL_ENC_RC2_IDX]= + EVP_get_cipherbyname(SN_rc2_cbc); + ssl_cipher_methods[SSL_ENC_IDEA_IDX]= + EVP_get_cipherbyname(SN_idea_cbc); + + ssl_digest_methods[SSL_MD_MD5_IDX]= + EVP_get_digestbyname(SN_md5); + ssl_digest_methods[SSL_MD_SHA0_IDX]= + EVP_get_digestbyname(SN_sha); + ssl_digest_methods[SSL_MD_SHA1_IDX]= + EVP_get_digestbyname(SN_sha1); + } + +int ssl_cipher_get_evp(c,enc,md) +SSL_CIPHER *c; +EVP_CIPHER **enc; +EVP_MD **md; + { + int i; + + if (c == NULL) return(0); + + switch (c->algorithms & SSL_ENC_MASK) + { + case SSL_DES: + i=SSL_ENC_DES_IDX; + break; + case SSL_3DES: + i=SSL_ENC_3DES_IDX; + break; + case SSL_RC4: + i=SSL_ENC_RC4_IDX; + break; + case SSL_RC2: + i=SSL_ENC_RC2_IDX; + break; + case SSL_IDEA: + i=SSL_ENC_IDEA_IDX; + break; + case SSL_eNULL: + i=SSL_ENC_NULL_IDX; + break; + break; + default: + i= -1; + break; + } + + if ((i < 0) || (i > SSL_ENC_NUM_IDX)) + *enc=NULL; + else + { + if (i == SSL_ENC_NULL_IDX) + *enc=EVP_enc_null(); + else + *enc=ssl_cipher_methods[i]; + } + + switch (c->algorithms & SSL_MAC_MASK) + { + case SSL_MD5: + i=SSL_MD_MD5_IDX; + break; + case SSL_SHA0: + i=SSL_MD_SHA0_IDX; + break; + case SSL_SHA1: + i=SSL_MD_SHA1_IDX; + break; + default: + i= -1; + break; + } + if ((i < 0) || (i > SSL_MD_NUM_IDX)) + *md=NULL; + else + *md=ssl_digest_methods[i]; + + if ((*enc != NULL) && (*md != NULL)) + return(1); + else + return(0); + } + +STACK *ssl_create_cipher_list(ssl_method,cipher_list,cipher_list_by_id,str) +SSL_METHOD *ssl_method; +STACK **cipher_list,**cipher_list_by_id; +char *str; + { + SSL_CIPHER *c; + char *l; + STACK *ret=NULL,*ok=NULL; +#define CL_BUF 40 + char buf[CL_BUF]; + char *tmp_str=NULL; + unsigned long mask,algorithms,ma; + char *start; + int i,j,k,num=0,ch,multi; + unsigned long al; + STACK *ca_list=NULL; + STACK *c_list=NULL; + int old_x,old_y,current_x,num_x; + CIPHER_CHOICE *ops=NULL; + SSL_CIPHER c_tmp,*cp; + + if (str == NULL) return(NULL); + + if (strncmp(str,"DEFAULT",7) == 0) + { + i=strlen(str)+2+strlen(SSL_DEFAULT_CIPHER_LIST); + if ((tmp_str=Malloc(i)) == NULL) + { + SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); + goto err; + } + strcpy(tmp_str,SSL_DEFAULT_CIPHER_LIST); + strcat(tmp_str,&(str[7])); + str=tmp_str; + } + if (init_ciphers) load_ciphers(); + + num=ssl_method->num_ciphers(); + + if ((ret=(STACK *)sk_new(NULL)) == NULL) goto err; + if ((c_list=(STACK *)sk_new(NULL)) == NULL) goto err; + if ((ca_list=(STACK *)sk_new(cmp_by_name)) == NULL) goto err; + + mask =SSL_kFZA; +#ifdef NO_RSA + mask|=SSL_aRSA|SSL_kRSA; +#endif +#ifdef NO_DSA + mask|=SSL_aDSS; +#endif +#ifdef NO_DH + mask|=SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH; +#endif + +#ifndef SSL_ALLOW_ENULL + mask|=SSL_eNULL; +#endif + + mask|=(ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL)?SSL_DES :0; + mask|=(ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL)?SSL_3DES:0; + mask|=(ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL)?SSL_RC4 :0; + mask|=(ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL)?SSL_RC2 :0; + mask|=(ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL)?SSL_IDEA:0; + mask|=(ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL)?SSL_eFZA:0; + + mask|=(ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL)?SSL_MD5 :0; + mask|=(ssl_digest_methods[SSL_MD_SHA0_IDX] == NULL)?SSL_SHA0:0; + mask|=(ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL)?SSL_SHA1:0; + + /* Get the initial list of ciphers */ + for (i=0; i<num; i++) + { + c=ssl_method->get_cipher((unsigned int)i); + /* drop those that use any of that is not available */ + if ((c != NULL) && c->valid && !(c->algorithms & mask)) + { + if (!sk_push(c_list,(char *)c)) goto err; + if (!sk_push(ca_list,(char *)c)) goto err; + } + } + + /* special case */ + cipher_aliases[0].algorithms= ~mask; + + /* get the aliases */ + k=sizeof(cipher_aliases)/sizeof(SSL_CIPHER); + for (j=0; j<k; j++) + { + al=cipher_aliases[j].algorithms; + /* Drop those that are not relevent */ + if ((al & mask) == al) continue; + if (!sk_push(ca_list,(char *)&(cipher_aliases[j]))) goto err; + } + + /* ca_list now holds a 'stack' of SSL_CIPHERS, some real, some + * 'aliases' */ + + /* how many parameters are there? */ + num=1; + for (l=str; *l; l++) + if (*l == ':') num++; + ops=(CIPHER_CHOICE *)Malloc(sizeof(CIPHER_CHOICE)*num); + if (ops == NULL) goto err; + memset(ops,0,sizeof(CIPHER_CHOICE)*num); + for (i=0; i<num; i++) + if ((ops[i].order=sk_new_null()) == NULL) goto err; + + /* we now parse the input string and create our operations */ + l=str; + i=0; + current_x=0; + + for (;;) + { + ch= *l; + if (ch == '-') + { j=CIPHER_DEL; l++; } + else if (ch == '+') + { j=CIPHER_ORDER; l++; } + else if (ch == '!') + { j=CIPHER_KILL; l++; } + else + { j=CIPHER_ADD; } + + if (*l == ':') + { + l++; + continue; + } + ops[current_x].type=j; + ops[current_x].algorithms=0; + ops[current_x].mask=0; + + start=l; + for (;;) + { + ch= *l; + i=0; + while ( ((ch >= 'A') && (ch <= 'Z')) || + ((ch >= '0') && (ch <= '9')) || + ((ch >= 'a') && (ch <= 'z')) || + (ch == '-')) + { + buf[i]=ch; + ch= *(++l); + i++; + if (i >= (CL_BUF-2)) break; + } + buf[i]='\0'; + if (ch != '\0') l++; + + /* check for multi-part specification */ + multi=(ch == '+')?1:0; + + c_tmp.name=buf; + j=sk_find(ca_list,(char *)&c_tmp); + if (j < 0) + { + if (ch == '\0') + break; + else + continue; + } + + cp=(SSL_CIPHER *)sk_value(ca_list,j); + ops[current_x].algorithms|=cp->algorithms; + /* We add the SSL_SSL_MASK so we can match the + * SSLv2 and SSLv3 versions of RC4-MD5 */ + ops[current_x].mask|=cp->mask; + if (!multi) break; + } + current_x++; + if (ch == '\0') break; + } + + num_x=current_x; + current_x=0; + +#ifdef CIPHER_DEBUG + printf("<--->\n"); +#endif + + for (i=0; i<sk_num(c_list); i++) + { + old_x= -1; + old_y= -1; + cp=(SSL_CIPHER *)sk_value(c_list,i); +#ifdef CIPHER_DEBUG + printf("[%s]\n",cp->name); +#endif + for (j=0; j<num_x; j++) + { + algorithms=ops[j].algorithms; + ma=ops[j].mask & cp->algorithms; +#ifdef CIPHER_DEBUG + printf(" %s %08lX&%08lX==0 || %08lX != %08lX \n", + cp->name,ops[j].mask,cp->algorithms,ma,algorithms); +#endif + if ((ma == 0) || ((ma & algorithms) != ma)) + { + continue; + } + k=ops[j].type; +#ifdef CIPHER_DEBUG + printf(">>%s\n",cp->name); +#endif + + /* add the cipher if it has not been added yet. */ + if (k == CIPHER_ADD) + { + if (old_x < 0) + { + old_x=j; + old_y=sk_num(ops[j].order); + sk_push(ops[j].order,(char *)cp); + } + } + /* Move the added cipher to this location */ + else if (k == CIPHER_ORDER) + { + if (old_x >= 0) + { + sk_value(ops[old_x].order,old_y)=NULL; + old_y=sk_num(ops[j].order); + sk_push(ops[j].order,(char *)cp); + old_x=j; + } + } + /* Remove added cipher */ + else if ((k == CIPHER_DEL) || (k == CIPHER_KILL)) + { + if (old_x >= 0) + { + sk_value(ops[old_x].order,old_y)=NULL; + old_x= -1; + } + if (k == CIPHER_KILL) + break; + } + } + } + + for (i=0; i<num_x; i++) + { + for (j=0; j<sk_num(ops[i].order); j++) + { + cp=(SSL_CIPHER *)sk_value(ops[i].order,j); + if (cp != NULL) + { + sk_push(ret,(char *)cp); +#ifdef CIPHER_DEBUG + printf("<%s>\n",cp->name); +#endif + } + } + } + + if (cipher_list != NULL) + { + if (*cipher_list != NULL) + sk_free(*cipher_list); + *cipher_list=ret; + } + + if (cipher_list_by_id != NULL) + { + if (*cipher_list_by_id != NULL) + sk_free(*cipher_list_by_id); + *cipher_list_by_id=sk_dup(ret); + } + + if ( (cipher_list_by_id == NULL) || + (*cipher_list_by_id == NULL) || + (cipher_list == NULL) || + (*cipher_list == NULL)) + goto err; + sk_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp); + + ok=ret; + ret=NULL; +err: + if (tmp_str) Free(tmp_str); + if (ops != NULL) + { + for (i=0; i<num; i++) + if (ops[i].order != NULL) + sk_free(ops[i].order); + Free(ops); + } + if (ret != NULL) sk_free(ret); + if (c_list != NULL) sk_free(c_list); + if (ca_list != NULL) sk_free(ca_list); + return(ok); + } + +char *SSL_CIPHER_description(cipher,buf,len) +SSL_CIPHER *cipher; +char *buf; +int len; + { + int export; + char *ver,*exp; + char *kx,*au,*enc,*mac; + unsigned long alg,alg2; + static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; + + alg=cipher->algorithms; + alg2=cipher->algorithm2; + + export=(alg&SSL_EXP)?1:0; + exp=(export)?" export":""; + + if (alg & SSL_SSLV2) + ver="SSLv2"; + else if (alg & SSL_SSLV3) + ver="SSLv3"; + else + ver="unknown"; + + switch (alg&SSL_MKEY_MASK) + { + case SSL_kRSA: + kx=(export)?"RSA(512)":"RSA"; + break; + case SSL_kDHr: + kx="DH/RSA"; + break; + case SSL_kDHd: + kx="DH/DSS"; + break; + case SSL_kFZA: + kx="Fortezza"; + break; + case SSL_kEDH: + kx=(export)?"DH(512)":"DH"; + break; + default: + kx="unknown"; + } + + switch (alg&SSL_AUTH_MASK) + { + case SSL_aRSA: + au="RSA"; + break; + case SSL_aDSS: + au="DSS"; + break; + case SSL_aDH: + au="DH"; + break; + case SSL_aFZA: + case SSL_aNULL: + au="None"; + break; + default: + au="unknown"; + break; + } + + switch (alg&SSL_ENC_MASK) + { + case SSL_DES: + enc=export?"DES(40)":"DES(56)"; + break; + case SSL_3DES: + enc="3DES(168)"; + break; + case SSL_RC4: + enc=export?"RC4(40)":((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)"); + break; + case SSL_RC2: + enc=export?"RC2(40)":"RC2(128)"; + break; + case SSL_IDEA: + enc="IDEA(128)"; + break; + case SSL_eFZA: + enc="Fortezza"; + break; + case SSL_eNULL: + enc="None"; + break; + default: + enc="unknown"; + break; + } + + switch (alg&SSL_MAC_MASK) + { + case SSL_MD5: + mac="MD5"; + break; + case SSL_SHA0: + mac="SHA0"; + break; + case SSL_SHA1: + mac="SHA1"; + break; + default: + mac="unknown"; + break; + } + + if (buf == NULL) + { + buf=Malloc(128); + if (buf == NULL) return("Malloc Error"); + } + else if (len < 128) + return("Buffer too small"); + + sprintf(buf,format,cipher->name,ver,kx,au,enc,mac,exp); + return(buf); + } + +char *SSL_CIPHER_get_version(c) +SSL_CIPHER *c; + { + int i; + + i=(int)(c->id>>24L); + if (i == 3) + return("SSLv3"); + else if (i == 2) + return("SSLv2"); + else + return("unknown"); + } + +/* return the actual cipher being used */ +char *SSL_CIPHER_get_name(c) +SSL_CIPHER *c; + { + if (c != NULL) + return(c->name); + return("(NONE)"); + } + +/* number of bits for symetric cipher */ +int SSL_CIPHER_get_bits(c,alg_bits) +SSL_CIPHER *c; +int *alg_bits; + { + int ret=0,a=0; + EVP_CIPHER *enc; + EVP_MD *md; + + if (c != NULL) + { + if (!ssl_cipher_get_evp(c,&enc,&md)) + return(0); + + a=EVP_CIPHER_key_length(enc)*8; + + if (c->algorithms & SSL_EXP) + { + ret=40; + } + else + { + if (c->algorithm2 & SSL2_CF_8_BYTE_ENC) + ret=64; + else + ret=a; + } + } + + if (alg_bits != NULL) *alg_bits=a; + + return(ret); + } + diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c new file mode 100644 index 0000000000..18a1a22a82 --- /dev/null +++ b/ssl/ssl_err.c @@ -0,0 +1,350 @@ +/* lib/ssl/ssl_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include <stdio.h> +#include "err.h" +#include "ssl.h" + +/* BEGIN ERROR CODES */ +static ERR_STRING_DATA SSL_str_functs[]= + { +{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"}, +{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"}, +{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"}, +{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"}, +{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"}, +{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"}, +{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"}, +{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"}, +{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"}, +{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"}, +{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"}, +{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"}, +{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"}, +{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"}, +{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"}, +{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"}, +{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"}, +{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"}, +{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"}, +{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"}, +{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"}, +{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"}, +{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"}, +{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"}, +{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"}, +{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"}, +{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"}, +{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"}, +{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"}, +{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"}, +{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"}, +{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"}, +{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"}, +{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"}, +{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"}, +{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"}, +{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"}, +{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"}, +{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"}, +{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"}, +{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"}, +{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"}, +{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"}, +{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"}, +{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"}, +{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"}, +{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"}, +{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"}, +{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"}, +{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"}, +{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"}, +{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"}, +{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"}, +{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"}, +{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"}, +{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"}, +{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"}, +{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"}, +{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"}, +{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"}, +{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"}, +{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"}, +{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"}, +{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"}, +{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"}, +{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"}, +{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"}, +{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"}, +{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"}, +{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"}, +{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"}, +{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"}, +{0,NULL}, + }; + +static ERR_STRING_DATA SSL_str_reasons[]= + { +{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"}, +{SSL_R_BAD_ALERT_RECORD ,"bad alert record"}, +{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"}, +{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"}, +{SSL_R_BAD_CHECKSUM ,"bad checksum"}, +{SSL_R_BAD_CLIENT_REQUEST ,"bad client request"}, +{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"}, +{SSL_R_BAD_DECOMPRESSION ,"bad decompression"}, +{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"}, +{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"}, +{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"}, +{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"}, +{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"}, +{SSL_R_BAD_MAC_DECODE ,"bad mac decode"}, +{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"}, +{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"}, +{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"}, +{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"}, +{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"}, +{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"}, +{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"}, +{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"}, +{SSL_R_BAD_SIGNATURE ,"bad signature"}, +{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"}, +{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"}, +{SSL_R_BAD_STATE ,"bad state"}, +{SSL_R_BAD_WRITE_RETRY ,"bad write retry"}, +{SSL_R_BIO_NOT_SET ,"bio not set"}, +{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"}, +{SSL_R_BN_LIB ,"bn lib"}, +{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"}, +{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"}, +{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"}, +{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"}, +{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"}, +{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"}, +{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"}, +{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"}, +{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"}, +{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"}, +{SSL_R_COMPRESSION_FAILURE ,"compression failure"}, +{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"}, +{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"}, +{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"}, +{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"}, +{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"}, +{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"}, +{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"}, +{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"}, +{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"}, +{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"}, +{SSL_R_INTERNAL_ERROR ,"internal error"}, +{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"}, +{SSL_R_LENGTH_MISMATCH ,"length mismatch"}, +{SSL_R_LENGTH_TOO_SHORT ,"length too short"}, +{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"}, +{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"}, +{SSL_R_MISSING_DH_KEY ,"missing dh key"}, +{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"}, +{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"}, +{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"}, +{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"}, +{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"}, +{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"}, +{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"}, +{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"}, +{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"}, +{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"}, +{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"}, +{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"}, +{SSL_R_NO_CERTIFICATES_PASSED ,"no certificates passed"}, +{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"}, +{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"}, +{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"}, +{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"}, +{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"}, +{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"}, +{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"}, +{SSL_R_NO_CIPHER_LIST ,"no cipher list"}, +{SSL_R_NO_CIPHER_MATCH ,"no cipher match"}, +{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"}, +{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"}, +{SSL_R_NO_PRIVATEKEY ,"no privatekey"}, +{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"}, +{SSL_R_NO_PUBLICKEY ,"no publickey"}, +{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"}, +{SSL_R_NULL_SSL_CTX ,"null ssl ctx"}, +{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"}, +{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"}, +{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"}, +{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"}, +{SSL_R_PEER_ERROR ,"peer error"}, +{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"}, +{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"}, +{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"}, +{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"}, +{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"}, +{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"}, +{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"}, +{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"}, +{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"}, +{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, +{SSL_R_READ_BIO_NOT_SET ,"read bio not set"}, +{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"}, +{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"}, +{SSL_R_RECORD_TOO_LARGE ,"record too large"}, +{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"}, +{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"}, +{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"}, +{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"}, +{SSL_R_SHORT_READ ,"short read"}, +{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, +{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, +{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, +{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, +{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"}, +{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"}, +{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"}, +{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"}, +{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"}, +{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"}, +{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"}, +{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"}, +{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"}, +{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"}, +{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"}, +{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"}, +{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"}, +{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"}, +{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"}, +{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"}, +{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"}, +{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"}, +{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"}, +{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"}, +{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"}, +{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"}, +{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"}, +{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"}, +{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"}, +{SSL_R_UNEXPECTED_RECORD ,"unexpected record"}, +{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"}, +{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"}, +{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"}, +{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"}, +{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"}, +{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"}, +{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"}, +{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"}, +{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"}, +{SSL_R_UNKNOWN_STATE ,"unknown state"}, +{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, +{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"}, +{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"}, +{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"}, +{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"}, +{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"}, +{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"}, +{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"}, +{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"}, +{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"}, +{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"}, +{SSL_R_X509_LIB ,"x509 lib"}, +{0,NULL}, + }; + +void ERR_load_SSL_strings() + { + static int init=1; + + if (init) + { + init=0; + ERR_load_strings(ERR_LIB_SSL,SSL_str_functs); + ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons); + } + } diff --git a/ssl/ssl_err2.c b/ssl/ssl_err2.c new file mode 100644 index 0000000000..a159fbb7cd --- /dev/null +++ b/ssl/ssl_err2.c @@ -0,0 +1,70 @@ +/* ssl/ssl_err2.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "err.h" +#include "ssl.h" + +void SSL_load_error_strings() + { +#ifndef NO_ERR + ERR_load_crypto_strings(); + ERR_load_SSL_strings(); +#endif + } + diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c new file mode 100644 index 0000000000..be091b1e75 --- /dev/null +++ b/ssl/ssl_lib.c @@ -0,0 +1,1433 @@ +/* ssl/ssl_lib.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "objects.h" +#include "lhash.h" +#include "ssl_locl.h" + +#ifndef NOPROTO +static unsigned long conn_hash(SSL_SESSION *a); +#else +static unsigned long conn_hash(); +#endif + +char *SSL_version_str="SSLeay 0.8.1b 29-Jun-1998"; + +void SSL_clear(s) +SSL *s; + { + int state; + + if (s->method == NULL) return; + + s->error=0; + s->hit=0; + + /* This is set if we are doing dynamic renegotiation so keep + * the old cipher. It is sort of a SSL_clear_lite :-) */ + if (s->new_session) return; + + state=s->state; /* Keep to check if we throw away the session-id */ + s->type=0; + + s->version=s->method->version; + s->rwstate=SSL_NOTHING; + s->state=SSL_ST_BEFORE; + s->rstate=SSL_ST_READ_HEADER; + s->read_ahead=s->ctx->default_read_ahead; + +/* s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); */ + + if (s->init_buf != NULL) + { + BUF_MEM_free(s->init_buf); + s->init_buf=NULL; + } + + ssl_clear_cipher_ctx(s); + + if (ssl_clear_bad_session(s)) + { + SSL_SESSION_free(s->session); + s->session=NULL; + } + + s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); + s->first_packet=0; + + s->method->ssl_clear(s); + } + +/* Used to change an SSL_CTXs default SSL method type */ +int SSL_CTX_set_ssl_version(ctx,meth) +SSL_CTX *ctx; +SSL_METHOD *meth; + { + STACK *sk; + + ctx->method=meth; + + sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list), + &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST); + if ((sk == NULL) || (sk_num(sk) <= 0)) + { + SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); + return(0); + } + return(1); + } + +SSL *SSL_new(ctx) +SSL_CTX *ctx; + { + SSL *s; + + if (ctx == NULL) + { + SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX); + return(NULL); + } + if (ctx->method == NULL) + { + SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); + return(NULL); + } + + s=(SSL *)Malloc(sizeof(SSL)); + if (s == NULL) goto err; + memset(s,0,sizeof(SSL)); + + if (ctx->default_cert != NULL) + { + CRYPTO_add(&ctx->default_cert->references,1, + CRYPTO_LOCK_SSL_CERT); + s->cert=ctx->default_cert; + } + else + s->cert=NULL; + s->verify_mode=ctx->default_verify_mode; + s->verify_callback=ctx->default_verify_callback; + CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); + s->ctx=ctx; + + s->verify_result=X509_V_OK; + + s->method=ctx->method; + + if (!s->method->ssl_new(s)) + { + SSL_CTX_free(ctx); + Free(s); + goto err; + } + + s->quiet_shutdown=ctx->quiet_shutdown; + SSL_clear(s); + return(s); +err: + SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + +void SSL_free(s) +SSL *s; + { + if (s->bbio != NULL) + { + /* If the buffering BIO is in place, pop it off */ + if (s->bbio == s->wbio) + { + s->wbio=BIO_pop(s->wbio); + } + BIO_free(s->bbio); + } + if (s->rbio != NULL) + BIO_free_all(s->rbio); + if ((s->wbio != NULL) && (s->wbio != s->rbio)) + BIO_free_all(s->wbio); + + if (s->init_buf != NULL) BUF_MEM_free(s->init_buf); + + /* add extra stuff */ + if (s->cipher_list != NULL) sk_free(s->cipher_list); + if (s->cipher_list_by_id != NULL) sk_free(s->cipher_list_by_id); + + /* Make the next call work :-) */ + if (s->session != NULL) + { + ssl_clear_bad_session(s); + SSL_SESSION_free(s->session); + } + + ssl_clear_cipher_ctx(s); + + if (s->cert != NULL) ssl_cert_free(s->cert); + /* Free up if allocated */ + + if (s->ctx) SSL_CTX_free(s->ctx); + + if (s->client_CA != NULL) + sk_pop_free(s->client_CA,X509_NAME_free); + + if (s->method != NULL) s->method->ssl_free(s); + + Free((char *)s); + } + +void SSL_set_bio(s, rbio,wbio) +SSL *s; +BIO *rbio; +BIO *wbio; + { + /* If the output buffering BIO is still in place, remove it + */ + if (s->bbio != NULL) + { + if (s->wbio == s->bbio) + { + s->wbio=s->wbio->next_bio; + s->bbio->next_bio=NULL; + } + } + if ((s->rbio != NULL) && (s->rbio != rbio)) + BIO_free_all(s->rbio); + if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio)) + BIO_free_all(s->wbio); + s->rbio=rbio; + s->wbio=wbio; + } + +BIO *SSL_get_rbio(s) +SSL *s; + { return(s->rbio); } + +BIO *SSL_get_wbio(s) +SSL *s; + { return(s->wbio); } + +int SSL_get_fd(s) +SSL *s; + { + int ret= -1; + BIO *b,*r; + + b=SSL_get_rbio(s); + r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR); + if (r != NULL) + BIO_get_fd(r,&ret); + return(ret); + } + +#ifndef NO_SOCK +int SSL_set_fd(s, fd) +SSL *s; +int fd; + { + int ret=0; + BIO *bio=NULL; + + bio=BIO_new(BIO_s_socket()); + + if (bio == NULL) + { + SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB); + goto err; + } + BIO_set_fd(bio,fd,BIO_NOCLOSE); + SSL_set_bio(s,bio,bio); + ret=1; +err: + return(ret); + } + +int SSL_set_wfd(s, fd) +SSL *s; +int fd; + { + int ret=0; + BIO *bio=NULL; + + bio=BIO_new(BIO_s_socket()); + + if (bio == NULL) + { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; } + BIO_set_fd(bio,fd,BIO_NOCLOSE); + SSL_set_bio(s,SSL_get_rbio(s),bio); + ret=1; +err: + return(ret); + } + +int SSL_set_rfd(s, fd) +SSL *s; +int fd; + { + int ret=0; + BIO *bio=NULL; + + bio=BIO_new(BIO_s_socket()); + + if (bio == NULL) + { + SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB); + goto err; + } + BIO_set_fd(bio,fd,BIO_NOCLOSE); + SSL_set_bio(s,bio,SSL_get_wbio(s)); + ret=1; +err: + return(ret); + } +#endif + +int SSL_get_verify_mode(s) +SSL *s; + { + return(s->verify_mode); + } + +int (*SSL_get_verify_callback(s))() +SSL *s; + { + return(s->verify_callback); + } + +int SSL_CTX_get_verify_mode(ctx) +SSL_CTX *ctx; + { + return(ctx->default_verify_mode); + } + +int (*SSL_CTX_get_verify_callback(ctx))() +SSL_CTX *ctx; + { + return(ctx->default_verify_callback); + } + +void SSL_set_verify(s, mode, callback) +SSL *s; +int mode; +int (*callback)(); + { + s->verify_mode=mode; + if (callback != NULL) + s->verify_callback=callback; + } + +void SSL_set_read_ahead(s, yes) +SSL *s; +int yes; + { + s->read_ahead=yes; + } + +int SSL_get_read_ahead(s) +SSL *s; + { + return(s->read_ahead); + } + +int SSL_pending(s) +SSL *s; + { + return(s->method->ssl_pending(s)); + } + +X509 *SSL_get_peer_certificate(s) +SSL *s; + { + X509 *r; + + if ((s == NULL) || (s->session == NULL)) + r=NULL; + else + r=s->session->peer; + + if (r == NULL) return(r); + + CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509); + + return(r); + } + +STACK *SSL_get_peer_cert_chain(s) +SSL *s; + { + STACK *r; + + if ((s == NULL) || (s->session == NULL) || (s->session->cert == NULL)) + r=NULL; + else + r=s->session->cert->cert_chain; + + return(r); + } + +/* Now in theory, since the calling process own 't' it should be safe to + * modify. We need to be able to read f without being hassled */ +void SSL_copy_session_id(t,f) +SSL *t,*f; + { + CERT *tmp; + + /* Do we need to to SSL locking? */ + SSL_set_session(t,SSL_get_session(f)); + + /* what if we are setup as SSLv2 but want to talk SSLv3 or + * vice-versa */ + if (t->method != f->method) + { + t->method->ssl_free(t); /* cleanup current */ + t->method=f->method; /* change method */ + t->method->ssl_new(t); /* setup new */ + } + + tmp=t->cert; + if (f->cert != NULL) + { + CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT); + t->cert=f->cert; + } + else + t->cert=NULL; + if (tmp != NULL) ssl_cert_free(tmp); + } + +int SSL_CTX_check_private_key(ctx) +SSL_CTX *ctx; + { + if ( (ctx == NULL) || + (ctx->default_cert == NULL) || + (ctx->default_cert->key->x509 == NULL)) + { + SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED); + return(0); + } + if (ctx->default_cert->key->privatekey == NULL) + { + SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED); + return(0); + } + return(X509_check_private_key(ctx->default_cert->key->x509, ctx->default_cert->key->privatekey)); + } + +int SSL_check_private_key(ssl) +SSL *ssl; + { + if (ssl == NULL) + { + SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + if (ssl->cert == NULL) + return(SSL_CTX_check_private_key(ssl->ctx)); + if (ssl->cert->key->x509 == NULL) + { + SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED); + return(0); + } + if (ssl->cert->key->privatekey == NULL) + { + SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED); + return(0); + } + return(X509_check_private_key(ssl->cert->key->x509, + ssl->cert->key->privatekey)); + } + +int SSL_accept(s) +SSL *s; + { + return(s->method->ssl_accept(s)); + } + +int SSL_connect(s) +SSL *s; + { + return(s->method->ssl_connect(s)); + } + +long SSL_get_default_timeout(s) +SSL *s; + { + return(s->method->get_timeout()); + } + +int SSL_read(s,buf,num) +SSL *s; +char *buf; +int num; + { + if (s->shutdown & SSL_RECEIVED_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + return(0); + } + return(s->method->ssl_read(s,buf,num)); + } + +int SSL_peek(s,buf,num) +SSL *s; +char *buf; +int num; + { + if (s->shutdown & SSL_RECEIVED_SHUTDOWN) + { + return(0); + } + return(s->method->ssl_peek(s,buf,num)); + } + +int SSL_write(s,buf,num) +SSL *s; +char *buf; +int num; + { + if (s->shutdown & SSL_SENT_SHUTDOWN) + { + s->rwstate=SSL_NOTHING; + SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN); + return(-1); + } + return(s->method->ssl_write(s,buf,num)); + } + +int SSL_shutdown(s) +SSL *s; + { + if ((s != NULL) && !SSL_in_init(s)) + return(s->method->ssl_shutdown(s)); + else + return(1); + } + +int SSL_renegotiate(s) +SSL *s; + { + return(s->method->ssl_renegotiate(s)); + } + +long SSL_ctrl(s,cmd,larg,parg) +SSL *s; +int cmd; +long larg; +char *parg; + { + return(s->method->ssl_ctrl(s,cmd,larg,parg)); + } + +long SSL_CTX_ctrl(ctx,cmd,larg,parg) +SSL_CTX *ctx; +int cmd; +long larg; +char *parg; + { + return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg)); + } + +int ssl_cipher_id_cmp(a,b) +SSL_CIPHER *a,*b; + { + long l; + + l=a->id-b->id; + if (l == 0L) + return(0); + else + return((l > 0)?1:-1); + } + +int ssl_cipher_ptr_id_cmp(ap,bp) +SSL_CIPHER **ap,**bp; + { + long l; + + l=(*ap)->id-(*bp)->id; + if (l == 0L) + return(0); + else + return((l > 0)?1:-1); + } + +/* return a STACK of the ciphers available for the SSL and in order of + * preference */ +STACK *SSL_get_ciphers(s) +SSL *s; + { + if ((s != NULL) && (s->cipher_list != NULL)) + { + return(s->cipher_list); + } + else if ((s != NULL) && (s->ctx != NULL) && + (s->ctx->cipher_list != NULL)) + { + return(s->ctx->cipher_list); + } + return(NULL); + } + +/* return a STACK of the ciphers available for the SSL and in order of + * algorithm id */ +STACK *ssl_get_ciphers_by_id(s) +SSL *s; + { + if ((s != NULL) && (s->cipher_list_by_id != NULL)) + { + return(s->cipher_list_by_id); + } + else if ((s != NULL) && (s->ctx != NULL) && + (s->ctx->cipher_list_by_id != NULL)) + { + return(s->ctx->cipher_list_by_id); + } + return(NULL); + } + +/* The old interface to get the same thing as SSL_get_ciphers() */ +char *SSL_get_cipher_list(s,n) +SSL *s; +int n; + { + SSL_CIPHER *c; + STACK *sk; + + if (s == NULL) return(NULL); + sk=SSL_get_ciphers(s); + if ((sk == NULL) || (sk_num(sk) <= n)) + return(NULL); + c=(SSL_CIPHER *)sk_value(sk,n); + if (c == NULL) return(NULL); + return(c->name); + } + +/* specify the ciphers to be used by defaut by the SSL_CTX */ +int SSL_CTX_set_cipher_list(ctx,str) +SSL_CTX *ctx; +char *str; + { + STACK *sk; + + sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list, + &ctx->cipher_list_by_id,str); +/* XXXX */ + return((sk == NULL)?0:1); + } + +/* specify the ciphers to be used by the SSL */ +int SSL_set_cipher_list(s, str) +SSL *s; +char *str; + { + STACK *sk; + + sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list, + &s->cipher_list_by_id,str); +/* XXXX */ + return((sk == NULL)?0:1); + } + +/* works well for SSLv2, not so good for SSLv3 */ +char *SSL_get_shared_ciphers(s,buf,len) +SSL *s; +char *buf; +int len; + { + char *p,*cp; + STACK *sk; + SSL_CIPHER *c; + int i; + + if ((s->session == NULL) || (s->session->ciphers == NULL) || + (len < 2)) + return(NULL); + + p=buf; + sk=s->session->ciphers; + len--; + for (i=0; i<sk_num(sk); i++) + { + c=(SSL_CIPHER *)sk_value(sk,i); + for (cp=c->name; *cp; ) + { + if (--len == 0) + { + *p='\0'; + return(buf); + } + else + *(p++)= *(cp++); + } + *(p++)=':'; + } + p[-1]='\0'; + return(buf); + } + +int ssl_cipher_list_to_bytes(s,sk,p) +SSL *s; +STACK *sk; +unsigned char *p; + { + int i,j=0; + SSL_CIPHER *c; + unsigned char *q; + + if (sk == NULL) return(0); + q=p; + + for (i=0; i<sk_num(sk); i++) + { + c=(SSL_CIPHER *)sk_value(sk,i); + j=ssl_put_cipher_by_char(s,c,p); + p+=j; + } + return(p-q); + } + +STACK *ssl_bytes_to_cipher_list(s,p,num,skp) +SSL *s; +unsigned char *p; +int num; +STACK **skp; + { + SSL_CIPHER *c; + STACK *sk; + int i,n; + + n=ssl_put_cipher_by_char(s,NULL,NULL); + if ((num%n) != 0) + { + SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); + return(NULL); + } + if ((skp == NULL) || (*skp == NULL)) + sk=sk_new(NULL); /* change perhaps later */ + else + { + sk= *skp; + sk_zero(sk); + } + + for (i=0; i<num; i+=n) + { + c=ssl_get_cipher_by_char(s,p); + p+=n; + if (c != NULL) + { + if (!sk_push(sk,(char *)c)) + { + SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE); + goto err; + } + } + } + + if (skp != NULL) + *skp=sk; + return(sk); +err: + if ((skp == NULL) || (*skp == NULL)) + sk_free(sk); + return(NULL); + } + +static unsigned long conn_hash(a) +SSL_SESSION *a; + { + unsigned long l; + + l= (a->session_id[0] )|(a->session_id[1]<< 8L)| + (a->session_id[1]<<16L)|(a->session_id[2]<<24L); + return(l); + } + +static int session_cmp(a, b) +SSL_SESSION *a; +SSL_SESSION *b; + { + int i; + + i=a->session_id_length - b->session_id_length; + if (i == 0) + return(memcmp(a->session_id,b->session_id, + a->session_id_length)); + else return(1); + } + +SSL_CTX *SSL_CTX_new(meth) +SSL_METHOD *meth; + { + SSL_CTX *ret; + + if (meth == NULL) + { + SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED); + return(NULL); + } + ret=(SSL_CTX *)Malloc(sizeof(SSL_CTX)); + if (ret == NULL) + goto err; + + memset(ret,0,sizeof(SSL_CTX)); + + ret->method=meth; + + ret->cert_store=NULL; + ret->session_cache_mode=SSL_SESS_CACHE_SERVER; + + /* We take the system default */ + ret->session_timeout=meth->get_timeout(); + + ret->new_session_cb=NULL; + ret->remove_session_cb=NULL; + ret->get_session_cb=NULL; + + ret->sess_connect=0; + ret->sess_connect_good=0; + ret->sess_accept=0; + ret->sess_accept_good=0; + ret->sess_miss=0; + ret->sess_timeout=0; + ret->sess_hit=0; + ret->sess_cb_hit=0; + + ret->references=1; + ret->quiet_shutdown=0; + +/* ret->cipher=NULL;*/ +/* ret->s2->challenge=NULL; + ret->master_key=NULL; + ret->key_arg=NULL; + ret->s2->conn_id=NULL; */ + + ret->info_callback=NULL; + + ret->app_verify_callback=NULL; + ret->app_verify_arg=NULL; + + ret->default_read_ahead=0; + ret->default_verify_mode=SSL_VERIFY_NONE; + ret->default_verify_callback=NULL; + if ((ret->default_cert=ssl_cert_new()) == NULL) + goto err; + + ret->default_passwd_callback=NULL; + ret->client_cert_cb=NULL; + + ret->sessions=lh_new(conn_hash,session_cmp); + if (ret->sessions == NULL) goto err; + ret->cert_store=X509_STORE_new(); + if (ret->cert_store == NULL) goto err; + + ssl_create_cipher_list(ret->method, + &ret->cipher_list,&ret->cipher_list_by_id, + SSL_DEFAULT_CIPHER_LIST); + if ((ret->cipher_list == NULL) || (sk_num(ret->cipher_list) <= 0)) + { + SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS); + goto err2; + } + + if ((ret->client_CA=sk_new_null()) == NULL) + goto err; + + return(ret); +err: + SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE); +err2: + if (ret != NULL) SSL_CTX_free(ret); + return(NULL); + } + +void SSL_CTX_free(a) +SSL_CTX *a; + { + int i; + + if (a == NULL) return; + + i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX); + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"SSL_CTX_free, bad reference count\n"); + abort(); /* ok */ + } +#endif + + if (a->sessions != NULL) + { + SSL_CTX_flush_sessions(a,0); + lh_free(a->sessions); + } + if (a->cert_store != NULL) + X509_STORE_free(a->cert_store); + if (a->cipher_list != NULL) + sk_free(a->cipher_list); + if (a->cipher_list_by_id != NULL) + sk_free(a->cipher_list_by_id); + if (a->default_cert != NULL) + ssl_cert_free(a->default_cert); + if (a->client_CA != NULL) + sk_pop_free(a->client_CA,X509_NAME_free); + Free((char *)a); + } + +void SSL_CTX_set_default_passwd_cb(ctx,cb) +SSL_CTX *ctx; +int (*cb)(); + { + ctx->default_passwd_callback=cb; + } + +void SSL_CTX_set_cert_verify_cb(ctx,cb,arg) +SSL_CTX *ctx; +int (*cb)(); +char *arg; + { + ctx->app_verify_callback=cb; + ctx->app_verify_arg=arg; + } + +void SSL_CTX_set_verify(ctx,mode,cb) +SSL_CTX *ctx; +int mode; +int (*cb)(); + { + ctx->default_verify_mode=mode; + ctx->default_verify_callback=cb; + /* This needs cleaning up EAY EAY EAY */ + X509_STORE_set_verify_cb_func(ctx->cert_store,cb); + } + +void ssl_set_cert_masks(c) +CERT *c; + { + CERT_PKEY *cpk; + int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign; + int rsa_enc_export,dh_rsa_export,dh_dsa_export; + int rsa_tmp_export,dh_tmp_export; + unsigned long mask,emask; + + if ((c == NULL) || (c->valid)) return; + +#ifndef NO_RSA + rsa_tmp=((c->rsa_tmp != NULL) || (c->rsa_tmp_cb != NULL))?1:0; + rsa_tmp_export=((c->rsa_tmp_cb != NULL) || + (rsa_tmp && (RSA_size(c->rsa_tmp)*8 <= 512)))?1:0; +#else + rsa_tmp=rsa_tmp_export=0; +#endif +#ifndef NO_DH + dh_tmp=((c->dh_tmp != NULL) || (c->dh_tmp_cb != NULL))?1:0; + dh_tmp_export=((c->dh_tmp_cb != NULL) || + (dh_tmp && (DH_size(c->dh_tmp)*8 <= 512)))?1:0; +#else + dh_tmp=dh_tmp_export=0; +#endif + + cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]); + rsa_enc= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + rsa_enc_export=(rsa_enc && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0; + cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]); + rsa_sign=((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]); + dsa_sign=((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + cpk= &(c->pkeys[SSL_PKEY_DH_RSA]); + dh_rsa= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + dh_rsa_export=(dh_rsa && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0; + cpk= &(c->pkeys[SSL_PKEY_DH_DSA]); +/* FIX THIS EAY EAY EAY */ + dh_dsa= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0; + dh_dsa_export=(dh_dsa && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0; + + mask=0; + emask=0; + +#ifdef CIPHER_DEBUG + printf("rt=%d dht=%d re=%d rs=%d ds=%d dhr=%d dhd=%d\n", + rsa_tmp,dh_tmp, + rsa_enc,rsa_sign,dsa_sign,dh_rsa,dh_dsa); +#endif + + if (rsa_enc || (rsa_tmp && rsa_sign)) + mask|=SSL_kRSA; + if (rsa_enc_export || (rsa_tmp_export && rsa_sign)) + emask|=SSL_kRSA; + +#if 0 + /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */ + if ( (dh_tmp || dh_rsa || dh_dsa) && + (rsa_enc || rsa_sign || dsa_sign)) + mask|=SSL_kEDH; + if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) && + (rsa_enc || rsa_sign || dsa_sign)) + emask|=SSL_kEDH; +#endif + + if (dh_tmp_export) + emask|=SSL_kEDH; + + if (dh_tmp) + mask|=SSL_kEDH; + + if (dh_rsa) mask|=SSL_kDHr; + if (dh_rsa_export) emask|=SSL_kDHr; + + if (dh_dsa) mask|=SSL_kDHd; + if (dh_dsa_export) emask|=SSL_kDHd; + + if (rsa_enc || rsa_sign) + { + mask|=SSL_aRSA; + emask|=SSL_aRSA; + } + + if (dsa_sign) + { + mask|=SSL_aDSS; + emask|=SSL_aDSS; + } + +#ifdef SSL_ALLOW_ADH + mask|=SSL_aNULL; + emask|=SSL_aNULL; +#endif + + c->mask=mask; + c->export_mask=emask; + c->valid=1; + } + +/* THIS NEEDS CLEANING UP */ +X509 *ssl_get_server_send_cert(s) +SSL *s; + { + unsigned long alg,mask,kalg; + CERT *c; + int i,export; + + c=s->cert; + ssl_set_cert_masks(c); + alg=s->s3->tmp.new_cipher->algorithms; + export=(alg & SSL_EXPORT)?1:0; + mask=(export)?c->export_mask:c->mask; + kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK); + + if (kalg & SSL_kDHr) + i=SSL_PKEY_DH_RSA; + else if (kalg & SSL_kDHd) + i=SSL_PKEY_DH_DSA; + else if (kalg & SSL_aDSS) + i=SSL_PKEY_DSA_SIGN; + else if (kalg & SSL_aRSA) + { + if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL) + i=SSL_PKEY_RSA_SIGN; + else + i=SSL_PKEY_RSA_ENC; + } + else /* if (kalg & SSL_aNULL) */ + { + SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR); + return(NULL); + } + if (c->pkeys[i].x509 == NULL) return(NULL); + return(c->pkeys[i].x509); + } + +EVP_PKEY *ssl_get_sign_pkey(s,cipher) +SSL *s; +SSL_CIPHER *cipher; + { + unsigned long alg; + CERT *c; + + alg=cipher->algorithms; + c=s->cert; + + if ((alg & SSL_aDSS) && + (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL)) + return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey); + else if (alg & SSL_aRSA) + { + if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL) + return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey); + else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL) + return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey); + else + return(NULL); + } + else /* if (alg & SSL_aNULL) */ + { + SSLerr(SSL_F_SSL_GET_SIGN_PKEY,SSL_R_INTERNAL_ERROR); + return(NULL); + } + } + +void ssl_update_cache(s,mode) +SSL *s; +int mode; + { + if ((s->ctx->session_cache_mode & mode) + && (!s->hit) + && SSL_CTX_add_session(s->ctx,s->session) + && (s->ctx->new_session_cb != NULL)) + { + CRYPTO_add(&s->session->references,1, + CRYPTO_LOCK_SSL_SESSION); + if (!s->ctx->new_session_cb(s,s->session)) + SSL_SESSION_free(s->session); + } + + /* auto flush every 255 connections */ + if ((!(s->ctx->session_cache_mode & + SSL_SESS_CACHE_NO_AUTO_CLEAR)) && + ((s->ctx->sess_connect_good & 0xff) == 0)) + SSL_CTX_flush_sessions(s->ctx,time(NULL)); + } + +SSL_METHOD *SSL_get_ssl_method(s) +SSL *s; + { + return(s->method); + } + +int SSL_set_ssl_method(s,meth) +SSL *s; +SSL_METHOD *meth; + { + int conn= -1; + int ret=1; + + if (s->method != meth) + { + if (s->handshake_func != NULL) + conn=(s->handshake_func == s->method->ssl_connect); + + if (s->method->version == meth->version) + s->method=meth; + else + { + s->method->ssl_free(s); + s->method=meth; + ret=s->method->ssl_new(s); + } + + if (conn == 1) + s->handshake_func=meth->ssl_connect; + else if (conn == 0) + s->handshake_func=meth->ssl_accept; + } + return(ret); + } + +int SSL_get_error(s,i) +SSL *s; +int i; + { + int reason; + BIO *bio; + + if (i > 0) return(SSL_ERROR_NONE); + + if (ERR_peek_error() != 0) + return(SSL_ERROR_SSL); + + if ((i < 0) && SSL_want_read(s)) + { + bio=SSL_get_rbio(s); + if (BIO_should_read(bio)) + return(SSL_ERROR_WANT_READ); + else if (BIO_should_write(bio)) + return(SSL_ERROR_WANT_WRITE); + else if (BIO_should_io_special(bio)) + { + reason=BIO_get_retry_reason(bio); + if (reason == BIO_RR_CONNECT) + return(SSL_ERROR_WANT_CONNECT); + else + return(SSL_ERROR_SYSCALL); /* unknown */ + } + } + + if ((i < 0) && SSL_want_write(s)) + { + bio=SSL_get_wbio(s); + if (BIO_should_write(bio)) + return(SSL_ERROR_WANT_WRITE); + else if (BIO_should_read(bio)) + return(SSL_ERROR_WANT_READ); + else if (BIO_should_io_special(bio)) + { + reason=BIO_get_retry_reason(bio); + if (reason == BIO_RR_CONNECT) + return(SSL_ERROR_WANT_CONNECT); + else + return(SSL_ERROR_SYSCALL); + } + } + if ((i < 0) && SSL_want_x509_lookup(s)) + { + return(SSL_ERROR_WANT_X509_LOOKUP); + } + + if (i == 0) + { + if (s->version == 2) + { + /* assume it is the socket being closed */ + return(SSL_ERROR_ZERO_RETURN); + } + else + { + if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) && + (s->s3->warn_alert == SSL3_AD_CLOSE_NOTIFY)) + return(SSL_ERROR_ZERO_RETURN); + } + } + return(SSL_ERROR_SYSCALL); + } + +int SSL_do_handshake(s) +SSL *s; + { + if (s->handshake_func == NULL) + { + SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_INTERNAL_ERROR); + return(-1); + } + if (SSL_in_init(s) || SSL_in_before(s)) + return(s->handshake_func(s)); + else + return(1); + } + +/* For the next 2 functions, SSL_clear() sets shutdown and so + * one of these calls will reset it */ +void SSL_set_accept_state(s) +SSL *s; + { + s->shutdown=0; + s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE; + s->handshake_func=s->method->ssl_accept; + /* clear the current cipher */ + ssl_clear_cipher_ctx(s); + } + +void SSL_set_connect_state(s) +SSL *s; + { + s->shutdown=0; + s->state=SSL_ST_CONNECT|SSL_ST_BEFORE; + s->handshake_func=s->method->ssl_connect; + /* clear the current cipher */ + ssl_clear_cipher_ctx(s); + } + +int ssl_undefined_function(s) +SSL *s; + { + SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return(0); + } + +SSL_METHOD *ssl_bad_method(ver) +int ver; + { + SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return(NULL); + } + +char *SSL_get_version(s) +SSL *s; + { + if (s->version == 3) + return("SSLv3"); + else if (s->version == 2) + return("SSLv2"); + else + return("unknown"); + } + +SSL *SSL_dup(s) +SSL *s; + { + STACK *sk; + X509_NAME *xn; + SSL *ret; + int i; + + if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL) return(NULL); + + /* This copies version, session-id, SSL_METHOD and 'cert' */ + SSL_copy_session_id(ret,s); + + SSL_set_read_ahead(ret,SSL_get_read_ahead(s)); + SSL_set_verify(ret,SSL_get_verify_mode(s), + SSL_get_verify_callback(s)); + + SSL_set_info_callback(ret,SSL_get_info_callback(s)); + + ret->debug=s->debug; + + /* copy app data, a little dangerous perhaps */ + SSL_set_app_data(ret,SSL_get_app_data(s)); + + /* setup rbio, and wbio */ + if (s->rbio != NULL) + { + if (!BIO_dup_state(s->rbio,(char *)&ret->rbio)) + goto err; + } + if (s->wbio != NULL) + { + if (s->wbio != s->rbio) + { + if (!BIO_dup_state(s->wbio,(char *)&ret->rbio)) + goto err; + } + else + ret->wbio=ret->rbio; + } + + /* dup the cipher_list and cipher_list_by_id stacks */ + if (s->cipher_list != NULL) + { + if ((ret->cipher_list=sk_dup(s->cipher_list)) == NULL) + goto err; + } + if (s->cipher_list_by_id != NULL) + if ((ret->cipher_list_by_id=sk_dup(s->cipher_list_by_id)) + == NULL) + goto err; + + /* Dup the client_CA list */ + if (s->client_CA != NULL) + { + if ((sk=sk_dup(s->client_CA)) == NULL) goto err; + ret->client_CA=sk; + for (i=0; i<sk_num(sk); i++) + { + xn=(X509_NAME *)sk_value(sk,i); + if ((sk_value(sk,i)=(char *)X509_NAME_dup(xn)) == NULL) + { + X509_NAME_free(xn); + goto err; + } + } + } + + ret->shutdown=s->shutdown; + ret->state=s->state; + ret->handshake_func=s->handshake_func; + + if (0) + { +err: + if (ret != NULL) SSL_free(ret); + ret=NULL; + } + return(ret); + } + +void ssl_clear_cipher_ctx(s) +SSL *s; + { + if (s->enc_read_ctx != NULL) + { + EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); + Free(s->enc_read_ctx); + s->enc_read_ctx=NULL; + } + if (s->enc_write_ctx != NULL) + { + EVP_CIPHER_CTX_cleanup(s->enc_write_ctx); + Free(s->enc_write_ctx); + s->enc_write_ctx=NULL; + } + } + +X509 *SSL_get_certificate(s) +SSL *s; + { + if (s->cert != NULL) + return(s->cert->key->x509); + else + return(NULL); + } + +EVP_PKEY *SSL_get_privatekey(s) +SSL *s; + { + if (s->cert != NULL) + return(s->cert->key->privatekey); + else + return(NULL); + } + +SSL_CIPHER *SSL_get_current_cipher(s) +SSL *s; + { + if ((s->session != NULL) && (s->session->cipher != NULL)) + return(s->session->cipher); + return(NULL); + } + diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h new file mode 100644 index 0000000000..ef3a70e93e --- /dev/null +++ b/ssl/ssl_locl.h @@ -0,0 +1,520 @@ +/* ssl/ssl_locl.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL_LOCL_H +#define HEADER_SSL_LOCL_H +#include <stdlib.h> +#include <time.h> +#include <string.h> +#include <errno.h> + +#ifdef FLAT_INC +#include "e_os.h" +#else +#include "../e_os.h" +#endif + +#include "buffer.h" +#include "bio.h" +#include "crypto.h" +#include "evp.h" +#include "stack.h" +#include "x509.h" +#include "err.h" +#include "ssl.h" + + +#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<<24)) + +/* NOTE - c is not incremented as per c2l */ +#define c2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c))))<<24; \ + case 7: l2|=((unsigned long)(*(--(c))))<<16; \ + case 6: l2|=((unsigned long)(*(--(c))))<< 8; \ + case 5: l2|=((unsigned long)(*(--(c)))); \ + case 4: l1 =((unsigned long)(*(--(c))))<<24; \ + case 3: l1|=((unsigned long)(*(--(c))))<<16; \ + case 2: l1|=((unsigned long)(*(--(c))))<< 8; \ + case 1: l1|=((unsigned long)(*(--(c)))); \ + } \ + } + +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24)&0xff)) + +#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \ + l|=((unsigned long)(*((c)++)))<<16, \ + l|=((unsigned long)(*((c)++)))<< 8, \ + l|=((unsigned long)(*((c)++)))) + +#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +/* NOTE - c is not incremented as per l2c */ +#define l2cn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ + } \ + } + +#define n2s(c,s) (s =((unsigned int)(*((c)++)))<< 8, \ + s|=((unsigned int)(*((c)++)))) +#define s2n(s,c) (*((c)++)=(unsigned char)(((s)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((s) )&0xff)) + +#define n2l3(c,l) (l =((unsigned long)(*((c)++)))<<16, \ + l|=((unsigned long)(*((c)++)))<< 8, \ + l|=((unsigned long)(*((c)++)))) + +#define l2n3(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +/* LOCAL STUFF */ + +#define SSL_DECRYPT 0 +#define SSL_ENCRYPT 1 + +#define TWO_BYTE_BIT 0x80 +#define SEC_ESC_BIT 0x40 +#define TWO_BYTE_MASK 0x7fff +#define THREE_BYTE_MASK 0x3fff + +#define INC32(a) ((a)=((a)+1)&0xffffffffL) +#define DEC32(a) ((a)=((a)-1)&0xffffffffL) +#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */ + +#define SSL_MKEY_MASK 0x0000001FL +#define SSL_kRSA 0x00000001L /* RSA key exchange */ +#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */ +#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */ +#define SSL_kFZA 0x00000008L +#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */ +#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL)) + +#define SSL_AUTH_MASK 0x000003e0L +#define SSL_aRSA 0x00000020L /* Authenticate with RSA */ +#define SSL_aDSS 0x00000040L /* Authenticate with DSS */ +#define SSL_DSS SSL_aDSS +#define SSL_aFZA 0x00000080L +#define SSL_aNULL 0x00000100L /* no Authenticate, ADH */ +#define SSL_aDH 0x00000200L /* no Authenticate, ADH */ + +#define SSL_NULL (SSL_eNULL) +#define SSL_ADH (SSL_kEDH|SSL_aNULL) +#define SSL_RSA (SSL_kRSA|SSL_aRSA) +#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH) +#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA) + +#define SSL_ENC_MASK 0x0001Fc00L +#define SSL_DES 0x00000400L +#define SSL_3DES 0x00000800L +#define SSL_RC4 0x00001000L +#define SSL_RC2 0x00002000L +#define SSL_IDEA 0x00004000L +#define SSL_eFZA 0x00008000L +#define SSL_eNULL 0x00010000L + +#define SSL_MAC_MASK 0x000e0000L +#define SSL_MD5 0x00020000L +#define SSL_SHA0 0x00040000L +#define SSL_SHA1 0x00080000L +#define SSL_SHA (SSL_SHA0|SSL_SHA1) + +#define SSL_EXP_MASK 0x00300000L +#define SSL_EXP 0x00100000L +#define SSL_NOT_EXP 0x00200000L +#define SSL_EXPORT SSL_EXP + +#define SSL_SSL_MASK 0x00c00000L +#define SSL_SSLV2 0x00400000L +#define SSL_SSLV3 0x00800000L + +#define SSL_STRONG_MASK 0x07000000L +#define SSL_LOW 0x01000000L +#define SSL_MEDIUM 0x02000000L +#define SSL_HIGH 0x04000000L + +/* we have used 0fffffff - 4 bits left to go */ +#define SSL_ALL 0xffffffffL +#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\ + SSL_MAC_MASK|SSL_EXP_MASK) + +/* Mostly for SSLv3 */ +#define SSL_PKEY_RSA_ENC 0 +#define SSL_PKEY_RSA_SIGN 1 +#define SSL_PKEY_DSA_SIGN 2 +#define SSL_PKEY_DH_RSA 3 +#define SSL_PKEY_DH_DSA 4 +#define SSL_PKEY_NUM 5 + +/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | + * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) + * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN) + * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN + * SSL_aRSA <- RSA_ENC | RSA_SIGN + * SSL_aDSS <- DSA_SIGN + */ + +/* +#define CERT_INVALID 0 +#define CERT_PUBLIC_KEY 1 +#define CERT_PRIVATE_KEY 2 +*/ + +typedef struct cert_pkey_st + { + X509 *x509; +/* EVP_PKEY *publickey; *//* when extracted */ + EVP_PKEY *privatekey; + } CERT_PKEY; + +typedef struct cert_st + { + int cert_type; + +#ifdef undef + X509 *x509; + EVP_PKEY *publickey; /* when extracted */ + EVP_PKEY *privatekey; + + pkeys[SSL_PKEY_RSA_ENC].x509 +/* pkeys[SSL_PKEY_RSA_ENC].publickey */ + pkeys[SSL_PKEY_RSA_ENC].privatekey +#endif + + /* Current active set */ + CERT_PKEY *key; + + /* The following masks are for the key and auth + * algorithms that are supported by the certs below */ + int valid; + unsigned long mask; + unsigned long export_mask; + + RSA *rsa_tmp; + DH *dh_tmp; + RSA *(*rsa_tmp_cb)(); + DH *(*dh_tmp_cb)(); + CERT_PKEY pkeys[SSL_PKEY_NUM]; + + STACK *cert_chain; + + int references; + } CERT; + +/*#define MAC_DEBUG */ + +/*#define ERR_DEBUG */ +/*#define ABORT_DEBUG */ +/*#define PKT_DEBUG 1 */ +/*#define DES_DEBUG */ +/*#define DES_OFB_DEBUG */ +/*#define SSL_DEBUG */ +/*#define RSA_DEBUG */ +/*#define IDEA_DEBUG */ + +#ifndef NOPROTO +#define FP_ICC (int (*)(const void *,const void *)) +#else +#define FP_ICC +#endif + +#define ssl_put_cipher_by_char(ssl,ciph,ptr) \ + ((ssl)->method->put_cipher_by_char((ciph),(ptr))) +#define ssl_get_cipher_by_char(ssl,ptr) \ + ((ssl)->method->get_cipher_by_char(ptr)) + +extern unsigned char ssl3_client_finished_const[4]; +extern unsigned char ssl3_server_finished_const[4]; + +extern SSL_CIPHER ssl2_ciphers[]; +extern SSL_CIPHER ssl3_ciphers[]; + +#ifndef NOPROTO + +SSL_METHOD *ssl_bad_method(int ver); +SSL_METHOD *sslv2_base_method(void); +SSL_METHOD *sslv23_base_method(void); +SSL_METHOD *sslv3_base_method(void); + +void ssl_clear_cipher_ctx(SSL *s); +int ssl_clear_bad_session(SSL *s); +CERT *ssl_cert_new(void); +void ssl_cert_free(CERT *c); +int ssl_set_cert_type(CERT *c, int type); +int ssl_get_new_session(SSL *s, int session); +int ssl_get_prev_session(SSL *s, int len, unsigned char *session); +int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b); +int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp); +STACK *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,STACK **skp); +int ssl_cipher_list_to_bytes(SSL *s,STACK *sk,unsigned char *p); +STACK *ssl_create_cipher_list(SSL_METHOD *meth,STACK **pref, + STACK **sorted,char *str); +void ssl_update_cache(SSL *s, int mode); +int ssl_cipher_get_evp(SSL_CIPHER *c, EVP_CIPHER **enc, EVP_MD **md); +int ssl_verify_cert_chain(SSL *s,STACK *sk); +int ssl_undefined_function(SSL *s); +X509 *ssl_get_server_send_cert(SSL *); +EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *); +int ssl_cert_type(X509 *x,EVP_PKEY *pkey); +void ssl_set_cert_masks(CERT *c); +STACK *ssl_get_ciphers_by_id(SSL *s); +int ssl_verify_alarm_type(int type); + +int ssl2_enc_init(SSL *s, int client); +void ssl2_generate_key_material(SSL *s); +void ssl2_enc(SSL *s,int send_data); +void ssl2_mac(SSL *s,unsigned char *mac,int send_data); +SSL_CIPHER *ssl2_get_cipher_by_char(unsigned char *p); +int ssl2_put_cipher_by_char(SSL_CIPHER *c,unsigned char *p); +int ssl2_part_read(SSL *s, unsigned long f, int i); +int ssl2_do_write(SSL *s); +int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data); +void ssl2_return_error(SSL *s,int reason); +void ssl2_write_error(SSL *s); +int ssl2_num_ciphers(void); +SSL_CIPHER *ssl2_get_cipher(unsigned int u); +int ssl2_new(SSL *s); +void ssl2_free(SSL *s); +int ssl2_accept(SSL *s); +int ssl2_connect(SSL *s); +int ssl2_read(SSL *s, char *buf, int len); +int ssl2_peek(SSL *s, char *buf, int len); +int ssl2_write(SSL *s, const char *buf, int len); +int ssl2_shutdown(SSL *s); +void ssl2_clear(SSL *s); +long ssl2_ctrl(SSL *s,int cmd, long larg, char *parg); +long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg); +int ssl2_pending(SSL *s); + +SSL_CIPHER *ssl3_get_cipher_by_char(unsigned char *p); +int ssl3_put_cipher_by_char(SSL_CIPHER *c,unsigned char *p); +void ssl3_init_finished_mac(SSL *s); +int ssl3_send_server_certificate(SSL *s); +int ssl3_get_finished(SSL *s,int state_a,int state_b,unsigned char *sender); +int ssl3_setup_key_block(SSL *s); +int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b); +int ssl3_change_cipher_state(SSL *s,int which); +void ssl3_cleanup_key_block(SSL *s); +int ssl3_do_write(SSL *s,int type); +void ssl3_send_alert(SSL *s,int level, int desc); +int ssl3_generate_master_secret(SSL *s, unsigned char *out, + unsigned char *p, int len); +int ssl3_get_req_cert_type(SSL *s,unsigned char *p); +long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok); +int ssl3_send_finished(SSL *s, int a, int b, unsigned char *sender); +int ssl3_num_ciphers(void); +SSL_CIPHER *ssl3_get_cipher(unsigned int u); +int ssl3_renegotiate(SSL *ssl); +int ssl3_dispatch_alert(SSL *s); +int ssl3_read_bytes(SSL *s, int type, char *buf, int len); +void ssl3_generate_key_block(SSL *s, unsigned char *km, int num); +int ssl3_part_read(SSL *s, int i); +int ssl3_write_bytes(SSL *s, int type, char *buf, int len); +int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *in_ctx, + unsigned char *sender, unsigned char *p); +void ssl3_finish_mac(SSL *s, unsigned char *buf, int len); +int ssl3_enc(SSL *s, int send_data); +int ssl3_mac(SSL *ssl, unsigned char *md, int send_data); +unsigned long ssl3_output_cert_chain(SSL *s, X509 *x); +SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK *have,STACK *pref); +int ssl3_setup_buffers(SSL *s); +int ssl3_new(SSL *s); +void ssl3_free(SSL *s); +int ssl3_accept(SSL *s); +int ssl3_connect(SSL *s); +int ssl3_read(SSL *s, char *buf, int len); +int ssl3_peek(SSL *s,char *buf, int len); +int ssl3_write(SSL *s, const char *buf, int len); +int ssl3_shutdown(SSL *s); +void ssl3_clear(SSL *s); +long ssl3_ctrl(SSL *s,int cmd, long larg, char *parg); +long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg); +int ssl3_pending(SSL *s); + +int ssl23_accept(SSL *s); +int ssl23_connect(SSL *s); +int ssl23_read_bytes(SSL *s, int n); +int ssl23_write_bytes(SSL *s); + +#else + +SSL_METHOD *ssl_bad_method(); +SSL_METHOD *sslv2_base_method(); +SSL_METHOD *sslv23_base_method(); +SSL_METHOD *sslv3_base_method(); + +void ssl_clear_cipher_ctx(); +int ssl_clear_bad_session(); +CERT *ssl_cert_new(); +void ssl_cert_free(); +int ssl_set_cert_type(); +int ssl_get_new_session(); +int ssl_get_prev_session(); +int ssl_cipher_id_cmp(); +int ssl_cipher_ptr_id_cmp(); +STACK *ssl_bytes_to_cipher_list(); +int ssl_cipher_list_to_bytes(); +STACK *ssl_create_cipher_list(); +void ssl_update_cache(); +int ssl_session_get_ciphers(); +int ssl_verify_cert_chain(); +int ssl_undefined_function(); +X509 *ssl_get_server_send_cert(); +EVP_PKEY *ssl_get_sign_pkey(); +int ssl_cert_type(); +void ssl_set_cert_masks(); +STACK *ssl_get_ciphers_by_id(); +int ssl_verify_alarm_type(); + +int ssl2_enc_init(); +void ssl2_generate_key_material(); +void ssl2_enc(); +void ssl2_mac(); +SSL_CIPHER *ssl2_get_cipher_by_char(); +int ssl2_put_cipher_by_char(); +int ssl2_part_read(); +int ssl2_do_write(); +int ssl2_set_certificate(); +void ssl2_return_error(); +void ssl2_write_error(); +int ssl2_num_ciphers(); +SSL_CIPHER *ssl2_get_cipher(); +int ssl2_new(); +void ssl2_free(); +int ssl2_accept(); +int ssl2_connect(); +int ssl2_read(); +int ssl2_peek(); +int ssl2_write(); +int ssl2_shutdown(); +void ssl2_clear(); +long ssl2_ctrl(); +long ssl2_ctx_ctrl(); +int ssl2_pending(); + +SSL_CIPHER *ssl3_get_cipher_by_char(); +int ssl3_put_cipher_by_char(); +void ssl3_init_finished_mac(); +int ssl3_send_server_certificate(); +int ssl3_get_finished(); +int ssl3_setup_key_block(); +int ssl3_send_change_cipher_spec(); +int ssl3_change_cipher_state(); +void ssl3_cleanup_key_block(); +int ssl3_do_write(); +void ssl3_send_alert(); +int ssl3_generate_master_secret(); +int ssl3_get_req_cert_type(); +long ssl3_get_message(); +int ssl3_send_finished(); +int ssl3_num_ciphers(); +SSL_CIPHER *ssl3_get_cipher(); +int ssl3_renegotiate(); +int ssl3_dispatch_alert(); +int ssl3_read_bytes(); +void ssl3_generate_key_block(); +int ssl3_part_read(); +int ssl3_write_bytes(); +int ssl3_final_finish_mac(); +void ssl3_finish_mac(); +int ssl3_enc(); +int ssl3_mac(); +unsigned long ssl3_output_cert_chain(); +SSL_CIPHER *ssl3_choose_cipher(); +int ssl3_setup_buffers(); +int ssl3_new(); +void ssl3_free(); +int ssl3_accept(); +int ssl3_connect(); +int ssl3_read(); +int ssl3_peek(); +int ssl3_write(); +int ssl3_shutdown(); +void ssl3_clear(); +long ssl3_ctrl(); +long ssl3_ctx_ctrl(); +int ssl3_pending(); + +int ssl23_accept(); +int ssl23_connect(); +int ssl23_read_bytes(); +int ssl23_write_bytes(); + +#endif + +#endif diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c new file mode 100644 index 0000000000..3a7b8d3c36 --- /dev/null +++ b/ssl/ssl_rsa.c @@ -0,0 +1,840 @@ +/* ssl/ssl_rsa.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "bio.h" +#include "objects.h" +#include "evp.h" +#include "x509.h" +#include "pem.h" +#include "ssl_locl.h" + +#ifndef NOPROTO +static int ssl_set_cert(CERT *c, X509 *x509); +static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey); +#else +static int ssl_set_cert(); +static int ssl_set_pkey(); +#endif + +int SSL_use_certificate(ssl, x) +SSL *ssl; +X509 *x; + { + CERT *c; + + if (x == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert)) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE); + return(0); + } + if (ssl->cert != NULL) ssl_cert_free(ssl->cert); + ssl->cert=c; + } + c=ssl->cert; + + return(ssl_set_cert(c,x)); + } + +int SSL_use_certificate_file(ssl, file, type) +SSL *ssl; +char *file; +int type; + { + int j; + BIO *in; + int ret=0; + X509 *x=NULL; + +#ifdef WIN16 + in=BIO_new(BIO_s_file_internal_w16()); +#else + in=BIO_new(BIO_s_file()); +#endif + if (in == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SYSerr(SYS_F_FOPEN,errno); + SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_ASN1) + { + j=ERR_R_ASN1_LIB; + x=d2i_X509_bio(in,NULL); + } + else if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + + if (x == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j); + goto end; + } + + ret=SSL_use_certificate(ssl,x); +end: + if (x != NULL) X509_free(x); + if (in != NULL) BIO_free(in); + return(ret); + } + +int SSL_use_certificate_ASN1(ssl, len, d) +SSL *ssl; +int len; +unsigned char *d; + { + X509 *x; + int ret; + + x=d2i_X509(NULL,&d,(long)len); + if (x == NULL) + { + SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_use_certificate(ssl,x); + X509_free(x); + return(ret); + } + +#ifndef NO_RSA +int SSL_use_RSAPrivateKey(ssl, rsa) +SSL *ssl; +RSA *rsa; + { + CERT *c; + EVP_PKEY *pkey; + int ret; + + if (rsa == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + + if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert)) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); + return(0); + } + if (ssl->cert != NULL) ssl_cert_free(ssl->cert); + ssl->cert=c; + } + c=ssl->cert; + if ((pkey=EVP_PKEY_new()) == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB); + return(0); + } + + CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); + EVP_PKEY_assign_RSA(pkey,rsa); + + ret=ssl_set_pkey(c,pkey); + EVP_PKEY_free(pkey); + return(ret); + } +#endif + +static int ssl_set_pkey(c,pkey) +CERT *c; +EVP_PKEY *pkey; + { + int i,ok=0,bad=0; + + i=ssl_cert_type(NULL,pkey); + if (i < 0) + { + SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE); + return(0); + } + + if (c->pkeys[i].x509 != NULL) + { + if (!X509_check_private_key(c->pkeys[i].x509,pkey)) + { + if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA)) + { + i=(i == SSL_PKEY_DH_RSA)? + SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA; + + if (c->pkeys[i].x509 == NULL) + ok=1; + else + { + if (!X509_check_private_key( + c->pkeys[i].x509,pkey)) + bad=1; + else + ok=1; + } + } + else + bad=1; + } + else + ok=1; + } + else + ok=1; + + if (bad) + { + X509_free(c->pkeys[i].x509); + c->pkeys[i].x509=NULL; + return(0); + } + + if (c->pkeys[i].privatekey != NULL) + EVP_PKEY_free(c->pkeys[i].privatekey); + CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); + c->pkeys[i].privatekey=pkey; + c->key= &(c->pkeys[i]); + + c->valid=0; + return(1); + } + +#ifndef NO_RSA +int SSL_use_RSAPrivateKey_file(ssl, file, type) +SSL *ssl; +char *file; +int type; + { + int j,ret=0; + BIO *in; + RSA *rsa=NULL; + +#ifdef WIN16 + in=BIO_new(BIO_s_file_internal_w16()); +#else + in=BIO_new(BIO_s_file()); +#endif + if (in == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SYSerr(SYS_F_FOPEN,errno); + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_ASN1) + { + j=ERR_R_ASN1_LIB; + rsa=d2i_RSAPrivateKey_bio(in,NULL); + } + else if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + rsa=PEM_read_bio_RSAPrivateKey(in,NULL, + ssl->ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + if (rsa == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j); + goto end; + } + ret=SSL_use_RSAPrivateKey(ssl,rsa); + RSA_free(rsa); +end: + if (in != NULL) BIO_free(in); + return(ret); + } + +int SSL_use_RSAPrivateKey_ASN1(ssl,d,len) +SSL *ssl; +unsigned char *d; +long len; + { + int ret; + unsigned char *p; + RSA *rsa; + + p=d; + if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL) + { + SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_use_RSAPrivateKey(ssl,rsa); + RSA_free(rsa); + return(ret); + } +#endif /* !NO_RSA */ + +int SSL_use_PrivateKey(ssl, pkey) +SSL *ssl; +EVP_PKEY *pkey; + { + CERT *c; + int ret; + + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + + if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert)) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE); + return(0); + } + if (ssl->cert != NULL) ssl_cert_free(ssl->cert); + ssl->cert=c; + } + c=ssl->cert; + + ret=ssl_set_pkey(c,pkey); + return(ret); + } + +int SSL_use_PrivateKey_file(ssl, file, type) +SSL *ssl; +char *file; +int type; + { + int j,ret=0; + BIO *in; + EVP_PKEY *pkey=NULL; + +#ifdef WIN16 + in=BIO_new(BIO_s_file_internal_w16()); +#else + in=BIO_new(BIO_s_file()); +#endif + if (in == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SYSerr(SYS_F_FOPEN,errno); + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + pkey=PEM_read_bio_PrivateKey(in,NULL, + ssl->ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j); + goto end; + } + ret=SSL_use_PrivateKey(ssl,pkey); + EVP_PKEY_free(pkey); +end: + if (in != NULL) BIO_free(in); + return(ret); + } + +int SSL_use_PrivateKey_ASN1(type,ssl,d,len) +int type; +SSL *ssl; +unsigned char *d; +long len; + { + int ret; + unsigned char *p; + EVP_PKEY *pkey; + + p=d; + if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL) + { + SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_use_PrivateKey(ssl,pkey); + EVP_PKEY_free(pkey); + return(ret); + } + +int SSL_CTX_use_certificate(ctx, x) +SSL_CTX *ctx; +X509 *x; + { + CERT *c; + + if (x == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + + if (ctx->default_cert == NULL) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE); + return(0); + } + ctx->default_cert=c; + } + c=ctx->default_cert; + + return(ssl_set_cert(c,x)); + } + +static int ssl_set_cert(c,x) +CERT *c; +X509 *x; + { + EVP_PKEY *pkey; + int i,ok=0,bad=0; + + pkey=X509_get_pubkey(x); + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_X509_LIB); + return(0); + } + + i=ssl_cert_type(x,pkey); + if (i < 0) + { + SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE); + return(0); + } + + if (c->pkeys[i].privatekey != NULL) + { + if (!X509_check_private_key(x,c->pkeys[i].privatekey)) + { + if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA)) + { + i=(i == SSL_PKEY_DH_RSA)? + SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA; + + if (c->pkeys[i].privatekey == NULL) + ok=1; + else + { + if (!X509_check_private_key(x, + c->pkeys[i].privatekey)) + bad=1; + else + ok=1; + } + } + else + bad=1; + } + else + ok=1; + } + else + ok=1; + + if (bad) + { + EVP_PKEY_free(c->pkeys[i].privatekey); + c->pkeys[i].privatekey=NULL; + } + + if (c->pkeys[i].x509 != NULL) + X509_free(c->pkeys[i].x509); + CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); + c->pkeys[i].x509=x; + c->key= &(c->pkeys[i]); + + c->valid=0; + return(1); + } + +int SSL_CTX_use_certificate_file(ctx, file, type) +SSL_CTX *ctx; +char *file; +int type; + { + int j; + BIO *in; + int ret=0; + X509 *x=NULL; + +#ifdef WIN16 + in=BIO_new(BIO_s_file_internal_w16()); +#else + in=BIO_new(BIO_s_file()); +#endif + if (in == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SYSerr(SYS_F_FOPEN,errno); + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_ASN1) + { + j=ERR_R_ASN1_LIB; + x=d2i_X509_bio(in,NULL); + } + else if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + + if (x == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j); + goto end; + } + + ret=SSL_CTX_use_certificate(ctx,x); +end: + if (x != NULL) X509_free(x); + if (in != NULL) BIO_free(in); + return(ret); + } + +int SSL_CTX_use_certificate_ASN1(ctx, len, d) +SSL_CTX *ctx; +int len; +unsigned char *d; + { + X509 *x; + int ret; + + x=d2i_X509(NULL,&d,(long)len); + if (x == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_CTX_use_certificate(ctx,x); + X509_free(x); + return(ret); + } + +#ifndef NO_RSA +int SSL_CTX_use_RSAPrivateKey(ctx, rsa) +SSL_CTX *ctx; +RSA *rsa; + { + int ret; + CERT *c; + EVP_PKEY *pkey; + + if (rsa == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + if (ctx->default_cert == NULL) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); + return(0); + } + ctx->default_cert=c; + } + c=ctx->default_cert; + + if ((pkey=EVP_PKEY_new()) == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB); + return(0); + } + + CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); + EVP_PKEY_assign_RSA(pkey,rsa); + + ret=ssl_set_pkey(c,pkey); + EVP_PKEY_free(pkey); + return(ret); + } + +int SSL_CTX_use_RSAPrivateKey_file(ctx, file, type) +SSL_CTX *ctx; +char *file; +int type; + { + int j,ret=0; + BIO *in; + RSA *rsa=NULL; + +#ifdef WIN16 + in=BIO_new(BIO_s_file_internal_w16()); +#else + in=BIO_new(BIO_s_file()); +#endif + if (in == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SYSerr(SYS_F_FOPEN,errno); + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_ASN1) + { + j=ERR_R_ASN1_LIB; + rsa=d2i_RSAPrivateKey_bio(in,NULL); + } + else if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + rsa=PEM_read_bio_RSAPrivateKey(in,NULL, + ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + if (rsa == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j); + goto end; + } + ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa); + RSA_free(rsa); +end: + if (in != NULL) BIO_free(in); + return(ret); + } + +int SSL_CTX_use_RSAPrivateKey_ASN1(ctx,d,len) +SSL_CTX *ctx; +unsigned char *d; +long len; + { + int ret; + unsigned char *p; + RSA *rsa; + + p=d; + if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa); + RSA_free(rsa); + return(ret); + } +#endif /* !NO_RSA */ + +int SSL_CTX_use_PrivateKey(ctx, pkey) +SSL_CTX *ctx; +EVP_PKEY *pkey; + { + CERT *c; + + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); + return(0); + } + + if (ctx->default_cert == NULL) + { + c=ssl_cert_new(); + if (c == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE); + return(0); + } + ctx->default_cert=c; + } + c=ctx->default_cert; + + return(ssl_set_pkey(c,pkey)); + } + +int SSL_CTX_use_PrivateKey_file(ctx, file, type) +SSL_CTX *ctx; +char *file; +int type; + { + int j,ret=0; + BIO *in; + EVP_PKEY *pkey=NULL; + +#ifdef WIN16 + in=BIO_new(BIO_s_file_internal_w16()); +#else + in=BIO_new(BIO_s_file()); +#endif + if (in == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB); + goto end; + } + + if (BIO_read_filename(in,file) <= 0) + { + SYSerr(SYS_F_FOPEN,errno); + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB); + goto end; + } + if (type == SSL_FILETYPE_PEM) + { + j=ERR_R_PEM_LIB; + pkey=PEM_read_bio_PrivateKey(in,NULL, + ctx->default_passwd_callback); + } + else + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); + goto end; + } + if (pkey == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j); + goto end; + } + ret=SSL_CTX_use_PrivateKey(ctx,pkey); + EVP_PKEY_free(pkey); +end: + if (in != NULL) BIO_free(in); + return(ret); + } + +int SSL_CTX_use_PrivateKey_ASN1(type,ctx,d,len) +int type; +SSL_CTX *ctx; +unsigned char *d; +long len; + { + int ret; + unsigned char *p; + EVP_PKEY *pkey; + + p=d; + if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL) + { + SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB); + return(0); + } + + ret=SSL_CTX_use_PrivateKey(ctx,pkey); + EVP_PKEY_free(pkey); + return(ret); + } + + diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c new file mode 100644 index 0000000000..af65c65dac --- /dev/null +++ b/ssl/ssl_sess.c @@ -0,0 +1,425 @@ +/* ssl/ssl_sess.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "lhash.h" +#include "rand.h" +#include "ssl_locl.h" + +SSL_SESSION *SSL_SESSION_new() + { + SSL_SESSION *ss; + + ss=(SSL_SESSION *)Malloc(sizeof(SSL_SESSION)); + if (ss == NULL) + { + SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE); + return(0); + } + memset(ss,0,sizeof(SSL_SESSION)); + + ss->references=1; + ss->timeout=60*5+4; /* 5 minute timeout by default */ + ss->time=time(NULL); + return(ss); + } + +int ssl_get_new_session(s, session) +SSL *s; +int session; + { + SSL_SESSION *ss=NULL; + + if ((ss=SSL_SESSION_new()) == NULL) return(0); + + /* If the context has a default timeout, use it */ + if (s->ctx->session_timeout != 0) + ss->timeout=SSL_get_default_timeout(s); + + if (s->session != NULL) + { + SSL_SESSION_free(s->session); + s->session=NULL; + } + + if (session) + { + if (s->version == SSL2_CLIENT_VERSION) + { + ss->ssl_version=2; + ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; + } + else if (s->version == SSL3_VERSION_MAJOR) + { + ss->ssl_version=3; + ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; + } + else + { + SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION); + SSL_SESSION_free(ss); + return(0); + } + + for (;;) + { + SSL_SESSION *r; + + RAND_bytes(ss->session_id,ss->session_id_length); + CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); + r=(SSL_SESSION *)lh_retrieve(s->ctx->sessions, + (char *)ss); + CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); + if (r == NULL) break; + /* else - woops a session_id match */ + } + } + else + { + ss->session_id_length=0; + } + + s->session=ss; + ss->ssl_version=s->version; + + return(1); + } + +int ssl_get_prev_session(s, len, session) +SSL *s; +int len; +unsigned char *session; + { + SSL_SESSION *ret,data; + + /* conn_init();*/ + data.ssl_version=s->version; + data.session_id_length=len; + if (len > SSL_MAX_SSL_SESSION_ID_LENGTH) + return(0); + memcpy(data.session_id,session,len);; + + CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); + ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,(char *)&data); + CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); + + if (ret == NULL) + { + int copy=1; + + s->ctx->sess_miss++; + ret=NULL; + if ((s->ctx->get_session_cb != NULL) && + ((ret=s->ctx->get_session_cb(s,session,len,©)) + != NULL)) + { + s->ctx->sess_cb_hit++; + + /* The following should not return 1, otherwise, + * things are very strange */ + SSL_CTX_add_session(s->ctx,ret); + /* auto free it */ + if (!copy) + SSL_SESSION_free(ret); + } + if (ret == NULL) return(0); + } + + if (ret->cipher == NULL) + { + char buf[5],*p; + unsigned long l; + + p=buf; + l=ret->cipher_id; + l2n(l,p); + if (ret->ssl_version == 3) + ret->cipher=ssl_get_cipher_by_char(s,&(buf[2])); + else + ret->cipher=ssl_get_cipher_by_char(s,&(buf[1])); + if (ret->cipher == NULL) + return(0); + } + + /* If a thread got the session, then 'swaped', and another got + * it and then due to a time-out decided to 'Free' it we could + * be in trouble. So I'll increment it now, then double decrement + * later - am I speaking rubbish?. */ + CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); + + if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */ + { + s->ctx->sess_timeout++; + /* remove it from the cache */ + SSL_CTX_remove_session(s->ctx,ret); + SSL_SESSION_free(ret); /* again to actually Free it */ + return(0); + } + + s->ctx->sess_hit++; + + /* ret->time=time(NULL); */ /* rezero timeout? */ + /* again, just leave the session + * if it is the same session, we have just incremented and + * then decremented the reference count :-) */ + if (s->session != NULL) + SSL_SESSION_free(s->session); + s->session=ret; + return(1); + } + +int SSL_CTX_add_session(ctx,c) +SSL_CTX *ctx; +SSL_SESSION *c; + { + SSL_SESSION *s; + + /* conn_init(); */ + CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION); + + CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); + s=(SSL_SESSION *)lh_insert(ctx->sessions,(char *)c); + CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); + + /* If the same session if is being 're-added', Free the old + * one when the last person stops using it. + * This will also work if it is alread in the cache. + * The references will go up and then down :-) */ + if (s != NULL) + { + SSL_SESSION_free(s); + return(0); + } + else + return(1); + } + +int SSL_CTX_remove_session(ctx,c) +SSL_CTX *ctx; +SSL_SESSION *c; + { + SSL_SESSION *r; + int ret=0; + + if ((c->session_id_length != 0) && (c != NULL)) + { + CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); + r=(SSL_SESSION *)lh_delete(ctx->sessions,(char *)c); + if (r != NULL) ret=1; + + CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); + + if (ret) + { + r->not_resumable=1; + if (ctx->remove_session_cb != NULL) + ctx->remove_session_cb(ctx,c); + SSL_SESSION_free(r); + } + } + else + ret=0; + return(ret); + } + +void SSL_SESSION_free(ss) +SSL_SESSION *ss; + { + int i; + + i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION); + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"SSL_SESSION_free, bad reference count\n"); + abort(); /* ok */ + } +#endif + + memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH); + memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH); + memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); + if (ss->cert != NULL) ssl_cert_free(ss->cert); + if (ss->peer != NULL) X509_free(ss->peer); + if (ss->ciphers != NULL) sk_free(ss->ciphers); + memset(ss,0,sizeof(*ss)); + Free(ss); + } + +int SSL_set_session(s, session) +SSL *s; +SSL_SESSION *session; + { + int ret=0; + SSL_METHOD *meth; + + if (session != NULL) + { + meth=s->ctx->method->get_ssl_method(session->ssl_version); + if (meth == NULL) + meth=s->method->get_ssl_method(session->ssl_version); + if (meth == NULL) + { + SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD); + return(0); + } + + if (meth != s->method) + { + if (!SSL_set_ssl_method(s,meth)) + return(0); + session->timeout=SSL_get_default_timeout(s); + } + + /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/ + CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION); + if (s->session != NULL) + SSL_SESSION_free(s->session); + s->session=session; + /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/ + ret=1; + } + return(ret); + } + +long SSL_set_timeout(s,t) +SSL_SESSION *s; +long t; + { + if (s == NULL) return(0); + s->timeout=t; + return(1); + } + +long SSL_get_timeout(s) +SSL_SESSION *s; + { + if (s == NULL) return(0); + return(s->timeout); + } + +long SSL_get_time(s) +SSL_SESSION *s; + { + if (s == NULL) return(0); + return(s->time); + } + +long SSL_set_time(s,t) +SSL_SESSION *s; +long t; + { + if (s == NULL) return(0); + s->time=t; + return(t); + } + +typedef struct timeout_param_st + { + SSL_CTX *ctx; + long time; + LHASH *cache; + } TIMEOUT_PARAM; + +static void timeout(s,p) +SSL_SESSION *s; +TIMEOUT_PARAM *p; + { + if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */ + { + lh_delete(p->cache,(char *)s); + s->not_resumable=1; + if (p->ctx->remove_session_cb != NULL) + p->ctx->remove_session_cb(p->ctx,s); + SSL_SESSION_free(s); + } + } + +void SSL_CTX_flush_sessions(s,t) +SSL_CTX *s; +long t; + { + unsigned long i; + TIMEOUT_PARAM tp; + + tp.ctx=s; + tp.cache=SSL_CTX_sessions(s); + if (tp.cache == NULL) return; + tp.time=t; + CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); + i=tp.cache->down_load; + tp.cache->down_load=0; + lh_doall_arg(tp.cache,(void (*)())timeout,(char *)&tp); + tp.cache->down_load=i; + CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); + } + +int ssl_clear_bad_session(s) +SSL *s; + { + if ( (s->session != NULL) && + !(s->shutdown & SSL_SENT_SHUTDOWN) && + !(SSL_in_init(s) || SSL_in_before(s))) + { + SSL_CTX_remove_session(s->ctx,s->session); + return(1); + } + else + return(0); + } diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c new file mode 100644 index 0000000000..328ccc94ff --- /dev/null +++ b/ssl/ssl_stat.c @@ -0,0 +1,457 @@ +/* ssl/ssl_stat.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "ssl_locl.h" + +char *SSL_state_string_long(s) +SSL *s; + { + char *str; + + switch (s->state) + { +case SSL_ST_BEFORE: str="before SSL initalisation"; break; +case SSL_ST_ACCEPT: str="before accept initalisation"; break; +case SSL_ST_CONNECT: str="before connect initalisation"; break; +case SSL_ST_OK: str="SSL negotiation finished successfully"; break; +case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break; +case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initalisation"; break; +case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initalisation"; break; +case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initalisation"; break; +case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initalisation"; break; +#ifndef NO_SSL2 +case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break; +case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break; +case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break; +case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break; +case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break; +case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break; +case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break; +case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break; +case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break; +case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break; +case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break; +case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break; +case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break; +case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break; +case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break; +case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break; +case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break; +case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break; +case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break; +case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break; +case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break; +case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break; +case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break; +case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break; +case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break; +case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break; +case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break; +case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break; +case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break; +case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break; +#endif + +#ifndef NO_SSL3 +/* SSLv3 additions */ +case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break; +case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break; +case SSL3_ST_CR_SRVR_HELLO_A: str="SSLv3 read server hello A"; break; +case SSL3_ST_CR_SRVR_HELLO_B: str="SSLv3 read server hello B"; break; +case SSL3_ST_CR_CERT_A: str="SSLv3 read server certificate A"; break; +case SSL3_ST_CR_CERT_B: str="SSLv3 read server certificate B"; break; +case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break; +case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break; +case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break; +case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break; +case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break; +case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break; +case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break; +case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break; +case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break; +case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break; +case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break; +case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify A"; break; + +case SSL3_ST_CW_CHANGE_A: +case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break; +case SSL3_ST_CW_CHANGE_B: +case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break; +case SSL3_ST_CW_FINISHED_A: +case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break; +case SSL3_ST_CW_FINISHED_B: +case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished A"; break; +case SSL3_ST_CR_CHANGE_A: +case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break; +case SSL3_ST_CR_CHANGE_B: +case SSL3_ST_SR_CHANGE_B: str="SSLv3 read change cipher spec B"; break; +case SSL3_ST_CR_FINISHED_A: +case SSL3_ST_SR_FINISHED_A: str="SSLv3 read finished A"; break; +case SSL3_ST_CR_FINISHED_B: +case SSL3_ST_SR_FINISHED_B: str="SSLv3 read finished B"; break; + +case SSL3_ST_CW_FLUSH: +case SSL3_ST_SW_FLUSH: str="SSLv3 flush data"; break; + +case SSL3_ST_SR_CLNT_HELLO_A: str="SSLv3 read client hello A"; break; +case SSL3_ST_SR_CLNT_HELLO_B: str="SSLv3 read client hello B"; break; +case SSL3_ST_SR_CLNT_HELLO_C: str="SSLv3 read client hello C"; break; +case SSL3_ST_SW_HELLO_REQ_A: str="SSLv3 write hello request A"; break; +case SSL3_ST_SW_HELLO_REQ_B: str="SSLv3 write hello request B"; break; +case SSL3_ST_SW_HELLO_REQ_C: str="SSLv3 write hello request C"; break; +case SSL3_ST_SW_SRVR_HELLO_A: str="SSLv3 write server hello A"; break; +case SSL3_ST_SW_SRVR_HELLO_B: str="SSLv3 write server hello B"; break; +case SSL3_ST_SW_CERT_A: str="SSLv3 write certificate A"; break; +case SSL3_ST_SW_CERT_B: str="SSLv3 write certificate B"; break; +case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break; +case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break; +case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break; +case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break; +case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break; +case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break; +case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break; +case SSL3_ST_SR_CERT_B: str="SSLv3 read client certificate B"; break; +case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break; +case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break; +case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break; +case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break; +#endif + +#if !defined(NO_SSL2) && !defined(NO_SSL3) +/* SSLv2/v3 compatablitity states */ +/* client */ +case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break; +case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break; +case SSL23_ST_CR_SRVR_HELLO_A: str="SSLv2/v3 read server hello A"; break; +case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break; +/* server */ +case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break; +case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break; +#endif + +default: str="unknown state"; break; + } + return(str); + } + +char *SSL_rstate_string_long(s) +SSL *s; + { + char *str; + + switch (s->rstate) + { + case SSL_ST_READ_HEADER: str="read header"; break; + case SSL_ST_READ_BODY: str="read body"; break; + default: str="unknown"; break; + } + return(str); + } + +char *SSL_state_string(s) +SSL *s; + { + char *str; + + switch (s->state) + { +case SSL_ST_BEFORE: str="PINIT "; break; +case SSL_ST_ACCEPT: str="AINIT "; break; +case SSL_ST_CONNECT: str="CINIT "; break; +case SSL_ST_OK: str="SSLOK "; break; +#ifndef NO_SSL2 +case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break; +case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break; +case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break; +case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break; +case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break; +case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break; +case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break; +case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break; +case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break; +case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break; +case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break; +case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break; +case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break; +case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break; +case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break; +case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break; +case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break; +case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break; +case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break; +case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break; +case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break; +case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break; +case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break; +case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break; +case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break; +case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break; +case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break; +case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break; +case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break; +case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break; +case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break; +case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break; +#endif + +#ifndef NO_SSL3 +/* SSLv3 additions */ +case SSL3_ST_SW_FLUSH: +case SSL3_ST_CW_FLUSH: str="3FLUSH"; break; +case SSL3_ST_CW_CLNT_HELLO_A: str="3WCH_A"; break; +case SSL3_ST_CW_CLNT_HELLO_B: str="3WCH_B"; break; +case SSL3_ST_CR_SRVR_HELLO_A: str="3RSH_A"; break; +case SSL3_ST_CR_SRVR_HELLO_B: str="3RSH_B"; break; +case SSL3_ST_CR_CERT_A: str="3RSC_A"; break; +case SSL3_ST_CR_CERT_B: str="3RSC_B"; break; +case SSL3_ST_CR_KEY_EXCH_A: str="3RSKEA"; break; +case SSL3_ST_CR_KEY_EXCH_B: str="3RSKEB"; break; +case SSL3_ST_CR_CERT_REQ_A: str="3RCR_A"; break; +case SSL3_ST_CR_CERT_REQ_B: str="3RCR_B"; break; +case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break; +case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break; +case SSL3_ST_CW_CERT_A: str="3WCC_A"; break; +case SSL3_ST_CW_CERT_B: str="3WCC_B"; break; +case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break; +case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break; +case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break; +case SSL3_ST_CW_CERT_VRFY_B: str="3WCV_B"; break; + +case SSL3_ST_SW_CHANGE_A: +case SSL3_ST_CW_CHANGE_A: str="3WCCSA"; break; +case SSL3_ST_SW_CHANGE_B: +case SSL3_ST_CW_CHANGE_B: str="3WCCSB"; break; +case SSL3_ST_SW_FINISHED_A: +case SSL3_ST_CW_FINISHED_A: str="3WFINA"; break; +case SSL3_ST_SW_FINISHED_B: +case SSL3_ST_CW_FINISHED_B: str="3WFINB"; break; +case SSL3_ST_SR_CHANGE_A: +case SSL3_ST_CR_CHANGE_A: str="3RCCSA"; break; +case SSL3_ST_SR_CHANGE_B: +case SSL3_ST_CR_CHANGE_B: str="3RCCSB"; break; +case SSL3_ST_SR_FINISHED_A: +case SSL3_ST_CR_FINISHED_A: str="3RFINA"; break; +case SSL3_ST_SR_FINISHED_B: +case SSL3_ST_CR_FINISHED_B: str="3RFINB"; break; + +case SSL3_ST_SW_HELLO_REQ_A: str="3WHR_A"; break; +case SSL3_ST_SW_HELLO_REQ_B: str="3WHR_B"; break; +case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break; +case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break; +case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break; +case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break; +case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break; +case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break; +case SSL3_ST_SW_CERT_A: str="3WSC_A"; break; +case SSL3_ST_SW_CERT_B: str="3WSC_B"; break; +case SSL3_ST_SW_KEY_EXCH_A: str="3WSKEA"; break; +case SSL3_ST_SW_KEY_EXCH_B: str="3WSKEB"; break; +case SSL3_ST_SW_CERT_REQ_A: str="3WCR_A"; break; +case SSL3_ST_SW_CERT_REQ_B: str="3WCR_B"; break; +case SSL3_ST_SW_SRVR_DONE_A: str="3WSD_A"; break; +case SSL3_ST_SW_SRVR_DONE_B: str="3WSD_B"; break; +case SSL3_ST_SR_CERT_A: str="3RCC_A"; break; +case SSL3_ST_SR_CERT_B: str="3RCC_B"; break; +case SSL3_ST_SR_KEY_EXCH_A: str="3RCKEA"; break; +case SSL3_ST_SR_KEY_EXCH_B: str="3RCKEB"; break; +case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break; +case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break; +#endif + +#if !defined(NO_SSL2) && !defined(NO_SSL3) +/* SSLv2/v3 compatablitity states */ +/* client */ +case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break; +case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break; +case SSL23_ST_CR_SRVR_HELLO_A: str="23RSHA"; break; +case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break; +/* server */ +case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break; +case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break; +#endif + +default: str="UNKWN "; break; + } + return(str); + } + +char *SSL_alert_type_string_long(value) +int value; + { + value>>=8; + if (value == SSL3_AL_WARNING) + return("warning"); + else if (value == SSL3_AL_FATAL) + return("fatal"); + else + return("unknown"); + } + +char *SSL_alert_type_string(value) +int value; + { + value>>=8; + if (value == SSL3_AL_WARNING) + return("W"); + else if (value == SSL3_AL_FATAL) + return("F"); + else + return("U"); + } + +char *SSL_alert_desc_string(value) +int value; + { + char *str; + + switch (value & 0xff) + { + case SSL3_AD_CLOSE_NOTIFY: str="CN"; break; + case SSL3_AD_UNEXPECTED_MESSAGE: str="UM"; break; + case SSL3_AD_BAD_RECORD_MAC: str="BM"; break; + case SSL3_AD_DECOMPRESSION_FAILURE: str="DF"; break; + case SSL3_AD_HANDSHAKE_FAILURE: str="HF"; break; + case SSL3_AD_NO_CERTIFICATE: str="NC"; break; + case SSL3_AD_BAD_CERTIFICATE: str="BC"; break; + case SSL3_AD_UNSUPPORTED_CERTIFICATE: str="UC"; break; + case SSL3_AD_CERTIFICATE_REVOKED: str="CR"; break; + case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break; + case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break; + case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break; + default: str="UK"; break; + } + return(str); + } + +char *SSL_alert_desc_string_long(value) +int value; + { + char *str; + + switch (value & 0xff) + { + case SSL3_AD_CLOSE_NOTIFY: + str="close notify"; + break; + case SSL3_AD_UNEXPECTED_MESSAGE: + str="unexected_message"; + break; + case SSL3_AD_BAD_RECORD_MAC: + str="bad record mac"; + break; + case SSL3_AD_DECOMPRESSION_FAILURE: + str="decompression failure"; + break; + case SSL3_AD_HANDSHAKE_FAILURE: + str="handshake failure"; + break; + case SSL3_AD_NO_CERTIFICATE: + str="no certificate"; + break; + case SSL3_AD_BAD_CERTIFICATE: + str="bad certificate"; + break; + case SSL3_AD_UNSUPPORTED_CERTIFICATE: + str="unsupported certificate"; + break; + case SSL3_AD_CERTIFICATE_REVOKED: + str="certificate revoked"; + break; + case SSL3_AD_CERTIFICATE_EXPIRED: + str="certificate expired"; + break; + case SSL3_AD_CERTIFICATE_UNKNOWN: + str="certifcate unknown"; + break; + case SSL3_AD_ILLEGAL_PARAMETER: + str="illegal parameter"; + break; + default: str="unknown"; break; + } + return(str); + } + +char *SSL_rstate_string(s) +SSL *s; + { + char *str; + + switch (s->rstate) + { + case SSL_ST_READ_HEADER:str="RH"; break; + case SSL_ST_READ_BODY: str="RB"; break; + case SSL_ST_READ_DONE: str="RD"; break; + default: str="unknown"; break; + } + return(str); + } diff --git a/ssl/ssl_task.c b/ssl/ssl_task.c new file mode 100644 index 0000000000..c27ce913e7 --- /dev/null +++ b/ssl/ssl_task.c @@ -0,0 +1,359 @@ +/* ssl/ssl_task.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* VMS */ +/* + * DECnet object for servicing SSL. We accept the inbound and speak a + * simple protocol for multiplexing the 2 data streams (application and + * ssl data) over this logical link. + * + * Logical names: + * SSL_CIPHER Defines a list of cipher specifications the server + * will support in order of preference. + * SSL_SERVER_CERTIFICATE + * Points to PEM (privacy enhanced mail) file that + * contains the server certificate and private password. + * SYS$NET Logical created by netserver.exe as hook for completing + * DECnet logical link. + * + * Each NSP message sent over the DECnet link has the following structure: + * struct rpc_msg { + * char channel; + * char function; + * short length; + * char data[MAX_DATA]; + * } msg; + * + * The channel field designates the virtual data stream this message applies + * to and is one of: + * A - Application data (payload). + * R - Remote client connection that initiated the SSL connection. Encrypted + * data is sent over this connection. + * G - General data, reserved for future use. + * + * The data streams are half-duplex read/write and have following functions: + * G - Get, requests that up to msg.length bytes of data be returned. The + * data is returned in the next 'C' function response that matches the + * requesting channel. + * P - Put, requests that the first msg.length bytes of msg.data be appended + * to the designated stream. + * C - Confirms a get or put. Every get and put will get a confirm response, + * you cannot initiate another function on a channel until the previous + * operation has been confirmed. + * + * The 2 channels may interleave their operations, for example: + * Server msg Client msg + * A, Get, 4092 ----> + * <---- R, get, 4092 + * R, Confirm, {hello} ----> + * <---- R, put, {srv hello} + * R, Confirm, 0 ----> + * . (SSL handshake completed) + * . (read first app data). + * <---- A, confirm, {http data} + * A, Put, {http data} ----> + * <---- A, confirm, 0 + * + * The length field is not permitted to be larger that 4092 bytes. + * + * Author: Dave Jones + * Date: 22-JUL-1996 + */ +#include <stdlib.h> +#include <stdio.h> +#include <iodef.h> /* VMS IO$_ definitions */ +#include <descrip.h> /* VMS string descriptors */ +extern int SYS$QIOW(), SYS$ASSIGN(); +int LIB$INIT_TIMER(), LIB$SHOW_TIMER(); + +#include <string.h> /* from ssltest.c */ +#include <errno.h> +#include "buffer.h" +#include "../e_os.h" +#include "x509.h" +#include "ssl.h" +#include "err.h" + +int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth, + int error); +BIO *bio_err=NULL; +BIO *bio_stdout=NULL; +BIO_METHOD *BIO_s_rtcp(); + +static char *cipher=NULL; +int verbose=1; +#ifdef FIONBIO +static int s_nbio=0; +#endif +#define TEST_SERVER_CERT "SSL_SERVER_CERTIFICATE" +/*************************************************************************/ +struct rpc_msg { /* Should have member alignment inhibited */ + char channel; /* 'A'-app data. 'R'-remote client 'G'-global */ + char function; /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */ + unsigned short int length; /* Amount of data returned or max to return */ + char data[4092]; /* variable data */ +}; +#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092) + +static $DESCRIPTOR(sysnet, "SYS$NET"); +typedef unsigned short io_channel; + +struct io_status { + unsigned short status; + unsigned short count; + unsigned long stsval; +}; +int doit(io_channel chan, SSL_CTX *s_ctx ); +/*****************************************************************************/ +/* Decnet I/O routines. + */ +static int get ( io_channel chan, char *buffer, int maxlen, int *length ) +{ + int status; + struct io_status iosb; + status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0, + buffer, maxlen, 0, 0, 0, 0 ); + if ( (status&1) == 1 ) status = iosb.status; + if ( (status&1) == 1 ) *length = iosb.count; + return status; +} + +static int put ( io_channel chan, char *buffer, int length ) +{ + int status; + struct io_status iosb; + status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0, + buffer, length, 0, 0, 0, 0 ); + if ( (status&1) == 1 ) status = iosb.status; + return status; +} +/***************************************************************************/ +/* Handle operations on the 'G' channel. + */ +static int general_request ( io_channel chan, struct rpc_msg *msg, int length ) +{ + return 48; +} +/***************************************************************************/ +int main ( int argc, char **argv ) +{ + int status, length; + io_channel chan; + struct rpc_msg msg; + + char *CApath=NULL,*CAfile=NULL; + int badop=0; + int ret=1; + int client_auth=0; + int server_auth=0; + SSL_CTX *s_ctx=NULL; + /* + * Confirm logical link with initiating client. + */ + LIB$INIT_TIMER(); + status = SYS$ASSIGN ( &sysnet, &chan, 0, 0, 0 ); + printf("status of assign to SYS$NET: %d\n", status ); + /* + * Initialize standard out and error files. + */ + if (bio_err == NULL) + if ((bio_err=BIO_new(BIO_s_file())) != NULL) + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE); + if (bio_stdout == NULL) + if ((bio_stdout=BIO_new(BIO_s_file())) != NULL) + BIO_set_fp(bio_stdout,stdout,BIO_NOCLOSE); + /* + * get the preferred cipher list and other initialization + */ + if (cipher == NULL) cipher=getenv("SSL_CIPHER"); + printf("cipher list: %s\n", cipher ? cipher : "{undefined}" ); + + SSL_load_error_strings(); + + s_ctx=SSL_CTX_new(SSLv2()); + + if (s_ctx == NULL) goto end; + + SSL_CTX_use_certificate_file(s_ctx,TEST_SERVER_CERT,SSL_FILETYPE_PEM); + SSL_CTX_use_RSAPrivateKey_file(s_ctx,TEST_SERVER_CERT,SSL_FILETYPE_PEM); + printf("Loaded server certificate: '%s'\n", TEST_SERVER_CERT ); + + /* + * Take commands from client until bad status. + */ + LIB$SHOW_TIMER(); + status = doit ( chan, s_ctx ); + LIB$SHOW_TIMER(); + /* + * do final cleanup and exit. + */ +end: + if (s_ctx != NULL) SSL_CTX_free(s_ctx); + LIB$SHOW_TIMER(); + return 1; +} + +int doit(io_channel chan, SSL_CTX *s_ctx ) +{ + int status, length, link_state; + struct rpc_msg msg; + static char cbuf[200],sbuf[200]; + SSL *s_ssl=NULL; + BIO *c_to_s=NULL; + BIO *s_to_c=NULL; + BIO *c_bio=NULL; + BIO *s_bio=NULL; + int i; + int done=0; + + s_ssl=SSL_new(s_ctx); + if (s_ssl == NULL) goto err; + + c_to_s=BIO_new(BIO_s_rtcp()); + s_to_c=BIO_new(BIO_s_rtcp()); + if ((s_to_c == NULL) || (c_to_s == NULL)) goto err; + BIO_set_fd ( c_to_s, "", chan ); + BIO_set_fd ( s_to_c, "", chan ); + + c_bio=BIO_new(BIO_f_ssl()); + s_bio=BIO_new(BIO_f_ssl()); + if ((c_bio == NULL) || (s_bio == NULL)) goto err; + + SSL_set_accept_state(s_ssl); + SSL_set_bio(s_ssl,c_to_s,s_to_c); + BIO_set_ssl(s_bio,s_ssl,BIO_CLOSE); + + /* We can always do writes */ + printf("Begin doit main loop\n"); + /* + * Link states: 0-idle, 1-read pending, 2-write pending, 3-closed. + */ + for (link_state = 0; link_state < 3; ) { + /* + * Wait for remote end to request data action on A channel. + */ + while ( link_state == 0 ) { + status = get ( chan, (char *) &msg, sizeof(msg), &length ); + if ( (status&1) == 0 ) { + printf("Error in main loop get: %d\n", status ); + link_state = 3; + break; + } + if ( length < RPC_HDR_SIZE ) { + printf("Error in main loop get size: %d\n", length ); + break; + link_state = 3; + } + if ( msg.channel != 'A' ) { + printf("Error in main loop, unexpected channel: %c\n", + msg.channel ); + break; + link_state = 3; + } + if ( msg.function == 'G' ) { + link_state = 1; + } else if ( msg.function == 'P' ) { + link_state = 2; /* write pending */ + } else if ( msg.function == 'X' ) { + link_state = 3; + } else { + link_state = 3; + } + } + if ( link_state == 1 ) { + i = BIO_read ( s_bio, msg.data, msg.length ); + if ( i < 0 ) link_state = 3; + else { + msg.channel = 'A'; + msg.function = 'C'; /* confirm */ + msg.length = i; + status = put ( chan, (char *) &msg, i+RPC_HDR_SIZE ); + if ( (status&1) == 0 ) break; + link_state = 0; + } + } else if ( link_state == 2 ) { + i = BIO_write ( s_bio, msg.data, msg.length ); + if ( i < 0 ) link_state = 3; + else { + msg.channel = 'A'; + msg.function = 'C'; /* confirm */ + msg.length = 0; + status = put ( chan, (char *) &msg, RPC_HDR_SIZE ); + if ( (status&1) == 0 ) break; + link_state = 0; + } + } + } + fprintf(stdout,"DONE\n"); +err: + /* We have to set the BIO's to NULL otherwise they will be + * free()ed twice. Once when th s_ssl is SSL_free()ed and + * again when c_ssl is SSL_free()ed. + * This is a hack required because s_ssl and c_ssl are sharing the same + * BIO structure and SSL_set_bio() and SSL_free() automatically + * BIO_free non NULL entries. + * You should not normally do this or be required to do this */ + s_ssl->rbio=NULL; + s_ssl->wbio=NULL; + + if (c_to_s != NULL) BIO_free(c_to_s); + if (s_to_c != NULL) BIO_free(s_to_c); + if (c_bio != NULL) BIO_free(c_bio); + if (s_bio != NULL) BIO_free(s_bio); + return(0); +} diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c new file mode 100644 index 0000000000..b9cb9ef673 --- /dev/null +++ b/ssl/ssl_txt.c @@ -0,0 +1,133 @@ +/* ssl/ssl_txt.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "buffer.h" +#include "ssl_locl.h" + +#ifndef WIN16 +int SSL_SESSION_print_fp(fp, x) +FILE *fp; +SSL_SESSION *x; + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB); + return(0); + } + BIO_set_fp(b,fp,BIO_NOCLOSE); + ret=SSL_SESSION_print(b,x); + BIO_free(b); + return(ret); + } +#endif + +int SSL_SESSION_print(bp,x) +BIO *bp; +SSL_SESSION *x; + { + int i; + char str[128]; + + if (x == NULL) goto err; + if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err; + sprintf(str," Cipher : %s\n",(x->cipher == NULL)?"unknown":x->cipher->name); + if (BIO_puts(bp,str) <= 0) goto err; + if (BIO_puts(bp," Session-ID: ") <= 0) goto err; + for (i=0; i<(int)x->session_id_length; i++) + { + sprintf(str,"%02X",x->session_id[i]); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err; + for (i=0; i<(int)x->master_key_length; i++) + { + sprintf(str,"%02X",x->master_key[i]); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err; + if (x->key_arg_length == 0) + { + if (BIO_puts(bp,"None") <= 0) goto err; + } + else + for (i=0; i<(int)x->key_arg_length; i++) + { + sprintf(str,"%02X",x->key_arg[i]); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (x->time != 0L) + { + sprintf(str,"\n Start Time: %ld",x->time); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (x->timeout != 0L) + { + sprintf(str,"\n Timeout : %ld (sec)",x->timeout); + if (BIO_puts(bp,str) <= 0) goto err; + } + if (BIO_puts(bp,"\n") <= 0) goto err; + + return(1); +err: + return(0); + } + diff --git a/ssl/ssltest.c b/ssl/ssltest.c new file mode 100644 index 0000000000..b8d657f3ba --- /dev/null +++ b/ssl/ssltest.c @@ -0,0 +1,635 @@ +/* ssl/ssltest.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> +#ifdef WIN16 +#define APPS_WIN16 +#endif +#include "bio.h" +#include "crypto.h" +#include "../e_os.h" +#include "x509.h" +#include "ssl.h" +#include "err.h" + +#ifdef WIN16 +#define APPS_WIN16 +#include "../crypto/bio/bss_file.c" +#endif + +#define TEST_SERVER_CERT "../apps/server.pem" +#define TEST_CLIENT_CERT "../apps/client.pem" + +#ifndef NOPROTO +int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); +static DH *get_dh512(void); +#else +int MS_CALLBACK verify_callback(); +static DH *get_dh512(); +#endif + +BIO *bio_err=NULL; +BIO *bio_stdout=NULL; + +static char *cipher=NULL; +int verbose=0; +#ifdef FIONBIO +static int s_nbio=0; +#endif + + +#ifndef NOPROTO +int doit(SSL_CTX *s_ctx,SSL_CTX *c_ctx); +#else +int doit(); +#endif + +static void sv_usage() + { + fprintf(stderr,"usage: ssltest [args ...]\n"); + fprintf(stderr,"\n"); + fprintf(stderr," -server_auth - check server certificate\n"); + fprintf(stderr," -client_auth - do client authentication\n"); + fprintf(stderr," -v - more output\n"); +#ifndef NO_SSL2 + fprintf(stderr," -ssl2 - use SSLv2\n"); +#endif +#ifndef NO_SSL3 + fprintf(stderr," -ssl3 - use SSLv3\n"); +#endif + fprintf(stderr," -CApath arg - PEM format directory of CA's\n"); + fprintf(stderr," -CAfile arg - PEM format file of CA's\n"); + } + +int main(argc, argv) +int argc; +char *argv[]; + { + char *CApath=NULL,*CAfile=NULL; + int badop=0; + int ssl2=0,ssl3=0,ret=1; + int client_auth=0; + int server_auth=0; + char *server_cert=TEST_SERVER_CERT; + char *client_cert=TEST_CLIENT_CERT; + SSL_CTX *s_ctx=NULL; + SSL_CTX *c_ctx=NULL; + SSL_METHOD *meth=NULL; + DH *dh; + + bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); + bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE); + + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + + argc--; + argv++; + + while (argc >= 1) + { + if (strcmp(*argv,"-server_auth") == 0) + server_auth=1; + else if (strcmp(*argv,"-client_auth") == 0) + client_auth=1; + else if (strcmp(*argv,"-v") == 0) + verbose=1; + else if (strcmp(*argv,"-ssl2") == 0) + ssl2=1; + else if (strcmp(*argv,"-ssl3") == 0) + ssl3=1; + else if (strcmp(*argv,"-cert") == 0) + { + if (--argc < 1) goto bad; + server_cert= *(++argv); + } + else if (strcmp(*argv,"-s_cert") == 0) + { + if (--argc < 1) goto bad; + server_cert= *(++argv); + } + else if (strcmp(*argv,"-c_cert") == 0) + { + if (--argc < 1) goto bad; + client_cert= *(++argv); + } + else if (strcmp(*argv,"-cipher") == 0) + { + if (--argc < 1) goto bad; + cipher= *(++argv); + } + else if (strcmp(*argv,"-CApath") == 0) + { + if (--argc < 1) goto bad; + CApath= *(++argv); + } + else if (strcmp(*argv,"-CAfile") == 0) + { + if (--argc < 1) goto bad; + CAfile= *(++argv); + } + else + { + fprintf(stderr,"unknown option %s\n",*argv); + badop=1; + break; + } + argc--; + argv++; + } + if (badop) + { +bad: + sv_usage(); + goto end; + } + +/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ + + SSLeay_add_ssl_algorithms(); + SSL_load_error_strings(); + +#if !defined(NO_SSL2) && !defined(NO_SSL3) + if (ssl2) + meth=SSLv2_method(); + else + if (ssl3) + meth=SSLv3_method(); + else + meth=SSLv23_method(); +#else +#ifdef NO_SSL2 + meth=SSLv3_method(); +#else + meth=SSLv2_method(); +#endif +#endif + + c_ctx=SSL_CTX_new(meth); + s_ctx=SSL_CTX_new(meth); + if ((c_ctx == NULL) || (s_ctx == NULL)) + { + ERR_print_errors(bio_err); + goto end; + } + + if (cipher != NULL) + { + SSL_CTX_set_cipher_list(c_ctx,cipher); + SSL_CTX_set_cipher_list(s_ctx,cipher); + } + +#ifndef NO_DH + dh=get_dh512(); + SSL_CTX_set_tmp_dh(s_ctx,dh); + DH_free(dh); +#endif + + if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM)) + { + ERR_print_errors(bio_err); + } + else if (!SSL_CTX_use_PrivateKey_file(s_ctx,server_cert, + SSL_FILETYPE_PEM)) + { + ERR_print_errors(bio_err); + goto end; + } + + if (client_auth) + { + SSL_CTX_use_certificate_file(c_ctx,client_cert, + SSL_FILETYPE_PEM); + SSL_CTX_use_PrivateKey_file(c_ctx,client_cert, + SSL_FILETYPE_PEM); + } + + if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) || + (!SSL_CTX_set_default_verify_paths(s_ctx)) || + (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) || + (!SSL_CTX_set_default_verify_paths(c_ctx))) + { + fprintf(stderr,"SSL_load_verify_locations\n"); + ERR_print_errors(bio_err); + goto end; + } + + if (client_auth) + { + fprintf(stderr,"client authentication\n"); + SSL_CTX_set_verify(s_ctx, + SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, + verify_callback); + } + if (server_auth) + { + fprintf(stderr,"server authentication\n"); + SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER, + verify_callback); + } + + ret=doit(s_ctx,c_ctx); +end: + if (s_ctx != NULL) SSL_CTX_free(s_ctx); + if (c_ctx != NULL) SSL_CTX_free(c_ctx); + + if (bio_stdout != NULL) BIO_free(bio_stdout); + + ERR_remove_state(0); + EVP_cleanup(); + CRYPTO_mem_leaks(bio_err); + EXIT(ret); + } + +#define W_READ 1 +#define W_WRITE 2 +#define C_DONE 1 +#define S_DONE 2 + +int doit(s_ctx,c_ctx) +SSL_CTX *s_ctx,*c_ctx; + { + static char cbuf[200],sbuf[200]; + int ret=1; + SSL *c_ssl=NULL; + SSL *s_ssl=NULL; + BIO *c_to_s=NULL; + BIO *s_to_c=NULL; + BIO *c_bio=NULL; + BIO *s_bio=NULL; + int c_r,c_w,s_r,s_w; + int c_want,s_want; + int i; + int done=0; + int c_write,s_write; + int do_server=0,do_client=0; + SSL_CIPHER *ciph; + + c_ssl=SSL_new(c_ctx); + s_ssl=SSL_new(s_ctx); + if ((s_ssl == NULL) || (c_ssl == NULL)) + { + ERR_print_errors(bio_err); + goto err; + } + + c_to_s=BIO_new(BIO_s_mem()); + s_to_c=BIO_new(BIO_s_mem()); + if ((s_to_c == NULL) || (c_to_s == NULL)) + { + ERR_print_errors(bio_err); + goto err; + } + + c_bio=BIO_new(BIO_f_ssl()); + s_bio=BIO_new(BIO_f_ssl()); + if ((c_bio == NULL) || (s_bio == NULL)) + { + ERR_print_errors(bio_err); + goto err; + } + + SSL_set_connect_state(c_ssl); + SSL_set_bio(c_ssl,s_to_c,c_to_s); + BIO_set_ssl(c_bio,c_ssl,BIO_CLOSE); + + SSL_set_accept_state(s_ssl); + SSL_set_bio(s_ssl,c_to_s,s_to_c); + BIO_set_ssl(s_bio,s_ssl,BIO_CLOSE); + + c_r=0; s_r=1; + c_w=1; s_w=0; + c_want=W_WRITE; + s_want=0; + c_write=1,s_write=0; + + /* We can always do writes */ + for (;;) + { + do_server=0; + do_client=0; + + i=(int)BIO_pending(s_bio); + if ((i && s_r) || s_w) do_server=1; + + i=(int)BIO_pending(c_bio); + if ((i && c_r) || c_w) do_client=1; + + if (do_server && verbose) + { + if (SSL_in_init(s_ssl)) + printf("server waiting in SSL_accept - %s\n", + SSL_state_string_long(s_ssl)); + else if (s_write) + printf("server:SSL_write()\n"); + else + printf("server:SSL_read()\n"); + } + + if (do_client && verbose) + { + if (SSL_in_init(c_ssl)) + printf("client waiting in SSL_connect - %s\n", + SSL_state_string_long(c_ssl)); + else if (c_write) + printf("client:SSL_write()\n"); + else + printf("client:SSL_read()\n"); + } + + if (!do_client && !do_server) + { + fprintf(stdout,"ERROR IN STARTUP\n"); + ERR_print_errors(bio_err); + break; + } + if (do_client && !(done & C_DONE)) + { + if (c_write) + { + i=BIO_write(c_bio,"hello from client\n",18); + if (i < 0) + { + c_r=0; + c_w=0; + if (BIO_should_retry(c_bio)) + { + if (BIO_should_read(c_bio)) + c_r=1; + if (BIO_should_write(c_bio)) + c_w=1; + } + else + { + fprintf(stderr,"ERROR in CLIENT\n"); + ERR_print_errors(bio_err); + goto err; + } + } + else if (i == 0) + { + fprintf(stderr,"SSL CLIENT STARTUP FAILED\n"); + goto err; + } + else + { + /* ok */ + c_write=0; + } + } + else + { + i=BIO_read(c_bio,cbuf,100); + if (i < 0) + { + c_r=0; + c_w=0; + if (BIO_should_retry(c_bio)) + { + if (BIO_should_read(c_bio)) + c_r=1; + if (BIO_should_write(c_bio)) + c_w=1; + } + else + { + fprintf(stderr,"ERROR in CLIENT\n"); + ERR_print_errors(bio_err); + goto err; + } + } + else if (i == 0) + { + fprintf(stderr,"SSL CLIENT STARTUP FAILED\n"); + goto err; + } + else + { + done|=C_DONE; + fprintf(stdout,"CLIENT:from server:"); + fwrite(cbuf,1,i,stdout); + fflush(stdout); + } + } + } + + if (do_server && !(done & S_DONE)) + { + if (!s_write) + { + i=BIO_read(s_bio,sbuf,100); + if (i < 0) + { + s_r=0; + s_w=0; + if (BIO_should_retry(s_bio)) + { + if (BIO_should_read(s_bio)) + s_r=1; + if (BIO_should_write(s_bio)) + s_w=1; + } + else + { + fprintf(stderr,"ERROR in SERVER\n"); + ERR_print_errors(bio_err); + goto err; + } + } + else if (i == 0) + { + ERR_print_errors(bio_err); + fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n"); + goto err; + } + else + { + s_write=1; + s_w=1; + fprintf(stdout,"SERVER:from client:"); + fwrite(sbuf,1,i,stdout); + fflush(stdout); + } + } + else + { + i=BIO_write(s_bio,"hello from server\n",18); + if (i < 0) + { + s_r=0; + s_w=0; + if (BIO_should_retry(s_bio)) + { + if (BIO_should_read(s_bio)) + s_r=1; + if (BIO_should_write(s_bio)) + s_w=1; + } + else + { + fprintf(stderr,"ERROR in SERVER\n"); + ERR_print_errors(bio_err); + goto err; + } + } + else if (i == 0) + { + ERR_print_errors(bio_err); + fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n"); + goto err; + } + else + { + s_write=0; + s_r=1; + done|=S_DONE; + } + } + } + + if ((done & S_DONE) && (done & C_DONE)) break; + } + + ciph=SSL_get_current_cipher(c_ssl); + fprintf(stdout,"DONE, used %s, %s\n",SSL_CIPHER_get_version(ciph), + SSL_CIPHER_get_name(ciph)); + ret=0; +err: + /* We have to set the BIO's to NULL otherwise they will be + * Free()ed twice. Once when th s_ssl is SSL_free()ed and + * again when c_ssl is SSL_free()ed. + * This is a hack required because s_ssl and c_ssl are sharing the same + * BIO structure and SSL_set_bio() and SSL_free() automatically + * BIO_free non NULL entries. + * You should not normally do this or be required to do this */ + if (s_ssl != NULL) + { + s_ssl->rbio=NULL; + s_ssl->wbio=NULL; + } + if (c_ssl != NULL) + { + c_ssl->rbio=NULL; + c_ssl->wbio=NULL; + } + + if (c_to_s != NULL) BIO_free(c_to_s); + if (s_to_c != NULL) BIO_free(s_to_c); + if (c_bio != NULL) BIO_free(c_bio); + if (s_bio != NULL) BIO_free(s_bio); + return(ret); + } + +int MS_CALLBACK verify_callback(ok, ctx) +int ok; +X509_STORE_CTX *ctx; + { + char *s,buf[256]; + + s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,256); + if (s != NULL) + { + if (ok) + fprintf(stderr,"depth=%d %s\n",ctx->error_depth,buf); + else + fprintf(stderr,"depth=%d error=%d %s\n", + ctx->error_depth,ctx->error,buf); + } + + if (ok == 0) + { + switch (ctx->error) + { + case X509_V_ERR_CERT_NOT_YET_VALID: + case X509_V_ERR_CERT_HAS_EXPIRED: + case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: + ok=1; + } + } + + return(ok); + } + +static unsigned char dh512_p[]={ + 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, + 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, + 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, + 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, + 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, + 0x47,0x74,0xE8,0x33, + }; +static unsigned char dh512_g[]={ + 0x02, + }; + +static DH *get_dh512() + { + DH *dh=NULL; + +#ifndef NO_DH + if ((dh=DH_new()) == NULL) return(NULL); + dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); + dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); + if ((dh->p == NULL) || (dh->g == NULL)) + return(NULL); +#endif + return(dh); + } + diff --git a/ssl/zz b/ssl/zz new file mode 100644 index 0000000000..47c570ec80 --- /dev/null +++ b/ssl/zz @@ -0,0 +1,402 @@ +/* ssl/s23_srvr.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "buffer.h" +#include "rand.h" +#include "objects.h" +#include "evp.h" +#include "ssl_locl.h" + +#define BREAK break + +#ifndef NOPROTO +int ssl23_get_client_hello(SSL *s); +#else +int ssl23_get_client_hello(); +#endif + +static SSL_METHOD *ssl23_get_server_method(ver) +int ver; + { + if (ver == 2) + return(SSLv2_server_method()); + else if (ver == 3) + return(SSLv3_server_method()); + else + return(NULL); + } + +SSL_METHOD *SSLv23_server_method() + { + static int init=1; + static SSL_METHOD SSLv23_server_data; + + if (init) + { + init=0; + memcpy((char *)&SSLv23_server_data, + (char *)sslv23_base_method(),sizeof(SSL_METHOD)); + SSLv23_server_data.ssl_accept=ssl23_accept; + SSLv23_server_data.get_ssl_method=ssl23_get_server_method; + } + return(&SSLv23_server_data); + } + +int ssl23_accept(s) +SSL *s; + { + BUF_MEM *buf; + unsigned long Time=time(NULL); + void (*cb)()=NULL; + int ret= -1; + int new_state,state; + + RAND_seed((unsigned char *)&Time,sizeof(Time)); + ERR_clear_error(); + errno=0; + + if (s->info_callback != NULL) + cb=s->info_callback; + else if (s->ctx->info_callback != NULL) + cb=s->ctx->info_callback; + + if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); + s->in_handshake++; + + for (;;) + { + state=s->state; + + switch(s->state) + { + case SSL_ST_BEFORE: + case SSL_ST_ACCEPT: + case SSL_ST_BEFORE|SSL_ST_ACCEPT: + case SSL_ST_OK|SSL_ST_ACCEPT: + + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + + s->version=3; + s->type=SSL_ST_ACCEPT; + + if (s->init_buf == NULL) + { + if ((buf=BUF_MEM_new()) == NULL) + { + ret= -1; + goto end; + } + if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) + { + ret= -1; + goto end; + } + s->init_buf=buf; + } + + ssl3_init_finished_mac(s); + + s->state=SSL23_ST_SR_CLNT_HELLO_A; + s->ctx->sess_accept++; + s->init_num=0; + break; + + case SSL23_ST_SR_CLNT_HELLO_A: + case SSL23_ST_SR_CLNT_HELLO_B: + + s->shutdown=0; + ret=ssl23_get_client_hello(s); + if (ret >= 0) cb=NULL; + goto end; + break; + + default: + SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE); + ret= -1; + goto end; + /* break; */ + } + + if ((cb != NULL) && (s->state != state)) + { + new_state=s->state; + s->state=state; + cb(s,SSL_CB_ACCEPT_LOOP,1); + s->state=new_state; + } + } +end: + if (cb != NULL) + cb(s,SSL_CB_ACCEPT_EXIT,ret); + s->in_handshake--; + return(ret); + } + + +int ssl23_get_client_hello(s) +SSL *s; + { + char buf[8]; + unsigned char *p,*d,*dd; + unsigned int i; + unsigned int csl,sil,cl; + int n=0,j; + BIO *bbio; + int type=0; + + /* read the initial header */ + if (s->state == SSL23_ST_SR_CLNT_HELLO_A) + { + if (!ssl3_setup_buffers(s)) goto err; + + n=ssl23_read_bytes(s,7); + if (n != 7) return(n); + + p=s->packet; + + memcpy(buf,p,n); + + if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) + { + /* SSLv2 header */ + if ((p[3] == 0x00) && (p[4] == 0x02)) + { + /* SSLv2 */ + type=1; + } + else if ((p[3] == SSL3_VERSION_MAJOR) && + (p[4] == SSL3_VERSION_MINOR)) + { + /* SSLv3 */ + s->state=SSL23_ST_SR_CLNT_HELLO_B; + } + } + else if ((p[0] == SSL3_RT_HANDSHAKE) && + (p[1] == SSL3_VERSION_MAJOR) && + (p[2] == SSL3_VERSION_MINOR) && + (p[5] == SSL3_MT_CLIENT_HELLO)) + { + /* true SSLv3 */ + type=3; + } + } + + if (s->state == SSL23_ST_SR_CLNT_HELLO_B) + { + /* we have a SSLv3 in a SSLv2 header */ + type=2; + p=s->packet; + n=((p[0]&0x7f)<<8)|p[1]; + if (n > (1024*4)) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); + goto err; + } + + j=ssl23_read_bytes(s,n+2); + if (j <= 0) return(j); + + ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2); + + p=s->packet; + p+=5; + n2s(p,csl); + n2s(p,sil); + n2s(p,cl); + d=(unsigned char *)s->init_buf->data; + if ((csl+sil+cl+11) != s->packet_length) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH); + goto err; + } + + *(d++)=SSL3_VERSION_MAJOR; + *(d++)=SSL3_VERSION_MINOR; + + /* lets populate the random area */ + /* get the chalenge_length */ + i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl; + memset(d,0,SSL3_RANDOM_SIZE); + memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i); + d+=SSL3_RANDOM_SIZE; + + /* no session-id reuse */ + *(d++)=0; + + /* ciphers */ + j=0; + dd=d; + d+=2; + for (i=0; i<csl; i+=3) + { + if (p[i] != 0) continue; + *(d++)=p[i+1]; + *(d++)=p[i+2]; + j+=2; + } + s2n(j,dd); + + /* compression */ + *(d++)=1; + *(d++)=0; + + i=(d-(unsigned char *)s->init_buf->data); + + /* get the data reused from the init_buf */ + s->s3->tmp.reuse_message=1; + s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; + s->s3->tmp.message_size=i; + } + + if (type == 1) + { + /* we are talking sslv2 */ + /* we need to clean up the SSLv3 setup and put in the + * sslv2 stuff. */ + + if (s->s2 == NULL) + { + if (!ssl2_new(s)) + goto err; + } + else + ssl2_clear(s); + + if (s->s3 != NULL) ssl3_free(s); + + if (!BUF_MEM_grow(s->init_buf, + SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) + { + goto err; + } + + s->state=SSL2_ST_GET_CLIENT_HELLO_A; + if (s->ctx->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) + s->s2->ssl2_rollback=0; + else + s->s2->ssl2_rollback=1; + + /* setup the 5 bytes we have read so we get them from + * the sslv2 buffer */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s2->rbuf[0]); + memcpy(s->packet,buf,n); + s->s2->rbuf_left=n; + s->s2->rbuf_offs=0; + + s->method=SSLv2_server_method(); + s->handshake_func=s->method->ssl_accept; + } + + if ((type == 2) || (type == 3)) + { + /* we have sslv3 */ + + if (s->bbio == NULL) + { + bbio=BIO_new(BIO_f_buffer()); + if (bbio == NULL) + goto err; + s->bbio=bbio; + } + else + bbio=s->bbio; + BIO_reset(bbio); + if (!BIO_set_write_buffer_size(bbio,16*1024)) + goto err; + s->wbio=BIO_push(bbio,s->wbio); + + /* we are in this state */ + s->state=SSL3_ST_SR_CLNT_HELLO_A; + + if (type == 3) + { + /* put the 'n' bytes we have read into the input buffer + * for SSLv3 */ + s->rstate=SSL_ST_READ_HEADER; + s->packet_length=n; + s->packet= &(s->s3->rbuf.buf[0]); + memcpy(s->packet,buf,n); + s->s3->rbuf.left=n; + s->s3->rbuf.offset=0; + } + else + { + s->packet_length=0; + s->s3->rbuf.left=0; + s->s3->rbuf.offset=0; + } + + s->method=SSLv3_server_method(); + s->handshake_func=s->method->ssl_accept; + } + + if ((type < 1) || (type > 3)) + { + /* bad, very bad */ + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); + goto err; + } + s->init_num=0; + return(SSL_accept(s)); +err: + return(-1); + } + |