diff options
author | nectar <nectar@FreeBSD.org> | 2002-08-10 01:46:10 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2002-08-10 01:46:10 +0000 |
commit | c99c2264cb2cf6c4f161218c15b8e9a3072526e5 (patch) | |
tree | 3c9559c80a7fe01c85e2dfbadcb9f84770a7e8e6 /crypto/openssl/ssl/s2_lib.c | |
parent | c48e8e3d25b5b1f6a1783f1e469b5aff8e6c8e29 (diff) | |
download | FreeBSD-src-c99c2264cb2cf6c4f161218c15b8e9a3072526e5.zip FreeBSD-src-c99c2264cb2cf6c4f161218c15b8e9a3072526e5.tar.gz |
Import of OpenSSL 0.9.6f.
Diffstat (limited to 'crypto/openssl/ssl/s2_lib.c')
-rw-r--r-- | crypto/openssl/ssl/s2_lib.c | 32 |
1 files changed, 23 insertions, 9 deletions
diff --git a/crypto/openssl/ssl/s2_lib.c b/crypto/openssl/ssl/s2_lib.c index 26a85c2..01d1e97 100644 --- a/crypto/openssl/ssl/s2_lib.c +++ b/crypto/openssl/ssl/s2_lib.c @@ -415,7 +415,7 @@ int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) return(3); } -void ssl2_generate_key_material(SSL *s) +int ssl2_generate_key_material(SSL *s) { unsigned int i; MD5_CTX ctx; @@ -428,14 +428,24 @@ void ssl2_generate_key_material(SSL *s) #endif km=s->s2->key_material; - die(s->s2->key_material_length <= sizeof s->s2->key_material); + + if (s->session->master_key_length < 0 || s->session->master_key_length > sizeof s->session->master_key) + { + SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, SSL_R_INTERNAL_ERROR); + return 0; + } + for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) { + if (((km - s->s2->key_material) + MD5_DIGEST_LENGTH) > sizeof s->s2->key_material) + { + /* MD5_Final() below would write beyond buffer */ + SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, SSL_R_INTERNAL_ERROR); + return 0; + } + MD5_Init(&ctx); - die(s->session->master_key_length >= 0 - && s->session->master_key_length - < sizeof s->session->master_key); MD5_Update(&ctx,s->session->master_key,s->session->master_key_length); MD5_Update(&ctx,&c,1); c++; @@ -444,6 +454,8 @@ void ssl2_generate_key_material(SSL *s) MD5_Final(km,&ctx); km+=MD5_DIGEST_LENGTH; } + + return 1; } void ssl2_return_error(SSL *s, int err) @@ -468,18 +480,20 @@ void ssl2_write_error(SSL *s) buf[2]=(s->error_code)&0xff; /* state=s->rwstate;*/ - error=s->error; + + error=s->error; /* number of bytes left to write */ s->error=0; - die(error >= 0 && error <= 3); + if (error < 0 || error > sizeof buf) /* can't happen */ + return; + i=ssl2_write(s,&(buf[3-error]),error); + /* if (i == error) s->rwstate=state; */ if (i < 0) s->error=error; else if (i != s->error) s->error=error-i; - /* else - s->error=0; */ } int ssl2_shutdown(SSL *s) |