summaryrefslogtreecommitdiffstats
path: root/crypto/openssl/ssl/s2_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssl/ssl/s2_lib.c')
-rw-r--r--crypto/openssl/ssl/s2_lib.c82
1 files changed, 49 insertions, 33 deletions
diff --git a/crypto/openssl/ssl/s2_lib.c b/crypto/openssl/ssl/s2_lib.c
index 01d1e97..910b9fe 100644
--- a/crypto/openssl/ssl/s2_lib.c
+++ b/crypto/openssl/ssl/s2_lib.c
@@ -57,10 +57,11 @@
*/
#include "ssl_locl.h"
-#ifndef NO_SSL2
+#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
+#include <openssl/evp.h>
#include <openssl/md5.h>
#include "cryptlib.h"
@@ -307,7 +308,7 @@ void ssl2_free(SSL *s)
s2=s->s2;
if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
- memset(s2,0,sizeof *s2);
+ OPENSSL_cleanse(s2,sizeof *s2);
OPENSSL_free(s2);
s->s2=NULL;
}
@@ -332,7 +333,7 @@ void ssl2_clear(SSL *s)
s->packet_length=0;
}
-long ssl2_ctrl(SSL *s, int cmd, long larg, char *parg)
+long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
{
int ret=0;
@@ -352,7 +353,7 @@ long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)())
return(0);
}
-long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
+long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
{
return(0);
}
@@ -376,15 +377,19 @@ SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL);
- for (i=0; i<SSL2_NUM_CIPHERS; i++)
- sorted[i]= &(ssl2_ciphers[i]);
+ if (init)
+ {
+ for (i=0; i<SSL2_NUM_CIPHERS; i++)
+ sorted[i]= &(ssl2_ciphers[i]);
- qsort( (char *)sorted,
- SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
- FP_ICC ssl_cipher_ptr_id_cmp);
+ qsort((char *)sorted,
+ SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+ FP_ICC ssl_cipher_ptr_id_cmp);
+ init=0;
+ }
+
CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
- init=0;
}
id=0x02000000L|((unsigned long)p[0]<<16L)|
@@ -418,43 +423,50 @@ int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
int ssl2_generate_key_material(SSL *s)
{
unsigned int i;
- MD5_CTX ctx;
+ EVP_MD_CTX ctx;
unsigned char *km;
unsigned char c='0';
+ const EVP_MD *md5;
+
+ md5 = EVP_md5();
#ifdef CHARSET_EBCDIC
c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0',
see SSLv2 docu */
#endif
-
+ EVP_MD_CTX_init(&ctx);
km=s->s2->key_material;
- if (s->session->master_key_length < 0 || s->session->master_key_length > sizeof s->session->master_key)
- {
- SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, SSL_R_INTERNAL_ERROR);
- return 0;
- }
+ if (s->session->master_key_length < 0 || s->session->master_key_length > sizeof s->session->master_key)
+ {
+ SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
- for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
+ for (i=0; i<s->s2->key_material_length; i += EVP_MD_size(md5))
{
- if (((km - s->s2->key_material) + MD5_DIGEST_LENGTH) > sizeof s->s2->key_material)
+ if (((km - s->s2->key_material) + EVP_MD_size(md5)) > sizeof s->s2->key_material)
{
- /* MD5_Final() below would write beyond buffer */
- SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, SSL_R_INTERNAL_ERROR);
+ /* EVP_DigestFinal_ex() below would write beyond buffer */
+ SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
return 0;
}
- MD5_Init(&ctx);
+ EVP_DigestInit_ex(&ctx, md5, NULL);
- MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
- MD5_Update(&ctx,&c,1);
+ OPENSSL_assert(s->session->master_key_length >= 0
+ && s->session->master_key_length
+ < sizeof s->session->master_key);
+ EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
+ EVP_DigestUpdate(&ctx,&c,1);
c++;
- MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length);
- MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length);
- MD5_Final(km,&ctx);
- km+=MD5_DIGEST_LENGTH;
+ EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length);
+ EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length);
+ EVP_DigestFinal_ex(&ctx,km,NULL);
+ km += EVP_MD_size(md5);
}
+ EVP_MD_CTX_cleanup(&ctx);
return 1;
}
@@ -483,17 +495,21 @@ void ssl2_write_error(SSL *s)
error=s->error; /* number of bytes left to write */
s->error=0;
- if (error < 0 || error > sizeof buf) /* can't happen */
- return;
-
+ OPENSSL_assert(error >= 0 && error <= sizeof buf);
i=ssl2_write(s,&(buf[3-error]),error);
/* if (i == error) s->rwstate=state; */
if (i < 0)
s->error=error;
- else if (i != s->error)
+ else
+ {
s->error=error-i;
+
+ if (s->error == 0)
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */
+ }
}
int ssl2_shutdown(SSL *s)
@@ -501,7 +517,7 @@ int ssl2_shutdown(SSL *s)
s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
return(1);
}
-#else /* !NO_SSL2 */
+#else /* !OPENSSL_NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;
OpenPOWER on IntegriCloud