diff options
Diffstat (limited to 'crypto/openssl/ssl/s3_both.c')
-rw-r--r-- | crypto/openssl/ssl/s3_both.c | 60 |
1 files changed, 40 insertions, 20 deletions
diff --git a/crypto/openssl/ssl/s3_both.c b/crypto/openssl/ssl/s3_both.c index beb5628..38a7152 100644 --- a/crypto/openssl/ssl/s3_both.c +++ b/crypto/openssl/ssl/s3_both.c @@ -109,16 +109,17 @@ * */ +#include <limits.h> #include <string.h> #include <stdio.h> +#include "ssl_locl.h" #include <openssl/buffer.h> #include <openssl/rand.h> #include <openssl/objects.h> #include <openssl/evp.h> #include <openssl/x509.h> -#include "ssl_locl.h" -/* send s->init_buf in records of type 'type' */ +/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */ int ssl3_do_write(SSL *s, int type) { int ret; @@ -132,7 +133,11 @@ int ssl3_do_write(SSL *s, int type) ssl3_finish_mac(s,(unsigned char *)&s->init_buf->data[s->init_off],ret); if (ret == s->init_num) + { + if (s->msg_callback) + s->msg_callback(1, s->version, type, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg); return(1); + } s->init_off+=ret; s->init_num-=ret; return(0); @@ -158,7 +163,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) p+=i; l=i; -#ifdef WIN16 +#ifdef OPENSSL_SYS_WIN16 /* MSVC 1.5 does not clear the top bytes of the word unless * I do this. */ @@ -205,7 +210,7 @@ int ssl3_get_finished(SSL *s, int a, int b) } s->s3->change_cipher_spec=0; - p = (unsigned char *)s->init_buf->data; + p = (unsigned char *)s->init_msg; i = s->s3->tmp.peer_finish_md_len; if (i != n) @@ -265,19 +270,23 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) /* TLSv1 sends a chain with nothing in it, instead of an alert */ buf=s->init_buf; - if (!BUF_MEM_grow(buf,(int)(10))) + if (!BUF_MEM_grow_clean(buf,10)) { SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); return(0); } if (x != NULL) { - X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL); + if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL)) + { + SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB); + return(0); + } for (;;) { n=i2d_X509(x,NULL); - if (!BUF_MEM_grow(buf,(int)(n+l+3))) + if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) { SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); return(0); @@ -307,7 +316,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) { x=sk_X509_value(s->ctx->extra_certs,i); n=i2d_X509(x,NULL); - if (!BUF_MEM_grow(buf,(int)(n+l+3))) + if (!BUF_MEM_grow_clean(buf,(int)(n+l+3))) { SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); return(0); @@ -351,7 +360,9 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) goto f_err; } *ok=1; - return((int)s->s3->tmp.message_size); + s->init_msg = s->init_buf->data + 4; + s->init_num = (int)s->s3->tmp.message_size; + return s->init_num; } p=(unsigned char *)s->init_buf->data; @@ -386,8 +397,10 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) { s->init_num = 0; skip_message = 1; + + if (s->msg_callback) + s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, 4, s, s->msg_callback_arg); } - } while (skip_message); @@ -411,8 +424,6 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) ssl3_init_finished_mac(s); } - ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, 4); - s->s3->tmp.message_type= *(p++); n2l3(p,l); @@ -422,7 +433,13 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE); goto f_err; } - if (l && !BUF_MEM_grow(s->init_buf,(int)l)) + if (l > (INT_MAX-4)) /* BUF_MEM_grow takes an 'int' parameter */ + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE); + goto f_err; + } + if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l+4)) { SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB); goto err; @@ -430,13 +447,13 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) s->s3->tmp.message_size=l; s->state=stn; - s->init_num=0; + s->init_msg = s->init_buf->data + 4; + s->init_num = 0; } /* next state (stn) */ - p=(unsigned char *)s->init_buf->data; - n=s->s3->tmp.message_size; - n -= s->init_num; + p = s->init_msg; + n = s->s3->tmp.message_size - s->init_num; while (n > 0) { i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0); @@ -449,7 +466,9 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) s->init_num += i; n -= i; } - ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num); + ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4); + if (s->msg_callback) + s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg); *ok=1; return s->init_num; f_err: @@ -517,6 +536,7 @@ int ssl_verify_alarm_type(long type) { case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: case X509_V_ERR_UNABLE_TO_GET_CRL: + case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: al=SSL_AD_UNKNOWN_CA; break; case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: @@ -584,7 +604,7 @@ int ssl3_setup_buffers(SSL *s) if ((p=OPENSSL_malloc(len)) == NULL) goto err; s->s3->rbuf.buf = p; - s->s3->rbuf_len = len; + s->s3->rbuf.len = len; } if (s->s3->wbuf.buf == NULL) @@ -594,7 +614,7 @@ int ssl3_setup_buffers(SSL *s) if ((p=OPENSSL_malloc(len)) == NULL) goto err; s->s3->wbuf.buf = p; - s->s3->wbuf_len = len; + s->s3->wbuf.len = len; } s->packet= &(s->s3->rbuf.buf[0]); return(1); |