Loading CHANGES +3 −2 Original line number Original line Diff line number Diff line Loading @@ -88,8 +88,9 @@ *) Disable ssl2_peek and ssl3_peek (i.e., both implementations *) Disable ssl2_peek and ssl3_peek (i.e., both implementations of SSL_peek) because they both are completely broken. of SSL_peek) because they both are completely broken. They will be fixed RSN by adding an additional 'peek' parameter For fixing this, the internal read functions now have an additional to the internal read functions. 'peek' parameter, but the actual peek functionality has not yet been implemented. [Bodo Moeller] [Bodo Moeller] *) New function BN_kronecker. *) New function BN_kronecker. Loading ssl/s2_pkt.c +75 −22 Original line number Original line Diff line number Diff line Loading @@ -55,6 +55,59 @@ * copied and put under another distribution licence * copied and put under another distribution licence * [including the GNU Public Licence.] * [including the GNU Public Licence.] */ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ #include "ssl_locl.h" #include "ssl_locl.h" #ifndef NO_SSL2 #ifndef NO_SSL2 Loading @@ -66,28 +119,12 @@ static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); static int ssl_mt_error(int n); static int ssl_mt_error(int n); int ssl2_peek(SSL *s, char *buf, int len) { #if 1 SSLerr(SSL_F_SSL2_PEEK, SSL_R_FIXME); /* function is totally broken */ return -1; #else int ret; ret=ssl2_read(s,buf,len); if (ret > 0) { s->s2->ract_data_length+=ret; s->s2->ract_data-=ret; } return(ret); #endif } /* SSL_read - /* SSL 2.0 imlementation for SSL_read/SSL_peek - * This routine will return 0 to len bytes, decrypted etc if required. * This routine will return 0 to len bytes, decrypted etc if required. */ */ int ssl2_read(SSL *s, void *buf, int len) static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) { { int n; int n; unsigned char mac[MAX_MAC_SIZE]; unsigned char mac[MAX_MAC_SIZE]; Loading @@ -95,6 +132,12 @@ int ssl2_read(SSL *s, void *buf, int len) int i; int i; unsigned int mac_size=0; unsigned int mac_size=0; if (peek) { SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_FIXME); /* proper implementation not yet completed */ return -1; } ssl2_read_again: ssl2_read_again: if (SSL_in_init(s) && !s->in_handshake) if (SSL_in_init(s) && !s->in_handshake) { { Loading @@ -102,7 +145,7 @@ ssl2_read_again: if (n < 0) return(n); if (n < 0) return(n); if (n == 0) if (n == 0) { { SSLerr(SSL_F_SSL2_READ,SSL_R_SSL_HANDSHAKE_FAILURE); SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAILURE); return(-1); return(-1); } } } } Loading Loading @@ -138,7 +181,7 @@ ssl2_read_again: (p[2] == SSL2_MT_CLIENT_HELLO) || (p[2] == SSL2_MT_CLIENT_HELLO) || (p[2] == SSL2_MT_SERVER_HELLO)))) (p[2] == SSL2_MT_SERVER_HELLO)))) { { SSLerr(SSL_F_SSL2_READ,SSL_R_NON_SSLV2_INITIAL_PACKET); SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_NON_SSLV2_INITIAL_PACKET); return(-1); return(-1); } } } } Loading Loading @@ -216,7 +259,7 @@ ssl2_read_again: (unsigned int)mac_size) != 0) || (unsigned int)mac_size) != 0) || (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) { { SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_MAC_DECODE); SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE); return(-1); return(-1); } } } } Loading Loading @@ -253,11 +296,21 @@ ssl2_read_again: } } else else { { SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_STATE); SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_STATE); return(-1); return(-1); } } } } int ssl2_read(SSL *s, void *buf, int len) { return ssl2_read_internal(s, buf, len, 0); } int ssl2_peek(SSL *s, char *buf, int len) { return ssl2_read_internal(s, buf, len, 1); } static int read_n(SSL *s, unsigned int n, unsigned int max, static int read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend) unsigned int extend) { { Loading ssl/s3_both.c +2 −2 Original line number Original line Diff line number Diff line Loading @@ -365,7 +365,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) while (s->init_num < 4) while (s->init_num < 4) { { i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num], i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num], 4 - s->init_num); 4 - s->init_num, 0); if (i <= 0) if (i <= 0) { { s->rwstate=SSL_READING; s->rwstate=SSL_READING; Loading Loading @@ -434,7 +434,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) n=s->s3->tmp.message_size; n=s->s3->tmp.message_size; while (n > 0) while (n > 0) { { i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n); i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0); if (i <= 0) if (i <= 0) { { s->rwstate=SSL_READING; s->rwstate=SSL_READING; Loading ssl/s3_lib.c +63 −27 Original line number Original line Diff line number Diff line Loading @@ -55,6 +55,59 @@ * copied and put under another distribution licence * copied and put under another distribution licence * [including the GNU Public Licence.] * [including the GNU Public Licence.] */ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ #include <stdio.h> #include <stdio.h> #include <openssl/md5.h> #include <openssl/md5.h> Loading Loading @@ -1282,7 +1335,7 @@ int ssl3_shutdown(SSL *s) else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { { /* If we are waiting for a close from our peer, we are closed */ /* If we are waiting for a close from our peer, we are closed */ ssl3_read_bytes(s,0,NULL,0); ssl3_read_bytes(s,0,NULL,0,0); } } if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && Loading Loading @@ -1345,14 +1398,14 @@ int ssl3_write(SSL *s, const void *buf, int len) return(ret); return(ret); } } int ssl3_read(SSL *s, void *buf, int len) static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) { { int ret; int ret; clear_sys_error(); clear_sys_error(); if (s->s3->renegotiate) ssl3_renegotiate_check(s); if (s->s3->renegotiate) ssl3_renegotiate_check(s); s->s3->in_read_app_data=1; s->s3->in_read_app_data=1; ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len); ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); if ((ret == -1) && (s->s3->in_read_app_data == 0)) if ((ret == -1) && (s->s3->in_read_app_data == 0)) { { /* ssl3_read_bytes decided to call s->handshake_func, which /* ssl3_read_bytes decided to call s->handshake_func, which Loading @@ -1362,7 +1415,7 @@ int ssl3_read(SSL *s, void *buf, int len) * by resetting 'in_read_app_data', strangely); so disable * by resetting 'in_read_app_data', strangely); so disable * handshake processing and try to read application data again. */ * handshake processing and try to read application data again. */ s->in_handshake++; s->in_handshake++; ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len); ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); s->in_handshake--; s->in_handshake--; } } else else Loading @@ -1371,31 +1424,14 @@ int ssl3_read(SSL *s, void *buf, int len) return(ret); return(ret); } } int ssl3_peek(SSL *s, char *buf, int len) int ssl3_read(SSL *s, void *buf, int len) { #if 1 SSLerr(SSL_F_SSL3_PEEK, SSL_R_FIXME); /* function is totally broken */ return -1; #else SSL3_RECORD *rr; int n; rr= &(s->s3->rrec); if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA)) { { n=ssl3_read(s,buf,1); return ssl3_read_internal(s, buf, len, 0); if (n <= 0) return(n); rr->length++; rr->off--; } } if ((unsigned int)len > rr->length) int ssl3_peek(SSL *s, char *buf, int len) n=rr->length; { else return ssl3_read_internal(s, buf, len, 0); n=len; memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); return(n); #endif } } int ssl3_renegotiate(SSL *s) int ssl3_renegotiate(SSL *s) Loading ssl/s3_pkt.c +7 −1 Original line number Original line Diff line number Diff line Loading @@ -704,13 +704,19 @@ static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, * Application data protocol * Application data protocol * none of our business * none of our business */ */ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len) int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) { { int al,i,j,ret; int al,i,j,ret; unsigned int n; unsigned int n; SSL3_RECORD *rr; SSL3_RECORD *rr; void (*cb)()=NULL; void (*cb)()=NULL; if (peek) { SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_FIXME); /* proper implementation not yet completed */ return -1; } if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ if (!ssl3_setup_buffers(s)) if (!ssl3_setup_buffers(s)) return(-1); return(-1); Loading Loading
CHANGES +3 −2 Original line number Original line Diff line number Diff line Loading @@ -88,8 +88,9 @@ *) Disable ssl2_peek and ssl3_peek (i.e., both implementations *) Disable ssl2_peek and ssl3_peek (i.e., both implementations of SSL_peek) because they both are completely broken. of SSL_peek) because they both are completely broken. They will be fixed RSN by adding an additional 'peek' parameter For fixing this, the internal read functions now have an additional to the internal read functions. 'peek' parameter, but the actual peek functionality has not yet been implemented. [Bodo Moeller] [Bodo Moeller] *) New function BN_kronecker. *) New function BN_kronecker. Loading
ssl/s2_pkt.c +75 −22 Original line number Original line Diff line number Diff line Loading @@ -55,6 +55,59 @@ * copied and put under another distribution licence * copied and put under another distribution licence * [including the GNU Public Licence.] * [including the GNU Public Licence.] */ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ #include "ssl_locl.h" #include "ssl_locl.h" #ifndef NO_SSL2 #ifndef NO_SSL2 Loading @@ -66,28 +119,12 @@ static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); static int ssl_mt_error(int n); static int ssl_mt_error(int n); int ssl2_peek(SSL *s, char *buf, int len) { #if 1 SSLerr(SSL_F_SSL2_PEEK, SSL_R_FIXME); /* function is totally broken */ return -1; #else int ret; ret=ssl2_read(s,buf,len); if (ret > 0) { s->s2->ract_data_length+=ret; s->s2->ract_data-=ret; } return(ret); #endif } /* SSL_read - /* SSL 2.0 imlementation for SSL_read/SSL_peek - * This routine will return 0 to len bytes, decrypted etc if required. * This routine will return 0 to len bytes, decrypted etc if required. */ */ int ssl2_read(SSL *s, void *buf, int len) static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) { { int n; int n; unsigned char mac[MAX_MAC_SIZE]; unsigned char mac[MAX_MAC_SIZE]; Loading @@ -95,6 +132,12 @@ int ssl2_read(SSL *s, void *buf, int len) int i; int i; unsigned int mac_size=0; unsigned int mac_size=0; if (peek) { SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_FIXME); /* proper implementation not yet completed */ return -1; } ssl2_read_again: ssl2_read_again: if (SSL_in_init(s) && !s->in_handshake) if (SSL_in_init(s) && !s->in_handshake) { { Loading @@ -102,7 +145,7 @@ ssl2_read_again: if (n < 0) return(n); if (n < 0) return(n); if (n == 0) if (n == 0) { { SSLerr(SSL_F_SSL2_READ,SSL_R_SSL_HANDSHAKE_FAILURE); SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAILURE); return(-1); return(-1); } } } } Loading Loading @@ -138,7 +181,7 @@ ssl2_read_again: (p[2] == SSL2_MT_CLIENT_HELLO) || (p[2] == SSL2_MT_CLIENT_HELLO) || (p[2] == SSL2_MT_SERVER_HELLO)))) (p[2] == SSL2_MT_SERVER_HELLO)))) { { SSLerr(SSL_F_SSL2_READ,SSL_R_NON_SSLV2_INITIAL_PACKET); SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_NON_SSLV2_INITIAL_PACKET); return(-1); return(-1); } } } } Loading Loading @@ -216,7 +259,7 @@ ssl2_read_again: (unsigned int)mac_size) != 0) || (unsigned int)mac_size) != 0) || (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) { { SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_MAC_DECODE); SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE); return(-1); return(-1); } } } } Loading Loading @@ -253,11 +296,21 @@ ssl2_read_again: } } else else { { SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_STATE); SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_STATE); return(-1); return(-1); } } } } int ssl2_read(SSL *s, void *buf, int len) { return ssl2_read_internal(s, buf, len, 0); } int ssl2_peek(SSL *s, char *buf, int len) { return ssl2_read_internal(s, buf, len, 1); } static int read_n(SSL *s, unsigned int n, unsigned int max, static int read_n(SSL *s, unsigned int n, unsigned int max, unsigned int extend) unsigned int extend) { { Loading
ssl/s3_both.c +2 −2 Original line number Original line Diff line number Diff line Loading @@ -365,7 +365,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) while (s->init_num < 4) while (s->init_num < 4) { { i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num], i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num], 4 - s->init_num); 4 - s->init_num, 0); if (i <= 0) if (i <= 0) { { s->rwstate=SSL_READING; s->rwstate=SSL_READING; Loading Loading @@ -434,7 +434,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) n=s->s3->tmp.message_size; n=s->s3->tmp.message_size; while (n > 0) while (n > 0) { { i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n); i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0); if (i <= 0) if (i <= 0) { { s->rwstate=SSL_READING; s->rwstate=SSL_READING; Loading
ssl/s3_lib.c +63 −27 Original line number Original line Diff line number Diff line Loading @@ -55,6 +55,59 @@ * copied and put under another distribution licence * copied and put under another distribution licence * [including the GNU Public Licence.] * [including the GNU Public Licence.] */ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ #include <stdio.h> #include <stdio.h> #include <openssl/md5.h> #include <openssl/md5.h> Loading Loading @@ -1282,7 +1335,7 @@ int ssl3_shutdown(SSL *s) else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { { /* If we are waiting for a close from our peer, we are closed */ /* If we are waiting for a close from our peer, we are closed */ ssl3_read_bytes(s,0,NULL,0); ssl3_read_bytes(s,0,NULL,0,0); } } if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && Loading Loading @@ -1345,14 +1398,14 @@ int ssl3_write(SSL *s, const void *buf, int len) return(ret); return(ret); } } int ssl3_read(SSL *s, void *buf, int len) static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) { { int ret; int ret; clear_sys_error(); clear_sys_error(); if (s->s3->renegotiate) ssl3_renegotiate_check(s); if (s->s3->renegotiate) ssl3_renegotiate_check(s); s->s3->in_read_app_data=1; s->s3->in_read_app_data=1; ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len); ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); if ((ret == -1) && (s->s3->in_read_app_data == 0)) if ((ret == -1) && (s->s3->in_read_app_data == 0)) { { /* ssl3_read_bytes decided to call s->handshake_func, which /* ssl3_read_bytes decided to call s->handshake_func, which Loading @@ -1362,7 +1415,7 @@ int ssl3_read(SSL *s, void *buf, int len) * by resetting 'in_read_app_data', strangely); so disable * by resetting 'in_read_app_data', strangely); so disable * handshake processing and try to read application data again. */ * handshake processing and try to read application data again. */ s->in_handshake++; s->in_handshake++; ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len); ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); s->in_handshake--; s->in_handshake--; } } else else Loading @@ -1371,31 +1424,14 @@ int ssl3_read(SSL *s, void *buf, int len) return(ret); return(ret); } } int ssl3_peek(SSL *s, char *buf, int len) int ssl3_read(SSL *s, void *buf, int len) { #if 1 SSLerr(SSL_F_SSL3_PEEK, SSL_R_FIXME); /* function is totally broken */ return -1; #else SSL3_RECORD *rr; int n; rr= &(s->s3->rrec); if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA)) { { n=ssl3_read(s,buf,1); return ssl3_read_internal(s, buf, len, 0); if (n <= 0) return(n); rr->length++; rr->off--; } } if ((unsigned int)len > rr->length) int ssl3_peek(SSL *s, char *buf, int len) n=rr->length; { else return ssl3_read_internal(s, buf, len, 0); n=len; memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); return(n); #endif } } int ssl3_renegotiate(SSL *s) int ssl3_renegotiate(SSL *s) Loading
ssl/s3_pkt.c +7 −1 Original line number Original line Diff line number Diff line Loading @@ -704,13 +704,19 @@ static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, * Application data protocol * Application data protocol * none of our business * none of our business */ */ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len) int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) { { int al,i,j,ret; int al,i,j,ret; unsigned int n; unsigned int n; SSL3_RECORD *rr; SSL3_RECORD *rr; void (*cb)()=NULL; void (*cb)()=NULL; if (peek) { SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_FIXME); /* proper implementation not yet completed */ return -1; } if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ if (!ssl3_setup_buffers(s)) if (!ssl3_setup_buffers(s)) return(-1); return(-1); Loading
