mirror of
https://github.com/openbsd/src.git
synced 2025-01-10 06:47:55 -08:00
Since we no longer need to support SSLv2-style cipher lists, start
unravelling the maze of function pointers and callbacks by directly
calling ssl3_{get,put}_cipher_by_char() and removing the
ssl_{get,put}_cipher_by_char macros.
Prompted by similar changes in boringssl.
ok guenther.
This commit is contained in:
jsing
parent
02212bea07
commit
3e6620b050
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: d1_clnt.c,v 1.33 2014/08/07 20:02:23 miod Exp $ */
|
/* $OpenBSD: d1_clnt.c,v 1.34 2014/08/10 14:42:55 jsing Exp $ */
|
||||||
/*
|
/*
|
||||||
* DTLS implementation written by Nagendra Modadugu
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
@ -145,8 +145,6 @@ const SSL_METHOD DTLSv1_client_method_data = {
|
|||||||
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
||||||
.ssl_ctrl = dtls1_ctrl,
|
.ssl_ctrl = dtls1_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = dtls1_get_cipher,
|
.get_cipher = dtls1_get_cipher,
|
||||||
@ -820,7 +818,7 @@ dtls1_client_hello(SSL *s)
|
|||||||
p += s->d1->cookie_len;
|
p += s->d1->cookie_len;
|
||||||
|
|
||||||
/* Ciphers supported */
|
/* Ciphers supported */
|
||||||
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
|
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
|
||||||
if (i == 0) {
|
if (i == 0) {
|
||||||
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
|
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
|
||||||
SSL_R_NO_CIPHERS_AVAILABLE);
|
SSL_R_NO_CIPHERS_AVAILABLE);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: d1_meth.c,v 1.5 2014/06/12 15:49:31 deraadt Exp $ */
|
/* $OpenBSD: d1_meth.c,v 1.6 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/*
|
/*
|
||||||
* DTLS implementation written by Nagendra Modadugu
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
@ -82,8 +82,6 @@ const SSL_METHOD DTLSv1_method_data = {
|
|||||||
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
||||||
.ssl_ctrl = dtls1_ctrl,
|
.ssl_ctrl = dtls1_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = dtls1_get_cipher,
|
.get_cipher = dtls1_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: d1_srvr.c,v 1.35 2014/08/06 20:11:09 miod Exp $ */
|
/* $OpenBSD: d1_srvr.c,v 1.36 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/*
|
/*
|
||||||
* DTLS implementation written by Nagendra Modadugu
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
@ -146,8 +146,6 @@ const SSL_METHOD DTLSv1_server_method_data = {
|
|||||||
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
||||||
.ssl_ctrl = dtls1_ctrl,
|
.ssl_ctrl = dtls1_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = dtls1_get_cipher,
|
.get_cipher = dtls1_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s23_clnt.c,v 1.31 2014/07/11 08:17:36 miod Exp $ */
|
/* $OpenBSD: s23_clnt.c,v 1.32 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -139,8 +139,6 @@ const SSL_METHOD SSLv23_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl23_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl_undefined_const_function,
|
.ssl_pending = ssl_undefined_const_function,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -360,8 +358,7 @@ ssl23_client_hello(SSL *s)
|
|||||||
*(p++) = 0;
|
*(p++) = 0;
|
||||||
|
|
||||||
/* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
|
/* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
|
||||||
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]),
|
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
|
||||||
ssl3_put_cipher_by_char);
|
|
||||||
if (i == 0) {
|
if (i == 0) {
|
||||||
SSLerr(SSL_F_SSL23_CLIENT_HELLO,
|
SSLerr(SSL_F_SSL23_CLIENT_HELLO,
|
||||||
SSL_R_NO_CIPHERS_AVAILABLE);
|
SSL_R_NO_CIPHERS_AVAILABLE);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s23_lib.c,v 1.16 2014/07/11 08:17:36 miod Exp $ */
|
/* $OpenBSD: s23_lib.c,v 1.17 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -66,21 +66,6 @@ ssl23_default_timeout(void)
|
|||||||
return (300);
|
return (300);
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
|
||||||
ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
|
|
||||||
{
|
|
||||||
long l;
|
|
||||||
|
|
||||||
/* We can write SSLv2 and SSLv3 ciphers */
|
|
||||||
if (p != NULL) {
|
|
||||||
l = c->id;
|
|
||||||
p[0] = ((unsigned char)(l >> 16L))&0xFF;
|
|
||||||
p[1] = ((unsigned char)(l >> 8L))&0xFF;
|
|
||||||
p[2] = ((unsigned char)(l ))&0xFF;
|
|
||||||
}
|
|
||||||
return (3);
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
int
|
||||||
ssl23_read(SSL *s, void *buf, int len)
|
ssl23_read(SSL *s, void *buf, int len)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s23_srvr.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */
|
/* $OpenBSD: s23_srvr.c,v 1.34 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -138,8 +138,6 @@ const SSL_METHOD SSLv23_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl23_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl_undefined_const_function,
|
.ssl_pending = ssl_undefined_const_function,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s3_clnt.c,v 1.85 2014/08/07 01:24:10 deraadt Exp $ */
|
/* $OpenBSD: s3_clnt.c,v 1.86 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -183,8 +183,6 @@ const SSL_METHOD SSLv3_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -719,7 +717,7 @@ ssl3_client_hello(SSL *s)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Ciphers supported */
|
/* Ciphers supported */
|
||||||
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
|
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
|
||||||
if (i == 0) {
|
if (i == 0) {
|
||||||
SSLerr(SSL_F_SSL3_CLIENT_HELLO,
|
SSLerr(SSL_F_SSL3_CLIENT_HELLO,
|
||||||
SSL_R_NO_CIPHERS_AVAILABLE);
|
SSL_R_NO_CIPHERS_AVAILABLE);
|
||||||
@ -856,7 +854,7 @@ ssl3_get_server_hello(SSL *s)
|
|||||||
&s->session->master_key_length, NULL, &pref_cipher,
|
&s->session->master_key_length, NULL, &pref_cipher,
|
||||||
s->tls_session_secret_cb_arg)) {
|
s->tls_session_secret_cb_arg)) {
|
||||||
s->session->cipher = pref_cipher ?
|
s->session->cipher = pref_cipher ?
|
||||||
pref_cipher : ssl_get_cipher_by_char(s, p + j);
|
pref_cipher : ssl3_get_cipher_by_char(p + j);
|
||||||
s->s3->flags |= SSL3_FLAGS_CCS_OK;
|
s->s3->flags |= SSL3_FLAGS_CCS_OK;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -890,7 +888,7 @@ ssl3_get_server_hello(SSL *s)
|
|||||||
memcpy(s->session->session_id,p,j); /* j could be 0 */
|
memcpy(s->session->session_id,p,j); /* j could be 0 */
|
||||||
}
|
}
|
||||||
p += j;
|
p += j;
|
||||||
c = ssl_get_cipher_by_char(s, p);
|
c = ssl3_get_cipher_by_char(p);
|
||||||
if (c == NULL) {
|
if (c == NULL) {
|
||||||
/* unknown cipher */
|
/* unknown cipher */
|
||||||
al = SSL_AD_ILLEGAL_PARAMETER;
|
al = SSL_AD_ILLEGAL_PARAMETER;
|
||||||
@ -906,7 +904,7 @@ ssl3_get_server_hello(SSL *s)
|
|||||||
SSL_R_WRONG_CIPHER_RETURNED);
|
SSL_R_WRONG_CIPHER_RETURNED);
|
||||||
goto f_err;
|
goto f_err;
|
||||||
}
|
}
|
||||||
p += ssl_put_cipher_by_char(s, NULL, NULL);
|
p += ssl3_put_cipher_by_char(NULL, NULL);
|
||||||
|
|
||||||
sk = ssl_get_ciphers_by_id(s);
|
sk = ssl_get_ciphers_by_id(s);
|
||||||
i = sk_SSL_CIPHER_find(sk, c);
|
i = sk_SSL_CIPHER_find(sk, c);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s3_srvr.c,v 1.79 2014/07/28 04:23:12 guenther Exp $ */
|
/* $OpenBSD: s3_srvr.c,v 1.80 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -184,8 +184,6 @@ const SSL_METHOD SSLv3_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: d1_clnt.c,v 1.33 2014/08/07 20:02:23 miod Exp $ */
|
/* $OpenBSD: d1_clnt.c,v 1.34 2014/08/10 14:42:55 jsing Exp $ */
|
||||||
/*
|
/*
|
||||||
* DTLS implementation written by Nagendra Modadugu
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
@ -145,8 +145,6 @@ const SSL_METHOD DTLSv1_client_method_data = {
|
|||||||
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
||||||
.ssl_ctrl = dtls1_ctrl,
|
.ssl_ctrl = dtls1_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = dtls1_get_cipher,
|
.get_cipher = dtls1_get_cipher,
|
||||||
@ -820,7 +818,7 @@ dtls1_client_hello(SSL *s)
|
|||||||
p += s->d1->cookie_len;
|
p += s->d1->cookie_len;
|
||||||
|
|
||||||
/* Ciphers supported */
|
/* Ciphers supported */
|
||||||
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
|
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
|
||||||
if (i == 0) {
|
if (i == 0) {
|
||||||
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
|
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
|
||||||
SSL_R_NO_CIPHERS_AVAILABLE);
|
SSL_R_NO_CIPHERS_AVAILABLE);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: d1_meth.c,v 1.5 2014/06/12 15:49:31 deraadt Exp $ */
|
/* $OpenBSD: d1_meth.c,v 1.6 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/*
|
/*
|
||||||
* DTLS implementation written by Nagendra Modadugu
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
@ -82,8 +82,6 @@ const SSL_METHOD DTLSv1_method_data = {
|
|||||||
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
||||||
.ssl_ctrl = dtls1_ctrl,
|
.ssl_ctrl = dtls1_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = dtls1_get_cipher,
|
.get_cipher = dtls1_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: d1_srvr.c,v 1.35 2014/08/06 20:11:09 miod Exp $ */
|
/* $OpenBSD: d1_srvr.c,v 1.36 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/*
|
/*
|
||||||
* DTLS implementation written by Nagendra Modadugu
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
@ -146,8 +146,6 @@ const SSL_METHOD DTLSv1_server_method_data = {
|
|||||||
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
.ssl_dispatch_alert = dtls1_dispatch_alert,
|
||||||
.ssl_ctrl = dtls1_ctrl,
|
.ssl_ctrl = dtls1_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = dtls1_get_cipher,
|
.get_cipher = dtls1_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s23_clnt.c,v 1.31 2014/07/11 08:17:36 miod Exp $ */
|
/* $OpenBSD: s23_clnt.c,v 1.32 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -139,8 +139,6 @@ const SSL_METHOD SSLv23_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl23_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl_undefined_const_function,
|
.ssl_pending = ssl_undefined_const_function,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -360,8 +358,7 @@ ssl23_client_hello(SSL *s)
|
|||||||
*(p++) = 0;
|
*(p++) = 0;
|
||||||
|
|
||||||
/* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
|
/* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
|
||||||
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]),
|
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
|
||||||
ssl3_put_cipher_by_char);
|
|
||||||
if (i == 0) {
|
if (i == 0) {
|
||||||
SSLerr(SSL_F_SSL23_CLIENT_HELLO,
|
SSLerr(SSL_F_SSL23_CLIENT_HELLO,
|
||||||
SSL_R_NO_CIPHERS_AVAILABLE);
|
SSL_R_NO_CIPHERS_AVAILABLE);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s23_lib.c,v 1.16 2014/07/11 08:17:36 miod Exp $ */
|
/* $OpenBSD: s23_lib.c,v 1.17 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -66,21 +66,6 @@ ssl23_default_timeout(void)
|
|||||||
return (300);
|
return (300);
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
|
||||||
ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
|
|
||||||
{
|
|
||||||
long l;
|
|
||||||
|
|
||||||
/* We can write SSLv2 and SSLv3 ciphers */
|
|
||||||
if (p != NULL) {
|
|
||||||
l = c->id;
|
|
||||||
p[0] = ((unsigned char)(l >> 16L))&0xFF;
|
|
||||||
p[1] = ((unsigned char)(l >> 8L))&0xFF;
|
|
||||||
p[2] = ((unsigned char)(l ))&0xFF;
|
|
||||||
}
|
|
||||||
return (3);
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
int
|
||||||
ssl23_read(SSL *s, void *buf, int len)
|
ssl23_read(SSL *s, void *buf, int len)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s23_meth.c,v 1.14 2014/07/11 08:17:36 miod Exp $ */
|
/* $OpenBSD: s23_meth.c,v 1.15 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -81,8 +81,6 @@ const SSL_METHOD SSLv23_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl23_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl_undefined_const_function,
|
.ssl_pending = ssl_undefined_const_function,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s23_srvr.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */
|
/* $OpenBSD: s23_srvr.c,v 1.34 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -138,8 +138,6 @@ const SSL_METHOD SSLv23_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl23_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl_undefined_const_function,
|
.ssl_pending = ssl_undefined_const_function,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s3_clnt.c,v 1.85 2014/08/07 01:24:10 deraadt Exp $ */
|
/* $OpenBSD: s3_clnt.c,v 1.86 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -183,8 +183,6 @@ const SSL_METHOD SSLv3_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -719,7 +717,7 @@ ssl3_client_hello(SSL *s)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Ciphers supported */
|
/* Ciphers supported */
|
||||||
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
|
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
|
||||||
if (i == 0) {
|
if (i == 0) {
|
||||||
SSLerr(SSL_F_SSL3_CLIENT_HELLO,
|
SSLerr(SSL_F_SSL3_CLIENT_HELLO,
|
||||||
SSL_R_NO_CIPHERS_AVAILABLE);
|
SSL_R_NO_CIPHERS_AVAILABLE);
|
||||||
@ -856,7 +854,7 @@ ssl3_get_server_hello(SSL *s)
|
|||||||
&s->session->master_key_length, NULL, &pref_cipher,
|
&s->session->master_key_length, NULL, &pref_cipher,
|
||||||
s->tls_session_secret_cb_arg)) {
|
s->tls_session_secret_cb_arg)) {
|
||||||
s->session->cipher = pref_cipher ?
|
s->session->cipher = pref_cipher ?
|
||||||
pref_cipher : ssl_get_cipher_by_char(s, p + j);
|
pref_cipher : ssl3_get_cipher_by_char(p + j);
|
||||||
s->s3->flags |= SSL3_FLAGS_CCS_OK;
|
s->s3->flags |= SSL3_FLAGS_CCS_OK;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -890,7 +888,7 @@ ssl3_get_server_hello(SSL *s)
|
|||||||
memcpy(s->session->session_id,p,j); /* j could be 0 */
|
memcpy(s->session->session_id,p,j); /* j could be 0 */
|
||||||
}
|
}
|
||||||
p += j;
|
p += j;
|
||||||
c = ssl_get_cipher_by_char(s, p);
|
c = ssl3_get_cipher_by_char(p);
|
||||||
if (c == NULL) {
|
if (c == NULL) {
|
||||||
/* unknown cipher */
|
/* unknown cipher */
|
||||||
al = SSL_AD_ILLEGAL_PARAMETER;
|
al = SSL_AD_ILLEGAL_PARAMETER;
|
||||||
@ -906,7 +904,7 @@ ssl3_get_server_hello(SSL *s)
|
|||||||
SSL_R_WRONG_CIPHER_RETURNED);
|
SSL_R_WRONG_CIPHER_RETURNED);
|
||||||
goto f_err;
|
goto f_err;
|
||||||
}
|
}
|
||||||
p += ssl_put_cipher_by_char(s, NULL, NULL);
|
p += ssl3_put_cipher_by_char(NULL, NULL);
|
||||||
|
|
||||||
sk = ssl_get_ciphers_by_id(s);
|
sk = ssl_get_ciphers_by_id(s);
|
||||||
i = sk_SSL_CIPHER_find(sk, c);
|
i = sk_SSL_CIPHER_find(sk, c);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s3_meth.c,v 1.9 2014/06/12 15:49:31 deraadt Exp $ */
|
/* $OpenBSD: s3_meth.c,v 1.10 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -81,8 +81,6 @@ const SSL_METHOD SSLv3_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: s3_srvr.c,v 1.79 2014/07/28 04:23:12 guenther Exp $ */
|
/* $OpenBSD: s3_srvr.c,v 1.80 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -184,8 +184,6 @@ const SSL_METHOD SSLv3_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: ssl.h,v 1.62 2014/07/12 19:45:53 jsing Exp $ */
|
/* $OpenBSD: ssl.h,v 1.63 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -410,6 +410,7 @@ struct ssl_method_st {
|
|||||||
int (*ssl_dispatch_alert)(SSL *s);
|
int (*ssl_dispatch_alert)(SSL *s);
|
||||||
long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg);
|
long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg);
|
||||||
long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
|
long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
|
||||||
|
/* XXX - remove get_cipher_by_char and put_cipher_by_char. */
|
||||||
const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
|
const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
|
||||||
int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr);
|
int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr);
|
||||||
int (*ssl_pending)(const SSL *s);
|
int (*ssl_pending)(const SSL *s);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: ssl_lib.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */
|
/* $OpenBSD: ssl_lib.c,v 1.79 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -1367,10 +1367,9 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
|
ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
|
||||||
int (*put_cb)(const SSL_CIPHER *, unsigned char *))
|
|
||||||
{
|
{
|
||||||
int i, j = 0;
|
int i;
|
||||||
SSL_CIPHER *c;
|
SSL_CIPHER *c;
|
||||||
unsigned char *q;
|
unsigned char *q;
|
||||||
|
|
||||||
@ -1380,13 +1379,14 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
|
|||||||
|
|
||||||
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
|
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
|
||||||
c = sk_SSL_CIPHER_value(sk, i);
|
c = sk_SSL_CIPHER_value(sk, i);
|
||||||
|
|
||||||
/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
|
/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
|
||||||
if ((c->algorithm_ssl & SSL_TLSV1_2) &&
|
if ((c->algorithm_ssl & SSL_TLSV1_2) &&
|
||||||
(TLS1_get_client_version(s) < TLS1_2_VERSION))
|
(TLS1_get_client_version(s) < TLS1_2_VERSION))
|
||||||
continue;
|
continue;
|
||||||
j = put_cb ? put_cb(c, p) : ssl_put_cipher_by_char(s, c, p);
|
p += ssl3_put_cipher_by_char(c, p);
|
||||||
p += j;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If p == q, no ciphers and caller indicates an error. Otherwise
|
* If p == q, no ciphers and caller indicates an error. Otherwise
|
||||||
* add SCSV if not renegotiating.
|
* add SCSV if not renegotiating.
|
||||||
@ -1395,9 +1395,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
|
|||||||
static SSL_CIPHER scsv = {
|
static SSL_CIPHER scsv = {
|
||||||
0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||||
};
|
};
|
||||||
j = put_cb ? put_cb(&scsv, p) :
|
p += ssl3_put_cipher_by_char(&scsv, p);
|
||||||
ssl_put_cipher_by_char(s, &scsv, p);
|
|
||||||
p += j;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return (p - q);
|
return (p - q);
|
||||||
@ -1414,7 +1412,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
|
|||||||
if (s->s3)
|
if (s->s3)
|
||||||
s->s3->send_connection_binding = 0;
|
s->s3->send_connection_binding = 0;
|
||||||
|
|
||||||
n = ssl_put_cipher_by_char(s, NULL, NULL);
|
n = ssl3_put_cipher_by_char(NULL, NULL);
|
||||||
if ((num % n) != 0) {
|
if ((num % n) != 0) {
|
||||||
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
|
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
|
||||||
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
|
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
|
||||||
@ -1446,7 +1444,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
c = ssl_get_cipher_by_char(s, p);
|
c = ssl3_get_cipher_by_char(p);
|
||||||
p += n;
|
p += n;
|
||||||
if (c != NULL) {
|
if (c != NULL) {
|
||||||
if (!sk_SSL_CIPHER_push(sk, c)) {
|
if (!sk_SSL_CIPHER_push(sk, c)) {
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: ssl_locl.h,v 1.63 2014/07/28 04:23:12 guenther Exp $ */
|
/* $OpenBSD: ssl_locl.h,v 1.64 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -475,11 +475,6 @@ typedef struct sess_cert_st {
|
|||||||
/*#define SSL_DEBUG */
|
/*#define SSL_DEBUG */
|
||||||
/*#define RSA_DEBUG */
|
/*#define RSA_DEBUG */
|
||||||
|
|
||||||
#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
|
|
||||||
((ssl)->method->put_cipher_by_char((ciph),(ptr)))
|
|
||||||
#define ssl_get_cipher_by_char(ssl,ptr) \
|
|
||||||
((ssl)->method->get_cipher_by_char(ptr))
|
|
||||||
|
|
||||||
/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
|
/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
|
||||||
* It is a bit of a mess of functions, but hell, think of it as
|
* It is a bit of a mess of functions, but hell, think of it as
|
||||||
* an opaque structure :-) */
|
* an opaque structure :-) */
|
||||||
@ -576,7 +571,7 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
|
|||||||
STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
|
STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
|
||||||
int num, STACK_OF(SSL_CIPHER) **skp);
|
int num, STACK_OF(SSL_CIPHER) **skp);
|
||||||
int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
|
int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
|
||||||
unsigned char *p, int (*put_cb)(const SSL_CIPHER *, unsigned char *));
|
unsigned char *p);
|
||||||
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
|
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
|
||||||
STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted,
|
STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted,
|
||||||
const char *rule_str);
|
const char *rule_str);
|
||||||
@ -664,7 +659,6 @@ long ssl3_default_timeout(void);
|
|||||||
int ssl23_read(SSL *s, void *buf, int len);
|
int ssl23_read(SSL *s, void *buf, int len);
|
||||||
int ssl23_peek(SSL *s, void *buf, int len);
|
int ssl23_peek(SSL *s, void *buf, int len);
|
||||||
int ssl23_write(SSL *s, const void *buf, int len);
|
int ssl23_write(SSL *s, const void *buf, int len);
|
||||||
int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
|
|
||||||
long ssl23_default_timeout(void);
|
long ssl23_default_timeout(void);
|
||||||
|
|
||||||
long tls1_default_timeout(void);
|
long tls1_default_timeout(void);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: ssl_sess.c,v 1.38 2014/07/13 16:03:10 beck Exp $ */
|
/* $OpenBSD: ssl_sess.c,v 1.39 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -566,9 +566,9 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
|
|||||||
l2n(l, p);
|
l2n(l, p);
|
||||||
|
|
||||||
if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
|
if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
|
||||||
ret->cipher = ssl_get_cipher_by_char(s, &(buf[2]));
|
ret->cipher = ssl3_get_cipher_by_char(&buf[2]);
|
||||||
else
|
else
|
||||||
ret->cipher = ssl_get_cipher_by_char(s, &(buf[1]));
|
ret->cipher = ssl3_get_cipher_by_char(&buf[1]);
|
||||||
|
|
||||||
if (ret->cipher == NULL)
|
if (ret->cipher == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: t1_clnt.c,v 1.13 2014/06/12 15:49:31 deraadt Exp $ */
|
/* $OpenBSD: t1_clnt.c,v 1.14 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -84,8 +84,6 @@ const SSL_METHOD TLSv1_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -116,8 +114,6 @@ const SSL_METHOD TLSv1_1_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -148,8 +144,6 @@ const SSL_METHOD TLSv1_2_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: t1_meth.c,v 1.12 2014/06/12 15:49:31 deraadt Exp $ */
|
/* $OpenBSD: t1_meth.c,v 1.13 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -81,8 +81,6 @@ const SSL_METHOD TLSv1_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -113,8 +111,6 @@ const SSL_METHOD TLSv1_1_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -145,8 +141,6 @@ const SSL_METHOD TLSv1_2_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: t1_srvr.c,v 1.13 2014/06/12 15:49:31 deraadt Exp $ */
|
/* $OpenBSD: t1_srvr.c,v 1.14 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -85,8 +85,6 @@ const SSL_METHOD TLSv1_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -117,8 +115,6 @@ const SSL_METHOD TLSv1_1_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -149,8 +145,6 @@ const SSL_METHOD TLSv1_2_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: ssl.h,v 1.62 2014/07/12 19:45:53 jsing Exp $ */
|
/* $OpenBSD: ssl.h,v 1.63 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -410,6 +410,7 @@ struct ssl_method_st {
|
|||||||
int (*ssl_dispatch_alert)(SSL *s);
|
int (*ssl_dispatch_alert)(SSL *s);
|
||||||
long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg);
|
long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg);
|
||||||
long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
|
long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
|
||||||
|
/* XXX - remove get_cipher_by_char and put_cipher_by_char. */
|
||||||
const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
|
const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
|
||||||
int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr);
|
int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr);
|
||||||
int (*ssl_pending)(const SSL *s);
|
int (*ssl_pending)(const SSL *s);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: ssl_lib.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */
|
/* $OpenBSD: ssl_lib.c,v 1.79 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -1367,10 +1367,9 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
|
ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
|
||||||
int (*put_cb)(const SSL_CIPHER *, unsigned char *))
|
|
||||||
{
|
{
|
||||||
int i, j = 0;
|
int i;
|
||||||
SSL_CIPHER *c;
|
SSL_CIPHER *c;
|
||||||
unsigned char *q;
|
unsigned char *q;
|
||||||
|
|
||||||
@ -1380,13 +1379,14 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
|
|||||||
|
|
||||||
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
|
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
|
||||||
c = sk_SSL_CIPHER_value(sk, i);
|
c = sk_SSL_CIPHER_value(sk, i);
|
||||||
|
|
||||||
/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
|
/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
|
||||||
if ((c->algorithm_ssl & SSL_TLSV1_2) &&
|
if ((c->algorithm_ssl & SSL_TLSV1_2) &&
|
||||||
(TLS1_get_client_version(s) < TLS1_2_VERSION))
|
(TLS1_get_client_version(s) < TLS1_2_VERSION))
|
||||||
continue;
|
continue;
|
||||||
j = put_cb ? put_cb(c, p) : ssl_put_cipher_by_char(s, c, p);
|
p += ssl3_put_cipher_by_char(c, p);
|
||||||
p += j;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If p == q, no ciphers and caller indicates an error. Otherwise
|
* If p == q, no ciphers and caller indicates an error. Otherwise
|
||||||
* add SCSV if not renegotiating.
|
* add SCSV if not renegotiating.
|
||||||
@ -1395,9 +1395,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
|
|||||||
static SSL_CIPHER scsv = {
|
static SSL_CIPHER scsv = {
|
||||||
0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||||
};
|
};
|
||||||
j = put_cb ? put_cb(&scsv, p) :
|
p += ssl3_put_cipher_by_char(&scsv, p);
|
||||||
ssl_put_cipher_by_char(s, &scsv, p);
|
|
||||||
p += j;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return (p - q);
|
return (p - q);
|
||||||
@ -1414,7 +1412,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
|
|||||||
if (s->s3)
|
if (s->s3)
|
||||||
s->s3->send_connection_binding = 0;
|
s->s3->send_connection_binding = 0;
|
||||||
|
|
||||||
n = ssl_put_cipher_by_char(s, NULL, NULL);
|
n = ssl3_put_cipher_by_char(NULL, NULL);
|
||||||
if ((num % n) != 0) {
|
if ((num % n) != 0) {
|
||||||
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
|
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
|
||||||
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
|
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
|
||||||
@ -1446,7 +1444,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
c = ssl_get_cipher_by_char(s, p);
|
c = ssl3_get_cipher_by_char(p);
|
||||||
p += n;
|
p += n;
|
||||||
if (c != NULL) {
|
if (c != NULL) {
|
||||||
if (!sk_SSL_CIPHER_push(sk, c)) {
|
if (!sk_SSL_CIPHER_push(sk, c)) {
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: ssl_locl.h,v 1.63 2014/07/28 04:23:12 guenther Exp $ */
|
/* $OpenBSD: ssl_locl.h,v 1.64 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -475,11 +475,6 @@ typedef struct sess_cert_st {
|
|||||||
/*#define SSL_DEBUG */
|
/*#define SSL_DEBUG */
|
||||||
/*#define RSA_DEBUG */
|
/*#define RSA_DEBUG */
|
||||||
|
|
||||||
#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
|
|
||||||
((ssl)->method->put_cipher_by_char((ciph),(ptr)))
|
|
||||||
#define ssl_get_cipher_by_char(ssl,ptr) \
|
|
||||||
((ssl)->method->get_cipher_by_char(ptr))
|
|
||||||
|
|
||||||
/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
|
/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
|
||||||
* It is a bit of a mess of functions, but hell, think of it as
|
* It is a bit of a mess of functions, but hell, think of it as
|
||||||
* an opaque structure :-) */
|
* an opaque structure :-) */
|
||||||
@ -576,7 +571,7 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
|
|||||||
STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
|
STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
|
||||||
int num, STACK_OF(SSL_CIPHER) **skp);
|
int num, STACK_OF(SSL_CIPHER) **skp);
|
||||||
int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
|
int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
|
||||||
unsigned char *p, int (*put_cb)(const SSL_CIPHER *, unsigned char *));
|
unsigned char *p);
|
||||||
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
|
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
|
||||||
STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted,
|
STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted,
|
||||||
const char *rule_str);
|
const char *rule_str);
|
||||||
@ -664,7 +659,6 @@ long ssl3_default_timeout(void);
|
|||||||
int ssl23_read(SSL *s, void *buf, int len);
|
int ssl23_read(SSL *s, void *buf, int len);
|
||||||
int ssl23_peek(SSL *s, void *buf, int len);
|
int ssl23_peek(SSL *s, void *buf, int len);
|
||||||
int ssl23_write(SSL *s, const void *buf, int len);
|
int ssl23_write(SSL *s, const void *buf, int len);
|
||||||
int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
|
|
||||||
long ssl23_default_timeout(void);
|
long ssl23_default_timeout(void);
|
||||||
|
|
||||||
long tls1_default_timeout(void);
|
long tls1_default_timeout(void);
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: ssl_sess.c,v 1.38 2014/07/13 16:03:10 beck Exp $ */
|
/* $OpenBSD: ssl_sess.c,v 1.39 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -566,9 +566,9 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
|
|||||||
l2n(l, p);
|
l2n(l, p);
|
||||||
|
|
||||||
if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
|
if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
|
||||||
ret->cipher = ssl_get_cipher_by_char(s, &(buf[2]));
|
ret->cipher = ssl3_get_cipher_by_char(&buf[2]);
|
||||||
else
|
else
|
||||||
ret->cipher = ssl_get_cipher_by_char(s, &(buf[1]));
|
ret->cipher = ssl3_get_cipher_by_char(&buf[1]);
|
||||||
|
|
||||||
if (ret->cipher == NULL)
|
if (ret->cipher == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: t1_clnt.c,v 1.13 2014/06/12 15:49:31 deraadt Exp $ */
|
/* $OpenBSD: t1_clnt.c,v 1.14 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -84,8 +84,6 @@ const SSL_METHOD TLSv1_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -116,8 +114,6 @@ const SSL_METHOD TLSv1_1_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -148,8 +144,6 @@ const SSL_METHOD TLSv1_2_client_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: t1_meth.c,v 1.12 2014/06/12 15:49:31 deraadt Exp $ */
|
/* $OpenBSD: t1_meth.c,v 1.13 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -81,8 +81,6 @@ const SSL_METHOD TLSv1_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -113,8 +111,6 @@ const SSL_METHOD TLSv1_1_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -145,8 +141,6 @@ const SSL_METHOD TLSv1_2_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: t1_srvr.c,v 1.13 2014/06/12 15:49:31 deraadt Exp $ */
|
/* $OpenBSD: t1_srvr.c,v 1.14 2014/08/10 14:42:56 jsing Exp $ */
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -85,8 +85,6 @@ const SSL_METHOD TLSv1_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -117,8 +115,6 @@ const SSL_METHOD TLSv1_1_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
@ -149,8 +145,6 @@ const SSL_METHOD TLSv1_2_server_method_data = {
|
|||||||
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
.ssl_dispatch_alert = ssl3_dispatch_alert,
|
||||||
.ssl_ctrl = ssl3_ctrl,
|
.ssl_ctrl = ssl3_ctrl,
|
||||||
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
.ssl_ctx_ctrl = ssl3_ctx_ctrl,
|
||||||
.get_cipher_by_char = ssl3_get_cipher_by_char,
|
|
||||||
.put_cipher_by_char = ssl3_put_cipher_by_char,
|
|
||||||
.ssl_pending = ssl3_pending,
|
.ssl_pending = ssl3_pending,
|
||||||
.num_ciphers = ssl3_num_ciphers,
|
.num_ciphers = ssl3_num_ciphers,
|
||||||
.get_cipher = ssl3_get_cipher,
|
.get_cipher = ssl3_get_cipher,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user