diff -Naur OpenSSL-38-opensource.apple.com-orig/Makefile OpenSSL-38/Makefile --- OpenSSL-38-opensource.apple.com-orig/Makefile 2006-10-14 01:20:46.000000000 +0200 +++ OpenSSL-38/Makefile 2014-11-01 04:37:21.000000000 +0100 @@ -22,7 +22,7 @@ # config is not really like configure Configure_Flags = --prefix="$(Install_Prefix)" \ --openssldir="$(NSLIBRARYDIR)/$(ProjectName)" \ - --install_prefix="$(DSTROOT)" no-idea no-asm no-fips + --install_prefix="$(DSTROOT)" no-idea no-asm no-fips no-ssl2 Environment = CFLAG="$(CFLAGS) -DOPENSSL_NO_IDEA -DFAR=" \ AR="$(SRCROOT)/ar.sh r" \ @@ -41,7 +41,7 @@ AEP_ExtractDir = $(AEP_ProjVers) AEP_Patches = NLS_openssl_097b_to_097g.patch SC-64bit.patch DVG-4574759_manpage_tweaks.patch \ DVG-4582901_bn_manpage_tweak.patch DVG-4602255_overlapping_manpage_fix.patch \ - NLS_noinstfips.patch NLS_PR_4296241.patch + NLS_noinstfips.patch NLS_PR_4296241.patch SSL_DEFAULT_CIPHER_LIST.patch s23_meth_nov2.patch openssl-0.9.7l-nossl23.patch MANPAGES = man/openssl_fips_fingerprint.1 diff -Naur OpenSSL-38-opensource.apple.com-orig/patches/SSL_DEFAULT_CIPHER_LIST.patch OpenSSL-38/patches/SSL_DEFAULT_CIPHER_LIST.patch --- OpenSSL-38-opensource.apple.com-orig/patches/SSL_DEFAULT_CIPHER_LIST.patch 1970-01-01 01:00:00.000000000 +0100 +++ OpenSSL-38/patches/SSL_DEFAULT_CIPHER_LIST.patch 2014-10-17 15:30:25.000000000 +0200 @@ -0,0 +1,11 @@ +--- ../openssl.defaultcipherlist/ssl/ssl.h 2006-01-08 20:33:31.000000000 +0100 ++++ ssl/ssl.h 2014-10-14 20:20:02.000000000 +0200 +@@ -303,7 +303,7 @@ + /* The following cipher list is used by default. + * It also is substituted when an application-defined cipher list string + * starts with 'DEFAULT'. */ +-#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */ ++#define SSL_DEFAULT_CIPHER_LIST "DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA:AES256-SHA:AES128-SHA" + + /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ + #define SSL_SENT_SHUTDOWN 1 diff -Naur OpenSSL-38-opensource.apple.com-orig/patches/openssl-0.9.7l-nossl23.patch OpenSSL-38/patches/openssl-0.9.7l-nossl23.patch --- OpenSSL-38-opensource.apple.com-orig/patches/openssl-0.9.7l-nossl23.patch 1970-01-01 01:00:00.000000000 +0100 +++ OpenSSL-38/patches/openssl-0.9.7l-nossl23.patch 2014-11-01 04:36:29.000000000 +0100 @@ -0,0 +1,3923 @@ +--- ../openssl.ssl23/apps/ciphers.c 2002-12-03 17:34:19.000000000 +0100 ++++ apps/ciphers.c 2014-11-01 03:58:46.000000000 +0100 +@@ -72,7 +72,6 @@ + static char *ciphers_usage[]={ + "usage: ciphers args\n", + " -v - verbose mode, a textual listing of the ciphers in SSLeay\n", +-" -ssl2 - SSL2 mode\n", + " -ssl3 - SSL3 mode\n", + " -tls1 - TLS1 mode\n", + NULL +@@ -95,13 +94,7 @@ + char buf[512]; + BIO *STDout=NULL; + +-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) + meth=SSLv23_server_method(); +-#elif !defined(OPENSSL_NO_SSL3) +- meth=SSLv3_server_method(); +-#elif !defined(OPENSSL_NO_SSL2) +- meth=SSLv2_server_method(); +-#endif + + apps_startup(); + +@@ -121,10 +114,6 @@ + { + if (strcmp(*argv,"-v") == 0) + verbose=1; +-#ifndef OPENSSL_NO_SSL2 +- else if (strcmp(*argv,"-ssl2") == 0) +- meth=SSLv2_client_method(); +-#endif + #ifndef OPENSSL_NO_SSL3 + else if (strcmp(*argv,"-ssl3") == 0) + meth=SSLv3_client_method(); +--- ../openssl.ssl23/apps/ocsp.c 2004-03-08 03:53:46.000000000 +0100 ++++ apps/ocsp.c 2014-11-01 03:59:55.000000000 +0100 +@@ -715,16 +715,7 @@ + if (use_ssl == 1) + { + BIO *sbio; +-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) + ctx = SSL_CTX_new(SSLv23_client_method()); +-#elif !defined(OPENSSL_NO_SSL3) +- ctx = SSL_CTX_new(SSLv3_client_method()); +-#elif !defined(OPENSSL_NO_SSL2) +- ctx = SSL_CTX_new(SSLv2_client_method()); +-#else +- BIO_printf(bio_err, "SSL is disabled\n"); +- goto end; +-#endif + SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY); + sbio = BIO_new_ssl(ctx, 1); + cbio = BIO_push(sbio, cbio); +--- ../openssl.ssl23/apps/progs.h 2006-10-11 20:30:25.000000000 +0200 ++++ apps/progs.h 2014-11-01 04:01:16.000000000 +0100 +@@ -89,25 +89,17 @@ + #ifndef OPENSSL_NO_DSA + {FUNC_TYPE_GENERAL,"gendsa",gendsa_main}, + #endif +-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) + {FUNC_TYPE_GENERAL,"s_server",s_server_main}, +-#endif +-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) + {FUNC_TYPE_GENERAL,"s_client",s_client_main}, +-#endif + #ifndef OPENSSL_NO_SPEED + {FUNC_TYPE_GENERAL,"speed",speed_main}, + #endif +-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) + {FUNC_TYPE_GENERAL,"s_time",s_time_main}, +-#endif + {FUNC_TYPE_GENERAL,"version",version_main}, + {FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main}, + {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main}, + {FUNC_TYPE_GENERAL,"sess_id",sess_id_main}, +-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) + {FUNC_TYPE_GENERAL,"ciphers",ciphers_main}, +-#endif + {FUNC_TYPE_GENERAL,"nseq",nseq_main}, + #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1) + {FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main}, +--- ../openssl.ssl23/apps/s_client.c 2005-02-19 11:17:25.000000000 +0100 ++++ apps/s_client.c 2014-11-01 04:03:02.000000000 +0100 +@@ -209,10 +209,9 @@ + BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); + BIO_printf(bio_err," -quiet - no s_client output\n"); + BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); +- BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); + BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); + BIO_printf(bio_err," -tls1 - just use TLSv1\n"); +- BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); ++ BIO_printf(bio_err," -no_tls1/-no_ssl3 - turn off that protocol\n"); + BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); + BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); + BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); +@@ -263,13 +262,7 @@ + struct timeval tv; + #endif + +-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) + meth=SSLv23_client_method(); +-#elif !defined(OPENSSL_NO_SSL3) +- meth=SSLv3_client_method(); +-#elif !defined(OPENSSL_NO_SSL2) +- meth=SSLv2_client_method(); +-#endif + + apps_startup(); + c_Pause=0; +@@ -363,10 +356,6 @@ + nbio_test=1; + else if (strcmp(*argv,"-state") == 0) + state=1; +-#ifndef OPENSSL_NO_SSL2 +- else if (strcmp(*argv,"-ssl2") == 0) +- meth=SSLv2_client_method(); +-#endif + #ifndef OPENSSL_NO_SSL3 + else if (strcmp(*argv,"-ssl3") == 0) + meth=SSLv3_client_method(); +--- ../openssl.ssl23/apps/s_server.c 2003-09-27 23:56:12.000000000 +0200 ++++ apps/s_server.c 2014-11-01 04:05:10.000000000 +0100 +@@ -302,7 +302,6 @@ + BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); + BIO_printf(bio_err," -quiet - No server output\n"); + BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); +- BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); + BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); + BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); + BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); +@@ -497,13 +496,7 @@ + #endif + char *inrand=NULL; + +-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) + meth=SSLv23_server_method(); +-#elif !defined(OPENSSL_NO_SSL3) +- meth=SSLv3_server_method(); +-#elif !defined(OPENSSL_NO_SSL2) +- meth=SSLv2_server_method(); +-#endif + + local_argc=argc; + local_argv=argv; +@@ -652,10 +645,6 @@ + { off|=SSL_OP_NO_SSLv3; } + else if (strcmp(*argv,"-no_tls1") == 0) + { off|=SSL_OP_NO_TLSv1; } +-#ifndef OPENSSL_NO_SSL2 +- else if (strcmp(*argv,"-ssl2") == 0) +- { meth=SSLv2_server_method(); } +-#endif + #ifndef OPENSSL_NO_SSL3 + else if (strcmp(*argv,"-ssl3") == 0) + { meth=SSLv3_server_method(); } +--- ../openssl.ssl23/apps/s_time.c 2003-12-27 15:40:55.000000000 +0100 ++++ apps/s_time.c 2014-11-01 04:07:15.000000000 +0100 +@@ -234,7 +234,6 @@ + printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME); + #ifdef FIONBIO + printf("-nbio - Run with non-blocking IO\n"); +- printf("-ssl2 - Just use SSLv2\n"); + printf("-ssl3 - Just use SSLv3\n"); + printf("-bugs - Turn on SSL bug compatibility\n"); + printf("-new - Just time new connections\n"); +@@ -330,10 +329,6 @@ + } + else if(strcmp(*argv,"-bugs") == 0) + st_bugs=1; +-#ifndef OPENSSL_NO_SSL2 +- else if(strcmp(*argv,"-ssl2") == 0) +- s_time_meth=SSLv2_client_method(); +-#endif + #ifndef OPENSSL_NO_SSL3 + else if(strcmp(*argv,"-ssl3") == 0) + s_time_meth=SSLv3_client_method(); +@@ -438,13 +433,7 @@ + if (bio_err == NULL) + bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); + +-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) + s_time_meth=SSLv23_client_method(); +-#elif !defined(OPENSSL_NO_SSL3) +- s_time_meth=SSLv3_client_method(); +-#elif !defined(OPENSSL_NO_SSL2) +- s_time_meth=SSLv2_client_method(); +-#endif + + /* parse the command line arguments */ + if( parseArgs( argc, argv ) < 0 ) +--- ../openssl.ssl23/ssl/s23_clnt.c 2006-01-30 14:49:59.000000000 +0100 ++++ ssl/s23_clnt.c 2014-11-01 04:12:39.000000000 +0100 +@@ -68,10 +68,6 @@ + static int ssl23_get_server_hello(SSL *s); + static SSL_METHOD *ssl23_get_client_method(int ver) + { +-#ifndef OPENSSL_NO_SSL2 +- if (ver == SSL2_VERSION) +- return(SSLv2_client_method()); +-#endif + if (ver == SSL3_VERSION) + return(SSLv3_client_method()); + else if (ver == TLS1_VERSION) +@@ -455,69 +451,8 @@ + if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && + (p[5] == 0x00) && (p[6] == 0x02)) + { +-#ifdef OPENSSL_NO_SSL2 + SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); + goto err; +-#else +- /* we are talking sslv2 */ +- /* we need to clean up the SSLv3 setup and put in the +- * sslv2 stuff. */ +- int ch_len; +- +- if (s->options & SSL_OP_NO_SSLv2) +- { +- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); +- goto err; +- } +- if (s->s2 == NULL) +- { +- if (!ssl2_new(s)) +- goto err; +- } +- else +- ssl2_clear(s); +- +- if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) +- ch_len=SSL2_CHALLENGE_LENGTH; +- else +- ch_len=SSL2_MAX_CHALLENGE_LENGTH; +- +- /* write out sslv2 challenge */ +- i=(SSL3_RANDOM_SIZE < ch_len) +- ?SSL3_RANDOM_SIZE:ch_len; +- s->s2->challenge_length=i; +- memcpy(s->s2->challenge, +- &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); +- +- if (s->s3 != NULL) ssl3_free(s); +- +- if (!BUF_MEM_grow_clean(s->init_buf, +- SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) +- { +- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); +- goto err; +- } +- +- s->state=SSL2_ST_GET_SERVER_HELLO_A; +- if (!(s->client_version == SSL2_VERSION)) +- /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */ +- s->s2->ssl2_rollback=1; +- +- /* setup the 5 bytes we have read so we get them from +- * the sslv2 buffer */ +- s->rstate=SSL_ST_READ_HEADER; +- s->packet_length=n; +- s->packet= &(s->s2->rbuf[0]); +- memcpy(s->packet,buf,n); +- s->s2->rbuf_left=n; +- s->s2->rbuf_offs=0; +- +- /* we have already written one */ +- s->s2->write_sequence=1; +- +- s->method=SSLv2_client_method(); +- s->handshake_func=s->method->ssl_connect; +-#endif + } + else if ((p[0] == SSL3_RT_HANDSHAKE) && + (p[1] == SSL3_VERSION_MAJOR) && +@@ -552,8 +487,8 @@ + goto err; + } + #endif +- s->version=SSL3_VERSION; +- s->method=SSLv3_client_method(); ++ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); ++ goto err; + } + else if ((p[2] == TLS1_VERSION_MINOR) && + !(s->options & SSL_OP_NO_TLSv1)) +--- ../openssl.ssl23/ssl/s23_lib.c 2005-03-23 09:21:30.000000000 +0100 ++++ ssl/s23_lib.c 2014-11-01 04:14:39.000000000 +0100 +@@ -111,9 +111,6 @@ + static int ssl23_num_ciphers(void) + { + return(ssl3_num_ciphers() +-#ifndef OPENSSL_NO_SSL2 +- + ssl2_num_ciphers() +-#endif + ); + } + +@@ -124,11 +121,7 @@ + if (u < uu) + return(ssl3_get_cipher(u)); + else +-#ifndef OPENSSL_NO_SSL2 +- return(ssl2_get_cipher(u-uu)); +-#else + return(NULL); +-#endif + } + + /* This function needs to check if the ciphers required are actually +@@ -144,10 +137,6 @@ + ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; + c.id=id; + cp=ssl3_get_cipher_by_char(p); +-#ifndef OPENSSL_NO_SSL2 +- if (cp == NULL) +- cp=ssl2_get_cipher_by_char(p); +-#endif + return(cp); + } + +--- ../openssl.ssl23/ssl/s23_srvr.c 2006-01-30 14:49:59.000000000 +0100 ++++ ssl/s23_srvr.c 2014-11-01 04:19:17.000000000 +0100 +@@ -120,10 +120,6 @@ + int ssl23_get_client_hello(SSL *s); + static SSL_METHOD *ssl23_get_server_method(int ver) + { +-#ifndef OPENSSL_NO_SSL2 +- if (ver == SSL2_VERSION) +- return(SSLv2_server_method()); +-#endif + if (ver == SSL3_VERSION) + return(SSLv3_server_method()); + else if (ver == TLS1_VERSION) +@@ -500,50 +496,8 @@ + + if (type == 1) + { +-#ifdef OPENSSL_NO_SSL2 + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); + goto err; +-#else +- /* we are talking sslv2 */ +- /* we need to clean up the SSLv3/TLSv1 setup and put in the +- * sslv2 stuff. */ +- +- if (s->s2 == NULL) +- { +- if (!ssl2_new(s)) +- goto err; +- } +- else +- ssl2_clear(s); +- +- if (s->s3 != NULL) ssl3_free(s); +- +- if (!BUF_MEM_grow_clean(s->init_buf, +- SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) +- { +- goto err; +- } +- +- s->state=SSL2_ST_GET_CLIENT_HELLO_A; +- if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3) +- s->s2->ssl2_rollback=0; +- else +- /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 +- * (SSL 3.0 draft/RFC 2246, App. E.2) */ +- s->s2->ssl2_rollback=1; +- +- /* setup the n bytes we have read so we get them from +- * the sslv2 buffer */ +- s->rstate=SSL_ST_READ_HEADER; +- s->packet_length=n; +- s->packet= &(s->s2->rbuf[0]); +- memcpy(s->packet,buf,n); +- s->s2->rbuf_left=n; +- s->s2->rbuf_offs=0; +- +- s->method=SSLv2_server_method(); +- s->handshake_func=s->method->ssl_accept; +-#endif + } + + if ((type == 2) || (type == 3)) +@@ -576,7 +530,10 @@ + if (s->version == TLS1_VERSION) + s->method = TLSv1_server_method(); + else +- s->method = SSLv3_server_method(); ++ { ++ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); ++ goto err; ++ } + #if 0 /* ssl3_get_client_hello does this */ + s->client_version=(v[0]<<8)|v[1]; + #endif +--- ../openssl.ssl23/ssl/s2_clnt.c 2006-09-28 13:53:51.000000000 +0200 ++++ ssl/s2_clnt.c 2014-11-01 04:20:56.000000000 +0100 +@@ -110,1032 +110,7 @@ + */ + + #include "ssl_locl.h" +-#ifndef OPENSSL_NO_SSL2 +-#include +-#include +-#include +-#include +-#include +- +-static SSL_METHOD *ssl2_get_client_method(int ver); +-static int get_server_finished(SSL *s); +-static int get_server_verify(SSL *s); +-static int get_server_hello(SSL *s); +-static int client_hello(SSL *s); +-static int client_master_key(SSL *s); +-static int client_finished(SSL *s); +-static int client_certificate(SSL *s); +-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, +- unsigned char *to,int padding); +-#define BREAK break +- +-static SSL_METHOD *ssl2_get_client_method(int ver) +- { +- if (ver == SSL2_VERSION) +- return(SSLv2_client_method()); +- else +- return(NULL); +- } +- +-SSL_METHOD *SSLv2_client_method(void) +- { +- static int init=1; +- static SSL_METHOD SSLv2_client_data; +- +- if (init) +- { +- CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); +- +- if (init) +- { +- memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(), +- sizeof(SSL_METHOD)); +- SSLv2_client_data.ssl_connect=ssl2_connect; +- SSLv2_client_data.get_ssl_method=ssl2_get_client_method; +- init=0; +- } +- +- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); +- } +- return(&SSLv2_client_data); +- } +- +-int ssl2_connect(SSL *s) +- { +- unsigned long l=(unsigned long)time(NULL); +- BUF_MEM *buf=NULL; +- int ret= -1; +- void (*cb)(const SSL *ssl,int type,int val)=NULL; +- int new_state,state; +- +- RAND_add(&l,sizeof(l),0); +- ERR_clear_error(); +- clear_sys_error(); +- +- if (s->info_callback != NULL) +- cb=s->info_callback; +- else if (s->ctx->info_callback != NULL) +- cb=s->ctx->info_callback; +- +- /* init things to blank */ +- s->in_handshake++; +- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); +- +- for (;;) +- { +- state=s->state; +- +- switch (s->state) +- { +- case SSL_ST_BEFORE: +- case SSL_ST_CONNECT: +- case SSL_ST_BEFORE|SSL_ST_CONNECT: +- case SSL_ST_OK|SSL_ST_CONNECT: +- +- s->server=0; +- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); +- +- s->version=SSL2_VERSION; +- s->type=SSL_ST_CONNECT; +- +- buf=s->init_buf; +- if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) +- { +- ret= -1; +- goto end; +- } +- if (!BUF_MEM_grow(buf, +- SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) +- { +- if (buf == s->init_buf) +- buf=NULL; +- ret= -1; +- goto end; +- } +- s->init_buf=buf; +- buf=NULL; +- s->init_num=0; +- s->state=SSL2_ST_SEND_CLIENT_HELLO_A; +- s->ctx->stats.sess_connect++; +- s->handshake_func=ssl2_connect; +- BREAK; +- +- case SSL2_ST_SEND_CLIENT_HELLO_A: +- case SSL2_ST_SEND_CLIENT_HELLO_B: +- s->shutdown=0; +- ret=client_hello(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- s->state=SSL2_ST_GET_SERVER_HELLO_A; +- BREAK; +- +- case SSL2_ST_GET_SERVER_HELLO_A: +- case SSL2_ST_GET_SERVER_HELLO_B: +- ret=get_server_hello(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- if (!s->hit) /* new session */ +- { +- s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_A; +- BREAK; +- } +- else +- { +- s->state=SSL2_ST_CLIENT_START_ENCRYPTION; +- break; +- } +- +- case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: +- case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: +- ret=client_master_key(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- s->state=SSL2_ST_CLIENT_START_ENCRYPTION; +- break; +- +- case SSL2_ST_CLIENT_START_ENCRYPTION: +- /* Ok, we now have all the stuff needed to +- * start encrypting, so lets fire it up :-) */ +- if (!ssl2_enc_init(s,1)) +- { +- ret= -1; +- goto end; +- } +- s->s2->clear_text=0; +- s->state=SSL2_ST_SEND_CLIENT_FINISHED_A; +- break; +- +- case SSL2_ST_SEND_CLIENT_FINISHED_A: +- case SSL2_ST_SEND_CLIENT_FINISHED_B: +- ret=client_finished(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- s->state=SSL2_ST_GET_SERVER_VERIFY_A; +- break; +- +- case SSL2_ST_GET_SERVER_VERIFY_A: +- case SSL2_ST_GET_SERVER_VERIFY_B: +- ret=get_server_verify(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- s->state=SSL2_ST_GET_SERVER_FINISHED_A; +- break; +- +- case SSL2_ST_GET_SERVER_FINISHED_A: +- case SSL2_ST_GET_SERVER_FINISHED_B: +- ret=get_server_finished(s); +- if (ret <= 0) goto end; +- break; +- +- case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: +- case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: +- case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: +- case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: +- case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: +- ret=client_certificate(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- s->state=SSL2_ST_GET_SERVER_FINISHED_A; +- break; +- +- case SSL_ST_OK: +- if (s->init_buf != NULL) +- { +- BUF_MEM_free(s->init_buf); +- s->init_buf=NULL; +- } +- s->init_num=0; +- /* ERR_clear_error();*/ +- +- /* If we want to cache session-ids in the client +- * and we successfully add the session-id to the +- * cache, and there is a callback, then pass it out. +- * 26/11/96 - eay - only add if not a re-used session. +- */ +- +- ssl_update_cache(s,SSL_SESS_CACHE_CLIENT); +- if (s->hit) s->ctx->stats.sess_hit++; +- +- ret=1; +- /* s->server=0; */ +- s->ctx->stats.sess_connect_good++; +- +- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); +- +- goto end; +- /* break; */ +- default: +- SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE); +- return(-1); +- /* break; */ +- } +- +- if ((cb != NULL) && (s->state != state)) +- { +- new_state=s->state; +- s->state=state; +- cb(s,SSL_CB_CONNECT_LOOP,1); +- s->state=new_state; +- } +- } +-end: +- s->in_handshake--; +- if (buf != NULL) +- BUF_MEM_free(buf); +- if (cb != NULL) +- cb(s,SSL_CB_CONNECT_EXIT,ret); +- return(ret); +- } +- +-static int get_server_hello(SSL *s) +- { +- unsigned char *buf; +- unsigned char *p; +- int i,j; +- unsigned long len; +- STACK_OF(SSL_CIPHER) *sk=NULL,*cl, *prio, *allow; +- +- buf=(unsigned char *)s->init_buf->data; +- p=buf; +- if (s->state == SSL2_ST_GET_SERVER_HELLO_A) +- { +- i=ssl2_read(s,(char *)&(buf[s->init_num]),11-s->init_num); +- if (i < (11-s->init_num)) +- return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i)); +- s->init_num = 11; +- +- if (*(p++) != SSL2_MT_SERVER_HELLO) +- { +- if (p[-1] != SSL2_MT_ERROR) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_SERVER_HELLO, +- SSL_R_READ_WRONG_PACKET_TYPE); +- } +- else +- SSLerr(SSL_F_GET_SERVER_HELLO, +- SSL_R_PEER_ERROR); +- return(-1); +- } +-#ifdef __APPLE_CC__ +- /* The Rhapsody 5.5 (a.k.a. MacOS X) compiler bug +- * workaround. */ +- s->hit=(i=*(p++))?1:0; +-#else +- s->hit=(*(p++))?1:0; +-#endif +- s->s2->tmp.cert_type= *(p++); +- n2s(p,i); +- if (i < s->version) s->version=i; +- n2s(p,i); s->s2->tmp.cert_length=i; +- n2s(p,i); s->s2->tmp.csl=i; +- n2s(p,i); s->s2->tmp.conn_id_length=i; +- s->state=SSL2_ST_GET_SERVER_HELLO_B; +- } +- +- /* SSL2_ST_GET_SERVER_HELLO_B */ +- len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length; +- if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) +- { +- SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_MESSAGE_TOO_LONG); +- return -1; +- } +- j = (int)len - s->init_num; +- i = ssl2_read(s,(char *)&(buf[s->init_num]),j); +- if (i != j) return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i)); +- if (s->msg_callback) +- s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */ +- +- /* things are looking good */ +- +- p = buf + 11; +- if (s->hit) +- { +- if (s->s2->tmp.cert_length != 0) +- { +- SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_LENGTH_NOT_ZERO); +- return(-1); +- } +- if (s->s2->tmp.cert_type != 0) +- { +- if (!(s->options & +- SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) +- { +- SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO); +- return(-1); +- } +- } +- if (s->s2->tmp.csl != 0) +- { +- SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CIPHER_LIST_NOT_ZERO); +- return(-1); +- } +- } +- else +- { +-#ifdef undef +- /* very bad */ +- memset(s->session->session_id,0, +- SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES); +- s->session->session_id_length=0; +- */ +-#endif +- +- /* we need to do this in case we were trying to reuse a +- * client session but others are already reusing it. +- * If this was a new 'blank' session ID, the session-id +- * length will still be 0 */ +- if (s->session->session_id_length > 0) +- { +- if (!ssl_get_new_session(s,0)) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- return(-1); +- } +- } +- +- if (ssl2_set_certificate(s,s->s2->tmp.cert_type, +- s->s2->tmp.cert_length,p) <= 0) +- { +- ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); +- return(-1); +- } +- p+=s->s2->tmp.cert_length; +- +- if (s->s2->tmp.csl == 0) +- { +- ssl2_return_error(s,SSL2_PE_NO_CIPHER); +- SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_LIST); +- return(-1); +- } +- +- /* We have just received a list of ciphers back from the +- * server. We need to get the ones that match, then select +- * the one we want the most :-). */ +- +- /* load the ciphers */ +- sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl, +- &s->session->ciphers); +- p+=s->s2->tmp.csl; +- if (sk == NULL) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE); +- return(-1); +- } +- +- sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp); +- +- /* get the array of ciphers we will accept */ +- cl=SSL_get_ciphers(s); +- sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp); +- +- /* +- * If server preference flag set, choose the first +- * (highest priority) cipher the server sends, otherwise +- * client preference has priority. +- */ +- if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) +- { +- prio = sk; +- allow = cl; +- } +- else +- { +- prio = cl; +- allow = sk; +- } +- /* In theory we could have ciphers sent back that we +- * don't want to use but that does not matter since we +- * will check against the list we originally sent and +- * for performance reasons we should not bother to match +- * the two lists up just to check. */ +- for (i=0; i= 0) +- break; +- } +- +- if (i >= sk_SSL_CIPHER_num(prio)) +- { +- ssl2_return_error(s,SSL2_PE_NO_CIPHER); +- SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH); +- return(-1); +- } +- s->session->cipher=sk_SSL_CIPHER_value(prio,i); +- +- +- if (s->session->peer != NULL) /* can't happen*/ +- { +- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR); +- return(-1); +- } +- +- s->session->peer = s->session->sess_cert->peer_key->x509; +- /* peer_key->x509 has been set by ssl2_set_certificate. */ +- CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509); +- } +- +- if (s->session->sess_cert == NULL +- || s->session->peer != s->session->sess_cert->peer_key->x509) +- /* can't happen */ +- { +- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR); +- return(-1); +- } +- +- s->s2->conn_id_length=s->s2->tmp.conn_id_length; +- if (s->s2->conn_id_length > sizeof s->s2->conn_id) +- { +- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG); +- return -1; +- } +- memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); +- return(1); +- } +- +-static int client_hello(SSL *s) +- { +- unsigned char *buf; +- unsigned char *p,*d; +-/* CIPHER **cipher;*/ +- int i,n,j; +- +- buf=(unsigned char *)s->init_buf->data; +- if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) +- { +- if ((s->session == NULL) || +- (s->session->ssl_version != s->version)) +- { +- if (!ssl_get_new_session(s,0)) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- return(-1); +- } +- } +- /* else use the pre-loaded session */ +- +- p=buf; /* header */ +- d=p+9; /* data section */ +- *(p++)=SSL2_MT_CLIENT_HELLO; /* type */ +- s2n(SSL2_VERSION,p); /* version */ +- n=j=0; +- +- n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d,0); +- d+=n; +- +- if (n == 0) +- { +- SSLerr(SSL_F_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); +- return(-1); +- } +- +- s2n(n,p); /* cipher spec num bytes */ +- +- if ((s->session->session_id_length > 0) && +- (s->session->session_id_length <= +- SSL2_MAX_SSL_SESSION_ID_LENGTH)) +- { +- i=s->session->session_id_length; +- s2n(i,p); /* session id length */ +- memcpy(d,s->session->session_id,(unsigned int)i); +- d+=i; +- } +- else +- { +- s2n(0,p); +- } +- +- s->s2->challenge_length=SSL2_CHALLENGE_LENGTH; +- s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */ +- /*challenge id data*/ +- if(RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0) +- return -1; +- memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH); +- d+=SSL2_CHALLENGE_LENGTH; +- +- s->state=SSL2_ST_SEND_CLIENT_HELLO_B; +- s->init_num=d-buf; +- s->init_off=0; +- } +- /* SSL2_ST_SEND_CLIENT_HELLO_B */ +- return(ssl2_do_write(s)); +- } +- +-static int client_master_key(SSL *s) +- { +- unsigned char *buf; +- unsigned char *p,*d; +- int clear,enc,karg,i; +- SSL_SESSION *sess; +- const EVP_CIPHER *c; +- const EVP_MD *md; +- +- buf=(unsigned char *)s->init_buf->data; +- if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) +- { +- +- if (!ssl_cipher_get_evp(s->session,&c,&md,NULL)) +- { +- ssl2_return_error(s,SSL2_PE_NO_CIPHER); +- SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); +- return(-1); +- } +- sess=s->session; +- p=buf; +- d=p+10; +- *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */ +- +- i=ssl_put_cipher_by_char(s,sess->cipher,p); +- p+=i; +- +- /* make key_arg data */ +- i=EVP_CIPHER_iv_length(c); +- sess->key_arg_length=i; +- if (i > SSL_MAX_KEY_ARG_LENGTH) +- { +- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- if (i > 0) +- if(RAND_pseudo_bytes(sess->key_arg,i) <= 0) +- return -1; +- +- /* make a master key */ +- i=EVP_CIPHER_key_length(c); +- sess->master_key_length=i; +- if (i > 0) +- { +- if (i > sizeof sess->master_key) +- { +- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- if (RAND_bytes(sess->master_key,i) <= 0) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- return(-1); +- } +- } +- +- if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) +- enc=8; +- else if (SSL_C_IS_EXPORT(sess->cipher)) +- enc=5; +- else +- enc=i; +- +- if (i < enc) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR); +- return(-1); +- } +- clear=i-enc; +- s2n(clear,p); +- memcpy(d,sess->master_key,(unsigned int)clear); +- d+=clear; +- +- enc=ssl_rsa_public_encrypt(sess->sess_cert,enc, +- &(sess->master_key[clear]),d, +- (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); +- if (enc <= 0) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR); +- return(-1); +- } +-#ifdef PKCS1_CHECK +- if (s->options & SSL_OP_PKCS1_CHECK_1) d[1]++; +- if (s->options & SSL_OP_PKCS1_CHECK_2) +- sess->master_key[clear]++; +-#endif +- s2n(enc,p); +- d+=enc; +- karg=sess->key_arg_length; +- s2n(karg,p); /* key arg size */ +- if (karg > sizeof sess->key_arg) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- memcpy(d,sess->key_arg,(unsigned int)karg); +- d+=karg; +- +- s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B; +- s->init_num=d-buf; +- s->init_off=0; +- } +- +- /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */ +- return(ssl2_do_write(s)); +- } +- +-static int client_finished(SSL *s) +- { +- unsigned char *p; +- +- if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) +- { +- p=(unsigned char *)s->init_buf->data; +- *(p++)=SSL2_MT_CLIENT_FINISHED; +- if (s->s2->conn_id_length > sizeof s->s2->conn_id) +- { +- SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length); +- +- s->state=SSL2_ST_SEND_CLIENT_FINISHED_B; +- s->init_num=s->s2->conn_id_length+1; +- s->init_off=0; +- } +- return(ssl2_do_write(s)); +- } +- +-/* read the data and then respond */ +-static int client_certificate(SSL *s) +- { +- unsigned char *buf; +- unsigned char *p,*d; +- int i; +- unsigned int n; +- int cert_ch_len; +- unsigned char *cert_ch; +- +- buf=(unsigned char *)s->init_buf->data; +- +- /* We have a cert associated with the SSL, so attach it to +- * the session if it does not have one */ +- +- if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) +- { +- i=ssl2_read(s,(char *)&(buf[s->init_num]), +- SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num); +- if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num)) +- return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i)); +- s->init_num += i; +- if (s->msg_callback) +- s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */ +- +- /* type=buf[0]; */ +- /* type eq x509 */ +- if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) +- { +- ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); +- SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_AUTHENTICATION_TYPE); +- return(-1); +- } +- +- if ((s->cert == NULL) || +- (s->cert->key->x509 == NULL) || +- (s->cert->key->privatekey == NULL)) +- { +- s->state=SSL2_ST_X509_GET_CLIENT_CERTIFICATE; +- } +- else +- s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C; +- } +- +- cert_ch = buf + 2; +- cert_ch_len = s->init_num - 2; +- +- if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) +- { +- X509 *x509=NULL; +- EVP_PKEY *pkey=NULL; +- +- /* If we get an error we need to +- * ssl->rwstate=SSL_X509_LOOKUP; +- * return(error); +- * We should then be retried when things are ok and we +- * can get a cert or not */ +- +- i=0; +- if (s->ctx->client_cert_cb != NULL) +- { +- i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); +- } +- +- if (i < 0) +- { +- s->rwstate=SSL_X509_LOOKUP; +- return(-1); +- } +- s->rwstate=SSL_NOTHING; +- +- if ((i == 1) && (pkey != NULL) && (x509 != NULL)) +- { +- s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C; +- if ( !SSL_use_certificate(s,x509) || +- !SSL_use_PrivateKey(s,pkey)) +- { +- i=0; +- } +- X509_free(x509); +- EVP_PKEY_free(pkey); +- } +- else if (i == 1) +- { +- if (x509 != NULL) X509_free(x509); +- if (pkey != NULL) EVP_PKEY_free(pkey); +- SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); +- i=0; +- } +- +- if (i == 0) +- { +- /* We have no client certificate to respond with +- * so send the correct error message back */ +- s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_B; +- p=buf; +- *(p++)=SSL2_MT_ERROR; +- s2n(SSL2_PE_NO_CERTIFICATE,p); +- s->init_off=0; +- s->init_num=3; +- /* Write is done at the end */ +- } +- } +- +- if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) +- { +- return(ssl2_do_write(s)); +- } +- +- if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) +- { +- EVP_MD_CTX ctx; +- +- /* ok, now we calculate the checksum +- * do it first so we can reuse buf :-) */ +- p=buf; +- EVP_MD_CTX_init(&ctx); +- EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL); +- EVP_SignUpdate(&ctx,s->s2->key_material, +- s->s2->key_material_length); +- EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); +- n=i2d_X509(s->session->sess_cert->peer_key->x509,&p); +- EVP_SignUpdate(&ctx,buf,(unsigned int)n); +- +- p=buf; +- d=p+6; +- *(p++)=SSL2_MT_CLIENT_CERTIFICATE; +- *(p++)=SSL2_CT_X509_CERTIFICATE; +- n=i2d_X509(s->cert->key->x509,&d); +- s2n(n,p); +- +- if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey)) +- { +- /* this is not good. If things have failed it +- * means there so something wrong with the key. +- * We will continue with a 0 length signature +- */ +- } +- EVP_MD_CTX_cleanup(&ctx); +- s2n(n,p); +- d+=n; +- +- s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_D; +- s->init_num=d-buf; +- s->init_off=0; +- } +- /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */ +- return(ssl2_do_write(s)); +- } +- +-static int get_server_verify(SSL *s) +- { +- unsigned char *p; +- int i, n, len; +- +- p=(unsigned char *)s->init_buf->data; +- if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) +- { +- i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); +- if (i < (1-s->init_num)) +- return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i)); +- s->init_num += i; +- +- s->state= SSL2_ST_GET_SERVER_VERIFY_B; +- if (*p != SSL2_MT_SERVER_VERIFY) +- { +- if (p[0] != SSL2_MT_ERROR) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_SERVER_VERIFY, +- SSL_R_READ_WRONG_PACKET_TYPE); +- } +- else +- { +- SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_PEER_ERROR); +- /* try to read the error message */ +- i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); +- return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); +- } +- return(-1); +- } +- } +- +- p=(unsigned char *)s->init_buf->data; +- len = 1 + s->s2->challenge_length; +- n = len - s->init_num; +- i = ssl2_read(s,(char *)&(p[s->init_num]),n); +- if (i < n) +- return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i)); +- if (s->msg_callback) +- s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */ +- p += 1; +- +- if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT); +- return(-1); +- } +- return(1); +- } +- +-static int get_server_finished(SSL *s) +- { +- unsigned char *buf; +- unsigned char *p; +- int i, n, len; +- +- buf=(unsigned char *)s->init_buf->data; +- p=buf; +- if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) +- { +- i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num); +- if (i < (1-s->init_num)) +- return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i)); +- s->init_num += i; +- +- if (*p == SSL2_MT_REQUEST_CERTIFICATE) +- { +- s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_A; +- return(1); +- } +- else if (*p != SSL2_MT_SERVER_FINISHED) +- { +- if (p[0] != SSL2_MT_ERROR) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE); +- } +- else +- { +- SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR); +- /* try to read the error message */ +- i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); +- return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); +- } +- return(-1); +- } +- s->state=SSL2_ST_GET_SERVER_FINISHED_B; +- } +- +- len = 1 + SSL2_SSL_SESSION_ID_LENGTH; +- n = len - s->init_num; +- i = ssl2_read(s,(char *)&(buf[s->init_num]), n); +- if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */ +- return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i)); +- s->init_num += i; +- if (s->msg_callback) +- s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */ +- +- if (!s->hit) /* new session */ +- { +- /* new session-id */ +- /* Make sure we were not trying to re-use an old SSL_SESSION +- * or bad things can happen */ +- /* ZZZZZZZZZZZZZ */ +- s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; +- memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH); +- } +- else +- { +- if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) +- { +- if ((s->session->session_id_length > sizeof s->session->session_id) +- || (0 != memcmp(buf + 1, s->session->session_id, +- (unsigned int)s->session->session_id_length))) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT); +- return(-1); +- } +- } +- } +- s->state = SSL_ST_OK; +- return(1); +- } +- +-/* loads in the certificate from the server */ +-int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data) +- { +- STACK_OF(X509) *sk=NULL; +- EVP_PKEY *pkey=NULL; +- SESS_CERT *sc=NULL; +- int i; +- X509 *x509=NULL; +- int ret=0; +- +- x509=d2i_X509(NULL,&data,(long)len); +- if (x509 == NULL) +- { +- SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_X509_LIB); +- goto err; +- } +- +- if ((sk=sk_X509_new_null()) == NULL || !sk_X509_push(sk,x509)) +- { +- SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE); +- goto err; +- } +- +- i=ssl_verify_cert_chain(s,sk); +- +- if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)) +- { +- SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED); +- goto err; +- } +- ERR_clear_error(); /* but we keep s->verify_result */ +- s->session->verify_result = s->verify_result; +- +- /* server's cert for this session */ +- sc=ssl_sess_cert_new(); +- if (sc == NULL) +- { +- ret= -1; +- goto err; +- } +- if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert); +- s->session->sess_cert=sc; +- +- sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509=x509; +- sc->peer_key= &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]); +- +- pkey=X509_get_pubkey(x509); +- x509=NULL; +- if (pkey == NULL) +- { +- SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY); +- goto err; +- } +- if (pkey->type != EVP_PKEY_RSA) +- { +- SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_PUBLIC_KEY_NOT_RSA); +- goto err; +- } +- +- if (!ssl_set_peer_cert_type(sc,SSL2_CT_X509_CERTIFICATE)) +- goto err; +- ret=1; +-err: +- sk_X509_free(sk); +- X509_free(x509); +- EVP_PKEY_free(pkey); +- return(ret); +- } +- +-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, +- unsigned char *to, int padding) +- { +- EVP_PKEY *pkey=NULL; +- int i= -1; +- +- if ((sc == NULL) || (sc->peer_key->x509 == NULL) || +- ((pkey=X509_get_pubkey(sc->peer_key->x509)) == NULL)) +- { +- SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY); +- return(-1); +- } +- if (pkey->type != EVP_PKEY_RSA) +- { +- SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA); +- goto end; +- } +- +- /* we have the public key */ +- i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding); +- if (i < 0) +- SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB); +-end: +- EVP_PKEY_free(pkey); +- return(i); +- } +-#else /* !OPENSSL_NO_SSL2 */ + + # if PEDANTIC + static void *dummy=&dummy; + # endif +- +-#endif +--- ../openssl.ssl23/ssl/s2_enc.c 2003-12-27 17:09:58.000000000 +0100 ++++ ssl/s2_enc.c 2014-11-01 04:21:50.000000000 +0100 +@@ -57,135 +57,7 @@ + */ + + #include "ssl_locl.h" +-#ifndef OPENSSL_NO_SSL2 +-#include +- +-int ssl2_enc_init(SSL *s, int client) +- { +- /* Max number of bytes needed */ +- EVP_CIPHER_CTX *rs,*ws; +- const EVP_CIPHER *c; +- const EVP_MD *md; +- int num; +- +- if (!ssl_cipher_get_evp(s->session,&c,&md,NULL)) +- { +- ssl2_return_error(s,SSL2_PE_NO_CIPHER); +- SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); +- return(0); +- } +- +- s->read_hash=md; +- s->write_hash=md; +- +- if ((s->enc_read_ctx == NULL) && +- ((s->enc_read_ctx=(EVP_CIPHER_CTX *) +- OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) +- goto err; +- if ((s->enc_write_ctx == NULL) && +- ((s->enc_write_ctx=(EVP_CIPHER_CTX *) +- OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) +- goto err; +- +- rs= s->enc_read_ctx; +- ws= s->enc_write_ctx; +- +- EVP_CIPHER_CTX_init(rs); +- EVP_CIPHER_CTX_init(ws); +- +- num=c->key_len; +- s->s2->key_material_length=num*2; +- OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material); +- +- if (ssl2_generate_key_material(s) <= 0) +- return 0; +- +- OPENSSL_assert(c->iv_len <= sizeof s->session->key_arg); +- EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]), +- s->session->key_arg); +- EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]), +- s->session->key_arg); +- s->s2->read_key= &(s->s2->key_material[(client)?0:num]); +- s->s2->write_key= &(s->s2->key_material[(client)?num:0]); +- return(1); +-err: +- SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE); +- return(0); +- } +- +-/* read/writes from s->s2->mac_data using length for encrypt and +- * decrypt. It sets s->s2->padding and s->[rw]length +- * if we are encrypting */ +-void ssl2_enc(SSL *s, int send) +- { +- EVP_CIPHER_CTX *ds; +- unsigned long l; +- int bs; +- +- if (send) +- { +- ds=s->enc_write_ctx; +- l=s->s2->wlength; +- } +- else +- { +- ds=s->enc_read_ctx; +- l=s->s2->rlength; +- } +- +- /* check for NULL cipher */ +- if (ds == NULL) return; +- +- +- bs=ds->cipher->block_size; +- /* This should be using (bs-1) and bs instead of 7 and 8, but +- * what the hell. */ +- if (bs == 8) +- l=(l+7)/8*8; +- +- EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l); +- } +- +-void ssl2_mac(SSL *s, unsigned char *md, int send) +- { +- EVP_MD_CTX c; +- unsigned char sequence[4],*p,*sec,*act; +- unsigned long seq; +- unsigned int len; +- +- if (send) +- { +- seq=s->s2->write_sequence; +- sec=s->s2->write_key; +- len=s->s2->wact_data_length; +- act=s->s2->wact_data; +- } +- else +- { +- seq=s->s2->read_sequence; +- sec=s->s2->read_key; +- len=s->s2->ract_data_length; +- act=s->s2->ract_data; +- } +- +- p= &(sequence[0]); +- l2n(seq,p); +- +- /* There has to be a MAC algorithm. */ +- EVP_MD_CTX_init(&c); +- EVP_DigestInit_ex(&c, s->read_hash, NULL); +- EVP_DigestUpdate(&c,sec, +- EVP_CIPHER_CTX_key_length(s->enc_read_ctx)); +- EVP_DigestUpdate(&c,act,len); +- /* the above line also does the pad data */ +- EVP_DigestUpdate(&c,sequence,4); +- EVP_DigestFinal_ex(&c,md,NULL); +- EVP_MD_CTX_cleanup(&c); +- } +-#else /* !OPENSSL_NO_SSL2 */ + + # if PEDANTIC + static void *dummy=&dummy; + # endif +- +-#endif +--- ../openssl.ssl23/ssl/s2_lib.c 2006-10-11 20:30:25.000000000 +0200 ++++ ssl/s2_lib.c 2014-11-01 04:22:21.000000000 +0100 +@@ -57,457 +57,7 @@ + */ + + #include "ssl_locl.h" +-#ifndef OPENSSL_NO_SSL2 +-#include +-#include +-#include +-#include +-#include +- +-static long ssl2_default_timeout(void ); +-const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; +- +-#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) +- +-OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={ +-/* NULL_WITH_MD5 v3 */ +-#if 0 +- { +- 1, +- SSL2_TXT_NULL_WITH_MD5, +- SSL2_CK_NULL_WITH_MD5, +- SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2, +- SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE, +- 0, +- 0, +- 0, +- SSL_ALL_CIPHERS, +- SSL_ALL_STRENGTHS, +- }, +-#endif +-/* RC4_128_EXPORT40_WITH_MD5 */ +- { +- 1, +- SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, +- SSL2_CK_RC4_128_EXPORT40_WITH_MD5, +- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2, +- SSL_EXPORT|SSL_EXP40, +- SSL2_CF_5_BYTE_ENC, +- 40, +- 128, +- SSL_ALL_CIPHERS, +- SSL_ALL_STRENGTHS, +- }, +-/* RC4_128_WITH_MD5 */ +- { +- 1, +- SSL2_TXT_RC4_128_WITH_MD5, +- SSL2_CK_RC4_128_WITH_MD5, +- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2, +- SSL_NOT_EXP|SSL_MEDIUM, +- 0, +- 128, +- 128, +- SSL_ALL_CIPHERS, +- SSL_ALL_STRENGTHS, +- }, +-/* RC2_128_CBC_EXPORT40_WITH_MD5 */ +- { +- 1, +- SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, +- SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, +- SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2, +- SSL_EXPORT|SSL_EXP40, +- SSL2_CF_5_BYTE_ENC, +- 40, +- 128, +- SSL_ALL_CIPHERS, +- SSL_ALL_STRENGTHS, +- }, +-/* RC2_128_CBC_WITH_MD5 */ +- { +- 1, +- SSL2_TXT_RC2_128_CBC_WITH_MD5, +- SSL2_CK_RC2_128_CBC_WITH_MD5, +- SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2, +- SSL_NOT_EXP|SSL_MEDIUM, +- 0, +- 128, +- 128, +- SSL_ALL_CIPHERS, +- SSL_ALL_STRENGTHS, +- }, +-/* IDEA_128_CBC_WITH_MD5 */ +-/* DES_64_CBC_WITH_MD5 */ +- { +- 1, +- SSL2_TXT_DES_64_CBC_WITH_MD5, +- SSL2_CK_DES_64_CBC_WITH_MD5, +- SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2, +- SSL_NOT_EXP|SSL_LOW, +- 0, +- 56, +- 56, +- SSL_ALL_CIPHERS, +- SSL_ALL_STRENGTHS, +- }, +-/* DES_192_EDE3_CBC_WITH_MD5 */ +- { +- 1, +- SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, +- SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, +- SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2, +- SSL_NOT_EXP|SSL_HIGH, +- 0, +- 168, +- 168, +- SSL_ALL_CIPHERS, +- SSL_ALL_STRENGTHS, +- }, +-/* RC4_64_WITH_MD5 */ +-#if 0 +- { +- 1, +- SSL2_TXT_RC4_64_WITH_MD5, +- SSL2_CK_RC4_64_WITH_MD5, +- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2, +- SSL_NOT_EXP|SSL_LOW, +- SSL2_CF_8_BYTE_ENC, +- 64, +- 64, +- SSL_ALL_CIPHERS, +- SSL_ALL_STRENGTHS, +- }, +-#endif +-/* NULL SSLeay (testing) */ +-#if 0 +- { +- 0, +- SSL2_TXT_NULL, +- SSL2_CK_NULL, +- 0, +- SSL_STRONG_NONE, +- 0, +- 0, +- 0, +- SSL_ALL_CIPHERS, +- SSL_ALL_STRENGTHS, +- }, +-#endif +- +-/* end of list :-) */ +- }; +- +-static SSL_METHOD SSLv2_data= { +- SSL2_VERSION, +- ssl2_new, /* local */ +- ssl2_clear, /* local */ +- ssl2_free, /* local */ +- ssl_undefined_function, +- ssl_undefined_function, +- ssl2_read, +- ssl2_peek, +- ssl2_write, +- ssl2_shutdown, +- ssl_ok, /* NULL - renegotiate */ +- ssl_ok, /* NULL - check renegotiate */ +- ssl2_ctrl, /* local */ +- ssl2_ctx_ctrl, /* local */ +- ssl2_get_cipher_by_char, +- ssl2_put_cipher_by_char, +- ssl2_pending, +- ssl2_num_ciphers, +- ssl2_get_cipher, +- ssl_bad_method, +- ssl2_default_timeout, +- &ssl3_undef_enc_method, +- ssl_undefined_function, +- ssl2_callback_ctrl, /* local */ +- ssl2_ctx_callback_ctrl, /* local */ +- }; +- +-static long ssl2_default_timeout(void) +- { +- return(300); +- } +- +-SSL_METHOD *sslv2_base_method(void) +- { +- return(&SSLv2_data); +- } +- +-int ssl2_num_ciphers(void) +- { +- return(SSL2_NUM_CIPHERS); +- } +- +-SSL_CIPHER *ssl2_get_cipher(unsigned int u) +- { +- if (u < SSL2_NUM_CIPHERS) +- return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u])); +- else +- return(NULL); +- } +- +-int ssl2_pending(const SSL *s) +- { +- return SSL_in_init(s) ? 0 : s->s2->ract_data_length; +- } +- +-int ssl2_new(SSL *s) +- { +- SSL2_STATE *s2; +- +- if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err; +- memset(s2,0,sizeof *s2); +- +-#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2 +-# error "assertion failed" +-#endif +- +- if ((s2->rbuf=OPENSSL_malloc( +- SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; +- /* wbuf needs one byte more because when using two-byte headers, +- * we leave the first byte unused in do_ssl_write (s2_pkt.c) */ +- if ((s2->wbuf=OPENSSL_malloc( +- SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err; +- s->s2=s2; +- +- ssl2_clear(s); +- return(1); +-err: +- if (s2 != NULL) +- { +- if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); +- if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); +- OPENSSL_free(s2); +- } +- return(0); +- } +- +-void ssl2_free(SSL *s) +- { +- SSL2_STATE *s2; +- +- if(s == NULL) +- return; +- +- s2=s->s2; +- if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); +- if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); +- OPENSSL_cleanse(s2,sizeof *s2); +- OPENSSL_free(s2); +- s->s2=NULL; +- } +- +-void ssl2_clear(SSL *s) +- { +- SSL2_STATE *s2; +- unsigned char *rbuf,*wbuf; +- +- s2=s->s2; +- +- rbuf=s2->rbuf; +- wbuf=s2->wbuf; +- +- memset(s2,0,sizeof *s2); +- +- s2->rbuf=rbuf; +- s2->wbuf=wbuf; +- s2->clear_text=1; +- s->packet=s2->rbuf; +- s->version=SSL2_VERSION; +- s->packet_length=0; +- } +- +-long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg) +- { +- int ret=0; +- +- switch(cmd) +- { +- case SSL_CTRL_GET_SESSION_REUSED: +- ret=s->hit; +- break; +- default: +- break; +- } +- return(ret); +- } +- +-long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)()) +- { +- return(0); +- } +- +-long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) +- { +- return(0); +- } +- +-long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)()) +- { +- return(0); +- } +- +-/* This function needs to check if the ciphers required are actually +- * available */ +-SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) +- { +- static int init=1; +- static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS]; +- SSL_CIPHER c,*cp= &c,**cpp; +- unsigned long id; +- int i; +- +- if (init) +- { +- CRYPTO_w_lock(CRYPTO_LOCK_SSL); +- +- if (init) +- { +- for (i=0; ivalid) +- return(NULL); +- else +- return(*cpp); +- } +- +-int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) +- { +- long l; +- +- if (p != NULL) +- { +- l=c->id; +- if ((l & 0xff000000) != 0x02000000) return(0); +- p[0]=((unsigned char)(l>>16L))&0xFF; +- p[1]=((unsigned char)(l>> 8L))&0xFF; +- p[2]=((unsigned char)(l ))&0xFF; +- } +- return(3); +- } +- +-int ssl2_generate_key_material(SSL *s) +- { +- unsigned int i; +- EVP_MD_CTX ctx; +- unsigned char *km; +- unsigned char c='0'; +- const EVP_MD *md5; +- +- md5 = EVP_md5(); +- +-#ifdef CHARSET_EBCDIC +- c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', +- see SSLv2 docu */ +-#endif +- EVP_MD_CTX_init(&ctx); +- km=s->s2->key_material; +- +- if (s->session->master_key_length < 0 || s->session->master_key_length > sizeof s->session->master_key) +- { +- SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); +- return 0; +- } +- +- for (i=0; is2->key_material_length; i += EVP_MD_size(md5)) +- { +- if (((km - s->s2->key_material) + EVP_MD_size(md5)) > sizeof s->s2->key_material) +- { +- /* EVP_DigestFinal_ex() below would write beyond buffer */ +- SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); +- return 0; +- } +- +- EVP_DigestInit_ex(&ctx, md5, NULL); +- +- OPENSSL_assert(s->session->master_key_length >= 0 +- && s->session->master_key_length +- < sizeof s->session->master_key); +- EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); +- EVP_DigestUpdate(&ctx,&c,1); +- c++; +- EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length); +- EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length); +- EVP_DigestFinal_ex(&ctx,km,NULL); +- km += EVP_MD_size(md5); +- } +- +- EVP_MD_CTX_cleanup(&ctx); +- return 1; +- } +- +-void ssl2_return_error(SSL *s, int err) +- { +- if (!s->error) +- { +- s->error=3; +- s->error_code=err; +- +- ssl2_write_error(s); +- } +- } +- +- +-void ssl2_write_error(SSL *s) +- { +- unsigned char buf[3]; +- int i,error; +- +- buf[0]=SSL2_MT_ERROR; +- buf[1]=(s->error_code>>8)&0xff; +- buf[2]=(s->error_code)&0xff; +- +-/* state=s->rwstate;*/ +- +- error=s->error; /* number of bytes left to write */ +- s->error=0; +- OPENSSL_assert(error >= 0 && error <= sizeof buf); +- i=ssl2_write(s,&(buf[3-error]),error); +- +-/* if (i == error) s->rwstate=state; */ +- +- if (i < 0) +- s->error=error; +- else +- { +- s->error=error-i; +- +- if (s->error == 0) +- if (s->msg_callback) +- s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */ +- } +- } +- +-int ssl2_shutdown(SSL *s) +- { +- s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); +- return(1); +- } +-#else /* !OPENSSL_NO_SSL2 */ + + # if PEDANTIC + static void *dummy=&dummy; + # endif +- +-#endif +--- ../openssl.ssl23/ssl/s2_meth.c 2002-09-26 17:54:14.000000000 +0200 ++++ ssl/s2_meth.c 2014-11-01 04:22:46.000000000 +0100 +@@ -57,46 +57,7 @@ + */ + + #include "ssl_locl.h" +-#ifndef OPENSSL_NO_SSL2 +-#include +-#include +- +-static SSL_METHOD *ssl2_get_method(int ver); +-static SSL_METHOD *ssl2_get_method(int ver) +- { +- if (ver == SSL2_VERSION) +- return(SSLv2_method()); +- else +- return(NULL); +- } +- +-SSL_METHOD *SSLv2_method(void) +- { +- static int init=1; +- static SSL_METHOD SSLv2_data; +- +- if (init) +- { +- CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); +- +- if (init) +- { +- memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(), +- sizeof(SSL_METHOD)); +- SSLv2_data.ssl_connect=ssl2_connect; +- SSLv2_data.ssl_accept=ssl2_accept; +- SSLv2_data.get_ssl_method=ssl2_get_method; +- init=0; +- } +- +- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); +- } +- return(&SSLv2_data); +- } +-#else /* !OPENSSL_NO_SSL2 */ + + # if PEDANTIC + static void *dummy=&dummy; + # endif +- +-#endif +--- ../openssl.ssl23/ssl/s2_pkt.c 2003-12-27 17:09:58.000000000 +0100 ++++ ssl/s2_pkt.c 2014-11-01 04:23:17.000000000 +0100 +@@ -110,628 +110,7 @@ + */ + + #include "ssl_locl.h" +-#ifndef OPENSSL_NO_SSL2 +-#include +-#include +-#define USE_SOCKETS +- +-static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); +-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); +-static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); +-static int ssl_mt_error(int n); +- +- +-/* SSL 2.0 imlementation for SSL_read/SSL_peek - +- * This routine will return 0 to len bytes, decrypted etc if required. +- */ +-static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) +- { +- int n; +- unsigned char mac[MAX_MAC_SIZE]; +- unsigned char *p; +- int i; +- unsigned int mac_size; +- +- ssl2_read_again: +- if (SSL_in_init(s) && !s->in_handshake) +- { +- n=s->handshake_func(s); +- if (n < 0) return(n); +- if (n == 0) +- { +- SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAILURE); +- return(-1); +- } +- } +- +- clear_sys_error(); +- s->rwstate=SSL_NOTHING; +- if (len <= 0) return(len); +- +- if (s->s2->ract_data_length != 0) /* read from buffer */ +- { +- if (len > s->s2->ract_data_length) +- n=s->s2->ract_data_length; +- else +- n=len; +- +- memcpy(buf,s->s2->ract_data,(unsigned int)n); +- if (!peek) +- { +- s->s2->ract_data_length-=n; +- s->s2->ract_data+=n; +- if (s->s2->ract_data_length == 0) +- s->rstate=SSL_ST_READ_HEADER; +- } +- +- return(n); +- } +- +- /* s->s2->ract_data_length == 0 +- * +- * Fill the buffer, then goto ssl2_read_again. +- */ +- +- if (s->rstate == SSL_ST_READ_HEADER) +- { +- if (s->first_packet) +- { +- n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0); +- if (n <= 0) return(n); /* error or non-blocking */ +- s->first_packet=0; +- p=s->packet; +- if (!((p[0] & 0x80) && ( +- (p[2] == SSL2_MT_CLIENT_HELLO) || +- (p[2] == SSL2_MT_SERVER_HELLO)))) +- { +- SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_NON_SSLV2_INITIAL_PACKET); +- return(-1); +- } +- } +- else +- { +- n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0); +- if (n <= 0) return(n); /* error or non-blocking */ +- } +- /* part read stuff */ +- +- s->rstate=SSL_ST_READ_BODY; +- p=s->packet; +- /* Do header */ +- /*s->s2->padding=0;*/ +- s->s2->escape=0; +- s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]); +- if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */ +- { +- s->s2->three_byte_header=0; +- s->s2->rlength&=TWO_BYTE_MASK; +- } +- else +- { +- s->s2->three_byte_header=1; +- s->s2->rlength&=THREE_BYTE_MASK; +- +- /* security >s2->escape */ +- s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0; +- } +- } +- +- if (s->rstate == SSL_ST_READ_BODY) +- { +- n=s->s2->rlength+2+s->s2->three_byte_header; +- if (n > (int)s->packet_length) +- { +- n-=s->packet_length; +- i=read_n(s,(unsigned int)n,(unsigned int)n,1); +- if (i <= 0) return(i); /* ERROR */ +- } +- +- p= &(s->packet[2]); +- s->rstate=SSL_ST_READ_HEADER; +- if (s->s2->three_byte_header) +- s->s2->padding= *(p++); +- else s->s2->padding=0; +- +- /* Data portion */ +- if (s->s2->clear_text) +- { +- mac_size = 0; +- s->s2->mac_data=p; +- s->s2->ract_data=p; +- if (s->s2->padding) +- { +- SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); +- return(-1); +- } +- } +- else +- { +- mac_size=EVP_MD_size(s->read_hash); +- OPENSSL_assert(mac_size <= MAX_MAC_SIZE); +- s->s2->mac_data=p; +- s->s2->ract_data= &p[mac_size]; +- if (s->s2->padding + mac_size > s->s2->rlength) +- { +- SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); +- return(-1); +- } +- } +- +- s->s2->ract_data_length=s->s2->rlength; +- /* added a check for length > max_size in case +- * encryption was not turned on yet due to an error */ +- if ((!s->s2->clear_text) && +- (s->s2->rlength >= mac_size)) +- { +- ssl2_enc(s,0); +- s->s2->ract_data_length-=mac_size; +- ssl2_mac(s,mac,0); +- s->s2->ract_data_length-=s->s2->padding; +- if ( (memcmp(mac,s->s2->mac_data, +- (unsigned int)mac_size) != 0) || +- (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) +- { +- SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE); +- return(-1); +- } +- } +- INC32(s->s2->read_sequence); /* expect next number */ +- /* s->s2->ract_data is now available for processing */ +- +- /* Possibly the packet that we just read had 0 actual data bytes. +- * (SSLeay/OpenSSL itself never sends such packets; see ssl2_write.) +- * In this case, returning 0 would be interpreted by the caller +- * as indicating EOF, so it's not a good idea. Instead, we just +- * continue reading; thus ssl2_read_internal may have to process +- * multiple packets before it can return. +- * +- * [Note that using select() for blocking sockets *never* guarantees +- * that the next SSL_read will not block -- the available +- * data may contain incomplete packets, and except for SSL 2, +- * renegotiation can confuse things even more.] */ +- +- goto ssl2_read_again; /* This should really be +- * "return ssl2_read(s,buf,len)", +- * but that would allow for +- * denial-of-service attacks if a +- * C compiler is used that does not +- * recognize end-recursion. */ +- } +- else +- { +- SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_STATE); +- return(-1); +- } +- } +- +-int ssl2_read(SSL *s, void *buf, int len) +- { +- return ssl2_read_internal(s, buf, len, 0); +- } +- +-int ssl2_peek(SSL *s, void *buf, int len) +- { +- return ssl2_read_internal(s, buf, len, 1); +- } +- +-static int read_n(SSL *s, unsigned int n, unsigned int max, +- unsigned int extend) +- { +- int i,off,newb; +- +- /* if there is stuff still in the buffer from a previous read, +- * and there is more than we want, take some. */ +- if (s->s2->rbuf_left >= (int)n) +- { +- if (extend) +- s->packet_length+=n; +- else +- { +- s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]); +- s->packet_length=n; +- } +- s->s2->rbuf_left-=n; +- s->s2->rbuf_offs+=n; +- return(n); +- } +- +- if (!s->read_ahead) max=n; +- if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) +- max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2; +- +- +- /* Else we want more than we have. +- * First, if there is some left or we want to extend */ +- off=0; +- if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) +- { +- newb=s->s2->rbuf_left; +- if (extend) +- { +- off=s->packet_length; +- if (s->packet != s->s2->rbuf) +- memcpy(s->s2->rbuf,s->packet, +- (unsigned int)newb+off); +- } +- else if (s->s2->rbuf_offs != 0) +- { +- memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]), +- (unsigned int)newb); +- s->s2->rbuf_offs=0; +- } +- s->s2->rbuf_left=0; +- } +- else +- newb=0; +- +- /* off is the offset to start writing too. +- * r->s2->rbuf_offs is the 'unread data', now 0. +- * newb is the number of new bytes so far +- */ +- s->packet=s->s2->rbuf; +- while (newb < (int)n) +- { +- clear_sys_error(); +- if (s->rbio != NULL) +- { +- s->rwstate=SSL_READING; +- i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]), +- max-newb); +- } +- else +- { +- SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET); +- i= -1; +- } +-#ifdef PKT_DEBUG +- if (s->debug & 0x01) sleep(1); +-#endif +- if (i <= 0) +- { +- s->s2->rbuf_left+=newb; +- return(i); +- } +- newb+=i; +- } +- +- /* record unread data */ +- if (newb > (int)n) +- { +- s->s2->rbuf_offs=n+off; +- s->s2->rbuf_left=newb-n; +- } +- else +- { +- s->s2->rbuf_offs=0; +- s->s2->rbuf_left=0; +- } +- if (extend) +- s->packet_length+=n; +- else +- s->packet_length=n; +- s->rwstate=SSL_NOTHING; +- return(n); +- } +- +-int ssl2_write(SSL *s, const void *_buf, int len) +- { +- const unsigned char *buf=_buf; +- unsigned int n,tot; +- int i; +- +- if (SSL_in_init(s) && !s->in_handshake) +- { +- i=s->handshake_func(s); +- if (i < 0) return(i); +- if (i == 0) +- { +- SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); +- return(-1); +- } +- } +- +- if (s->error) +- { +- ssl2_write_error(s); +- if (s->error) +- return(-1); +- } +- +- clear_sys_error(); +- s->rwstate=SSL_NOTHING; +- if (len <= 0) return(len); +- +- tot=s->s2->wnum; +- s->s2->wnum=0; +- +- n=(len-tot); +- for (;;) +- { +- i=do_ssl_write(s,&(buf[tot]),n); +- if (i <= 0) +- { +- s->s2->wnum=tot; +- return(i); +- } +- if ((i == (int)n) || +- (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) +- { +- return(tot+i); +- } +- +- n-=i; +- tot+=i; +- } +- } +- +-static int write_pending(SSL *s, const unsigned char *buf, unsigned int len) +- { +- int i; +- +- /* s->s2->wpend_len != 0 MUST be true. */ +- +- /* check that they have given us the same buffer to +- * write */ +- if ((s->s2->wpend_tot > (int)len) || +- ((s->s2->wpend_buf != buf) && +- !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) +- { +- SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); +- return(-1); +- } +- +- for (;;) +- { +- clear_sys_error(); +- if (s->wbio != NULL) +- { +- s->rwstate=SSL_WRITING; +- i=BIO_write(s->wbio, +- (char *)&(s->s2->write_ptr[s->s2->wpend_off]), +- (unsigned int)s->s2->wpend_len); +- } +- else +- { +- SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET); +- i= -1; +- } +-#ifdef PKT_DEBUG +- if (s->debug & 0x01) sleep(1); +-#endif +- if (i == s->s2->wpend_len) +- { +- s->s2->wpend_len=0; +- s->rwstate=SSL_NOTHING; +- return(s->s2->wpend_ret); +- } +- else if (i <= 0) +- return(i); +- s->s2->wpend_off+=i; +- s->s2->wpend_len-=i; +- } +- } +- +-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) +- { +- unsigned int j,k,olen,p,mac_size,bs; +- register unsigned char *pp; +- +- olen=len; +- +- /* first check if there is data from an encryption waiting to +- * be sent - it must be sent because the other end is waiting. +- * This will happen with non-blocking IO. We print it and then +- * return. +- */ +- if (s->s2->wpend_len != 0) return(write_pending(s,buf,len)); +- +- /* set mac_size to mac size */ +- if (s->s2->clear_text) +- mac_size=0; +- else +- mac_size=EVP_MD_size(s->write_hash); +- +- /* lets set the pad p */ +- if (s->s2->clear_text) +- { +- if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) +- len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; +- p=0; +- s->s2->three_byte_header=0; +- /* len=len; */ +- } +- else +- { +- bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx); +- j=len+mac_size; +- /* Two-byte headers allow for a larger record length than +- * three-byte headers, but we can't use them if we need +- * padding or if we have to set the escape bit. */ +- if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) && +- (!s->s2->escape)) +- { +- if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) +- j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; +- /* set k to the max number of bytes with 2 +- * byte header */ +- k=j-(j%bs); +- /* how many data bytes? */ +- len=k-mac_size; +- s->s2->three_byte_header=0; +- p=0; +- } +- else if ((bs <= 1) && (!s->s2->escape)) +- { +- /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus +- * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */ +- s->s2->three_byte_header=0; +- p=0; +- } +- else /* we may have to use a 3 byte header */ +- { +- /* If s->s2->escape is not set, then +- * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus +- * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */ +- p=(j%bs); +- p=(p == 0)?0:(bs-p); +- if (s->s2->escape) +- { +- s->s2->three_byte_header=1; +- if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) +- j=SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER; +- } +- else +- s->s2->three_byte_header=(p == 0)?0:1; +- } +- } +- +- /* Now +- * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER +- * holds, and if s->s2->three_byte_header is set, then even +- * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER. +- */ +- +- /* mac_size is the number of MAC bytes +- * len is the number of data bytes we are going to send +- * p is the number of padding bytes +- * (if it is a two-byte header, then p == 0) */ +- +- s->s2->wlength=len; +- s->s2->padding=p; +- s->s2->mac_data= &(s->s2->wbuf[3]); +- s->s2->wact_data= &(s->s2->wbuf[3+mac_size]); +- /* we copy the data into s->s2->wbuf */ +- memcpy(s->s2->wact_data,buf,len); +- if (p) +- memset(&(s->s2->wact_data[len]),0,p); /* arbitrary padding */ +- +- if (!s->s2->clear_text) +- { +- s->s2->wact_data_length=len+p; +- ssl2_mac(s,s->s2->mac_data,1); +- s->s2->wlength+=p+mac_size; +- ssl2_enc(s,1); +- } +- +- /* package up the header */ +- s->s2->wpend_len=s->s2->wlength; +- if (s->s2->three_byte_header) /* 3 byte header */ +- { +- pp=s->s2->mac_data; +- pp-=3; +- pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8); +- if (s->s2->escape) pp[0]|=SEC_ESC_BIT; +- pp[1]=s->s2->wlength&0xff; +- pp[2]=s->s2->padding; +- s->s2->wpend_len+=3; +- } +- else +- { +- pp=s->s2->mac_data; +- pp-=2; +- pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT; +- pp[1]=s->s2->wlength&0xff; +- s->s2->wpend_len+=2; +- } +- s->s2->write_ptr=pp; +- +- INC32(s->s2->write_sequence); /* expect next number */ +- +- /* lets try to actually write the data */ +- s->s2->wpend_tot=olen; +- s->s2->wpend_buf=buf; +- +- s->s2->wpend_ret=len; +- +- s->s2->wpend_off=0; +- return(write_pending(s,buf,olen)); +- } +- +-int ssl2_part_read(SSL *s, unsigned long f, int i) +- { +- unsigned char *p; +- int j; +- +- if (i < 0) +- { +- /* ssl2_return_error(s); */ +- /* for non-blocking io, +- * this is not necessarily fatal */ +- return(i); +- } +- else +- { +- s->init_num+=i; +- +- /* Check for error. While there are recoverable errors, +- * this function is not called when those must be expected; +- * any error detected here is fatal. */ +- if (s->init_num >= 3) +- { +- p=(unsigned char *)s->init_buf->data; +- if (p[0] == SSL2_MT_ERROR) +- { +- j=(p[1]<<8)|p[2]; +- SSLerr((int)f,ssl_mt_error(j)); +- s->init_num -= 3; +- if (s->init_num > 0) +- memmove(p, p+3, s->init_num); +- } +- } +- +- /* If it's not an error message, we have some error anyway -- +- * the message was shorter than expected. This too is treated +- * as fatal (at least if SSL_get_error is asked for its opinion). */ +- return(0); +- } +- } +- +-int ssl2_do_write(SSL *s) +- { +- int ret; +- +- ret=ssl2_write(s,&s->init_buf->data[s->init_off],s->init_num); +- if (ret == s->init_num) +- { +- if (s->msg_callback) +- s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg); +- return(1); +- } +- if (ret < 0) +- return(-1); +- s->init_off+=ret; +- s->init_num-=ret; +- return(0); +- } +- +-static int ssl_mt_error(int n) +- { +- int ret; +- +- switch (n) +- { +- case SSL2_PE_NO_CIPHER: +- ret=SSL_R_PEER_ERROR_NO_CIPHER; +- break; +- case SSL2_PE_NO_CERTIFICATE: +- ret=SSL_R_PEER_ERROR_NO_CERTIFICATE; +- break; +- case SSL2_PE_BAD_CERTIFICATE: +- ret=SSL_R_PEER_ERROR_CERTIFICATE; +- break; +- case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE: +- ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE; +- break; +- default: +- ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE; +- break; +- } +- return(ret); +- } +-#else /* !OPENSSL_NO_SSL2 */ + + # if PEDANTIC + static void *dummy=&dummy; + # endif +- +-#endif +--- ../openssl.ssl23/ssl/s2_srvr.c 2006-01-30 14:49:59.000000000 +0100 ++++ ssl/s2_srvr.c 2014-11-01 04:23:42.000000000 +0100 +@@ -110,1050 +110,7 @@ + */ + + #include "ssl_locl.h" +-#ifndef OPENSSL_NO_SSL2 +-#include +-#include +-#include +-#include +-#include +- +-static SSL_METHOD *ssl2_get_server_method(int ver); +-static int get_client_master_key(SSL *s); +-static int get_client_hello(SSL *s); +-static int server_hello(SSL *s); +-static int get_client_finished(SSL *s); +-static int server_verify(SSL *s); +-static int server_finish(SSL *s); +-static int request_certificate(SSL *s); +-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, +- unsigned char *to,int padding); +-#define BREAK break +- +-static SSL_METHOD *ssl2_get_server_method(int ver) +- { +- if (ver == SSL2_VERSION) +- return(SSLv2_server_method()); +- else +- return(NULL); +- } +- +-SSL_METHOD *SSLv2_server_method(void) +- { +- static int init=1; +- static SSL_METHOD SSLv2_server_data; +- +- if (init) +- { +- CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); +- +- if (init) +- { +- memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(), +- sizeof(SSL_METHOD)); +- SSLv2_server_data.ssl_accept=ssl2_accept; +- SSLv2_server_data.get_ssl_method=ssl2_get_server_method; +- init=0; +- } +- +- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); +- } +- return(&SSLv2_server_data); +- } +- +-int ssl2_accept(SSL *s) +- { +- unsigned long l=(unsigned long)time(NULL); +- BUF_MEM *buf=NULL; +- int ret= -1; +- long num1; +- void (*cb)(const SSL *ssl,int type,int val)=NULL; +- int new_state,state; +- +- RAND_add(&l,sizeof(l),0); +- ERR_clear_error(); +- clear_sys_error(); +- +- if (s->info_callback != NULL) +- cb=s->info_callback; +- else if (s->ctx->info_callback != NULL) +- cb=s->ctx->info_callback; +- +- /* init things to blank */ +- s->in_handshake++; +- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); +- +- if (s->cert == NULL) +- { +- SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET); +- return(-1); +- } +- +- clear_sys_error(); +- for (;;) +- { +- state=s->state; +- +- switch (s->state) +- { +- case SSL_ST_BEFORE: +- case SSL_ST_ACCEPT: +- case SSL_ST_BEFORE|SSL_ST_ACCEPT: +- case SSL_ST_OK|SSL_ST_ACCEPT: +- +- s->server=1; +- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); +- +- s->version=SSL2_VERSION; +- s->type=SSL_ST_ACCEPT; +- +- buf=s->init_buf; +- if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) +- { ret= -1; goto end; } +- if (!BUF_MEM_grow(buf,(int) +- SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) +- { ret= -1; goto end; } +- s->init_buf=buf; +- s->init_num=0; +- s->ctx->stats.sess_accept++; +- s->handshake_func=ssl2_accept; +- s->state=SSL2_ST_GET_CLIENT_HELLO_A; +- BREAK; +- +- case SSL2_ST_GET_CLIENT_HELLO_A: +- case SSL2_ST_GET_CLIENT_HELLO_B: +- case SSL2_ST_GET_CLIENT_HELLO_C: +- s->shutdown=0; +- ret=get_client_hello(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- s->state=SSL2_ST_SEND_SERVER_HELLO_A; +- BREAK; +- +- case SSL2_ST_SEND_SERVER_HELLO_A: +- case SSL2_ST_SEND_SERVER_HELLO_B: +- ret=server_hello(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- if (!s->hit) +- { +- s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A; +- BREAK; +- } +- else +- { +- s->state=SSL2_ST_SERVER_START_ENCRYPTION; +- BREAK; +- } +- case SSL2_ST_GET_CLIENT_MASTER_KEY_A: +- case SSL2_ST_GET_CLIENT_MASTER_KEY_B: +- ret=get_client_master_key(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- s->state=SSL2_ST_SERVER_START_ENCRYPTION; +- BREAK; +- +- case SSL2_ST_SERVER_START_ENCRYPTION: +- /* Ok we how have sent all the stuff needed to +- * start encrypting, the next packet back will +- * be encrypted. */ +- if (!ssl2_enc_init(s,0)) +- { ret= -1; goto end; } +- s->s2->clear_text=0; +- s->state=SSL2_ST_SEND_SERVER_VERIFY_A; +- BREAK; +- +- case SSL2_ST_SEND_SERVER_VERIFY_A: +- case SSL2_ST_SEND_SERVER_VERIFY_B: +- ret=server_verify(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- if (s->hit) +- { +- /* If we are in here, we have been +- * buffering the output, so we need to +- * flush it and remove buffering from +- * future traffic */ +- s->state=SSL2_ST_SEND_SERVER_VERIFY_C; +- BREAK; +- } +- else +- { +- s->state=SSL2_ST_GET_CLIENT_FINISHED_A; +- break; +- } +- +- case SSL2_ST_SEND_SERVER_VERIFY_C: +- /* get the number of bytes to write */ +- num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); +- if (num1 != 0) +- { +- s->rwstate=SSL_WRITING; +- num1=BIO_flush(s->wbio); +- if (num1 <= 0) { ret= -1; goto end; } +- s->rwstate=SSL_NOTHING; +- } +- +- /* flushed and now remove buffering */ +- s->wbio=BIO_pop(s->wbio); +- +- s->state=SSL2_ST_GET_CLIENT_FINISHED_A; +- BREAK; +- +- case SSL2_ST_GET_CLIENT_FINISHED_A: +- case SSL2_ST_GET_CLIENT_FINISHED_B: +- ret=get_client_finished(s); +- if (ret <= 0) +- goto end; +- s->init_num=0; +- s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A; +- BREAK; +- +- case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: +- case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: +- case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: +- case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: +- /* don't do a 'request certificate' if we +- * don't want to, or we already have one, and +- * we only want to do it once. */ +- if (!(s->verify_mode & SSL_VERIFY_PEER) || +- ((s->session->peer != NULL) && +- (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) +- { +- s->state=SSL2_ST_SEND_SERVER_FINISHED_A; +- break; +- } +- else +- { +- ret=request_certificate(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- s->state=SSL2_ST_SEND_SERVER_FINISHED_A; +- } +- BREAK; +- +- case SSL2_ST_SEND_SERVER_FINISHED_A: +- case SSL2_ST_SEND_SERVER_FINISHED_B: +- ret=server_finish(s); +- if (ret <= 0) goto end; +- s->init_num=0; +- s->state=SSL_ST_OK; +- break; +- +- case SSL_ST_OK: +- BUF_MEM_free(s->init_buf); +- ssl_free_wbio_buffer(s); +- s->init_buf=NULL; +- s->init_num=0; +- /* ERR_clear_error();*/ +- +- ssl_update_cache(s,SSL_SESS_CACHE_SERVER); +- +- s->ctx->stats.sess_accept_good++; +- /* s->server=1; */ +- ret=1; +- +- if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); +- +- goto end; +- /* BREAK; */ +- +- default: +- SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE); +- ret= -1; +- goto end; +- /* BREAK; */ +- } +- +- if ((cb != NULL) && (s->state != state)) +- { +- new_state=s->state; +- s->state=state; +- cb(s,SSL_CB_ACCEPT_LOOP,1); +- s->state=new_state; +- } +- } +-end: +- s->in_handshake--; +- if (cb != NULL) +- cb(s,SSL_CB_ACCEPT_EXIT,ret); +- return(ret); +- } +- +-static int get_client_master_key(SSL *s) +- { +- int is_export,i,n,keya,ek; +- unsigned long len; +- unsigned char *p; +- SSL_CIPHER *cp; +- const EVP_CIPHER *c; +- const EVP_MD *md; +- +- p=(unsigned char *)s->init_buf->data; +- if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) +- { +- i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num); +- +- if (i < (10-s->init_num)) +- return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); +- s->init_num = 10; +- +- if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) +- { +- if (p[-1] != SSL2_MT_ERROR) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE); +- } +- else +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR); +- return(-1); +- } +- +- cp=ssl2_get_cipher_by_char(p); +- if (cp == NULL) +- { +- ssl2_return_error(s,SSL2_PE_NO_CIPHER); +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); +- return(-1); +- } +- s->session->cipher= cp; +- +- p+=3; +- n2s(p,i); s->s2->tmp.clear=i; +- n2s(p,i); s->s2->tmp.enc=i; +- n2s(p,i); s->session->key_arg_length=i; +- if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG); +- return -1; +- } +- s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B; +- } +- +- /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ +- p=(unsigned char *)s->init_buf->data; +- if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- keya=s->session->key_arg_length; +- len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya; +- if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_MESSAGE_TOO_LONG); +- return -1; +- } +- n = (int)len - s->init_num; +- i = ssl2_read(s,(char *)&(p[s->init_num]),n); +- if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); +- if (s->msg_callback) +- s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */ +- p += 10; +- +- memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]), +- (unsigned int)keya); +- +- if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); +- return(-1); +- } +- i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, +- &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), +- (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); +- +- is_export=SSL_C_IS_EXPORT(s->session->cipher); +- +- if (!ssl_cipher_get_evp(s->session,&c,&md,NULL)) +- { +- ssl2_return_error(s,SSL2_PE_NO_CIPHER); +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); +- return(0); +- } +- +- if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) +- { +- is_export=1; +- ek=8; +- } +- else +- ek=5; +- +- /* bad decrypt */ +-#if 1 +- /* If a bad decrypt, continue with protocol but with a +- * random master secret (Bleichenbacher attack) */ +- if ((i < 0) || +- ((!is_export && (i != EVP_CIPHER_key_length(c))) +- || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i != +- (unsigned int)EVP_CIPHER_key_length(c)))))) +- { +- ERR_clear_error(); +- if (is_export) +- i=ek; +- else +- i=EVP_CIPHER_key_length(c); +- if(RAND_pseudo_bytes(p,i) <= 0) +- return 0; +- } +-#else +- if (i < 0) +- { +- error=1; +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT); +- } +- /* incorrect number of key bytes for non export cipher */ +- else if ((!is_export && (i != EVP_CIPHER_key_length(c))) +- || (is_export && ((i != ek) || (s->s2->tmp.clear+i != +- EVP_CIPHER_key_length(c))))) +- { +- error=1; +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS); +- } +- if (error) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- return(-1); +- } +-#endif +- +- if (is_export) i+=s->s2->tmp.clear; +- +- if (i > SSL_MAX_MASTER_KEY_LENGTH) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- s->session->master_key_length=i; +- memcpy(s->session->master_key,p,(unsigned int)i); +- return(1); +- } +- +-static int get_client_hello(SSL *s) +- { +- int i,n; +- unsigned long len; +- unsigned char *p; +- STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */ +- STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */ +- STACK_OF(SSL_CIPHER) *prio, *allow; +- int z; +- +- /* This is a bit of a hack to check for the correct packet +- * type the first time round. */ +- if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) +- { +- s->first_packet=1; +- s->state=SSL2_ST_GET_CLIENT_HELLO_B; +- } +- +- p=(unsigned char *)s->init_buf->data; +- if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) +- { +- i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num); +- if (i < (9-s->init_num)) +- return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i)); +- s->init_num = 9; +- +- if (*(p++) != SSL2_MT_CLIENT_HELLO) +- { +- if (p[-1] != SSL2_MT_ERROR) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE); +- } +- else +- SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); +- return(-1); +- } +- n2s(p,i); +- if (i < s->version) s->version=i; +- n2s(p,i); s->s2->tmp.cipher_spec_length=i; +- n2s(p,i); s->s2->tmp.session_id_length=i; +- n2s(p,i); s->s2->challenge_length=i; +- if ( (i < SSL2_MIN_CHALLENGE_LENGTH) || +- (i > SSL2_MAX_CHALLENGE_LENGTH)) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH); +- return(-1); +- } +- s->state=SSL2_ST_GET_CLIENT_HELLO_C; +- } +- +- /* SSL2_ST_GET_CLIENT_HELLO_C */ +- p=(unsigned char *)s->init_buf->data; +- len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length; +- if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_MESSAGE_TOO_LONG); +- return -1; +- } +- n = (int)len - s->init_num; +- i = ssl2_read(s,(char *)&(p[s->init_num]),n); +- if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i)); +- if (s->msg_callback) +- s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */ +- p += 9; +- +- /* get session-id before cipher stuff so we can get out session +- * structure if it is cached */ +- /* session-id */ +- if ((s->s2->tmp.session_id_length != 0) && +- (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH); +- return(-1); +- } +- +- if (s->s2->tmp.session_id_length == 0) +- { +- if (!ssl_get_new_session(s,1)) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- return(-1); +- } +- } +- else +- { +- i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]), +- s->s2->tmp.session_id_length); +- if (i == 1) +- { /* previous session */ +- s->hit=1; +- } +- else if (i == -1) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- return(-1); +- } +- else +- { +- if (s->cert == NULL) +- { +- ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE); +- SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET); +- return(-1); +- } +- +- if (!ssl_get_new_session(s,1)) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- return(-1); +- } +- } +- } +- +- if (!s->hit) +- { +- cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length, +- &s->session->ciphers); +- if (cs == NULL) goto mem_err; +- +- cl=SSL_get_ciphers(s); +- +- if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) +- { +- prio=sk_SSL_CIPHER_dup(cl); +- if (prio == NULL) goto mem_err; +- allow = cs; +- } +- else +- { +- prio = cs; +- allow = cl; +- } +- for (z=0; zoptions & SSL_OP_CIPHER_SERVER_PREFERENCE) +- { +- sk_SSL_CIPHER_free(s->session->ciphers); +- s->session->ciphers = prio; +- } +- /* s->session->ciphers should now have a list of +- * ciphers that are on both the client and server. +- * This list is ordered by the order the client sent +- * the ciphers or in the order of the server's preference +- * if SSL_OP_CIPHER_SERVER_PREFERENCE was set. +- */ +- } +- p+=s->s2->tmp.cipher_spec_length; +- /* done cipher selection */ +- +- /* session id extracted already */ +- p+=s->s2->tmp.session_id_length; +- +- /* challenge */ +- if (s->s2->challenge_length > sizeof s->s2->challenge) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length); +- return(1); +-mem_err: +- SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); +- return(0); +- } +- +-static int server_hello(SSL *s) +- { +- unsigned char *p,*d; +- int n,hit; +- STACK_OF(SSL_CIPHER) *sk; +- +- p=(unsigned char *)s->init_buf->data; +- if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) +- { +- d=p+11; +- *(p++)=SSL2_MT_SERVER_HELLO; /* type */ +- hit=s->hit; +- *(p++)=(unsigned char)hit; +-#if 1 +- if (!hit) +- { +- if (s->session->sess_cert != NULL) +- /* This can't really happen because get_client_hello +- * has called ssl_get_new_session, which does not set +- * sess_cert. */ +- ssl_sess_cert_free(s->session->sess_cert); +- s->session->sess_cert = ssl_sess_cert_new(); +- if (s->session->sess_cert == NULL) +- { +- SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE); +- return(-1); +- } +- } +- /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL, +- * depending on whether it survived in the internal cache +- * or was retrieved from an external cache. +- * If it is NULL, we cannot put any useful data in it anyway, +- * so we don't touch it. +- */ +- +-#else /* That's what used to be done when cert_st and sess_cert_st were +- * the same. */ +- if (!hit) +- { /* else add cert to session */ +- CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT); +- if (s->session->sess_cert != NULL) +- ssl_cert_free(s->session->sess_cert); +- s->session->sess_cert=s->cert; +- } +- else /* We have a session id-cache hit, if the +- * session-id has no certificate listed against +- * the 'cert' structure, grab the 'old' one +- * listed against the SSL connection */ +- { +- if (s->session->sess_cert == NULL) +- { +- CRYPTO_add(&s->cert->references,1, +- CRYPTO_LOCK_SSL_CERT); +- s->session->sess_cert=s->cert; +- } +- } +-#endif +- +- if (s->cert == NULL) +- { +- ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE); +- SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED); +- return(-1); +- } +- +- if (hit) +- { +- *(p++)=0; /* no certificate type */ +- s2n(s->version,p); /* version */ +- s2n(0,p); /* cert len */ +- s2n(0,p); /* ciphers len */ +- } +- else +- { +- /* EAY EAY */ +- /* put certificate type */ +- *(p++)=SSL2_CT_X509_CERTIFICATE; +- s2n(s->version,p); /* version */ +- n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); +- s2n(n,p); /* certificate length */ +- i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d); +- n=0; +- +- /* lets send out the ciphers we like in the +- * prefered order */ +- sk= s->session->ciphers; +- n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0); +- d+=n; +- s2n(n,p); /* add cipher length */ +- } +- +- /* make and send conn_id */ +- s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */ +- s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH; +- if(RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0) +- return -1; +- memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH); +- d+=SSL2_CONNECTION_ID_LENGTH; +- +- s->state=SSL2_ST_SEND_SERVER_HELLO_B; +- s->init_num=d-(unsigned char *)s->init_buf->data; +- s->init_off=0; +- } +- /* SSL2_ST_SEND_SERVER_HELLO_B */ +- /* If we are using TCP/IP, the performance is bad if we do 2 +- * writes without a read between them. This occurs when +- * Session-id reuse is used, so I will put in a buffering module +- */ +- if (s->hit) +- { +- if (!ssl_init_wbio_buffer(s,1)) return(-1); +- } +- +- return(ssl2_do_write(s)); +- } +- +-static int get_client_finished(SSL *s) +- { +- unsigned char *p; +- int i, n; +- unsigned long len; +- +- p=(unsigned char *)s->init_buf->data; +- if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) +- { +- i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); +- if (i < 1-s->init_num) +- return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i)); +- s->init_num += i; +- +- if (*p != SSL2_MT_CLIENT_FINISHED) +- { +- if (*p != SSL2_MT_ERROR) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE); +- } +- else +- { +- SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR); +- /* try to read the error message */ +- i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); +- return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); +- } +- return(-1); +- } +- s->state=SSL2_ST_GET_CLIENT_FINISHED_B; +- } +- +- /* SSL2_ST_GET_CLIENT_FINISHED_B */ +- if (s->s2->conn_id_length > sizeof s->s2->conn_id) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- len = 1 + (unsigned long)s->s2->conn_id_length; +- n = (int)len - s->init_num; +- i = ssl2_read(s,(char *)&(p[s->init_num]),n); +- if (i < n) +- { +- return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i)); +- } +- if (s->msg_callback) +- s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */ +- p += 1; +- if (memcmp(p,s->s2->conn_id,s->s2->conn_id_length) != 0) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT); +- return(-1); +- } +- return(1); +- } +- +-static int server_verify(SSL *s) +- { +- unsigned char *p; +- +- if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) +- { +- p=(unsigned char *)s->init_buf->data; +- *(p++)=SSL2_MT_SERVER_VERIFY; +- if (s->s2->challenge_length > sizeof s->s2->challenge) +- { +- SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); +- /* p+=s->s2->challenge_length; */ +- +- s->state=SSL2_ST_SEND_SERVER_VERIFY_B; +- s->init_num=s->s2->challenge_length+1; +- s->init_off=0; +- } +- return(ssl2_do_write(s)); +- } +- +-static int server_finish(SSL *s) +- { +- unsigned char *p; +- +- if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) +- { +- p=(unsigned char *)s->init_buf->data; +- *(p++)=SSL2_MT_SERVER_FINISHED; +- +- if (s->session->session_id_length > sizeof s->session->session_id) +- { +- SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR); +- return -1; +- } +- memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length); +- /* p+=s->session->session_id_length; */ +- +- s->state=SSL2_ST_SEND_SERVER_FINISHED_B; +- s->init_num=s->session->session_id_length+1; +- s->init_off=0; +- } +- +- /* SSL2_ST_SEND_SERVER_FINISHED_B */ +- return(ssl2_do_write(s)); +- } +- +-/* send the request and check the response */ +-static int request_certificate(SSL *s) +- { +- unsigned char *p,*p2,*buf2; +- unsigned char *ccd; +- int i,j,ctype,ret= -1; +- unsigned long len; +- X509 *x509=NULL; +- STACK_OF(X509) *sk=NULL; +- +- ccd=s->s2->tmp.ccl; +- if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) +- { +- p=(unsigned char *)s->init_buf->data; +- *(p++)=SSL2_MT_REQUEST_CERTIFICATE; +- *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION; +- if(RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0) +- return -1; +- memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); +- +- s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B; +- s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2; +- s->init_off=0; +- } +- +- if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) +- { +- i=ssl2_do_write(s); +- if (i <= 0) +- { +- ret=i; +- goto end; +- } +- +- s->init_num=0; +- s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C; +- } +- +- if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) +- { +- p=(unsigned char *)s->init_buf->data; +- i=ssl2_read(s,(char *)&(p[s->init_num]),6-s->init_num); /* try to read 6 octets ... */ +- if (i < 3-s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3 +- * (probably NO-CERTIFICATE-ERROR) */ +- { +- ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i); +- goto end; +- } +- s->init_num += i; +- +- if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) +- { +- n2s(p,i); +- if (i != SSL2_PE_NO_CERTIFICATE) +- { +- /* not the error message we expected -- let ssl2_part_read handle it */ +- s->init_num -= 3; +- ret = ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE, 3); +- goto end; +- } +- +- if (s->msg_callback) +- s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */ +- +- /* this is the one place where we can recover from an SSL 2.0 error */ +- +- if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) +- { +- ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); +- SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); +- goto end; +- } +- ret=1; +- goto end; +- } +- if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) +- { +- ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); +- SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ); +- goto end; +- } +- if (s->init_num != 6) +- { +- SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR); +- goto end; +- } +- +- /* ok we have a response */ +- /* certificate type, there is only one right now. */ +- ctype= *(p++); +- if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) +- { +- ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); +- SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT); +- goto end; +- } +- n2s(p,i); s->s2->tmp.clen=i; +- n2s(p,i); s->s2->tmp.rlen=i; +- s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D; +- } +- +- /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */ +- p=(unsigned char *)s->init_buf->data; +- len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen; +- if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) +- { +- SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_MESSAGE_TOO_LONG); +- goto end; +- } +- j = (int)len - s->init_num; +- i = ssl2_read(s,(char *)&(p[s->init_num]),j); +- if (i < j) +- { +- ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i); +- goto end; +- } +- if (s->msg_callback) +- s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */ +- p += 6; +- +- x509=(X509 *)d2i_X509(NULL,&p,(long)s->s2->tmp.clen); +- if (x509 == NULL) +- { +- SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB); +- goto msg_end; +- } +- +- if (((sk=sk_X509_new_null()) == NULL) || (!sk_X509_push(sk,x509))) +- { +- SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE); +- goto msg_end; +- } +- +- i=ssl_verify_cert_chain(s,sk); +- +- if (i) /* we like the packet, now check the chksum */ +- { +- EVP_MD_CTX ctx; +- EVP_PKEY *pkey=NULL; +- +- EVP_MD_CTX_init(&ctx); +- EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL); +- EVP_VerifyUpdate(&ctx,s->s2->key_material, +- s->s2->key_material_length); +- EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); +- +- i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); +- buf2=OPENSSL_malloc((unsigned int)i); +- if (buf2 == NULL) +- { +- SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE); +- goto msg_end; +- } +- p2=buf2; +- i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2); +- EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i); +- OPENSSL_free(buf2); +- +- pkey=X509_get_pubkey(x509); +- if (pkey == NULL) goto end; +- i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey); +- EVP_PKEY_free(pkey); +- EVP_MD_CTX_cleanup(&ctx); +- +- if (i) +- { +- if (s->session->peer != NULL) +- X509_free(s->session->peer); +- s->session->peer=x509; +- CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); +- s->session->verify_result = s->verify_result; +- ret=1; +- goto end; +- } +- else +- { +- SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM); +- goto msg_end; +- } +- } +- else +- { +-msg_end: +- ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); +- } +-end: +- sk_X509_free(sk); +- X509_free(x509); +- return(ret); +- } +- +-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, +- unsigned char *to, int padding) +- { +- RSA *rsa; +- int i; +- +- if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) +- { +- SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY); +- return(-1); +- } +- if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) +- { +- SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA); +- return(-1); +- } +- rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa; +- +- /* we have the public key */ +- i=RSA_private_decrypt(len,from,to,rsa,padding); +- if (i < 0) +- SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB); +- return(i); +- } +-#else /* !OPENSSL_NO_SSL2 */ + + # if PEDANTIC + static void *dummy=&dummy; + # endif +- +-#endif +--- ../openssl.ssl23/ssl/ssl.h 2014-11-01 03:46:38.000000000 +0100 ++++ ssl/ssl.h 2014-11-01 04:08:08.000000000 +0100 +@@ -322,9 +322,7 @@ + extern "C" { + #endif + +-#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2) + #define OPENSSL_NO_SSL2 +-#endif + + #define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 + #define SSL_FILETYPE_PEM X509_FILETYPE_PEM +--- ../openssl.ssl23/ssl/ssl_stat.c 2002-01-12 16:56:13.000000000 +0100 ++++ ssl/ssl_stat.c 2014-11-01 04:26:19.000000000 +0100 +@@ -74,46 +74,6 @@ + case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break; + case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break; + case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break; +-#ifndef OPENSSL_NO_SSL2 +-case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break; +-case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break; +-case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break; +-case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break; +-case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break; +-case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break; +-case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break; +-case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break; +-case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break; +-case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break; +-case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break; +-case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break; +-case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break; +-case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break; +-case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break; +-case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break; +-case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break; +-case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break; +-case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break; +-case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break; +-case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break; +-case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break; +-case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break; +-case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break; +-case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break; +-case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break; +-case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break; +-case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break; +-case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break; +-case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break; +-case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break; +-case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break; +-case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break; +-case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break; +-case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break; +-case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break; +-case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break; +-case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break; +-#endif + + #ifndef OPENSSL_NO_SSL3 + /* SSLv3 additions */ +@@ -223,46 +183,6 @@ + case SSL_ST_ACCEPT: str="AINIT "; break; + case SSL_ST_CONNECT: str="CINIT "; break; + case SSL_ST_OK: str="SSLOK "; break; +-#ifndef OPENSSL_NO_SSL2 +-case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break; +-case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break; +-case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break; +-case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break; +-case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break; +-case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break; +-case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break; +-case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break; +-case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break; +-case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break; +-case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break; +-case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break; +-case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break; +-case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break; +-case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break; +-case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break; +-case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break; +-case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break; +-case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break; +-case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break; +-case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break; +-case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break; +-case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break; +-case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break; +-case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break; +-case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break; +-case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break; +-case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break; +-case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break; +-case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break; +-case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break; +-case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break; +-case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break; +-case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break; +-case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break; +-case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break; +-case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break; +-case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break; +-#endif + + #ifndef OPENSSL_NO_SSL3 + /* SSLv3 additions */ +--- ../openssl.ssl23/ssl/ssltest.c 2006-01-21 15:01:28.000000000 +0100 ++++ ssl/ssltest.c 2014-11-01 04:29:15.000000000 +0100 +@@ -229,9 +229,6 @@ + fprintf(stderr," -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); + fprintf(stderr," -no_dhe - disable DHE\n"); + #endif +-#ifndef OPENSSL_NO_SSL2 +- fprintf(stderr," -ssl2 - use SSLv2\n"); +-#endif + #ifndef OPENSSL_NO_SSL3 + fprintf(stderr," -ssl3 - use SSLv3\n"); + #endif +@@ -470,8 +467,6 @@ + } + else if (strcmp(*argv,"-no_dhe") == 0) + no_dhe=1; +- else if (strcmp(*argv,"-ssl2") == 0) +- ssl2=1; + else if (strcmp(*argv,"-tls1") == 0) + tls1=1; + else if (strcmp(*argv,"-ssl3") == 0) +@@ -585,7 +580,7 @@ + { + fprintf(stderr, "This case cannot work. Use -f to perform " + "the test anyway (and\n-d to see what happens), " +- "or add one of -ssl2, -ssl3, -tls1, -reuse\n" ++ "or add one of -ssl3, -tls1, -reuse\n" + "to avoid protocol mismatch.\n"); + EXIT(1); + } +@@ -645,9 +640,6 @@ + } + + #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) +- if (ssl2) +- meth=SSLv2_method(); +- else + if (tls1) + meth=TLSv1_method(); + else +@@ -656,11 +648,7 @@ + else + meth=SSLv23_method(); + #else +-#ifdef OPENSSL_NO_SSL2 +- meth=SSLv3_method(); +-#else +- meth=SSLv2_method(); +-#endif ++ meth=SSLv23_method(); + #endif + + c_ctx=SSL_CTX_new(meth); diff -Naur OpenSSL-38-opensource.apple.com-orig/patches/s23_meth_nov2.patch OpenSSL-38/patches/s23_meth_nov2.patch --- OpenSSL-38-opensource.apple.com-orig/patches/s23_meth_nov2.patch 1970-01-01 01:00:00.000000000 +0100 +++ OpenSSL-38/patches/s23_meth_nov2.patch 2014-10-17 15:30:36.000000000 +0200 @@ -0,0 +1,13 @@ +--- ../openssl.sslv2/ssl/s23_meth.c 2002-09-26 17:54:14.000000000 +0200 ++++ ssl/s23_meth.c 2014-10-16 15:11:14.000000000 +0200 +@@ -63,9 +63,7 @@ + static SSL_METHOD *ssl23_get_method(int ver); + static SSL_METHOD *ssl23_get_method(int ver) + { +- if (ver == SSL2_VERSION) +- return(SSLv2_method()); +- else if (ver == SSL3_VERSION) ++ if (ver == SSL3_VERSION) + return(SSLv3_method()); + else if (ver == TLS1_VERSION) + return(TLSv1_method());