FCL/sf/os/ossrv: ssl/libssl/src/s2_srvr.c@104bd6aeae10 (annotated)

0 e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1	/* ssl/s2_srvr.c */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	3	* All rights reserved.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	4	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	5	* This package is an SSL implementation written
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	6	* by Eric Young (eay@cryptsoft.com).
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	7	* The implementation was written so as to conform with Netscapes SSL.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	8	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	9	* This library is free for commercial and non-commercial use as long as
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	10	* the following conditions are aheared to. The following conditions
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	11	* apply to all code found in this distribution, be it the RC4, RSA,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	13	* included with this distribution is covered by the same copyright terms
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	15	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	16	* Copyright remains Eric Young's, and as such any Copyright notices in
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	17	* the code are not to be removed.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	18	* If this package is used in a product, Eric Young should be given attribution
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	19	* as the author of the parts of the library used.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	20	* This can be in the form of a textual message at program startup or
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	21	* in documentation (online or textual) provided with the package.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	22	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	23	* Redistribution and use in source and binary forms, with or without
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	24	* modification, are permitted provided that the following conditions
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	25	* are met:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	26	* 1. Redistributions of source code must retain the copyright
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	27	* notice, this list of conditions and the following disclaimer.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	28	* 2. Redistributions in binary form must reproduce the above copyright
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	29	* notice, this list of conditions and the following disclaimer in the
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	30	* documentation and/or other materials provided with the distribution.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	31	* 3. All advertising materials mentioning features or use of this software
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	32	* must display the following acknowledgement:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	33	* "This product includes cryptographic software written by
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	34	* Eric Young (eay@cryptsoft.com)"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	35	* The word 'cryptographic' can be left out if the rouines from the library
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	36	* being used are not cryptographic related :-).
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	37	* 4. If you include any Windows specific code (or a derivative thereof) from
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	38	* the apps directory (application code) you must include an acknowledgement:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	40	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	51	* SUCH DAMAGE.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	52	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	53	* The licence and distribution terms for any publically available version or
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	55	* copied and put under another distribution licence
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	56	* [including the GNU Public Licence.]
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	57	*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	58	/* ====================================================================
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	59	* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	60	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	61	* Redistribution and use in source and binary forms, with or without
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	62	* modification, are permitted provided that the following conditions
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	63	* are met:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	64	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	65	* 1. Redistributions of source code must retain the above copyright
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	66	* notice, this list of conditions and the following disclaimer.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	67	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	68	* 2. Redistributions in binary form must reproduce the above copyright
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	69	* notice, this list of conditions and the following disclaimer in
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	70	* the documentation and/or other materials provided with the
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	71	* distribution.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	72	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	73	* 3. All advertising materials mentioning features or use of this
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	74	* software must display the following acknowledgment:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	75	* "This product includes software developed by the OpenSSL Project
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	76	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	77	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	78	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	79	* endorse or promote products derived from this software without
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	80	* prior written permission. For written permission, please contact
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	81	* openssl-core@openssl.org.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	82	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	83	* 5. Products derived from this software may not be called "OpenSSL"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	84	* nor may "OpenSSL" appear in their names without prior written
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	85	* permission of the OpenSSL Project.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	86	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	87	* 6. Redistributions of any form whatsoever must retain the following
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	88	* acknowledgment:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	89	* "This product includes software developed by the OpenSSL Project
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	90	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	91	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	92	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	93	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	94	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	95	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	96	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	97	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	98	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	99	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	100	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	101	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	102	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	103	* OF THE POSSIBILITY OF SUCH DAMAGE.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	104	* ====================================================================
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	105	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	106	* This product includes cryptographic software written by Eric Young
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	107	* (eay@cryptsoft.com). This product includes software written by Tim
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	108	* Hudson (tjh@cryptsoft.com).
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	109	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	110	*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	111	/*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	112	© Portions copyright (c) 2006 Nokia Corporation. All rights reserved.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	113	*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	114
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	115	#include "ssl_locl.h"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	116	#ifndef OPENSSL_NO_SSL2
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	117	#include <stdio.h>
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	118	#include <openssl/bio.h>
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	119	#include <openssl/rand.h>
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	120	#include <openssl/objects.h>
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	121	#include <openssl/evp.h>
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	122
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	123	#if (defined(SYMBIAN) && (defined(__WINSCW__) \|\| defined(__WINS__)))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	124	#include "libssl_wsd.h"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	125	#endif
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	126
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	127	#ifdef EMULATOR
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	128
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	129	GET_STATIC_VAR_FROM_TLS(SSLv2_server_method_data,s2_srvr,SSL_METHOD)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	130
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	131	#define SSLv2_server_method_data (*GET_WSD_VAR_NAME(SSLv2_server_method_data,s2_srvr,s)())
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	132
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	133	#endif
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	134	static SSL_METHOD *ssl2_get_server_method(int ver);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	135	static int get_client_master_key(SSL *s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	136	static int get_client_hello(SSL *s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	137	static int server_hello(SSL *s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	138	static int get_client_finished(SSL *s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	139	static int server_verify(SSL *s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	140	static int server_finish(SSL *s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	141	static int request_certificate(SSL *s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	142	static int ssl_rsa_private_decrypt(CERT c, int len, unsigned char from,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	143	unsigned char *to,int padding);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	144	#define BREAK break
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	145
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	146	static SSL_METHOD *ssl2_get_server_method(int ver)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	147	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	148	if (ver == SSL2_VERSION)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	149	return(SSLv2_server_method());
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	150	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	151	return(NULL);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	152	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	153
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	154	EXPORT_C IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	155	ssl2_accept,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	156	ssl_undefined_function,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	157	ssl2_get_server_method)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	158
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	159	int ssl2_accept(SSL *s)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	160	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	161	unsigned long l=(unsigned long)time(NULL);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	162	BUF_MEM *buf=NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	163	int ret= -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	164	long num1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	165	void (cb)(const SSL ssl,int type,int val)=NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	166	int new_state,state;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	167
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	168	RAND_add(&l,sizeof(l),0);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	169	ERR_clear_error();
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	170	clear_sys_error();
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	171
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	172	if (s->info_callback != NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	173	cb=s->info_callback;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	174	else if (s->ctx->info_callback != NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	175	cb=s->ctx->info_callback;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	176
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	177	/* init things to blank */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	178	s->in_handshake++;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	179	if (!SSL_in_init(s) \|\| SSL_in_before(s)) SSL_clear(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	180
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	181	if (s->cert == NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	182	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	183	SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	184	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	185	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	186
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	187	clear_sys_error();
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	188	for (;;)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	189	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	190	state=s->state;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	191
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	192	switch (s->state)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	193	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	194	case SSL_ST_BEFORE:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	195	case SSL_ST_ACCEPT:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	196	case SSL_ST_BEFORE\|SSL_ST_ACCEPT:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	197	case SSL_ST_OK\|SSL_ST_ACCEPT:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	198
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	199	s->server=1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	200	if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	201
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	202	s->version=SSL2_VERSION;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	203	s->type=SSL_ST_ACCEPT;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	204
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	205	buf=s->init_buf;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	206	if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	207	{ ret= -1; goto end; }
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	208	if (!BUF_MEM_grow(buf,(int)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	209	SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	210	{ ret= -1; goto end; }
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	211	s->init_buf=buf;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	212	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	213	s->ctx->stats.sess_accept++;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	214	s->handshake_func=ssl2_accept;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	215	s->state=SSL2_ST_GET_CLIENT_HELLO_A;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	216	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	217
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	218	case SSL2_ST_GET_CLIENT_HELLO_A:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	219	case SSL2_ST_GET_CLIENT_HELLO_B:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	220	case SSL2_ST_GET_CLIENT_HELLO_C:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	221	s->shutdown=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	222	ret=get_client_hello(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	223	if (ret <= 0) goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	224	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	225	s->state=SSL2_ST_SEND_SERVER_HELLO_A;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	226	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	227
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	228	case SSL2_ST_SEND_SERVER_HELLO_A:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	229	case SSL2_ST_SEND_SERVER_HELLO_B:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	230	ret=server_hello(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	231	if (ret <= 0) goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	232	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	233	if (!s->hit)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	234	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	235	s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	236	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	237	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	238	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	239	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	240	s->state=SSL2_ST_SERVER_START_ENCRYPTION;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	241	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	242	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	243	case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	244	case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	245	ret=get_client_master_key(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	246	if (ret <= 0) goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	247	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	248	s->state=SSL2_ST_SERVER_START_ENCRYPTION;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	249	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	250
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	251	case SSL2_ST_SERVER_START_ENCRYPTION:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	252	/* Ok we how have sent all the stuff needed to
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	253	* start encrypting, the next packet back will
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	254	* be encrypted. */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	255	if (!ssl2_enc_init(s,0))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	256	{ ret= -1; goto end; }
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	257	s->s2->clear_text=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	258	s->state=SSL2_ST_SEND_SERVER_VERIFY_A;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	259	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	260
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	261	case SSL2_ST_SEND_SERVER_VERIFY_A:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	262	case SSL2_ST_SEND_SERVER_VERIFY_B:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	263	ret=server_verify(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	264	if (ret <= 0) goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	265	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	266	if (s->hit)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	267	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	268	/* If we are in here, we have been
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	269	* buffering the output, so we need to
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	270	* flush it and remove buffering from
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	271	* future traffic */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	272	s->state=SSL2_ST_SEND_SERVER_VERIFY_C;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	273	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	274	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	275	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	276	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	277	s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	278	break;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	279	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	280
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	281	case SSL2_ST_SEND_SERVER_VERIFY_C:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	282	/* get the number of bytes to write */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	283	num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	284	if (num1 != 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	285	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	286	s->rwstate=SSL_WRITING;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	287	num1=BIO_flush(s->wbio);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	288	if (num1 <= 0) { ret= -1; goto end; }
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	289	s->rwstate=SSL_NOTHING;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	290	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	291
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	292	/* flushed and now remove buffering */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	293	s->wbio=BIO_pop(s->wbio);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	294
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	295	s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	296	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	297
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	298	case SSL2_ST_GET_CLIENT_FINISHED_A:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	299	case SSL2_ST_GET_CLIENT_FINISHED_B:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	300	ret=get_client_finished(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	301	if (ret <= 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	302	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	303	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	304	s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	305	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	306
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	307	case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	308	case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	309	case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	310	case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	311	/* don't do a 'request certificate' if we
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	312	* don't want to, or we already have one, and
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	313	* we only want to do it once. */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	314	if (!(s->verify_mode & SSL_VERIFY_PEER) \|\|
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	315	((s->session->peer != NULL) &&
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	316	(s->verify_mode & SSL_VERIFY_CLIENT_ONCE)))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	317	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	318	s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	319	break;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	320	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	321	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	322	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	323	ret=request_certificate(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	324	if (ret <= 0) goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	325	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	326	s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	327	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	328	BREAK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	329
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	330	case SSL2_ST_SEND_SERVER_FINISHED_A:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	331	case SSL2_ST_SEND_SERVER_FINISHED_B:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	332	ret=server_finish(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	333	if (ret <= 0) goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	334	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	335	s->state=SSL_ST_OK;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	336	break;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	337
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	338	case SSL_ST_OK:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	339	BUF_MEM_free(s->init_buf);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	340	ssl_free_wbio_buffer(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	341	s->init_buf=NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	342	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	343	/* ERR_clear_error();*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	344
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	345	ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	346
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	347	s->ctx->stats.sess_accept_good++;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	348	/* s->server=1; */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	349	ret=1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	350
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	351	if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	352
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	353	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	354	/* BREAK; */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	355
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	356	default:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	357	SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	358	ret= -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	359	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	360	/* BREAK; */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	361	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	362
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	363	if ((cb != NULL) && (s->state != state))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	364	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	365	new_state=s->state;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	366	s->state=state;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	367	cb(s,SSL_CB_ACCEPT_LOOP,1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	368	s->state=new_state;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	369	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	370	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	371	end:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	372	s->in_handshake--;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	373	if (cb != NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	374	cb(s,SSL_CB_ACCEPT_EXIT,ret);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	375	return(ret);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	376	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	377
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	378	static int get_client_master_key(SSL *s)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	379	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	380	int is_export,i,n,keya,ek;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	381	unsigned long len;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	382	unsigned char *p;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	383	SSL_CIPHER *cp;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	384	const EVP_CIPHER *c;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	385	const EVP_MD *md;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	386
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	387	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	388	if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	389	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	390	i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	391
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	392	if (i < (10-s->init_num))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	393	return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	394	s->init_num = 10;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	395
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	396	if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	397	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	398	if (p[-1] != SSL2_MT_ERROR)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	399	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	400	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	401	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	402	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	403	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	404	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	405	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	406	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	407
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	408	cp=ssl2_get_cipher_by_char(p);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	409	if (cp == NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	410	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	411	ssl2_return_error(s,SSL2_PE_NO_CIPHER);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	412	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	413	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	414	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	415	s->session->cipher= cp;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	416
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	417	p+=3;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	418	n2s(p,i); s->s2->tmp.clear=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	419	n2s(p,i); s->s2->tmp.enc=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	420	n2s(p,i); s->session->key_arg_length=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	421	if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	422	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	423	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	424	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	425	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	426	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	427	s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	428	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	429
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	430	/* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	431	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	432	if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	433	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	434	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	435	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	436	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	437	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	438	keya=s->session->key_arg_length;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	439	len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	440	if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	441	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	442	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	443	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_MESSAGE_TOO_LONG);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	444	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	445	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	446	n = (int)len - s->init_num;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	447	i = ssl2_read(s,(char *)&(p[s->init_num]),n);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	448	if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	449	if (s->msg_callback)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	450	s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	451	p += 10;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	452
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	453	memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]),
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	454	(unsigned int)keya);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	455
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	456	if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	457	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	458	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	459	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	460	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	461	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	462	i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	463	&(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]),
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	464	(s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	465
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	466	is_export=SSL_C_IS_EXPORT(s->session->cipher);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	467
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	468	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	469	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	470	ssl2_return_error(s,SSL2_PE_NO_CIPHER);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	471	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	472	return(0);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	473	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	474
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	475	if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	476	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	477	is_export=1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	478	ek=8;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	479	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	480	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	481	ek=5;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	482
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	483	/* bad decrypt */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	484	#if 1
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	485	/* If a bad decrypt, continue with protocol but with a
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	486	* random master secret (Bleichenbacher attack) */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	487	if ((i < 0) \|\|
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	488	((!is_export && (i != EVP_CIPHER_key_length(c)))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	489	\|\| (is_export && ((i != ek) \|\| (s->s2->tmp.clear+(unsigned int)i !=
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	490	(unsigned int)EVP_CIPHER_key_length(c))))))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	491	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	492	ERR_clear_error();
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	493	if (is_export)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	494	i=ek;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	495	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	496	i=EVP_CIPHER_key_length(c);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	497	if (RAND_pseudo_bytes(p,i) <= 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	498	return 0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	499	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	500	#else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	501	if (i < 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	502	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	503	error=1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	504	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	505	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	506	/* incorrect number of key bytes for non export cipher */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	507	else if ((!is_export && (i != EVP_CIPHER_key_length(c)))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	508	\|\| (is_export && ((i != ek) \|\| (s->s2->tmp.clear+i !=
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	509	EVP_CIPHER_key_length(c)))))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	510	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	511	error=1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	512	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	513	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	514	if (error)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	515	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	516	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	517	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	518	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	519	#endif
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	520
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	521	if (is_export) i+=s->s2->tmp.clear;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	522
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	523	if (i > SSL_MAX_MASTER_KEY_LENGTH)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	524	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	525	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	526	SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	527	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	528	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	529	s->session->master_key_length=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	530	memcpy(s->session->master_key,p,(unsigned int)i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	531	return(1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	532	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	533
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	534	static int get_client_hello(SSL *s)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	535	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	536	int i,n;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	537	unsigned long len;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	538	unsigned char *p;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	539	STACK_OF(SSL_CIPHER) cs; / a stack of SSL_CIPHERS */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	540	STACK_OF(SSL_CIPHER) cl; / the ones we want to use */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	541	STACK_OF(SSL_CIPHER) prio, allow;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	542	int z;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	543
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	544	/* This is a bit of a hack to check for the correct packet
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	545	* type the first time round. */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	546	if (s->state == SSL2_ST_GET_CLIENT_HELLO_A)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	547	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	548	s->first_packet=1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	549	s->state=SSL2_ST_GET_CLIENT_HELLO_B;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	550	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	551
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	552	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	553	if (s->state == SSL2_ST_GET_CLIENT_HELLO_B)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	554	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	555	i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	556	if (i < (9-s->init_num))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	557	return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	558	s->init_num = 9;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	559
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	560	if (*(p++) != SSL2_MT_CLIENT_HELLO)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	561	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	562	if (p[-1] != SSL2_MT_ERROR)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	563	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	564	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	565	SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	566	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	567	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	568	SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	569	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	570	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	571	n2s(p,i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	572	if (i < s->version) s->version=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	573	n2s(p,i); s->s2->tmp.cipher_spec_length=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	574	n2s(p,i); s->s2->tmp.session_id_length=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	575	n2s(p,i); s->s2->challenge_length=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	576	if ( (i < SSL2_MIN_CHALLENGE_LENGTH) \|\|
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	577	(i > SSL2_MAX_CHALLENGE_LENGTH))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	578	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	579	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	580	SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	581	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	582	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	583	s->state=SSL2_ST_GET_CLIENT_HELLO_C;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	584	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	585
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	586	/* SSL2_ST_GET_CLIENT_HELLO_C */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	587	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	588	len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	589	if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	590	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	591	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	592	SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_MESSAGE_TOO_LONG);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	593	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	594	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	595	n = (int)len - s->init_num;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	596	i = ssl2_read(s,(char *)&(p[s->init_num]),n);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	597	if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	598	if (s->msg_callback)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	599	s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	600	p += 9;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	601
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	602	/* get session-id before cipher stuff so we can get out session
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	603	* structure if it is cached */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	604	/* session-id */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	605	if ((s->s2->tmp.session_id_length != 0) &&
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	606	(s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	607	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	608	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	609	SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	610	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	611	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	612
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	613	if (s->s2->tmp.session_id_length == 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	614	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	615	if (!ssl_get_new_session(s,1))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	616	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	617	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	618	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	619	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	620	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	621	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	622	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	623	i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]),
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	624	s->s2->tmp.session_id_length, NULL);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	625	if (i == 1)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	626	{ /* previous session */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	627	s->hit=1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	628	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	629	else if (i == -1)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	630	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	631	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	632	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	633	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	634	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	635	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	636	if (s->cert == NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	637	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	638	ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	639	SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	640	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	641	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	642
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	643	if (!ssl_get_new_session(s,1))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	644	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	645	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	646	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	647	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	648	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	649	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	650
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	651	if (!s->hit)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	652	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	653	cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	654	&s->session->ciphers);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	655	if (cs == NULL) goto mem_err;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	656
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	657	cl=SSL_get_ciphers(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	658
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	659	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	660	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	661	prio=sk_SSL_CIPHER_dup(cl);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	662	if (prio == NULL) goto mem_err;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	663	allow = cs;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	664	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	665	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	666	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	667	prio = cs;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	668	allow = cl;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	669	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	670	for (z=0; z<sk_SSL_CIPHER_num(prio); z++)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	671	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	672	if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	673	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	674	(void)sk_SSL_CIPHER_delete(prio,z);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	675	z--;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	676	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	677	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	678	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	679	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	680	sk_SSL_CIPHER_free(s->session->ciphers);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	681	s->session->ciphers = prio;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	682	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	683	/* s->session->ciphers should now have a list of
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	684	* ciphers that are on both the client and server.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	685	* This list is ordered by the order the client sent
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	686	* the ciphers or in the order of the server's preference
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	687	* if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	688	*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	689	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	690	p+=s->s2->tmp.cipher_spec_length;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	691	/* done cipher selection */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	692
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	693	/* session id extracted already */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	694	p+=s->s2->tmp.session_id_length;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	695
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	696	/* challenge */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	697	if (s->s2->challenge_length > sizeof s->s2->challenge)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	698	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	699	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	700	SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	701	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	702	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	703	memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	704	return(1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	705	mem_err:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	706	SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	707	return(0);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	708	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	709
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	710	static int server_hello(SSL *s)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	711	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	712	unsigned char p,d;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	713	int n,hit;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	714	STACK_OF(SSL_CIPHER) *sk;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	715
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	716	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	717	if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	718	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	719	d=p+11;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	720	(p++)=SSL2_MT_SERVER_HELLO; / type */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	721	hit=s->hit;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	722	*(p++)=(unsigned char)hit;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	723	#if 1
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	724	if (!hit)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	725	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	726	if (s->session->sess_cert != NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	727	/* This can't really happen because get_client_hello
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	728	* has called ssl_get_new_session, which does not set
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	729	* sess_cert. */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	730	ssl_sess_cert_free(s->session->sess_cert);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	731	s->session->sess_cert = ssl_sess_cert_new();
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	732	if (s->session->sess_cert == NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	733	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	734	SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	735	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	736	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	737	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	738	/* If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	739	* depending on whether it survived in the internal cache
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	740	* or was retrieved from an external cache.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	741	* If it is NULL, we cannot put any useful data in it anyway,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	742	* so we don't touch it.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	743	*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	744
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	745	#else /* That's what used to be done when cert_st and sess_cert_st were
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	746	* the same. */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	747	if (!hit)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	748	{ /* else add cert to session */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	749	CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	750	if (s->session->sess_cert != NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	751	ssl_cert_free(s->session->sess_cert);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	752	s->session->sess_cert=s->cert;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	753	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	754	else /* We have a session id-cache hit, if the
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	755	* session-id has no certificate listed against
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	756	* the 'cert' structure, grab the 'old' one
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	757	* listed against the SSL connection */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	758	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	759	if (s->session->sess_cert == NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	760	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	761	CRYPTO_add(&s->cert->references,1,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	762	CRYPTO_LOCK_SSL_CERT);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	763	s->session->sess_cert=s->cert;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	764	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	765	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	766	#endif
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	767
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	768	if (s->cert == NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	769	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	770	ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	771	SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	772	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	773	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	774
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	775	if (hit)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	776	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	777	(p++)=0; / no certificate type */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	778	s2n(s->version,p); /* version */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	779	s2n(0,p); /* cert len */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	780	s2n(0,p); /* ciphers len */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	781	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	782	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	783	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	784	/* EAY EAY */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	785	/* put certificate type */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	786	*(p++)=SSL2_CT_X509_CERTIFICATE;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	787	s2n(s->version,p); /* version */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	788	n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	789	s2n(n,p); /* certificate length */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	790	i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	791	n=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	792
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	793	/* lets send out the ciphers we like in the
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	794	* prefered order */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	795	sk= s->session->ciphers;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	796	n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	797	d+=n;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	798	s2n(n,p); /* add cipher length */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	799	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	800
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	801	/* make and send conn_id */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	802	s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	803	s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	804	if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	805	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	806	memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	807	d+=SSL2_CONNECTION_ID_LENGTH;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	808
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	809	s->state=SSL2_ST_SEND_SERVER_HELLO_B;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	810	s->init_num=d-(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	811	s->init_off=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	812	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	813	/* SSL2_ST_SEND_SERVER_HELLO_B */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	814	/* If we are using TCP/IP, the performance is bad if we do 2
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	815	* writes without a read between them. This occurs when
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	816	* Session-id reuse is used, so I will put in a buffering module
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	817	*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	818	if (s->hit)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	819	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	820	if (!ssl_init_wbio_buffer(s,1)) return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	821	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	822
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	823	return(ssl2_do_write(s));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	824	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	825
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	826	static int get_client_finished(SSL *s)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	827	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	828	unsigned char *p;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	829	int i, n;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	830	unsigned long len;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	831
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	832	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	833	if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	834	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	835	i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	836	if (i < 1-s->init_num)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	837	return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	838	s->init_num += i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	839
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	840	if (*p != SSL2_MT_CLIENT_FINISHED)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	841	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	842	if (*p != SSL2_MT_ERROR)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	843	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	844	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	845	SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	846	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	847	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	848	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	849	SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	850	/* try to read the error message */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	851	i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	852	return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	853	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	854	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	855	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	856	s->state=SSL2_ST_GET_CLIENT_FINISHED_B;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	857	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	858
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	859	/* SSL2_ST_GET_CLIENT_FINISHED_B */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	860	if (s->s2->conn_id_length > sizeof s->s2->conn_id)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	861	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	862	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	863	SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	864	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	865	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	866	len = 1 + (unsigned long)s->s2->conn_id_length;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	867	n = (int)len - s->init_num;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	868	i = ssl2_read(s,(char *)&(p[s->init_num]),n);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	869	if (i < n)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	870	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	871	return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	872	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	873	if (s->msg_callback)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	874	s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	875	p += 1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	876	if (memcmp(p,s->s2->conn_id,s->s2->conn_id_length) != 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	877	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	878	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	879	SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	880	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	881	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	882	return(1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	883	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	884
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	885	static int server_verify(SSL *s)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	886	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	887	unsigned char *p;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	888
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	889	if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	890	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	891	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	892	*(p++)=SSL2_MT_SERVER_VERIFY;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	893	if (s->s2->challenge_length > sizeof s->s2->challenge)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	894	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	895	SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	896	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	897	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	898	memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	899	/* p+=s->s2->challenge_length; */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	900
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	901	s->state=SSL2_ST_SEND_SERVER_VERIFY_B;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	902	s->init_num=s->s2->challenge_length+1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	903	s->init_off=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	904	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	905	return(ssl2_do_write(s));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	906	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	907
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	908	static int server_finish(SSL *s)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	909	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	910	unsigned char *p;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	911
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	912	if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	913	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	914	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	915	*(p++)=SSL2_MT_SERVER_FINISHED;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	916
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	917	if (s->session->session_id_length > sizeof s->session->session_id)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	918	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	919	SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	920	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	921	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	922	memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	923	/* p+=s->session->session_id_length; */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	924
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	925	s->state=SSL2_ST_SEND_SERVER_FINISHED_B;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	926	s->init_num=s->session->session_id_length+1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	927	s->init_off=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	928	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	929
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	930	/* SSL2_ST_SEND_SERVER_FINISHED_B */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	931	return(ssl2_do_write(s));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	932	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	933
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	934	/* send the request and check the response */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	935	static int request_certificate(SSL *s)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	936	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	937	const unsigned char *cp;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	938	unsigned char p,p2,*buf2;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	939	unsigned char *ccd;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	940	int i,j,ctype,ret= -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	941	unsigned long len;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	942	X509 *x509=NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	943	STACK_OF(X509) *sk=NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	944
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	945	ccd=s->s2->tmp.ccl;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	946	if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	947	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	948	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	949	*(p++)=SSL2_MT_REQUEST_CERTIFICATE;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	950	*(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	951	if (RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	952	return -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	953	memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	954
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	955	s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	956	s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	957	s->init_off=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	958	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	959
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	960	if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	961	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	962	i=ssl2_do_write(s);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	963	if (i <= 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	964	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	965	ret=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	966	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	967	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	968
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	969	s->init_num=0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	970	s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	971	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	972
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	973	if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	974	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	975	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	976	i=ssl2_read(s,(char )&(p[s->init_num]),6-s->init_num); / try to read 6 octets ... */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	977	if (i < 3-s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	978	* (probably NO-CERTIFICATE-ERROR) */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	979	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	980	ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	981	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	982	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	983	s->init_num += i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	984
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	985	if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	986	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	987	n2s(p,i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	988	if (i != SSL2_PE_NO_CERTIFICATE)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	989	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	990	/* not the error message we expected -- let ssl2_part_read handle it */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	991	s->init_num -= 3;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	992	ret = ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE, 3);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	993	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	994	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	995
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	996	if (s->msg_callback)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	997	s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	998
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	999	/* this is the one place where we can recover from an SSL 2.0 error */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1000
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1001	if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1002	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1003	ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1004	SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1005	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1006	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1007	ret=1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1008	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1009	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1010	if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) \|\| (s->init_num < 6))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1011	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1012	ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1013	SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1014	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1015	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1016	if (s->init_num != 6)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1017	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1018	SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1019	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1020	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1021
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1022	/* ok we have a response */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1023	/* certificate type, there is only one right now. */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1024	ctype= *(p++);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1025	if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1026	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1027	ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1028	SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1029	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1030	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1031	n2s(p,i); s->s2->tmp.clen=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1032	n2s(p,i); s->s2->tmp.rlen=i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1033	s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1034	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1035
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1036	/* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1037	p=(unsigned char *)s->init_buf->data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1038	len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1039	if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1040	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1041	SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_MESSAGE_TOO_LONG);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1042	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1043	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1044	j = (int)len - s->init_num;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1045	i = ssl2_read(s,(char *)&(p[s->init_num]),j);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1046	if (i < j)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1047	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1048	ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1049	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1050	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1051	if (s->msg_callback)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1052	s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1053	p += 6;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1054
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1055	cp = p;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1056	x509=(X509 *)d2i_X509(NULL,&cp,(long)s->s2->tmp.clen);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1057	if (x509 == NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1058	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1059	SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1060	goto msg_end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1061	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1062
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1063	if (((sk=sk_X509_new_null()) == NULL) \|\| (!sk_X509_push(sk,x509)))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1064	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1065	SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1066	goto msg_end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1067	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1068
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1069	i=ssl_verify_cert_chain(s,sk);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1070
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1071	if (i) /* we like the packet, now check the chksum */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1072	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1073	EVP_MD_CTX ctx;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1074	EVP_PKEY *pkey=NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1075
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1076	EVP_MD_CTX_init(&ctx);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1077	EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1078	EVP_VerifyUpdate(&ctx,s->s2->key_material,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1079	s->s2->key_material_length);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1080	EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1081
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1082	i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1083	buf2=OPENSSL_malloc((unsigned int)i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1084	if (buf2 == NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1085	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1086	SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1087	goto msg_end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1088	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1089	p2=buf2;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1090	i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1091	EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1092	OPENSSL_free(buf2);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1093
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1094	pkey=X509_get_pubkey(x509);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1095	if (pkey == NULL) goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1096	i=EVP_VerifyFinal(&ctx,cp,s->s2->tmp.rlen,pkey);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1097	EVP_PKEY_free(pkey);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1098	EVP_MD_CTX_cleanup(&ctx);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1099
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1100	if (i)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1101	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1102	if (s->session->peer != NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1103	X509_free(s->session->peer);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1104	s->session->peer=x509;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1105	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1106	s->session->verify_result = s->verify_result;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1107	ret=1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1108	goto end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1109	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1110	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1111	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1112	SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1113	goto msg_end;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1114	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1115	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1116	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1117	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1118	msg_end:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1119	ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1120	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1121	end:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1122	sk_X509_free(sk);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1123	X509_free(x509);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1124	return(ret);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1125	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1126
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1127	static int ssl_rsa_private_decrypt(CERT c, int len, unsigned char from,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1128	unsigned char *to, int padding)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1129	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1130	RSA *rsa;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1131	int i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1132
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1133	if ((c == NULL) \|\| (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1134	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1135	SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1136	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1137	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1138	if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1139	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1140	SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1141	return(-1);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1142	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1143	rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1144
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1145	/* we have the public key */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1146	i=RSA_private_decrypt(len,from,to,rsa,padding);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1147	if (i < 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1148	SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1149	return(i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1150	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1151	#else /* !OPENSSL_NO_SSL2 */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1152
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1153	# if PEDANTIC
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1154	static void *dummy=&dummy;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1155	# endif
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1156
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1157	#endif

author	Shabe Razvi <shaber@symbian.org>
	Thu, 02 Sep 2010 17:14:31 +0100
branch	RCL_3
changeset 58	104bd6aeae10
parent 0	e4d67989cc36
permissions	-rw-r--r--