indent has problems with comments that are on the right hand side of a line.
Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Conflicts: crypto/bn/bn.h crypto/ec/ec_lcl.h crypto/rsa/rsa.h demos/engines/ibmca/hw_ibmca.c ssl/ssl.h ssl/ssl3.h Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
parent
fbdbb28ac6
commit
65a6a1ff45
@ -2217,7 +2217,9 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
|||||||
if (peer != NULL)
|
if (peer != NULL)
|
||||||
{
|
{
|
||||||
BIO_printf(bio,"Server certificate\n");
|
BIO_printf(bio,"Server certificate\n");
|
||||||
if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */
|
|
||||||
|
/* Redundant if we showed the whole chain */
|
||||||
|
if (!(c_showcerts && got_a_chain))
|
||||||
PEM_write_bio_X509(bio,peer);
|
PEM_write_bio_X509(bio,peer);
|
||||||
X509_NAME_oneline(X509_get_subject_name(peer),
|
X509_NAME_oneline(X509_get_subject_name(peer),
|
||||||
buf,sizeof buf);
|
buf,sizeof buf);
|
||||||
|
@ -347,13 +347,16 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
|
|||||||
}
|
}
|
||||||
#undef g2
|
#undef g2
|
||||||
|
|
||||||
return mktime(&tm)-offset*60; /* FIXME: mktime assumes the current timezone
|
/*
|
||||||
* instead of UTC, and unless we rewrite OpenSSL
|
* FIXME: mktime assumes the current timezone
|
||||||
* in Lisp we cannot locally change the timezone
|
* instead of UTC, and unless we rewrite OpenSSL
|
||||||
* without possibly interfering with other parts
|
* in Lisp we cannot locally change the timezone
|
||||||
* of the program. timegm, which uses UTC, is
|
* without possibly interfering with other parts
|
||||||
* non-standard.
|
* of the program. timegm, which uses UTC, is
|
||||||
* Also time_t is inappropriate for general
|
* non-standard.
|
||||||
* UTC times because it may a 32 bit type. */
|
* Also time_t is inappropriate for general
|
||||||
|
* UTC times because it may a 32 bit type.
|
||||||
|
*/
|
||||||
|
return mktime(&tm)-offset*60;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
@ -153,9 +153,14 @@ BIO *BIO_new_file(const char *filename, const char *mode)
|
|||||||
wmode,sizeof(wmode)/sizeof(wmode[0])) &&
|
wmode,sizeof(wmode)/sizeof(wmode[0])) &&
|
||||||
(file=_wfopen(wfilename,wmode))==NULL &&
|
(file=_wfopen(wfilename,wmode))==NULL &&
|
||||||
(errno==ENOENT || errno==EBADF)
|
(errno==ENOENT || errno==EBADF)
|
||||||
) /* UTF-8 decode succeeded, but no file, filename
|
)
|
||||||
* could still have been locale-ized... */
|
{
|
||||||
|
/*
|
||||||
|
* UTF-8 decode succeeded, but no file, filename
|
||||||
|
* could still have been locale-ized...
|
||||||
|
*/
|
||||||
file = fopen(filename,mode);
|
file = fopen(filename,mode);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else if (GetLastError()==ERROR_NO_UNICODE_TRANSLATION)
|
else if (GetLastError()==ERROR_NO_UNICODE_TRANSLATION)
|
||||||
{
|
{
|
||||||
|
@ -276,8 +276,11 @@ static void xsyslog(BIO *bp, int priority, const char *string)
|
|||||||
case LOG_DEBUG:
|
case LOG_DEBUG:
|
||||||
evtype = EVENTLOG_INFORMATION_TYPE;
|
evtype = EVENTLOG_INFORMATION_TYPE;
|
||||||
break;
|
break;
|
||||||
default: /* Should never happen, but set it
|
default:
|
||||||
as error anyway. */
|
/*
|
||||||
|
* Should never happen, but set it
|
||||||
|
* as error anyway.
|
||||||
|
*/
|
||||||
evtype = EVENTLOG_ERROR_TYPE;
|
evtype = EVENTLOG_ERROR_TYPE;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -257,16 +257,22 @@ extern "C" {
|
|||||||
|
|
||||||
#define BN_FLG_MALLOCED 0x01
|
#define BN_FLG_MALLOCED 0x01
|
||||||
#define BN_FLG_STATIC_DATA 0x02
|
#define BN_FLG_STATIC_DATA 0x02
|
||||||
#define BN_FLG_CONSTTIME 0x04 /* avoid leaking exponent information through timing,
|
|
||||||
* BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
|
|
||||||
* BN_div() will call BN_div_no_branch,
|
|
||||||
* BN_mod_inverse() will call BN_mod_inverse_no_branch.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_DEPRECATED
|
/*
|
||||||
#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
|
* avoid leaking exponent information through timing,
|
||||||
/* avoid leaking exponent information through timings
|
* BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
|
||||||
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
|
* BN_div() will call BN_div_no_branch,
|
||||||
|
* BN_mod_inverse() will call BN_mod_inverse_no_branch.
|
||||||
|
*/
|
||||||
|
#define BN_FLG_CONSTTIME 0x04
|
||||||
|
|
||||||
|
#ifdef OPENSSL_NO_DEPRECATED
|
||||||
|
/* deprecated name for the flag */
|
||||||
|
#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
|
||||||
|
/*
|
||||||
|
* avoid leaking exponent information through timings
|
||||||
|
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
|
||||||
|
*/
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_DEPRECATED
|
#ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
@ -355,9 +355,12 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
|
|||||||
case 3: A[2]=B[2];
|
case 3: A[2]=B[2];
|
||||||
case 2: A[1]=B[1];
|
case 2: A[1]=B[1];
|
||||||
case 1: A[0]=B[0];
|
case 1: A[0]=B[0];
|
||||||
case 0: /* workaround for ultrix cc: without 'case 0', the optimizer does
|
case 0:
|
||||||
* the switch table by doing a=top&3; a--; goto jump_table[a];
|
/*
|
||||||
* which fails for top== 0 */
|
* workaround for ultrix cc: without 'case 0', the optimizer does
|
||||||
|
* the switch table by doing a=top&3; a--; goto jump_table[a];
|
||||||
|
* which fails for top== 0
|
||||||
|
*/
|
||||||
;
|
;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -75,7 +75,8 @@
|
|||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* #define SIGACTION */ /* Define this if you have sigaction() */
|
/* Define this if you have sigaction() */
|
||||||
|
/* #define SIGACTION */
|
||||||
|
|
||||||
#ifdef WIN16TTY
|
#ifdef WIN16TTY
|
||||||
#undef OPENSSL_SYS_WIN16
|
#undef OPENSSL_SYS_WIN16
|
||||||
|
@ -78,13 +78,16 @@
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define DH_FLAG_CACHE_MONT_P 0x01
|
#define DH_FLAG_CACHE_MONT_P 0x01
|
||||||
#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
|
|
||||||
* implementation now uses constant time
|
/*
|
||||||
* modular exponentiation for secret exponents
|
* new with 0.9.7h; the built-in DH
|
||||||
* by default. This flag causes the
|
* implementation now uses constant time
|
||||||
* faster variable sliding window method to
|
* modular exponentiation for secret exponents
|
||||||
* be used for all exponents.
|
* by default. This flag causes the
|
||||||
*/
|
* faster variable sliding window method to
|
||||||
|
* be used for all exponents.
|
||||||
|
*/
|
||||||
|
#define DH_FLAG_NO_EXP_CONSTTIME 0x02
|
||||||
|
|
||||||
/* If this flag is set the DH method is FIPS compliant and can be used
|
/* If this flag is set the DH method is FIPS compliant and can be used
|
||||||
* in FIPS mode. This is set in the validated module method. If an
|
* in FIPS mode. This is set in the validated module method. If an
|
||||||
|
@ -212,37 +212,44 @@ struct ec_group_st {
|
|||||||
/* The following members are handled by the method functions,
|
/* The following members are handled by the method functions,
|
||||||
* even if they appear generic */
|
* even if they appear generic */
|
||||||
|
|
||||||
BIGNUM field; /* Field specification.
|
/* Field specification.
|
||||||
* For curves over GF(p), this is the modulus;
|
* For curves over GF(p), this is the modulus;
|
||||||
* for curves over GF(2^m), this is the
|
* for curves over GF(2^m), this is the
|
||||||
* irreducible polynomial defining the field.
|
* irreducible polynomial defining the field.
|
||||||
*/
|
*/
|
||||||
|
BIGNUM field;
|
||||||
|
|
||||||
int poly[6]; /* Field specification for curves over GF(2^m).
|
/* Field specification for curves over GF(2^m).
|
||||||
* The irreducible f(t) is then of the form:
|
* The irreducible f(t) is then of the form:
|
||||||
* t^poly[0] + t^poly[1] + ... + t^poly[k]
|
* t^poly[0] + t^poly[1] + ... + t^poly[k]
|
||||||
* where m = poly[0] > poly[1] > ... > poly[k] = 0.
|
* where m = poly[0] > poly[1] > ... > poly[k] = 0.
|
||||||
* The array is terminated with poly[k+1]=-1.
|
* The array is terminated with poly[k+1]=-1.
|
||||||
* All elliptic curve irreducibles have at most 5
|
* All elliptic curve irreducibles have at most 5
|
||||||
* non-zero terms.
|
* non-zero terms.
|
||||||
*/
|
*/
|
||||||
|
int poly[6];
|
||||||
|
|
||||||
BIGNUM a, b; /* Curve coefficients.
|
/* Curve coefficients.
|
||||||
* (Here the assumption is that BIGNUMs can be used
|
* (Here the assumption is that BIGNUMs can be used
|
||||||
* or abused for all kinds of fields, not just GF(p).)
|
* or abused for all kinds of fields, not just GF(p).)
|
||||||
* For characteristic > 3, the curve is defined
|
* For characteristic > 3, the curve is defined
|
||||||
* by a Weierstrass equation of the form
|
* by a Weierstrass equation of the form
|
||||||
* y^2 = x^3 + a*x + b.
|
* y^2 = x^3 + a*x + b.
|
||||||
* For characteristic 2, the curve is defined by
|
* For characteristic 2, the curve is defined by
|
||||||
* an equation of the form
|
* an equation of the form
|
||||||
* y^2 + x*y = x^3 + a*x^2 + b.
|
* y^2 + x*y = x^3 + a*x^2 + b.
|
||||||
*/
|
*/
|
||||||
|
BIGNUM a, b;
|
||||||
|
|
||||||
int a_is_minus3; /* enable optimized point arithmetics for special case */
|
/* enable optimized point arithmetics for special case */
|
||||||
|
int a_is_minus3;
|
||||||
|
|
||||||
void *field_data1; /* method-specific (e.g., Montgomery structure) */
|
/* method-specific (e.g., Montgomery structure) */
|
||||||
void *field_data2; /* method-specific */
|
void *field_data1;
|
||||||
int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); /* method-specific */
|
/* method-specific */
|
||||||
|
void *field_data2;
|
||||||
|
/* method-specific */
|
||||||
|
int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
|
||||||
|
|
||||||
BN_MONT_CTX *mont_data; /* data for ECDSA inverse */
|
BN_MONT_CTX *mont_data; /* data for ECDSA inverse */
|
||||||
} /* EC_GROUP */;
|
} /* EC_GROUP */;
|
||||||
|
@ -1022,9 +1022,12 @@ static void point_add(felem x3, felem y3, felem z3,
|
|||||||
felem_assign(z3, z_out);
|
felem_assign(z3, z_out);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* select_point selects the |idx|th point from a precomputation table and
|
/*
|
||||||
* copies it to out. */
|
* select_point selects the |idx|th point from a precomputation table and
|
||||||
static void select_point(const u64 idx, unsigned int size, const felem pre_comp[/*size*/][3], felem out[3])
|
* copies it to out.
|
||||||
|
* The pre_comp array argument should be size of |size| argument
|
||||||
|
*/
|
||||||
|
static void select_point(const u64 idx, unsigned int size, const felem pre_comp[][3], felem out[3])
|
||||||
{
|
{
|
||||||
unsigned i, j;
|
unsigned i, j;
|
||||||
limb *outlimbs = &out[0][0];
|
limb *outlimbs = &out[0][0];
|
||||||
|
@ -190,13 +190,16 @@ typedef int evp_verify_method(int type,const unsigned char *m,
|
|||||||
unsigned int m_length,const unsigned char *sigbuf,
|
unsigned int m_length,const unsigned char *sigbuf,
|
||||||
unsigned int siglen, void *key);
|
unsigned int siglen, void *key);
|
||||||
|
|
||||||
#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
|
/* digest can only handle a single block */
|
||||||
* block */
|
#define EVP_MD_FLAG_ONESHOT 0x0001
|
||||||
|
|
||||||
#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used
|
/*
|
||||||
* which is a copy of an existing
|
* digest is a "clone" digest used
|
||||||
* one for a specific public key type.
|
* which is a copy of an existing
|
||||||
* EVP_dss1() etc */
|
* one for a specific public key type.
|
||||||
|
* EVP_dss1() etc
|
||||||
|
*/
|
||||||
|
#define EVP_MD_FLAG_PKEY_DIGEST 0x0002
|
||||||
|
|
||||||
/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
|
/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
|
||||||
|
|
||||||
@ -218,7 +221,8 @@ typedef int evp_verify_method(int type,const unsigned char *m,
|
|||||||
|
|
||||||
#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
|
#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
|
||||||
|
|
||||||
#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
|
/* Note if suitable for use in FIPS mode */
|
||||||
|
#define EVP_MD_FLAG_FIPS 0x0400
|
||||||
|
|
||||||
/* Digest ctrls */
|
/* Digest ctrls */
|
||||||
|
|
||||||
@ -305,19 +309,39 @@ struct evp_cipher_st
|
|||||||
{
|
{
|
||||||
int nid;
|
int nid;
|
||||||
int block_size;
|
int block_size;
|
||||||
int key_len; /* Default value for variable length ciphers */
|
|
||||||
|
/* Default value for variable length ciphers */
|
||||||
|
int key_len;
|
||||||
int iv_len;
|
int iv_len;
|
||||||
unsigned long flags; /* Various flags */
|
|
||||||
|
/* Various flags */
|
||||||
|
unsigned long flags;
|
||||||
|
|
||||||
|
/* init key */
|
||||||
int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
const unsigned char *iv, int enc); /* init key */
|
const unsigned char *iv, int enc);
|
||||||
|
|
||||||
|
/* encrypt/decrypt data */
|
||||||
int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||||
const unsigned char *in, size_t inl);/* encrypt/decrypt data */
|
const unsigned char *in, size_t inl);
|
||||||
int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
|
|
||||||
int ctx_size; /* how big ctx->cipher_data needs to be */
|
/* cleanup ctx */
|
||||||
int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
|
int (*cleanup)(EVP_CIPHER_CTX *);
|
||||||
int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
|
|
||||||
int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
|
/* how big ctx->cipher_data needs to be */
|
||||||
void *app_data; /* Application data */
|
int ctx_size;
|
||||||
|
|
||||||
|
/* Populate a ASN1_TYPE with parameters */
|
||||||
|
int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
|
||||||
|
|
||||||
|
/* Get parameters from a ASN1_TYPE */
|
||||||
|
int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
|
||||||
|
|
||||||
|
/* Miscellaneous operations */
|
||||||
|
int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
|
||||||
|
|
||||||
|
/* Application data */
|
||||||
|
void *app_data;
|
||||||
} /* EVP_CIPHER */;
|
} /* EVP_CIPHER */;
|
||||||
|
|
||||||
/* Values for cipher flags */
|
/* Values for cipher flags */
|
||||||
@ -453,14 +477,22 @@ struct evp_cipher_ctx_st
|
|||||||
|
|
||||||
typedef struct evp_Encode_Ctx_st
|
typedef struct evp_Encode_Ctx_st
|
||||||
{
|
{
|
||||||
int num; /* number saved in a partial encode/decode */
|
/* number saved in a partial encode/decode */
|
||||||
int length; /* The length is either the output line length
|
int num;
|
||||||
* (in input bytes) or the shortest input line
|
|
||||||
* length that is ok. Once decoding begins,
|
/* The length is either the output line length
|
||||||
* the length is adjusted up each time a longer
|
* (in input bytes) or the shortest input line
|
||||||
* line is decoded */
|
* length that is ok. Once decoding begins,
|
||||||
unsigned char enc_data[80]; /* data to encode */
|
* the length is adjusted up each time a longer
|
||||||
int line_num; /* number read on current line */
|
* line is decoded
|
||||||
|
*/
|
||||||
|
int length;
|
||||||
|
|
||||||
|
/* data to encode */
|
||||||
|
unsigned char enc_data[80];
|
||||||
|
|
||||||
|
/* number read on current line */
|
||||||
|
int line_num;
|
||||||
int expect_nl;
|
int expect_nl;
|
||||||
} EVP_ENCODE_CTX;
|
} EVP_ENCODE_CTX;
|
||||||
|
|
||||||
|
@ -177,12 +177,13 @@ typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32);
|
|||||||
|
|
||||||
#include <lmcons.h>
|
#include <lmcons.h>
|
||||||
#include <lmstats.h>
|
#include <lmstats.h>
|
||||||
#if 1 /* The NET API is Unicode only. It requires the use of the UNICODE
|
#if 1
|
||||||
* macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was
|
/* The NET API is Unicode only. It requires the use of the UNICODE
|
||||||
* was added to the Platform SDK to allow the NET API to be used in
|
* macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was
|
||||||
* non-Unicode applications provided that Unicode strings were still
|
* was added to the Platform SDK to allow the NET API to be used in
|
||||||
* used for input. LMSTR is defined as LPWSTR.
|
* non-Unicode applications provided that Unicode strings were still
|
||||||
*/
|
* used for input. LMSTR is defined as LPWSTR.
|
||||||
|
*/
|
||||||
typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET)
|
typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET)
|
||||||
(LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*);
|
(LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*);
|
||||||
typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE);
|
typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE);
|
||||||
|
@ -168,7 +168,9 @@ struct rsa_st
|
|||||||
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
|
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
|
#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
|
||||||
# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */
|
|
||||||
|
/* exponent limit enforced for "large" modulus only */
|
||||||
|
# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define RSA_3 0x3L
|
#define RSA_3 0x3L
|
||||||
@ -191,30 +193,36 @@ struct rsa_st
|
|||||||
*/
|
*/
|
||||||
#define RSA_FLAG_SIGN_VER 0x0040
|
#define RSA_FLAG_SIGN_VER 0x0040
|
||||||
|
|
||||||
#define RSA_FLAG_NO_BLINDING 0x0080 /* new with 0.9.6j and 0.9.7b; the built-in
|
/*
|
||||||
* RSA implementation now uses blinding by
|
* new with 0.9.6j and 0.9.7b; the built-in
|
||||||
* default (ignoring RSA_FLAG_BLINDING),
|
* RSA implementation now uses blinding by
|
||||||
* but other engines might not need it
|
* default (ignoring RSA_FLAG_BLINDING),
|
||||||
*/
|
* but other engines might not need it
|
||||||
#define RSA_FLAG_NO_CONSTTIME 0x0100 /* new with 0.9.8f; the built-in RSA
|
*/
|
||||||
* implementation now uses constant time
|
#define RSA_FLAG_NO_BLINDING 0x0080
|
||||||
* operations by default in private key operations,
|
/*
|
||||||
* e.g., constant time modular exponentiation,
|
* new with 0.9.8f; the built-in RSA
|
||||||
* modular inverse without leaking branches,
|
* implementation now uses constant time
|
||||||
* division without leaking branches. This
|
* operations by default in private key operations,
|
||||||
* flag disables these constant time
|
* e.g., constant time modular exponentiation,
|
||||||
* operations and results in faster RSA
|
* modular inverse without leaking branches,
|
||||||
* private key operations.
|
* division without leaking branches. This
|
||||||
*/
|
* flag disables these constant time
|
||||||
#ifndef OPENSSL_NO_DEPRECATED
|
* operations and results in faster RSA
|
||||||
#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/
|
* private key operations.
|
||||||
/* new with 0.9.7h; the built-in RSA
|
*/
|
||||||
* implementation now uses constant time
|
#define RSA_FLAG_NO_CONSTTIME 0x0100
|
||||||
* modular exponentiation for secret exponents
|
#ifdef OPENSSL_USE_DEPRECATED
|
||||||
* by default. This flag causes the
|
/* deprecated name for the flag*/
|
||||||
* faster variable sliding window method to
|
/*
|
||||||
* be used for all exponents.
|
* new with 0.9.7h; the built-in RSA
|
||||||
*/
|
* implementation now uses constant time
|
||||||
|
* modular exponentiation for secret exponents
|
||||||
|
* by default. This flag causes the
|
||||||
|
* faster variable sliding window method to
|
||||||
|
* be used for all exponents.
|
||||||
|
*/
|
||||||
|
#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
@ -285,11 +285,12 @@ static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
|
|||||||
{
|
{
|
||||||
/* resort to rsa->mt_blinding instead */
|
/* resort to rsa->mt_blinding instead */
|
||||||
|
|
||||||
*local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert()
|
/* instructs rsa_blinding_convert(), rsa_blinding_invert()
|
||||||
* that the BN_BLINDING is shared, meaning that accesses
|
* that the BN_BLINDING is shared, meaning that accesses
|
||||||
* require locks, and that the blinding factor must be
|
* require locks, and that the blinding factor must be
|
||||||
* stored outside the BN_BLINDING
|
* stored outside the BN_BLINDING
|
||||||
*/
|
*/
|
||||||
|
*local = 0;
|
||||||
|
|
||||||
if (rsa->mt_blinding == NULL)
|
if (rsa->mt_blinding == NULL)
|
||||||
{
|
{
|
||||||
|
@ -165,9 +165,12 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
|
|||||||
* being exactly 64-bit wide. See Implementation Notes in sha512.c
|
* being exactly 64-bit wide. See Implementation Notes in sha512.c
|
||||||
* for further details.
|
* for further details.
|
||||||
*/
|
*/
|
||||||
#define SHA512_CBLOCK (SHA_LBLOCK*8) /* SHA-512 treats input data as a
|
/*
|
||||||
* contiguous array of 64 bit
|
* SHA-512 treats input data as a
|
||||||
* wide big-endian values. */
|
* contiguous array of 64 bit
|
||||||
|
* wide big-endian values.
|
||||||
|
*/
|
||||||
|
#define SHA512_CBLOCK (SHA_LBLOCK*8)
|
||||||
#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
|
#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
|
||||||
#define SHA_LONG64 unsigned __int64
|
#define SHA_LONG64 unsigned __int64
|
||||||
#define U64(C) C##UI64
|
#define U64(C) C##UI64
|
||||||
|
@ -98,7 +98,8 @@ STACK_OF(type) \
|
|||||||
_STACK stack; \
|
_STACK stack; \
|
||||||
};
|
};
|
||||||
|
|
||||||
#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/
|
/* nada (obsolete in new safestack approach)*/
|
||||||
|
#define IMPLEMENT_STACK_OF(type)
|
||||||
|
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
|
@ -86,25 +86,38 @@ typedef struct mem_object_data_st
|
|||||||
DECLARE_STACK_OF(MEM_OBJECT_DATA)
|
DECLARE_STACK_OF(MEM_OBJECT_DATA)
|
||||||
struct mem_data_st
|
struct mem_data_st
|
||||||
{
|
{
|
||||||
STACK_OF(MEM_OBJECT_DATA) *data; /* sorted with
|
/*
|
||||||
* STORE_ATTR_INFO_compare(). */
|
* sorted with
|
||||||
unsigned int compute_components : 1; /* Currently unused, but can
|
* STORE_ATTR_INFO_compare().
|
||||||
be used to add attributes
|
*/
|
||||||
from parts of the data. */
|
STACK_OF(MEM_OBJECT_DATA) *data;
|
||||||
|
/*
|
||||||
|
* Currently unused, but can
|
||||||
|
* be used to add attributes
|
||||||
|
* from parts of the data.
|
||||||
|
*/
|
||||||
|
unsigned int compute_components : 1;
|
||||||
};
|
};
|
||||||
|
|
||||||
DECLARE_STACK_OF(STORE_ATTR_INFO)
|
DECLARE_STACK_OF(STORE_ATTR_INFO)
|
||||||
struct mem_ctx_st
|
struct mem_ctx_st
|
||||||
{
|
{
|
||||||
int type; /* The type we're searching for */
|
/* The type we're searching for */
|
||||||
STACK_OF(STORE_ATTR_INFO) *search_attributes; /* Sets of
|
int type;
|
||||||
attributes to search for. Each
|
/*
|
||||||
element is a STORE_ATTR_INFO. */
|
* Sets of
|
||||||
int search_index; /* which of the search attributes we
|
* attributes to search for. Each
|
||||||
found a match for, -1 when we still
|
* element is a STORE_ATTR_INFO.
|
||||||
haven't found any */
|
*/
|
||||||
int index; /* -1 as long as we're searching for
|
STACK_OF(STORE_ATTR_INFO) *search_attributes;
|
||||||
the first */
|
/*
|
||||||
|
* which of the search attributes we
|
||||||
|
* found a match for, -1 when we still
|
||||||
|
* haven't found any
|
||||||
|
*/
|
||||||
|
int search_index;
|
||||||
|
/* -1 as long as we're searching for the first */
|
||||||
|
int index;
|
||||||
};
|
};
|
||||||
|
|
||||||
static int mem_init(STORE *s);
|
static int mem_init(STORE *s);
|
||||||
|
@ -64,8 +64,11 @@ typedef unsigned long long u64;
|
|||||||
# define SMALL_REGISTER_BANK
|
# define SMALL_REGISTER_BANK
|
||||||
# if defined(WHIRLPOOL_ASM)
|
# if defined(WHIRLPOOL_ASM)
|
||||||
# ifndef OPENSSL_SMALL_FOOTPRINT
|
# ifndef OPENSSL_SMALL_FOOTPRINT
|
||||||
# define OPENSSL_SMALL_FOOTPRINT /* it appears that for elder non-MMX
|
/*
|
||||||
CPUs this is actually faster! */
|
* it appears that for elder non-MMX
|
||||||
|
* CPUs this is actually faster!
|
||||||
|
*/
|
||||||
|
# define OPENSSL_SMALL_FOOTPRINT
|
||||||
# endif
|
# endif
|
||||||
# define GO_FOR_MMX(ctx,inp,num) do { \
|
# define GO_FOR_MMX(ctx,inp,num) do { \
|
||||||
extern unsigned int OPENSSL_ia32cap_P[]; \
|
extern unsigned int OPENSSL_ia32cap_P[]; \
|
||||||
|
@ -195,14 +195,22 @@ struct x509_store_st
|
|||||||
X509_VERIFY_PARAM *param;
|
X509_VERIFY_PARAM *param;
|
||||||
|
|
||||||
/* Callbacks for various operations */
|
/* Callbacks for various operations */
|
||||||
int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
|
/* called to verify a certificate */
|
||||||
int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
|
int (*verify)(X509_STORE_CTX *ctx);
|
||||||
int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
|
/* error callback */
|
||||||
int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
|
int (*verify_cb)(int ok,X509_STORE_CTX *ctx);
|
||||||
int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
|
/* get issuers cert from ctx */
|
||||||
int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
|
int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||||
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
|
/* check issued */
|
||||||
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
|
int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
|
||||||
|
/* Check revocation status of chain */
|
||||||
|
int (*check_revocation)(X509_STORE_CTX *ctx);
|
||||||
|
/* retrieve CRL */
|
||||||
|
int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
|
||||||
|
/* Check CRL validity */
|
||||||
|
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl);
|
||||||
|
/* Check certificate against CRL */
|
||||||
|
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
|
||||||
STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
int (*cleanup)(X509_STORE_CTX *ctx);
|
int (*cleanup)(X509_STORE_CTX *ctx);
|
||||||
@ -233,49 +241,72 @@ struct x509_lookup_st
|
|||||||
struct x509_store_ctx_st /* X509_STORE_CTX */
|
struct x509_store_ctx_st /* X509_STORE_CTX */
|
||||||
{
|
{
|
||||||
X509_STORE *ctx;
|
X509_STORE *ctx;
|
||||||
int current_method; /* used when looking up certs */
|
/* used when looking up certs */
|
||||||
|
int current_method;
|
||||||
|
|
||||||
/* The following are set by the caller */
|
/* The following are set by the caller */
|
||||||
X509 *cert; /* The cert to check */
|
/* The cert to check */
|
||||||
STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */
|
X509 *cert;
|
||||||
STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */
|
/* chain of X509s - untrusted - passed in */
|
||||||
|
STACK_OF(X509) *untrusted;
|
||||||
|
/* set of CRLs passed in */
|
||||||
|
STACK_OF(X509_CRL) *crls;
|
||||||
|
|
||||||
X509_VERIFY_PARAM *param;
|
X509_VERIFY_PARAM *param;
|
||||||
void *other_ctx; /* Other info for use with get_issuer() */
|
/* Other info for use with get_issuer() */
|
||||||
|
void *other_ctx;
|
||||||
|
|
||||||
/* Callbacks for various operations */
|
/* Callbacks for various operations */
|
||||||
int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
|
/* called to verify a certificate */
|
||||||
int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
|
int (*verify)(X509_STORE_CTX *ctx);
|
||||||
int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
|
/* error callback */
|
||||||
int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
|
int (*verify_cb)(int ok,X509_STORE_CTX *ctx);
|
||||||
int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
|
/* get issuers cert from ctx */
|
||||||
int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
|
int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||||
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
|
/* check issued */
|
||||||
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
|
int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
|
||||||
|
/* Check revocation status of chain */
|
||||||
|
int (*check_revocation)(X509_STORE_CTX *ctx);
|
||||||
|
/* retrieve CRL */
|
||||||
|
int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
|
||||||
|
/* Check CRL validity */
|
||||||
|
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl);
|
||||||
|
/* Check certificate against CRL */
|
||||||
|
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
|
||||||
int (*check_policy)(X509_STORE_CTX *ctx);
|
int (*check_policy)(X509_STORE_CTX *ctx);
|
||||||
STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
int (*cleanup)(X509_STORE_CTX *ctx);
|
int (*cleanup)(X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
/* The following is built up */
|
/* The following is built up */
|
||||||
int valid; /* if 0, rebuild chain */
|
/* if 0, rebuild chain */
|
||||||
int last_untrusted; /* index of last untrusted cert */
|
int valid;
|
||||||
STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */
|
/* index of last untrusted cert */
|
||||||
X509_POLICY_TREE *tree; /* Valid policy tree */
|
int last_untrusted;
|
||||||
|
/* chain of X509s - built up and trusted */
|
||||||
|
STACK_OF(X509) *chain;
|
||||||
|
/* Valid policy tree */
|
||||||
|
X509_POLICY_TREE *tree;
|
||||||
|
|
||||||
int explicit_policy; /* Require explicit policy value */
|
/* Require explicit policy value */
|
||||||
|
int explicit_policy;
|
||||||
|
|
||||||
/* When something goes wrong, this is why */
|
/* When something goes wrong, this is why */
|
||||||
int error_depth;
|
int error_depth;
|
||||||
int error;
|
int error;
|
||||||
X509 *current_cert;
|
X509 *current_cert;
|
||||||
X509 *current_issuer; /* cert currently being tested as valid issuer */
|
/* cert currently being tested as valid issuer */
|
||||||
X509_CRL *current_crl; /* current CRL */
|
X509 *current_issuer;
|
||||||
|
/* current CRL */
|
||||||
|
X509_CRL *current_crl;
|
||||||
|
|
||||||
int current_crl_score; /* score of current CRL */
|
/* score of current CRL */
|
||||||
unsigned int current_reasons; /* Reason mask */
|
int current_crl_score;
|
||||||
|
/* Reason mask */
|
||||||
|
unsigned int current_reasons;
|
||||||
|
|
||||||
X509_STORE_CTX *parent; /* For CRL path validation: parent context */
|
/* For CRL path validation: parent context */
|
||||||
|
X509_STORE_CTX *parent;
|
||||||
|
|
||||||
CRYPTO_EX_DATA ex_data;
|
CRYPTO_EX_DATA ex_data;
|
||||||
} /* X509_STORE_CTX */;
|
} /* X509_STORE_CTX */;
|
||||||
|
@ -122,8 +122,8 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
|
/* /8 because it's 1024 bits we look for, not bytes */
|
||||||
for, not bytes */
|
if (EVP_PKEY_size(pk) <= 1024/8)
|
||||||
ret|=EVP_PKT_EXP;
|
ret|=EVP_PKT_EXP;
|
||||||
if(pkey==NULL) EVP_PKEY_free(pk);
|
if(pkey==NULL) EVP_PKEY_free(pk);
|
||||||
return(ret);
|
return(ret);
|
||||||
|
@ -708,7 +708,9 @@ tls_create_ctx(struct tls_create_ctx_args a, void *apparg)
|
|||||||
SSL_CTX_set_verify_depth(ret, a.verify_depth);
|
SSL_CTX_set_verify_depth(ret, a.verify_depth);
|
||||||
|
|
||||||
if (a.ca_file != NULL) {
|
if (a.ca_file != NULL) {
|
||||||
r = SSL_CTX_load_verify_locations(ret, a.ca_file, NULL /* no CA-directory */); /* does not report failure if file does not exist ... */
|
/* does not report failure if file does not exist ... */
|
||||||
|
/* NULL argument means no CA-directory */
|
||||||
|
r = SSL_CTX_load_verify_locations(ret, a.ca_file, NULL);
|
||||||
if (!r) {
|
if (!r) {
|
||||||
err_pref_1 = " while processing certificate file ";
|
err_pref_1 = " while processing certificate file ";
|
||||||
err_pref_2 = a.ca_file;
|
err_pref_2 = a.ca_file;
|
||||||
|
@ -917,4 +917,4 @@ IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
|
|||||||
|
|
||||||
|
|
||||||
#endif /* !OPENSSL_NO_HW_IBMCA */
|
#endif /* !OPENSSL_NO_HW_IBMCA */
|
||||||
#endif /* !OPENSSL_NO_HW */
|
#endif /* !OPENSSL_NO_HW */
|
||||||
|
@ -46,9 +46,12 @@ extern "C" {
|
|||||||
__declspec(dllexport)
|
__declspec(dllexport)
|
||||||
void **
|
void **
|
||||||
#if defined(__BORLANDC__)
|
#if defined(__BORLANDC__)
|
||||||
__stdcall /* __stdcall appears to be the only way to get the name
|
/*
|
||||||
* decoration right with Borland C. Otherwise it works
|
* __stdcall appears to be the only way to get the name
|
||||||
* purely incidentally, as we pass no parameters. */
|
* decoration right with Borland C. Otherwise it works
|
||||||
|
* purely incidentally, as we pass no parameters.
|
||||||
|
*/
|
||||||
|
__stdcall
|
||||||
#else
|
#else
|
||||||
__cdecl
|
__cdecl
|
||||||
#endif
|
#endif
|
||||||
|
@ -481,10 +481,15 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
|
|||||||
again:
|
again:
|
||||||
i = dtls1_get_message_fragment(s, st1, stn, max, ok);
|
i = dtls1_get_message_fragment(s, st1, stn, max, ok);
|
||||||
if ( i == DTLS1_HM_BAD_FRAGMENT ||
|
if ( i == DTLS1_HM_BAD_FRAGMENT ||
|
||||||
i == DTLS1_HM_FRAGMENT_RETRY) /* bad fragment received */
|
i == DTLS1_HM_FRAGMENT_RETRY)
|
||||||
|
{
|
||||||
|
/* bad fragment received */
|
||||||
goto again;
|
goto again;
|
||||||
|
}
|
||||||
else if ( i <= 0 && !*ok)
|
else if ( i <= 0 && !*ok)
|
||||||
|
{
|
||||||
return i;
|
return i;
|
||||||
|
}
|
||||||
|
|
||||||
p = (unsigned char *)s->init_buf->data;
|
p = (unsigned char *)s->init_buf->data;
|
||||||
msg_len = msg_hdr->msg_len;
|
msg_len = msg_hdr->msg_len;
|
||||||
@ -1022,9 +1027,11 @@ int dtls1_read_failed(SSL *s, int code)
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_HEARTBEATS
|
#ifndef OPENSSL_NO_HEARTBEATS
|
||||||
if (!SSL_in_init(s) && !s->tlsext_hb_pending) /* done, no need to send a retransmit */
|
/* done, no need to send a retransmit */
|
||||||
|
if (!SSL_in_init(s) && !s->tlsext_hb_pending)
|
||||||
#else
|
#else
|
||||||
if (!SSL_in_init(s)) /* done, no need to send a retransmit */
|
/* done, no need to send a retransmit */
|
||||||
|
if (!SSL_in_init(s))
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
|
BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
|
||||||
|
@ -343,8 +343,8 @@ dtls1_get_buffered_record(SSL *s)
|
|||||||
(((PQ_64BIT)s->d1->handshake_read_seq) << 32) |
|
(((PQ_64BIT)s->d1->handshake_read_seq) << 32) |
|
||||||
((PQ_64BIT)s->d1->r_msg_hdr.frag_off);
|
((PQ_64BIT)s->d1->r_msg_hdr.frag_off);
|
||||||
|
|
||||||
if ( ! SSL_in_init(s)) /* if we're not (re)negotiating,
|
/* if we're not (re)negotiating, nothing buffered */
|
||||||
nothing buffered */
|
if ( ! SSL_in_init(s))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
|
||||||
|
@ -240,19 +240,21 @@ end:
|
|||||||
|
|
||||||
int ssl23_get_client_hello(SSL *s)
|
int ssl23_get_client_hello(SSL *s)
|
||||||
{
|
{
|
||||||
char buf_space[11]; /* Request this many bytes in initial read.
|
/*-
|
||||||
* We can detect SSL 3.0/TLS 1.0 Client Hellos
|
* Request this many bytes in initial read.
|
||||||
* ('type == 3') correctly only when the following
|
* We can detect SSL 3.0/TLS 1.0 Client Hellos
|
||||||
* is in a single record, which is not guaranteed by
|
* ('type == 3') correctly only when the following
|
||||||
* the protocol specification:
|
* is in a single record, which is not guaranteed by
|
||||||
* Byte Content
|
* the protocol specification:
|
||||||
* 0 type \
|
* Byte Content
|
||||||
* 1/2 version > record header
|
* 0 type \
|
||||||
* 3/4 length /
|
* 1/2 version > record header
|
||||||
* 5 msg_type \
|
* 3/4 length /
|
||||||
* 6-8 length > Client Hello message
|
* 5 msg_type \
|
||||||
* 9/10 client_version /
|
* 6-8 length > Client Hello message
|
||||||
*/
|
* 9/10 client_version /
|
||||||
|
*/
|
||||||
|
char buf_space[11];
|
||||||
char *buf= &(buf_space[0]);
|
char *buf= &(buf_space[0]);
|
||||||
unsigned char *p,*d,*d_len,*dd;
|
unsigned char *p,*d,*d_len,*dd;
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
|
@ -236,11 +236,12 @@ int ssl3_get_finished(SSL *s, int a, int b)
|
|||||||
*/
|
*/
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* 64 argument should actually be 36+4 :-) */
|
||||||
n=s->method->ssl_get_message(s,
|
n=s->method->ssl_get_message(s,
|
||||||
a,
|
a,
|
||||||
b,
|
b,
|
||||||
SSL3_MT_FINISHED,
|
SSL3_MT_FINISHED,
|
||||||
64, /* should actually be 36+4 :-) */
|
64,
|
||||||
&ok);
|
&ok);
|
||||||
|
|
||||||
if (!ok) return((int)n);
|
if (!ok) return((int)n);
|
||||||
|
138
ssl/ssl.h
138
ssl/ssl.h
@ -1015,7 +1015,8 @@ struct ssl_ctx_st
|
|||||||
int verify_mode;
|
int verify_mode;
|
||||||
unsigned int sid_ctx_length;
|
unsigned int sid_ctx_length;
|
||||||
unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
|
unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
|
||||||
int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
|
/* called 'verify_callback' in the SSL */
|
||||||
|
int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
/* Default generate session ID callback. */
|
/* Default generate session ID callback. */
|
||||||
GEN_SESSION_CB generate_session_id;
|
GEN_SESSION_CB generate_session_id;
|
||||||
@ -1306,22 +1307,28 @@ struct ssl_st
|
|||||||
* (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION)
|
* (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION)
|
||||||
*/
|
*/
|
||||||
int version;
|
int version;
|
||||||
int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
|
/* SSL_ST_CONNECT or SSL_ST_ACCEPT */
|
||||||
|
int type;
|
||||||
|
|
||||||
const SSL_METHOD *method; /* SSLv3 */
|
/* SSLv3 */
|
||||||
|
const SSL_METHOD *method;
|
||||||
|
|
||||||
/* There are 2 BIO's even though they are normally both the
|
/* There are 2 BIO's even though they are normally both the
|
||||||
* same. This is so data can be read and written to different
|
* same. This is so data can be read and written to different
|
||||||
* handlers */
|
* handlers */
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_BIO
|
#ifndef OPENSSL_NO_BIO
|
||||||
BIO *rbio; /* used by SSL_read */
|
/* used by SSL_read */
|
||||||
BIO *wbio; /* used by SSL_write */
|
BIO *rbio;
|
||||||
BIO *bbio; /* used during session-id reuse to concatenate
|
/* used by SSL_write */
|
||||||
* messages */
|
BIO *wbio;
|
||||||
|
/* used during session-id reuse to concatenate messages */
|
||||||
|
BIO *bbio;
|
||||||
#else
|
#else
|
||||||
char *rbio; /* used by SSL_read */
|
/* used by SSL_read */
|
||||||
char *wbio; /* used by SSL_write */
|
char *rbio;
|
||||||
|
/* used by SSL_write */
|
||||||
|
char *wbio;
|
||||||
char *bbio;
|
char *bbio;
|
||||||
#endif
|
#endif
|
||||||
/* This holds a variable that indicates what we were doing
|
/* This holds a variable that indicates what we were doing
|
||||||
@ -1342,17 +1349,24 @@ struct ssl_st
|
|||||||
* test instead of an "init" member.
|
* test instead of an "init" member.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
int server; /* are we the server side? - mostly used by SSL_clear*/
|
/* are we the server side? - mostly used by SSL_clear*/
|
||||||
|
int server;
|
||||||
|
|
||||||
int new_session;/* Generate a new session or reuse an old one.
|
/*
|
||||||
* NB: For servers, the 'new' session may actually be a previously
|
* Generate a new session or reuse an old one.
|
||||||
* cached session or even the previous session unless
|
* NB: For servers, the 'new' session may actually be a previously
|
||||||
* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
|
* cached session or even the previous session unless
|
||||||
int quiet_shutdown;/* don't send shutdown packets */
|
* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set
|
||||||
int shutdown; /* we have shut things down, 0x01 sent, 0x02
|
*/
|
||||||
* for received */
|
int new_session;
|
||||||
int state; /* where we are */
|
/* don't send shutdown packets */
|
||||||
int rstate; /* where we are when reading */
|
int quiet_shutdown;
|
||||||
|
/* we have shut things down, 0x01 sent, 0x02 for received */
|
||||||
|
int shutdown;
|
||||||
|
/* where we are */
|
||||||
|
int state;
|
||||||
|
/* where we are when reading */
|
||||||
|
int rstate;
|
||||||
|
|
||||||
BUF_MEM *init_buf; /* buffer used during init */
|
BUF_MEM *init_buf; /* buffer used during init */
|
||||||
void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */
|
void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */
|
||||||
@ -1424,17 +1438,25 @@ struct ssl_st
|
|||||||
GEN_SESSION_CB generate_session_id;
|
GEN_SESSION_CB generate_session_id;
|
||||||
|
|
||||||
/* Used in SSL2 and SSL3 */
|
/* Used in SSL2 and SSL3 */
|
||||||
int verify_mode; /* 0 don't care about verify failure.
|
/*
|
||||||
* 1 fail if verify fails */
|
* 0 don't care about verify failure.
|
||||||
int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
|
* 1 fail if verify fails
|
||||||
|
*/
|
||||||
|
int verify_mode;
|
||||||
|
/* fail if callback returns 0 */
|
||||||
|
int (*verify_callback)(int ok,X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
|
/* optional informational callback */
|
||||||
|
void (*info_callback)(const SSL *ssl,int type,int val);
|
||||||
|
|
||||||
int error; /* error bytes to be written */
|
/* error bytes to be written */
|
||||||
int error_code; /* actual code */
|
int error;
|
||||||
|
/* actual code */
|
||||||
|
int error_code;
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_KRB5
|
#ifndef OPENSSL_NO_KRB5
|
||||||
KSSL_CTX *kssl_ctx; /* Kerberos 5 context */
|
/* Kerberos 5 context */
|
||||||
|
KSSL_CTX *kssl_ctx;
|
||||||
#endif /* OPENSSL_NO_KRB5 */
|
#endif /* OPENSSL_NO_KRB5 */
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_PSK
|
#ifndef OPENSSL_NO_PSK
|
||||||
@ -1458,12 +1480,14 @@ struct ssl_st
|
|||||||
STACK_OF(X509_NAME) *client_CA;
|
STACK_OF(X509_NAME) *client_CA;
|
||||||
|
|
||||||
int references;
|
int references;
|
||||||
unsigned long options; /* protocol behaviour */
|
/* protocol behaviour */
|
||||||
unsigned long mode; /* API behaviour */
|
unsigned long options;
|
||||||
|
/* API behaviour */
|
||||||
|
unsigned long mode;
|
||||||
long max_cert_list;
|
long max_cert_list;
|
||||||
int first_packet;
|
int first_packet;
|
||||||
int client_version; /* what was passed, used for
|
/* what was passed, used for SSLv3/TLS rollback check */
|
||||||
* SSLv3/TLS rollback check */
|
int client_version;
|
||||||
unsigned int max_send_fragment;
|
unsigned int max_send_fragment;
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
#ifndef OPENSSL_NO_TLSEXT
|
||||||
/* TLS extension debug callback */
|
/* TLS extension debug callback */
|
||||||
@ -1472,11 +1496,13 @@ struct ssl_st
|
|||||||
void *arg);
|
void *arg);
|
||||||
void *tlsext_debug_arg;
|
void *tlsext_debug_arg;
|
||||||
char *tlsext_hostname;
|
char *tlsext_hostname;
|
||||||
int servername_done; /* no further mod of servername
|
/*-
|
||||||
0 : call the servername extension callback.
|
* no further mod of servername
|
||||||
1 : prepare 2, allow last ack just after in server callback.
|
* 0 : call the servername extension callback.
|
||||||
2 : don't call servername callback, no ack in server hello
|
* 1 : prepare 2, allow last ack just after in server callback.
|
||||||
*/
|
* 2 : don't call servername callback, no ack in server hello
|
||||||
|
*/
|
||||||
|
int servername_done;
|
||||||
/* certificate status request info */
|
/* certificate status request info */
|
||||||
/* Status type or -1 if no status type */
|
/* Status type or -1 if no status type */
|
||||||
int tlsext_status_type;
|
int tlsext_status_type;
|
||||||
@ -1493,9 +1519,11 @@ struct ssl_st
|
|||||||
int tlsext_ticket_expected;
|
int tlsext_ticket_expected;
|
||||||
#ifndef OPENSSL_NO_EC
|
#ifndef OPENSSL_NO_EC
|
||||||
size_t tlsext_ecpointformatlist_length;
|
size_t tlsext_ecpointformatlist_length;
|
||||||
unsigned char *tlsext_ecpointformatlist; /* our list */
|
/* our list */
|
||||||
|
unsigned char *tlsext_ecpointformatlist;
|
||||||
size_t tlsext_ellipticcurvelist_length;
|
size_t tlsext_ellipticcurvelist_length;
|
||||||
unsigned char *tlsext_ellipticcurvelist; /* our list */
|
/* our list */
|
||||||
|
unsigned char *tlsext_ellipticcurvelist;
|
||||||
#endif /* OPENSSL_NO_EC */
|
#endif /* OPENSSL_NO_EC */
|
||||||
|
|
||||||
/* draft-rescorla-tls-opaque-prf-input-00.txt information to be used for handshakes */
|
/* draft-rescorla-tls-opaque-prf-input-00.txt information to be used for handshakes */
|
||||||
@ -1529,26 +1557,36 @@ struct ssl_st
|
|||||||
|
|
||||||
#define session_ctx initial_ctx
|
#define session_ctx initial_ctx
|
||||||
|
|
||||||
STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */
|
/* What we'll do */
|
||||||
SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */
|
STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
|
||||||
|
/* What's been chosen */
|
||||||
|
SRTP_PROTECTION_PROFILE *srtp_profile;
|
||||||
|
|
||||||
unsigned int tlsext_heartbeat; /* Is use of the Heartbeat extension negotiated?
|
/*-
|
||||||
0: disabled
|
* Is use of the Heartbeat extension negotiated?
|
||||||
1: enabled
|
* 0: disabled
|
||||||
2: enabled, but not allowed to send Requests
|
* 1: enabled
|
||||||
*/
|
* 2: enabled, but not allowed to send Requests
|
||||||
unsigned int tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */
|
*/
|
||||||
unsigned int tlsext_hb_seq; /* HeartbeatRequest sequence number */
|
unsigned int tlsext_heartbeat;
|
||||||
|
/* Indicates if a HeartbeatRequest is in flight */
|
||||||
|
unsigned int tlsext_hb_pending;
|
||||||
|
/* HeartbeatRequest sequence number */
|
||||||
|
unsigned int tlsext_hb_seq;
|
||||||
#else
|
#else
|
||||||
#define session_ctx ctx
|
#define session_ctx ctx
|
||||||
#endif /* OPENSSL_NO_TLSEXT */
|
#endif /* OPENSSL_NO_TLSEXT */
|
||||||
|
|
||||||
int renegotiate;/* 1 if we are renegotiating.
|
/*-
|
||||||
* 2 if we are a server and are inside a handshake
|
* 1 if we are renegotiating.
|
||||||
* (i.e. not just sending a HelloRequest) */
|
* 2 if we are a server and are inside a handshake
|
||||||
|
* (i.e. not just sending a HelloRequest)
|
||||||
|
*/
|
||||||
|
int renegotiate;
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SRP
|
#ifndef OPENSSL_NO_SRP
|
||||||
SRP_CTX srp_ctx; /* ctx for SRP authentication */
|
/* ctx for SRP authentication */
|
||||||
|
SRP_CTX srp_ctx;
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
#ifndef OPENSSL_NO_TLSEXT
|
||||||
/* For a client, this contains the list of supported protocols in wire
|
/* For a client, this contains the list of supported protocols in wire
|
||||||
|
37
ssl/ssl3.h
37
ssl/ssl3.h
@ -388,23 +388,34 @@ extern "C" {
|
|||||||
|
|
||||||
typedef struct ssl3_record_st
|
typedef struct ssl3_record_st
|
||||||
{
|
{
|
||||||
/*r */ int type; /* type of record */
|
/* type of record */
|
||||||
/*rw*/ unsigned int length; /* How many bytes available */
|
/*r */ int type;
|
||||||
/*r */ unsigned int off; /* read/write offset into 'buf' */
|
/* How many bytes available */
|
||||||
/*rw*/ unsigned char *data; /* pointer to the record data */
|
/*rw*/ unsigned int length;
|
||||||
/*rw*/ unsigned char *input; /* where the decode bytes are */
|
/* read/write offset into 'buf' */
|
||||||
/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
|
/*r */ unsigned int off;
|
||||||
/*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */
|
/* pointer to the record data */
|
||||||
/*r */ unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
|
/*rw*/ unsigned char *data;
|
||||||
|
/* where the decode bytes are */
|
||||||
|
/*rw*/ unsigned char *input;
|
||||||
|
/* only used with decompression - malloc()ed */
|
||||||
|
/*r */ unsigned char *comp;
|
||||||
|
/* epoch number, needed by DTLS1 */
|
||||||
|
/*r */ unsigned long epoch;
|
||||||
|
/* sequence number, needed by DTLS1 */
|
||||||
|
/*r */ unsigned char seq_num[8];
|
||||||
} SSL3_RECORD;
|
} SSL3_RECORD;
|
||||||
|
|
||||||
typedef struct ssl3_buffer_st
|
typedef struct ssl3_buffer_st
|
||||||
{
|
{
|
||||||
unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
|
/* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
|
||||||
* see ssl3_setup_buffers() */
|
unsigned char *buf;
|
||||||
size_t len; /* buffer size */
|
/* buffer size */
|
||||||
int offset; /* where to 'copy from' */
|
size_t len;
|
||||||
int left; /* how many bytes left */
|
/* where to 'copy from' */
|
||||||
|
int offset;
|
||||||
|
/* how many bytes left */
|
||||||
|
int left;
|
||||||
} SSL3_BUFFER;
|
} SSL3_BUFFER;
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -201,10 +201,15 @@ int SSL_clear(SSL *s)
|
|||||||
s->hit=0;
|
s->hit=0;
|
||||||
s->shutdown=0;
|
s->shutdown=0;
|
||||||
|
|
||||||
#if 0 /* Disabled since version 1.10 of this file (early return not
|
#if 0
|
||||||
* needed because SSL_clear is not called when doing renegotiation) */
|
/*
|
||||||
/* This is set if we are doing dynamic renegotiation so keep
|
* Disabled since version 1.10 of this file (early return not
|
||||||
* the old cipher. It is sort of a SSL_clear_lite :-) */
|
* needed because SSL_clear is not called when doing renegotiation)
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* This is set if we are doing dynamic renegotiation so keep
|
||||||
|
* the old cipher. It is sort of a SSL_clear_lite :-)
|
||||||
|
*/
|
||||||
if (s->renegotiate) return(1);
|
if (s->renegotiate) return(1);
|
||||||
#else
|
#else
|
||||||
if (s->renegotiate)
|
if (s->renegotiate)
|
||||||
|
@ -563,9 +563,12 @@ typedef struct {
|
|||||||
typedef struct cert_st
|
typedef struct cert_st
|
||||||
{
|
{
|
||||||
/* Current active set */
|
/* Current active set */
|
||||||
CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
|
/*
|
||||||
* Probably it would make more sense to store
|
* ALWAYS points to an element of the pkeys array
|
||||||
* an index, not a pointer. */
|
* Probably it would make more sense to store
|
||||||
|
* an index, not a pointer.
|
||||||
|
*/
|
||||||
|
CERT_PKEY *key;
|
||||||
|
|
||||||
/* For servers the following masks are for the key and auth
|
/* For servers the following masks are for the key and auth
|
||||||
* algorithms that are supported by the certs below.
|
* algorithms that are supported by the certs below.
|
||||||
|
@ -1014,9 +1014,11 @@ static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
|
|||||||
if ((s->next == NULL) || (s->prev == NULL)) return;
|
if ((s->next == NULL) || (s->prev == NULL)) return;
|
||||||
|
|
||||||
if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
|
if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
|
||||||
{ /* last element in list */
|
{
|
||||||
|
/* last element in list */
|
||||||
if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
|
if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
|
||||||
{ /* only one element in list */
|
{
|
||||||
|
/* only one element in list */
|
||||||
ctx->session_cache_head=NULL;
|
ctx->session_cache_head=NULL;
|
||||||
ctx->session_cache_tail=NULL;
|
ctx->session_cache_tail=NULL;
|
||||||
}
|
}
|
||||||
@ -1029,12 +1031,14 @@ static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
|
if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
|
||||||
{ /* first element in list */
|
{
|
||||||
|
/* first element in list */
|
||||||
ctx->session_cache_head=s->next;
|
ctx->session_cache_head=s->next;
|
||||||
s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
|
s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{ /* middle of list */
|
{
|
||||||
|
/* middle of list */
|
||||||
s->next->prev=s->prev;
|
s->next->prev=s->prev;
|
||||||
s->prev->next=s->next;
|
s->prev->next=s->next;
|
||||||
}
|
}
|
||||||
|
@ -140,8 +140,8 @@
|
|||||||
* OTHERWISE.
|
* OTHERWISE.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#define _BSD_SOURCE 1 /* Or gethostname won't be declared properly
|
/* Or gethostname won't be declared properly on Linux and GNU platforms. */
|
||||||
on Linux and GNU platforms. */
|
#define _BSD_SOURCE 1
|
||||||
|
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
@ -155,8 +155,8 @@
|
|||||||
#include "e_os.h"
|
#include "e_os.h"
|
||||||
|
|
||||||
#ifdef OPENSSL_SYS_VMS
|
#ifdef OPENSSL_SYS_VMS
|
||||||
#define _XOPEN_SOURCE 500 /* Or isascii won't be declared properly on
|
/* Or isascii won't be declared properly on VMS (at least with DECompHP C). */
|
||||||
VMS (at least with DECompHP C). */
|
#define _XOPEN_SOURCE 500
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
@ -186,11 +186,13 @@
|
|||||||
#endif
|
#endif
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
|
||||||
#define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly
|
/*
|
||||||
on Compaq platforms (at least with DEC C).
|
* Or gethostname won't be declared properly
|
||||||
Do not try to put it earlier, or IPv6 includes
|
* on Compaq platforms (at least with DEC C).
|
||||||
get screwed...
|
* Do not try to put it earlier, or IPv6 includes
|
||||||
*/
|
* get screwed...
|
||||||
|
*/
|
||||||
|
#define _XOPEN_SOURCE_EXTENDED 1
|
||||||
|
|
||||||
#ifdef OPENSSL_SYS_WINDOWS
|
#ifdef OPENSSL_SYS_WINDOWS
|
||||||
#include <winsock.h>
|
#include <winsock.h>
|
||||||
|
41
ssl/t1_lib.c
41
ssl/t1_lib.c
@ -2281,8 +2281,11 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */
|
if (s->s3->client_opaque_prf_input != NULL)
|
||||||
|
{
|
||||||
|
/* shouldn't really happen */
|
||||||
OPENSSL_free(s->s3->client_opaque_prf_input);
|
OPENSSL_free(s->s3->client_opaque_prf_input);
|
||||||
|
}
|
||||||
|
|
||||||
/* dummy byte just to get non-NULL */
|
/* dummy byte just to get non-NULL */
|
||||||
if (s->s3->client_opaque_prf_input_len == 0)
|
if (s->s3->client_opaque_prf_input_len == 0)
|
||||||
@ -2740,12 +2743,20 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */
|
if (s->s3->server_opaque_prf_input != NULL)
|
||||||
|
{
|
||||||
|
/* shouldn't really happen */
|
||||||
OPENSSL_free(s->s3->server_opaque_prf_input);
|
OPENSSL_free(s->s3->server_opaque_prf_input);
|
||||||
|
}
|
||||||
if (s->s3->server_opaque_prf_input_len == 0)
|
if (s->s3->server_opaque_prf_input_len == 0)
|
||||||
s->s3->server_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
|
{
|
||||||
|
/* dummy byte just to get non-NULL */
|
||||||
|
s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
|
||||||
|
}
|
||||||
else
|
else
|
||||||
|
{
|
||||||
s->s3->server_opaque_prf_input = BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
|
s->s3->server_opaque_prf_input = BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
|
||||||
|
}
|
||||||
|
|
||||||
if (s->s3->server_opaque_prf_input == NULL)
|
if (s->s3->server_opaque_prf_input == NULL)
|
||||||
{
|
{
|
||||||
@ -2958,13 +2969,21 @@ int ssl_prepare_clienthello_tlsext(SSL *s)
|
|||||||
|
|
||||||
if (s->tlsext_opaque_prf_input != NULL)
|
if (s->tlsext_opaque_prf_input != NULL)
|
||||||
{
|
{
|
||||||
if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */
|
if (s->s3->client_opaque_prf_input != NULL)
|
||||||
|
{
|
||||||
|
/* shouldn't really happen */
|
||||||
OPENSSL_free(s->s3->client_opaque_prf_input);
|
OPENSSL_free(s->s3->client_opaque_prf_input);
|
||||||
|
}
|
||||||
|
|
||||||
if (s->tlsext_opaque_prf_input_len == 0)
|
if (s->tlsext_opaque_prf_input_len == 0)
|
||||||
s->s3->client_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
|
{
|
||||||
|
/* dummy byte just to get non-NULL */
|
||||||
|
s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
|
||||||
|
}
|
||||||
else
|
else
|
||||||
|
{
|
||||||
s->s3->client_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len);
|
s->s3->client_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len);
|
||||||
|
}
|
||||||
if (s->s3->client_opaque_prf_input == NULL)
|
if (s->s3->client_opaque_prf_input == NULL)
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
|
SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
|
||||||
@ -3026,8 +3045,11 @@ static int ssl_check_clienthello_tlsext_early(SSL *s)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */
|
if (s->s3->server_opaque_prf_input != NULL)
|
||||||
|
{
|
||||||
|
/* shouldn't really happen */
|
||||||
OPENSSL_free(s->s3->server_opaque_prf_input);
|
OPENSSL_free(s->s3->server_opaque_prf_input);
|
||||||
|
}
|
||||||
s->s3->server_opaque_prf_input = NULL;
|
s->s3->server_opaque_prf_input = NULL;
|
||||||
|
|
||||||
if (s->tlsext_opaque_prf_input != NULL)
|
if (s->tlsext_opaque_prf_input != NULL)
|
||||||
@ -3039,9 +3061,14 @@ static int ssl_check_clienthello_tlsext_early(SSL *s)
|
|||||||
* of the same length as the client opaque PRF input! */
|
* of the same length as the client opaque PRF input! */
|
||||||
|
|
||||||
if (s->tlsext_opaque_prf_input_len == 0)
|
if (s->tlsext_opaque_prf_input_len == 0)
|
||||||
s->s3->server_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
|
{
|
||||||
|
/* dummy byte just to get non-NULL */
|
||||||
|
s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
|
||||||
|
}
|
||||||
else
|
else
|
||||||
|
{
|
||||||
s->s3->server_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len);
|
s->s3->server_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len);
|
||||||
|
}
|
||||||
if (s->s3->server_opaque_prf_input == NULL)
|
if (s->s3->server_opaque_prf_input == NULL)
|
||||||
{
|
{
|
||||||
ret = SSL_TLSEXT_ERR_ALERT_FATAL;
|
ret = SSL_TLSEXT_ERR_ALERT_FATAL;
|
||||||
|
@ -244,9 +244,12 @@ extern "C" {
|
|||||||
#define TLSEXT_TYPE_session_ticket 35
|
#define TLSEXT_TYPE_session_ticket 35
|
||||||
|
|
||||||
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
|
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
|
||||||
#if 0 /* will have to be provided externally for now ,
|
#if 0
|
||||||
* i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
|
/*
|
||||||
* using whatever extension number you'd like to try */
|
* will have to be provided externally for now ,
|
||||||
|
* i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
|
||||||
|
* using whatever extension number you'd like to try
|
||||||
|
*/
|
||||||
# define TLSEXT_TYPE_opaque_prf_input ??
|
# define TLSEXT_TYPE_opaque_prf_input ??
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user