diff options
69 files changed, 229 insertions, 5569 deletions
@@ -847,7 +847,6 @@ PROCESS_ARGS: { if ($1 eq "ssl") { - $disabled{"ssl2"} = "option(ssl)"; $disabled{"ssl3"} = "option(ssl)"; } elsif ($1 eq "tls") @@ -1062,12 +1061,6 @@ if (defined($disabled{"ec"})) $disabled{"ecdh"} = "forced"; } -# SSL 2.0 requires MD5 and RSA -if (defined($disabled{"md5"}) || defined($disabled{"rsa"})) - { - $disabled{"ssl2"} = "forced"; - } - # SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH if (defined($disabled{"md5"}) || defined($disabled{"sha"}) || (defined($disabled{"rsa"}) diff --git a/INSTALL.VMS b/INSTALL.VMS index e5d43a57ab..6a50e6f4e7 100644 --- a/INSTALL.VMS +++ b/INSTALL.VMS @@ -134,7 +134,7 @@ Currently, the logical names supported are: will not be implemented. Supported algorithms to do this with are: RSA, DSA, DH, MD2, MD4, MD5, RIPEMD, SHA, DES, MDC2, CR2, RC4, RC5, IDEA, BF, CAST, HMAC, - SSL2. So, for example, having the logical name + SSL3. So, for example, having the logical name OPENSSL_NO_RSA with the value YES means that the LIBCRYPTO.OLB library will not contain an RSA implementation. diff --git a/Netware/do_tests.pl b/Netware/do_tests.pl index ac482dbe2b..f8909a43cc 100644 --- a/Netware/do_tests.pl +++ b/Netware/do_tests.pl @@ -270,22 +270,6 @@ sub ssl_tests print( OUT "\n========================================================\n"); print( OUT "SSL TESTS:\n\n"); - system("ssltest -ssl2 (CLIB_OPT)/>$outFile"); - log_desc("Testing sslv2:"); - log_output("ssltest -ssl2", $outFile); - - system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile"); - log_desc("Testing sslv2 with server authentication:"); - log_output("$ssltest -ssl2 -server_auth", $outFile); - - system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile"); - log_desc("Testing sslv2 with client authentication:"); - log_output("$ssltest -ssl2 -client_auth", $outFile); - - system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile"); - log_desc("Testing sslv2 with both client and server authentication:"); - log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile); - system("ssltest -ssl3 (CLIB_OPT)/>$outFile"); log_desc("Testing sslv3:"); log_output("ssltest -ssl3", $outFile); @@ -318,26 +302,10 @@ sub ssl_tests log_desc("Testing sslv2/sslv3 with both client and server authentication:"); log_output("$ssltest -server_auth -client_auth", $outFile); - system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile"); - log_desc("Testing sslv2 via BIO pair:"); - log_output("ssltest -bio_pair -ssl2", $outFile); - system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile"); log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:"); log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile); - system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile"); - log_desc("Testing sslv2 with server authentication via BIO pair:"); - log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile); - - system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile"); - log_desc("Testing sslv2 with client authentication via BIO pair:"); - log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile); - - system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile"); - log_desc("Testing sslv2 with both client and server authentication via BIO pair:"); - log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile); - system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile"); log_desc("Testing sslv3 via BIO pair:"); log_output("ssltest -bio_pair -ssl3", $outFile); diff --git a/apps/ciphers.c b/apps/ciphers.c index 85760cd42d..7de7dd3b38 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -73,7 +73,6 @@ static const char *ciphers_usage[]={ "usage: ciphers args\n", " -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n", " -V - even more verbose\n", -" -ssl2 - SSL2 mode\n", " -ssl3 - SSL3 mode\n", " -tls1 - TLS1 mode\n", NULL @@ -130,10 +129,6 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-stdname") == 0) stdname=verbose=1; #endif -#ifndef OPENSSL_NO_SSL2 - else if (strcmp(*argv,"-ssl2") == 0) - meth=SSLv2_client_method(); -#endif #ifndef OPENSSL_NO_SSL3 else if (strcmp(*argv,"-ssl3") == 0) meth=SSLv3_client_method(); @@ -210,9 +205,7 @@ int MAIN(int argc, char **argv) int id2 = (int)((id >> 8) & 0xffL); int id3 = (int)(id & 0xffL); - if ((id & 0xff000000L) == 0x02000000L) - BIO_printf(STDout, " 0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */ - else if ((id & 0xff000000L) == 0x03000000L) + if ((id & 0xff000000L) == 0x03000000L) BIO_printf(STDout, " 0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */ else BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */ diff --git a/apps/s_cb.c b/apps/s_cb.c index 0184125447..f3892f92e6 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -621,8 +621,6 @@ static const char *ssl_version_str(int version) { switch (version) { - case SSL2_VERSION: - return "SSL 2.0"; case SSL3_VERSION: return "SSL 3.0"; case TLS1_VERSION: @@ -649,67 +647,6 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void * str_version = ssl_version_str(version); - if (version == SSL2_VERSION) - { - str_details1 = "???"; - - if (len > 0) - { - switch (((const unsigned char*)buf)[0]) - { - case 0: - str_details1 = ", ERROR:"; - str_details2 = " ???"; - if (len >= 3) - { - unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2]; - - switch (err) - { - case 0x0001: - str_details2 = " NO-CIPHER-ERROR"; - break; - case 0x0002: - str_details2 = " NO-CERTIFICATE-ERROR"; - break; - case 0x0004: - str_details2 = " BAD-CERTIFICATE-ERROR"; - break; - case 0x0006: - str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR"; - break; - } - } - - break; - case 1: - str_details1 = ", CLIENT-HELLO"; - break; - case 2: - str_details1 = ", CLIENT-MASTER-KEY"; - break; - case 3: - str_details1 = ", CLIENT-FINISHED"; - break; - case 4: - str_details1 = ", SERVER-HELLO"; - break; - case 5: - str_details1 = ", SERVER-VERIFY"; - break; - case 6: - str_details1 = ", SERVER-FINISHED"; - break; - case 7: - str_details1 = ", REQUEST-CERTIFICATE"; - break; - case 8: - str_details1 = ", CLIENT-CERTIFICATE"; - break; - } - } - } - if (version == SSL3_VERSION || version == TLS1_VERSION || version == TLS1_1_VERSION || @@ -1829,11 +1766,6 @@ static int security_callback_debug(SSL *s, SSL_CTX *ctx, case SSL_SECOP_CURVE_CHECK: nm = "Check Curve"; break; - case SSL_SECOP_SSL2_COMPAT: - BIO_puts(sdb->out, "SSLv2 compatible"); - show_bits = 0; - nm = NULL; - break; case SSL_SECOP_VERSION: BIO_printf(sdb->out, "Version=%s", ssl_version_str(nid)); show_bits = 0; diff --git a/apps/s_client.c b/apps/s_client.c index cde7713300..1a30ef2241 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -335,7 +335,6 @@ static void sc_usage(void) BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n"); BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); #endif - BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); #ifndef OPENSSL_NO_SSL3_METHOD BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); #endif @@ -345,9 +344,8 @@ static void sc_usage(void) BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n"); BIO_printf(bio_err," -mtu - set the link layer MTU\n"); - BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); + BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); - BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); BIO_printf(bio_err," command to see what is available\n"); BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); @@ -912,10 +910,6 @@ static char *jpake_secret = NULL; meth=TLSv1_client_method(); } #endif -#ifndef OPENSSL_NO_SSL2 - else if (strcmp(*argv,"-ssl2") == 0) - meth=SSLv2_client_method(); -#endif #ifndef OPENSSL_NO_SSL3_METHOD else if (strcmp(*argv,"-ssl3") == 0) meth=SSLv3_client_method(); @@ -2198,14 +2192,12 @@ end: static void print_stuff(BIO *bio, SSL *s, int full) { X509 *peer=NULL; - char *p; - static const char *space=" "; char buf[BUFSIZ]; STACK_OF(X509) *sk; STACK_OF(X509_NAME) *sk2; const SSL_CIPHER *c; X509_NAME *xn; - int j,i; + int i; #ifndef OPENSSL_NO_COMP const COMP_METHOD *comp, *expansion; #endif @@ -2267,34 +2259,6 @@ static void print_stuff(BIO *bio, SSL *s, int full) { BIO_printf(bio,"---\nNo client certificate CA names sent\n"); } - p=SSL_get_shared_ciphers(s,buf,sizeof buf); - if (p != NULL) - { - /* This works only for SSL 2. In later protocol - * versions, the client does not know what other - * ciphers (in addition to the one to be used - * in the current connection) the server supports. */ - - BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n"); - j=i=0; - while (*p) - { - if (*p == ':') - { - BIO_write(bio,space,15-j%25); - i++; - j=0; - BIO_write(bio,((i%3)?" ":"\n"),1); - } - else - { - BIO_write(bio,p,1); - j++; - } - p++; - } - BIO_write(bio,"\n",1); - } ssl_print_sigalgs(bio, s); ssl_print_tmp_key(bio, s); diff --git a/apps/s_server.c b/apps/s_server.c index d7d3ab25d6..504d3d9f07 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -508,7 +508,6 @@ static void sv_usage(void) BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n"); BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n"); #endif - BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); #ifndef OPENSSL_NO_SSL3_METHOD BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); #endif @@ -520,7 +519,6 @@ static void sv_usage(void) BIO_printf(bio_err," -timeout - Enable timeouts\n"); BIO_printf(bio_err," -mtu - Set link layer MTU\n"); BIO_printf(bio_err," -chain - Read a certificate chain\n"); - BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); BIO_printf(bio_err," -no_tls1_1 - Just disable TLSv1.1\n"); @@ -1406,13 +1404,6 @@ int MAIN(int argc, char *argv[]) { www=2; } else if (strcmp(*argv,"-HTTP") == 0) { www=3; } -#ifndef OPENSSL_NO_SSL2 - else if (strcmp(*argv,"-ssl2") == 0) - { - no_ecdhe=1; - meth=SSLv2_server_method(); - } -#endif #ifndef OPENSSL_NO_SSL3_METHOD else if (strcmp(*argv,"-ssl3") == 0) { meth=SSLv3_server_method(); } @@ -1768,9 +1759,6 @@ bad: if(strlen(session_id_prefix) >= 32) BIO_printf(bio_err, "warning: id_prefix is too long, only one new session will be possible\n"); - else if(strlen(session_id_prefix) >= 16) - BIO_printf(bio_err, -"warning: id_prefix is too long if you use SSLv2\n"); if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) { BIO_printf(bio_err,"error setting 'id_prefix'\n"); @@ -1855,9 +1843,6 @@ bad: if(strlen(session_id_prefix) >= 32) BIO_printf(bio_err, "warning: id_prefix is too long, only one new session will be possible\n"); - else if(strlen(session_id_prefix) >= 16) - BIO_printf(bio_err, - "warning: id_prefix is too long if you use SSLv2\n"); if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) { BIO_printf(bio_err,"error setting 'id_prefix'\n"); diff --git a/apps/s_time.c b/apps/s_time.c index 81dad53243..6542be2827 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -186,7 +186,6 @@ static void s_time_usage(void) printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME); #ifdef FIONBIO printf("-nbio - Run with non-blocking IO\n"); - printf("-ssl2 - Just use SSLv2\n"); printf("-ssl3 - Just use SSLv3\n"); printf("-bugs - Turn on SSL bug compatibility\n"); printf("-new - Just time new connections\n"); @@ -282,10 +281,6 @@ static int parseArgs(int argc, char **argv) } else if(strcmp(*argv,"-bugs") == 0) st_bugs=1; -#ifndef OPENSSL_NO_SSL2 - else if(strcmp(*argv,"-ssl2") == 0) - s_time_meth=SSLv2_client_method(); -#endif #ifndef OPENSSL_NO_SSL3 else if(strcmp(*argv,"-ssl3") == 0) s_time_meth=SSLv3_client_method(); @@ -430,8 +425,6 @@ int MAIN(int argc, char **argv) ver='t'; else if (ver == SSL3_VERSION) ver='3'; - else if (ver == SSL2_VERSION) - ver='2'; else ver='*'; } @@ -523,8 +516,6 @@ next: ver='t'; else if (ver == SSL3_VERSION) ver='3'; - else if (ver == SSL2_VERSION) - ver='2'; else ver='*'; } diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec index 547796baa7..33005ccee3 100644 --- a/crypto/err/openssl.ec +++ b/crypto/err/openssl.ec @@ -51,7 +51,6 @@ F RSAREF_F_RSA_PRIVATE_DECRYPT F RSAREF_F_RSA_PRIVATE_ENCRYPT F RSAREF_F_RSA_PUBLIC_DECRYPT F RSAREF_F_RSA_PUBLIC_ENCRYPT -#F SSL_F_CLIENT_CERTIFICATE R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c index 311e1fe2f8..99f9cd568f 100644 --- a/crypto/evp/c_alld.c +++ b/crypto/evp/c_alld.c @@ -69,7 +69,6 @@ void OpenSSL_add_all_digests(void) #endif #ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); - EVP_add_digest_alias(SN_md5,"ssl2-md5"); EVP_add_digest_alias(SN_md5,"ssl3-md5"); #endif #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c index eba7aa8a6e..da2707ef7a 100644 --- a/crypto/threads/mttest.c +++ b/crypto/threads/mttest.c @@ -217,8 +217,6 @@ int main(int argc, char *argv[]) cache_stats=1; else if (strcmp(*argv,"-ssl3") == 0) ssl_method=SSLv3_method(); - else if (strcmp(*argv,"-ssl2") == 0) - ssl_method=SSLv2_method(); else if (strcmp(*argv,"-CApath") == 0) { if (--argc < 1) goto bad; diff --git a/demos/ssl/cli.cpp b/demos/ssl/cli.cpp index 5b4406d16f..a5bee1c7b9 100644 --- a/demos/ssl/cli.cpp +++ b/demos/ssl/cli.cpp @@ -38,7 +38,7 @@ void main () SSL_METHOD *meth; SSLeay_add_ssl_algorithms(); - meth = SSLv2_client_method(); + meth = SSLv23_client_method(); SSL_load_error_strings(); ctx = SSL_CTX_new (meth); CHK_NULL(ctx); diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index 6bdc07746e..5f8dac4e19 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -10,7 +10,6 @@ B<openssl> B<ciphers> [B<-s>] [B<-v>] [B<-V>] -[B<-ssl2>] [B<-ssl3>] [B<-tls1>] [B<-stdname>] @@ -35,12 +34,9 @@ not used then ciphers excluded by the security level will still be listed. =item B<-v> Verbose option. List ciphers with a complete description of -protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange, +protocol version, key exchange, authentication, encryption and mac algorithms used along with any key size restrictions and whether the algorithm is classed as an "export" cipher. -Note that without the B<-v> option, ciphers may seem to appear twice -in a cipher list; this is when similar ciphers are available for -SSL v2 and for SSL v3/TLS v1. =item B<-V> @@ -50,10 +46,6 @@ Like B<-v>, but include cipher suite codes in output (hex format). only include SSL v3 ciphers. -=item B<-ssl2> - -only include SSL v2 ciphers. - =item B<-tls1> only include TLS v1 ciphers. @@ -259,9 +251,9 @@ keys. ciphers suites using FORTEZZA key exchange, authentication, encryption or all FORTEZZA algorithms. Not implemented. -=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2> +=item B<TLSv1.2>, B<TLSv1>, B<SSLv3> -TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note: +TLS v1.2, TLS v1.0 or SSL v3.0 cipher suites respectively. Note: there are no ciphersuites specific to TLS v1.1. =item B<AES128>, B<AES256>, B<AES> @@ -605,17 +597,6 @@ Note: these ciphers can also be used in SSL v3. TLS_PSK_WITH_AES_128_CBC_SHA PSK-AES128-CBC-SHA TLS_PSK_WITH_AES_256_CBC_SHA PSK-AES256-CBC-SHA -=head2 Deprecated SSL v2.0 cipher suites. - - SSL_CK_RC4_128_WITH_MD5 RC4-MD5 - SSL_CK_RC4_128_EXPORT40_WITH_MD5 EXP-RC4-MD5 - SSL_CK_RC2_128_CBC_WITH_MD5 RC2-MD5 - SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 EXP-RC2-MD5 - SSL_CK_IDEA_128_CBC_WITH_MD5 IDEA-CBC-MD5 - SSL_CK_DES_64_CBC_WITH_MD5 DES-CBC-MD5 - SSL_CK_DES_192_EDE3_CBC_WITH_MD5 DES-CBC3-MD5 - - =head1 NOTES Some compiled versions of OpenSSL may not include all the ciphers diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index 2057dc86e0..17308b4801 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -58,10 +58,8 @@ B<openssl> B<s_client> [B<-ign_eof>] [B<-no_ign_eof>] [B<-quiet>] -[B<-ssl2>] [B<-ssl3>] [B<-tls1>] -[B<-no_ssl2>] [B<-no_ssl3>] [B<-no_tls1>] [B<-no_tls1_1>] @@ -248,11 +246,11 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. -=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> +=item B<-ssl3>, B<-tls1>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> these options disable the use of certain SSL or TLS protocols. By default the initial handshake uses a method which should be compatible with all -servers and permit them to use SSL v3, SSL v2 or TLS as appropriate. +servers and permit them to use SSL v3 or TLS as appropriate. Unfortunately there are still ancient and broken servers in use which cannot handle this technique and will fail to connect. Some servers only @@ -279,10 +277,6 @@ the server determines which cipher suite is used it should take the first supported cipher in the list sent by the client. See the B<ciphers> command for more information. -=item B<-serverpref> - -use the server's cipher preferences; only used for SSLV2. - =item B<-starttls protocol> send the protocol-specific message(s) to switch to TLS for communication. @@ -373,8 +367,8 @@ would typically be used (https uses port 443). If the connection succeeds then an HTTP command can be given such as "GET /" to retrieve a web page. If the handshake fails then there are several possible causes, if it is -nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>, -B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> options can be tried +nothing obvious like no client certificate then the B<-bugs>, +B<-ssl3>, B<-tls1>, B<-no_ssl3>, B<-no_tls1> options can be tried in case it is a buggy server. In particular you should play with these options B<before> submitting a bug report to an OpenSSL mailing list. @@ -396,10 +390,6 @@ on the command line is no guarantee that the certificate works. If there are problems verifying a server certificate then the B<-showcerts> option can be used to show the whole chain. -Since the SSLv23 client hello cannot include compression methods or extensions -these will only be supported if its use is disabled, for example by using the -B<-no_sslv2> option. - The B<s_client> utility is a test tool and is designed to continue the handshake after any certificate verification errors. As a result it will accept any certificate chain (trusted or not) sent by the peer. None test diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index 3085944e4b..1cc965f3e9 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -64,10 +64,8 @@ B<openssl> B<s_server> [B<-serverpref>] [B<-quiet>] [B<-no_tmp_rsa>] -[B<-ssl2>] [B<-ssl3>] [B<-tls1>] -[B<-no_ssl2>] [B<-no_ssl3>] [B<-no_tls1>] [B<-no_dhe>] @@ -279,11 +277,11 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. -=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> +=item B<-ssl3>, B<-tls1>, B<-no_ssl3>, B<-no_tls1> these options disable the use of certain SSL or TLS protocols. By default the initial handshake uses a method which should be compatible with all -servers and permit them to use SSL v3, SSL v2 or TLS as appropriate. +servers and permit them to use SSL v3 or TLS as appropriate. =item B<-bugs> diff --git a/doc/apps/s_time.pod b/doc/apps/s_time.pod index 5a38aa2e03..b8dad09a03 100644 --- a/doc/apps/s_time.pod +++ b/doc/apps/s_time.pod @@ -19,7 +19,6 @@ B<openssl> B<s_time> [B<-verify depth>] [B<-nbio>] [B<-time seconds>] -[B<-ssl2>] [B<-ssl3>] [B<-bugs>] [B<-cipher cipherlist>] @@ -92,18 +91,17 @@ specified, they are both on by default and executed in sequence. turns on non-blocking I/O. -=item B<-ssl2>, B<-ssl3> +=item B<-ssl3> these options disable the use of certain SSL or TLS protocols. By default the initial handshake uses a method which should be compatible with all -servers and permit them to use SSL v3, SSL v2 or TLS as appropriate. +servers and permit them to use SSL v3 or TLS as appropriate. The timing program is not as rich in options to turn protocols on and off as the L<s_client(1)|s_client(1)> program and may not connect to all servers. Unfortunately there are a lot of ancient and broken servers in use which cannot handle this technique and will fail to connect. Some servers only -work if TLS is turned off with the B<-ssl3> option; others -will only support SSL v2 and may need the B<-ssl2> option. +work if TLS is turned off with the B<-ssl3> option. =item B<-bugs> @@ -137,7 +135,7 @@ which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command for details. If the handshake fails then there are several possible causes, if it is -nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>, +nothing obvious like no client certificate then the B<-bugs> and B<-ssl3> options can be tried in case it is a buggy server. In particular you should play with these options B<before> submitting a bug report to an OpenSSL mailing list. diff --git a/doc/apps/sess_id.pod b/doc/apps/sess_id.pod index fb5ce12962..a8b0ef09eb 100644 --- a/doc/apps/sess_id.pod +++ b/doc/apps/sess_id.pod @@ -92,7 +92,7 @@ Theses are described below in more detail. =item B<Protocol> -this is the protocol in use TLSv1, SSLv3 or SSLv2. +this is the protocol in use TLSv1.2, TLSv1.1, TLSv1 or SSLv3. =item B<Cipher> @@ -111,10 +111,6 @@ the session ID context in hex format. this is the SSL session master key. -=item B<Key-Arg> - -the key argument, this is only used in SSL v2. - =item B<Start Time> this is the session start time represented as an integer in standard Unix format. diff --git a/doc/ssl/SSL_CIPHER_get_name.pod b/doc/ssl/SSL_CIPHER_get_name.pod index 2048bfb8a1..ec7011efe9 100644 --- a/doc/ssl/SSL_CIPHER_get_name.pod +++ b/doc/ssl/SSL_CIPHER_get_name.pod @@ -25,7 +25,7 @@ chosen algorithm. If B<cipher> is NULL, 0 is returned. SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. -This is currently B<SSLv2> or B<TLSv1/SSLv3>. +This is currently B<TLSv1/SSLv3>. In some cases it should possibly return "TLSv1.2" but does not; use SSL_CIPHER_description() instead. If B<cipher> is NULL, "(NONE)" is returned. @@ -56,7 +56,7 @@ Textual representation of the cipher name. =item <protocol version> -Protocol version: B<SSLv2>, B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are +Protocol version: B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are flagged with SSLv3. No new ciphers were added by TLSv1.1. =item Kx=<key exchange> diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod index f96d8d941d..90a20d6c49 100644 --- a/doc/ssl/SSL_CONF_cmd.pod +++ b/doc/ssl/SSL_CONF_cmd.pod @@ -109,10 +109,10 @@ Attempts to use the file B<value> as the set of temporary DH parameters for the appropriate context. This option is only supported if certificate operations are permitted. -=item B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> +=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> -Disables protocol support for SSLv2, SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2 -by setting the corresponding options B<SSL_OP_NO_SSL2>, B<SSL_OP_NO_SSL3>, +Disables protocol support for SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2 +by setting the corresponding options B<SSL_OP_NO_SSL3>, B<SSL_OP_NO_TLS1>, B<SSL_OP_NO_TLS1_1> and B<SSL_OP_NO_TLS1_2> respectively. =item B<-bugs> @@ -259,7 +259,7 @@ The supported versions of the SSL or TLS protocol. The B<value> argument is a comma separated list of supported protocols to enable or disable. If an protocol is preceded by B<-> that version is disabled. All versions are enabled by default, though applications may choose to -explicitly disable some. Currently supported protocol values are B<SSLv2>, +explicitly disable some. Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1> and B<TLSv1.2>. The special value B<ALL> refers to all supported versions. @@ -435,4 +435,7 @@ L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)> SSL_CONF_cmd() was first added to OpenSSL 1.0.2 +B<SSL_OP_NO_SSL2> doesn't have effect anymore since 1.1.0 but the define is kept +for backward compatibility. + =cut diff --git a/doc/ssl/SSL_CTX_new.pod b/doc/ssl/SSL_CTX_new.pod index 7593cf60cf..0da3f7be8e 100644 --- a/doc/ssl/SSL_CTX_new.pod +++ b/doc/ssl/SSL_CTX_new.pod @@ -2,7 +2,7 @@ =head1 NAME -SSL_CTX_new, SSLv2_method, SSLv2_server_method, SSLv2_client_method, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method - create a new SSL_CTX object as framework for TLS/SSL enabled functions +SSL_CTX_new, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method - create a new SSL_CTX object as framework for TLS/SSL enabled functions =head1 SYNOPSIS @@ -23,14 +23,6 @@ client only type. B<method> can be of the following types: =over 4 -=item SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void) - -A TLS/SSL connection established with these methods will only understand -the SSLv2 protocol. A client will send out SSLv2 client hello messages -and will also indicate that it only understand SSLv2. A server will only -understand SSLv2 client hello messages. The SSLv2 protocol is deprecated -and very broken: its use is B<strongly> discouraged. - =item SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void) A TLS/SSL connection established with these methods will only understand the @@ -62,33 +54,25 @@ SSLv3 client hello messages. =item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void) -A TLS/SSL connection established with these methods may understand the SSLv2, +A TLS/SSL connection established with these methods may understand the SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols. -If the cipher list does not contain any SSLv2 ciphersuites (the default -cipher list does not) or extensions are required (for example server name) +If extensions are required (for example server name) a client will send out TLSv1 client hello messages including extensions and will indicate that it also understands TLSv1.1, TLSv1.2 and permits a fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols. This is the best choice when compatibility is a concern. -If any SSLv2 ciphersuites are included in the cipher list and no extensions -are required then SSLv2 compatible client hellos will be used by clients and -SSLv2 will be accepted by servers. This is B<not> recommended due to the -insecurity of SSLv2 and the limited nature of the SSLv2 client hello -prohibiting the use of extensions. - =back -The list of protocols available can later be limited using the SSL_OP_NO_SSLv2, +The list of protocols available can later be limited using the SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2 options of the SSL_CTX_set_options() or SSL_set_options() functions. Using these options it is possible to choose e.g. SSLv23_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLSv1, TLSv1.1 or TLS v1.2. -Applications which never want to support SSLv2 (even is the cipher string -is configured to use SSLv2 ciphersuites) can set SSL_OP_NO_SSLv2. +Applications which never want to support SSLv3 can set SSL_OP_NO_SSLv3. SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to its default @@ -111,6 +95,11 @@ The return value points to an allocated SSL_CTX object. =back +=head1 HISTORY + +SSLv2_method, SSLv2_server_method and SSLv2_client_method where removed in +OpenSSL 1.1.0. + =head1 SEE ALSO L<SSL_CTX_free(3)|SSL_CTX_free(3)>, L<SSL_accept(3)|SSL_accept(3)>, diff --git a/doc/ssl/SSL_CTX_set_cipher_list.pod b/doc/ssl/SSL_CTX_set_cipher_list.pod index 8b41917334..c2c349f65e 100644 --- a/doc/ssl/SSL_CTX_set_cipher_list.pod +++ b/doc/ssl/SSL_CTX_set_cipher_list.pod @@ -54,10 +54,6 @@ of 512 bits and the server is not configured to use temporary RSA keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated and the handshake will fail. -If the cipher list does not contain any SSLv2 cipher suites (this is the -default) then SSLv2 is effectively disabled and neither clients nor servers -will attempt to use SSLv2. - =head1 RETURN VALUES SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher diff --git a/doc/ssl/SSL_CTX_set_generate_session_id.pod b/doc/ssl/SSL_CTX_set_generate_session_id.pod index 798e8443a7..cd72572b27 100644 --- a/doc/ssl/SSL_CTX_set_generate_session_id.pod +++ b/doc/ssl/SSL_CTX_set_generate_session_id.pod @@ -32,9 +32,8 @@ of the parent context of B<ssl>. When a new session is established between client and server, the server generates a session id. The session id is an arbitrary sequence of bytes. -The length of the session id is 16 bytes for SSLv2 sessions and between -1 and 32 bytes for SSLv3/TLSv1. The session id is not security critical -but must be unique for the server. Additionally, the session id is +The length of the session id is between 1 and 32 bytes. The session id is not +security critical but must be unique for the server. Additionally, the session id is transmitted in the clear when reusing the session so it must not contain sensitive information. @@ -51,21 +50,14 @@ The callback is only allowed to generate a shorter id and reduce B<id_len>; the callback B<must never> increase B<id_len> or write to the location B<id> exceeding the given limit. -If a SSLv2 session id is generated and B<id_len> is reduced, it will be -restored after the callback has finished and the session id will be padded -with 0x00. It is not recommended to change the B<id_len> for SSLv2 sessions. -The callback can use the L<SSL_get_version(3)|SSL_get_version(3)> function -to check, whether the session is of type SSLv2. - The location B<id> is filled with 0x00 before the callback is called, so the callback may only fill part of the possible length and leave B<id_len> untouched while maintaining reproducibility. Since the sessions must be distinguished, session ids must be unique. Without the callback a random number is used, so that the probability -of generating the same session id is extremely small (2^128 possible ids -for an SSLv2 session, 2^256 for SSLv3/TLSv1). In order to assure the -uniqueness of the generated session id, the callback must call +of generating the same session id is extremely small (2^256 for SSLv3/TLSv1). +In order to assure the uniqueness of the generated session id, the callback must call SSL_has_matching_session_id() and generate another id if a conflict occurs. If an id conflict is not resolved, the handshake will fail. If the application codes e.g. a unique host id, a unique process number, and @@ -85,10 +77,6 @@ Collisions can also occur when using an external session cache, since the external cache is not tested with SSL_has_matching_session_id() and the same race condition applies. -When calling SSL_has_matching_session_id() for an SSLv2 session with -reduced B<id_len>, the match operation will be performed using the -fixed length required and with a 0x00 padded id. - The callback must return 0 if it cannot generate a session id for whatever reason and return 1 on success. @@ -104,12 +92,6 @@ server id given, and will fill the rest with pseudo random bytes: unsigned int *id_len) { unsigned int count = 0; - const char *version; - - version = SSL_get_version(ssl); - if (!strcmp(version, "SSLv2")) - /* we must not change id_len */; - do { RAND_pseudo_bytes(id, *id_len); /* Prefix the session_id with the required prefix. NB: If our diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod index 65062ad68c..1594fb6eec 100644 --- a/doc/ssl/SSL_CTX_set_options.pod +++ b/doc/ssl/SSL_CTX_set_options.pod @@ -63,18 +63,11 @@ The following B<bug workaround> options are available: =item SSL_OP_MICROSOFT_SESS_ID_BUG -www.microsoft.com - when talking SSLv2, if session-id reuse is -performed, the session-id passed back in the server-finished message -is different from the one decided upon. +As of OpenSSL 1.0.0 this option has no effect. =item SSL_OP_NETSCAPE_CHALLENGE_BUG -Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte -challenge but then appears to only use 16 bytes when generating the -encryption keys. Using 16 bytes is ok but it should be ok to use 32. -According to the SSLv3 spec, one should use 32 bytes for the challenge -when operating in SSLv2/v3 compatibility mode, but as mentioned above, -this breaks this server so 16 bytes is the way to go. +As of OpenSSL 1.0.0 this option has no effect. =item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG diff --git a/doc/ssl/SSL_get_default_timeout.pod b/doc/ssl/SSL_get_default_timeout.pod index a648a9b82d..3a067fe892 100644 --- a/doc/ssl/SSL_get_default_timeout.pod +++ b/doc/ssl/SSL_get_default_timeout.pod @@ -24,7 +24,7 @@ L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, the hardcoded default timeout for the protocol will be used. SSL_get_default_timeout() return this hardcoded value, which is 300 seconds -for all currently supported protocols (SSLv2, SSLv3, and TLSv1). +for all currently supported protocols. =head1 RETURN VALUES diff --git a/doc/ssl/SSL_get_version.pod b/doc/ssl/SSL_get_version.pod index 9ae6f25508..b91bb47f78 100644 --- a/doc/ssl/SSL_get_version.pod +++ b/doc/ssl/SSL_get_version.pod @@ -21,10 +21,6 @@ The following strings can be returned: =over 4 -=item SSLv2 - -The connection uses the SSLv2 protocol. - =item SSLv3 The connection uses the SSLv3 protocol. diff --git a/doc/ssl/SSL_new.pod b/doc/ssl/SSL_new.pod index 25300e978f..f0774a57ae 100644 --- a/doc/ssl/SSL_new.pod +++ b/doc/ssl/SSL_new.pod @@ -14,7 +14,7 @@ SSL_new - create a new SSL structure for a connection SSL_new() creates a new B<SSL> structure which is needed to hold the data for a TLS/SSL connection. The new structure inherits the settings -of the underlying context B<ctx>: connection method (SSLv2/v3/TLSv1), +of the underlying context B<ctx>: connection method, options, verification settings, timeout settings. =head1 RETURN VALUES diff --git a/doc/ssl/SSL_shutdown.pod b/doc/ssl/SSL_shutdown.pod index efbff5a0a3..b2bf9cb1b8 100644 --- a/doc/ssl/SSL_shutdown.pod +++ b/doc/ssl/SSL_shutdown.pod @@ -60,9 +60,7 @@ SSL_get_shutdown() (see also L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> call. It is therefore recommended, to check the return value of SSL_shutdown() and call SSL_shutdown() again, if the bidirectional shutdown is not yet -complete (return value of the first call is 0). As the shutdown is not -specially handled in the SSLv2 protocol, SSL_shutdown() will succeed on -the first call. +complete (return value of the first call is 0). The behaviour of SSL_shutdown() additionally depends on the underlying BIO. diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod index 8d5b8c380e..ceb9766245 100644 --- a/doc/ssl/ssl.pod +++ b/doc/ssl/ssl.pod @@ -45,8 +45,8 @@ structures: =item B<SSL_METHOD> (SSL Method) That's a dispatch structure describing the internal B<ssl> library -methods/functions which implement the various protocol versions (SSLv1, SSLv2 -and TLSv1). It's needed to create an B<SSL_CTX>. +methods/functions which implement the various protocol versions (SSLv3 +TLSv1, ...). It's needed to create an B<SSL_CTX>. =item B<SSL_CIPHER> (SSL Cipher) @@ -105,8 +105,8 @@ it's already included by ssl.h>. =item B<ssl23.h> -That's the sub header file dealing with the combined use of the SSLv2 and -SSLv3 protocols. +That's the sub header file dealing with the combined use of different +protocol version. I<Usually you don't have to include it explicitly because it's already included by ssl.h>. @@ -130,18 +130,6 @@ protocol methods defined in B<SSL_METHOD> structures. =over 4 -=item const SSL_METHOD *B<SSLv2_client_method>(void); - -Constructor for the SSLv2 SSL_METHOD structure for a dedicated client. - -=item const SSL_METHOD *B<SSLv2_server_method>(void); - -Constructor for the SSLv2 SSL_METHOD structure for a dedicated server. - -=item const SSL_METHOD *B<SSLv2_method>(void); - -Constructor for the SSLv2 SSL_METHOD structure for combined client and server. - =item const SSL_METHOD *B<SSLv3_client_method>(void); Constructor for the SSLv3 SSL_METHOD structure for a dedicated client. @@ -189,7 +177,7 @@ I<alg_bits>) and the bits which are actually used (the return value). =item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher); Return the internal name of I<cipher> as a string. These are the various -strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx> +strings defined by the I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx> definitions in the header files. =item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher); @@ -758,5 +746,8 @@ L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)> The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2 +B<SSLv2_client_method>, B<SSLv2_server_method> and B<SSLv2_method> where removed +in OpenSSL 1.1.0. + =cut diff --git a/makevms.com b/makevms.com index d5a25264b1..37e1e3ce18 100755 --- a/makevms.com +++ b/makevms.com @@ -300,7 +300,6 @@ $ CONFIG_LOGICALS := AES,- SHA512,- SOCK,- SRP,- - SSL2,- SSL_INTERN,- STACK,- STATIC_ENGINE,- @@ -330,10 +329,8 @@ $! algos part. $ CONFIG_DISABLE_RULES := RIJNDAEL/AES;- DES/MDC2;- EC/ECDSA,ECDH;- - MD5/SSL2,SSL3,TLS1;- + MD5/SSL3,TLS1;- SHA/SSL3,TLS1;- - RSA/SSL2;- - RSA,DSA/SSL2;- DH/SSL3,TLS1;- TLS1/TLSEXT;- EC/GOST;- diff --git a/ms/test.bat b/ms/test.bat index f490546ebb..d0b60600e2 100755 --- a/ms/test.bat +++ b/ms/test.bat @@ -77,22 +77,6 @@ if errorlevel 1 goto done set SSL_TEST=ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -CAfile certCA.ss -echo test sslv2 -ssltest -ssl2 -if errorlevel 1 goto done - -echo test sslv2 with server authentication -%SSL_TEST% -ssl2 -server_auth -if errorlevel 1 goto done - -echo test sslv2 with client authentication -%SSL_TEST% -ssl2 -client_auth -if errorlevel 1 goto done - -echo test sslv2 with both client and server authentication -%SSL_TEST% -ssl2 -server_auth -client_auth -if errorlevel 1 goto done - echo test sslv3 ssltest -ssl3 if errorlevel 1 goto done @@ -125,26 +109,10 @@ echo test sslv2/sslv3 with both client and server authentication %SSL_TEST% -server_auth -client_auth if errorlevel 1 goto done -echo test sslv2 via BIO pair -ssltest -bio_pair -ssl2 -if errorlevel 1 goto done - echo test sslv2/sslv3 with 1024 bit DHE via BIO pair ssltest -bio_pair -dhe1024dsa -v if errorlevel 1 goto done -echo test sslv2 with server authentication via BIO pair -%SSL_TEST% -bio_pair -ssl2 -server_auth -if errorlevel 1 goto done - -echo test sslv2 with client authentication via BIO pair -%SSL_TEST% -bio_pair -ssl2 -client_auth -if errorlevel 1 goto done - -echo test sslv2 with both client and server authentication via BIO pair -%SSL_TEST% -bio_pair -ssl2 -server_auth -client_auth -if errorlevel 1 goto done - echo test sslv3 via BIO pair ssltest -bio_pair -ssl3 if errorlevel 1 goto done diff --git a/ms/testce.bat b/ms/testce.bat index 2ab010be6a..8de94a43b2 100644 --- a/ms/testce.bat +++ b/ms/testce.bat @@ -123,22 +123,6 @@ cecopy ssltest.exe CE:\OpenSSL cecopy ..\apps\server.pem CE:\OpenSSL cecopy ..\apps\client.pem CE:\OpenSSL -echo test sslv2 -cerun CE:\OpenSSL\ssltest -ssl2 -if errorlevel 1 goto done - -echo test sslv2 with server authentication -cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp -if errorlevel 1 goto done - -echo test sslv2 with client authentication -cerun CE:\OpenSSL\ssltest -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp -if errorlevel 1 goto done - -echo test sslv2 with both client and server authentication -cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp -if errorlevel 1 goto done - echo test sslv3 cerun CE:\OpenSSL\ssltest -ssl3 if errorlevel 1 goto done @@ -171,26 +155,10 @@ echo test sslv2/sslv3 with both client and server authentication cerun CE:\OpenSSL\ssltest -server_auth -client_auth -CAfile \OpenSSL\cert.tmp if errorlevel 1 goto done -echo test sslv2 via BIO pair -cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -if errorlevel 1 goto done - echo test sslv2/sslv3 with 1024 bit DHE via BIO pair cerun CE:\OpenSSL\ssltest -bio_pair -dhe1024dsa -v if errorlevel 1 goto done -echo test sslv2 with server authentication via BIO pair -cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp -if errorlevel 1 goto done - -echo test sslv2 with client authentication via BIO pair -cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp -if errorlevel 1 goto done - -echo test sslv2 with both client and server authentication via BIO pair -cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp -if errorlevel 1 goto done - echo test sslv3 via BIO pair cerun CE:\OpenSSL\ssltest -bio_pair -ssl3 if errorlevel 1 goto done diff --git a/ssl/Makefile b/ssl/Makefile index 739e1ea793..ebbdedc7f4 100644 --- a/ssl/Makefile +++ b/ssl/Makefile @@ -21,7 +21,6 @@ APPS= LIB=$(TOP)/libssl.a SHARED_LIB= libssl$(SHLIB_EXT) LIBSRC= \ - s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \ s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s3_cbc.c \ s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_ext.c \ @@ -32,7 +31,6 @@ LIBSRC= \ ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \ bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c LIBOBJ= \ - s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \ s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \ t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o t1_ext.o \ @@ -386,126 +384,6 @@ s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h -s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h -s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h -s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h -s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h -s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c -s2_enc.o: ssl_locl.h -s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h -s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h -s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h -s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h -s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c -s2_meth.o: ssl_locl.h -s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h -s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c -s2_pkt.o: ssl_locl.h -s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h -s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h -s2_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s2_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s2_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h -s2_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h -s2_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h -s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s2_srvr.o: ../include/openssl/x509_vfy.h s2_srvr.c ssl_locl.h s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c index 42c3d6861f..37b3e23784 100644 --- a/ssl/s23_clnt.c +++ b/ssl/s23_clnt.c @@ -121,10 +121,6 @@ static int ssl23_client_hello(SSL *s); static int ssl23_get_server_hello(SSL *s); static const SSL_METHOD *ssl23_get_client_method(int ver) { -#ifndef OPENSSL_NO_SSL2 - if (ver == SSL2_VERSION) - return(SSLv2_client_method()); -#endif #ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_client_method()); @@ -256,24 +252,6 @@ end: return(ret); } -static int ssl23_no_ssl2_ciphers(SSL *s) - { - SSL_CIPHER *cipher; - STACK_OF(SSL_CIPHER) *ciphers; - int i; - ssl_set_client_disabled(s); - ciphers = SSL_get_ciphers(s); - for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) - { - cipher = sk_SSL_CIPHER_value(ciphers, i); - if (ssl_cipher_disabled(s, cipher, SSL_SECOP_CIPHER_SUPPORTED)) - continue; - if (cipher->algorithm_ssl == SSL_SSLV2) - return 0; - } - return 1; - } - /* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 * on failure, 1 on success. */ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len) @@ -300,9 +278,8 @@ static int ssl23_client_hello(SSL *s) { unsigned char *buf; unsigned char *p,*d; - int i,ch_len; + int i; unsigned long l; - int ssl2_compat; int version = 0, version_major, version_minor; int al = 0; #ifndef OPENSSL_NO_COMP @@ -312,13 +289,6 @@ static int ssl23_client_hello(SSL *s) int ret; unsigned long mask, options = s->options; - ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1; - - if (ssl2_compat && !ssl_security(s, SSL_SECOP_SSL2_COMPAT, 0, 0, NULL)) - ssl2_compat = 0; - if (ssl2_compat && ssl23_no_ssl2_ciphers(s)) - ssl2_compat = 0; - /* * SSL_OP_NO_X disables all protocols above X *if* there are * some protocols below X enabled. This is required in order @@ -331,9 +301,6 @@ static int ssl23_client_hello(SSL *s) #if !defined(OPENSSL_NO_SSL3) |SSL_OP_NO_SSLv3 #endif -#if !defined(OPENSSL_NO_SSL2) - |(ssl2_compat?SSL_OP_NO_SSLv2:0) -#endif ; #if !defined(OPENSSL_NO_TLS1_2_CLIENT) version = TLS1_2_VERSION; @@ -352,28 +319,6 @@ static int ssl23_client_hello(SSL *s) version = SSL3_VERSION; mask &= ~SSL_OP_NO_SSLv3; #endif -#if !defined(OPENSSL_NO_SSL2) - if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask) - version = SSL2_VERSION; -#endif - -#ifndef OPENSSL_NO_TLSEXT - if (version != SSL2_VERSION) - { - /* have to disable SSL 2.0 compatibility if we need TLS extensions */ - - if (s->tlsext_hostname != NULL) - ssl2_compat = 0; - if (s->tlsext_status_type != -1) - ssl2_compat = 0; -#ifdef TLSEXT_TYPE_opaque_prf_input - if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL) - ssl2_compat = 0; -#endif - if (s->cert->cli_ext.meths_count != 0) - ssl2_compat = 0; - } -#endif buf=(unsigned char *)s->init_buf->data; if (s->state == SSL23_ST_CW_CLNT_HELLO_A) @@ -424,11 +369,6 @@ static int ssl23_client_hello(SSL *s) version_major = SSL3_VERSION_MAJOR; version_minor = SSL3_VERSION_MINOR; } - else if (version == SSL2_VERSION) - { - version_major = SSL2_VERSION_MAJOR; - version_minor = SSL2_VERSION_MINOR; - } else { SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE); @@ -437,169 +377,105 @@ static int ssl23_client_hello(SSL *s) s->client_version = version; - if (ssl2_compat) - { - /* create SSL 2.0 compatible Client Hello */ + /* create Client Hello in SSL 3.0/TLS 1.0 format */ - /* two byte record header will be written last */ - d = &(buf[2]); - p = d + 9; /* leave space for message type, version, individual length fields */ + /* do the record header (5 bytes) and handshake message header (4 bytes) last */ + d = p = &(buf[9]); + + *(p++) = version_major; + *(p++) = version_minor; - *(d++) = SSL2_MT_CLIENT_HELLO; - *(d++) = version_major; - *(d++) = version_minor; - - /* Ciphers supported */ - i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p,0); - if (i == 0) - { - /* no ciphers */ - SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); - return -1; - } - s2n(i,d); - p+=i; - - /* put in the session-id length (zero since there is no reuse) */ -#if 0 - s->session->session_id_length=0; -#endif - s2n(0,d); - - if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) - ch_len=SSL2_CHALLENGE_LENGTH; - else - ch_len=SSL2_MAX_CHALLENGE_LENGTH; - - /* write out sslv2 challenge */ - /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), - because it is one of SSL2_MAX_CHALLENGE_LENGTH (32) - or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the - check in for futurproofing */ - if (SSL3_RANDOM_SIZE < ch_len) - i=SSL3_RANDOM_SIZE; - else - i=ch_len; - s2n(i,d); - memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); - if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0) - return -1; - - memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); - p+=i; - - i= p- &(buf[2]); - buf[0]=((i>>8)&0xff)|0x80; - buf[1]=(i&0xff); - - /* number of bytes to write */ - s->init_num=i+2; - s->init_off=0; - - ssl3_finish_mac(s,&(buf[2]),i); - } - else - { - /* create Client Hello in SSL 3.0/TLS 1.0 format */ - - /* do the record header (5 bytes) and handshake message header (4 bytes) last */ - d = p = &(buf[9]); - - *(p++) = version_major; - *(p++) = version_minor; + /* Random stuff */ + memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE); + p += SSL3_RANDOM_SIZE; - /* Random stuff */ - memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE); - p += SSL3_RANDOM_SIZE; + /* Session ID (zero since there is no reuse) */ + *(p++) = 0; - /* Session ID (zero since there is no reuse) */ - *(p++) = 0; - - /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */ - i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char); - if (i == 0) - { - SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); - return -1; - } + /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */ + i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char); + if (i == 0) + { + SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); + return -1; + } #ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH - /* Some servers hang if client hello > 256 bytes - * as hack workaround chop number of supported ciphers - * to keep it well below this if we use TLS v1.2 - */ - if (TLS1_get_version(s) >= TLS1_2_VERSION - && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH) - i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1; + /* Some servers hang if client hello > 256 bytes + * as hack workaround chop number of supported ciphers + * to keep it well below this if we use TLS v1.2 + */ + if (TLS1_get_version(s) >= TLS1_2_VERSION + && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH) + i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1; #endif - s2n(i,p); - p+=i; + s2n(i,p); + p+=i; - /* COMPRESSION */ + /* COMPRESSION */ #ifdef OPENSSL_NO_COMP - *(p++)=1; + *(p++)=1; #else - if (!ssl_allow_compression(s) || !s->ctx->comp_methods) - j=0; - else - j=sk_SSL_COMP_num(s->ctx->comp_methods); - *(p++)=1+j; - for (i=0; i<j; i++) - { - comp=sk_SSL_COMP_value(s->ctx->comp_methods,i); - *(p++)=comp->id; - } + if (!ssl_allow_compression(s) || !s->ctx->comp_methods) + j=0; + else + j=sk_SSL_COMP_num(s->ctx->comp_methods); + *(p++)=1+j; + for (i=0; i<j; i++) + { + comp=sk_SSL_COMP_value(s->ctx->comp_methods,i); + *(p++)=comp->id; + } #endif - *(p++)=0; /* Add the NULL method */ + *(p++)=0; /* Add the NULL method */ #ifndef OPENSSL_NO_TLSEXT - /* TLS extensions*/ - if (ssl_prepare_clienthello_tlsext(s) <= 0) - { - SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); - return -1; - } - if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) - { - ssl3_send_alert(s,SSL3_AL_FATAL,al); - SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); - return -1; - } + /* TLS extensions*/ + if (ssl_prepare_clienthello_tlsext(s) <= 0) + { + SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); + return -1; + } + if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) + { + ssl3_send_alert(s,SSL3_AL_FATAL,al); + SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); + return -1; + } #endif - - l = p-d; + + l = p-d; - /* fill in 4-byte handshake header */ - d=&(buf[5]); - *(d++)=SSL3_MT_CLIENT_HELLO; - l2n3(l,d); + /* fill in 4-byte handshake header */ + d=&(buf[5]); + *(d++)=SSL3_MT_CLIENT_HELLO; + l2n3(l,d); - l += 4; + l += 4; - if (l > SSL3_RT_MAX_PLAIN_LENGTH) - { - SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); - return -1; - } - - /* fill in 5-byte record header */ - d=buf; - *(d++) = SSL3_RT_HANDSHAKE; - *(d++) = version_major; - /* Some servers hang if we use long client hellos - * and a record number > TLS 1.0. - */ - if (TLS1_get_client_version(s) > TLS1_VERSION) - *(d++) = 1; - else - *(d++) = version_minor; - s2n((int)l,d); - - /* number of bytes to write */ - s->init_num=p-buf; - s->init_off=0; - - ssl3_finish_mac(s,&(buf[5]), s->init_num - 5); + if (l > SSL3_RT_MAX_PLAIN_LENGTH) + { + SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); + return -1; } + + /* fill in 5-byte record header */ + d=buf; + *(d++) = SSL3_RT_HANDSHAKE; + *(d++) = version_major; + /* Some servers hang if we use long client hellos + * and a record number > TLS 1.0. + */ + if (TLS1_get_client_version(s) > TLS1_VERSION) + *(d++) = 1; + else + *(d++) = version_minor; + s2n((int)l,d); + + /* number of bytes to write */ + s->init_num=p-buf; + s->init_off=0; + + ssl3_finish_mac(s,&(buf[5]), s->init_num - 5); s->state=SSL23_ST_CW_CLNT_HELLO_B; s->init_off=0; @@ -611,14 +487,8 @@ static int ssl23_client_hello(SSL *s) if ((ret >= 2) && s->msg_callback) { /* Client Hello has been sent; tell msg_callback */ - - if (ssl2_compat) - s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); - else - { - s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5, s, s->msg_callback_arg); - s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg); - } + s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5, s, s->msg_callback_arg); + s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg); } return ret; @@ -638,78 +508,7 @@ static int ssl23_get_server_hello(SSL *s) memcpy(buf,p,n); - if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && - (p[5] == 0x00) && (p[6] == 0x02)) - { -#ifdef OPENSSL_NO_SSL2 - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); - goto err; -#else - /* we are talking sslv2 */ - /* we need to clean up the SSLv3 setup and put in the - * sslv2 stuff. */ - int ch_len; - - if (s->options & SSL_OP_NO_SSLv2) - { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); - goto err; - } - if (s->s2 == NULL) - { - if (!ssl2_new(s)) - goto err; - } - else - ssl2_clear(s); - - if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) - ch_len=SSL2_CHALLENGE_LENGTH; - else - ch_len=SSL2_MAX_CHALLENGE_LENGTH; - - /* write out sslv2 challenge */ - /* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because - it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or - SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for - futurproofing */ - i=(SSL3_RANDOM_SIZE < ch_len) - ?SSL3_RANDOM_SIZE:ch_len; - s->s2->challenge_length=i; - memcpy(s->s2->challenge, - &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); - - if (s->s3 != NULL) ssl3_free(s); - - if (!BUF_MEM_grow_clean(s->init_buf, - SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) - { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); - goto err; - } - - s->state=SSL2_ST_GET_SERVER_HELLO_A; - if (!(s->client_version == SSL2_VERSION)) - /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */ - s->s2->ssl2_rollback=1; - - /* setup the 7 bytes we have read so we get them from - * the sslv2 buffer */ - s->rstate=SSL_ST_READ_HEADER; - s->packet_length=n; - s->packet= &(s->s2->rbuf[0]); - memcpy(s->packet,buf,n); - s->s2->rbuf_left=n; - s->s2->rbuf_offs=0; - - /* we have already written one */ - s->s2->write_sequence=1; - - s->method=SSLv2_client_method(); - s->handshake_func=s->method->ssl_connect; -#endif - } - else if (p[1] == SSL3_VERSION_MAJOR && + if (p[1] == SSL3_VERSION_MAJOR && p[2] <= TLS1_2_VERSION_MINOR && ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) || (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c index f3c29d1dde..961159939e 100644 --- a/ssl/s23_lib.c +++ b/ssl/s23_lib.c @@ -67,46 +67,26 @@ long ssl23_default_timeout(void) int ssl23_num_ciphers(void) { - return(ssl3_num_ciphers() -#ifndef OPENSSL_NO_SSL2 - + ssl2_num_ciphers() -#endif - ); + return(ssl3_num_ciphers()); } const SSL_CIPHER *ssl23_get_cipher(unsigned int u) { - unsigned int uu=ssl3_num_ciphers(); - - if (u < uu) - return(ssl3_get_cipher(u)); - else -#ifndef OPENSSL_NO_SSL2 - return(ssl2_get_cipher(u-uu)); -#else - return(NULL); -#endif + return(ssl3_get_cipher(u)); } /* This function needs to check if the ciphers required are actually * available */ const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) { - const SSL_CIPHER *cp; - - cp=ssl3_get_cipher_by_char(p); -#ifndef OPENSSL_NO_SSL2 - if (cp == NULL) - cp=ssl2_get_cipher_by_char(p); -#endif - return(cp); + return(ssl3_get_cipher_by_char(p)); } int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) { long l; - /* We can write SSLv2 and SSLv3 ciphers */ + /* We can write SSLv3 ciphers */ /* but no ECC ciphers */ if (c->algorithm_mkey == SSL_kECDHr || c->algorithm_mkey == SSL_kECDHe || diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c index 40eae0f0be..bf4736d3ab 100644 --- a/ssl/s23_meth.c +++ b/ssl/s23_meth.c @@ -63,11 +63,6 @@ static const SSL_METHOD *ssl23_get_method(int ver); static const SSL_METHOD *ssl23_get_method(int ver) { -#ifndef OPENSSL_NO_SSL2 - if (ver == SSL2_VERSION) - return(SSLv2_method()); - else -#endif #ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_method()); diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 858420dbef..cc91cc2ef4 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -123,10 +123,6 @@ static const SSL_METHOD *ssl23_get_server_method(int ver); int ssl23_get_client_hello(SSL *s); static const SSL_METHOD *ssl23_get_server_method(int ver) { -#ifndef OPENSSL_NO_SSL2 - if (ver == SSL2_VERSION) - return(SSLv2_server_method()); -#endif #ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_server_method()); @@ -236,7 +232,6 @@ end: return(ret); } - int ssl23_get_client_hello(SSL *s) { char buf_space[11]; /* Request this many bytes in initial read. @@ -283,8 +278,6 @@ int ssl23_get_client_hello(SSL *s) { v[0]=p[3]; v[1]=p[4]; /* SSLv2 */ - if (!(s->options & SSL_OP_NO_SSLv2)) - type=1; } else if (p[3] == SSL3_VERSION_MAJOR) { @@ -317,10 +310,6 @@ int ssl23_get_client_hello(SSL *s) /* type=2; */ s->state=SSL23_ST_SR_CLNT_HELLO_B; } - else if (!(s->options & SSL_OP_NO_SSLv2)) - { - type=1; - } } else if (!(s->options & SSL_OP_NO_SSLv3)) { @@ -328,9 +317,6 @@ int ssl23_get_client_hello(SSL *s) /* type=2; */ s->state=SSL23_ST_SR_CLNT_HELLO_B; } - else if (!(s->options & SSL_OP_NO_SSLv2)) - type=1; - } } else if ((p[0] == SSL3_RT_HANDSHAKE) && @@ -564,54 +550,6 @@ int ssl23_get_client_hello(SSL *s) /* imaginary new state (for program structure): */ /* s->state = SSL23_SR_CLNT_HELLO_C */ - if (type == 1) - { -#ifdef OPENSSL_NO_SSL2 - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); - goto err; -#else - /* we are talking sslv2 */ - /* we need to clean up the SSLv3/TLSv1 setup and put in the - * sslv2 stuff. */ - - if (s->s2 == NULL) - { - if (!ssl2_new(s)) - goto err; - } - else - ssl2_clear(s); - - if (s->s3 != NULL) ssl3_free(s); - - if (!BUF_MEM_grow_clean(s->init_buf, - SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) - { - goto err; - } - - s->state=SSL2_ST_GET_CLIENT_HELLO_A; - if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3) - s->s2->ssl2_rollback=0; - else - /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 - * (SSL 3.0 draft/RFC 2246, App. E.2) */ - s->s2->ssl2_rollback=1; - - /* setup the n bytes we have read so we get them from - * the sslv2 buffer */ - s->rstate=SSL_ST_READ_HEADER; - s->packet_length=n; - s->packet= &(s->s2->rbuf[0]); - memcpy(s->packet,buf,n); - s->s2->rbuf_left=n; - s->s2->rbuf_offs=0; - - s->method=SSLv2_server_method(); - s->handshake_func=s->method->ssl_accept; -#endif - } - if ((type == 2) || (type == 3)) { /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ @@ -655,8 +593,7 @@ int ssl23_get_client_hello(SSL *s) #endif s->handshake_func=s->method->ssl_accept; } - - if ((type < 1) || (type > 3)) + else { /* bad, very bad */ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c deleted file mode 100644 index fbbd529c0b..0000000000 --- a/ssl/s2_clnt.c +++ /dev/null @@ -1,1132 +0,0 @@ -/* ssl/s2_clnt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "ssl_locl.h" -#ifndef OPENSSL_NO_SSL2 -#include <stdio.h> -#include <openssl/rand.h> -#include <openssl/buffer.h> -#include <openssl/objects.h> -#include <openssl/evp.h> - -static const SSL_METHOD *ssl2_get_client_method(int ver); -static int get_server_finished(SSL *s); -static int get_server_verify(SSL *s); -static int get_server_hello(SSL *s); -static int client_hello(SSL *s); -static int client_master_key(SSL *s); -static int client_finished(SSL *s); -static int client_certificate(SSL *s); -static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, - unsigned char *to,int padding); -#define BREAK break - -static const SSL_METHOD *ssl2_get_client_method(int ver) - { - if (ver == SSL2_VERSION) - return(SSLv2_client_method()); - else - return(NULL); - } - -IMPLEMENT_ssl2_meth_func(SSLv2_client_method, - ssl_undefined_function, - ssl2_connect, - ssl2_get_client_method) - -int ssl2_connect(SSL *s) - { - unsigned long l=(unsigned long)time(NULL); - BUF_MEM *buf=NULL; - int ret= -1; - void (*cb)(const SSL *ssl,int type,int val)=NULL; - int new_state,state; - - RAND_add(&l,sizeof(l),0); - ERR_clear_error(); - clear_sys_error(); - - if (s->info_callback != NULL) - cb=s->info_callback; - else if (s->ctx->info_callback != NULL) - cb=s->ctx->info_callback; - - /* init things to blank */ - s->in_handshake++; - if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); - - for (;;) - { - state=s->state; - - switch (s->state) - { - case SSL_ST_BEFORE: - case SSL_ST_CONNECT: - case SSL_ST_BEFORE|SSL_ST_CONNECT: - case SSL_ST_OK|SSL_ST_CONNECT: - - s->server=0; - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); - - s->version=SSL2_VERSION; - s->type=SSL_ST_CONNECT; - - buf=s->init_buf; - if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) - { - ret= -1; - goto end; - } - if (!BUF_MEM_grow(buf, - SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) - { - if (buf == s->init_buf) - buf=NULL; - ret= -1; - goto end; - } - s->init_buf=buf; - buf=NULL; - s->init_num=0; - s->state=SSL2_ST_SEND_CLIENT_HELLO_A; - s->ctx->stats.sess_connect++; - s->handshake_func=ssl2_connect; - BREAK; - - case SSL2_ST_SEND_CLIENT_HELLO_A: - case SSL2_ST_SEND_CLIENT_HELLO_B: - s->shutdown=0; - ret=client_hello(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL2_ST_GET_SERVER_HELLO_A; - BREAK; - - case SSL2_ST_GET_SERVER_HELLO_A: - case SSL2_ST_GET_SERVER_HELLO_B: - ret=get_server_hello(s); - if (ret <= 0) goto end; - s->init_num=0; - if (!s->hit) /* new session */ - { - s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_A; - BREAK; - } - else - { - s->state=SSL2_ST_CLIENT_START_ENCRYPTION; - break; - } - - case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: - case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: - ret=client_master_key(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL2_ST_CLIENT_START_ENCRYPTION; - break; - - case SSL2_ST_CLIENT_START_ENCRYPTION: - /* Ok, we now have all the stuff needed to - * start encrypting, so lets fire it up :-) */ - if (!ssl2_enc_init(s,1)) - { - ret= -1; - goto end; - } - s->s2->clear_text=0; - s->state=SSL2_ST_SEND_CLIENT_FINISHED_A; - break; - - case SSL2_ST_SEND_CLIENT_FINISHED_A: - case SSL2_ST_SEND_CLIENT_FINISHED_B: - ret=client_finished(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL2_ST_GET_SERVER_VERIFY_A; - break; - - case SSL2_ST_GET_SERVER_VERIFY_A: - case SSL2_ST_GET_SERVER_VERIFY_B: - ret=get_server_verify(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL2_ST_GET_SERVER_FINISHED_A; - break; - - case SSL2_ST_GET_SERVER_FINISHED_A: - case SSL2_ST_GET_SERVER_FINISHED_B: - ret=get_server_finished(s); - if (ret <= 0) goto end; - break; - - case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: - case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: - case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: - case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: - case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: - ret=client_certificate(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL2_ST_GET_SERVER_FINISHED_A; - break; - - case SSL_ST_OK: - if (s->init_buf != NULL) - { - BUF_MEM_free(s->init_buf); - s->init_buf=NULL; - } - s->init_num=0; - /* ERR_clear_error();*/ - - /* If we want to cache session-ids in the client - * and we successfully add the session-id to the - * cache, and there is a callback, then pass it out. - * 26/11/96 - eay - only add if not a re-used session. - */ - - ssl_update_cache(s,SSL_SESS_CACHE_CLIENT); - if (s->hit) s->ctx->stats.sess_hit++; - - ret=1; - /* s->server=0; */ - s->ctx->stats.sess_connect_good++; - - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); - - goto end; - /* break; */ - default: - SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE); - return(-1); - /* break; */ - } - - if ((cb != NULL) && (s->state != state)) - { - new_state=s->state; - s->state=state; - cb(s,SSL_CB_CONNECT_LOOP,1); - s->state=new_state; - } - } -end: - s->in_handshake--; - if (buf != NULL) - BUF_MEM_free(buf); - if (cb != NULL) - cb(s,SSL_CB_CONNECT_EXIT,ret); - return(ret); - } - -static int get_server_hello(SSL *s) - { - unsigned char *buf; - unsigned char *p; - int i,j; - unsigned long len; - STACK_OF(SSL_CIPHER) *sk=NULL,*cl, *prio, *allow; - - buf=(unsigned char *)s->init_buf->data; - p=buf; - if (s->state == SSL2_ST_GET_SERVER_HELLO_A) - { - i=ssl2_read(s,(char *)&(buf[s->init_num]),11-s->init_num); - if (i < (11-s->init_num)) - return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i)); - s->init_num = 11; - - if (*(p++) != SSL2_MT_SERVER_HELLO) - { - if (p[-1] != SSL2_MT_ERROR) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_SERVER_HELLO, - SSL_R_READ_WRONG_PACKET_TYPE); - } - else - SSLerr(SSL_F_GET_SERVER_HELLO, - SSL_R_PEER_ERROR); - return(-1); - } -#if 0 - s->hit=(*(p++))?1:0; - /* Some [PPC?] compilers fail to increment p in above - statement, e.g. one provided with Rhapsody 5.5, but - most recent example XL C 11.1 for AIX, even without - optimization flag... */ -#else - s->hit=(*p)?1:0; p++; -#endif - s->s2->tmp.cert_type= *(p++); - n2s(p,i); - if (i < s->version) s->version=i; - n2s(p,i); s->s2->tmp.cert_length=i; - n2s(p,i); s->s2->tmp.csl=i; - n2s(p,i); s->s2->tmp.conn_id_length=i; - s->state=SSL2_ST_GET_SERVER_HELLO_B; - } - - /* SSL2_ST_GET_SERVER_HELLO_B */ - len = 11 + (unsigned long)s->s2->tmp.cert_length + (unsigned long)s->s2->tmp.csl + (unsigned long)s->s2->tmp.conn_id_length; - if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) - { - SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_MESSAGE_TOO_LONG); - return -1; - } - j = (int)len - s->init_num; - i = ssl2_read(s,(char *)&(buf[s->init_num]),j); - if (i != j) return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i)); - if (s->msg_callback) - s->msg_callback(0, s->version, 0, buf, (size_t)len, s, s->msg_callback_arg); /* SERVER-HELLO */ - - /* things are looking good */ - - p = buf + 11; - if (s->hit) - { - if (s->s2->tmp.cert_length != 0) - { - SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_LENGTH_NOT_ZERO); - return(-1); - } - if (s->s2->tmp.cert_type != 0) - { - if (!(s->options & - SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) - { - SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO); - return(-1); - } - } - if (s->s2->tmp.csl != 0) - { - SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CIPHER_LIST_NOT_ZERO); - return(-1); - } - } - else - { -#if 0 - /* very bad */ - memset(s->session->session_id,0, - SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES); - s->session->session_id_length=0; -#endif - - /* we need to do this in case we were trying to reuse a - * client session but others are already reusing it. - * If this was a new 'blank' session ID, the session-id - * length will still be 0 */ - if (s->session->session_id_length > 0) - { - if (!ssl_get_new_session(s,0)) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - return(-1); - } - } - - if (ssl2_set_certificate(s,s->s2->tmp.cert_type, - s->s2->tmp.cert_length,p) <= 0) - { - ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); - return(-1); - } - p+=s->s2->tmp.cert_length; - - if (s->s2->tmp.csl == 0) - { - ssl2_return_error(s,SSL2_PE_NO_CIPHER); - SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_LIST); - return(-1); - } - - /* We have just received a list of ciphers back from the - * server. We need to get the ones that match, then select - * the one we want the most :-). */ - - /* load the ciphers */ - sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl, - &s->session->ciphers); - p+=s->s2->tmp.csl; - if (sk == NULL) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE); - return(-1); - } - - (void)sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp); - - /* get the array of ciphers we will accept */ - cl=SSL_get_ciphers(s); - (void)sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp); - - /* - * If server preference flag set, choose the first - * (highest priority) cipher the server sends, otherwise - * client preference has priority. - */ - if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) - { - prio = sk; - allow = cl; - } - else - { - prio = cl; - allow = sk; - } - /* In theory we could have ciphers sent back that we - * don't want to use but that does not matter since we - * will check against the list we originally sent and - * for performance reasons we should not bother to match - * the two lists up just to check. */ - for (i=0; i<sk_SSL_CIPHER_num(prio); i++) - { - if (sk_SSL_CIPHER_find(allow, - sk_SSL_CIPHER_value(prio,i)) >= 0) - break; - } - - if (i >= sk_SSL_CIPHER_num(prio)) - { - ssl2_return_error(s,SSL2_PE_NO_CIPHER); - SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH); - return(-1); - } - s->session->cipher=sk_SSL_CIPHER_value(prio,i); - - - if (s->session->peer != NULL) /* can't happen*/ - { - ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR); - return(-1); - } - - s->session->peer = s->session->sess_cert->peer_key->x509; - /* peer_key->x509 has been set by ssl2_set_certificate. */ - CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509); - } - - if (s->session->sess_cert == NULL - || s->session->peer != s->session->sess_cert->peer_key->x509) - /* can't happen */ - { - ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR); - return(-1); - } - - s->s2->conn_id_length=s->s2->tmp.conn_id_length; - if (s->s2->conn_id_length > sizeof s->s2->conn_id) - { - ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG); - return -1; - } - memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); - return(1); - } - -static int client_hello(SSL *s) - { - unsigned char *buf; - unsigned char *p,*d; -/* CIPHER **cipher;*/ - int i,n,j; - - buf=(unsigned char *)s->init_buf->data; - if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) - { - if ((s->session == NULL) || - (s->session->ssl_version != s->version)) - { - if (!ssl_get_new_session(s,0)) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - return(-1); - } - } - /* else use the pre-loaded session */ - - p=buf; /* header */ - d=p+9; /* data section */ - *(p++)=SSL2_MT_CLIENT_HELLO; /* type */ - s2n(SSL2_VERSION,p); /* version */ - n=j=0; - - n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d,0); - d+=n; - - if (n == 0) - { - SSLerr(SSL_F_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); - return(-1); - } - - s2n(n,p); /* cipher spec num bytes */ - - if ((s->session->session_id_length > 0) && - (s->session->session_id_length <= - SSL2_MAX_SSL_SESSION_ID_LENGTH)) - { - i=s->session->session_id_length; - s2n(i,p); /* session id length */ - memcpy(d,s->session->session_id,(unsigned int)i); - d+=i; - } - else - { - s2n(0,p); - } - - s->s2->challenge_length=SSL2_CHALLENGE_LENGTH; - s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */ - /*challenge id data*/ - if (RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0) - return -1; - memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH); - d+=SSL2_CHALLENGE_LENGTH; - - s->state=SSL2_ST_SEND_CLIENT_HELLO_B; - s->init_num=d-buf; - s->init_off=0; - } - /* SSL2_ST_SEND_CLIENT_HELLO_B */ - return(ssl2_do_write(s)); - } - -static int client_master_key(SSL *s) - { - unsigned char *buf; - unsigned char *p,*d; - int clear,enc,karg,i; - SSL_SESSION *sess; - const EVP_CIPHER *c; - const EVP_MD *md; - - buf=(unsigned char *)s->init_buf->data; - if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) - { - - if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL, 0)) - { - ssl2_return_error(s,SSL2_PE_NO_CIPHER); - SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); - return(-1); - } - sess=s->session; - p=buf; - d=p+10; - *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */ - - i=ssl_put_cipher_by_char(s,sess->cipher,p); - p+=i; - - /* make key_arg data */ - i=EVP_CIPHER_iv_length(c); - sess->key_arg_length=i; - if (i > SSL_MAX_KEY_ARG_LENGTH) - { - ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); - return -1; - } - if (i > 0) - if (RAND_pseudo_bytes(sess->key_arg,i) <= 0) - return -1; - - /* make a master key */ - i=EVP_CIPHER_key_length(c); - sess->master_key_length=i; - if (i > 0) - { - if (i > (int)sizeof(sess->master_key)) - { - ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); - return -1; - } - if (RAND_bytes(sess->master_key,i) <= 0) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - return(-1); - } - } - - if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) - enc=8; - else if (SSL_C_IS_EXPORT(sess->cipher)) - enc=5; - else - enc=i; - - if ((int)i < enc) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR); - return(-1); - } - clear=i-enc; - s2n(clear,p); - memcpy(d,sess->master_key,(unsigned int)clear); - d+=clear; - - enc=ssl_rsa_public_encrypt(sess->sess_cert,enc, - &(sess->master_key[clear]),d, - (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); - if (enc <= 0) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR); - return(-1); - } -#ifdef PKCS1_CHECK - if (s->options & SSL_OP_PKCS1_CHECK_1) d[1]++; - if (s->options & SSL_OP_PKCS1_CHECK_2) - sess->master_key[clear]++; -#endif - s2n(enc,p); - d+=enc; - karg=sess->key_arg_length; - s2n(karg,p); /* key arg size */ - if (karg > (int)sizeof(sess->key_arg)) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); - return -1; - } - memcpy(d,sess->key_arg,(unsigned int)karg); - d+=karg; - - s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B; - s->init_num=d-buf; - s->init_off=0; - } - - /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */ - return(ssl2_do_write(s)); - } - -static int client_finished(SSL *s) - { - unsigned char *p; - - if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) - { - p=(unsigned char *)s->init_buf->data; - *(p++)=SSL2_MT_CLIENT_FINISHED; - if (s->s2->conn_id_length > sizeof s->s2->conn_id) - { - SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); - return -1; - } - memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length); - - s->state=SSL2_ST_SEND_CLIENT_FINISHED_B; - s->init_num=s->s2->conn_id_length+1; - s->init_off=0; - } - return(ssl2_do_write(s)); - } - -/* read the data and then respond */ -static int client_certificate(SSL *s) - { - unsigned char *buf; - unsigned char *p,*d; - int i; - unsigned int n; - int cert_ch_len; - unsigned char *cert_ch; - - buf=(unsigned char *)s->init_buf->data; - - /* We have a cert associated with the SSL, so attach it to - * the session if it does not have one */ - - if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) - { - i=ssl2_read(s,(char *)&(buf[s->init_num]), - SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num); - if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num)) - return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i)); - s->init_num += i; - if (s->msg_callback) - s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* REQUEST-CERTIFICATE */ - - /* type=buf[0]; */ - /* type eq x509 */ - if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) - { - ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); - SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_AUTHENTICATION_TYPE); - return(-1); - } - - if ((s->cert == NULL) || - (s->cert->key->x509 == NULL) || - (s->cert->key->privatekey == NULL)) - { - s->state=SSL2_ST_X509_GET_CLIENT_CERTIFICATE; - } - else - s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C; - } - - cert_ch = buf + 2; - cert_ch_len = s->init_num - 2; - - if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) - { - X509 *x509=NULL; - EVP_PKEY *pkey=NULL; - - /* If we get an error we need to - * ssl->rwstate=SSL_X509_LOOKUP; - * return(error); - * We should then be retried when things are ok and we - * can get a cert or not */ - - i=0; - if (s->ctx->client_cert_cb != NULL) - { - i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); - } - - if (i < 0) - { - s->rwstate=SSL_X509_LOOKUP; - return(-1); - } - s->rwstate=SSL_NOTHING; - - if ((i == 1) && (pkey != NULL) && (x509 != NULL)) - { - s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C; - if ( !SSL_use_certificate(s,x509) || - !SSL_use_PrivateKey(s,pkey)) - { - i=0; - } - X509_free(x509); - EVP_PKEY_free(pkey); - } - else if (i == 1) - { - if (x509 != NULL) X509_free(x509); - if (pkey != NULL) EVP_PKEY_free(pkey); - SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); - i=0; - } - - if (i == 0) - { - /* We have no client certificate to respond with - * so send the correct error message back */ - s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_B; - p=buf; - *(p++)=SSL2_MT_ERROR; - s2n(SSL2_PE_NO_CERTIFICATE,p); - s->init_off=0; - s->init_num=3; - /* Write is done at the end */ - } - } - - if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) - { - return(ssl2_do_write(s)); - } - - if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) - { - EVP_MD_CTX ctx; - - /* ok, now we calculate the checksum - * do it first so we can reuse buf :-) */ - p=buf; - EVP_MD_CTX_init(&ctx); - EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL); - EVP_SignUpdate(&ctx,s->s2->key_material, - s->s2->key_material_length); - EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); - i=i2d_X509(s->session->sess_cert->peer_key->x509,&p); - /* Don't update the signature if it fails - FIXME: probably should handle this better */ - if(i > 0) - EVP_SignUpdate(&ctx,buf,(unsigned int)i); - - p=buf; - d=p+6; - *(p++)=SSL2_MT_CLIENT_CERTIFICATE; - *(p++)=SSL2_CT_X509_CERTIFICATE; - n=i2d_X509(s->cert->key->x509,&d); - s2n(n,p); - - if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey)) - { - /* this is not good. If things have failed it - * means there so something wrong with the key. - * We will continue with a 0 length signature - */ - } - EVP_MD_CTX_cleanup(&ctx); - s2n(n,p); - d+=n; - - s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_D; - s->init_num=d-buf; - s->init_off=0; - } - /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */ - return(ssl2_do_write(s)); - } - -static int get_server_verify(SSL *s) - { - unsigned char *p; - int i, n, len; - - p=(unsigned char *)s->init_buf->data; - if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) - { - i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); - if (i < (1-s->init_num)) - return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i)); - s->init_num += i; - - s->state= SSL2_ST_GET_SERVER_VERIFY_B; - if (*p != SSL2_MT_SERVER_VERIFY) - { - if (p[0] != SSL2_MT_ERROR) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_SERVER_VERIFY, - SSL_R_READ_WRONG_PACKET_TYPE); - } - else - { - SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_PEER_ERROR); - /* try to read the error message */ - i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); - return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); - } - return(-1); - } - } - - p=(unsigned char *)s->init_buf->data; - len = 1 + s->s2->challenge_length; - n = len - s->init_num; - i = ssl2_read(s,(char *)&(p[s->init_num]),n); - if (i < n) - return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i)); - if (s->msg_callback) - s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */ - p += 1; - - if (CRYPTO_memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT); - return(-1); - } - return(1); - } - -static int get_server_finished(SSL *s) - { - unsigned char *buf; - unsigned char *p; - int i, n, len; - - buf=(unsigned char *)s->init_buf->data; - p=buf; - if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) - { - i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num); - if (i < (1-s->init_num)) - return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i)); - s->init_num += i; - - if (*p == SSL2_MT_REQUEST_CERTIFICATE) - { - s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_A; - return(1); - } - else if (*p != SSL2_MT_SERVER_FINISHED) - { - if (p[0] != SSL2_MT_ERROR) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE); - } - else - { - SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR); - /* try to read the error message */ - i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); - return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); - } - return(-1); - } - s->state=SSL2_ST_GET_SERVER_FINISHED_B; - } - - len = 1 + SSL2_SSL_SESSION_ID_LENGTH; - n = len - s->init_num; - i = ssl2_read(s,(char *)&(buf[s->init_num]), n); - if (i < n) /* XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH, that's the maximum */ - return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i)); - s->init_num += i; - if (s->msg_callback) - s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s, s->msg_callback_arg); /* SERVER-FINISHED */ - - if (!s->hit) /* new session */ - { - /* new session-id */ - /* Make sure we were not trying to re-use an old SSL_SESSION - * or bad things can happen */ - /* ZZZZZZZZZZZZZ */ - s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; - memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH); - } - else - { - if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) - { - if ((s->session->session_id_length > sizeof s->session->session_id) - || (0 != memcmp(buf + 1, s->session->session_id, - (unsigned int)s->session->session_id_length))) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT); - return(-1); - } - } - } - s->state = SSL_ST_OK; - return(1); - } - -/* loads in the certificate from the server */ -int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data) - { - STACK_OF(X509) *sk=NULL; - EVP_PKEY *pkey=NULL; - SESS_CERT *sc=NULL; - int i; - X509 *x509=NULL; - int ret=0; - - x509=d2i_X509(NULL,&data,(long)len); - if (x509 == NULL) - { - SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_X509_LIB); - goto err; - } - - if ((sk=sk_X509_new_null()) == NULL || !sk_X509_push(sk,x509)) - { - SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE); - goto err; - } - - i=ssl_verify_cert_chain(s,sk); - - if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) - { - SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED); - goto err; - } - ERR_clear_error(); /* but we keep s->verify_result */ - s->session->verify_result = s->verify_result; - - if (i > 1) - { - SSLerr(SSL_F_SSL2_SET_CERTIFICATE, i); - goto err; - } - - /* server's cert for this session */ - sc=ssl_sess_cert_new(); - if (sc == NULL) - { - ret= -1; - goto err; - } - if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert); - s->session->sess_cert=sc; - - sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509=x509; - sc->peer_key= &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]); - - pkey=X509_get_pubkey(x509); - x509=NULL; - if (pkey == NULL) - { - SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY); - goto err; - } - if (pkey->type != EVP_PKEY_RSA) - { - SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_PUBLIC_KEY_NOT_RSA); - goto err; - } - - if (!ssl_set_peer_cert_type(sc,SSL2_CT_X509_CERTIFICATE)) - goto err; - ret=1; -err: - sk_X509_free(sk); - X509_free(x509); - EVP_PKEY_free(pkey); - return(ret); - } - -static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, - unsigned char *to, int padding) - { - EVP_PKEY *pkey=NULL; - int i= -1; - - if ((sc == NULL) || (sc->peer_key->x509 == NULL) || - ((pkey=X509_get_pubkey(sc->peer_key->x509)) == NULL)) - { - SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY); - return(-1); - } - if (pkey->type != EVP_PKEY_RSA) - { - SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA); - goto end; - } - - /* we have the public key */ - i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding); - if (i < 0) - SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB); -end: - EVP_PKEY_free(pkey); - return(i); - } -#else /* !OPENSSL_NO_SSL2 */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c deleted file mode 100644 index 329006a7c9..0000000000 --- a/ssl/s2_enc.c +++ /dev/null @@ -1,197 +0,0 @@ -/* ssl/s2_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "ssl_locl.h" -#ifndef OPENSSL_NO_SSL2 -#include <stdio.h> - -int ssl2_enc_init(SSL *s, int client) - { - /* Max number of bytes needed */ - EVP_CIPHER_CTX *rs,*ws; - const EVP_CIPHER *c; - const EVP_MD *md; - int num; - - if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL, 0)) - { - ssl2_return_error(s,SSL2_PE_NO_CIPHER); - SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); - return(0); - } - ssl_replace_hash(&s->read_hash,md); - ssl_replace_hash(&s->write_hash,md); - - if ((s->enc_read_ctx == NULL) && - ((s->enc_read_ctx=(EVP_CIPHER_CTX *) - OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) - goto err; - - /* make sure it's intialized in case the malloc for enc_write_ctx fails - * and we exit with an error */ - rs= s->enc_read_ctx; - EVP_CIPHER_CTX_init(rs); - - if ((s->enc_write_ctx == NULL) && - ((s->enc_write_ctx=(EVP_CIPHER_CTX *) - OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) - goto err; - - ws= s->enc_write_ctx; - EVP_CIPHER_CTX_init(ws); - - num=c->key_len; - s->s2->key_material_length=num*2; - OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material); - - if (ssl2_generate_key_material(s) <= 0) - return 0; - - OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg)); - EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]), - s->session->key_arg); - EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]), - s->session->key_arg); - s->s2->read_key= &(s->s2->key_material[(client)?0:num]); - s->s2->write_key= &(s->s2->key_material[(client)?num:0]); - return(1); -err: - SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE); - return(0); - } - -/* read/writes from s->s2->mac_data using length for encrypt and - * decrypt. It sets s->s2->padding and s->[rw]length - * if we are encrypting - * Returns 0 on error and 1 on success */ -int ssl2_enc(SSL *s, int send) - { - EVP_CIPHER_CTX *ds; - unsigned long l; - int bs; - - if (send) - { - ds=s->enc_write_ctx; - l=s->s2->wlength; - } - else - { - ds=s->enc_read_ctx; - l=s->s2->rlength; - } - - /* check for NULL cipher */ - if (ds == NULL) return 1; - - - bs=ds->cipher->block_size; - /* This should be using (bs-1) and bs instead of 7 and 8, but - * what the hell. */ - if (bs == 8) - l=(l+7)/8*8; - - if(EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l) < 1) - return 0; - - return 1; - } - -void ssl2_mac(SSL *s, unsigned char *md, int send) - { - EVP_MD_CTX c; - unsigned char sequence[4],*p,*sec,*act; - unsigned long seq; - unsigned int len; - - if (send) - { - seq=s->s2->write_sequence; - sec=s->s2->write_key; - len=s->s2->wact_data_length; - act=s->s2->wact_data; - } - else - { - seq=s->s2->read_sequence; - sec=s->s2->read_key; - len=s->s2->ract_data_length; - act=s->s2->ract_data; - } - - p= &(sequence[0]); - l2n(seq,p); - - /* There has to be a MAC algorithm. */ - EVP_MD_CTX_init(&c); - EVP_MD_CTX_copy(&c, s->read_hash); - EVP_DigestUpdate(&c,sec, - EVP_CIPHER_CTX_key_length(s->enc_read_ctx)); - EVP_DigestUpdate(&c,act,len); - /* the above line also does the pad data */ - EVP_DigestUpdate(&c,sequence,4); - EVP_DigestFinal_ex(&c,md,NULL); - EVP_MD_CTX_cleanup(&c); - } -#else /* !OPENSSL_NO_SSL2 */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c deleted file mode 100644 index 41818dc6e8..0000000000 --- a/ssl/s2_lib.c +++ /dev/null @@ -1,555 +0,0 @@ -/* ssl/s2_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "ssl_locl.h" -#ifndef OPENSSL_NO_SSL2 -#include <stdio.h> -#include <openssl/objects.h> -#include <openssl/evp.h> -#include <openssl/md5.h> - -const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT; - -#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) - -/* list of available SSLv2 ciphers (sorted by id) */ -OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={ -#if 0 -/* NULL_WITH_MD5 v3 */ - { - 1, - SSL2_TXT_NULL_WITH_MD5, - SSL2_CK_NULL_WITH_MD5, - SSL_kRSA, - SSL_aRSA, - SSL_eNULL, - SSL_MD5, - SSL_SSLV2, - SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE, - 0, - 0, - 0, - }, -#endif - -/* RC4_128_WITH_MD5 */ - { - 1, - SSL2_TXT_RC4_128_WITH_MD5, - SSL2_CK_RC4_128_WITH_MD5, - SSL_kRSA, - SSL_aRSA, - SSL_RC4, - SSL_MD5, - SSL_SSLV2, - SSL_NOT_EXP|SSL_MEDIUM, - 0, - 128, - 128, - }, - -/* RC4_128_EXPORT40_WITH_MD5 */ - { - 1, - SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, - SSL2_CK_RC4_128_EXPORT40_WITH_MD5, - SSL_kRSA, - SSL_aRSA, - SSL_RC4, - SSL_MD5, - SSL_SSLV2, - SSL_EXPORT|SSL_EXP40, - SSL2_CF_5_BYTE_ENC, - 40, - 128, - }, - -/* RC2_128_CBC_WITH_MD5 */ - { - 1, - SSL2_TXT_RC2_128_CBC_WITH_MD5, - SSL2_CK_RC2_128_CBC_WITH_MD5, - SSL_kRSA, - SSL_aRSA, - SSL_RC2, - SSL_MD5, - SSL_SSLV2, - SSL_NOT_EXP|SSL_MEDIUM, - 0, - 128, - 128, - }, - -/* RC2_128_CBC_EXPORT40_WITH_MD5 */ - { - 1, - SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, - SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, - SSL_kRSA, - SSL_aRSA, - SSL_RC2, - SSL_MD5, - SSL_SSLV2, - SSL_EXPORT|SSL_EXP40, - SSL2_CF_5_BYTE_ENC, - 40, - 128, - }, - -#ifndef OPENSSL_NO_IDEA -/* IDEA_128_CBC_WITH_MD5 */ - { - 1, - SSL2_TXT_IDEA_128_CBC_WITH_MD5, - SSL2_CK_IDEA_128_CBC_WITH_MD5, - SSL_kRSA, - SSL_aRSA, - SSL_IDEA, - SSL_MD5, - SSL_SSLV2, - SSL_NOT_EXP|SSL_MEDIUM, - 0, - 128, - 128, - }, -#endif - -/* DES_64_CBC_WITH_MD5 */ - { - 1, - SSL2_TXT_DES_64_CBC_WITH_MD5, - SSL2_CK_DES_64_CBC_WITH_MD5, - SSL_kRSA, - SSL_aRSA, - SSL_DES, - SSL_MD5, - SSL_SSLV2, - SSL_NOT_EXP|SSL_LOW, - 0, - 56, - 56, - }, - -/* DES_192_EDE3_CBC_WITH_MD5 */ - { - 1, - SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, - SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, - SSL_kRSA, - SSL_aRSA, - SSL_3DES, - SSL_MD5, - SSL_SSLV2, - SSL_NOT_EXP|SSL_HIGH, - 0, - 112, - 168, - }, - -#if 0 -/* RC4_64_WITH_MD5 */ - { - 1, - SSL2_TXT_RC4_64_WITH_MD5, - SSL2_CK_RC4_64_WITH_MD5, - SSL_kRSA, - SSL_aRSA, - SSL_RC4, - SSL_MD5, - SSL_SSLV2, - SSL_NOT_EXP|SSL_LOW, - SSL2_CF_8_BYTE_ENC, - 64, - 64, - }, -#endif - -#if 0 -/* NULL SSLeay (testing) */ - { - 0, - SSL2_TXT_NULL, - SSL2_CK_NULL, - 0, - 0, - 0, - 0, - SSL_SSLV2, - SSL_STRONG_NONE, - 0, - 0, - 0, - }, -#endif - -/* end of list :-) */ - }; - -long ssl2_default_timeout(void) - { - return(300); - } - -int ssl2_num_ciphers(void) - { - return(SSL2_NUM_CIPHERS); - } - -const SSL_CIPHER *ssl2_get_cipher(unsigned int u) - { - if (u < SSL2_NUM_CIPHERS) - return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u])); - else - return(NULL); - } - -int ssl2_pending(const SSL *s) - { - return SSL_in_init(s) ? 0 : s->s2->ract_data_length; - } - -int ssl2_new(SSL *s) - { - SSL2_STATE *s2; - - if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err; - memset(s2,0,sizeof *s2); - -#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2 -# error "assertion failed" -#endif - - if ((s2->rbuf=OPENSSL_malloc( - SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; - /* wbuf needs one byte more because when using two-byte headers, - * we leave the first byte unused in do_ssl_write (s2_pkt.c) */ - if ((s2->wbuf=OPENSSL_malloc( - SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err; - s->s2=s2; - - ssl2_clear(s); - return(1); -err: - if (s2 != NULL) - { - if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); - if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); - OPENSSL_free(s2); - } - return(0); - } - -void ssl2_free(SSL *s) - { - SSL2_STATE *s2; - - if(s == NULL) - return; - - s2=s->s2; - if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); - if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); - OPENSSL_cleanse(s2,sizeof *s2); - OPENSSL_free(s2); - s->s2=NULL; - } - -void ssl2_clear(SSL *s) - { - SSL2_STATE *s2; - unsigned char *rbuf,*wbuf; - - s2=s->s2; - - rbuf=s2->rbuf; - wbuf=s2->wbuf; - - memset(s2,0,sizeof *s2); - - s2->rbuf=rbuf; - s2->wbuf=wbuf; - s2->clear_text=1; - s->packet=s2->rbuf; - s->version=SSL2_VERSION; - s->packet_length=0; - } - -long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg) - { - int ret=0; - - switch(cmd) - { - case SSL_CTRL_GET_SESSION_REUSED: - ret=s->hit; - break; - case SSL_CTRL_CHECK_PROTO_VERSION: - return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg); - default: - break; - } - return(ret); - } - -long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) - { - return(0); - } - -long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) - { - return(0); - } - -long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) - { - return(0); - } - -/* This function needs to check if the ciphers required are actually - * available */ -const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) - { - SSL_CIPHER c; - const SSL_CIPHER *cp; - unsigned long id; - - id=0x02000000L|((unsigned long)p[0]<<16L)| - ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; - c.id=id; - cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS); - return cp; - } - -int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) - { - long l; - - if (p != NULL) - { - l=c->id; - if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV) return(0); - p[0]=((unsigned char)(l>>16L))&0xFF; - p[1]=((unsigned char)(l>> 8L))&0xFF; - p[2]=((unsigned char)(l ))&0xFF; - } - return(3); - } - -int ssl2_generate_key_material(SSL *s) - { - unsigned int i; - EVP_MD_CTX ctx; - unsigned char *km; - unsigned char c='0'; - const EVP_MD *md5; - int md_size; - - md5 = EVP_md5(); - -#ifdef CHARSET_EBCDIC - c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', - see SSLv2 docu */ -#endif - EVP_MD_CTX_init(&ctx); - km=s->s2->key_material; - - if (s->session->master_key_length < 0 || - s->session->master_key_length > (int)sizeof(s->session->master_key)) - { - SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); - return 0; - } - md_size = EVP_MD_size(md5); - if (md_size < 0) - return 0; - for (i=0; i<s->s2->key_material_length; i += md_size) - { - if (((km - s->s2->key_material) + md_size) > - (int)sizeof(s->s2->key_material)) - { - /* EVP_DigestFinal_ex() below would write beyond buffer */ - SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); - return 0; - } - - EVP_DigestInit_ex(&ctx, md5, NULL); - - OPENSSL_assert(s->session->master_key_length >= 0 - && s->session->master_key_length - < (int)sizeof(s->session->master_key)); - EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); - EVP_DigestUpdate(&ctx,&c,1); - c++; - EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length); - EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length); - EVP_DigestFinal_ex(&ctx,km,NULL); - km += md_size; - } - - EVP_MD_CTX_cleanup(&ctx); - return 1; - } - -void ssl2_return_error(SSL *s, int err) - { - if (!s->error) - { - s->error=3; - s->error_code=err; - - ssl2_write_error(s); - } - } - - -void ssl2_write_error(SSL *s) - { - unsigned char buf[3]; - int i,error; - - buf[0]=SSL2_MT_ERROR; - buf[1]=(s->error_code>>8)&0xff; - buf[2]=(s->error_code)&0xff; - -/* state=s->rwstate;*/ - - error=s->error; /* number of bytes left to write */ - s->error=0; - OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf)); - i=ssl2_write(s,&(buf[3-error]),error); - -/* if (i == error) s->rwstate=state; */ - - if (i < 0) - s->error=error; - else - { - s->error=error-i; - - if (s->error == 0) - if (s->msg_callback) - s->msg_callback(1, s->version, 0, buf, 3, s, s->msg_callback_arg); /* ERROR */ - } - } - -int ssl2_shutdown(SSL *s) - { - s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); - return(1); - } -#else /* !OPENSSL_NO_SSL2 */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/ssl/s2_meth.c b/ssl/s2_meth.c deleted file mode 100644 index f0e8ca593d..0000000000 --- a/ssl/s2_meth.c +++ /dev/null @@ -1,84 +0,0 @@ -/* ssl/s2_meth.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "ssl_locl.h" -#ifndef OPENSSL_NO_SSL2 -#include <stdio.h> -#include <openssl/objects.h> - -static const SSL_METHOD *ssl2_get_method(int ver); -static const SSL_METHOD *ssl2_get_method(int ver) - { - if (ver == SSL2_VERSION) - return(SSLv2_method()); - else - return(NULL); - } - -IMPLEMENT_ssl2_meth_func(SSLv2_method, - ssl2_accept, - ssl2_connect, - ssl2_get_method) - -#else /* !OPENSSL_NO_SSL2 */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c deleted file mode 100644 index acd61dc546..0000000000 --- a/ssl/s2_pkt.c +++ /dev/null @@ -1,748 +0,0 @@ -/* ssl/s2_pkt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "ssl_locl.h" -#ifndef OPENSSL_NO_SSL2 -#include <stdio.h> -#include <errno.h> -#define USE_SOCKETS - -static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); -static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); -static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); -static int ssl_mt_error(int n); - - -/* SSL 2.0 imlementation for SSL_read/SSL_peek - - * This routine will return 0 to len bytes, decrypted etc if required. - */ -static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) - { - int n; - unsigned char mac[MAX_MAC_SIZE]; - unsigned char *p; - int i; - int mac_size; - - ssl2_read_again: - if (SSL_in_init(s) && !s->in_handshake) - { - n=s->handshake_func(s); - if (n < 0) return(n); - if (n == 0) - { - SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - } - - clear_sys_error(); - s->rwstate=SSL_NOTHING; - if (len <= 0) return(len); - - if (s->s2->ract_data_length != 0) /* read from buffer */ - { - if (len > s->s2->ract_data_length) - n=s->s2->ract_data_length; - else - n=len; - - memcpy(buf,s->s2->ract_data,(unsigned int)n); - if (!peek) - { - s->s2->ract_data_length-=n; - s->s2->ract_data+=n; - if (s->s2->ract_data_length == 0) - s->rstate=SSL_ST_READ_HEADER; - } - - return(n); - } - - /* s->s2->ract_data_length == 0 - * - * Fill the buffer, then goto ssl2_read_again. - */ - - if (s->rstate == SSL_ST_READ_HEADER) - { - if (s->first_packet) - { - n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0); - if (n <= 0) return(n); /* error or non-blocking */ - s->first_packet=0; - p=s->packet; - if (!((p[0] & 0x80) && ( - (p[2] == SSL2_MT_CLIENT_HELLO) || - (p[2] == SSL2_MT_SERVER_HELLO)))) - { - SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_NON_SSLV2_INITIAL_PACKET); - return(-1); - } - } - else - { - n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0); - if (n <= 0) return(n); /* error or non-blocking */ - } - /* part read stuff */ - - s->rstate=SSL_ST_READ_BODY; - p=s->packet; - /* Do header */ - /*s->s2->padding=0;*/ - s->s2->escape=0; - s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]); - if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */ - { - s->s2->three_byte_header=0; - s->s2->rlength&=TWO_BYTE_MASK; - } - else - { - s->s2->three_byte_header=1; - s->s2->rlength&=THREE_BYTE_MASK; - - /* security >s2->escape */ - s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0; - } - } - - if (s->rstate == SSL_ST_READ_BODY) - { - n=s->s2->rlength+2+s->s2->three_byte_header; - if (n > (int)s->packet_length) - { - n-=s->packet_length; - i=read_n(s,(unsigned int)n,(unsigned int)n,1); - if (i <= 0) return(i); /* ERROR */ - } - - p= &(s->packet[2]); - s->rstate=SSL_ST_READ_HEADER; - if (s->s2->three_byte_header) - s->s2->padding= *(p++); - else s->s2->padding=0; - - /* Data portion */ - if (s->s2->clear_text) - { - mac_size = 0; - s->s2->mac_data=p; - s->s2->ract_data=p; - if (s->s2->padding) - { - SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); - return(-1); - } - } - else - { - mac_size=EVP_MD_CTX_size(s->read_hash); - if (mac_size < 0) - return -1; - OPENSSL_assert(mac_size <= MAX_MAC_SIZE); - s->s2->mac_data=p; - s->s2->ract_data= &p[mac_size]; - if (s->s2->padding + mac_size > s->s2->rlength) - { - SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_ILLEGAL_PADDING); - return(-1); - } - } - - s->s2->ract_data_length=s->s2->rlength; - /* added a check for length > max_size in case - * encryption was not turned on yet due to an error */ - if ((!s->s2->clear_text) && - (s->s2->rlength >= (unsigned int)mac_size)) - { - if(!ssl2_enc(s,0)) - { - SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_DECRYPTION_FAILED); - return(-1); - } - s->s2->ract_data_length-=mac_size; - ssl2_mac(s,mac,0); - s->s2->ract_data_length-=s->s2->padding; - if ( (CRYPTO_memcmp(mac,s->s2->mac_data,mac_size) != 0) || - (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) - { - SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE); - return(-1); - } - } - INC32(s->s2->read_sequence); /* expect next number */ - /* s->s2->ract_data is now available for processing */ - - /* Possibly the packet that we just read had 0 actual data bytes. - * (SSLeay/OpenSSL itself never sends such packets; see ssl2_write.) - * In this case, returning 0 would be interpreted by the caller - * as indicating EOF, so it's not a good idea. Instead, we just - * continue reading; thus ssl2_read_internal may have to process - * multiple packets before it can return. - * - * [Note that using select() for blocking sockets *never* guarantees - * that the next SSL_read will not block -- the available - * data may contain incomplete packets, and except for SSL 2, - * renegotiation can confuse things even more.] */ - - goto ssl2_read_again; /* This should really be - * "return ssl2_read(s,buf,len)", - * but that would allow for - * denial-of-service attacks if a - * C compiler is used that does not - * recognize end-recursion. */ - } - else - { - SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_STATE); - return(-1); - } - } - -int ssl2_read(SSL *s, void *buf, int len) - { - return ssl2_read_internal(s, buf, len, 0); - } - -int ssl2_peek(SSL *s, void *buf, int len) - { - return ssl2_read_internal(s, buf, len, 1); - } - -static int read_n(SSL *s, unsigned int n, unsigned int max, - unsigned int extend) - { - int i,off,newb; - - /* if there is stuff still in the buffer from a previous read, - * and there is more than we want, take some. */ - if (s->s2->rbuf_left >= (int)n) - { - if (extend) - s->packet_length+=n; - else - { - s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]); - s->packet_length=n; - } - s->s2->rbuf_left-=n; - s->s2->rbuf_offs+=n; - return(n); - } - - if (!s->read_ahead) max=n; - if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) - max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2; - - - /* Else we want more than we have. - * First, if there is some left or we want to extend */ - off=0; - if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) - { - newb=s->s2->rbuf_left; - if (extend) - { - off=s->packet_length; - if (s->packet != s->s2->rbuf) - memcpy(s->s2->rbuf,s->packet, - (unsigned int)newb+off); - } - else if (s->s2->rbuf_offs != 0) - { - memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]), - (unsigned int)newb); - s->s2->rbuf_offs=0; - } - s->s2->rbuf_left=0; - } - else - newb=0; - - /* off is the offset to start writing too. - * r->s2->rbuf_offs is the 'unread data', now 0. - * newb is the number of new bytes so far - */ - s->packet=s->s2->rbuf; - while (newb < (int)n) - { - clear_sys_error(); - if (s->rbio != NULL) - { - s->rwstate=SSL_READING; - i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]), - max-newb); - } - else - { - SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET); - i= -1; - } -#ifdef PKT_DEBUG - if (s->debug & 0x01) sleep(1); -#endif - if (i <= 0) - { - s->s2->rbuf_left+=newb; - return(i); - } - newb+=i; - } - - /* record unread data */ - if (newb > (int)n) - { - s->s2->rbuf_offs=n+off; - s->s2->rbuf_left=newb-n; - } - else - { - s->s2->rbuf_offs=0; - s->s2->rbuf_left=0; - } - if (extend) - s->packet_length+=n; - else - s->packet_length=n; - s->rwstate=SSL_NOTHING; - return(n); - } - -int ssl2_write(SSL *s, const void *_buf, int len) - { - const unsigned char *buf=_buf; - unsigned int n,tot; - int i; - - if (SSL_in_init(s) && !s->in_handshake) - { - i=s->handshake_func(s); - if (i < 0) return(i); - if (i == 0) - { - SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - } - - if (s->error) - { - ssl2_write_error(s); - if (s->error) - return(-1); - } - - clear_sys_error(); - s->rwstate=SSL_NOTHING; - if (len <= 0) return(len); - - tot=s->s2->wnum; - s->s2->wnum=0; - - n=(len-tot); - for (;;) - { - i=n_do_ssl_write(s,&(buf[tot]),n); - if (i <= 0) - { - s->s2->wnum=tot; - return(i); - } - if ((i == (int)n) || - (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) - { - return(tot+i); - } - - n-=i; - tot+=i; - } - } - -static int write_pending(SSL *s, const unsigned char *buf, unsigned int len) - { - int i; - - /* s->s2->wpend_len != 0 MUST be true. */ - - /* check that they have given us the same buffer to - * write */ - if ((s->s2->wpend_tot > (int)len) || - ((s->s2->wpend_buf != buf) && - !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) - { - SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); - return(-1); - } - - for (;;) - { - clear_sys_error(); - if (s->wbio != NULL) - { - s->rwstate=SSL_WRITING; - i=BIO_write(s->wbio, - (char *)&(s->s2->write_ptr[s->s2->wpend_off]), - (unsigned int)s->s2->wpend_len); - } - else - { - SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET); - i= -1; - } -#ifdef PKT_DEBUG - if (s->debug & 0x01) sleep(1); -#endif - if (i == s->s2->wpend_len) - { - s->s2->wpend_len=0; - s->rwstate=SSL_NOTHING; - return(s->s2->wpend_ret); - } - else if (i <= 0) - return(i); - s->s2->wpend_off+=i; - s->s2->wpend_len-=i; - } - } - -static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) - { - unsigned int j,k,olen,p,bs; - int mac_size; - register unsigned char *pp; - - olen=len; - - /* first check if there is data from an encryption waiting to - * be sent - it must be sent because the other end is waiting. - * This will happen with non-blocking IO. We print it and then - * return. - */ - if (s->s2->wpend_len != 0) return(write_pending(s,buf,len)); - - /* set mac_size to mac size */ - if (s->s2->clear_text) - mac_size=0; - else - { - mac_size=EVP_MD_CTX_size(s->write_hash); - if (mac_size < 0) - return -1; - } - - /* lets set the pad p */ - if (s->s2->clear_text) - { - if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) - len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; - p=0; - s->s2->three_byte_header=0; - /* len=len; */ - } - else - { - bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx); - j=len+mac_size; - /* Two-byte headers allow for a larger record length than - * three-byte headers, but we can't use them if we need - * padding or if we have to set the escape bit. */ - if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) && - (!s->s2->escape)) - { - if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER) - j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER; - /* set k to the max number of bytes with 2 - * byte header */ - k=j-(j%bs); - /* how many data bytes? */ - len=k-mac_size; - s->s2->three_byte_header=0; - p=0; - } - else if ((bs <= 1) && (!s->s2->escape)) - { - /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus - * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */ - s->s2->three_byte_header=0; - p=0; - } - else /* we may have to use a 3 byte header */ - { - /* If s->s2->escape is not set, then - * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus - * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */ - p=(j%bs); - p=(p == 0)?0:(bs-p); - if (s->s2->escape) - { - s->s2->three_byte_header=1; - if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) - j=SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER; - } - else - s->s2->three_byte_header=(p == 0)?0:1; - } - } - - /* Now - * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER - * holds, and if s->s2->three_byte_header is set, then even - * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER. - */ - - /* mac_size is the number of MAC bytes - * len is the number of data bytes we are going to send - * p is the number of padding bytes - * (if it is a two-byte header, then p == 0) */ - - s->s2->wlength=len; - s->s2->padding=p; - s->s2->mac_data= &(s->s2->wbuf[3]); - s->s2->wact_data= &(s->s2->wbuf[3+mac_size]); - /* we copy the data into s->s2->wbuf */ - memcpy(s->s2->wact_data,buf,len); - if (p) - memset(&(s->s2->wact_data[len]),0,p); /* arbitrary padding */ - - if (!s->s2->clear_text) - { - s->s2->wact_data_length=len+p; - ssl2_mac(s,s->s2->mac_data,1); - s->s2->wlength+=p+mac_size; - if(ssl2_enc(s,1) < 1) - return -1; - } - - /* package up the header */ - s->s2->wpend_len=s->s2->wlength; - if (s->s2->three_byte_header) /* 3 byte header */ - { - pp=s->s2->mac_data; - pp-=3; - pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8); - if (s->s2->escape) pp[0]|=SEC_ESC_BIT; - pp[1]=s->s2->wlength&0xff; - pp[2]=s->s2->padding; - s->s2->wpend_len+=3; - } - else - { - pp=s->s2->mac_data; - pp-=2; - pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT; - pp[1]=s->s2->wlength&0xff; - s->s2->wpend_len+=2; - } - s->s2->write_ptr=pp; - - INC32(s->s2->write_sequence); /* expect next number */ - - /* lets try to actually write the data */ - s->s2->wpend_tot=olen; - s->s2->wpend_buf=buf; - - s->s2->wpend_ret=len; - - s->s2->wpend_off=0; - return(write_pending(s,buf,olen)); - } - -int ssl2_part_read(SSL *s, unsigned long f, int i) - { - unsigned char *p; - int j; - - if (i < 0) - { - /* ssl2_return_error(s); */ - /* for non-blocking io, - * this is not necessarily fatal */ - return(i); - } - else - { - s->init_num+=i; - - /* Check for error. While there are recoverable errors, - * this function is not called when those must be expected; - * any error detected here is fatal. */ - if (s->init_num >= 3) - { - p=(unsigned char *)s->init_buf->data; - if (p[0] == SSL2_MT_ERROR) - { - j=(p[1]<<8)|p[2]; - SSLerr((int)f,ssl_mt_error(j)); - s->init_num -= 3; - if (s->init_num > 0) - memmove(p, p+3, s->init_num); - } - } - - /* If it's not an error message, we have some error anyway -- - * the message was shorter than expected. This too is treated - * as fatal (at least if SSL_get_error is asked for its opinion). */ - return(0); - } - } - -int ssl2_do_write(SSL *s) - { - int ret; - - ret=ssl2_write(s,&s->init_buf->data[s->init_off],s->init_num); - if (ret == s->init_num) - { - if (s->msg_callback) - s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg); - return(1); - } - if (ret < 0) - return(-1); - s->init_off+=ret; - s->init_num-=ret; - return(0); - } - -static int ssl_mt_error(int n) - { - int ret; - - switch (n) - { - case SSL2_PE_NO_CIPHER: - ret=SSL_R_PEER_ERROR_NO_CIPHER; - break; - case SSL2_PE_NO_CERTIFICATE: - ret=SSL_R_PEER_ERROR_NO_CERTIFICATE; - break; - case SSL2_PE_BAD_CERTIFICATE: - ret=SSL_R_PEER_ERROR_CERTIFICATE; - break; - case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE: - ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE; - break; - default: - ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE; - break; - } - return(ret); - } -#else /* !OPENSSL_NO_SSL2 */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c deleted file mode 100644 index 71f677bbec..0000000000 --- a/ssl/s2_srvr.c +++ /dev/null @@ -1,1154 +0,0 @@ -/* ssl/s2_srvr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "ssl_locl.h" -#ifndef OPENSSL_NO_SSL2 -#include <stdio.h> -#include <openssl/bio.h> -#include <openssl/rand.h> -#include <openssl/objects.h> -#include <openssl/evp.h> - -static const SSL_METHOD *ssl2_get_server_method(int ver); -static int get_client_master_key(SSL *s); -static int get_client_hello(SSL *s); -static int server_hello(SSL *s); -static int get_client_finished(SSL *s); -static int server_verify(SSL *s); -static int server_finish(SSL *s); -static int request_certificate(SSL *s); -static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, - unsigned char *to,int padding); -#define BREAK break - -static const SSL_METHOD *ssl2_get_server_method(int ver) - { - if (ver == SSL2_VERSION) - return(SSLv2_server_method()); - else - return(NULL); - } - -IMPLEMENT_ssl2_meth_func(SSLv2_server_method, - ssl2_accept, - ssl_undefined_function, - ssl2_get_server_method) - -int ssl2_accept(SSL *s) - { - unsigned long l=(unsigned long)time(NULL); - BUF_MEM *buf=NULL; - int ret= -1; - long num1; - void (*cb)(const SSL *ssl,int type,int val)=NULL; - int new_state,state; - - RAND_add(&l,sizeof(l),0); - ERR_clear_error(); - clear_sys_error(); - - if (s->info_callback != NULL) - cb=s->info_callback; - else if (s->ctx->info_callback != NULL) - cb=s->ctx->info_callback; - - /* init things to blank */ - s->in_handshake++; - if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); - - if (s->cert == NULL) - { - SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET); - return(-1); - } - - clear_sys_error(); - for (;;) - { - state=s->state; - - switch (s->state) - { - case SSL_ST_BEFORE: - case SSL_ST_ACCEPT: - case SSL_ST_BEFORE|SSL_ST_ACCEPT: - case SSL_ST_OK|SSL_ST_ACCEPT: - - s->server=1; - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); - - s->version=SSL2_VERSION; - s->type=SSL_ST_ACCEPT; - - buf=s->init_buf; - if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL)) - { ret= -1; goto end; } - if (!BUF_MEM_grow(buf,(int) - SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) - { ret= -1; goto end; } - s->init_buf=buf; - s->init_num=0; - s->ctx->stats.sess_accept++; - s->handshake_func=ssl2_accept; - s->state=SSL2_ST_GET_CLIENT_HELLO_A; - BREAK; - - case SSL2_ST_GET_CLIENT_HELLO_A: - case SSL2_ST_GET_CLIENT_HELLO_B: - case SSL2_ST_GET_CLIENT_HELLO_C: - s->shutdown=0; - ret=get_client_hello(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL2_ST_SEND_SERVER_HELLO_A; - BREAK; - - case SSL2_ST_SEND_SERVER_HELLO_A: - case SSL2_ST_SEND_SERVER_HELLO_B: - ret=server_hello(s); - if (ret <= 0) goto end; - s->init_num=0; - if (!s->hit) - { - s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A; - BREAK; - } - else - { - s->state=SSL2_ST_SERVER_START_ENCRYPTION; - BREAK; - } - case SSL2_ST_GET_CLIENT_MASTER_KEY_A: - case SSL2_ST_GET_CLIENT_MASTER_KEY_B: - ret=get_client_master_key(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL2_ST_SERVER_START_ENCRYPTION; - BREAK; - - case SSL2_ST_SERVER_START_ENCRYPTION: - /* Ok we how have sent all the stuff needed to - * start encrypting, the next packet back will - * be encrypted. */ - if (!ssl2_enc_init(s,0)) - { ret= -1; goto end; } - s->s2->clear_text=0; - s->state=SSL2_ST_SEND_SERVER_VERIFY_A; - BREAK; - - case SSL2_ST_SEND_SERVER_VERIFY_A: - case SSL2_ST_SEND_SERVER_VERIFY_B: - ret=server_verify(s); - if (ret <= 0) goto end; - s->init_num=0; - if (s->hit) - { - /* If we are in here, we have been - * buffering the output, so we need to - * flush it and remove buffering from - * future traffic */ - s->state=SSL2_ST_SEND_SERVER_VERIFY_C; - BREAK; - } - else - { - s->state=SSL2_ST_GET_CLIENT_FINISHED_A; - break; - } - - case SSL2_ST_SEND_SERVER_VERIFY_C: - /* get the number of bytes to write */ - num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); - if (num1 > 0) - { - s->rwstate=SSL_WRITING; - num1=BIO_flush(s->wbio); - if (num1 <= 0) { ret= -1; goto end; } - s->rwstate=SSL_NOTHING; - } - - /* flushed and now remove buffering */ - s->wbio=BIO_pop(s->wbio); - - s->state=SSL2_ST_GET_CLIENT_FINISHED_A; - BREAK; - - case SSL2_ST_GET_CLIENT_FINISHED_A: - case SSL2_ST_GET_CLIENT_FINISHED_B: - ret=get_client_finished(s); - if (ret <= 0) - goto end; - s->init_num=0; - s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A; - BREAK; - - case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: - case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: - case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: - case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: - /* don't do a 'request certificate' if we - * don't want to, or we already have one, and - * we only want to do it once. */ - if (!(s->verify_mode & SSL_VERIFY_PEER) || - ((s->session->peer != NULL) && - (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) - { - s->state=SSL2_ST_SEND_SERVER_FINISHED_A; - break; - } - else - { - ret=request_certificate(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL2_ST_SEND_SERVER_FINISHED_A; - } - BREAK; - - case SSL2_ST_SEND_SERVER_FINISHED_A: - case SSL2_ST_SEND_SERVER_FINISHED_B: - ret=server_finish(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL_ST_OK; - break; - - case SSL_ST_OK: - BUF_MEM_free(s->init_buf); - ssl_free_wbio_buffer(s); - s->init_buf=NULL; - s->init_num=0; - /* ERR_clear_error();*/ - - ssl_update_cache(s,SSL_SESS_CACHE_SERVER); - - s->ctx->stats.sess_accept_good++; - /* s->server=1; */ - ret=1; - - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); - - goto end; - /* BREAK; */ - - default: - SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE); - ret= -1; - goto end; - /* BREAK; */ - } - - if ((cb != NULL) && (s->state != state)) - { - new_state=s->state; - s->state=state; - cb(s,SSL_CB_ACCEPT_LOOP,1); - s->state=new_state; - } - } -end: - s->in_handshake--; - if (cb != NULL) - cb(s,SSL_CB_ACCEPT_EXIT,ret); - return(ret); - } - -static int get_client_master_key(SSL *s) - { - int is_export,i,n,keya,ek; - unsigned long len; - unsigned char *p; - const SSL_CIPHER *cp; - const EVP_CIPHER *c; - const EVP_MD *md; - - p=(unsigned char *)s->init_buf->data; - if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) - { - i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num); - - if (i < (10-s->init_num)) - return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); - s->init_num = 10; - - if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) - { - if (p[-1] != SSL2_MT_ERROR) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE); - } - else - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR); - return(-1); - } - - cp=ssl2_get_cipher_by_char(p); - if (cp == NULL) - { - ssl2_return_error(s,SSL2_PE_NO_CIPHER); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); - return(-1); - } - s->session->cipher= cp; - - p+=3; - n2s(p,i); s->s2->tmp.clear=i; - n2s(p,i); s->s2->tmp.enc=i; - n2s(p,i); - if(i > SSL_MAX_KEY_ARG_LENGTH) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG); - return -1; - } - s->session->key_arg_length=i; - s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B; - } - - /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ - p=(unsigned char *)s->init_buf->data; - if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); - return -1; - } - keya=s->session->key_arg_length; - len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya; - if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_MESSAGE_TOO_LONG); - return -1; - } - n = (int)len - s->init_num; - i = ssl2_read(s,(char *)&(p[s->init_num]),n); - if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i)); - if (s->msg_callback) - s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-MASTER-KEY */ - p += 10; - - memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]), - (unsigned int)keya); - - if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); - return(-1); - } - i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, - &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), - (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); - - is_export=SSL_C_IS_EXPORT(s->session->cipher); - - if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL, 0)) - { - ssl2_return_error(s,SSL2_PE_NO_CIPHER); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS); - return(0); - } - - if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) - { - is_export=1; - ek=8; - } - else - ek=5; - - /* bad decrypt */ -#if 1 - /* If a bad decrypt, continue with protocol but with a - * random master secret (Bleichenbacher attack) */ - if ((i < 0) || - ((!is_export && (i != EVP_CIPHER_key_length(c))) - || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i != - (unsigned int)EVP_CIPHER_key_length(c)))))) - { - ERR_clear_error(); - if (is_export) - i=ek; - else - i=EVP_CIPHER_key_length(c); - if (RAND_pseudo_bytes(p,i) <= 0) - return 0; - } -#else - if (i < 0) - { - error=1; - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT); - } - /* incorrect number of key bytes for non export cipher */ - else if ((!is_export && (i != EVP_CIPHER_key_length(c))) - || (is_export && ((i != ek) || (s->s2->tmp.clear+i != - EVP_CIPHER_key_length(c))))) - { - error=1; - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS); - } - if (error) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - return(-1); - } -#endif - - if (is_export) i+=s->s2->tmp.clear; - - if (i > SSL_MAX_MASTER_KEY_LENGTH) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); - return -1; - } - s->session->master_key_length=i; - memcpy(s->session->master_key,p,(unsigned int)i); - return(1); - } - -static int get_client_hello(SSL *s) - { - int i,n; - unsigned long len; - unsigned char *p; - STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */ - STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */ - STACK_OF(SSL_CIPHER) *prio, *allow; - int z; - - /* This is a bit of a hack to check for the correct packet - * type the first time round. */ - if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) - { - s->first_packet=1; - s->state=SSL2_ST_GET_CLIENT_HELLO_B; - } - - p=(unsigned char *)s->init_buf->data; - if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) - { - i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num); - if (i < (9-s->init_num)) - return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i)); - s->init_num = 9; - - if (*(p++) != SSL2_MT_CLIENT_HELLO) - { - if (p[-1] != SSL2_MT_ERROR) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE); - } - else - SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); - return(-1); - } - n2s(p,i); - if (i < s->version) s->version=i; - n2s(p,i); s->s2->tmp.cipher_spec_length=i; - n2s(p,i); s->s2->tmp.session_id_length=i; - n2s(p,i); s->s2->challenge_length=i; - if ( (i < SSL2_MIN_CHALLENGE_LENGTH) || - (i > SSL2_MAX_CHALLENGE_LENGTH)) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH); - return(-1); - } - s->state=SSL2_ST_GET_CLIENT_HELLO_C; - } - - /* SSL2_ST_GET_CLIENT_HELLO_C */ - p=(unsigned char *)s->init_buf->data; - len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length; - if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_MESSAGE_TOO_LONG); - return -1; - } - n = (int)len - s->init_num; - i = ssl2_read(s,(char *)&(p[s->init_num]),n); - if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i)); - if (s->msg_callback) - s->msg_callback(0, s->version, 0, p, (size_t)len, s, s->msg_callback_arg); /* CLIENT-HELLO */ - p += 9; - - /* get session-id before cipher stuff so we can get out session - * structure if it is cached */ - /* session-id */ - if ((s->s2->tmp.session_id_length != 0) && - (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH); - return(-1); - } - - if (s->s2->tmp.session_id_length == 0) - { - if (!ssl_get_new_session(s,1)) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - return(-1); - } - } - else - { - i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]), - s->s2->tmp.session_id_length, NULL); - if (i == 1) - { /* previous session */ - s->hit=1; - } - else if (i == -1) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - return(-1); - } - else - { - if (s->cert == NULL) - { - ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE); - SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET); - return(-1); - } - - if (!ssl_get_new_session(s,1)) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - return(-1); - } - } - } - - if (!s->hit) - { - cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length, - &s->session->ciphers); - if (cs == NULL) goto mem_err; - - cl=SSL_get_ciphers(s); - - if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) - { - prio=sk_SSL_CIPHER_dup(cl); - if (prio == NULL) goto mem_err; - allow = cs; - } - else - { - prio = cs; - allow = cl; - } - for (z=0; z<sk_SSL_CIPHER_num(prio); z++) - { - if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0) - { - (void)sk_SSL_CIPHER_delete(prio,z); - z--; - } - } - if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) - { - sk_SSL_CIPHER_free(s->session->ciphers); - s->session->ciphers = prio; - } - /* s->session->ciphers should now have a list of - * ciphers that are on both the client and server. - * This list is ordered by the order the client sent - * the ciphers or in the order of the server's preference - * if SSL_OP_CIPHER_SERVER_PREFERENCE was set. - */ - } - p+=s->s2->tmp.cipher_spec_length; - /* done cipher selection */ - - /* session id extracted already */ - p+=s->s2->tmp.session_id_length; - - /* challenge */ - if (s->s2->challenge_length > sizeof s->s2->challenge) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); - return -1; - } - memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length); - return(1); -mem_err: - SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); - return(0); - } - -static int server_hello(SSL *s) - { - unsigned char *p,*d; - int n,hit; - - p=(unsigned char *)s->init_buf->data; - if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) - { - d=p+11; - *(p++)=SSL2_MT_SERVER_HELLO; /* type */ - hit=s->hit; - *(p++)=(unsigned char)hit; -#if 1 - if (!hit) - { - if (s->session->sess_cert != NULL) - /* This can't really happen because get_client_hello - * has called ssl_get_new_session, which does not set - * sess_cert. */ - ssl_sess_cert_free(s->session->sess_cert); - s->session->sess_cert = ssl_sess_cert_new(); - if (s->session->sess_cert == NULL) - { - SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE); - return(-1); - } - } - /* If 'hit' is set, then s->sess_cert may be non-NULL or NULL, - * depending on whether it survived in the internal cache - * or was retrieved from an external cache. - * If it is NULL, we cannot put any useful data in it anyway, - * so we don't touch it. - */ - -#else /* That's what used to be done when cert_st and sess_cert_st were - * the same. */ - if (!hit) - { /* else add cert to session */ - CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT); - if (s->session->sess_cert != NULL) - ssl_cert_free(s->session->sess_cert); - s->session->sess_cert=s->cert; - } - else /* We have a session id-cache hit, if the - * session-id has no certificate listed against - * the 'cert' structure, grab the 'old' one - * listed against the SSL connection */ - { - if (s->session->sess_cert == NULL) - { - CRYPTO_add(&s->cert->references,1, - CRYPTO_LOCK_SSL_CERT); - s->session->sess_cert=s->cert; - } - } -#endif - - if (s->cert == NULL) - { - ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE); - SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED); - return(-1); - } - - if (hit) - { - *(p++)=0; /* no certificate type */ - s2n(s->version,p); /* version */ - s2n(0,p); /* cert len */ - s2n(0,p); /* ciphers len */ - } - else - { - /* EAY EAY */ - /* put certificate type */ - *(p++)=SSL2_CT_X509_CERTIFICATE; - s2n(s->version,p); /* version */ - n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); - s2n(n,p); /* certificate length */ - i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d); - n=0; - - /* lets send out the ciphers we like in the - * prefered order */ - n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0); - d+=n; - s2n(n,p); /* add cipher length */ - } - - /* make and send conn_id */ - s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */ - s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH; - if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0) - return -1; - memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH); - d+=SSL2_CONNECTION_ID_LENGTH; - - s->state=SSL2_ST_SEND_SERVER_HELLO_B; - s->init_num=d-(unsigned char *)s->init_buf->data; - s->init_off=0; - } - /* SSL2_ST_SEND_SERVER_HELLO_B */ - /* If we are using TCP/IP, the performance is bad if we do 2 - * writes without a read between them. This occurs when - * Session-id reuse is used, so I will put in a buffering module - */ - if (s->hit) - { - if (!ssl_init_wbio_buffer(s,1)) return(-1); - } - - return(ssl2_do_write(s)); - } - -static int get_client_finished(SSL *s) - { - unsigned char *p; - int i, n; - unsigned long len; - - p=(unsigned char *)s->init_buf->data; - if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) - { - i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num); - if (i < 1-s->init_num) - return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i)); - s->init_num += i; - - if (*p != SSL2_MT_CLIENT_FINISHED) - { - if (*p != SSL2_MT_ERROR) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE); - } - else - { - SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR); - /* try to read the error message */ - i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num); - return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i); - } - return(-1); - } - s->state=SSL2_ST_GET_CLIENT_FINISHED_B; - } - - /* SSL2_ST_GET_CLIENT_FINISHED_B */ - if (s->s2->conn_id_length > sizeof s->s2->conn_id) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR); - return -1; - } - len = 1 + (unsigned long)s->s2->conn_id_length; - n = (int)len - s->init_num; - i = ssl2_read(s,(char *)&(p[s->init_num]),n); - if (i < n) - { - return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i)); - } - if (s->msg_callback) - s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */ - p += 1; - if (memcmp(p,s->s2->conn_id,s->s2->conn_id_length) != 0) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT); - return(-1); - } - return(1); - } - -static int server_verify(SSL *s) - { - unsigned char *p; - - if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) - { - p=(unsigned char *)s->init_buf->data; - *(p++)=SSL2_MT_SERVER_VERIFY; - if (s->s2->challenge_length > sizeof s->s2->challenge) - { - SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR); - return -1; - } - memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); - /* p+=s->s2->challenge_length; */ - - s->state=SSL2_ST_SEND_SERVER_VERIFY_B; - s->init_num=s->s2->challenge_length+1; - s->init_off=0; - } - return(ssl2_do_write(s)); - } - -static int server_finish(SSL *s) - { - unsigned char *p; - - if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) - { - p=(unsigned char *)s->init_buf->data; - *(p++)=SSL2_MT_SERVER_FINISHED; - - if (s->session->session_id_length > sizeof s->session->session_id) - { - SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR); - return -1; - } - memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length); - /* p+=s->session->session_id_length; */ - - s->state=SSL2_ST_SEND_SERVER_FINISHED_B; - s->init_num=s->session->session_id_length+1; - s->init_off=0; - } - - /* SSL2_ST_SEND_SERVER_FINISHED_B */ - return(ssl2_do_write(s)); - } - -/* send the request and check the response */ -static int request_certificate(SSL *s) - { - const unsigned char *cp; - unsigned char *p,*p2,*buf2; - unsigned char *ccd; - int i,j,ctype,ret= -1; - unsigned long len; - X509 *x509=NULL; - STACK_OF(X509) *sk=NULL; - - ccd=s->s2->tmp.ccl; - if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) - { - p=(unsigned char *)s->init_buf->data; - *(p++)=SSL2_MT_REQUEST_CERTIFICATE; - *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION; - if (RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0) - return -1; - memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); - - s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B; - s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2; - s->init_off=0; - } - - if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) - { - i=ssl2_do_write(s); - if (i <= 0) - { - ret=i; - goto end; - } - - s->init_num=0; - s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C; - } - - if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) - { - p=(unsigned char *)s->init_buf->data; - i=ssl2_read(s,(char *)&(p[s->init_num]),6-s->init_num); /* try to read 6 octets ... */ - if (i < 3-s->init_num) /* ... but don't call ssl2_part_read now if we got at least 3 - * (probably NO-CERTIFICATE-ERROR) */ - { - ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i); - goto end; - } - s->init_num += i; - - if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) - { - n2s(p,i); - if (i != SSL2_PE_NO_CERTIFICATE) - { - /* not the error message we expected -- let ssl2_part_read handle it */ - s->init_num -= 3; - ret = ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE, 3); - goto end; - } - - if (s->msg_callback) - s->msg_callback(0, s->version, 0, p, 3, s, s->msg_callback_arg); /* ERROR */ - - /* this is the one place where we can recover from an SSL 2.0 error */ - - if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) - { - ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); - SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); - goto end; - } - ret=1; - goto end; - } - if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) - { - ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); - SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ); - goto end; - } - if (s->init_num != 6) - { - SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR); - goto end; - } - - /* ok we have a response */ - /* certificate type, there is only one right now. */ - ctype= *(p++); - if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) - { - ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE); - SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT); - goto end; - } - n2s(p,i); s->s2->tmp.clen=i; - n2s(p,i); s->s2->tmp.rlen=i; - s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D; - } - - /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */ - p=(unsigned char *)s->init_buf->data; - len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen; - if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) - { - SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_MESSAGE_TOO_LONG); - goto end; - } - j = (int)len - s->init_num; - i = ssl2_read(s,(char *)&(p[s->init_num]),j); - if (i < j) - { - ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i); - goto end; - } - if (s->msg_callback) - s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */ - p += 6; - - cp = p; - x509=(X509 *)d2i_X509(NULL,&cp,(long)s->s2->tmp.clen); - if (x509 == NULL) - { - SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB); - goto msg_end; - } - - if (((sk=sk_X509_new_null()) == NULL) || (!sk_X509_push(sk,x509))) - { - SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE); - goto msg_end; - } - - i=ssl_verify_cert_chain(s,sk); - - if (i > 1) - { - SSLerr(SSL_F_REQUEST_CERTIFICATE, i); - goto msg_end; - } - - if (i > 0) /* we like the packet, now check the chksum */ - { - EVP_MD_CTX ctx; - EVP_PKEY *pkey=NULL; - - EVP_MD_CTX_init(&ctx); - if (!EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL) - || !EVP_VerifyUpdate(&ctx,s->s2->key_material, - s->s2->key_material_length) - || !EVP_VerifyUpdate(&ctx,ccd, - SSL2_MIN_CERT_CHALLENGE_LENGTH)) - goto msg_end; - - i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); - buf2=OPENSSL_malloc((unsigned int)i); - if (buf2 == NULL) - { - SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE); - goto msg_end; - } - p2=buf2; - i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2); - if (!EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i)) - { - OPENSSL_free(buf2); - goto msg_end; - } - OPENSSL_free(buf2); - - pkey=X509_get_pubkey(x509); - if (pkey == NULL) goto end; - i=EVP_VerifyFinal(&ctx,cp,s->s2->tmp.rlen,pkey); - EVP_PKEY_free(pkey); - EVP_MD_CTX_cleanup(&ctx); - - if (i > 0) - { - if (s->session->peer != NULL) - X509_free(s->session->peer); - s->session->peer=x509; - CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); - s->session->verify_result = s->verify_result; - ret=1; - goto end; - } - else - { - SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM); - goto msg_end; - } - } - else - { -msg_end: - ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); - } -end: - sk_X509_free(sk); - X509_free(x509); - return(ret); - } - -static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, - unsigned char *to, int padding) - { - RSA *rsa; - int i; - - if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) - { - SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY); - return(-1); - } - if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) - { - SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA); - return(-1); - } - rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa; - - /* we have the public key */ - i=RSA_private_decrypt(len,from,to,rsa,padding); - if (i < 0) - SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB); - return(i); - } -#else /* !OPENSSL_NO_SSL2 */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 63774bcc87..7765de176f 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -371,8 +371,6 @@ int ssl3_change_cipher_state(SSL *s, int which) } } - s->session->key_arg_length=0; - EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE)); #ifdef OPENSSL_SSL_TRACE_CRYPTO diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index d670ff0ec0..51a4ec3e89 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3946,8 +3946,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return s->version == TLS1_VERSION; if (!(s->options & SSL_OP_NO_SSLv3)) return s->version == SSL3_VERSION; - if (!(s->options & SSL_OP_NO_SSLv2)) - return s->version == SSL2_VERSION; } return 0; /* Unexpected state; fail closed. */ @@ -177,16 +177,6 @@ extern "C" { #define SSL_SESSION_ASN1_VERSION 0x0001 /* text strings for the ciphers */ -#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5 -#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5 -#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 -#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5 -#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 -#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5 -#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5 -#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA -#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 -#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA /* VRS Additional Kerberos5 entries */ @@ -305,7 +295,6 @@ extern "C" { #define SSL_TXT_SHA256 "SHA256" #define SSL_TXT_SHA384 "SHA384" -#define SSL_TXT_SSLV2 "SSLv2" #define SSL_TXT_SSLV3 "SSLv3" #define SSL_TXT_TLSV1 "TLSv1" #define SSL_TXT_TLSV1_1 "TLSv1.1" @@ -336,7 +325,7 @@ extern "C" { /* The following cipher list is used by default. * It also is substituted when an application-defined cipher list string * starts with 'DEFAULT'. */ -#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2" +#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL" /* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always * starts with a reasonable order, and all we have to do for DEFAULT is * throwing out anonymous and unencrypted ciphersuites! @@ -356,10 +345,6 @@ extern "C" { extern "C" { #endif -#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2) -#define OPENSSL_NO_SSL2 -#endif - #define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 #define SSL_FILETYPE_PEM X509_FILETYPE_PEM @@ -498,9 +483,6 @@ struct ssl_session_st int ssl_version; /* what ssl version session info is * being kept in here? */ - /* only really used in SSLv2 */ - unsigned int key_arg_length; - unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH]; int master_key_length; unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH]; /* session_id - valid? */ @@ -575,8 +557,6 @@ struct ssl_session_st #endif -#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L -#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L /* Allow initial connection to servers that don't support RI */ #define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L @@ -591,6 +571,9 @@ struct ssl_session_st #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0 /* Refers to ancient SSLREF and SSLv2, retained for compatibility */ #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0 +/* Related to removed SSLv2 */ +#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0 +#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added * in OpenSSL 0.9.6d. Usually (depending on the application protocol) @@ -634,7 +617,7 @@ struct ssl_session_st * forbidden to prevent version rollback attacks. */ #define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L -#define SSL_OP_NO_SSLv2 0x01000000L +#define SSL_OP_NO_SSLv2 0x00000000L #define SSL_OP_NO_SSLv3 0x02000000L #define SSL_OP_NO_TLSv1 0x04000000L #define SSL_OP_NO_TLSv1_2 0x08000000L @@ -643,7 +626,7 @@ struct ssl_session_st #define SSL_OP_NO_DTLSv1 0x04000000L #define SSL_OP_NO_DTLSv1_2 0x08000000L -#define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|\ +#define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\ SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2) /* These next two were never actually used for anything since SSLeay @@ -868,11 +851,8 @@ int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key); * 'ssl' value they're passed by; * SSL_has_matching_session_id(ssl, id, *id_len) * The length value passed in is set at the maximum size the session ID can be. - * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback - * can alter this length to be less if desired, but under SSLv2 session IDs are - * supposed to be fixed at 16 bytes so the id will be padded after the callback - * returns in this case. It is also an error for the callback to set the size to - * zero. */ + * In SSLv3/TLSv1 it is 32 bytes. The callback can alter this length to be less + * if desired. It is also an error for the callback to set the size to zero. */ typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id, unsigned int *id_len); @@ -982,7 +962,6 @@ struct ssl_ctx_st CRYPTO_EX_DATA ex_data; - const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */ const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */ const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */ @@ -1363,7 +1342,6 @@ struct ssl_st unsigned char *packet; unsigned int packet_length; - struct ssl2_state_st *s2; /* SSLv2 variables */ struct ssl3_state_st *s3; /* SSLv3 variables */ struct dtls1_state_st *d1; /* DTLSv1 variables */ @@ -1423,7 +1401,7 @@ struct ssl_st /* Default generate session ID callback. */ GEN_SESSION_CB generate_session_id; - /* Used in SSL2 and SSL3 */ + /* Used in SSL3 */ int verify_mode; /* 0 don't care about verify failure. * 1 fail if verify fails */ int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */ @@ -2235,12 +2213,6 @@ const char *SSL_get_version(const SSL *s); /* This sets the 'default' SSL version that SSL_new() will create */ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); -#ifndef OPENSSL_NO_SSL2 -const SSL_METHOD *SSLv2_method(void); /* SSLv2 */ -const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ -const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */ -#endif - #ifndef OPENSSL_NO_SSL3_METHOD const SSL_METHOD *SSLv3_method(void); /* SSLv3 */ const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ @@ -2503,8 +2475,6 @@ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c); #define SSL_SECOP_CURVE_CHECK (6 | SSL_SECOP_OTHER_CURVE) /* Temporary DH key */ #define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_DH) -/* Whether to use SSLv2 compatible client hello */ -#define SSL_SECOP_SSL2_COMPAT (8 | SSL_SECOP_OTHER_NONE) /* SSL/TLS version */ #define SSL_SECOP_VERSION (9 | SSL_SECOP_OTHER_NONE) /* Session tickets */ @@ -2560,10 +2530,6 @@ void ERR_load_SSL_strings(void); /* Function codes. */ #define SSL_F_CHECK_SUITEB_CIPHER_LIST 331 -#define SSL_F_CLIENT_CERTIFICATE 100 -#define SSL_F_CLIENT_FINISHED 167 -#define SSL_F_CLIENT_HELLO 101 -#define SSL_F_CLIENT_MASTER_KEY 102 #define SSL_F_D2I_SSL_SESSION 103 #define SSL_F_DO_DTLS1_WRITE 245 #define SSL_F_DO_SSL3_WRITE 104 @@ -2595,18 +2561,6 @@ void ERR_load_SSL_strings(void); #define SSL_F_DTLS1_SEND_SERVER_HELLO 266 #define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267 #define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268 -#define SSL_F_GET_CLIENT_FINISHED 105 -#define SSL_F_GET_CLIENT_HELLO 106 -#define SSL_F_GET_CLIENT_MASTER_KEY 107 -#define SSL_F_GET_SERVER_FINISHED 108 -#define SSL_F_GET_SERVER_HELLO 109 -#define SSL_F_GET_SERVER_VERIFY 110 -#define SSL_F_I2D_SSL_SESSION 111 -#define SSL_F_READ_N 112 -#define SSL_F_REQUEST_CERTIFICATE 113 -#define SSL_F_SERVER_FINISH 239 -#define SSL_F_SERVER_HELLO 114 -#define SSL_F_SERVER_VERIFY 240 #define SSL_F_SSL23_ACCEPT 115 #define SSL_F_SSL23_CLIENT_HELLO 116 #define SSL_F_SSL23_CONNECT 117 @@ -2615,15 +2569,6 @@ void ERR_load_SSL_strings(void); #define SSL_F_SSL23_PEEK 237 #define SSL_F_SSL23_READ 120 #define SSL_F_SSL23_WRITE 121 -#define SSL_F_SSL2_ACCEPT 122 -#define SSL_F_SSL2_CONNECT 123 -#define SSL_F_SSL2_ENC_INIT 124 -#define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241 -#define SSL_F_SSL2_PEEK 234 -#define SSL_F_SSL2_READ 125 -#define SSL_F_SSL2_READ_INTERNAL 236 -#define SSL_F_SSL2_SET_CERTIFICATE 126 -#define SSL_F_SSL2_WRITE 127 #define SSL_F_SSL3_ACCEPT 128 #define SSL_F_SSL3_ADD_CERT_TO_BUF 296 #define SSL_F_SSL3_CALLBACK_CTRL 233 @@ -2742,8 +2687,6 @@ void ERR_load_SSL_strings(void); #define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281 #define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282 #define SSL_F_SSL_READ 223 -#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187 -#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 #define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320 #define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321 #define SSL_F_SSL_SESSION_NEW 189 @@ -2790,15 +2733,12 @@ void ERR_load_SSL_strings(void); #define SSL_F_TLS1_PRF 284 #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 #define SSL_F_TLS1_SET_SERVER_SIGALGS 335 -#define SSL_F_WRITE_PENDING 212 /* Reason codes. */ #define SSL_R_APP_DATA_IN_HANDSHAKE 100 #define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272 #define SSL_R_BAD_ALERT_RECORD 101 -#define SSL_R_BAD_AUTHENTICATION_TYPE 102 #define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 -#define SSL_R_BAD_CHECKSUM 104 #define SSL_R_BAD_DATA 390 #define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 #define SSL_R_BAD_DECOMPRESSION 107 @@ -2813,13 +2753,11 @@ void ERR_load_SSL_strings(void); #define SSL_R_BAD_HANDSHAKE_LENGTH 332 #define SSL_R_BAD_HELLO_REQUEST 105 #define SSL_R_BAD_LENGTH 271 -#define SSL_R_BAD_MAC_DECODE 113 #define SSL_R_BAD_MAC_LENGTH 333 #define SSL_R_BAD_MESSAGE_TYPE 114 #define SSL_R_BAD_PACKET_LENGTH 115 #define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116 #define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316 -#define SSL_R_BAD_RESPONSE_ARGUMENT 117 #define SSL_R_BAD_RSA_DECRYPT 118 #define SSL_R_BAD_RSA_ENCRYPT 119 #define SSL_R_BAD_RSA_E_LENGTH 120 @@ -2835,8 +2773,6 @@ void ERR_load_SSL_strings(void); #define SSL_R_BAD_SRTP_MKI_VALUE 352 #define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353 #define SSL_R_BAD_SSL_FILETYPE 124 -#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125 -#define SSL_R_BAD_STATE 126 #define SSL_R_BAD_VALUE 384 #define SSL_R_BAD_WRITE_RETRY 127 #define SSL_R_BIO_NOT_SET 128 @@ -2850,17 +2786,14 @@ void ERR_load_SSL_strings(void); #define SSL_R_CERTIFICATE_VERIFY_FAILED 134 #define SSL_R_CERT_CB_ERROR 377 #define SSL_R_CERT_LENGTH_MISMATCH 135 -#define SSL_R_CHALLENGE_IS_DIFFERENT 136 #define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 #define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138 -#define SSL_R_CIPHER_TABLE_SRC_ERROR 139 #define SSL_R_CLIENTHELLO_TLSEXT 226 #define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 #define SSL_R_COMPRESSION_DISABLED 343 #define SSL_R_COMPRESSION_FAILURE 141 #define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307 #define SSL_R_COMPRESSION_LIBRARY_ERROR 142 -#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143 #define SSL_R_CONNECTION_TYPE_NOT_SET 144 #define SSL_R_COOKIE_MISMATCH 308 #define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 @@ -2889,11 +2822,9 @@ void ERR_load_SSL_strings(void); #define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356 #define SSL_R_HTTPS_PROXY_REQUEST 155 #define SSL_R_HTTP_REQUEST 156 -#define SSL_R_ILLEGAL_PADDING 283 #define SSL_R_ILLEGAL_SUITEB_DIGEST 380 #define SSL_R_INAPPROPRIATE_FALLBACK 373 #define SSL_R_INCONSISTENT_COMPRESSION 340 -#define SSL_R_INVALID_CHALLENGE_LENGTH 158 #define SSL_R_INVALID_COMMAND 280 #define SSL_R_INVALID_COMPRESSION_ALGORITHM 341 #define SSL_R_INVALID_NULL_CMD_NAME 385 @@ -2903,8 +2834,6 @@ void ERR_load_SSL_strings(void); #define SSL_R_INVALID_STATUS_RESPONSE 328 #define SSL_R_INVALID_TICKET_KEYS_LENGTH 325 #define SSL_R_INVALID_TRUST 279 -#define SSL_R_KEY_ARG_TOO_LONG 284 -#define SSL_R_KEY_TOO_SMALL 395 #define SSL_R_KRB5 285 #define SSL_R_KRB5_C_CC_PRINC 286 #define SSL_R_KRB5_C_GET_CRED 287 @@ -2920,7 +2849,6 @@ void ERR_load_SSL_strings(void); #define SSL_R_LENGTH_TOO_SHORT 160 #define SSL_R_LIBRARY_BUG 274 #define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 -#define SSL_R_MESSAGE_TOO_LONG 296 #define SSL_R_MISSING_DH_DSA_CERT 162 #define SSL_R_MISSING_DH_KEY 163 #define SSL_R_MISSING_DH_RSA_CERT 164 @@ -2939,16 +2867,13 @@ void ERR_load_SSL_strings(void); #define SSL_R_MISSING_TMP_RSA_PKEY 173 #define SSL_R_MISSING_VERIFY_MESSAGE 174 #define SSL_R_MULTIPLE_SGC_RESTARTS 346 -#define SSL_R_NON_SSLV2_INITIAL_PACKET 175 #define SSL_R_NO_CERTIFICATES_RETURNED 176 #define SSL_R_NO_CERTIFICATE_ASSIGNED 177 #define SSL_R_NO_CERTIFICATE_RETURNED 178 #define SSL_R_NO_CERTIFICATE_SET 179 -#define SSL_R_NO_CERTIFICATE_SPECIFIED 180 #define SSL_R_NO_CIPHERS_AVAILABLE 181 #define SSL_R_NO_CIPHERS_PASSED 182 #define SSL_R_NO_CIPHERS_SPECIFIED 183 -#define SSL_R_NO_CIPHER_LIST 184 #define SSL_R_NO_CIPHER_MATCH 185 #define SSL_R_NO_CLIENT_CERT_METHOD 331 #define SSL_R_NO_CLIENT_CERT_RECEIVED 186 @@ -2956,10 +2881,8 @@ void ERR_load_SSL_strings(void); #define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330 #define SSL_R_NO_METHOD_SPECIFIED 188 #define SSL_R_NO_PEM_EXTENSIONS 389 -#define SSL_R_NO_PRIVATEKEY 189 #define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 #define SSL_R_NO_PROTOCOLS_AVAILABLE 191 -#define SSL_R_NO_PUBLICKEY 192 #define SSL_R_NO_RENEGOTIATION 339 #define SSL_R_NO_REQUIRED_DIGEST 324 #define SSL_R_NO_SHARED_CIPHER 193 @@ -2978,25 +2901,15 @@ void ERR_load_SSL_strings(void); #define SSL_R_PARSE_TLSEXT 227 #define SSL_R_PATH_TOO_LONG 270 #define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199 -#define SSL_R_PEER_ERROR 200 -#define SSL_R_PEER_ERROR_CERTIFICATE 201 -#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202 -#define SSL_R_PEER_ERROR_NO_CIPHER 203 -#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204 #define SSL_R_PEM_NAME_BAD_PREFIX 391 #define SSL_R_PEM_NAME_TOO_SHORT 392 #define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205 -#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206 #define SSL_R_PROTOCOL_IS_SHUTDOWN 207 #define SSL_R_PSK_IDENTITY_NOT_FOUND 223 #define SSL_R_PSK_NO_CLIENT_CB 224 #define SSL_R_PSK_NO_SERVER_CB 225 -#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208 -#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209 -#define SSL_R_PUBLIC_KEY_NOT_RSA 210 #define SSL_R_READ_BIO_NOT_SET 211 #define SSL_R_READ_TIMEOUT_EXPIRED 312 -#define SSL_R_READ_WRONG_PACKET_TYPE 212 #define SSL_R_RECORD_LENGTH_MISMATCH 213 #define SSL_R_RECORD_TOO_LARGE 214 #define SSL_R_RECORD_TOO_SMALL 298 @@ -3005,13 +2918,9 @@ void ERR_load_SSL_strings(void); #define SSL_R_RENEGOTIATION_MISMATCH 337 #define SSL_R_REQUIRED_CIPHER_MISSING 215 #define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342 -#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 -#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 -#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 #define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345 #define SSL_R_SERVERHELLO_TLSEXT 275 #define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 -#define SSL_R_SHORT_READ 219 #define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 #define SSL_R_SRP_A_CALC 361 @@ -3019,7 +2928,6 @@ void ERR_load_SSL_strings(void); #define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363 #define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 -#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299 #define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321 #define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319 #define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320 @@ -3044,7 +2952,6 @@ void ERR_load_SSL_strings(void); #define SSL_R_SSL_SESSION_ID_CONFLICT 302 #define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 #define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303 -#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231 #define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 #define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 @@ -3073,12 +2980,10 @@ void ERR_load_SSL_strings(void); #define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 #define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236 #define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313 -#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237 #define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238 #define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314 #define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239 #define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240 -#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241 #define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242 #define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243 #define SSL_R_UNEXPECTED_MESSAGE 244 @@ -3106,12 +3011,10 @@ void ERR_load_SSL_strings(void); #define SSL_R_UNSUPPORTED_STATUS_TYPE 329 #define SSL_R_USE_SRTP_NOT_NEGOTIATED 369 #define SSL_R_VERSION_TOO_LOW 396 -#define SSL_R_WRITE_BIO_NOT_SET 260 #define SSL_R_WRONG_CERTIFICATE_TYPE 383 #define SSL_R_WRONG_CIPHER_RETURNED 261 #define SSL_R_WRONG_CURVE 378 #define SSL_R_WRONG_MESSAGE_TYPE 262 -#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263 #define SSL_R_WRONG_SIGNATURE_LENGTH 264 #define SSL_R_WRONG_SIGNATURE_SIZE 265 #define SSL_R_WRONG_SIGNATURE_TYPE 370 diff --git a/ssl/ssl2.h b/ssl/ssl2.h index eb25dcb0bf..5c6a2381f6 100644 --- a/ssl/ssl2.h +++ b/ssl/ssl2.h @@ -63,207 +63,9 @@ extern "C" { #endif -/* Protocol Version Codes */ #define SSL2_VERSION 0x0002 -#define SSL2_VERSION_MAJOR 0x00 -#define SSL2_VERSION_MINOR 0x02 -/* #define SSL2_CLIENT_VERSION 0x0002 */ -/* #define SSL2_SERVER_VERSION 0x0002 */ -/* Protocol Message Codes */ -#define SSL2_MT_ERROR 0 #define SSL2_MT_CLIENT_HELLO 1 -#define SSL2_MT_CLIENT_MASTER_KEY 2 -#define SSL2_MT_CLIENT_FINISHED 3 -#define SSL2_MT_SERVER_HELLO 4 -#define SSL2_MT_SERVER_VERIFY 5 -#define SSL2_MT_SERVER_FINISHED 6 -#define SSL2_MT_REQUEST_CERTIFICATE 7 -#define SSL2_MT_CLIENT_CERTIFICATE 8 - -/* Error Message Codes */ -#define SSL2_PE_UNDEFINED_ERROR 0x0000 -#define SSL2_PE_NO_CIPHER 0x0001 -#define SSL2_PE_NO_CERTIFICATE 0x0002 -#define SSL2_PE_BAD_CERTIFICATE 0x0004 -#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006 - -/* Cipher Kind Values */ -#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */ -#define SSL2_CK_RC4_128_WITH_MD5 0x02010080 -#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080 -#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080 -#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080 -#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080 -#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040 -#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */ -#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0 -#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */ -#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */ - -#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */ -#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */ - -#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1" -#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5" -#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5" -#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5" -#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5" -#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5" -#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5" -#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5" -#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA" -#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5" -#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA" -#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5" - -#define SSL2_TXT_NULL "NULL" - -/* Flags for the SSL_CIPHER.algorithm2 field */ -#define SSL2_CF_5_BYTE_ENC 0x01 -#define SSL2_CF_8_BYTE_ENC 0x02 - -/* Certificate Type Codes */ -#define SSL2_CT_X509_CERTIFICATE 0x01 - -/* Authentication Type Code */ -#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01 - -#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32 - -/* Upper/Lower Bounds */ -#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256 -#ifdef OPENSSL_SYS_MPE -#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u -#else -#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */ -#endif -#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */ - -#define SSL2_CHALLENGE_LENGTH 16 -/*#define SSL2_CHALLENGE_LENGTH 32 */ -#define SSL2_MIN_CHALLENGE_LENGTH 16 -#define SSL2_MAX_CHALLENGE_LENGTH 32 -#define SSL2_CONNECTION_ID_LENGTH 16 -#define SSL2_MAX_CONNECTION_ID_LENGTH 16 -#define SSL2_SSL_SESSION_ID_LENGTH 16 -#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32 -#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16 -#define SSL2_MAX_KEY_MATERIAL_LENGTH 24 - -#ifndef HEADER_SSL_LOCL_H -#define CERT char -#endif - -#ifndef OPENSSL_NO_SSL_INTERN - -typedef struct ssl2_state_st - { - int three_byte_header; - int clear_text; /* clear text */ - int escape; /* not used in SSLv2 */ - int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */ - - /* non-blocking io info, used to make sure the same - * args were passwd */ - unsigned int wnum; /* number of bytes sent so far */ - int wpend_tot; - const unsigned char *wpend_buf; - - int wpend_off; /* offset to data to write */ - int wpend_len; /* number of bytes passwd to write */ - int wpend_ret; /* number of bytes to return to caller */ - - /* buffer raw data */ - int rbuf_left; - int rbuf_offs; - unsigned char *rbuf; - unsigned char *wbuf; - - unsigned char *write_ptr;/* used to point to the start due to - * 2/3 byte header. */ - - unsigned int padding; - unsigned int rlength; /* passed to ssl2_enc */ - int ract_data_length; /* Set when things are encrypted. */ - unsigned int wlength; /* passed to ssl2_enc */ - int wact_data_length; /* Set when things are decrypted. */ - unsigned char *ract_data; - unsigned char *wact_data; - unsigned char *mac_data; - - unsigned char *read_key; - unsigned char *write_key; - - /* Stuff specifically to do with this SSL session */ - unsigned int challenge_length; - unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH]; - unsigned int conn_id_length; - unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH]; - unsigned int key_material_length; - unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2]; - - unsigned long read_sequence; - unsigned long write_sequence; - - struct { - unsigned int conn_id_length; - unsigned int cert_type; - unsigned int cert_length; - unsigned int csl; - unsigned int clear; - unsigned int enc; - unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH]; - unsigned int cipher_spec_length; - unsigned int session_id_length; - unsigned int clen; - unsigned int rlen; - } tmp; - } SSL2_STATE; - -#endif - -/* SSLv2 */ -/* client */ -#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT) -#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT) -#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT) -/* server */ -#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT) -#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT) -#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT) #ifdef __cplusplus } diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c index d3646aef97..c4bf75040a 100644 --- a/ssl/ssl_algs.c +++ b/ssl/ssl_algs.c @@ -110,7 +110,6 @@ int SSL_library_init(void) #ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); - EVP_add_digest_alias(SN_md5,"ssl2-md5"); EVP_add_digest_alias(SN_md5,"ssl3-md5"); #endif #ifndef OPENSSL_NO_SHA diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index 4775003710..ba5f33d9a9 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -98,7 +98,6 @@ typedef struct ssl_session_asn1_st ASN1_OCTET_STRING master_key; ASN1_OCTET_STRING session_id; ASN1_OCTET_STRING session_id_context; - ASN1_OCTET_STRING key_arg; #ifndef OPENSSL_NO_KRB5 ASN1_OCTET_STRING krb5_princ; #endif /* OPENSSL_NO_KRB5 */ @@ -165,19 +164,10 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) l=in->cipher_id; else l=in->cipher->id; - if (in->ssl_version == SSL2_VERSION) - { - a.cipher.length=3; - buf[0]=((unsigned char)(l>>16L))&0xff; - buf[1]=((unsigned char)(l>> 8L))&0xff; - buf[2]=((unsigned char)(l ))&0xff; - } - else - { - a.cipher.length=2; - buf[0]=((unsigned char)(l>>8L))&0xff; - buf[1]=((unsigned char)(l ))&0xff; - } + a.cipher.length=2; + buf[0]=((unsigned char)(l>>8L))&0xff; + buf[1]=((unsigned char)(l ))&0xff; + #ifndef OPENSSL_NO_COMP if (in->compress_meth) @@ -201,10 +191,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) a.session_id_context.type=V_ASN1_OCTET_STRING; a.session_id_context.data=in->sid_ctx; - a.key_arg.length=in->key_arg_length; - a.key_arg.type=V_ASN1_OCTET_STRING; - a.key_arg.data=in->key_arg; - #ifndef OPENSSL_NO_KRB5 if (in->krb5_client_princ_len) { @@ -291,8 +277,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) if (in->krb5_client_princ_len) M_ASN1_I2D_len(&(a.krb5_princ), i2d_ASN1_OCTET_STRING); #endif /* OPENSSL_NO_KRB5 */ - if (in->key_arg_length > 0) - M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING); if (in->time != 0L) M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1); if (in->timeout != 0L) @@ -337,8 +321,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) if (in->krb5_client_princ_len) M_ASN1_I2D_put(&(a.krb5_princ), i2d_ASN1_OCTET_STRING); #endif /* OPENSSL_NO_KRB5 */ - if (in->key_arg_length > 0) - M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0); if (in->time != 0L) M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1); if (in->timeout != 0L) @@ -403,20 +385,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, os.data=NULL; os.length=0; M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING); - if (ssl_version == SSL2_VERSION) - { - if (os.length != 3) - { - c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH; - c.line=__LINE__; - goto err; - } - id=0x02000000L| - ((unsigned long)os.data[0]<<16L)| - ((unsigned long)os.data[1]<< 8L)| - (unsigned long)os.data[2]; - } - else if ((ssl_version>>8) >= SSL3_VERSION_MAJOR) + if ((ssl_version>>8) >= SSL3_VERSION_MAJOR) { if (os.length != 2) { @@ -439,10 +408,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, ret->cipher_id=id; M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING); - if ((ssl_version>>8) >= SSL3_VERSION_MAJOR) - i=SSL3_MAX_SSL_SESSION_ID_LENGTH; - else /* if (ssl_version>>8 == SSL2_VERSION_MAJOR) */ - i=SSL2_MAX_SSL_SESSION_ID_LENGTH; + i=SSL3_MAX_SSL_SESSION_ID_LENGTH; if (os.length > i) os.length = i; @@ -481,11 +447,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, #endif /* OPENSSL_NO_KRB5 */ M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING); - if (os.length > SSL_MAX_KEY_ARG_LENGTH) - ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH; - else - ret->key_arg_length=os.length; - memcpy(ret->key_arg,os.data,ret->key_arg_length); if (os.data != NULL) OPENSSL_free(os.data); ai.length=0; diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 6264fe93c7..f214bafe4a 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -1389,9 +1389,6 @@ static int ssl_security_default_callback(SSL *s, SSL_CTX *ctx, int op, int bits, /* No ciphers below security level */ if (bits < minbits) return 0; - /* No SSLv2 ciphers */ - if ((SSL_CIPHER_get_id(c) >> 24) == 0x2) - return 0; /* No unauthenticated ciphersuites */ if (c->algorithm_auth & SSL_aNULL) return 0; @@ -1410,9 +1407,6 @@ static int ssl_security_default_callback(SSL *s, SSL_CTX *ctx, int op, int bits, break; } case SSL_SECOP_VERSION: - /* SSLv2 allowed only on level zero */ - if (nid == SSL2_VERSION) - return 0; /* SSLv3 not allowed on level 2 */ if (nid <= SSL3_VERSION && level >= 2) return 0; @@ -1432,9 +1426,6 @@ static int ssl_security_default_callback(SSL *s, SSL_CTX *ctx, int op, int bits, if (level >= 3) return 0; break; - case SSL_SECOP_SSL2_COMPAT: - /* SSLv2 compatible client hello only for level zero */ - return 0; default: if (bits < minbits) return 0; diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 3c005f7e1a..464a767efe 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -314,7 +314,6 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_SHA384,0, 0,0,0,SSL_SHA384, 0,0,0,0,0}, /* protocol version aliases */ - {0,SSL_TXT_SSLV2,0, 0,0,0,0,SSL_SSLV2, 0,0,0,0}, {0,SSL_TXT_SSLV3,0, 0,0,0,0,SSL_SSLV3, 0,0,0,0}, {0,SSL_TXT_TLSV1,0, 0,0,0,0,SSL_TLSV1, 0,0,0,0}, {0,SSL_TXT_TLSV1_2,0, 0,0,0,0,SSL_TLSV1_2, 0,0,0,0}, @@ -815,7 +814,7 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, /* * We have num_of_ciphers descriptions compiled in, depending on the - * method selected (SSLv2 and/or SSLv3, TLSv1 etc). + * method selected (SSLv3, TLSv1 etc). * These will later be sorted in a linked list with at most num * entries. */ @@ -1653,7 +1652,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) int is_export,pkl,kl; const char *ver,*exp_str; const char *kx,*au,*enc,*mac; - unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2; + unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl; #ifdef KSSL_DEBUG static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n"; #else @@ -1666,16 +1665,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) alg_mac = cipher->algorithm_mac; alg_ssl = cipher->algorithm_ssl; - alg2=cipher->algorithm2; - is_export=SSL_C_IS_EXPORT(cipher); pkl=SSL_C_EXPORT_PKEYLENGTH(cipher); kl=SSL_C_EXPORT_KEYLENGTH(cipher); exp_str=is_export?" export":""; - if (alg_ssl & SSL_SSLV2) - ver="SSLv2"; - else if (alg_ssl & SSL_SSLV3) + if (alg_ssl & SSL_SSLV3) ver="SSLv3"; else if (alg_ssl & SSL_TLSV1_2) ver="TLSv1.2"; @@ -1770,8 +1765,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) enc="3DES(168)"; break; case SSL_RC4: - enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)") - :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)"); + enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)"):"RC4(128)"; break; case SSL_RC2: enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)"; @@ -1864,8 +1858,6 @@ char *SSL_CIPHER_get_version(const SSL_CIPHER *c) i=(int)(c->id>>24L); if (i == 3) return("TLSv1/SSLv3"); - else if (i == 2) - return("SSLv2"); else return("unknown"); } diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index cdefd206a2..3785b4f78f 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -198,7 +198,6 @@ static int ctrl_str_option(SSL_CONF_CTX *cctx, const char *cmd) { static const ssl_flag_tbl ssl_option_single[] = { - SSL_FLAG_TBL("no_ssl2", SSL_OP_NO_SSLv2), SSL_FLAG_TBL("no_ssl3", SSL_OP_NO_SSLv3), SSL_FLAG_TBL("no_tls1", SSL_OP_NO_TLSv1), SSL_FLAG_TBL("no_tls1_1", SSL_OP_NO_TLSv1_1), @@ -334,7 +333,6 @@ static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value) static const ssl_flag_tbl ssl_protocol_list[] = { SSL_FLAG_TBL_INV("ALL", SSL_OP_NO_SSL_MASK), - SSL_FLAG_TBL_INV("SSLv2", SSL_OP_NO_SSLv2), SSL_FLAG_TBL_INV("SSLv3", SSL_OP_NO_SSLv3), SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1), SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1), diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index c115522fcd..220b6d7c9a 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -71,10 +71,6 @@ static ERR_STRING_DATA SSL_str_functs[]= { {ERR_FUNC(SSL_F_CHECK_SUITEB_CIPHER_LIST), "CHECK_SUITEB_CIPHER_LIST"}, -{ERR_FUNC(SSL_F_CLIENT_CERTIFICATE), "CLIENT_CERTIFICATE"}, -{ERR_FUNC(SSL_F_CLIENT_FINISHED), "CLIENT_FINISHED"}, -{ERR_FUNC(SSL_F_CLIENT_HELLO), "CLIENT_HELLO"}, -{ERR_FUNC(SSL_F_CLIENT_MASTER_KEY), "CLIENT_MASTER_KEY"}, {ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"}, {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "do_dtls1_write"}, {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"}, @@ -105,18 +101,6 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_HELLO), "dtls1_send_server_hello"}, {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE), "dtls1_send_server_key_exchange"}, {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "dtls1_write_app_data_bytes"}, -{ERR_FUNC(SSL_F_GET_CLIENT_FINISHED), "GET_CLIENT_FINISHED"}, -{ERR_FUNC(SSL_F_GET_CLIENT_HELLO), "GET_CLIENT_HELLO"}, -{ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY), "GET_CLIENT_MASTER_KEY"}, -{ERR_FUNC(SSL_F_GET_SERVER_FINISHED), "GET_SERVER_FINISHED"}, -{ERR_FUNC(SSL_F_GET_SERVER_HELLO), "GET_SERVER_HELLO"}, -{ERR_FUNC(SSL_F_GET_SERVER_VERIFY), "GET_SERVER_VERIFY"}, -{ERR_FUNC(SSL_F_I2D_SSL_SESSION), "i2d_SSL_SESSION"}, -{ERR_FUNC(SSL_F_READ_N), "READ_N"}, -{ERR_FUNC(SSL_F_REQUEST_CERTIFICATE), "REQUEST_CERTIFICATE"}, -{ERR_FUNC(SSL_F_SERVER_FINISH), "SERVER_FINISH"}, -{ERR_FUNC(SSL_F_SERVER_HELLO), "SERVER_HELLO"}, -{ERR_FUNC(SSL_F_SERVER_VERIFY), "SERVER_VERIFY"}, {ERR_FUNC(SSL_F_SSL23_ACCEPT), "ssl23_accept"}, {ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO), "SSL23_CLIENT_HELLO"}, {ERR_FUNC(SSL_F_SSL23_CONNECT), "ssl23_connect"}, @@ -125,15 +109,6 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_SSL23_PEEK), "ssl23_peek"}, {ERR_FUNC(SSL_F_SSL23_READ), "ssl23_read"}, {ERR_FUNC(SSL_F_SSL23_WRITE), "ssl23_write"}, -{ERR_FUNC(SSL_F_SSL2_ACCEPT), "ssl2_accept"}, -{ERR_FUNC(SSL_F_SSL2_CONNECT), "ssl2_connect"}, -{ERR_FUNC(SSL_F_SSL2_ENC_INIT), "ssl2_enc_init"}, -{ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL), "ssl2_generate_key_material"}, -{ERR_FUNC(SSL_F_SSL2_PEEK), "ssl2_peek"}, -{ERR_FUNC(SSL_F_SSL2_READ), "ssl2_read"}, -{ERR_FUNC(SSL_F_SSL2_READ_INTERNAL), "SSL2_READ_INTERNAL"}, -{ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE), "ssl2_set_certificate"}, -{ERR_FUNC(SSL_F_SSL2_WRITE), "ssl2_write"}, {ERR_FUNC(SSL_F_SSL3_ACCEPT), "ssl3_accept"}, {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"}, {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"}, @@ -252,8 +227,6 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT), "ssl_prepare_clienthello_tlsext"}, {ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT), "ssl_prepare_serverhello_tlsext"}, {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"}, -{ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"}, -{ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"}, {ERR_FUNC(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT), "SSL_SCAN_CLIENTHELLO_TLSEXT"}, {ERR_FUNC(SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT), "SSL_SCAN_SERVERHELLO_TLSEXT"}, {ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"}, @@ -300,7 +273,6 @@ static ERR_STRING_DATA SSL_str_functs[]= {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"}, {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "tls1_setup_key_block"}, {ERR_FUNC(SSL_F_TLS1_SET_SERVER_SIGALGS), "tls1_set_server_sigalgs"}, -{ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, {0,NULL} }; @@ -309,9 +281,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) ,"app data in handshake"}, {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),"attempt to reuse session in different context"}, {ERR_REASON(SSL_R_BAD_ALERT_RECORD) ,"bad alert record"}, -{ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE),"bad authentication type"}, {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC),"bad change cipher spec"}, -{ERR_REASON(SSL_R_BAD_CHECKSUM) ,"bad checksum"}, {ERR_REASON(SSL_R_BAD_DATA) ,"bad data"}, {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),"bad data returned by callback"}, {ERR_REASON(SSL_R_BAD_DECOMPRESSION) ,"bad decompression"}, @@ -326,13 +296,11 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH) ,"bad handshake length"}, {ERR_REASON(SSL_R_BAD_HELLO_REQUEST) ,"bad hello request"}, {ERR_REASON(SSL_R_BAD_LENGTH) ,"bad length"}, -{ERR_REASON(SSL_R_BAD_MAC_DECODE) ,"bad mac decode"}, {ERR_REASON(SSL_R_BAD_MAC_LENGTH) ,"bad mac length"}, {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE) ,"bad message type"}, {ERR_REASON(SSL_R_BAD_PACKET_LENGTH) ,"bad packet length"}, {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),"bad protocol version number"}, {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH),"bad psk identity hint length"}, -{ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT) ,"bad response argument"}, {ERR_REASON(SSL_R_BAD_RSA_DECRYPT) ,"bad rsa decrypt"}, {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT) ,"bad rsa encrypt"}, {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH) ,"bad rsa e length"}, @@ -348,8 +316,6 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE) ,"bad srtp mki value"}, {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),"bad srtp protection profile list"}, {ERR_REASON(SSL_R_BAD_SSL_FILETYPE) ,"bad ssl filetype"}, -{ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),"bad ssl session id length"}, -{ERR_REASON(SSL_R_BAD_STATE) ,"bad state"}, {ERR_REASON(SSL_R_BAD_VALUE) ,"bad value"}, {ERR_REASON(SSL_R_BAD_WRITE_RETRY) ,"bad write retry"}, {ERR_REASON(SSL_R_BIO_NOT_SET) ,"bio not set"}, @@ -363,17 +329,14 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),"certificate verify failed"}, {ERR_REASON(SSL_R_CERT_CB_ERROR) ,"cert cb error"}, {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH) ,"cert length mismatch"}, -{ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT),"challenge is different"}, {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH),"cipher code wrong length"}, {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),"cipher or hash unavailable"}, -{ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR),"cipher table src error"}, {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT) ,"clienthello tlsext"}, {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),"compressed length too long"}, {ERR_REASON(SSL_R_COMPRESSION_DISABLED) ,"compression disabled"}, {ERR_REASON(SSL_R_COMPRESSION_FAILURE) ,"compression failure"}, {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),"compression id not within private range"}, {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),"compression library error"}, -{ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT),"connection id is different"}, {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET),"connection type not set"}, {ERR_REASON(SSL_R_COOKIE_MISMATCH) ,"cookie mismatch"}, {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),"data between ccs and finished"}, @@ -402,11 +365,9 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),"got next proto without seeing extension"}, {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) ,"https proxy request"}, {ERR_REASON(SSL_R_HTTP_REQUEST) ,"http request"}, -{ERR_REASON(SSL_R_ILLEGAL_PADDING) ,"illegal padding"}, {ERR_REASON(SSL_R_ILLEGAL_SUITEB_DIGEST) ,"illegal Suite B digest"}, {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK),"inappropriate fallback"}, {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION),"inconsistent compression"}, -{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid challenge length"}, {ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid command"}, {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),"invalid compression algorithm"}, {ERR_REASON(SSL_R_INVALID_NULL_CMD_NAME) ,"invalid null cmd name"}, @@ -416,8 +377,6 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE),"invalid status response"}, {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),"invalid ticket keys length"}, {ERR_REASON(SSL_R_INVALID_TRUST) ,"invalid trust"}, -{ERR_REASON(SSL_R_KEY_ARG_TOO_LONG) ,"key arg too long"}, -{ERR_REASON(SSL_R_KEY_TOO_SMALL) ,"key too small"}, {ERR_REASON(SSL_R_KRB5) ,"krb5"}, {ERR_REASON(SSL_R_KRB5_C_CC_PRINC) ,"krb5 client cc principal (no tkt?)"}, {ERR_REASON(SSL_R_KRB5_C_GET_CRED) ,"krb5 client get cred"}, @@ -433,7 +392,6 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_LENGTH_TOO_SHORT) ,"length too short"}, {ERR_REASON(SSL_R_LIBRARY_BUG) ,"library bug"}, {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS),"library has no ciphers"}, -{ERR_REASON(SSL_R_MESSAGE_TOO_LONG) ,"message too long"}, {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT) ,"missing dh dsa cert"}, {ERR_REASON(SSL_R_MISSING_DH_KEY) ,"missing dh key"}, {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT) ,"missing dh rsa cert"}, @@ -452,16 +410,13 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY) ,"missing tmp rsa pkey"}, {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE),"missing verify message"}, {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS) ,"multiple sgc restarts"}, -{ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET),"non sslv2 initial packet"}, {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED),"no certificates returned"}, {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED),"no certificate assigned"}, {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED),"no certificate returned"}, {ERR_REASON(SSL_R_NO_CERTIFICATE_SET) ,"no certificate set"}, -{ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED),"no certificate specified"}, {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE) ,"no ciphers available"}, {ERR_REASON(SSL_R_NO_CIPHERS_PASSED) ,"no ciphers passed"}, {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) ,"no ciphers specified"}, -{ERR_REASON(SSL_R_NO_CIPHER_LIST) ,"no cipher list"}, {ERR_REASON(SSL_R_NO_CIPHER_MATCH) ,"no cipher match"}, {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD) ,"no client cert method"}, {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED),"no client cert received"}, @@ -469,10 +424,8 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),"Peer haven't sent GOST certificate, required for selected ciphersuite"}, {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) ,"no method specified"}, {ERR_REASON(SSL_R_NO_PEM_EXTENSIONS) ,"no pem extensions"}, -{ERR_REASON(SSL_R_NO_PRIVATEKEY) ,"no privatekey"}, {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED),"no private key assigned"}, {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE),"no protocols available"}, -{ERR_REASON(SSL_R_NO_PUBLICKEY) ,"no publickey"}, {ERR_REASON(SSL_R_NO_RENEGOTIATION) ,"no renegotiation"}, {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST) ,"digest requred for handshake isn't computed"}, {ERR_REASON(SSL_R_NO_SHARED_CIPHER) ,"no shared cipher"}, @@ -491,25 +444,15 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_PARSE_TLSEXT) ,"parse tlsext"}, {ERR_REASON(SSL_R_PATH_TOO_LONG) ,"path too long"}, {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),"peer did not return a certificate"}, -{ERR_REASON(SSL_R_PEER_ERROR) ,"peer error"}, -{ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE),"peer error certificate"}, -{ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),"peer error no certificate"}, -{ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER) ,"peer error no cipher"}, -{ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),"peer error unsupported certificate type"}, {ERR_REASON(SSL_R_PEM_NAME_BAD_PREFIX) ,"pem name bad prefix"}, {ERR_REASON(SSL_R_PEM_NAME_TOO_SHORT) ,"pem name too short"}, {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG),"pre mac length too long"}, -{ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),"problems mapping cipher functions"}, {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN) ,"protocol is shutdown"}, {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND),"psk identity not found"}, {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB) ,"psk no client cb"}, {ERR_REASON(SSL_R_PSK_NO_SERVER_CB) ,"psk no server cb"}, -{ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR),"public key encrypt error"}, -{ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA) ,"public key is not rsa"}, -{ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"}, {ERR_REASON(SSL_R_READ_BIO_NOT_SET) ,"read bio not set"}, {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED) ,"read timeout expired"}, -{ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE),"read wrong packet type"}, {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH),"record length mismatch"}, {ERR_REASON(SSL_R_RECORD_TOO_LARGE) ,"record too large"}, {ERR_REASON(SSL_R_RECORD_TOO_SMALL) ,"record too small"}, @@ -518,13 +461,9 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH),"renegotiation mismatch"}, {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING),"required cipher missing"}, {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),"required compresssion algorithm missing"}, -{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),"reuse cert length not zero"}, -{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO),"reuse cert type not zero"}, -{ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),"reuse cipher list not zero"}, {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),"scsv received when renegotiating"}, {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT) ,"serverhello tlsext"}, {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"}, -{ERR_REASON(SSL_R_SHORT_READ) ,"short read"}, {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),"signature algorithms error"}, {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),"signature for non signing certificate"}, {ERR_REASON(SSL_R_SRP_A_CALC) ,"error with the srp params"}, @@ -532,7 +471,6 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG),"srtp protection profile list too long"}, {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),"srtp unknown protection profile"}, {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),"ssl23 doing session id reuse"}, -{ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),"ssl2 connection id too long"}, {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),"ssl3 ext invalid ecpointformat"}, {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),"ssl3 ext invalid servername"}, {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),"ssl3 ext invalid servername type"}, @@ -557,7 +495,6 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT),"ssl session id conflict"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),"ssl session id context too long"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),"ssl session id has bad length"}, -{ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT),"ssl session id is different"}, {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED),"tlsv1 alert access denied"}, {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR),"tlsv1 alert decode error"}, {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),"tlsv1 alert decryption failed"}, @@ -586,12 +523,10 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),"tried to use unsupported cipher"}, {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),"unable to decode dh certs"}, {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),"unable to decode ecdh certs"}, -{ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY),"unable to extract public key"}, {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),"unable to find dh parameters"}, {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),"unable to find ecdh parameters"}, {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),"unable to find public key parameters"}, {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD),"unable to find ssl method"}, -{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES),"unable to load ssl2 md5 routines"}, {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),"unable to load ssl3 md5 routines"}, {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),"unable to load ssl3 sha1 routines"}, {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE) ,"unexpected message"}, @@ -619,12 +554,10 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE),"unsupported status type"}, {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED),"use srtp not negotiated"}, {ERR_REASON(SSL_R_VERSION_TOO_LOW) ,"version too low"}, -{ERR_REASON(SSL_R_WRITE_BIO_NOT_SET) ,"write bio not set"}, {ERR_REASON(SSL_R_WRONG_CERTIFICATE_TYPE),"wrong certificate type"}, {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) ,"wrong cipher returned"}, {ERR_REASON(SSL_R_WRONG_CURVE) ,"wrong curve"}, {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE) ,"wrong message type"}, -{ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS),"wrong number of key bits"}, {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE) ,"wrong signature size"}, {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE) ,"wrong signature type"}, diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index f45b6dd6d3..5543defa47 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -263,7 +263,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth) sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list), &(ctx->cipher_list_by_id), - meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST, ctx->cert); + SSL_DEFAULT_CIPHER_LIST, ctx->cert); if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); @@ -488,17 +488,6 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, r.ssl_version = ssl->version; r.session_id_length = id_len; memcpy(r.session_id, id, id_len); - /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a - * callback is calling us to check the uniqueness of a shorter ID, it - * must be compared as a padded-out ID because that is what it will be - * converted to when the callback has finished choosing it. */ - if((r.ssl_version == SSL2_VERSION) && - (id_len < SSL2_SSL_SESSION_ID_LENGTH)) - { - memset(r.session_id + id_len, 0, - SSL2_SSL_SESSION_ID_LENGTH - id_len); - r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH; - } CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r); @@ -1943,7 +1932,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) /* ret->cipher=NULL;*/ /* ret->s2->challenge=NULL; ret->master_key=NULL; - ret->key_arg=NULL; ret->s2->conn_id=NULL; */ ret->info_callback=NULL; @@ -1977,7 +1965,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) ssl_create_cipher_list(ret->method, &ret->cipher_list,&ret->cipher_list_by_id, - meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST, ret->cert); + SSL_DEFAULT_CIPHER_LIST, ret->cert); if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { @@ -1989,11 +1977,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) if (!ret->param) goto err; - if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL) - { - SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES); - goto err2; - } if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL) { SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); @@ -2780,17 +2763,9 @@ int SSL_get_error(const SSL *s,int i) if (i == 0) { - if (s->version == SSL2_VERSION) - { - /* assume it is the socket being closed */ + if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) && + (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY)) return(SSL_ERROR_ZERO_RETURN); - } - else - { - if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) && - (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY)) - return(SSL_ERROR_ZERO_RETURN); - } } return(SSL_ERROR_SYSCALL); } @@ -2874,8 +2849,6 @@ const char *SSL_get_version(const SSL *s) return("TLSv1"); else if (s->version == SSL3_VERSION) return("SSLv3"); - else if (s->version == SSL2_VERSION) - return("SSLv2"); else return("unknown"); } diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index ffbf75b10c..4e307e44c1 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -348,7 +348,6 @@ #define SSL_AEAD 0x00000040L /* Bits for algorithm_ssl (protocol version) */ -#define SSL_SSLV2 0x00000001L #define SSL_SSLV3 0x00000002L #define SSL_TLSV1 SSL_SSLV3 /* for now */ #define SSL_TLSV1_2 0x00000004L @@ -673,7 +672,7 @@ typedef struct cert_st typedef struct sess_cert_st { - STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */ + STACK_OF(X509) *cert_chain; /* as received from peer */ /* The 'peer_...' members are used only by clients. */ int peer_cert_type; @@ -803,7 +802,6 @@ typedef struct ssl3_buf_freelist_entry_st #endif extern SSL3_ENC_METHOD ssl3_undef_enc_method; -OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[]; OPENSSL_EXTERN const SSL_CIPHER ssl3_ciphers[]; @@ -928,43 +926,6 @@ const SSL_METHOD *func_name(void) \ return &func_name##_data; \ } -#define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \ -const SSL_METHOD *func_name(void) \ - { \ - static const SSL_METHOD func_name##_data= { \ - SSL2_VERSION, \ - ssl2_new, /* local */ \ - ssl2_clear, /* local */ \ - ssl2_free, /* local */ \ - s_accept, \ - s_connect, \ - ssl2_read, \ - ssl2_peek, \ - ssl2_write, \ - ssl2_shutdown, \ - ssl_ok, /* NULL - renegotiate */ \ - ssl_ok, /* NULL - check renegotiate */ \ - NULL, /* NULL - ssl_get_message */ \ - NULL, /* NULL - ssl_get_record */ \ - NULL, /* NULL - ssl_write_bytes */ \ - NULL, /* NULL - dispatch_alert */ \ - ssl2_ctrl, /* local */ \ - ssl2_ctx_ctrl, /* local */ \ - ssl2_get_cipher_by_char, \ - ssl2_put_cipher_by_char, \ - ssl2_pending, \ - ssl2_num_ciphers, \ - ssl2_get_cipher, \ - s_get_meth, \ - ssl2_default_timeout, \ - &ssl3_undef_enc_method, \ - ssl_undefined_void_function, \ - ssl2_callback_ctrl, /* local */ \ - ssl2_ctx_callback_ctrl, /* local */ \ - }; \ - return &func_name##_data; \ - } - #define IMPLEMENT_dtls1_meth_func(version, func_name, s_accept, s_connect, \ s_get_meth, enc_data) \ const SSL_METHOD *func_name(void) \ @@ -1078,35 +1039,6 @@ int ssl_verify_alarm_type(long type); void ssl_load_ciphers(void); int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len); -int ssl2_enc_init(SSL *s, int client); -int ssl2_generate_key_material(SSL *s); -int ssl2_enc(SSL *s,int send_data); -void ssl2_mac(SSL *s,unsigned char *mac,int send_data); -const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p); -int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); -int ssl2_part_read(SSL *s, unsigned long f, int i); -int ssl2_do_write(SSL *s); -int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data); -void ssl2_return_error(SSL *s,int reason); -void ssl2_write_error(SSL *s); -int ssl2_num_ciphers(void); -const SSL_CIPHER *ssl2_get_cipher(unsigned int u); -int ssl2_new(SSL *s); -void ssl2_free(SSL *s); -int ssl2_accept(SSL *s); -int ssl2_connect(SSL *s); -int ssl2_read(SSL *s, void *buf, int len); -int ssl2_peek(SSL *s, void *buf, int len); -int ssl2_write(SSL *s, const void *buf, int len); -int ssl2_shutdown(SSL *s); -void ssl2_clear(SSL *s); -long ssl2_ctrl(SSL *s,int cmd, long larg, void *parg); -long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg); -long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)(void)); -long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void)); -int ssl2_pending(const SSL *s); -long ssl2_default_timeout(void ); - const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p); int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); void ssl3_init_finished_mac(SSL *s); diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 3f9bad10a4..3bac2dbc69 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -236,13 +236,13 @@ unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s) return s->compress_meth; } -/* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1 - * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly +/* SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling + * the ID with random junk repeatedly * until we have no conflict is going to complete in one iteration pretty much * "most" of the time (btw: understatement). So, if it takes us 10 iterations * and we still can't avoid a conflict - well that's a reasonable point to call * it quits. Either the RAND code is broken or someone is trying to open roughly - * very close to 2^128 (or 2^256) SSL sessions to our server. How you might + * very close to 2^256 SSL sessions to our server. How you might * store that many sessions is perhaps a more interesting question ... */ #define MAX_SESS_ID_ATTEMPTS 10 @@ -293,12 +293,7 @@ int ssl_get_new_session(SSL *s, int session) if (session) { - if (s->version == SSL2_VERSION) - { - ss->ssl_version=SSL2_VERSION; - ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; - } - else if (s->version == SSL3_VERSION) + if (s->version == SSL3_VERSION) { ss->ssl_version=SSL3_VERSION; ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; @@ -388,11 +383,7 @@ int ssl_get_new_session(SSL *s, int session) SSL_SESSION_free(ss); return(0); } - /* If the session length was shrunk and we're SSLv2, pad it */ - if((tmp < ss->session_id_length) && (s->version == SSL2_VERSION)) - memset(ss->session_id + tmp, 0, ss->session_id_length - tmp); - else - ss->session_id_length = tmp; + ss->session_id_length = tmp; /* Finally, check for a conflict */ if(SSL_has_matching_session_id(s, ss->session_id, ss->session_id_length)) @@ -745,7 +736,6 @@ void SSL_SESSION_free(SSL_SESSION *ss) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); - OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg); OPENSSL_cleanse(ss->master_key,sizeof ss->master_key); OPENSSL_cleanse(ss->session_id,sizeof ss->session_id); if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c index c5a15ce548..ad44756a8f 100644 --- a/ssl/ssl_stat.c +++ b/ssl/ssl_stat.c @@ -100,46 +100,6 @@ case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break; case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break; case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break; case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break; -#ifndef OPENSSL_NO_SSL2 -case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break; -case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break; -case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break; -case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break; -case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break; -case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break; -case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break; -case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break; -case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break; -case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break; -case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break; -case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break; -case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break; -case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break; -case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break; -case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break; -case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break; -case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break; -case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break; -case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break; -case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break; -case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break; -case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break; -case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break; -case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break; -case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break; -case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break; -case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break; -case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break; -case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break; -#endif #ifndef OPENSSL_NO_SSL3 /* SSLv3 additions */ @@ -257,46 +217,6 @@ case SSL_ST_BEFORE: str="PINIT "; break; case SSL_ST_ACCEPT: str="AINIT "; break; case SSL_ST_CONNECT: str="CINIT "; break; case SSL_ST_OK: str="SSLOK "; break; -#ifndef OPENSSL_NO_SSL2 -case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break; -case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break; -case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break; -case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break; -case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break; -case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break; -case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break; -case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break; -case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break; -case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break; -case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break; -case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break; -case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break; -case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break; -case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break; -case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break; -case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break; -case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break; -case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break; -case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break; -case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break; -case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break; -case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break; -case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break; -case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break; -case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break; -case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break; -case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break; -case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break; -case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break; -#endif #ifndef OPENSSL_NO_SSL3 /* SSLv3 additions */ diff --git a/ssl/ssl_task.c b/ssl/ssl_task.c index b5ce44b47c..9c4982cb86 100644 --- a/ssl/ssl_task.c +++ b/ssl/ssl_task.c @@ -228,10 +228,7 @@ int main ( int argc, char **argv ) SSL_load_error_strings(); OpenSSL_add_all_algorithms(); -/* DRM, this was the original, but there is no such thing as SSLv2() - s_ctx=SSL_CTX_new(SSLv2()); -*/ - s_ctx=SSL_CTX_new(SSLv2_server_method()); + s_ctx=SSL_CTX_new(SSLv23_server_method()); if (s_ctx == NULL) goto end; diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c index 0ffdcb0ea2..b09fecad81 100644 --- a/ssl/ssl_txt.c +++ b/ssl/ssl_txt.c @@ -111,9 +111,7 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x) if (x == NULL) goto err; if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err; - if (x->ssl_version == SSL2_VERSION) - s="SSLv2"; - else if (x->ssl_version == SSL3_VERSION) + if (x->ssl_version == SSL3_VERSION) s="SSLv3"; else if (x->ssl_version == TLS1_2_VERSION) s="TLSv1.2"; @@ -165,16 +163,6 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x) { if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err; } - if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err; - if (x->key_arg_length == 0) - { - if (BIO_puts(bp,"None") <= 0) goto err; - } - else - for (i=0; i<x->key_arg_length; i++) - { - if (BIO_printf(bp,"%02X",x->key_arg[i]) <= 0) goto err; - } #ifndef OPENSSL_NO_KRB5 if (BIO_puts(bp,"\n Krb5 Principal: ") <= 0) goto err; if (x->krb5_client_princ_len == 0) diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 4f2f477a04..05f75aab12 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -773,9 +773,6 @@ static void sv_usage(void) fprintf(stderr," -srpuser user - SRP username to use\n"); fprintf(stderr," -srppass arg - password for 'user'\n"); #endif -#ifndef OPENSSL_NO_SSL2 - fprintf(stderr," -ssl2 - use SSLv2\n"); -#endif #ifndef OPENSSL_NO_SSL3_METHOD fprintf(stderr," -ssl3 - use SSLv3\n"); #endif @@ -981,7 +978,7 @@ int main(int argc, char *argv[]) int badop=0; int bio_pair=0; int force=0; - int tls1=0,ssl2=0,ssl3=0,ret=1; + int tls1=0,ssl3=0,ret=1; int client_auth=0; int server_auth=0,i; struct app_verify_arg app_verify_arg = @@ -1164,13 +1161,6 @@ int main(int argc, char *argv[]) tls1=1; } #endif - else if (strcmp(*argv,"-ssl2") == 0) - { -#ifdef OPENSSL_NO_SSL2 - no_protocol = 1; -#endif - ssl2 = 1; - } else if (strcmp(*argv,"-tls1") == 0) { #ifdef OPENSSL_NO_TLS1 @@ -1398,15 +1388,15 @@ bad: goto end; } - if (ssl2 + ssl3 + tls1 > 1) + if (ssl3 + tls1 > 1) { - fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should " + fprintf(stderr, "At most one of -ssl3, or -tls1 should " "be requested.\n"); EXIT(1); } /* - * Testing was requested for a compiled-out protocol (e.g. SSLv2). + * Testing was requested for a compiled-out protocol (e.g. SSLv3). * Ideally, we would error out, but the generic test wrapper can't know * when to expect failure. So we do nothing and return success. */ @@ -1418,11 +1408,11 @@ bad: goto end; } - if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force) + if (!ssl3 && !tls1 && number > 1 && !reuse && !force) { fprintf(stderr, "This case cannot work. Use -f to perform " "the test anyway (and\n-d to see what happens), " - "or add one of -ssl2, -ssl3, -tls1, -reuse\n" + "or add one of -ssl3, -tls1, -reuse\n" "to avoid protocol mismatch.\n"); EXIT(1); } @@ -1496,14 +1486,9 @@ bad: } #endif -/* At this point, ssl2/ssl3/tls1 is only set if the protocol is available. +/* At this point, ssl3/tls1 is only set if the protocol is available. * (Otherwise we exit early.) * However the compiler doesn't know this, so we ifdef. */ -#ifndef OPENSSL_NO_SSL2 - if (ssl2) - meth=SSLv2_method(); - else -#endif #ifndef OPENSSL_NO_SSL3 if (ssl3) meth=SSLv3_method(); @@ -2252,18 +2237,6 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { fprintf(stderr, "ERROR: got stuck\n"); - if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) - { - fprintf(stderr, "This can happen for SSL2 because " - "CLIENT-FINISHED and SERVER-VERIFY are written \n" - "concurrently ..."); - if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 - && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0) - { - fprintf(stderr, " ok.\n"); - goto end; - } - } fprintf(stderr, " ERROR.\n"); goto err; } @@ -3347,21 +3320,6 @@ static int do_test_cipherlist(void) const SSL_METHOD *meth; const SSL_CIPHER *ci, *tci = NULL; -#ifndef OPENSSL_NO_SSL2 - fprintf(stderr, "testing SSLv2 cipher list order: "); - meth = SSLv2_method(); - while ((ci = meth->get_cipher(i++)) != NULL) - { - if (tci != NULL) - if (ci->id >= tci->id) - { - fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); - return 0; - } - tci = ci; - } - fprintf(stderr, "ok\n"); -#endif #ifndef OPENSSL_NO_SSL3 fprintf(stderr, "testing SSLv3 cipher list order: "); meth = SSLv3_method(); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 47ff82b1e4..1358bfbd44 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -535,7 +535,6 @@ printf("which = %04X\nmac key=",which); } } - s->session->key_arg_length=0; #ifdef KSSL_DEBUG { int i; diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index 0799a7af51..36733c64df 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -106,7 +106,6 @@ static int do_ssl_trace_list(BIO *bio, int indent, /* Version number */ static ssl_trace_tbl ssl_version_tbl[] = { - {SSL2_VERSION, "SSL 2.0"}, {SSL3_VERSION, "SSL 3.0"}, {TLS1_VERSION, "TLS 1.0"}, {TLS1_1_VERSION, "TLS 1.1"}, @@ -1252,8 +1251,6 @@ static int ssl_print_heartbeat(BIO *bio, int indent, const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c) { - if (c->algorithm_ssl & SSL_SSLV2) - return NULL; return ssl_trace_str(c->id & 0xFFFF, ssl_ciphers_tbl); } diff --git a/test/Makefile b/test/Makefile index 7680fab1f9..948b99608b 100644 --- a/test/Makefile +++ b/test/Makefile @@ -934,11 +934,8 @@ jpaketest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h jpaketest.o: ../include/openssl/symhacks.h jpaketest.c -md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h -md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h -md2test.o: ../include/openssl/symhacks.h md2test.c +md2test.o: ../e_os.h ../include/openssl/e_os2.h +md2test.o: ../include/openssl/opensslconf.h md2test.c md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h md4test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h md4test.o: ../include/openssl/evp.h ../include/openssl/md4.h diff --git a/test/testsid.pem b/test/testsid.pem index 7ffd008f66..a90fb6ef12 100644 --- a/test/testsid.pem +++ b/test/testsid.pem @@ -1,12 +1,38 @@ -----BEGIN SSL SESSION PARAMETERS----- -MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV -bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw -ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz -YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG -A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk -LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G -CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD -TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI -hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L -CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0 +MIIGpAIBAQICAwMEAsAwBCABkpk0q01VEnPtcNWLtYg1xZJLreP0C1r4wPOakiLu +8AQwi0opOLa+Omt26PqbLUcmI1H7F/n7qRy6TaL9Lxf2/ZBUDgRG3aSuSejO+gki +F2U9oQYCBFR6XVaiBAICASyjggVjMIIFXzCCBEegAwIBAgIQNdDRF5hINFi7kAeK +0fP5FjANBgkqhkiG9w0BAQUFADBBMQswCQYDVQQGEwJGUjESMBAGA1UEChMJR0FO +REkgU0FTMR4wHAYDVQQDExVHYW5kaSBTdGFuZGFyZCBTU0wgQ0EwHhcNMTMxMjMx +MDAwMDAwWhcNMTQxMjMxMjM1OTU5WjBYMSEwHwYDVQQLExhEb21haW4gQ29udHJv +bCBWYWxpZGF0ZWQxGzAZBgNVBAsTEkdhbmRpIFN0YW5kYXJkIFNTTDEWMBQGA1UE +AxMNZGIuZGViaWFuLm9yZzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGB +AN/7DlZZKR5SELzF7rdn6LWxuebpVyFu1eXltzxi+Mig9cR0ZZD3hp0JcUresABO +zE66AuhGtcFus/J/88CGM2r39u3n5ac5O/4Ypp57997YJRV725dL4oX75Vpc4p8j +EI/LyIFteZN22ziv9zW7qCKKahnq1tuqDkV+84BEARpVdIaaWmn/KqsEgxeNKomy +OLvn96IVCTAF78rudPmJHfSCl++NFmg0yu7DPyuXf8YJfA6j8/kFueanK2B1y/ww +8MSbL3iAdgLwVtRJkwRYyKn8p5+ybwzX9L36GWgYs9OXUn8x494T5GjbGQVxUNt7 +qJnRtiUwYVoiOARrv1EI0Cq4ANXVaLDckc5y0a2PY3c4NWVlKGYbdxdQC1n6nH93 +mWDIr6vu7JX3CqDDr8FBlNVVtiBiv0q/eiVb9dzBzOntt3hA6GOJFAuwDDf7g7nq +Gq8qqcr7EIyVB8ytQ5XMgtLCpmJkLzIdRYfdsQMa7cAbl0THAwwXigcotFA0aYIP +BQIDAQABo4IBujCCAbYwHwYDVR0jBBgwFoAUtqj/oqgv0KbNS7Fo8+dQEDGneSEw +HQYDVR0OBBYEFDJGWXznCu/+qyFLCmUI4cmXy1DCMA4GA1UdDwEB/wQEAwIFoDAM +BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBgBgNV +HSAEWTBXMEsGCysGAQQBsjEBAgIaMDwwOgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cu +Z2FuZGkubmV0L2NvbnRyYWN0cy9mci9zc2wvY3BzL3BkZi8wCAYGZ4EMAQIBMDwG +A1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuZ2FuZGkubmV0L0dhbmRpU3RhbmRh +cmRTU0xDQS5jcmwwagYIKwYBBQUHAQEEXjBcMDcGCCsGAQUFBzAChitodHRwOi8v +Y3J0LmdhbmRpLm5ldC9HYW5kaVN0YW5kYXJkU1NMQ0EuY3J0MCEGCCsGAQUFBzAB +hhVodHRwOi8vb2NzcC5nYW5kaS5uZXQwKwYDVR0RBCQwIoINZGIuZGViaWFuLm9y +Z4IRd3d3LmRiLmRlYmlhbi5vcmcwDQYJKoZIhvcNAQEFBQADggEBAK+ix7EQNPgU +qDx46gAPifcm6b2FvXq+gtlB9h6UaDDO7fxDzmoU5V4WtdBM5uvIfOmpeNuCxPaj +18cUlj9PPjL3eK43UCVu6w5hN3p2/2BPvFjQRhtBcIcEWsMal1DCtS/vCBkQt1lS +gd4/xiMfK4cQYtwRu47gB0HuM2lecYHA42EC5hqupY/2tHo54AdyU46TxgUQcm0e +icLtYuTjIYQWdUgM92heDw8caey5GKL2/TmYM2iWy/csFLm4tJAwPMtvy1KWdJQE +iqYIuI9Lb4/xOyjSwVNLIJmbEzE6Sds9sjxqEcU4CconTVJazvHZtnBRV8GiRYKa +d/xgQ6J+/Z2kAgQAqQQCAgEsqoHDBIHAPGxCacLRMYb3hbL3lRqQIfH3xoufIwKn +zOAIyjxH7GPZpI87/e93AF1uw6eyy+aWJM6G/71E8Ln1iQtZjrGkGQCjEcIrUhEk +Bgg93A28zly2zu2aBwi2yT4bUcyHxE3P3Q4R8xkQxrdWSMfCjCy9HKUViOENKET6 +avKXF7lDT1iG/x8RtTHtFGYX4YcFVhdEqcqnZ7tw5sqkHG2D0gLzO2SETF9KPHCq +zAHQtw5r4Dgl+a+BGLczh6as4yIH+xH+ -----END SSL SESSION PARAMETERS----- diff --git a/test/testssl b/test/testssl index 3a63e5d1e5..9c790e3ab5 100644 --- a/test/testssl +++ b/test/testssl @@ -34,20 +34,6 @@ serverinfo="./serverinfo.pem" ############################################################################# -echo test sslv2 -$ssltest -ssl2 $extra || exit 1 - -echo test sslv2 with server authentication -$ssltest -ssl2 -server_auth $CA $extra || exit 1 - -if [ $dsa_cert = NO ]; then - echo test sslv2 with client authentication - $ssltest -ssl2 -client_auth $CA $extra || exit 1 - - echo test sslv2 with both client and server authentication - $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1 -fi - echo test sslv3 $ssltest -ssl3 $extra || exit 1 @@ -72,20 +58,6 @@ $ssltest -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication $ssltest -server_auth -client_auth $CA $extra || exit 1 -echo test sslv2 via BIO pair -$ssltest -bio_pair -ssl2 $extra || exit 1 - -echo test sslv2 with server authentication via BIO pair -$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1 - -if [ $dsa_cert = NO ]; then - echo test sslv2 with client authentication via BIO pair - $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1 - - echo test sslv2 with both client and server authentication via BIO pair - $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1 -fi - echo test sslv3 via BIO pair $ssltest -bio_pair -ssl3 $extra || exit 1 diff --git a/test/testssl.com b/test/testssl.com index f19edc4719..3782e352bb 100644 --- a/test/testssl.com +++ b/test/testssl.com @@ -49,25 +49,6 @@ $ endif $ $!########################################################################### $ -$ write sys$output "test sslv2" -$ 'ssltest' -ssl2 -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2 with server authentication" -$ 'ssltest' -ssl2 -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ if .not. dsa_cert -$ then -$ write sys$output "test sslv2 with client authentication" -$ 'ssltest' -ssl2 -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2 with both client and server authentication" -$ 'ssltest' -ssl2 -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ endif -$ $ write sys$output "test sslv3" $ 'ssltest' -ssl3 $ if $severity .ne. 1 then goto exit3 @@ -100,25 +81,6 @@ $ write sys$output "test sslv2/sslv3 with both client and server authentication" $ 'ssltest' -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 via BIO pair" -$ 'ssltest' -bio_pair -ssl2 -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2 with server authentication via BIO pair" -$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ if .not. dsa_cert -$ then -$ write sys$output "test sslv2 with client authentication via BIO pair" -$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2 with both client and server authentication via BIO pair" -$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ endif -$ $ write sys$output "test sslv3 via BIO pair" $ 'ssltest' -bio_pair -ssl3 $ if $severity .ne. 1 then goto exit3 diff --git a/util/bat.sh b/util/bat.sh index 4d9a8287d0..459cd9f7e3 100755 --- a/util/bat.sh +++ b/util/bat.sh @@ -94,7 +94,6 @@ sub var_add @a=grep(!/^e_.*_c$/,@a) if $no_cast; @a=grep(!/^e_rc4$/,@a) if $no_rc4; - @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2; @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3; @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock; diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 0fcadcbad8..e83ef7d37d 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -136,7 +136,7 @@ and [options] can be one of no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher no-bf no-cast no-aes no-camellia no-seed no-rsa no-dsa no-dh - Skip this public key cipher - no-ssl2 no-ssl3 - Skip this version of SSL + no-ssl3 - Skip this version of SSL just-ssl - remove all non-ssl keys/digest no-asm - No x86 asm no-krb5 - No KRB5 @@ -180,9 +180,6 @@ $no_mdc2=1 if ($no_des); $no_ssl3=1 if ($no_md5 || $no_sha); $no_ssl3=1 if ($no_rsa && $no_dh); -$no_ssl2=1 if ($no_md5); -$no_ssl2=1 if ($no_rsa); - $out_def="out"; $inc_def="outinc"; $tmp_def="tmp"; @@ -296,7 +293,6 @@ $cflags.=" -DOPENSSL_NO_DSA" if $no_dsa; $cflags.=" -DOPENSSL_NO_DH" if $no_dh; $cflags.=" -DOPENSSL_NO_WHIRLPOOL" if $no_whirlpool; $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock; -$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2; $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; $cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext; $cflags.=" -DOPENSSL_NO_SRP" if $no_srp; @@ -1107,7 +1103,6 @@ sub var_add @a=grep(!/^e_camellia$/,@a) if $no_camellia; @a=grep(!/^e_seed$/,@a) if $no_seed; - #@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2; #@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3; @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock; @@ -1430,7 +1425,6 @@ sub read_options "nw-nasm" => \$nw_nasm, "nw-mwasm" => \$nw_mwasm, "gaswin" => \$gaswin, - "no-ssl2" => \$no_ssl2, "no-ssl3" => \$no_ssl3, "no-ssl3-method" => 0, "no-tlsext" => \$no_tlsext, @@ -1451,7 +1445,7 @@ sub read_options "just-ssl" => [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast, \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh, - \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5, + \$no_err, \$no_ripemd, \$no_rc5, \$no_aes, \$no_camellia, \$no_seed, \$no_srp], "rsaref" => 0, "gcc" => \$gcc, diff --git a/util/mkdef.pl b/util/mkdef.pl index 460d56523a..651fa6acd5 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -106,8 +106,6 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CMS", # CryptoAPI Engine "CAPIENG", - # SSL v2 - "SSL2", # SSL v3 method "SSL3_METHOD", # JPAKE @@ -144,7 +142,7 @@ my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated; my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng; -my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc; +my $no_jpake; my $no_srp; my $no_ec2m; my $no_nistp_gcc; my $no_nextprotoneg; my $no_sctp; my $no_srtp; my $no_ssl_trace; my $no_unit_test; my $no_ssl3_method; @@ -240,7 +238,6 @@ foreach (@ARGV, split(/ /, $options)) elsif (/^no-ec2m$/) { $no_ec2m=1; } elsif (/^no-ec-nistp224-64-gcc-128$/) { $no_nistp_gcc=1; } elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; } - elsif (/^no-ssl2$/) { $no_ssl2=1; } elsif (/^no-ssl3-method$/) { $no_ssl3_method=1; } elsif (/^no-ssl-trace$/) { $no_ssl_trace=1; } elsif (/^no-capieng$/) { $no_capieng=1; } @@ -1212,7 +1209,6 @@ sub is_valid { return 0; } if ($keyword eq "EC2M" && $no_ec2m) { return 0; } if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; } - if ($keyword eq "SSL2" && $no_ssl2) { return 0; } if ($keyword eq "SSL3_METHOD" && $no_ssl3_method) { return 0; } if ($keyword eq "SSL_TRACE" && $no_ssl_trace) { return 0; } if ($keyword eq "CAPIENG" && $no_capieng) { return 0; } diff --git a/util/ssleay.num b/util/ssleay.num index a289559c20..53dbe6dabb 100755 --- a/util/ssleay.num +++ b/util/ssleay.num @@ -98,9 +98,9 @@ SSLeay_add_ssl_algorithms 109 NOEXIST::FUNCTION: SSLv23_client_method 110 EXIST::FUNCTION:RSA SSLv23_method 111 EXIST::FUNCTION:RSA SSLv23_server_method 112 EXIST::FUNCTION:RSA -SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2 -SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2 -SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2 +SSLv2_client_method 113 NOEXIST::FUNCTION: +SSLv2_method 114 NOEXIST::FUNCTION: +SSLv2_server_method 115 NOEXIST::FUNCTION: SSLv3_client_method 116 EXIST::FUNCTION:SSL3_METHOD SSLv3_method 117 EXIST::FUNCTION:SSL3_METHOD SSLv3_server_method 118 EXIST::FUNCTION:SSL3_METHOD |