crypto/openssl-0.9.7e/ssl/s3_lib.c

   1 /* ssl/s3_lib.c */
   2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58 /* ====================================================================
  59  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  60  *
  61  * Redistribution and use in source and binary forms, with or without
  62  * modification, are permitted provided that the following conditions
  63  * are met:
  64  *
  65  * 1. Redistributions of source code must retain the above copyright
  66  *    notice, this list of conditions and the following disclaimer.
  67  *
  68  * 2. Redistributions in binary form must reproduce the above copyright
  69  *    notice, this list of conditions and the following disclaimer in
  70  *    the documentation and/or other materials provided with the
  71  *    distribution.
  72  *
  73  * 3. All advertising materials mentioning features or use of this
  74  *    software must display the following acknowledgment:
  75  *    "This product includes software developed by the OpenSSL Project
  76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  77  *
  78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  79  *    endorse or promote products derived from this software without
  80  *    prior written permission. For written permission, please contact
  81  *    openssl-core@openssl.org.
  82  *
  83  * 5. Products derived from this software may not be called "OpenSSL"
  84  *    nor may "OpenSSL" appear in their names without prior written
  85  *    permission of the OpenSSL Project.
  86  *
  87  * 6. Redistributions of any form whatsoever must retain the following
  88  *    acknowledgment:
  89  *    "This product includes software developed by the OpenSSL Project
  90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  91  *
  92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 103  * OF THE POSSIBILITY OF SUCH DAMAGE.
 104  * ====================================================================
 105  *
 106  * This product includes cryptographic software written by Eric Young
 107  * (eay@cryptsoft.com).  This product includes software written by Tim
 108  * Hudson (tjh@cryptsoft.com).
 109  *
 110  */
 111
 112 #include <stdio.h>
 113 #include <openssl/objects.h>
 114 #include "ssl_locl.h"
 115 #include "kssl_lcl.h"
 116 #include <openssl/md5.h>
 117
 118 const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
 119
 120 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
 121
 122 static long ssl3_default_timeout(void );
 123
 124 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 125 /* The RSA ciphers */
 126 /* Cipher 01 */
 127         {
 128         1,
 129         SSL3_TXT_RSA_NULL_MD5,
 130         SSL3_CK_RSA_NULL_MD5,
 131         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
 132         SSL_NOT_EXP|SSL_STRONG_NONE,
 133         0,
 134         0,
 135         0,
 136         SSL_ALL_CIPHERS,
 137         SSL_ALL_STRENGTHS,
 138         },
 139 /* Cipher 02 */
 140         {
 141         1,
 142         SSL3_TXT_RSA_NULL_SHA,
 143         SSL3_CK_RSA_NULL_SHA,
 144         SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
 145         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
 146         0,
 147         0,
 148         0,
 149         SSL_ALL_CIPHERS,
 150         SSL_ALL_STRENGTHS,
 151         },
 152
 153 /* anon DH */
 154 /* Cipher 17 */
 155         {
 156         1,
 157         SSL3_TXT_ADH_RC4_40_MD5,
 158         SSL3_CK_ADH_RC4_40_MD5,
 159         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
 160         SSL_EXPORT|SSL_EXP40,
 161         0,
 162         40,
 163         128,
 164         SSL_ALL_CIPHERS,
 165         SSL_ALL_STRENGTHS,
 166         },
 167 /* Cipher 18 */
 168         {
 169         1,
 170         SSL3_TXT_ADH_RC4_128_MD5,
 171         SSL3_CK_ADH_RC4_128_MD5,
 172         SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
 173         SSL_NOT_EXP|SSL_MEDIUM,
 174         0,
 175         128,
 176         128,
 177         SSL_ALL_CIPHERS,
 178         SSL_ALL_STRENGTHS,
 179         },
 180 /* Cipher 19 */
 181         {
 182         1,
 183         SSL3_TXT_ADH_DES_40_CBC_SHA,
 184         SSL3_CK_ADH_DES_40_CBC_SHA,
 185         SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
 186         SSL_EXPORT|SSL_EXP40|SSL_FIPS,
 187         0,
 188         40,
 189         128,
 190         SSL_ALL_CIPHERS,
 191         SSL_ALL_STRENGTHS,
 192         },
 193 /* Cipher 1A */
 194         {
 195         1,
 196         SSL3_TXT_ADH_DES_64_CBC_SHA,
 197         SSL3_CK_ADH_DES_64_CBC_SHA,
 198         SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
 199         SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
 200         0,
 201         56,
 202         56,
 203         SSL_ALL_CIPHERS,
 204         SSL_ALL_STRENGTHS,
 205         },
 206 /* Cipher 1B */
 207         {
 208         1,
 209         SSL3_TXT_ADH_DES_192_CBC_SHA,
 210         SSL3_CK_ADH_DES_192_CBC_SHA,
 211         SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
 212         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 213         0,
 214         168,
 215         168,
 216         SSL_ALL_CIPHERS,
 217         SSL_ALL_STRENGTHS,
 218         },
 219
 220 /* RSA again */
 221 /* Cipher 03 */
 222         {
 223         1,
 224         SSL3_TXT_RSA_RC4_40_MD5,
 225         SSL3_CK_RSA_RC4_40_MD5,
 226         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
 227         SSL_EXPORT|SSL_EXP40,
 228         0,
 229         40,
 230         128,
 231         SSL_ALL_CIPHERS,
 232         SSL_ALL_STRENGTHS,
 233         },
 234 /* Cipher 04 */
 235         {
 236         1,
 237         SSL3_TXT_RSA_RC4_128_MD5,
 238         SSL3_CK_RSA_RC4_128_MD5,
 239         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
 240         SSL_NOT_EXP|SSL_MEDIUM,
 241         0,
 242         128,
 243         128,
 244         SSL_ALL_CIPHERS,
 245         SSL_ALL_STRENGTHS,
 246         },
 247 /* Cipher 05 */
 248         {
 249         1,
 250         SSL3_TXT_RSA_RC4_128_SHA,
 251         SSL3_CK_RSA_RC4_128_SHA,
 252         SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
 253         SSL_NOT_EXP|SSL_MEDIUM,
 254         0,
 255         128,
 256         128,
 257         SSL_ALL_CIPHERS,
 258         SSL_ALL_STRENGTHS,
 259         },
 260 /* Cipher 06 */
 261         {
 262         1,
 263         SSL3_TXT_RSA_RC2_40_MD5,
 264         SSL3_CK_RSA_RC2_40_MD5,
 265         SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
 266         SSL_EXPORT|SSL_EXP40,
 267         0,
 268         40,
 269         128,
 270         SSL_ALL_CIPHERS,
 271         SSL_ALL_STRENGTHS,
 272         },
 273 /* Cipher 07 */
 274 #ifndef OPENSSL_NO_IDEA
 275         {
 276         1,
 277         SSL3_TXT_RSA_IDEA_128_SHA,
 278         SSL3_CK_RSA_IDEA_128_SHA,
 279         SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
 280         SSL_NOT_EXP|SSL_MEDIUM,
 281         0,
 282         128,
 283         128,
 284         SSL_ALL_CIPHERS,
 285         SSL_ALL_STRENGTHS,
 286         },
 287 #endif
 288 /* Cipher 08 */
 289         {
 290         1,
 291         SSL3_TXT_RSA_DES_40_CBC_SHA,
 292         SSL3_CK_RSA_DES_40_CBC_SHA,
 293         SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
 294         SSL_EXPORT|SSL_EXP40|SSL_FIPS,
 295         0,
 296         40,
 297         56,
 298         SSL_ALL_CIPHERS,
 299         SSL_ALL_STRENGTHS,
 300         },
 301 /* Cipher 09 */
 302         {
 303         1,
 304         SSL3_TXT_RSA_DES_64_CBC_SHA,
 305         SSL3_CK_RSA_DES_64_CBC_SHA,
 306         SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
 307         SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
 308         0,
 309         56,
 310         56,
 311         SSL_ALL_CIPHERS,
 312         SSL_ALL_STRENGTHS,
 313         },
 314 /* Cipher 0A */
 315         {
 316         1,
 317         SSL3_TXT_RSA_DES_192_CBC3_SHA,
 318         SSL3_CK_RSA_DES_192_CBC3_SHA,
 319         SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
 320         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 321         0,
 322         168,
 323         168,
 324         SSL_ALL_CIPHERS,
 325         SSL_ALL_STRENGTHS,
 326         },
 327
 328 /*  The DH ciphers */
 329 /* Cipher 0B */
 330         {
 331         0,
 332         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
 333         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
 334         SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
 335         SSL_EXPORT|SSL_EXP40|SSL_FIPS,
 336         0,
 337         40,
 338         56,
 339         SSL_ALL_CIPHERS,
 340         SSL_ALL_STRENGTHS,
 341         },
 342 /* Cipher 0C */
 343         {
 344         0,
 345         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
 346         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
 347         SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
 348         SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
 349         0,
 350         56,
 351         56,
 352         SSL_ALL_CIPHERS,
 353         SSL_ALL_STRENGTHS,
 354         },
 355 /* Cipher 0D */
 356         {
 357         0,
 358         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
 359         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
 360         SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
 361         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 362         0,
 363         168,
 364         168,
 365         SSL_ALL_CIPHERS,
 366         SSL_ALL_STRENGTHS,
 367         },
 368 /* Cipher 0E */
 369         {
 370         0,
 371         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
 372         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
 373         SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
 374         SSL_EXPORT|SSL_EXP40|SSL_FIPS,
 375         0,
 376         40,
 377         56,
 378         SSL_ALL_CIPHERS,
 379         SSL_ALL_STRENGTHS,
 380         },
 381 /* Cipher 0F */
 382         {
 383         0,
 384         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
 385         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
 386         SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
 387         SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
 388         0,
 389         56,
 390         56,
 391         SSL_ALL_CIPHERS,
 392         SSL_ALL_STRENGTHS,
 393         },
 394 /* Cipher 10 */
 395         {
 396         0,
 397         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
 398         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
 399         SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
 400         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 401         0,
 402         168,
 403         168,
 404         SSL_ALL_CIPHERS,
 405         SSL_ALL_STRENGTHS,
 406         },
 407
 408 /* The Ephemeral DH ciphers */
 409 /* Cipher 11 */
 410         {
 411         1,
 412         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
 413         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
 414         SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
 415         SSL_EXPORT|SSL_EXP40|SSL_FIPS,
 416         0,
 417         40,
 418         56,
 419         SSL_ALL_CIPHERS,
 420         SSL_ALL_STRENGTHS,
 421         },
 422 /* Cipher 12 */
 423         {
 424         1,
 425         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
 426         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
 427         SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
 428         SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
 429         0,
 430         56,
 431         56,
 432         SSL_ALL_CIPHERS,
 433         SSL_ALL_STRENGTHS,
 434         },
 435 /* Cipher 13 */
 436         {
 437         1,
 438         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
 439         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
 440         SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
 441         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 442         0,
 443         168,
 444         168,
 445         SSL_ALL_CIPHERS,
 446         SSL_ALL_STRENGTHS,
 447         },
 448 /* Cipher 14 */
 449         {
 450         1,
 451         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
 452         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
 453         SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
 454         SSL_EXPORT|SSL_EXP40|SSL_FIPS,
 455         0,
 456         40,
 457         56,
 458         SSL_ALL_CIPHERS,
 459         SSL_ALL_STRENGTHS,
 460         },
 461 /* Cipher 15 */
 462         {
 463         1,
 464         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
 465         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
 466         SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
 467         SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
 468         0,
 469         56,
 470         56,
 471         SSL_ALL_CIPHERS,
 472         SSL_ALL_STRENGTHS,
 473         },
 474 /* Cipher 16 */
 475         {
 476         1,
 477         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
 478         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
 479         SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
 480         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 481         0,
 482         168,
 483         168,
 484         SSL_ALL_CIPHERS,
 485         SSL_ALL_STRENGTHS,
 486         },
 487
 488 /* Fortezza */
 489 /* Cipher 1C */
 490         {
 491         0,
 492         SSL3_TXT_FZA_DMS_NULL_SHA,
 493         SSL3_CK_FZA_DMS_NULL_SHA,
 494         SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
 495         SSL_NOT_EXP|SSL_STRONG_NONE,
 496         0,
 497         0,
 498         0,
 499         SSL_ALL_CIPHERS,
 500         SSL_ALL_STRENGTHS,
 501         },
 502
 503 /* Cipher 1D */
 504         {
 505         0,
 506         SSL3_TXT_FZA_DMS_FZA_SHA,
 507         SSL3_CK_FZA_DMS_FZA_SHA,
 508         SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
 509         SSL_NOT_EXP|SSL_STRONG_NONE,
 510         0,
 511         0,
 512         0,
 513         SSL_ALL_CIPHERS,
 514         SSL_ALL_STRENGTHS,
 515         },
 516
 517 #if 0
 518 /* Cipher 1E */
 519         {
 520         0,
 521         SSL3_TXT_FZA_DMS_RC4_SHA,
 522         SSL3_CK_FZA_DMS_RC4_SHA,
 523         SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
 524         SSL_NOT_EXP|SSL_MEDIUM,
 525         0,
 526         128,
 527         128,
 528         SSL_ALL_CIPHERS,
 529         SSL_ALL_STRENGTHS,
 530         },
 531 #endif
 532
 533 #ifndef OPENSSL_NO_KRB5
 534 /* The Kerberos ciphers
 535 ** 20000107 VRS: And the first shall be last,
 536 ** in hopes of avoiding the lynx ssl renegotiation problem.
 537 */
 538 /* Cipher 1E VRS */
 539         {
 540         1,
 541         SSL3_TXT_KRB5_DES_64_CBC_SHA,
 542         SSL3_CK_KRB5_DES_64_CBC_SHA,
 543         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
 544         SSL_NOT_EXP|SSL_LOW,
 545         0,
 546         56,
 547         56,
 548         SSL_ALL_CIPHERS,
 549         SSL_ALL_STRENGTHS,
 550         },
 551
 552 /* Cipher 1F VRS */
 553         {
 554         1,
 555         SSL3_TXT_KRB5_DES_192_CBC3_SHA,
 556         SSL3_CK_KRB5_DES_192_CBC3_SHA,
 557         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
 558         SSL_NOT_EXP|SSL_HIGH,
 559         0,
 560         112,
 561         168,
 562         SSL_ALL_CIPHERS,
 563         SSL_ALL_STRENGTHS,
 564         },
 565
 566 /* Cipher 20 VRS */
 567         {
 568         1,
 569         SSL3_TXT_KRB5_RC4_128_SHA,
 570         SSL3_CK_KRB5_RC4_128_SHA,
 571         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1  |SSL_SSLV3,
 572         SSL_NOT_EXP|SSL_MEDIUM,
 573         0,
 574         128,
 575         128,
 576         SSL_ALL_CIPHERS,
 577         SSL_ALL_STRENGTHS,
 578         },
 579
 580 /* Cipher 21 VRS */
 581         {
 582         1,
 583         SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
 584         SSL3_CK_KRB5_IDEA_128_CBC_SHA,
 585         SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_SHA1  |SSL_SSLV3,
 586         SSL_NOT_EXP|SSL_MEDIUM,
 587         0,
 588         128,
 589         128,
 590         SSL_ALL_CIPHERS,
 591         SSL_ALL_STRENGTHS,
 592         },
 593
 594 /* Cipher 22 VRS */
 595         {
 596         1,
 597         SSL3_TXT_KRB5_DES_64_CBC_MD5,
 598         SSL3_CK_KRB5_DES_64_CBC_MD5,
 599         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
 600         SSL_NOT_EXP|SSL_LOW,
 601         0,
 602         56,
 603         56,
 604         SSL_ALL_CIPHERS,
 605         SSL_ALL_STRENGTHS,
 606         },
 607
 608 /* Cipher 23 VRS */
 609         {
 610         1,
 611         SSL3_TXT_KRB5_DES_192_CBC3_MD5,
 612         SSL3_CK_KRB5_DES_192_CBC3_MD5,
 613         SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
 614         SSL_NOT_EXP|SSL_HIGH,
 615         0,
 616         112,
 617         168,
 618         SSL_ALL_CIPHERS,
 619         SSL_ALL_STRENGTHS,
 620         },
 621
 622 /* Cipher 24 VRS */
 623         {
 624         1,
 625         SSL3_TXT_KRB5_RC4_128_MD5,
 626         SSL3_CK_KRB5_RC4_128_MD5,
 627         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5  |SSL_SSLV3,
 628         SSL_NOT_EXP|SSL_MEDIUM,
 629         0,
 630         128,
 631         128,
 632         SSL_ALL_CIPHERS,
 633         SSL_ALL_STRENGTHS,
 634         },
 635
 636 /* Cipher 25 VRS */
 637         {
 638         1,
 639         SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
 640         SSL3_CK_KRB5_IDEA_128_CBC_MD5,
 641         SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_MD5  |SSL_SSLV3,
 642         SSL_NOT_EXP|SSL_MEDIUM,
 643         0,
 644         128,
 645         128,
 646         SSL_ALL_CIPHERS,
 647         SSL_ALL_STRENGTHS,
 648         },
 649
 650 /* Cipher 26 VRS */
 651         {
 652         1,
 653         SSL3_TXT_KRB5_DES_40_CBC_SHA,
 654         SSL3_CK_KRB5_DES_40_CBC_SHA,
 655         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
 656         SSL_EXPORT|SSL_EXP40,
 657         0,
 658         40,
 659         56,
 660         SSL_ALL_CIPHERS,
 661         SSL_ALL_STRENGTHS,
 662         },
 663
 664 /* Cipher 27 VRS */
 665         {
 666         1,
 667         SSL3_TXT_KRB5_RC2_40_CBC_SHA,
 668         SSL3_CK_KRB5_RC2_40_CBC_SHA,
 669         SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_SHA1   |SSL_SSLV3,
 670         SSL_EXPORT|SSL_EXP40,
 671         0,
 672         40,
 673         128,
 674         SSL_ALL_CIPHERS,
 675         SSL_ALL_STRENGTHS,
 676         },
 677
 678 /* Cipher 28 VRS */
 679         {
 680         1,
 681         SSL3_TXT_KRB5_RC4_40_SHA,
 682         SSL3_CK_KRB5_RC4_40_SHA,
 683         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1   |SSL_SSLV3,
 684         SSL_EXPORT|SSL_EXP40,
 685         0,
 686         128,
 687         128,
 688         SSL_ALL_CIPHERS,
 689         SSL_ALL_STRENGTHS,
 690         },
 691
 692 /* Cipher 29 VRS */
 693         {
 694         1,
 695         SSL3_TXT_KRB5_DES_40_CBC_MD5,
 696         SSL3_CK_KRB5_DES_40_CBC_MD5,
 697         SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
 698         SSL_EXPORT|SSL_EXP40,
 699         0,
 700         40,
 701         56,
 702         SSL_ALL_CIPHERS,
 703         SSL_ALL_STRENGTHS,
 704         },
 705
 706 /* Cipher 2A VRS */
 707         {
 708         1,
 709         SSL3_TXT_KRB5_RC2_40_CBC_MD5,
 710         SSL3_CK_KRB5_RC2_40_CBC_MD5,
 711         SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_MD5    |SSL_SSLV3,
 712         SSL_EXPORT|SSL_EXP40,
 713         0,
 714         40,
 715         128,
 716         SSL_ALL_CIPHERS,
 717         SSL_ALL_STRENGTHS,
 718         },
 719
 720 /* Cipher 2B VRS */
 721         {
 722         1,
 723         SSL3_TXT_KRB5_RC4_40_MD5,
 724         SSL3_CK_KRB5_RC4_40_MD5,
 725         SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5    |SSL_SSLV3,
 726         SSL_EXPORT|SSL_EXP40,
 727         0,
 728         128,
 729         128,
 730         SSL_ALL_CIPHERS,
 731         SSL_ALL_STRENGTHS,
 732         },
 733 #endif  /* OPENSSL_NO_KRB5 */
 734
 735
 736 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
 737         /* New TLS Export CipherSuites */
 738         /* Cipher 60 */
 739             {
 740             1,
 741             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
 742             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
 743             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
 744             SSL_EXPORT|SSL_EXP56,
 745             0,
 746             56,
 747             128,
 748             SSL_ALL_CIPHERS,
 749             SSL_ALL_STRENGTHS,
 750             },
 751         /* Cipher 61 */
 752             {
 753             1,
 754             TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
 755             TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
 756             SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
 757             SSL_EXPORT|SSL_EXP56,
 758             0,
 759             56,
 760             128,
 761             SSL_ALL_CIPHERS,
 762             SSL_ALL_STRENGTHS,
 763             },
 764         /* Cipher 62 */
 765             {
 766             1,
 767             TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
 768             TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
 769             SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
 770             SSL_EXPORT|SSL_EXP56|SSL_FIPS,
 771             0,
 772             56,
 773             56,
 774             SSL_ALL_CIPHERS,
 775             SSL_ALL_STRENGTHS,
 776             },
 777         /* Cipher 63 */
 778             {
 779             1,
 780             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
 781             TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
 782             SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
 783             SSL_EXPORT|SSL_EXP56|SSL_FIPS,
 784             0,
 785             56,
 786             56,
 787             SSL_ALL_CIPHERS,
 788             SSL_ALL_STRENGTHS,
 789             },
 790         /* Cipher 64 */
 791             {
 792             1,
 793             TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
 794             TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
 795             SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
 796             SSL_EXPORT|SSL_EXP56,
 797             0,
 798             56,
 799             128,
 800             SSL_ALL_CIPHERS,
 801             SSL_ALL_STRENGTHS,
 802             },
 803         /* Cipher 65 */
 804             {
 805             1,
 806             TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
 807             TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
 808             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
 809             SSL_EXPORT|SSL_EXP56,
 810             0,
 811             56,
 812             128,
 813             SSL_ALL_CIPHERS,
 814             SSL_ALL_STRENGTHS,
 815             },
 816         /* Cipher 66 */
 817             {
 818             1,
 819             TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
 820             TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
 821             SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
 822             SSL_NOT_EXP|SSL_MEDIUM,
 823             0,
 824             128,
 825             128,
 826             SSL_ALL_CIPHERS,
 827             SSL_ALL_STRENGTHS
 828             },
 829 #endif
 830         /* New AES ciphersuites */
 831
 832         /* Cipher 2F */
 833             {
 834             1,
 835             TLS1_TXT_RSA_WITH_AES_128_SHA,
 836             TLS1_CK_RSA_WITH_AES_128_SHA,
 837             SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
 838             SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
 839             0,
 840             128,
 841             128,
 842             SSL_ALL_CIPHERS,
 843             SSL_ALL_STRENGTHS,
 844             },
 845         /* Cipher 30 */
 846             {
 847             0,
 848             TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
 849             TLS1_CK_DH_DSS_WITH_AES_128_SHA,
 850             SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
 851             SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
 852             0,
 853             128,
 854             128,
 855             SSL_ALL_CIPHERS,
 856             SSL_ALL_STRENGTHS,
 857             },
 858         /* Cipher 31 */
 859             {
 860             0,
 861             TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
 862             TLS1_CK_DH_RSA_WITH_AES_128_SHA,
 863             SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
 864             SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
 865             0,
 866             128,
 867             128,
 868             SSL_ALL_CIPHERS,
 869             SSL_ALL_STRENGTHS,
 870             },
 871         /* Cipher 32 */
 872             {
 873             1,
 874             TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
 875             TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
 876             SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
 877             SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
 878             0,
 879             128,
 880             128,
 881             SSL_ALL_CIPHERS,
 882             SSL_ALL_STRENGTHS,
 883             },
 884         /* Cipher 33 */
 885             {
 886             1,
 887             TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
 888             TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
 889             SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
 890             SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
 891             0,
 892             128,
 893             128,
 894             SSL_ALL_CIPHERS,
 895             SSL_ALL_STRENGTHS,
 896             },
 897         /* Cipher 34 */
 898             {
 899             1,
 900             TLS1_TXT_ADH_WITH_AES_128_SHA,
 901             TLS1_CK_ADH_WITH_AES_128_SHA,
 902             SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
 903             SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
 904             0,
 905             128,
 906             128,
 907             SSL_ALL_CIPHERS,
 908             SSL_ALL_STRENGTHS,
 909             },
 910
 911         /* Cipher 35 */
 912             {
 913             1,
 914             TLS1_TXT_RSA_WITH_AES_256_SHA,
 915             TLS1_CK_RSA_WITH_AES_256_SHA,
 916             SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
 917             SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 918             0,
 919             256,
 920             256,
 921             SSL_ALL_CIPHERS,
 922             SSL_ALL_STRENGTHS,
 923             },
 924         /* Cipher 36 */
 925             {
 926             0,
 927             TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
 928             TLS1_CK_DH_DSS_WITH_AES_256_SHA,
 929             SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
 930             SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 931             0,
 932             256,
 933             256,
 934             SSL_ALL_CIPHERS,
 935             SSL_ALL_STRENGTHS,
 936             },
 937         /* Cipher 37 */
 938             {
 939             0,
 940             TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
 941             TLS1_CK_DH_RSA_WITH_AES_256_SHA,
 942             SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
 943             SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 944             0,
 945             256,
 946             256,
 947             SSL_ALL_CIPHERS,
 948             SSL_ALL_STRENGTHS,
 949             },
 950         /* Cipher 38 */
 951             {
 952             1,
 953             TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
 954             TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
 955             SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
 956             SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 957             0,
 958             256,
 959             256,
 960             SSL_ALL_CIPHERS,
 961             SSL_ALL_STRENGTHS,
 962             },
 963         /* Cipher 39 */
 964             {
 965             1,
 966             TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
 967             TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
 968             SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
 969             SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 970             0,
 971             256,
 972             256,
 973             SSL_ALL_CIPHERS,
 974             SSL_ALL_STRENGTHS,
 975             },
 976         /* Cipher 3A */
 977             {
 978             1,
 979             TLS1_TXT_ADH_WITH_AES_256_SHA,
 980             TLS1_CK_ADH_WITH_AES_256_SHA,
 981             SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
 982             SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 983             0,
 984             256,
 985             256,
 986             SSL_ALL_CIPHERS,
 987             SSL_ALL_STRENGTHS,
 988             },
 989
 990 /* end of list */
 991         };
 992
 993 static SSL3_ENC_METHOD SSLv3_enc_data={
 994         ssl3_enc,
 995         ssl3_mac,
 996         ssl3_setup_key_block,
 997         ssl3_generate_master_secret,
 998         ssl3_change_cipher_state,
 999         ssl3_final_finish_mac,
1000         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
1001         ssl3_cert_verify_mac,
1002         SSL3_MD_CLIENT_FINISHED_CONST,4,
1003         SSL3_MD_SERVER_FINISHED_CONST,4,
1004         ssl3_alert_code,
1005         };
1006
1007 static SSL_METHOD SSLv3_data= {
1008         SSL3_VERSION,
1009         ssl3_new,
1010         ssl3_clear,
1011         ssl3_free,
1012         ssl_undefined_function,
1013         ssl_undefined_function,
1014         ssl3_read,
1015         ssl3_peek,
1016         ssl3_write,
1017         ssl3_shutdown,
1018         ssl3_renegotiate,
1019         ssl3_renegotiate_check,
1020         ssl3_ctrl,
1021         ssl3_ctx_ctrl,
1022         ssl3_get_cipher_by_char,
1023         ssl3_put_cipher_by_char,
1024         ssl3_pending,
1025         ssl3_num_ciphers,
1026         ssl3_get_cipher,
1027         ssl_bad_method,
1028         ssl3_default_timeout,
1029         &SSLv3_enc_data,
1030         ssl_undefined_function,
1031         ssl3_callback_ctrl,
1032         ssl3_ctx_callback_ctrl,
1033         };
1034
1035 static long ssl3_default_timeout(void)
1036         {
1037         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
1038          * is way too long for http, the cache would over fill */
1039         return(60*60*2);
1040         }
1041
1042 SSL_METHOD *sslv3_base_method(void)
1043         {
1044         return(&SSLv3_data);
1045         }
1046
1047 int ssl3_num_ciphers(void)
1048         {
1049         return(SSL3_NUM_CIPHERS);
1050         }
1051
1052 SSL_CIPHER *ssl3_get_cipher(unsigned int u)
1053         {
1054         if (u < SSL3_NUM_CIPHERS)
1055                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
1056         else
1057                 return(NULL);
1058         }
1059
1060 int ssl3_pending(SSL *s)
1061         {
1062         if (s->rstate == SSL_ST_READ_BODY)
1063                 return 0;
1064
1065         return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
1066         }
1067
1068 int ssl3_new(SSL *s)
1069         {
1070         SSL3_STATE *s3;
1071
1072         if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
1073         memset(s3,0,sizeof *s3);
1074         EVP_MD_CTX_init(&s3->finish_dgst1);
1075         EVP_MD_CTX_init(&s3->finish_dgst2);
1076
1077         s->s3=s3;
1078
1079         s->method->ssl_clear(s);
1080         return(1);
1081 err:
1082         return(0);
1083         }
1084
1085 void ssl3_free(SSL *s)
1086         {
1087         if(s == NULL)
1088             return;
1089
1090         ssl3_cleanup_key_block(s);
1091         if (s->s3->rbuf.buf != NULL)
1092                 OPENSSL_free(s->s3->rbuf.buf);
1093         if (s->s3->wbuf.buf != NULL)
1094                 OPENSSL_free(s->s3->wbuf.buf);
1095         if (s->s3->rrec.comp != NULL)
1096                 OPENSSL_free(s->s3->rrec.comp);
1097 #ifndef OPENSSL_NO_DH
1098         if (s->s3->tmp.dh != NULL)
1099                 DH_free(s->s3->tmp.dh);
1100 #endif
1101         if (s->s3->tmp.ca_names != NULL)
1102                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1103         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1104         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1105         OPENSSL_cleanse(s->s3,sizeof *s->s3);
1106         OPENSSL_free(s->s3);
1107         s->s3=NULL;
1108         }
1109
1110 void ssl3_clear(SSL *s)
1111         {
1112         unsigned char *rp,*wp;
1113         size_t rlen, wlen;
1114
1115         ssl3_cleanup_key_block(s);
1116         if (s->s3->tmp.ca_names != NULL)
1117                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1118
1119         if (s->s3->rrec.comp != NULL)
1120                 {
1121                 OPENSSL_free(s->s3->rrec.comp);
1122                 s->s3->rrec.comp=NULL;
1123                 }
1124 #ifndef OPENSSL_NO_DH
1125         if (s->s3->tmp.dh != NULL)
1126                 DH_free(s->s3->tmp.dh);
1127 #endif
1128
1129         rp = s->s3->rbuf.buf;
1130         wp = s->s3->wbuf.buf;
1131         rlen = s->s3->rbuf.len;
1132         wlen = s->s3->wbuf.len;
1133
1134         EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1135         EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1136
1137         memset(s->s3,0,sizeof *s->s3);
1138         s->s3->rbuf.buf = rp;
1139         s->s3->wbuf.buf = wp;
1140         s->s3->rbuf.len = rlen;
1141         s->s3->wbuf.len = wlen;
1142
1143         ssl_free_wbio_buffer(s);
1144
1145         s->packet_length=0;
1146         s->s3->renegotiate=0;
1147         s->s3->total_renegotiations=0;
1148         s->s3->num_renegotiations=0;
1149         s->s3->in_read_app_data=0;
1150         s->version=SSL3_VERSION;
1151         }
1152
1153 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1154         {
1155         int ret=0;
1156
1157 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1158         if (
1159 #ifndef OPENSSL_NO_RSA
1160             cmd == SSL_CTRL_SET_TMP_RSA ||
1161             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1162 #endif
1163 #ifndef OPENSSL_NO_DSA
1164             cmd == SSL_CTRL_SET_TMP_DH ||
1165             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1166 #endif
1167                 0)
1168                 {
1169                 if (!ssl_cert_inst(&s->cert))
1170                         {
1171                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
1172                         return(0);
1173                         }
1174                 }
1175 #endif
1176
1177         switch (cmd)
1178                 {
1179         case SSL_CTRL_GET_SESSION_REUSED:
1180                 ret=s->hit;
1181                 break;
1182         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
1183                 break;
1184         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
1185                 ret=s->s3->num_renegotiations;
1186                 break;
1187         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
1188                 ret=s->s3->num_renegotiations;
1189                 s->s3->num_renegotiations=0;
1190                 break;
1191         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
1192                 ret=s->s3->total_renegotiations;
1193                 break;
1194         case SSL_CTRL_GET_FLAGS:
1195                 ret=(int)(s->s3->flags);
1196                 break;
1197 #ifndef OPENSSL_NO_RSA
1198         case SSL_CTRL_NEED_TMP_RSA:
1199                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
1200                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1201                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
1202                         ret = 1;
1203                 break;
1204         case SSL_CTRL_SET_TMP_RSA:
1205                 {
1206                         RSA *rsa = (RSA *)parg;
1207                         if (rsa == NULL)
1208                                 {
1209                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1210                                 return(ret);
1211                                 }
1212                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
1213                                 {
1214                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
1215                                 return(ret);
1216                                 }
1217                         if (s->cert->rsa_tmp != NULL)
1218                                 RSA_free(s->cert->rsa_tmp);
1219                         s->cert->rsa_tmp = rsa;
1220                         ret = 1;
1221                 }
1222                 break;
1223         case SSL_CTRL_SET_TMP_RSA_CB:
1224                 {
1225                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1226                 return(ret);
1227                 }
1228                 break;
1229 #endif
1230 #ifndef OPENSSL_NO_DH
1231         case SSL_CTRL_SET_TMP_DH:
1232                 {
1233                         DH *dh = (DH *)parg;
1234                         if (dh == NULL)
1235                                 {
1236                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1237                                 return(ret);
1238                                 }
1239                         if ((dh = DHparams_dup(dh)) == NULL)
1240                                 {
1241                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1242                                 return(ret);
1243                                 }
1244                         if (!(s->options & SSL_OP_SINGLE_DH_USE))
1245                                 {
1246                                 if (!DH_generate_key(dh))
1247                                         {
1248                                         DH_free(dh);
1249                                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1250                                         return(ret);
1251                                         }
1252                                 }
1253                         if (s->cert->dh_tmp != NULL)
1254                                 DH_free(s->cert->dh_tmp);
1255                         s->cert->dh_tmp = dh;
1256                         ret = 1;
1257                 }
1258                 break;
1259         case SSL_CTRL_SET_TMP_DH_CB:
1260                 {
1261                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1262                 return(ret);
1263                 }
1264                 break;
1265 #endif
1266         default:
1267                 break;
1268                 }
1269         return(ret);
1270         }
1271
1272 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
1273         {
1274         int ret=0;
1275
1276 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1277         if (
1278 #ifndef OPENSSL_NO_RSA
1279             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1280 #endif
1281 #ifndef OPENSSL_NO_DSA
1282             cmd == SSL_CTRL_SET_TMP_DH_CB ||
1283 #endif
1284                 0)
1285                 {
1286                 if (!ssl_cert_inst(&s->cert))
1287                         {
1288                         SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
1289                         return(0);
1290                         }
1291                 }
1292 #endif
1293
1294         switch (cmd)
1295                 {
1296 #ifndef OPENSSL_NO_RSA
1297         case SSL_CTRL_SET_TMP_RSA_CB:
1298                 {
1299                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1300                 }
1301                 break;
1302 #endif
1303 #ifndef OPENSSL_NO_DH
1304         case SSL_CTRL_SET_TMP_DH_CB:
1305                 {
1306                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1307                 }
1308                 break;
1309 #endif
1310         default:
1311                 break;
1312                 }
1313         return(ret);
1314         }
1315
1316 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1317         {
1318         CERT *cert;
1319
1320         cert=ctx->cert;
1321
1322         switch (cmd)
1323                 {
1324 #ifndef OPENSSL_NO_RSA
1325         case SSL_CTRL_NEED_TMP_RSA:
1326                 if (    (cert->rsa_tmp == NULL) &&
1327                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1328                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
1329                         )
1330                         return(1);
1331                 else
1332                         return(0);
1333                 /* break; */
1334         case SSL_CTRL_SET_TMP_RSA:
1335                 {
1336                 RSA *rsa;
1337                 int i;
1338
1339                 rsa=(RSA *)parg;
1340                 i=1;
1341                 if (rsa == NULL)
1342                         i=0;
1343                 else
1344                         {
1345                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
1346                                 i=0;
1347                         }
1348                 if (!i)
1349                         {
1350                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
1351                         return(0);
1352                         }
1353                 else
1354                         {
1355                         if (cert->rsa_tmp != NULL)
1356                                 RSA_free(cert->rsa_tmp);
1357                         cert->rsa_tmp=rsa;
1358                         return(1);
1359                         }
1360                 }
1361                 /* break; */
1362         case SSL_CTRL_SET_TMP_RSA_CB:
1363                 {
1364                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1365                 return(0);
1366                 }
1367                 break;
1368 #endif
1369 #ifndef OPENSSL_NO_DH
1370         case SSL_CTRL_SET_TMP_DH:
1371                 {
1372                 DH *new=NULL,*dh;
1373
1374                 dh=(DH *)parg;
1375                 if ((new=DHparams_dup(dh)) == NULL)
1376                         {
1377                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1378                         return 0;
1379                         }
1380                 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1381                         {
1382                         if (!DH_generate_key(new))
1383                                 {
1384                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1385                                 DH_free(new);
1386                                 return 0;
1387                                 }
1388                         }
1389                 if (cert->dh_tmp != NULL)
1390                         DH_free(cert->dh_tmp);
1391                 cert->dh_tmp=new;
1392                 return 1;
1393                 }
1394                 /*break; */
1395         case SSL_CTRL_SET_TMP_DH_CB:
1396                 {
1397                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1398                 return(0);
1399                 }
1400                 break;
1401 #endif
1402         /* A Thawte special :-) */
1403         case SSL_CTRL_EXTRA_CHAIN_CERT:
1404                 if (ctx->extra_certs == NULL)
1405                         {
1406                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1407                                 return(0);
1408                         }
1409                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
1410                 break;
1411
1412         default:
1413                 return(0);
1414                 }
1415         return(1);
1416         }
1417
1418 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
1419         {
1420         CERT *cert;
1421
1422         cert=ctx->cert;
1423
1424         switch (cmd)
1425                 {
1426 #ifndef OPENSSL_NO_RSA
1427         case SSL_CTRL_SET_TMP_RSA_CB:
1428                 {
1429                 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1430                 }
1431                 break;
1432 #endif
1433 #ifndef OPENSSL_NO_DH
1434         case SSL_CTRL_SET_TMP_DH_CB:
1435                 {
1436                 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1437                 }
1438                 break;
1439 #endif
1440         default:
1441                 return(0);
1442                 }
1443         return(1);
1444         }
1445
1446 /* This function needs to check if the ciphers required are actually
1447  * available */
1448 SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
1449         {
1450         static int init=1;
1451         static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
1452         SSL_CIPHER c,*cp= &c,**cpp;
1453         unsigned long id;
1454         int i;
1455
1456         if (init)
1457                 {
1458                 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
1459
1460                 if (init)
1461                         {
1462                         for (i=0; i<SSL3_NUM_CIPHERS; i++)
1463                                 sorted[i]= &(ssl3_ciphers[i]);
1464
1465                         qsort(sorted,
1466                                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1467                                 FP_ICC ssl_cipher_ptr_id_cmp);
1468
1469                         init=0;
1470                         }
1471
1472                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
1473                 }
1474
1475         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
1476         c.id=id;
1477         cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
1478                 (char *)sorted,
1479                 SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1480                 FP_ICC ssl_cipher_ptr_id_cmp);
1481         if ((cpp == NULL) || !(*cpp)->valid)
1482                 return(NULL);
1483         else
1484                 return(*cpp);
1485         }
1486
1487 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
1488         {
1489         long l;
1490
1491         if (p != NULL)
1492                 {
1493                 l=c->id;
1494                 if ((l & 0xff000000) != 0x03000000) return(0);
1495                 p[0]=((unsigned char)(l>> 8L))&0xFF;
1496                 p[1]=((unsigned char)(l     ))&0xFF;
1497                 }
1498         return(2);
1499         }
1500
1501 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
1502              STACK_OF(SSL_CIPHER) *srvr)
1503         {
1504         SSL_CIPHER *c,*ret=NULL;
1505         STACK_OF(SSL_CIPHER) *prio, *allow;
1506         int i,j,ok;
1507         CERT *cert;
1508         unsigned long alg,mask,emask;
1509
1510         /* Let's see which ciphers we can support */
1511         cert=s->cert;
1512
1513 #if 0
1514         /* Do not set the compare functions, because this may lead to a
1515          * reordering by "id". We want to keep the original ordering.
1516          * We may pay a price in performance during sk_SSL_CIPHER_find(),
1517          * but would have to pay with the price of sk_SSL_CIPHER_dup().
1518          */
1519         sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
1520         sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
1521 #endif
1522
1523 #ifdef CIPHER_DEBUG
1524         printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
1525         for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
1526             {
1527             c=sk_SSL_CIPHER_value(srvr,i);
1528             printf("%p:%s\n",c,c->name);
1529             }
1530         printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
1531         for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
1532             {
1533             c=sk_SSL_CIPHER_value(clnt,i);
1534             printf("%p:%s\n",c,c->name);
1535             }
1536 #endif
1537
1538         if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
1539             {
1540             prio = srvr;
1541             allow = clnt;
1542             }
1543         else
1544             {
1545             prio = clnt;
1546             allow = srvr;
1547             }
1548
1549         for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
1550                 {
1551                 c=sk_SSL_CIPHER_value(prio,i);
1552
1553                 ssl_set_cert_masks(cert,c);
1554                 mask=cert->mask;
1555                 emask=cert->export_mask;
1556
1557 #ifdef KSSL_DEBUG
1558                 printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
1559 #endif    /* KSSL_DEBUG */
1560
1561                 alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1562 #ifndef OPENSSL_NO_KRB5
1563                 if (alg & SSL_KRB5)
1564                         {
1565                         if ( !kssl_keytab_is_available(s->kssl_ctx) )
1566                             continue;
1567                         }
1568 #endif /* OPENSSL_NO_KRB5 */
1569                 if (SSL_C_IS_EXPORT(c))
1570                         {
1571                         ok=((alg & emask) == alg)?1:0;
1572 #ifdef CIPHER_DEBUG
1573                         printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
1574                                c,c->name);
1575 #endif
1576                         }
1577                 else
1578                         {
1579                         ok=((alg & mask) == alg)?1:0;
1580 #ifdef CIPHER_DEBUG
1581                         printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
1582                                c->name);
1583 #endif
1584                         }
1585
1586                 if (!ok) continue;
1587
1588                 j=sk_SSL_CIPHER_find(allow,c);
1589                 if (j >= 0)
1590                         {
1591                         ret=sk_SSL_CIPHER_value(allow,j);
1592                         break;
1593                         }
1594                 }
1595         return(ret);
1596         }
1597
1598 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
1599         {
1600         int ret=0;
1601         unsigned long alg;
1602
1603         alg=s->s3->tmp.new_cipher->algorithms;
1604
1605 #ifndef OPENSSL_NO_DH
1606         if (alg & (SSL_kDHr|SSL_kEDH))
1607                 {
1608 #  ifndef OPENSSL_NO_RSA
1609                 p[ret++]=SSL3_CT_RSA_FIXED_DH;
1610 #  endif
1611 #  ifndef OPENSSL_NO_DSA
1612                 p[ret++]=SSL3_CT_DSS_FIXED_DH;
1613 #  endif
1614                 }
1615         if ((s->version == SSL3_VERSION) &&
1616                 (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
1617                 {
1618 #  ifndef OPENSSL_NO_RSA
1619                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
1620 #  endif
1621 #  ifndef OPENSSL_NO_DSA
1622                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
1623 #  endif
1624                 }
1625 #endif /* !OPENSSL_NO_DH */
1626 #ifndef OPENSSL_NO_RSA
1627         p[ret++]=SSL3_CT_RSA_SIGN;
1628 #endif
1629 #ifndef OPENSSL_NO_DSA
1630         p[ret++]=SSL3_CT_DSS_SIGN;
1631 #endif
1632         return(ret);
1633         }
1634
1635 int ssl3_shutdown(SSL *s)
1636         {
1637
1638         /* Don't do anything much if we have not done the handshake or
1639          * we don't want to send messages :-) */
1640         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
1641                 {
1642                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
1643                 return(1);
1644                 }
1645
1646         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
1647                 {
1648                 s->shutdown|=SSL_SENT_SHUTDOWN;
1649 #if 1
1650                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
1651 #endif
1652                 /* our shutdown alert has been sent now, and if it still needs
1653                  * to be written, s->s3->alert_dispatch will be true */
1654                 }
1655         else if (s->s3->alert_dispatch)
1656                 {
1657                 /* resend it if not sent */
1658 #if 1
1659                 ssl3_dispatch_alert(s);
1660 #endif
1661                 }
1662         else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
1663                 {
1664                 /* If we are waiting for a close from our peer, we are closed */
1665                 ssl3_read_bytes(s,0,NULL,0,0);
1666                 }
1667
1668         if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
1669                 !s->s3->alert_dispatch)
1670                 return(1);
1671         else
1672                 return(0);
1673         }
1674
1675 int ssl3_write(SSL *s, const void *buf, int len)
1676         {
1677         int ret,n;
1678
1679 #if 0
1680         if (s->shutdown & SSL_SEND_SHUTDOWN)
1681                 {
1682                 s->rwstate=SSL_NOTHING;
1683                 return(0);
1684                 }
1685 #endif
1686         clear_sys_error();
1687         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1688
1689         /* This is an experimental flag that sends the
1690          * last handshake message in the same packet as the first
1691          * use data - used to see if it helps the TCP protocol during
1692          * session-id reuse */
1693         /* The second test is because the buffer may have been removed */
1694         if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
1695                 {
1696                 /* First time through, we write into the buffer */
1697                 if (s->s3->delay_buf_pop_ret == 0)
1698                         {
1699                         ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1700                                              buf,len);
1701                         if (ret <= 0) return(ret);
1702
1703                         s->s3->delay_buf_pop_ret=ret;
1704                         }
1705
1706                 s->rwstate=SSL_WRITING;
1707                 n=BIO_flush(s->wbio);
1708                 if (n <= 0) return(n);
1709                 s->rwstate=SSL_NOTHING;
1710
1711                 /* We have flushed the buffer, so remove it */
1712                 ssl_free_wbio_buffer(s);
1713                 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
1714
1715                 ret=s->s3->delay_buf_pop_ret;
1716                 s->s3->delay_buf_pop_ret=0;
1717                 }
1718         else
1719                 {
1720                 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1721                                      buf,len);
1722                 if (ret <= 0) return(ret);
1723                 }
1724
1725         return(ret);
1726         }
1727
1728 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
1729         {
1730         int ret;
1731
1732         clear_sys_error();
1733         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1734         s->s3->in_read_app_data=1;
1735         ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1736         if ((ret == -1) && (s->s3->in_read_app_data == 2))
1737                 {
1738                 /* ssl3_read_bytes decided to call s->handshake_func, which
1739                  * called ssl3_read_bytes to read handshake data.
1740                  * However, ssl3_read_bytes actually found application data
1741                  * and thinks that application data makes sense here; so disable
1742                  * handshake processing and try to read application data again. */
1743                 s->in_handshake++;
1744                 ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1745                 s->in_handshake--;
1746                 }
1747         else
1748                 s->s3->in_read_app_data=0;
1749
1750         return(ret);
1751         }
1752
1753 int ssl3_read(SSL *s, void *buf, int len)
1754         {
1755         return ssl3_read_internal(s, buf, len, 0);
1756         }
1757
1758 int ssl3_peek(SSL *s, void *buf, int len)
1759         {
1760         return ssl3_read_internal(s, buf, len, 1);
1761         }
1762
1763 int ssl3_renegotiate(SSL *s)
1764         {
1765         if (s->handshake_func == NULL)
1766                 return(1);
1767
1768         if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
1769                 return(0);
1770
1771         s->s3->renegotiate=1;
1772         return(1);
1773         }
1774
1775 int ssl3_renegotiate_check(SSL *s)
1776         {
1777         int ret=0;
1778
1779         if (s->s3->renegotiate)
1780                 {
1781                 if (    (s->s3->rbuf.left == 0) &&
1782                         (s->s3->wbuf.left == 0) &&
1783                         !SSL_in_init(s))
1784                         {
1785 /*
1786 if we are the server, and we have sent a 'RENEGOTIATE' message, we
1787 need to go to SSL_ST_ACCEPT.
1788 */
1789                         /* SSL_ST_ACCEPT */
1790                         s->state=SSL_ST_RENEGOTIATE;
1791                         s->s3->renegotiate=0;
1792                         s->s3->num_renegotiations++;
1793                         s->s3->total_renegotiations++;
1794                         ret=1;
1795                         }
1796                 }
1797         return(ret);
1798         }
1799