summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorRyan Thomas McBride <mcbride@cvs.openbsd.org>2014-04-24 12:21:27 +0000
committerRyan Thomas McBride <mcbride@cvs.openbsd.org>2014-04-24 12:21:27 +0000
commit375642b9478fdb91036aac96f2e931ac596a1c44 (patch)
tree61b89467424bbff27b2cb08868b6d76512bcb2b4 /lib
parentedf968e648bb19a2f2beb6c3e45a2f07fd3bc77b (diff)
KNF
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/s3_clnt.c1526
-rw-r--r--lib/libssl/s3_lib.c280
-rw-r--r--lib/libssl/ssl_lib.c707
3 files changed, 1487 insertions, 1026 deletions
diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c
index 0cd40f3a2d0..b63f0bf0c99 100644
--- a/lib/libssl/s3_clnt.c
+++ b/lib/libssl/s3_clnt.c
@@ -181,10 +181,10 @@ IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
int
ssl3_connect(SSL *s)
{
- BUF_MEM *buf = NULL;
- void (*cb)(const SSL *ssl, int type, int val) = NULL;
- int ret = -1;
- int new_state, state, skip = 0;
+ BUF_MEM *buf = NULL;
+ void (*cb)(const SSL *ssl, int type, int val) = NULL;
+ int ret = -1;
+ int new_state, state, skip = 0;
ERR_clear_error();
errno = 0;
@@ -217,7 +217,8 @@ ssl3_connect(SSL *s)
cb(s, SSL_CB_HANDSHAKE_START, 1);
if ((s->version & 0xff00 ) != 0x0300) {
- SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL3_CONNECT,
+ ERR_R_INTERNAL_ERROR);
ret = -1;
goto end;
}
@@ -230,7 +231,8 @@ ssl3_connect(SSL *s)
ret = -1;
goto end;
}
- if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ if (!BUF_MEM_grow(buf,
+ SSL3_RT_MAX_PLAIN_LENGTH)) {
ret = -1;
goto end;
}
@@ -309,10 +311,11 @@ ssl3_connect(SSL *s)
break;
}
#endif
- /* Check if it is anon DH/ECDH */
- /* or PSK */
- if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
- !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ /* Check if it is anon DH/ECDH or PSK */
+ if (!(s->s3->tmp.new_cipher->algorithm_auth &
+ SSL_aNULL) &&
+ !(s->s3->tmp.new_cipher->algorithm_mkey &
+ SSL_kPSK)) {
ret = ssl3_get_server_certificate(s);
if (ret <= 0)
goto end;
@@ -342,8 +345,10 @@ ssl3_connect(SSL *s)
s->state = SSL3_ST_CR_CERT_REQ_A;
s->init_num = 0;
- /* at this point we check that we have the
- * required stuff from the server */
+ /*
+ * At this point we check that we have the
+ * required stuff from the server.
+ */
if (!ssl3_check_cert_and_algorithm(s)) {
ret = -1;
goto end;
@@ -367,8 +372,10 @@ ssl3_connect(SSL *s)
#ifndef OPENSSL_NO_SRP
if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) {
if ((ret = SRP_Calc_A_param(s)) <= 0) {
- SSLerr(SSL_F_SSL3_CONNECT, SSL_R_SRP_A_CALC);
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL3_CONNECT,
+ SSL_R_SRP_A_CALC);
+ ssl3_send_alert(s, SSL3_AL_FATAL,
+ SSL_AD_INTERNAL_ERROR);
goto end;
}
}
@@ -397,11 +404,16 @@ ssl3_connect(SSL *s)
ret = ssl3_send_client_key_exchange(s);
if (ret <= 0)
goto end;
- /* EAY EAY EAY need to check for DH fix cert
- * sent back */
- /* For TLS, cert_req is set to 2, so a cert chain
- * of nothing is sent, but no verify packet is sent */
- /* XXX: For now, we do not support client
+ /*
+ * EAY EAY EAY need to check for DH fix cert
+ * sent back
+ */
+ /*
+ * For TLS, cert_req is set to 2, so a cert chain
+ * of nothing is sent, but no verify packet is sent
+ */
+ /*
+ * XXX: For now, we do not support client
* authentication in ECDH cipher suites with
* ECDH (rather than ECDSA) certificates.
* We need to skip the certificate verify
@@ -457,7 +469,7 @@ ssl3_connect(SSL *s)
s->session->compress_meth = 0;
else
s->session->compress_meth =
- s->s3->tmp.new_compression->id;
+ s->s3->tmp.new_compression->id;
#endif
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
@@ -465,7 +477,7 @@ ssl3_connect(SSL *s)
}
if (!s->method->ssl3_enc->change_cipher_state(s,
- SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
+ SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
ret = -1;
goto end;
}
@@ -496,7 +508,8 @@ ssl3_connect(SSL *s)
s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
if (s->hit) {
s->s3->tmp.next_state = SSL_ST_OK;
- if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
+ if (s->s3->flags &
+ SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
s->state = SSL_ST_OK;
s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
s->s3->delay_buf_pop_ret = 0;
@@ -505,7 +518,8 @@ ssl3_connect(SSL *s)
#ifndef OPENSSL_NO_TLSEXT
/* Allow NewSessionTicket if ticket expected */
if (s->tlsext_ticket_expected)
- s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
+ s->s3->tmp.next_state =
+ SSL3_ST_CR_SESSION_TICKET_A;
else
#endif
@@ -568,8 +582,10 @@ ssl3_connect(SSL *s)
s->init_buf = NULL;
}
- /* If we are not 'joining' the last two packets,
- * remove the buffering now */
+ /*
+ * If we are not 'joining' the last two packets,
+ * remove the buffering now
+ */
if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
ssl_free_wbio_buffer(s);
/* else do it later in ssl3_write */
@@ -594,7 +610,8 @@ ssl3_connect(SSL *s)
/* break; */
default:
- SSLerr(SSL_F_SSL3_CONNECT, SSL_R_UNKNOWN_STATE);
+ SSLerr(SSL_F_SSL3_CONNECT,
+ SSL_R_UNKNOWN_STATE);
ret = -1;
goto end;
/* break; */
@@ -616,7 +633,7 @@ ssl3_connect(SSL *s)
}
skip = 0;
}
-end:
+ end:
s->in_handshake--;
if (buf != NULL)
BUF_MEM_free(buf);
@@ -629,13 +646,13 @@ end:
int
ssl3_client_hello(SSL *s)
{
- unsigned char *buf;
- unsigned char *p, *d;
- int i;
- unsigned long l;
+ unsigned char *buf;
+ unsigned char *p, *d;
+ int i;
+ unsigned long l;
#ifndef OPENSSL_NO_COMP
- int j;
- SSL_COMP *comp;
+ int j;
+ SSL_COMP *comp;
#endif
buf = (unsigned char *)s->init_buf->data;
@@ -660,9 +677,10 @@ ssl3_client_hello(SSL *s)
goto err;
/* Do the message type and length last */
- d = p= &(buf[4]);
+ d = p = &(buf[4]);
- /* version indicates the negotiated version: for example from
+ /*
+ * Version indicates the negotiated version: for example from
* an SSLv2/v3 compatible client hello). The client_version
* field is the maximum version we permit and it is also
* used in RSA encrypted premaster secrets. Some servers can
@@ -697,7 +715,7 @@ ssl3_client_hello(SSL *s)
s->client_version = s->version;
#else
*(p++) = s->client_version >> 8;
- *(p++) = s->client_version&0xff;
+ *(p++) = s->client_version & 0xff;
#endif
/* Random stuff */
@@ -712,7 +730,8 @@ ssl3_client_hello(SSL *s)
*(p++) = i;
if (i != 0) {
if (i > (int)sizeof(s->session->session_id)) {
- SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
memcpy(p, s->session->session_id, i);
@@ -722,11 +741,13 @@ ssl3_client_hello(SSL *s)
/* Ciphers supported */
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
if (i == 0) {
- SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,
+ SSL_R_NO_CIPHERS_AVAILABLE);
goto err;
}
#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
- /* Some servers hang if client hello > 256 bytes
+ /*
+ * Some servers hang if client hello > 256 bytes
* as hack workaround chop number of supported ciphers
* to keep it well below this if we use TLS v1.2
*/
@@ -758,11 +779,14 @@ ssl3_client_hello(SSL *s)
#ifndef OPENSSL_NO_TLSEXT
/* TLS extensions*/
if (ssl_prepare_clienthello_tlsext(s) <= 0) {
- SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,
+ SSL_R_CLIENTHELLO_TLSEXT);
goto err;
}
- if ((p = ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
- SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ if ((p = ssl_add_clienthello_tlsext(s, p,
+ buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
#endif
@@ -780,21 +804,21 @@ ssl3_client_hello(SSL *s)
/* SSL3_ST_CW_CLNT_HELLO_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-err:
+ err:
return (-1);
}
int
ssl3_get_server_hello(SSL *s)
{
- STACK_OF(SSL_CIPHER) *sk;
- const SSL_CIPHER *c;
- unsigned char *p, *d;
- int i, al, ok;
- unsigned int j;
- long n;
+ STACK_OF(SSL_CIPHER) *sk;
+ const SSL_CIPHER *c;
+ unsigned char *p, *d;
+ int i, al, ok;
+ unsigned int j;
+ long n;
#ifndef OPENSSL_NO_COMP
- SSL_COMP *comp;
+ SSL_COMP *comp;
#endif
n = s->method->ssl_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
@@ -803,7 +827,8 @@ ssl3_get_server_hello(SSL *s)
if (!ok)
return ((int)n);
- if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) {
+ if (SSL_version(s) == DTLS1_VERSION ||
+ SSL_version(s) == DTLS1_BAD_VER) {
if (s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
if (s->d1->send_cookie == 0) {
s->s3->tmp.reuse_message = 1;
@@ -812,7 +837,8 @@ ssl3_get_server_hello(SSL *s)
else /* already sent a cookie */
{
al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_BAD_MESSAGE_TYPE);
goto f_err;
}
}
@@ -820,14 +846,16 @@ ssl3_get_server_hello(SSL *s)
if (s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO) {
al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_BAD_MESSAGE_TYPE);
goto f_err;
}
d = p=(unsigned char *)s->init_msg;
if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) {
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_WRONG_SSL_VERSION);
s->version = (s->version&0xff00)|p[1];
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
@@ -842,14 +870,19 @@ ssl3_get_server_hello(SSL *s)
/* get the session-id */
j= *(p++);
- if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) {
+ if ((j > sizeof s->session->session_id) ||
+ (j > SSL3_SESSION_ID_SIZE)) {
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_SSL3_SESSION_ID_TOO_LONG);
goto f_err;
}
#ifndef OPENSSL_NO_TLSEXT
- /* check if we want to resume the session based on external pre-shared secret */
+ /*
+ * Check if we want to resume the session based on external
+ * pre-shared secret
+ */
if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
SSL_CIPHER *pref_cipher = NULL;
s->session->master_key_length = sizeof(s->session->master_key);
@@ -865,16 +898,17 @@ ssl3_get_server_hello(SSL *s)
if (j != 0 && j == s->session->session_id_length &&
memcmp(p, s->session->session_id, j) == 0) {
if (s->sid_ctx_length != s->session->sid_ctx_length ||
- memcmp(s->session->sid_ctx, s->sid_ctx, s->sid_ctx_length)) {
+ memcmp(s->session->sid_ctx,
+ s->sid_ctx, s->sid_ctx_length)) {
/* actually a client application bug */
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
goto f_err;
}
s->hit = 1;
- }
- else /* a miss or crap from the other end */
- {
+ } else { /* a miss or crap from the other end */
+
/* If we were trying for session-id reuse, make a new
* SSL_SESSION so we don't stuff up other people */
s->hit = 0;
@@ -892,14 +926,16 @@ ssl3_get_server_hello(SSL *s)
if (c == NULL) {
/* unknown cipher */
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNKNOWN_CIPHER_RETURNED);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_UNKNOWN_CIPHER_RETURNED);
goto f_err;
}
/* TLS v1.2 only ciphersuites require v1.2 or later */
if ((c->algorithm_ssl & SSL_TLSV1_2) &&
(TLS1_get_version(s) < TLS1_2_VERSION)) {
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_WRONG_CIPHER_RETURNED);
goto f_err;
}
p += ssl_put_cipher_by_char(s, NULL, NULL);
@@ -909,25 +945,31 @@ ssl3_get_server_hello(SSL *s)
if (i < 0) {
/* we did not say we would use this cipher */
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_WRONG_CIPHER_RETURNED);
goto f_err;
}
- /* Depending on the session caching (internal/external), the cipher
- and/or cipher_id values may not be set. Make sure that
- cipher_id is set and use it for comparison. */
+ /*
+ * Depending on the session caching (internal/external), the cipher
+ * and/or cipher_id values may not be set. Make sure that
+ * cipher_id is set and use it for comparison.
+ */
if (s->session->cipher)
s->session->cipher_id = s->session->cipher->id;
if (s->hit && (s->session->cipher_id != c->id)) {
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
goto f_err;
}
s->s3->tmp.new_cipher = c;
- /* Don't digest cached records if TLS v1.2: we may need them for
+ /*
+ * Don't digest cached records if TLS v1.2: we may need them for
* client authentication.
*/
- if (TLS1_get_version(s) < TLS1_2_VERSION && !ssl3_digest_cached_records(s)) {
+ if (TLS1_get_version(s) < TLS1_2_VERSION &&
+ !ssl3_digest_cached_records(s)) {
al = SSL_AD_INTERNAL_ERROR;
goto f_err;
}
@@ -936,36 +978,42 @@ ssl3_get_server_hello(SSL *s)
#ifdef OPENSSL_NO_COMP
if (*(p++) != 0) {
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
goto f_err;
}
- /* If compression is disabled we'd better not try to resume a session
+ /*
+ * If compression is disabled we'd better not try to resume a session
* using compression.
*/
if (s->session->compress_meth != 0) {
al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_INCONSISTENT_COMPRESSION);
goto f_err;
}
#else
j= *(p++);
if (s->hit && j != s->session->compress_meth) {
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
goto f_err;
}
if (j == 0)
comp = NULL;
else if (s->options & SSL_OP_NO_COMPRESSION) {
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_COMPRESSION_DISABLED);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_COMPRESSION_DISABLED);
goto f_err;
} else
comp = ssl3_comp_find(s->ctx->comp_methods, j);
if ((j != 0) && (comp == NULL)) {
al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
goto f_err;
} else {
s->s3->tmp.new_compression = comp;
@@ -977,12 +1025,14 @@ ssl3_get_server_hello(SSL *s)
if (s->version >= SSL3_VERSION) {
if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) {
/* 'al' set by ssl_parse_serverhello_tlsext */
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_PARSE_TLSEXT);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_PARSE_TLSEXT);
goto f_err;
}
if (ssl_check_serverhello_tlsext(s) <= 0) {
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_SERVERHELLO_TLSEXT);
goto err;
}
}
@@ -991,29 +1041,32 @@ ssl3_get_server_hello(SSL *s)
if (p != (d + n)) {
/* wrong packet length */
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_PACKET_LENGTH);
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_BAD_PACKET_LENGTH);
goto f_err;
}
return (1);
-f_err:
+ f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
+ err:
return (-1);
}
int
ssl3_get_server_certificate(SSL *s)
{
- int al, i, ok, ret = -1;
- unsigned long n, nc, llen, l;
- X509 *x = NULL;
- const unsigned char *q, *p;
- unsigned char *d;
- STACK_OF(X509) *sk = NULL;
- SESS_CERT *sc;
- EVP_PKEY *pkey = NULL;
- int need_cert = 1; /* VRS: 0=> will allow null cert if auth == KRB5 */
+ int al, i, ok, ret = -1;
+ unsigned long n, nc, llen, l;
+ X509 *x = NULL;
+ const unsigned char *q, *p;
+ unsigned char *d;
+ STACK_OF(X509) *sk = NULL;
+ SESS_CERT *sc;
+ EVP_PKEY *pkey = NULL;
+
+ /* VRS: 0=> will allow null cert if auth == KRB5 */
+ int need_cert = 1;
n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_A,
SSL3_ST_CR_CERT_B, -1, s->max_cert_list, &ok);
@@ -1030,27 +1083,31 @@ ssl3_get_server_certificate(SSL *s)
if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_BAD_MESSAGE_TYPE);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_BAD_MESSAGE_TYPE);
goto f_err;
}
p = d = (unsigned char *)s->init_msg;
if ((sk = sk_X509_new_null()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
n2l3(p, llen);
if (llen + 3 != n) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_LENGTH_MISMATCH);
goto f_err;
}
for (nc = 0; nc < llen; ) {
n2l3(p, l);
if ((l + nc + 3) > llen) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_CERT_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_CERT_LENGTH_MISMATCH);
goto f_err;
}
@@ -1058,16 +1115,19 @@ ssl3_get_server_certificate(SSL *s)
x = d2i_X509(NULL, &q, l);
if (x == NULL) {
al = SSL_AD_BAD_CERTIFICATE;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_ASN1_LIB);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ ERR_R_ASN1_LIB);
goto f_err;
}
if (q != (p + l)) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_CERT_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_CERT_LENGTH_MISMATCH);
goto f_err;
}
if (!sk_X509_push(sk, x)) {
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
x = NULL;
@@ -1083,7 +1143,8 @@ ssl3_get_server_certificate(SSL *s)
#endif /* OPENSSL_NO_KRB5 */
) {
al = ssl_verify_alarm_type(s->verify_result);
- SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+ SSL_R_CERTIFICATE_VERIFY_FAILED);
goto f_err;
}
@@ -1098,8 +1159,10 @@ ssl3_get_server_certificate(SSL *s)
s->session->sess_cert = sc;
sc->cert_chain = sk;
- /* Inconsistency alert: cert_chain does include the peer's
- * certificate, which we don't include in s3_srvr.c */
+ /*
+ * Inconsistency alert: cert_chain does include the peer's
+ * certificate, which we don't include in s3_srvr.c
+ */
x = sk_X509_value(sk, 0);
sk = NULL;
/* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/
@@ -1108,17 +1171,19 @@ ssl3_get_server_certificate(SSL *s)
/* VRS: allow null cert if auth == KRB5 */
need_cert = ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
- (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
- ? 0 : 1;
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
+ ? 0 : 1;
#ifdef KSSL_DEBUG
printf("pkey, x = %p, %p\n", pkey, x);
printf("ssl_cert_type(x, pkey) = %d\n", ssl_cert_type(x, pkey));
- printf("cipher, alg, nc = %s, %lx, %lx, %d\n", s->s3->tmp.new_cipher->name,
- s->s3->tmp.new_cipher->algorithm_mkey, s->s3->tmp.new_cipher->algorithm_auth, need_cert);
+ printf("cipher, alg, nc = %s, %lx, %lx, %d\n",
+ s->s3->tmp.new_cipher->name, s->s3->tmp.new_cipher->algorithm_mkey,
+ s->s3->tmp.new_cipher->algorithm_auth, need_cert);
#endif /* KSSL_DEBUG */
- if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))) {
+ if (need_cert && ((pkey == NULL) ||
+ EVP_PKEY_missing_parameters(pkey))) {
x = NULL;
al = SSL3_AL_FATAL;
SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
@@ -1138,8 +1203,10 @@ ssl3_get_server_certificate(SSL *s)
if (need_cert) {
sc->peer_cert_type = i;
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
- /* Why would the following ever happen?
- * We just created sc a couple of lines ago. */
+ /*
+ * Why would the following ever happen?
+ * We just created sc a couple of lines ago.
+ */
if (sc->peer_pkeys[i].x509 != NULL)
X509_free(sc->peer_pkeys[i].x509);
sc->peer_pkeys[i].x509 = x;
@@ -1163,10 +1230,10 @@ ssl3_get_server_certificate(SSL *s)
ret = 1;
if (0) {
-f_err:
+ f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
}
-err:
+ err:
EVP_PKEY_free(pkey);
X509_free(x);
sk_X509_pop_free(sk, X509_free);
@@ -1176,27 +1243,29 @@ err:
int
ssl3_get_key_exchange(SSL *s)
{
- unsigned char *q, md_buf[EVP_MAX_MD_SIZE*2];
- EVP_MD_CTX md_ctx;
- unsigned char *param, *p;
- int al, i, j, param_len, ok;
- long n, alg_k, alg_a;
- EVP_PKEY *pkey = NULL;
- const EVP_MD *md = NULL;
- RSA *rsa = NULL;
+ unsigned char *q, md_buf[EVP_MAX_MD_SIZE*2];
+ EVP_MD_CTX md_ctx;
+ unsigned char *param, *p;
+ int al, i, j, param_len, ok;
+ long n, alg_k, alg_a;
+ EVP_PKEY *pkey = NULL;
+ const EVP_MD *md = NULL;
+ RSA *rsa = NULL;
#ifndef OPENSSL_NO_DH
- DH *dh = NULL;
+ DH *dh = NULL;
#endif
#ifndef OPENSSL_NO_ECDH
- EC_KEY *ecdh = NULL;
- BN_CTX *bn_ctx = NULL;
- EC_POINT *srvr_ecpoint = NULL;
- int curve_nid = 0;
- int encoded_pt_len = 0;
+ EC_KEY *ecdh = NULL;
+ BN_CTX *bn_ctx = NULL;
+ EC_POINT *srvr_ecpoint = NULL;
+ int curve_nid = 0;
+ int encoded_pt_len = 0;
#endif
- /* use same message size as in ssl3_get_certificate_request()
- * as ServerKeyExchange message may be skipped */
+ /*
+ * Use same message size as in ssl3_get_certificate_request()
+ * as ServerKeyExchange message may be skipped.
+ */
n = s->method->ssl_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
SSL3_ST_CR_KEY_EXCH_B, -1, s->max_cert_list, &ok);
if (!ok)
@@ -1204,10 +1273,11 @@ ssl3_get_key_exchange(SSL *s)
if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
#ifndef OPENSSL_NO_PSK
- /* In plain PSK ciphersuite, ServerKeyExchange can be
- omitted if no identity hint is sent. Set
- session->sess_cert anyway to avoid problems
- later.*/
+ /*
+ * In plain PSK ciphersuite, ServerKeyExchange can be
+ * omitted if no identity hint is sent. Set session->sess_cert
+ * anyway to avoid problems later.
+ */
if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK) {
s->session->sess_cert = ssl_sess_cert_new();
if (s->ctx->psk_identity_hint)
@@ -1253,32 +1323,37 @@ ssl3_get_key_exchange(SSL *s)
al = SSL_AD_HANDSHAKE_FAILURE;
n2s(p, i);
param_len = i + 2;
- /* Store PSK identity hint for later use, hint is used
+ /*
+ * Store PSK identity hint for later use, hint is used
* in ssl3_send_client_key_exchange. Assume that the
* maximum length of a PSK identity hint can be as
- * long as the maximum length of a PSK identity. */
+ * long as the maximum length of a PSK identity.
+ */
if (i > PSK_MAX_IDENTITY_LEN) {
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_DATA_LENGTH_TOO_LONG);
+ SSL_R_DATA_LENGTH_TOO_LONG);
goto f_err;
}
if (param_len > n) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
+ SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
goto f_err;
}
- /* If received PSK identity hint contains NULL
+ /*
+ * If received PSK identity hint contains NULL
* characters, the hint is truncated from the first
* NULL. p may not be ending with NULL, so create a
- * NULL-terminated string. */
+ * NULL-terminated string.
+ */
memcpy(tmp_id_hint, p, i);
memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
if (s->ctx->psk_identity_hint != NULL)
free(s->ctx->psk_identity_hint);
s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);
if (s->ctx->psk_identity_hint == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
goto f_err;
}
@@ -1292,11 +1367,13 @@ ssl3_get_key_exchange(SSL *s)
param_len = i + 2;
if (param_len > n) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_N_LENGTH);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_SRP_N_LENGTH);
goto f_err;
}
if (!(s->srp_ctx.N = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_BN_LIB);
goto err;
}
p += i;
@@ -1305,11 +1382,13 @@ ssl3_get_key_exchange(SSL *s)
param_len += i + 2;
if (param_len > n) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_G_LENGTH);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_SRP_G_LENGTH);
goto f_err;
}
if (!(s->srp_ctx.g = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_BN_LIB);
goto err;
}
p += i;
@@ -1319,11 +1398,13 @@ ssl3_get_key_exchange(SSL *s)
param_len += i + 1;
if (param_len > n) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_S_LENGTH);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_SRP_S_LENGTH);
goto f_err;
}
if (!(s->srp_ctx.s = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_BN_LIB);
goto err;
}
p += i;
@@ -1332,224 +1413,268 @@ ssl3_get_key_exchange(SSL *s)
param_len += i + 2;
if (param_len > n) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_B_LENGTH);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_SRP_B_LENGTH);
goto f_err;
}
if (!(s->srp_ctx.B = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_BN_LIB);
goto err;
}
p += i;
n -= param_len;
-/* We must check if there is a certificate */
+ /* We must check if there is a certificate */
if (alg_a & SSL_aRSA)
- pkey = X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+ pkey = X509_get_pubkey(
+ s->session->sess_cert->peer_pkeys[
+ SSL_PKEY_RSA_ENC].x509);
else if (alg_a & SSL_aDSS)
- pkey = X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
+ pkey = X509_get_pubkey(
+ s->session->sess_cert->peer_pkeys[
+ SSL_PKEY_DSA_SIGN].x509);
} else
#endif /* !OPENSSL_NO_SRP */
- if (alg_k & SSL_kRSA) {
- if ((rsa = RSA_new()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- n2s(p, i);
- param_len = i + 2;
- if (param_len > n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_MODULUS_LENGTH);
- goto f_err;
- }
- if (!(rsa->n = BN_bin2bn(p, i, rsa->n))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
+ if (alg_k & SSL_kRSA) {
+ if ((rsa = RSA_new()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ n2s(p, i);
+ param_len = i + 2;
+ if (param_len > n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_RSA_MODULUS_LENGTH);
+ goto f_err;
+ }
+ if (!(rsa->n = BN_bin2bn(p, i, rsa->n))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
- n2s(p, i);
- param_len += i + 2;
- if (param_len > n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_E_LENGTH);
- goto f_err;
- }
- if (!(rsa->e = BN_bin2bn(p, i, rsa->e))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
- n -= param_len;
+ n2s(p, i);
+ param_len += i + 2;
+ if (param_len > n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_RSA_E_LENGTH);
+ goto f_err;
+ }
+ if (!(rsa->e = BN_bin2bn(p, i, rsa->e))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+ n -= param_len;
- /* this should be because we are using an export cipher */
- if (alg_a & SSL_aRSA)
- pkey = X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
- else {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
+ /*
+ * This should be because we are using an
+ * export cipher
+ */
+ if (alg_a & SSL_aRSA)
+ pkey = X509_get_pubkey(
+ s->session->sess_cert->peer_pkeys[
+ SSL_PKEY_RSA_ENC].x509);
+ else {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ s->session->sess_cert->peer_rsa_tmp = rsa;
+ rsa = NULL;
}
- s->session->sess_cert->peer_rsa_tmp = rsa;
- rsa = NULL;
- }
#ifndef OPENSSL_NO_DH
- else if (alg_k & SSL_kEDH) {
- if ((dh = DH_new()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_DH_LIB);
- goto err;
- }
- n2s(p, i);
- param_len = i + 2;
- if (param_len > n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_LENGTH);
- goto f_err;
- }
- if (!(dh->p = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
+ else if (alg_k & SSL_kEDH) {
+ if ((dh = DH_new()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_DH_LIB);
+ goto err;
+ }
+ n2s(p, i);
+ param_len = i + 2;
+ if (param_len > n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_DH_P_LENGTH);
+ goto f_err;
+ }
+ if (!(dh->p = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
- n2s(p, i);
- param_len += i + 2;
- if (param_len > n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_LENGTH);
- goto f_err;
- }
- if (!(dh->g = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
+ n2s(p, i);
+ param_len += i + 2;
+ if (param_len > n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_DH_G_LENGTH);
+ goto f_err;
+ }
+ if (!(dh->g = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
- n2s(p, i);
- param_len += i + 2;
- if (param_len > n) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_LENGTH);
+ n2s(p, i);
+ param_len += i + 2;
+ if (param_len > n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_DH_PUB_KEY_LENGTH);
+ goto f_err;
+ }
+ if (!(dh->pub_key = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+ n -= param_len;
+
+ if (alg_a & SSL_aRSA)
+ pkey = X509_get_pubkey(
+ s->session->sess_cert->peer_pkeys[
+ SSL_PKEY_RSA_ENC].x509);
+ else if (alg_a & SSL_aDSS)
+ pkey = X509_get_pubkey(
+ s->session->sess_cert->peer_pkeys[
+ SSL_PKEY_DSA_SIGN].x509);
+ /* else anonymous DH, so no certificate or pkey. */
+
+ s->session->sess_cert->peer_dh_tmp = dh;
+ dh = NULL;
+ } else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
goto f_err;
}
- if (!(dh->pub_key = BN_bin2bn(p, i, NULL))) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
- goto err;
- }
- p += i;
- n -= param_len;
-
- if (alg_a & SSL_aRSA)
- pkey = X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
- else if (alg_a & SSL_aDSS)
- pkey = X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
- /* else anonymous DH, so no certificate or pkey. */
-
- s->session->sess_cert->peer_dh_tmp = dh;
- dh = NULL;
- } else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd)) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
- goto f_err;
- }
#endif /* !OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
- else if (alg_k & SSL_kEECDH) {
- EC_GROUP *ngroup;
- const EC_GROUP *group;
+ else if (alg_k & SSL_kEECDH) {
+ EC_GROUP *ngroup;
+ const EC_GROUP *group;
- if ((ecdh = EC_KEY_new()) == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ if ((ecdh = EC_KEY_new()) == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
- /* Extract elliptic curve parameters and the
- * server's ephemeral ECDH public key.
- * Keep accumulating lengths of various components in
- * param_len and make sure it never exceeds n.
- */
+ /*
+ * Extract elliptic curve parameters and the
+ * server's ephemeral ECDH public key.
+ * Keep accumulating lengths of various components in
+ * param_len and make sure it never exceeds n.
+ */
- /* XXX: For now we only support named (not generic) curves
- * and the ECParameters in this case is just three bytes.
- */
- param_len = 3;
- if ((param_len > n) ||
- (*p != NAMED_CURVE_TYPE) ||
- ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0)) {
- al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
- goto f_err;
- }
+ /*
+ * XXX: For now we only support named (not generic)
+ * curves and the ECParameters in this case is just
+ * three bytes.
+ */
+ param_len = 3;
+ if ((param_len > n) || (*p != NAMED_CURVE_TYPE) ||
+ ((curve_nid = tls1_ec_curve_id2nid(*(p + 2)))
+ == 0)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
+ goto f_err;
+ }
- ngroup = EC_GROUP_new_by_curve_name(curve_nid);
- if (ngroup == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- if (EC_KEY_set_group(ecdh, ngroup) == 0) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
- goto err;
- }
- EC_GROUP_free(ngroup);
+ ngroup = EC_GROUP_new_by_curve_name(curve_nid);
+ if (ngroup == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_EC_LIB);
+ goto err;
+ }
+ if (EC_KEY_set_group(ecdh, ngroup) == 0) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_EC_LIB);
+ goto err;
+ }
+ EC_GROUP_free(ngroup);
- group = EC_KEY_get0_group(ecdh);
+ group = EC_KEY_get0_group(ecdh);
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- (EC_GROUP_get_degree(group) > 163)) {
- al = SSL_AD_EXPORT_RESTRICTION;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
- goto f_err;
- }
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ (EC_GROUP_get_degree(group) > 163)) {
+ al = SSL_AD_EXPORT_RESTRICTION;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
+ goto f_err;
+ }
- p += 3;
+ p += 3;
- /* Next, get the encoded ECPoint */
- if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
- ((bn_ctx = BN_CTX_new()) == NULL)) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ /* Next, get the encoded ECPoint */
+ if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
+ ((bn_ctx = BN_CTX_new()) == NULL)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
- encoded_pt_len = *p;
- /* length of encoded point */
- p += 1;
- param_len += (1 + encoded_pt_len);
- if ((param_len > n) ||
- (EC_POINT_oct2point(group, srvr_ecpoint,
- p, encoded_pt_len, bn_ctx) == 0)) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_ECPOINT);
- goto f_err;
- }
+ encoded_pt_len = *p;
+ /* length of encoded point */
+ p += 1;
+ param_len += (1 + encoded_pt_len);
+ if ((param_len > n) ||
+ (EC_POINT_oct2point(group, srvr_ecpoint,
+ p, encoded_pt_len, bn_ctx) == 0)) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_ECPOINT);
+ goto f_err;
+ }
- n -= param_len;
- p += encoded_pt_len;
+ n -= param_len;
+ p += encoded_pt_len;
- /* The ECC/TLS specification does not mention
- * the use of DSA to sign ECParameters in the server
- * key exchange message. We do support RSA and ECDSA.
- */
- if (alg_a & SSL_aRSA)
- pkey = X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+ /*
+ * The ECC/TLS specification does not mention the use
+ * of DSA to sign ECParameters in the server key
+ * exchange message. We do support RSA and ECDSA.
+ */
+ if (alg_a & SSL_aRSA)
+ pkey = X509_get_pubkey(
+ s->session->sess_cert->peer_pkeys[
+ SSL_PKEY_RSA_ENC].x509);
#ifndef OPENSSL_NO_ECDSA
- else if (alg_a & SSL_aECDSA)
- pkey = X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
+ else if (alg_a & SSL_aECDSA)
+ pkey = X509_get_pubkey(
+ s->session->sess_cert->peer_pkeys[
+ SSL_PKEY_ECC].x509);
#endif
- /* else anonymous ECDH, so no certificate or pkey. */
- EC_KEY_set_public_key(ecdh, srvr_ecpoint);
- s->session->sess_cert->peer_ecdh_tmp = ecdh;
- ecdh = NULL;
- BN_CTX_free(bn_ctx);
- bn_ctx = NULL;
- EC_POINT_free(srvr_ecpoint);
- srvr_ecpoint = NULL;
- } else if (alg_k) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
- goto f_err;
- }
+ /* Else anonymous ECDH, so no certificate or pkey. */
+ EC_KEY_set_public_key(ecdh, srvr_ecpoint);
+ s->session->sess_cert->peer_ecdh_tmp = ecdh;
+ ecdh = NULL;
+ BN_CTX_free(bn_ctx);
+ bn_ctx = NULL;
+ EC_POINT_free(srvr_ecpoint);
+ srvr_ecpoint = NULL;
+ } else if (alg_k) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
#endif /* !OPENSSL_NO_ECDH */
-
/* p points to the next byte, there are 'n' bytes left */
/* if it was signed, check the signature */
@@ -1558,23 +1683,30 @@ ssl3_get_key_exchange(SSL *s)
int sigalg = tls12_get_sigid(pkey);
/* Should never happen */
if (sigalg == -1) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
- /* Check key type is consistent with signature */
+ /*
+ * Check key type is consistent
+ * with signature
+ */
if (sigalg != (int)p[1]) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_TYPE);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_WRONG_SIGNATURE_TYPE);
al = SSL_AD_DECODE_ERROR;
goto f_err;
}
md = tls12_get_hash(p[0]);
if (md == NULL) {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNKNOWN_DIGEST);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_UNKNOWN_DIGEST);
al = SSL_AD_DECODE_ERROR;
goto f_err;
}
#ifdef SSL_DEBUG
- fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+ fprintf(stderr, "USING TLSv1.2 HASH %s\n",
+ EVP_MD_name(md));
#endif
p += 2;
n -= 2;
@@ -1588,11 +1720,13 @@ ssl3_get_key_exchange(SSL *s)
if ((i != n) || (n > j) || (n <= 0)) {
/* wrong packet length */
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_LENGTH);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_WRONG_SIGNATURE_LENGTH);
goto f_err;
}
- if (pkey->type == EVP_PKEY_RSA && TLS1_get_version(s) < TLS1_2_VERSION) {
+ if (pkey->type == EVP_PKEY_RSA &&
+ TLS1_get_version(s) < TLS1_2_VERSION) {
int num;
j = 0;
@@ -1600,61 +1734,72 @@ ssl3_get_key_exchange(SSL *s)
for (num = 2; num > 0; num--) {
EVP_MD_CTX_set_flags(&md_ctx,
EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- EVP_DigestInit_ex(&md_ctx,(num == 2)
- ?s->ctx->md5 : s->ctx->sha1, NULL);
- EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]), SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]), SSL3_RANDOM_SIZE);
+ EVP_DigestInit_ex(&md_ctx,
+ (num == 2) ? s->ctx->md5 : s->ctx->sha1,
+ NULL);
+ EVP_DigestUpdate(&md_ctx,
+ &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx,
+ &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx, param, param_len);
- EVP_DigestFinal_ex(&md_ctx, q,(unsigned int *)&i);
+ EVP_DigestFinal_ex(&md_ctx, q,
+ (unsigned int *)&i);
q += i;
j += i;
}
- i = RSA_verify(NID_md5_sha1, md_buf, j, p, n,
- pkey->pkey.rsa);
+ i = RSA_verify(NID_md5_sha1, md_buf, j,
+ p, n, pkey->pkey.rsa);
if (i < 0) {
al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_DECRYPT);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_RSA_DECRYPT);
goto f_err;
}
if (i == 0) {
/* bad signature */
al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_SIGNATURE);
goto f_err;
}
- } else
- {
+ } else {
EVP_VerifyInit_ex(&md_ctx, md, NULL);
- EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]), SSL3_RANDOM_SIZE);
- EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]), SSL3_RANDOM_SIZE);
+ EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE);
EVP_VerifyUpdate(&md_ctx, param, param_len);
if (EVP_VerifyFinal(&md_ctx, p,(int)n, pkey) <= 0) {
/* bad signature */
al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_SIGNATURE);
goto f_err;
}
}
} else {
- if (!(alg_a & SSL_aNULL) && !(alg_k & SSL_kPSK))
- /* aNULL or kPSK do not need public keys */
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ /* aNULL or kPSK do not need public keys */
+ if (!(alg_a & SSL_aNULL) && !(alg_k & SSL_kPSK)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
/* still data left over */
if (n != 0) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_EXTRA_DATA_IN_MESSAGE);
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_EXTRA_DATA_IN_MESSAGE);
goto f_err;
}
}
EVP_PKEY_free(pkey);
EVP_MD_CTX_cleanup(&md_ctx);
return (1);
-f_err:
+ f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
+ err:
EVP_PKEY_free(pkey);
if (rsa != NULL)
RSA_free(rsa);
@@ -1675,20 +1820,16 @@ err:
int
ssl3_get_certificate_request(SSL *s)
{
- int ok, ret = 0;
- unsigned long n, nc, l;
- unsigned int llen, ctype_num, i;
- X509_NAME *xn = NULL;
- const unsigned char *p, *q;
- unsigned char *d;
- STACK_OF(X509_NAME) *ca_sk = NULL;
+ int ok, ret = 0;
+ unsigned long n, nc, l;
+ unsigned int llen, ctype_num, i;
+ X509_NAME *xn = NULL;
+ const unsigned char *p, *q;
+ unsigned char *d;
+ STACK_OF(X509_NAME) *ca_sk = NULL;
- n = s->method->ssl_get_message(s,
- SSL3_ST_CR_CERT_REQ_A,
- SSL3_ST_CR_CERT_REQ_B,
- -1,
- s->max_cert_list,
- &ok);
+ n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_REQ_A,
+ SSL3_ST_CR_CERT_REQ_B, -1, s->max_cert_list, &ok);
if (!ok)
return ((int)n);
@@ -1697,7 +1838,8 @@ ssl3_get_certificate_request(SSL *s)
if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) {
s->s3->tmp.reuse_message = 1;
- /* If we get here we don't need any cached handshake records
+ /*
+ * If we get here we don't need any cached handshake records
* as we wont be doing client auth.
*/
if (s->s3->handshake_buffer) {
@@ -1709,15 +1851,18 @@ ssl3_get_certificate_request(SSL *s)
if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_WRONG_MESSAGE_TYPE);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_WRONG_MESSAGE_TYPE);
goto err;
}
/* TLS does not like anon-DH with client cert */
if (s->version > SSL3_VERSION) {
if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
+ ssl3_send_alert(s, SSL3_AL_FATAL,
+ SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
goto err;
}
}
@@ -1725,7 +1870,8 @@ ssl3_get_certificate_request(SSL *s)
p = d=(unsigned char *)s->init_msg;
if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -1743,12 +1889,14 @@ ssl3_get_certificate_request(SSL *s)
*/
if ((unsigned long)(p - d + llen + 2) > n) {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_DATA_LENGTH_TOO_LONG);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_DATA_LENGTH_TOO_LONG);
goto err;
}
if ((llen & 1) || !tls1_process_sigalgs(s, p, llen)) {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_SIGNATURE_ALGORITHMS_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_SIGNATURE_ALGORITHMS_ERROR);
goto err;
}
p += llen;
@@ -1759,7 +1907,8 @@ ssl3_get_certificate_request(SSL *s)
if ((unsigned long)(p - d + llen) != n) {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_LENGTH_MISMATCH);
goto err;
}
@@ -1769,7 +1918,8 @@ ssl3_get_certificate_request(SSL *s)
if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
goto cont; /* netscape bugs */
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_CA_DN_TOO_LONG);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_CA_DN_TOO_LONG);
goto err;
}
@@ -1780,19 +1930,23 @@ ssl3_get_certificate_request(SSL *s)
if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
goto cont;
else {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_ASN1_LIB);
+ ssl3_send_alert(s, SSL3_AL_FATAL,
+ SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ ERR_R_ASN1_LIB);
goto err;
}
}
if (q != (p + l)) {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_CA_DN_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_CA_DN_LENGTH_MISMATCH);
goto err;
}
if (!sk_X509_NAME_push(ca_sk, xn)) {
- SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -1801,7 +1955,7 @@ ssl3_get_certificate_request(SSL *s)
}
if (0) {
-cont:
+ cont:
ERR_clear_error();
}
@@ -1814,7 +1968,7 @@ cont:
ca_sk = NULL;
ret = 1;
-err:
+ err:
if (ca_sk != NULL)
sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
return (ret);
@@ -1830,10 +1984,10 @@ ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
int
ssl3_get_new_session_ticket(SSL *s)
{
- int ok, al, ret = 0, ticklen;
- long n;
- const unsigned char *p;
- unsigned char *d;
+ int ok, al, ret = 0, ticklen;
+ long n;
+ const unsigned char *p;
+ unsigned char *d;
n = s->method->ssl_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,
SSL3_ST_CR_SESSION_TICKET_B, -1, 16384, &ok);
@@ -1846,13 +2000,15 @@ ssl3_get_new_session_ticket(SSL *s)
}
if (s->s3->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) {
al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_BAD_MESSAGE_TYPE);
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,
+ SSL_R_BAD_MESSAGE_TYPE);
goto f_err;
}
if (n < 6) {
/* need at least ticket_lifetime_hint + ticket length */
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,
+ SSL_R_LENGTH_MISMATCH);
goto f_err;
}
@@ -1862,7 +2018,8 @@ ssl3_get_new_session_ticket(SSL *s)
/* ticket_lifetime_hint + ticket_length + ticket */
if (ticklen + 6 != n) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,
+ SSL_R_LENGTH_MISMATCH);
goto f_err;
}
if (s->session->tlsext_tick) {
@@ -1871,12 +2028,14 @@ ssl3_get_new_session_ticket(SSL *s)
}
s->session->tlsext_tick = malloc(ticklen);
if (!s->session->tlsext_tick) {
- SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
memcpy(s->session->tlsext_tick, p, ticklen);
s->session->tlsext_ticklen = ticklen;
- /* There are two ways to detect a resumed ticket sesion.
+ /*
+ * There are two ways to detect a resumed ticket sesion.
* One is to set an appropriate session ID and then the server
* must return a match in ServerHello. This allows the normal
* client session ID matching to work and we know much
@@ -1891,23 +2050,22 @@ ssl3_get_new_session_ticket(SSL *s)
* to the SHA256 (or SHA1 is SHA256 is disabled) hash of the
* ticket.
*/
- EVP_Digest(p, ticklen,
- s->session->session_id, &s->session->session_id_length,
- EVP_sha256(), NULL);
+ EVP_Digest(p, ticklen, s->session->session_id,
+ &s->session->session_id_length, EVP_sha256(), NULL);
ret = 1;
return (ret);
-f_err:
+ f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
+ err:
return (-1);
}
int
ssl3_get_cert_status(SSL *s)
{
- int ok, al;
- unsigned long resplen, n;
- const unsigned char *p;
+ int ok, al;
+ unsigned long resplen, n;
+ const unsigned char *p;
n = s->method->ssl_get_message(s,
SSL3_ST_CR_CERT_STATUS_A,
@@ -1921,19 +2079,22 @@ ssl3_get_cert_status(SSL *s)
if (n < 4) {
/* need at least status type + length */
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
+ SSL_R_LENGTH_MISMATCH);
goto f_err;
}
p = (unsigned char *)s->init_msg;
if (*p++ != TLSEXT_STATUSTYPE_ocsp) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE);
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
+ SSL_R_UNSUPPORTED_STATUS_TYPE);
goto f_err;
}
n2l3(p, resplen);
if (resplen + 4 != n) {
al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
+ SSL_R_LENGTH_MISMATCH);
goto f_err;
}
if (s->tlsext_ocsp_resp)
@@ -1941,7 +2102,8 @@ ssl3_get_cert_status(SSL *s)
s->tlsext_ocsp_resp = BUF_memdup(p, resplen);
if (!s->tlsext_ocsp_resp) {
al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
+ ERR_R_MALLOC_FAILURE);
goto f_err;
}
s->tlsext_ocsp_resplen = resplen;
@@ -1950,17 +2112,19 @@ ssl3_get_cert_status(SSL *s)
ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
if (ret == 0) {
al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_INVALID_STATUS_RESPONSE);
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
+ SSL_R_INVALID_STATUS_RESPONSE);
goto f_err;
}
if (ret < 0) {
al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
+ ERR_R_MALLOC_FAILURE);
goto f_err;
}
}
return 1;
-f_err:
+ f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
return (-1);
}
@@ -1969,8 +2133,8 @@ f_err:
int
ssl3_get_server_done(SSL *s)
{
- int ok, ret = 0;
- long n;
+ int ok, ret = 0;
+ long n;
n = s->method->ssl_get_message(s, SSL3_ST_CR_SRVR_DONE_A,
SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE,
@@ -1981,7 +2145,8 @@ ssl3_get_server_done(SSL *s)
if (n > 0) {
/* should contain no data */
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
+ SSLerr(SSL_F_SSL3_GET_SERVER_DONE,
+ SSL_R_LENGTH_MISMATCH);
return -1;
}
ret = 1;
@@ -1992,21 +2157,21 @@ ssl3_get_server_done(SSL *s)
int
ssl3_send_client_key_exchange(SSL *s)
{
- unsigned char *p, *d;
- int n;
- unsigned long alg_k;
- unsigned char *q;
- EVP_PKEY *pkey = NULL;
+ unsigned char *p, *d;
+ int n;
+ unsigned long alg_k;
+ unsigned char *q;
+ EVP_PKEY *pkey = NULL;
#ifndef OPENSSL_NO_KRB5
- KSSL_ERR kssl_err;
+ KSSL_ERR kssl_err;
#endif /* OPENSSL_NO_KRB5 */
#ifndef OPENSSL_NO_ECDH
- EC_KEY *clnt_ecdh = NULL;
- const EC_POINT *srvr_ecpoint = NULL;
- EVP_PKEY *srvr_pub_pkey = NULL;
- unsigned char *encodedPoint = NULL;
- int encoded_pt_len = 0;
- BN_CTX * bn_ctx = NULL;
+ EC_KEY *clnt_ecdh = NULL;
+ const EC_POINT *srvr_ecpoint = NULL;
+ EVP_PKEY *srvr_pub_pkey = NULL;
+ unsigned char *encodedPoint = NULL;
+ int encoded_pt_len = 0;
+ BN_CTX *bn_ctx = NULL;
#endif
if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
@@ -2022,11 +2187,15 @@ ssl3_send_client_key_exchange(SSL *s)
if (s->session->sess_cert->peer_rsa_tmp != NULL)
rsa = s->session->sess_cert->peer_rsa_tmp;
else {
- pkey = X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+ pkey = X509_get_pubkey(
+ s->session->sess_cert->peer_pkeys[
+ SSL_PKEY_RSA_ENC].x509);
if ((pkey == NULL) ||
(pkey->type != EVP_PKEY_RSA) ||
(pkey->pkey.rsa == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ SSLerr(
+ SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
rsa = pkey->pkey.rsa;
@@ -2047,7 +2216,8 @@ ssl3_send_client_key_exchange(SSL *s)
n = RSA_public_encrypt(sizeof tmp_buf,
tmp_buf, p, rsa, RSA_PKCS1_PADDING);
if (n <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, SSL_R_BAD_RSA_ENCRYPT);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_BAD_RSA_ENCRYPT);
goto err;
}
@@ -2075,14 +2245,14 @@ ssl3_send_client_key_exchange(SSL *s)
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH
- + EVP_MAX_IV_LENGTH];
+ + EVP_MAX_IV_LENGTH];
int padl, outl = sizeof(epms);
EVP_CIPHER_CTX_init(&ciph_ctx);
#ifdef KSSL_DEBUG
printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
- alg_k, SSL_kKRB5);
+ alg_k, SSL_kKRB5);
#endif /* KSSL_DEBUG */
authp = NULL;
@@ -2100,44 +2270,46 @@ ssl3_send_client_key_exchange(SSL *s)
{
printf("kssl_cget_tkt rtn %d\n", krb5rc);
if (krb5rc && kssl_err.text)
- printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
+ printf("kssl_cget_tkt kssl_err=%s\n",
+ kssl_err.text);
}
#endif /* KSSL_DEBUG */
if (krb5rc) {
ssl3_send_alert(s, SSL3_AL_FATAL,
- SSL_AD_HANDSHAKE_FAILURE);
+ SSL_AD_HANDSHAKE_FAILURE);
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- kssl_err.reason);
+ kssl_err.reason);
goto err;
}
- /* 20010406 VRS - Earlier versions used KRB5 AP_REQ
- ** in place of RFC 2712 KerberosWrapper, as in:
- **
- ** Send ticket (copy to *p, set n = length)
- ** n = krb5_ap_req.length;
- ** memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
- ** if (krb5_ap_req.data)
- ** kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
- **
- ** Now using real RFC 2712 KerberosWrapper
- ** (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
- ** Note: 2712 "opaque" types are here replaced
- ** with a 2-byte length followed by the value.
- ** Example:
- ** KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
- ** Where "xx xx" = length bytes. Shown here with
- ** optional authenticator omitted.
- */
-
- /* KerberosWrapper.Ticket */
+ /*
+ * 20010406 VRS - Earlier versions used KRB5 AP_REQ
+ * in place of RFC 2712 KerberosWrapper, as in:
+ *
+ * Send ticket (copy to *p, set n = length)
+ * n = krb5_ap_req.length;
+ * memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
+ * if (krb5_ap_req.data)
+ * kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
+ *
+ * Now using real RFC 2712 KerberosWrapper
+ * (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
+ * Note: 2712 "opaque" types are here replaced
+ * with a 2-byte length followed by the value.
+ * Example:
+ * KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
+ * Where "xx xx" = length bytes. Shown here with
+ * optional authenticator omitted.
+ */
+
+ /* KerberosWrapper.Ticket */
s2n(enc_ticket->length, p);
memcpy(p, enc_ticket->data, enc_ticket->length);
p += enc_ticket->length;
n = enc_ticket->length + 2;
- /* KerberosWrapper.Authenticator */
+ /* KerberosWrapper.Authenticator */
if (authp && authp->length) {
s2n(authp->length, p);
memcpy(p, authp->data, authp->length);
@@ -2153,32 +2325,34 @@ ssl3_send_client_key_exchange(SSL *s)
}
tmp_buf[0] = s->client_version >> 8;
- tmp_buf[1] = s->client_version&0xff;
+ tmp_buf[1] = s->client_version & 0xff;
if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
goto err;
- /* 20010420 VRS. Tried it this way; failed.
- ** EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
- ** EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
- ** kssl_ctx->length);
- ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
- */
+ /*
+ * 20010420 VRS. Tried it this way; failed.
+ * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
+ * EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
+ * kssl_ctx->length);
+ * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
+ */
memset(iv, 0, sizeof iv);
/* per RFC 1510 */
EVP_EncryptInit_ex(&ciph_ctx, enc, NULL,
- kssl_ctx->key, iv);
+ kssl_ctx->key, iv);
EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf,
- sizeof tmp_buf);
+ sizeof tmp_buf);
EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
outl += padl;
if (outl > (int)sizeof epms) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
- /* KerberosWrapper.EncryptedPreMasterSecret */
+ /* KerberosWrapper.EncryptedPreMasterSecret */
s2n(outl, p);
memcpy(p, epms, outl);
p += outl;
@@ -2198,50 +2372,58 @@ ssl3_send_client_key_exchange(SSL *s)
DH *dh_srvr, *dh_clnt;
if (s->session->sess_cert == NULL) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+ ssl3_send_alert(s, SSL3_AL_FATAL,
+ SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNEXPECTED_MESSAGE);
goto err;
}
if (s->session->sess_cert->peer_dh_tmp != NULL)
dh_srvr = s->session->sess_cert->peer_dh_tmp;
else {
- /* we get them from the cert */
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
+ /* We get them from the cert. */
+ ssl3_send_alert(s, SSL3_AL_FATAL,
+ SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
goto err;
}
- /* generate a new random key */
+ /* Generate a new random key. */
if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_DH_LIB);
goto err;
}
if (!DH_generate_key(dh_clnt)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_DH_LIB);
DH_free(dh_clnt);
goto err;
}
- /* use the 'p' output buffer for the DH key, but
- * make sure to clear it out afterwards */
-
+ /*
+ * Use the 'p' output buffer for the DH key, but
+ * make sure to clear it out afterwards.
+ */
n = DH_compute_key(p, dh_srvr->pub_key, dh_clnt);
if (n <= 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_DH_LIB);
DH_free(dh_clnt);
goto err;
}
- /* generate master key from the result */
+ /* Generate master key from the result. */
s->session->master_key_length =
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key, p, n);
- /* clean up */
+ /* Clean up. */
memset(p, 0, n);
- /* send off the data */
+ /* Send off the data. */
n = BN_num_bytes(dh_clnt->pub_key);
s2n(n, p);
BN_bn2bin(dh_clnt->pub_key, p);
@@ -2260,13 +2442,15 @@ ssl3_send_client_key_exchange(SSL *s)
int ecdh_clnt_cert = 0;
int field_size = 0;
- /* Did we send out the client's
- * ECDH share for use in premaster
- * computation as part of client certificate?
- * If so, set ecdh_clnt_cert to 1.
+ /*
+ * Did we send out the client's ECDH share for use
+ * in premaster computation as part of client
+ * certificate? If so, set ecdh_clnt_cert to 1.
*/
- if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->cert != NULL)) {
- /* XXX: For now, we do not support client
+ if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) &&
+ (s->cert != NULL)) {
+ /*
+ * XXX: For now, we do not support client
* authentication using ECDH certificates.
* To add such support, one needs to add
* code that checks for appropriate
@@ -2294,10 +2478,11 @@ ssl3_send_client_key_exchange(SSL *s)
srvr_pub_pkey = X509_get_pubkey(s->session-> \
sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
if ((srvr_pub_pkey == NULL) ||
- (srvr_pub_pkey->type != EVP_PKEY_EC) ||
- (srvr_pub_pkey->pkey.ec == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
+ (srvr_pub_pkey->type != EVP_PKEY_EC) ||
+ (srvr_pub_pkey->pkey.ec == NULL)) {
+ SSLerr(
+ SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
@@ -2309,21 +2494,24 @@ ssl3_send_client_key_exchange(SSL *s)
if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
+ ERR_R_INTERNAL_ERROR);
goto err;
}
if ((clnt_ecdh = EC_KEY_new()) == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_EC_LIB);
goto err;
}
if (ecdh_clnt_cert) {
- /* Reuse key info from our certificate
+ /*
+ * Reuse key info from our certificate
* We only need our private key to perform
* the ECDH computation.
*/
@@ -2331,73 +2519,83 @@ ssl3_send_client_key_exchange(SSL *s)
tkey = s->cert->key->privatekey->pkey.ec;
priv_key = EC_KEY_get0_private_key(tkey);
if (priv_key == NULL) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ SSLerr(
+ SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ if (!EC_KEY_set_private_key(clnt_ecdh,
+ priv_key)) {
+ SSLerr(
+ SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_EC_LIB);
goto err;
}
} else {
/* Generate a new ECDH key pair */
if (!(EC_KEY_generate_key(clnt_ecdh))) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ SSLerr(
+ SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_ECDH_LIB);
goto err;
}
}
- /* use the 'p' output buffer for the ECDH key, but
- * make sure to clear it out afterwards
+ /*
+ * Use the 'p' output buffer for the ECDH key, but
+ * make sure to clear it out afterwards.
*/
-
field_size = EC_GROUP_get_degree(srvr_group);
if (field_size <= 0) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_ECDH_LIB);
+ ERR_R_ECDH_LIB);
goto err;
}
- n = ECDH_compute_key(p, (field_size + 7)/8, srvr_ecpoint, clnt_ecdh, NULL);
+ n = ECDH_compute_key(p, (field_size + 7)/8,
+ srvr_ecpoint, clnt_ecdh, NULL);
if (n <= 0) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_ECDH_LIB);
+ ERR_R_ECDH_LIB);
goto err;
}
/* generate master key from the result */
s->session->master_key_length = s->method->ssl3_enc \
-> generate_master_secret(s,
- s->session->master_key,
- p, n);
+ s->session->master_key, p, n);
memset(p, 0, n); /* clean up */
if (ecdh_clnt_cert) {
- /* Send empty client key exch message */
+ /* Send empty client key exch message. */
n = 0;
} else {
- /* First check the size of encoding and
+ /*
+ * First check the size of encoding and
* allocate memory accordingly.
*/
- encoded_pt_len =
- EC_POINT_point2oct(srvr_group,
- EC_KEY_get0_public_key(clnt_ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- NULL, 0, NULL);
+ encoded_pt_len = EC_POINT_point2oct(
+ srvr_group,
+ EC_KEY_get0_public_key(clnt_ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ NULL, 0, NULL);
encodedPoint = malloc(encoded_pt_len);
bn_ctx = BN_CTX_new();
if ((encodedPoint == NULL) ||
(bn_ctx == NULL)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ SSLerr(
+ SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
/* Encode the public key */
n = EC_POINT_point2oct(srvr_group,
- EC_KEY_get0_public_key(clnt_ecdh),
- POINT_CONVERSION_UNCOMPRESSED,
- encodedPoint, encoded_pt_len, bn_ctx);
+ EC_KEY_get0_public_key(clnt_ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ encodedPoint, encoded_pt_len, bn_ctx);
*p = n; /* length of encoded point */
/* Encoded point will be copied here */
@@ -2427,61 +2625,80 @@ ssl3_send_client_key_exchange(SSL *s)
size_t msglen;
unsigned int md_len;
int keytype;
- unsigned char premaster_secret[32], shared_ukm[32], tmp[256];
+ unsigned char premaster_secret[32], shared_ukm[32],
+ tmp[256];
EVP_MD_CTX *ukm_hash;
EVP_PKEY *pub_key;
/* Get server sertificate PKEY and create ctx from it */
- peer_cert = s->session->sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST01)].x509;
+ peer_cert = s->session->sess_cert->peer_pkeys[(
+ keytype = SSL_PKEY_GOST01)].x509;
if (!peer_cert)
- peer_cert = s->session->sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST94)].x509;
+ peer_cert = s->session->sess_cert->peer_pkeys[
+ (keytype = SSL_PKEY_GOST94)].x509;
if (!peer_cert) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
goto err;
}
- pkey_ctx = EVP_PKEY_CTX_new(pub_key = X509_get_pubkey(peer_cert), NULL);
- /* If we have send a certificate, and certificate key
-
+ pkey_ctx = EVP_PKEY_CTX_new(
+ pub_key = X509_get_pubkey(peer_cert),
+ NULL);
+ /*
+ * If we have send a certificate, and certificate key
* parameters match those of server certificate, use
- * certificate key for key exchange
+ * certificate key for key exchange.
+ * Otherwise, generate ephemeral key pair.
*/
- /* Otherwise, generate ephemeral key pair */
-
EVP_PKEY_encrypt_init(pkey_ctx);
- /* Generate session key */
+ /* Generate session key. */
RAND_bytes(premaster_secret, 32);
- /* If we have client certificate, use its secret as peer key */
+ /*
+ * If we have client certificate, use its secret
+ * as peer key.
+ */
if (s->s3->tmp.cert_req && s->cert->key->privatekey) {
- if (EVP_PKEY_derive_set_peer(pkey_ctx, s->cert->key->privatekey) <=0) {
- /* If there was an error - just ignore it. Ephemeral key
- * would be used
- */
+ if (EVP_PKEY_derive_set_peer(pkey_ctx,
+ s->cert->key->privatekey) <=0) {
+ /*
+ * If there was an error -
+ * just ignore it. Ephemeral key
+ * would be used
+ */
ERR_clear_error();
}
}
- /* Compute shared IV and store it in algorithm-specific
- * context data */
+ /*
+ * Compute shared IV and store it in algorithm-specific
+ * context data
+ */
ukm_hash = EVP_MD_CTX_create();
- EVP_DigestInit(ukm_hash, EVP_get_digestbynid(NID_id_GostR3411_94));
- EVP_DigestUpdate(ukm_hash, s->s3->client_random, SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(ukm_hash, s->s3->server_random, SSL3_RANDOM_SIZE);
+ EVP_DigestInit(ukm_hash,
+ EVP_get_digestbynid(NID_id_GostR3411_94));
+ EVP_DigestUpdate(ukm_hash,
+ s->s3->client_random, SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(ukm_hash,
+ s->s3->server_random, SSL3_RANDOM_SIZE);
EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len);
EVP_MD_CTX_destroy(ukm_hash);
- if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, EVP_PKEY_CTRL_SET_IV,
- 8, shared_ukm) < 0) {
+ if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT,
+ EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_LIBRARY_BUG);
+ SSL_R_LIBRARY_BUG);
goto err;
}
- /* Make GOST keytransport blob message */
- /*Encapsulate it into sequence */
+ /*
+ * Make GOST keytransport blob message,
+ * encapsulate it into sequence.
+ */
*(p++) = V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
msglen = 255;
- if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret, 32) < 0) {
+ if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen,
+ premaster_secret, 32) < 0) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_LIBRARY_BUG);
+ SSL_R_LIBRARY_BUG);
goto err;
}
if (msglen >= 0x80) {
@@ -2493,16 +2710,17 @@ ssl3_send_client_key_exchange(SSL *s)
n = msglen + 2;
}
memcpy(p, tmp, msglen);
- /* Check if pubkey from client certificate was used */
- if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0) {
- /* Set flag "skip certificate verify" */
+ /* Check if pubkey from client certificate was used. */
+ if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1,
+ EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0) {
+ /* Set flag "skip certificate verify". */
s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
}
EVP_PKEY_CTX_free(pkey_ctx);
s->session->master_key_length =
- s->method->ssl3_enc->generate_master_secret(s,
- s->session->master_key, premaster_secret, 32);
- EVP_PKEY_free(pub_key);
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->session->master_key, premaster_secret, 32);
+ EVP_PKEY_free(pub_key);
}
#ifndef OPENSSL_NO_SRP
@@ -2514,7 +2732,8 @@ ssl3_send_client_key_exchange(SSL *s)
BN_bn2bin(s->srp_ctx.A, p);
n += 2;
} else {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
if (s->session->srp_username != NULL)
@@ -2522,12 +2741,15 @@ ssl3_send_client_key_exchange(SSL *s)
s->session->srp_username = BUF_strdup(s->srp_ctx.login);
if (s->session->srp_username == NULL) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
+ ERR_R_MALLOC_FAILURE);
goto err;
}
- if ((s->session->master_key_length = SRP_generate_client_master_secret(s, s->session->master_key)) < 0) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ if ((s->session->master_key_length =
+ SRP_generate_client_master_secret(s,
+ s->session->master_key)) < 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
}
@@ -2543,27 +2765,29 @@ ssl3_send_client_key_exchange(SSL *s)
n = 0;
if (s->psk_client_callback == NULL) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_PSK_NO_CLIENT_CB);
+ SSL_R_PSK_NO_CLIENT_CB);
goto err;
}
- psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
- identity, PSK_MAX_IDENTITY_LEN,
- psk_or_pre_ms, sizeof(psk_or_pre_ms));
+ psk_len = s->psk_client_callback(s,
+ s->ctx->psk_identity_hint, identity,
+ PSK_MAX_IDENTITY_LEN, psk_or_pre_ms,
+ sizeof(psk_or_pre_ms));
if (psk_len > PSK_MAX_PSK_LEN) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_INTERNAL_ERROR);
+ ERR_R_INTERNAL_ERROR);
goto psk_err;
} else if (psk_len == 0) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- SSL_R_PSK_IDENTITY_NOT_FOUND);
+ SSL_R_PSK_IDENTITY_NOT_FOUND);
goto psk_err;
}
/* create PSK pre_master_secret */
pre_ms_len = 2 + psk_len + 2 + psk_len;
t = psk_or_pre_ms;
- memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
+ memmove(psk_or_pre_ms + psk_len + 4,
+ psk_or_pre_ms, psk_len);
s2n(psk_len, t);
memset(t, 0, psk_len);
t += psk_len;
@@ -2571,11 +2795,12 @@ ssl3_send_client_key_exchange(SSL *s)
if (s->session->psk_identity_hint != NULL)
free(s->session->psk_identity_hint);
- s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
+ s->session->psk_identity_hint =
+ BUF_strdup(s->ctx->psk_identity_hint);
if (s->ctx->psk_identity_hint != NULL &&
s->session->psk_identity_hint == NULL) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
+ ERR_R_MALLOC_FAILURE);
goto psk_err;
}
@@ -2584,25 +2809,26 @@ ssl3_send_client_key_exchange(SSL *s)
s->session->psk_identity = BUF_strdup(identity);
if (s->session->psk_identity == NULL) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
- ERR_R_MALLOC_FAILURE);
+ ERR_R_MALLOC_FAILURE);
goto psk_err;
}
s->session->master_key_length =
s->method->ssl3_enc->generate_master_secret(
- s, s->session->master_key, psk_or_pre_ms,
- pre_ms_len);
+ s, s->session->master_key, psk_or_pre_ms,
+ pre_ms_len);
n = strlen(identity);
s2n(n, p);
memcpy(p, identity, n);
n += 2;
psk_err = 0;
- psk_err:
+ psk_err:
OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN);
OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
if (psk_err != 0) {
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ ssl3_send_alert(s, SSL3_AL_FATAL,
+ SSL_AD_HANDSHAKE_FAILURE);
goto err;
}
}
@@ -2626,7 +2852,7 @@ ssl3_send_client_key_exchange(SSL *s)
/* SSL3_ST_CW_KEY_EXCH_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-err:
+ err:
#ifndef OPENSSL_NO_ECDH
BN_CTX_free(bn_ctx);
if (encodedPoint != NULL)
@@ -2641,14 +2867,14 @@ err:
int
ssl3_send_client_verify(SSL *s)
{
- unsigned char *p, *d;
- unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
- EVP_PKEY *pkey;
- EVP_PKEY_CTX *pctx = NULL;
- EVP_MD_CTX mctx;
- unsigned u = 0;
- unsigned long n;
- int j;
+ unsigned char *p, *d;
+ unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
+ EVP_PKEY *pkey;
+ EVP_PKEY_CTX *pctx = NULL;
+ EVP_MD_CTX mctx;
+ unsigned u = 0;
+ unsigned long n;
+ int j;
EVP_MD_CTX_init(&mctx);
@@ -2656,18 +2882,21 @@ ssl3_send_client_verify(SSL *s)
d = (unsigned char *)s->init_buf->data;
p = &(d[4]);
pkey = s->cert->key->privatekey;
-/* Create context from key and test if sha1 is allowed as digest */
+ /*
+ * Create context from key and test if sha1 is allowed as
+ * digest.
+ */
pctx = EVP_PKEY_CTX_new(pkey, NULL);
EVP_PKEY_sign_init(pctx);
if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
if (TLS1_get_version(s) < TLS1_2_VERSION)
s->method->ssl3_enc->cert_verify_mac(s,
- NID_sha1,
- &(data[MD5_DIGEST_LENGTH]));
+ NID_sha1, &(data[MD5_DIGEST_LENGTH]));
} else {
ERR_clear_error();
}
- /* For TLS v1.2 send signature algorithm and signature
+ /*
+ * For TLS v1.2 send signature algorithm and signature
* using agreed digest and cached handshake records.
*/
if (TLS1_get_version(s) >= TLS1_2_VERSION) {
@@ -2675,10 +2904,11 @@ ssl3_send_client_verify(SSL *s)
void *hdata;
const EVP_MD *md = s->cert->key->digest;
hdatalen = BIO_get_mem_data(s->s3->handshake_buffer,
- &hdata);
- if (hdatalen <= 0 || !tls12_get_sigandhash(p, pkey, md)) {
+ &hdata);
+ if (hdatalen <= 0 ||
+ !tls12_get_sigandhash(p, pkey, md)) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
- ERR_R_INTERNAL_ERROR);
+ ERR_R_INTERNAL_ERROR);
goto err;
}
p += 2;
@@ -2690,7 +2920,7 @@ ssl3_send_client_verify(SSL *s)
!EVP_SignUpdate(&mctx, hdata, hdatalen) ||
!EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
- ERR_R_EVP_LIB);
+ ERR_R_EVP_LIB);
goto err;
}
s2n(u, p);
@@ -2704,7 +2934,8 @@ ssl3_send_client_verify(SSL *s)
if (RSA_sign(NID_md5_sha1, data,
MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]),
&u, pkey->pkey.rsa) <= 0 ) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_RSA_LIB);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
+ ERR_R_RSA_LIB);
goto err;
}
s2n(u, p);
@@ -2715,7 +2946,8 @@ ssl3_send_client_verify(SSL *s)
&(data[MD5_DIGEST_LENGTH]),
SHA_DIGEST_LENGTH, &(p[2]),
(unsigned int *)&j, pkey->pkey.dsa)) {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_DSA_LIB);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
+ ERR_R_DSA_LIB);
goto err;
}
s2n(j, p);
@@ -2728,23 +2960,24 @@ ssl3_send_client_verify(SSL *s)
SHA_DIGEST_LENGTH, &(p[2]),
(unsigned int *)&j, pkey->pkey.ec)) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
- ERR_R_ECDSA_LIB);
+ ERR_R_ECDSA_LIB);
goto err;
}
s2n(j, p);
n = j + 2;
} else
#endif
- if (pkey->type == NID_id_GostR3410_94 || pkey->type == NID_id_GostR3410_2001) {
+ if (pkey->type == NID_id_GostR3410_94 ||
+ pkey->type == NID_id_GostR3410_2001) {
unsigned char signbuf[64];
int i;
size_t sigsize = 64;
s->method->ssl3_enc->cert_verify_mac(s,
- NID_id_GostR3411_94,
- data);
- if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) {
+ NID_id_GostR3411_94, data);
+ if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32)
+ <= 0) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
- ERR_R_INTERNAL_ERROR);
+ ERR_R_INTERNAL_ERROR);
goto err;
}
for (i = 63, j = 0; i >= 0; j++, i--) {
@@ -2753,7 +2986,8 @@ ssl3_send_client_verify(SSL *s)
s2n(j, p);
n = j + 2;
} else {
- SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
*(d++) = SSL3_MT_CERTIFICATE_VERIFY;
@@ -2766,7 +3000,7 @@ ssl3_send_client_verify(SSL *s)
EVP_MD_CTX_cleanup(&mctx);
EVP_PKEY_CTX_free(pctx);
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-err:
+ err:
EVP_MD_CTX_cleanup(&mctx);
EVP_PKEY_CTX_free(pctx);
return (-1);
@@ -2775,10 +3009,10 @@ err:
int
ssl3_send_client_certificate(SSL *s)
{
- X509 *x509 = NULL;
- EVP_PKEY *pkey = NULL;
- int i;
- unsigned long l;
+ X509 *x509 = NULL;
+ EVP_PKEY *pkey = NULL;
+ int i;
+ unsigned long l;
if (s->state == SSL3_ST_CW_CERT_A) {
if ((s->cert == NULL) || (s->cert->key->x509 == NULL) ||
@@ -2792,7 +3026,8 @@ ssl3_send_client_certificate(SSL *s)
if (s->state == SSL3_ST_CW_CERT_B) {
/* If we get an error, we need to
* ssl->rwstate=SSL_X509_LOOKUP; return(-1);
- * We then get retied later */
+ * We then get retied later
+ */
i = ssl_do_client_cert_cb(s, &x509, &pkey);
if (i < 0) {
s->rwstate = SSL_X509_LOOKUP;
@@ -2806,7 +3041,8 @@ ssl3_send_client_certificate(SSL *s)
i = 0;
} else if (i == 1) {
i = 0;
- SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,
+ SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
}
if (x509 != NULL)
@@ -2816,7 +3052,8 @@ ssl3_send_client_certificate(SSL *s)
if (i == 0) {
if (s->version == SSL3_VERSION) {
s->s3->tmp.cert_req = 0;
- ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_CERTIFICATE);
+ ssl3_send_alert(s, SSL3_AL_WARNING,
+ SSL_AD_NO_CERTIFICATE);
return (1);
} else {
s->s3->tmp.cert_req = 2;
@@ -2830,7 +3067,7 @@ ssl3_send_client_certificate(SSL *s)
if (s->state == SSL3_ST_CW_CERT_C) {
s->state = SSL3_ST_CW_CERT_D;
l = ssl3_output_cert_chain(s,
- (s->s3->tmp.cert_req == 2) ? NULL : s->cert->key->x509);
+ (s->s3->tmp.cert_req == 2) ? NULL : s->cert->key->x509);
s->init_num = (int)l;
s->init_off = 0;
}
@@ -2843,25 +3080,26 @@ ssl3_send_client_certificate(SSL *s)
int
ssl3_check_cert_and_algorithm(SSL *s)
{
- int i, idx;
- long alg_k, alg_a;
- EVP_PKEY *pkey = NULL;
- SESS_CERT *sc;
- RSA *rsa;
+ int i, idx;
+ long alg_k, alg_a;
+ EVP_PKEY *pkey = NULL;
+ SESS_CERT *sc;
+ RSA *rsa;
#ifndef OPENSSL_NO_DH
- DH *dh;
+ DH *dh;
#endif
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
alg_a = s->s3->tmp.new_cipher->algorithm_auth;
- /* we don't have a certificate */
+ /* We don't have a certificate. */
if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
return (1);
sc = s->session->sess_cert;
if (sc == NULL) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
@@ -2870,15 +3108,16 @@ ssl3_check_cert_and_algorithm(SSL *s)
dh = s->session->sess_cert->peer_dh_tmp;
#endif
- /* This is the passed certificate */
+ /* This is the passed certificate. */
idx = sc->peer_cert_type;
#ifndef OPENSSL_NO_ECDH
if (idx == SSL_PKEY_ECC) {
if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
- s) == 0)
+ s) == 0)
{ /* check failed */
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_BAD_ECC_CERT);
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_BAD_ECC_CERT);
goto f_err;
} else {
return 1;
@@ -2892,59 +3131,71 @@ ssl3_check_cert_and_algorithm(SSL *s)
/* Check that we have a certificate if we require one */
if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_RSA_SIGNING_CERT);
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_RSA_SIGNING_CERT);
goto f_err;
}
else if ((alg_a & SSL_aDSS) && !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_DSA_SIGNING_CERT);
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_DSA_SIGNING_CERT);
goto f_err;
}
if ((alg_k & SSL_kRSA) &&
!(has_bits(i, EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL))) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_RSA_ENCRYPTING_CERT);
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_RSA_ENCRYPTING_CERT);
goto f_err;
}
#ifndef OPENSSL_NO_DH
if ((alg_k & SSL_kEDH) &&
!(has_bits(i, EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_DH_KEY);
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_DH_KEY);
goto f_err;
} else if ((alg_k & SSL_kDHr) && !has_bits(i, EVP_PK_DH|EVP_PKS_RSA)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_DH_RSA_CERT);
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_DH_RSA_CERT);
goto f_err;
}
else if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH|EVP_PKS_DSA)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_DH_DSA_CERT);
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_DH_DSA_CERT);
goto f_err;
}
#endif
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i, EVP_PKT_EXP)) {
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ !has_bits(i, EVP_PKT_EXP)) {
if (alg_k & SSL_kRSA) {
- if (rsa == NULL ||
- RSA_size(rsa) * 8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
+ if (rsa == NULL || RSA_size(rsa) * 8 >
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
goto f_err;
}
} else
#ifndef OPENSSL_NO_DH
- if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {
- if (dh == NULL ||
- DH_size(dh) * 8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_EXPORT_TMP_DH_KEY);
+ if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {
+ if (dh == NULL || DH_size(dh) * 8 >
+ SSL_C_EXPORT_PKEYLENGTH(
+ s->s3->tmp.new_cipher)) {
+ SSLerr(
+ SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_EXPORT_TMP_DH_KEY);
+ goto f_err;
+ }
+ } else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
goto f_err;
}
- } else
-#endif
- {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
- goto f_err;
- }
}
return (1);
-f_err:
+ f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-err:
+ err:
return (0);
}
@@ -2952,8 +3203,8 @@ err:
int
ssl3_send_next_proto(SSL *s)
{
- unsigned int len, padding_len;
- unsigned char *d;
+ unsigned int len, padding_len;
+ unsigned char *d;
if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {
len = s->next_proto_negotiated_len;
@@ -2974,7 +3225,8 @@ ssl3_send_next_proto(SSL *s)
}
#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
-/* Check to see if handshake is full or resumed. Usually this is just a
+/*
+ * Check to see if handshake is full or resumed. Usually this is just a
* case of checking to see if a cache hit has occurred. In the case of
* session tickets we have to check the next message to be sure.
*/
@@ -2983,8 +3235,9 @@ ssl3_send_next_proto(SSL *s)
int
ssl3_check_finished(SSL *s)
{
- int ok;
- long n;
+ int ok;
+ long n;
+
/* If we have no ticket it cannot be a resumed session. */
if (!s->session->tlsext_tick)
return 1;
@@ -3006,7 +3259,8 @@ ssl3_check_finished(SSL *s)
int
ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
{
- int i = 0;
+ int i = 0;
+
#ifndef OPENSSL_NO_ENGINE
if (s->ctx->client_cert_engine) {
i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index c79464da55a..28a3d51b9e5 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -2743,9 +2743,11 @@ SSL3_ENC_METHOD SSLv3_enc_data = {
long
ssl3_default_timeout(void)
{
- /* 2 hours, the 24 hours mentioned in the SSLv3 spec
- * is way too long for http, the cache would over fill */
- return (60*60*2);
+ /*
+ * 2 hours, the 24 hours mentioned in the SSLv3 spec
+ * is way too long for http, the cache would over fill
+ */
+ return (60 * 60 * 2);
}
int
@@ -2769,13 +2771,14 @@ ssl3_pending(const SSL *s)
if (s->rstate == SSL_ST_READ_BODY)
return 0;
- return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
+ return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ?
+ s->s3->rrec.length : 0;
}
int
ssl3_new(SSL *s)
{
- SSL3_STATE *s3;
+ SSL3_STATE *s3;
if ((s3 = calloc(1, sizeof *s3)) == NULL)
goto err;
@@ -2840,9 +2843,9 @@ ssl3_free(SSL *s)
void
ssl3_clear(SSL *s)
{
- unsigned char *rp, *wp;
- size_t rlen, wlen;
- int init_extra;
+ unsigned char *rp, *wp;
+ size_t rlen, wlen;
+ int init_extra;
#ifdef TLSEXT_TYPE_opaque_prf_input
if (s->s3->client_opaque_prf_input != NULL)
@@ -2932,7 +2935,8 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
if (cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB ||
cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
if (!ssl_cert_inst(&s->cert)) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_MALLOC_FAILURE);
return (0);
}
}
@@ -2959,18 +2963,21 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
case SSL_CTRL_NEED_TMP_RSA:
if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
- (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8))))
+ (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)
+ > (512 / 8))))
ret = 1;
break;
case SSL_CTRL_SET_TMP_RSA:
{
RSA *rsa = (RSA *)parg;
if (rsa == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_PASSED_NULL_PARAMETER);
return (ret);
}
if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_RSA_LIB);
return (ret);
}
if (s->cert->rsa_tmp != NULL)
@@ -2981,7 +2988,8 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
break;
case SSL_CTRL_SET_TMP_RSA_CB:
{
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (ret);
}
break;
@@ -2990,17 +2998,20 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
{
DH *dh = (DH *)parg;
if (dh == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_PASSED_NULL_PARAMETER);
return (ret);
}
if ((dh = DHparams_dup(dh)) == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_DH_LIB);
return (ret);
}
if (!(s->options & SSL_OP_SINGLE_DH_USE)) {
if (!DH_generate_key(dh)) {
DH_free(dh);
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_DH_LIB);
return (ret);
}
}
@@ -3012,7 +3023,8 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
break;
case SSL_CTRL_SET_TMP_DH_CB:
{
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (ret);
}
break;
@@ -3023,18 +3035,21 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
EC_KEY *ecdh = NULL;
if (parg == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_PASSED_NULL_PARAMETER);
return (ret);
}
if (!EC_KEY_up_ref((EC_KEY *)parg)) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_ECDH_LIB);
return (ret);
}
ecdh = (EC_KEY *)parg;
if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
if (!EC_KEY_generate_key(ecdh)) {
EC_KEY_free(ecdh);
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_ECDH_LIB);
return (ret);
}
}
@@ -3046,7 +3061,8 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
break;
case SSL_CTRL_SET_TMP_ECDH_CB:
{
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (ret);
}
break;
@@ -3062,15 +3078,19 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
if (parg == NULL)
break;
if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
- SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
+ SSLerr(SSL_F_SSL3_CTRL,
+ SSL_R_SSL3_EXT_INVALID_SERVERNAME);
return 0;
}
- if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) {
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
+ if ((s->tlsext_hostname = BUF_strdup((char *)parg))
+ == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_INTERNAL_ERROR);
return 0;
}
} else {
- SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
+ SSLerr(SSL_F_SSL3_CTRL,
+ SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
return 0;
}
break;
@@ -3082,9 +3102,13 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
#ifdef TLSEXT_TYPE_opaque_prf_input
case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
if (larg > 12288) {
- /* actual internal limit is 2^16 for the complete hello message
- * (including the cert chain and everything) */
- SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
+ /*
+ * Actual internal limit is 2^16 for the complete
+ * hello message (including the cert chain and
+ * everything)
+ */
+ SSLerr(SSL_F_SSL3_CTRL,
+ SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
break;
}
if (s->tlsext_opaque_prf_input != NULL)
@@ -3148,11 +3172,12 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
long
ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
{
- int ret = 0;
+ int ret = 0;
if (cmd == SSL_CTRL_SET_TMP_RSA_CB || cmd == SSL_CTRL_SET_TMP_DH_CB) {
if (!ssl_cert_inst(&s->cert)) {
- SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL3_CALLBACK_CTRL,
+ ERR_R_MALLOC_FAILURE);
return (0);
}
}
@@ -3173,14 +3198,15 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
#ifndef OPENSSL_NO_ECDH
case SSL_CTRL_SET_TMP_ECDH_CB:
{
- s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+ s->cert->ecdh_tmp_cb =
+ (EC_KEY *(*)(SSL *, int, int))fp;
}
break;
#endif
#ifndef OPENSSL_NO_TLSEXT
case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
s->tlsext_debug_cb = (void (*)(SSL *, int , int,
- unsigned char *, int, void *))fp;
+ unsigned char *, int, void *))fp;
break;
#endif
default:
@@ -3192,7 +3218,7 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
long
ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
{
- CERT *cert;
+ CERT *cert;
cert = ctx->cert;
@@ -3200,7 +3226,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
case SSL_CTRL_NEED_TMP_RSA:
if ((cert->rsa_tmp == NULL) &&
((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
- (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8))))
+ (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
+ (512 / 8))))
return (1);
else
return (0);
@@ -3219,7 +3246,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
i = 0;
}
if (!i) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_RSA_LIB);
return (0);
} else {
if (cert->rsa_tmp != NULL)
@@ -3231,7 +3259,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
/* break; */
case SSL_CTRL_SET_TMP_RSA_CB:
{
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (0);
}
break;
@@ -3242,12 +3271,14 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
dh = (DH *)parg;
if ((new = DHparams_dup(dh)) == NULL) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_DH_LIB);
return 0;
}
if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
if (!DH_generate_key(new)) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_DH_LIB);
DH_free(new);
return 0;
}
@@ -3260,7 +3291,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
/*break; */
case SSL_CTRL_SET_TMP_DH_CB:
{
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (0);
}
break;
@@ -3271,18 +3303,21 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
EC_KEY *ecdh = NULL;
if (parg == NULL) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_ECDH_LIB);
return 0;
}
ecdh = EC_KEY_dup((EC_KEY *)parg);
if (ecdh == NULL) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_EC_LIB);
return 0;
}
if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
if (!EC_KEY_generate_key(ecdh)) {
EC_KEY_free(ecdh);
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_ECDH_LIB);
return 0;
}
}
@@ -3296,7 +3331,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
/* break; */
case SSL_CTRL_SET_TMP_ECDH_CB:
{
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (0);
}
break;
@@ -3312,17 +3348,21 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
if (!keys)
return 48;
if (larg != 48) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ SSL_R_INVALID_TICKET_KEYS_LENGTH);
return 0;
}
if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
memcpy(ctx->tlsext_tick_key_name, keys, 16);
- memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
+ memcpy(ctx->tlsext_tick_hmac_key,
+ keys + 16, 16);
memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
} else {
memcpy(keys, ctx->tlsext_tick_key_name, 16);
- memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
- memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
+ memcpy(keys + 16,
+ ctx->tlsext_tick_hmac_key, 16);
+ memcpy(keys + 32,
+ ctx->tlsext_tick_aes_key, 16);
}
return 1;
}
@@ -3346,17 +3386,21 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
ctx->srp_ctx.login = NULL;
if (parg == NULL)
break;
- if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
+ if (strlen((const char *)parg) > 255 ||
+ strlen((const char *)parg) < 1) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ SSL_R_INVALID_SRP_USERNAME);
return 0;
}
if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_INTERNAL_ERROR);
return 0;
}
break;
case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
- ctx->srp_ctx.SRP_give_srp_client_pwd_callback = srp_password_from_info_cb;
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
+ srp_password_from_info_cb;
ctx->srp_ctx.info = parg;
break;
case SSL_CTRL_SET_SRP_ARG:
@@ -3399,7 +3443,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
long
ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
{
- CERT *cert;
+ CERT *cert;
cert = ctx->cert;
@@ -3425,12 +3469,14 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
#endif
#ifndef OPENSSL_NO_TLSEXT
case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
- ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
+ ctx->tlsext_servername_callback =
+ (int (*)(SSL *, int *, void *))fp;
break;
#ifdef TLSEXT_TYPE_opaque_prf_input
case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
- ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *, void *, size_t, void *))fp;
+ ctx->tlsext_opaque_prf_input_callback =
+ (int (*)(SSL *, void *, size_t, void *))fp;
break;
#endif
@@ -3472,9 +3518,9 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
const SSL_CIPHER *
ssl3_get_cipher_by_char(const unsigned char *p)
{
- SSL_CIPHER c;
- const SSL_CIPHER *cp;
- unsigned long id;
+ SSL_CIPHER c;
+ const SSL_CIPHER *cp;
+ unsigned long id;
id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
c.id = id;
@@ -3492,7 +3538,7 @@ ssl3_get_cipher_by_char(const unsigned char *p)
int
ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
{
- long l;
+ long l;
if (p != NULL) {
l = c->id;
@@ -3507,9 +3553,9 @@ ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
STACK_OF(SSL_CIPHER) *srvr)
{
- SSL_CIPHER *c, *ret = NULL;
- STACK_OF(SSL_CIPHER) *prio, *allow;
- int i, ii, ok;
+ SSL_CIPHER *c, *ret = NULL;
+ STACK_OF(SSL_CIPHER) *prio, *allow;
+ int i, ii, ok;
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
unsigned int j;
int ec_ok, ec_nid;
@@ -3522,7 +3568,8 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
cert = s->cert;
#if 0
- /* Do not set the compare functions, because this may lead to a
+ /*
+ * Do not set the compare functions, because this may lead to a
* reordering by "id". We want to keep the original ordering.
* We may pay a price in performance during sk_SSL_CIPHER_find(),
* but would have to pay with the price of sk_SSL_CIPHER_dup().
@@ -3532,12 +3579,14 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
#endif
#ifdef CIPHER_DEBUG
- printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
+ printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
+ (void *)srvr);
for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
c = sk_SSL_CIPHER_value(srvr, i);
printf("%p:%s\n",(void *)c, c->name);
}
- printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
+ printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
+ (void *)clnt);
for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
c = sk_SSL_CIPHER_value(clnt, i);
printf("%p:%s\n",(void *)c, c->name);
@@ -3592,26 +3641,35 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
if (SSL_C_IS_EXPORT(c)) {
ok = (alg_k & emask_k) && (alg_a & emask_a);
#ifdef CIPHER_DEBUG
- printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n", ok, alg_k, alg_a, emask_k, emask_a,
- (void *)c, c->name);
+ printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",
+ ok, alg_k, alg_a, emask_k, emask_a, (void *)c,
+ c->name);
#endif
} else {
ok = (alg_k & mask_k) && (alg_a & mask_a);
#ifdef CIPHER_DEBUG
- printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, alg_a, mask_k, mask_a,(void *)c,
- c->name);
+ printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
+ ok, alg_k, alg_a, mask_k, mask_a,(void *)c,
+ c->name);
#endif
}
#ifndef OPENSSL_NO_TLSEXT
#ifndef OPENSSL_NO_EC
if (
- /* if we are considering an ECC cipher suite that uses our certificate */
+ /*
+ * if we are considering an ECC cipher suite that uses our
+ * certificate
+ */
(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
/* and we have an ECC certificate */
&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
- /* and the client specified a Supported Point Formats extension */
- && ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
+ /*
+ * and the client specified a Supported Point Formats
+ * extension
+ */
+ && ((s->session->tlsext_ecpointformatlist_length > 0) &&
+ (s->session->tlsext_ecpointformatlist != NULL))
/* and our certificate's point is compressed */
&& (
(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
@@ -3625,8 +3683,11 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
)
) {
ec_ok = 0;
- /* if our certificate's curve is over a field type that the client does not support
- * then do not allow this cipher suite to be negotiated */
+ /*
+ * If our certificate's curve is over a field type
+ * that the client does not support then do not allow
+ * this cipher suite to be negotiated
+ */
if (
(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
@@ -3650,7 +3711,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
ok = ok && ec_ok;
}
if (
- /* if we are considering an ECC cipher suite that uses our certificate */
+ /*
+ * If we are considering an ECC cipher suite that uses our
+ * certificate
+ */
(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
/* and we have an ECC certificate */
&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
@@ -3689,7 +3753,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
ok = ok && ec_ok;
}
if (
- /* if we are considering an ECC cipher suite that uses an ephemeral EC key */
+ /*
+ * if we are considering an ECC cipher suite that uses an
+ * ephemeral EC key
+ */
(alg_k & SSL_kEECDH)
/* and we have an ephemeral EC key */
&& (s->cert->ecdh_tmp != NULL)
@@ -3732,7 +3799,8 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
ii = sk_SSL_CIPHER_find(allow, c);
if (ii >= 0) {
#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
- if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) {
+ if ((alg_k & SSL_kEECDH) &&
+ (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) {
if (!ret)
ret = sk_SSL_CIPHER_value(allow, ii);
continue;
@@ -3748,8 +3816,8 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
int
ssl3_get_req_cert_type(SSL *s, unsigned char *p)
{
- int ret = 0;
- unsigned long alg_k;
+ int ret = 0;
+ unsigned long alg_k;
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
@@ -3784,7 +3852,8 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p)
#endif
#ifndef OPENSSL_NO_ECDSA
- /* ECDSA certs can be used with RSA cipher suites as well
+ /*
+ * ECDSA certs can be used with RSA cipher suites as well
* so we don't need to check for SSL_kECDH or SSL_kEECDH
*/
if (s->version >= TLS1_VERSION) {
@@ -3797,10 +3866,12 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p)
int
ssl3_shutdown(SSL *s)
{
- int ret;
+ int ret;
- /* Don't do anything much if we have not done the handshake or
- * we don't want to send messages :-) */
+ /*
+ * Don't do anything much if we have not done the handshake or
+ * we don't want to send messages :-)
+ */
if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
return (1);
@@ -3811,8 +3882,10 @@ ssl3_shutdown(SSL *s)
#if 1
ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
#endif
- /* our shutdown alert has been sent now, and if it still needs
- * to be written, s->s3->alert_dispatch will be true */
+ /*
+ * Our shutdown alert has been sent now, and if it still needs
+ * to be written, s->s3->alert_dispatch will be true
+ */
if (s->s3->alert_dispatch)
return(-1); /* return WANT_WRITE */
} else if (s->s3->alert_dispatch) {
@@ -3820,10 +3893,12 @@ ssl3_shutdown(SSL *s)
#if 1
ret = s->method->ssl_dispatch_alert(s);
if (ret == -1) {
- /* we only get to return -1 here the 2nd/Nth
+ /*
+ * We only get to return -1 here the 2nd/Nth
* invocation, we must have already signalled
* return 0 upon a previous invoation,
- * return WANT_WRITE */
+ * return WANT_WRITE
+ */
return (ret);
}
#endif
@@ -3845,7 +3920,7 @@ ssl3_shutdown(SSL *s)
int
ssl3_write(SSL *s, const void *buf, int len)
{
- int ret, n;
+ int ret, n;
#if 0
if (s->shutdown & SSL_SEND_SHUTDOWN) {
@@ -3857,16 +3932,18 @@ ssl3_write(SSL *s, const void *buf, int len)
if (s->s3->renegotiate)
ssl3_renegotiate_check(s);
- /* This is an experimental flag that sends the
+ /*
+ * This is an experimental flag that sends the
* last handshake message in the same packet as the first
* use data - used to see if it helps the TCP protocol during
- * session-id reuse */
+ * session-id reuse
+ */
/* The second test is because the buffer may have been removed */
if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) {
/* First time through, we write into the buffer */
if (s->s3->delay_buf_pop_ret == 0) {
ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA,
- buf, len);
+ buf, len);
if (ret <= 0)
return (ret);
@@ -3887,7 +3964,7 @@ ssl3_write(SSL *s, const void *buf, int len)
s->s3->delay_buf_pop_ret = 0;
} else {
ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
- buf, len);
+ buf, len);
if (ret <= 0)
return (ret);
}
@@ -3898,21 +3975,25 @@ ssl3_write(SSL *s, const void *buf, int len)
static int
ssl3_read_internal(SSL *s, void *buf, int len, int peek)
{
- int ret;
+ int ret;
errno = 0;
if (s->s3->renegotiate)
ssl3_renegotiate_check(s);
s->s3->in_read_app_data = 1;
- ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, peek);
+ ret = s->method->ssl_read_bytes(s,
+ SSL3_RT_APPLICATION_DATA, buf, len, peek);
if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
- /* ssl3_read_bytes decided to call s->handshake_func, which
+ /*
+ * ssl3_read_bytes decided to call s->handshake_func, which
* called ssl3_read_bytes to read handshake data.
* However, ssl3_read_bytes actually found application data
* and thinks that application data makes sense here; so disable
- * handshake processing and try to read application data again. */
+ * handshake processing and try to read application data again.
+ */
s->in_handshake++;
- ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, peek);
+ ret = s->method->ssl_read_bytes(s,
+ SSL3_RT_APPLICATION_DATA, buf, len, peek);
s->in_handshake--;
} else
s->s3->in_read_app_data = 0;
@@ -3948,7 +4029,7 @@ ssl3_renegotiate(SSL *s)
int
ssl3_renegotiate_check(SSL *s)
{
- int ret = 0;
+ int ret = 0;
if (s->s3->renegotiate) {
if ((s->s3->rbuf.left == 0) && (s->s3->wbuf.left == 0) &&
@@ -3968,13 +4049,14 @@ ssl3_renegotiate_check(SSL *s)
}
return (ret);
}
-/* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
+/*
+ * If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
* to new SHA256 PRF and handshake macs
*/
long
ssl_get_algorithm2(SSL *s)
{
- long alg2 = s->s3->tmp.new_cipher->algorithm2;
+ long alg2 = s->s3->tmp.new_cipher->algorithm2;
if (s->method->version == TLS1_2_VERSION &&
alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index cde564cade1..830f574183e 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -160,7 +160,10 @@
const char *SSL_version_str = OPENSSL_VERSION_TEXT;
SSL3_ENC_METHOD ssl3_undef_enc_method = {
- /* evil casts, but these functions are only called if there's a library bug */
+ /*
+ * Evil casts, but these functions are only called if there's a
+ * library bug.
+ */
(int (*)(SSL *, int))ssl_undefined_function,
(int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
ssl_undefined_function,
@@ -182,9 +185,9 @@ SSL3_ENC_METHOD ssl3_undef_enc_method = {
int
SSL_clear(SSL *s)
{
-
if (s->method == NULL) {
- SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
+ SSLerr(SSL_F_SSL_CLEAR,
+ SSL_R_NO_METHOD_SPECIFIED);
return (0);
}
@@ -198,7 +201,8 @@ SSL_clear(SSL *s)
s->shutdown = 0;
if (s->renegotiate) {
- SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL_CLEAR,
+ ERR_R_INTERNAL_ERROR);
return 0;
}
@@ -226,16 +230,19 @@ SSL_clear(SSL *s)
s->first_packet = 0;
#if 1
- /* Check to see if we were changed into a different method, if
- * so, revert back if we are not doing session-id reuse. */
- if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method)) {
+ /*
+ * Check to see if we were changed into a different method, if
+ * so, revert back if we are not doing session-id reuse.
+ */
+ if (!s->in_handshake && (s->session == NULL) &&
+ (s->method != s->ctx->method)) {
s->method->ssl_free(s);
s->method = s->ctx->method;
if (!s->method->ssl_new(s))
return (0);
} else
#endif
- s->method->ssl_clear(s);
+ s->method->ssl_clear(s);
return (1);
}
@@ -243,14 +250,15 @@ SSL_clear(SSL *s)
int
SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
{
- STACK_OF(SSL_CIPHER) *sk;
+ STACK_OF(SSL_CIPHER) *sk;
ctx->method = meth;
sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
&(ctx->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
- SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
+ SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
+ SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
return (0);
}
return (1);
@@ -259,14 +267,16 @@ SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
SSL *
SSL_new(SSL_CTX *ctx)
{
- SSL *s;
+ SSL *s;
if (ctx == NULL) {
- SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
+ SSLerr(SSL_F_SSL_NEW,
+ SSL_R_NULL_SSL_CTX);
return (NULL);
}
if (ctx->method == NULL) {
- SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
+ SSLerr(SSL_F_SSL_NEW,
+ SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
return (NULL);
}
@@ -283,7 +293,8 @@ SSL_new(SSL_CTX *ctx)
s->max_cert_list = ctx->max_cert_list;
if (ctx->cert != NULL) {
- /* Earlier library versions used to copy the pointer to
+ /*
+ * Earlier library versions used to copy the pointer to
* the CERT, not its contents; only when setting new
* parameters for the per-SSL copy, ssl_cert_new would be
* called (and the direct reference to the per-SSL_CTX
@@ -291,8 +302,8 @@ SSL_new(SSL_CTX *ctx)
* accessed for various purposes, and for that reason they
* used to be known as s->ctx->default_cert).
* Now we don't look at the SSL_CTX's CERT after having
- * duplicated it once. */
-
+ * duplicated it once.
+ */
s->cert = ssl_cert_dup(ctx->cert);
if (s->cert == NULL)
goto err;
@@ -362,7 +373,7 @@ SSL_new(SSL_CTX *ctx)
#endif
return (s);
-err:
+ err:
if (s != NULL) {
if (s->cert != NULL)
ssl_cert_free(s->cert);
@@ -370,7 +381,8 @@ err:
SSL_CTX_free(s->ctx); /* decrement reference count */
free(s);
}
- SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL_NEW,
+ ERR_R_MALLOC_FAILURE);
return (NULL);
}
@@ -379,7 +391,8 @@ SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
unsigned int sid_ctx_len)
{
if (sid_ctx_len > sizeof ctx->sid_ctx) {
- SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+ SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
+ SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
return 0;
}
ctx->sid_ctx_length = sid_ctx_len;
@@ -393,7 +406,8 @@ SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
unsigned int sid_ctx_len)
{
if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
- SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+ SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
+ SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
return 0;
}
ssl->sid_ctx_length = sid_ctx_len;
@@ -485,7 +499,7 @@ SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
void
SSL_free(SSL *s)
{
- int i;
+ int i;
if (s == NULL)
return;
@@ -550,7 +564,7 @@ SSL_free(SSL *s)
free(s->tlsext_opaque_prf_input);
if (s->tlsext_ocsp_exts)
sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
- X509_EXTENSION_free);
+ X509_EXTENSION_free);
if (s->tlsext_ocsp_ids)
sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
if (s->tlsext_ocsp_resp)
@@ -587,8 +601,7 @@ SSL_free(SSL *s)
void
SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
{
- /* If the output buffering BIO is still in place, remove it
- */
+ /* If the output buffering BIO is still in place, remove it */
if (s->bbio != NULL) {
if (s->wbio == s->bbio) {
s->wbio = s->wbio->next_bio;
@@ -624,8 +637,8 @@ SSL_get_fd(const SSL *s)
int
SSL_get_rfd(const SSL *s)
{
- int ret = -1;
- BIO *b, *r;
+ int ret = -1;
+ BIO *b, *r;
b = SSL_get_rbio(s);
r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
@@ -637,8 +650,8 @@ SSL_get_rfd(const SSL *s)
int
SSL_get_wfd(const SSL *s)
{
- int ret = -1;
- BIO *b, *r;
+ int ret = -1;
+ BIO *b, *r;
b = SSL_get_wbio(s);
r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
@@ -651,34 +664,36 @@ SSL_get_wfd(const SSL *s)
int
SSL_set_fd(SSL *s, int fd)
{
- int ret = 0;
- BIO *bio = NULL;
+ int ret = 0;
+ BIO *bio = NULL;
bio = BIO_new(BIO_s_socket());
if (bio == NULL) {
- SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
+ SSLerr(SSL_F_SSL_SET_FD,
+ ERR_R_BUF_LIB);
goto err;
}
BIO_set_fd(bio, fd, BIO_NOCLOSE);
SSL_set_bio(s, bio, bio);
ret = 1;
-err:
+ err:
return (ret);
}
int
SSL_set_wfd(SSL *s, int fd)
{
- int ret = 0;
- BIO *bio = NULL;
+ int ret = 0;
+ BIO *bio = NULL;
if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
- || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
+ || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
bio = BIO_new(BIO_s_socket());
- if (bio == NULL)
- { SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
+ if (bio == NULL) {
+ SSLerr(SSL_F_SSL_SET_WFD,
+ ERR_R_BUF_LIB);
goto err;
}
BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -686,22 +701,23 @@ SSL_set_wfd(SSL *s, int fd)
} else
SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
ret = 1;
-err:
+ err:
return (ret);
}
int
SSL_set_rfd(SSL *s, int fd)
{
- int ret = 0;
- BIO *bio = NULL;
+ int ret = 0;
+ BIO *bio = NULL;
if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
- || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
+ || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
bio = BIO_new(BIO_s_socket());
if (bio == NULL) {
- SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
+ SSLerr(SSL_F_SSL_SET_RFD,
+ ERR_R_BUF_LIB);
goto err;
}
BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -709,7 +725,7 @@ SSL_set_rfd(SSL *s, int fd)
} else
SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
ret = 1;
-err:
+ err:
return (ret);
}
#endif
@@ -719,7 +735,7 @@ err:
size_t
SSL_get_finished(const SSL *s, void *buf, size_t count)
{
- size_t ret = 0;
+ size_t ret = 0;
if (s->s3 != NULL) {
ret = s->s3->tmp.finish_md_len;
@@ -734,7 +750,7 @@ SSL_get_finished(const SSL *s, void *buf, size_t count)
size_t
SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
{
- size_t ret = 0;
+ size_t ret = 0;
if (s->s3 != NULL) {
ret = s->s3->tmp.peer_finish_md_len;
@@ -810,7 +826,8 @@ SSL_get_read_ahead(const SSL *s)
int
SSL_pending(const SSL *s)
{
- /* SSL_pending cannot work properly if read-ahead is enabled
+ /*
+ * SSL_pending cannot work properly if read-ahead is enabled
* (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
* and it is impossible to fix since SSL_pending cannot report
* errors that may be observed while scanning the new data.
@@ -823,7 +840,7 @@ SSL_pending(const SSL *s)
X509 *
SSL_get_peer_certificate(const SSL *s)
{
- X509 *r;
+ X509 *r;
if ((s == NULL) || (s->session == NULL))
r = NULL;
@@ -841,32 +858,38 @@ SSL_get_peer_certificate(const SSL *s)
STACK_OF(X509) *
SSL_get_peer_cert_chain(const SSL *s)
{
- STACK_OF(X509) *r;
+ STACK_OF(X509) *r;
- if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
+ if ((s == NULL) || (s->session == NULL) ||
+ (s->session->sess_cert == NULL))
r = NULL;
else
r = s->session->sess_cert->cert_chain;
- /* If we are a client, cert_chain includes the peer's own
+ /*
+ * If we are a client, cert_chain includes the peer's own
* certificate;
-if we are a server, it does not. */
-
+ * if we are a server, it does not.
+ */
return (r);
}
-/* Now in theory, since the calling process own 't' it should be safe to
- * modify. We need to be able to read f without being hassled */
+/*
+ * Now in theory, since the calling process own 't' it should be safe to
+ * modify. We need to be able to read f without being hassled
+ */
void
SSL_copy_session_id(SSL *t, const SSL *f)
{
- CERT *tmp;
+ CERT *tmp;
/* Do we need to to SSL locking? */
SSL_set_session(t, SSL_get_session(f));
- /* what if we are setup as SSLv2 but want to talk SSLv3 or
- * vice-versa */
+ /*
+ * What if we are setup as SSLv2 but want to talk SSLv3 or
+ * vice-versa.
+ */
if (t->method != f->method) {
t->method->ssl_free(t); /* cleanup current */
t->method=f->method; /* change method */
@@ -888,17 +911,19 @@ SSL_copy_session_id(SSL *t, const SSL *f)
int
SSL_CTX_check_private_key(const SSL_CTX *ctx)
{
- if ((ctx == NULL) ||
- (ctx->cert == NULL) ||
- (ctx->cert->key->x509 == NULL)) {
- SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
+ if ((ctx == NULL) || (ctx->cert == NULL) ||
+ (ctx->cert->key->x509 == NULL)) {
+ SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
+ SSL_R_NO_CERTIFICATE_ASSIGNED);
return (0);
}
if (ctx->cert->key->privatekey == NULL) {
- SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+ SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
+ SSL_R_NO_PRIVATE_KEY_ASSIGNED);
return (0);
}
- return (X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
+ return (X509_check_private_key(ctx->cert->key->x509,
+ ctx->cert->key->privatekey));
}
/* Fix this function so that it takes an optional type parameter */
@@ -906,31 +931,34 @@ int
SSL_check_private_key(const SSL *ssl)
{
if (ssl == NULL) {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
+ ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
if (ssl->cert == NULL) {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
+ SSL_R_NO_CERTIFICATE_ASSIGNED);
return 0;
}
if (ssl->cert->key->x509 == NULL) {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
+ SSL_R_NO_CERTIFICATE_ASSIGNED);
return (0);
}
if (ssl->cert->key->privatekey == NULL) {
- SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
+ SSL_R_NO_PRIVATE_KEY_ASSIGNED);
return (0);
}
- return(X509_check_private_key(ssl->cert->key->x509,
- ssl->cert->key->privatekey));
+ return (X509_check_private_key(ssl->cert->key->x509,
+ ssl->cert->key->privatekey));
}
int
SSL_accept(SSL *s)
{
if (s->handshake_func == 0)
- /* Not properly initialized yet */
- SSL_set_accept_state(s);
+ SSL_set_accept_state(s); /* Not properly initialized yet */
return (s->method->ssl_accept(s));
}
@@ -939,8 +967,7 @@ int
SSL_connect(SSL *s)
{
if (s->handshake_func == 0)
- /* Not properly initialized yet */
- SSL_set_connect_state(s);
+ SSL_set_connect_state(s); /* Not properly initialized yet */
return (s->method->ssl_connect(s));
}
@@ -955,7 +982,8 @@ int
SSL_read(SSL *s, void *buf, int num)
{
if (s->handshake_func == 0) {
- SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+ SSLerr(SSL_F_SSL_READ,
+ SSL_R_UNINITIALIZED);
return -1;
}
@@ -970,7 +998,8 @@ int
SSL_peek(SSL *s, void *buf, int num)
{
if (s->handshake_func == 0) {
- SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
+ SSLerr(SSL_F_SSL_PEEK,
+ SSL_R_UNINITIALIZED);
return -1;
}
@@ -984,13 +1013,15 @@ int
SSL_write(SSL *s, const void *buf, int num)
{
if (s->handshake_func == 0) {
- SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
+ SSLerr(SSL_F_SSL_WRITE,
+ SSL_R_UNINITIALIZED);
return -1;
}
if (s->shutdown & SSL_SENT_SHUTDOWN) {
s->rwstate = SSL_NOTHING;
- SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
+ SSLerr(SSL_F_SSL_WRITE,
+ SSL_R_PROTOCOL_IS_SHUTDOWN);
return (-1);
}
return (s->method->ssl_write(s, buf, num));
@@ -999,14 +1030,16 @@ SSL_write(SSL *s, const void *buf, int num)
int
SSL_shutdown(SSL *s)
{
- /* Note that this function behaves differently from what one might
+ /*
+ * Note that this function behaves differently from what one might
* expect. Return values are 0 for no success (yet),
* 1 for success; but calling it once is usually not enough,
* even if blocking I/O is used (see ssl3_shutdown).
*/
if (s->handshake_func == 0) {
- SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
+ SSLerr(SSL_F_SSL_SHUTDOWN,
+ SSL_R_UNINITIALIZED);
return -1;
}
@@ -1041,15 +1074,17 @@ SSL_renegotiate_abbreviated(SSL *s)
int
SSL_renegotiate_pending(SSL *s)
{
- /* becomes true when negotiation is requested;
- * false again once a handshake has finished */
+ /*
+ * Becomes true when negotiation is requested;
+ * false again once a handshake has finished.
+ */
return (s->renegotiate != 0);
}
long
SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
{
- long l;
+ long l;
switch (cmd) {
case SSL_CTRL_GET_READ_AHEAD:
@@ -1084,7 +1119,7 @@ SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
#endif
if (SSL_version(s) == DTLS1_VERSION ||
- SSL_version(s) == DTLS1_BAD_VER) {
+ SSL_version(s) == DTLS1_BAD_VER) {
s->d1->mtu = larg;
return larg;
}
@@ -1108,7 +1143,9 @@ SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
{
switch (cmd) {
case SSL_CTRL_SET_MSG_CALLBACK:
- s->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
+ s->msg_callback = (void (*)(int write_p, int version,
+ int content_type, const void *buf, size_t len,
+ SSL *ssl, void *arg))(fp);
return 1;
default:
@@ -1125,7 +1162,7 @@ SSL_CTX_sessions(SSL_CTX *ctx)
long
SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
{
- long l;
+ long l;
switch (cmd) {
case SSL_CTRL_GET_READ_AHEAD:
@@ -1206,7 +1243,9 @@ SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
{
switch (cmd) {
case SSL_CTRL_SET_MSG_CALLBACK:
- ctx->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
+ ctx->msg_callback = (void (*)(int write_p, int version,
+ int content_type, const void *buf, size_t len, SSL *ssl,
+ void *arg))(fp);
return 1;
default:
@@ -1217,7 +1256,7 @@ SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
int
ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
{
- long l;
+ long l;
l = a->id - b->id;
if (l == 0L)
@@ -1230,7 +1269,7 @@ int
ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
const SSL_CIPHER * const *bp)
{
- long l;
+ long l;
l = (*ap)->id - (*bp)->id;
if (l == 0L)
@@ -1239,24 +1278,27 @@ ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
return ((l > 0) ? 1:-1);
}
-/** return a STACK of the ciphers available for the SSL and in order of
- * preference */
+/*
+ * Return a STACK of the ciphers available for the SSL and in order of
+ * preference.
+ */
STACK_OF(SSL_CIPHER) *
SSL_get_ciphers(const SSL *s)
{
if (s != NULL) {
if (s->cipher_list != NULL) {
return (s->cipher_list);
- } else if ((s->ctx != NULL) &&
- (s->ctx->cipher_list != NULL)) {
+ } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
return (s->ctx->cipher_list);
}
}
return (NULL);
}
-/** return a STACK of the ciphers available for the SSL and in order of
- * algorithm id */
+/*
+ * Return a STACK of the ciphers available for the SSL and in order of
+ * algorithm id.
+ */
STACK_OF(SSL_CIPHER) *
ssl_get_ciphers_by_id(SSL *s)
{
@@ -1264,19 +1306,19 @@ ssl_get_ciphers_by_id(SSL *s)
if (s->cipher_list_by_id != NULL) {
return (s->cipher_list_by_id);
} else if ((s->ctx != NULL) &&
- (s->ctx->cipher_list_by_id != NULL)) {
+ (s->ctx->cipher_list_by_id != NULL)) {
return (s->ctx->cipher_list_by_id);
}
}
return (NULL);
}
-/** The old interface to get the same thing as SSL_get_ciphers() */
+/* The old interface to get the same thing as SSL_get_ciphers(). */
const char *
SSL_get_cipher_list(const SSL *s, int n)
{
- SSL_CIPHER *c;
- STACK_OF(SSL_CIPHER) *sk;
+ SSL_CIPHER *c;
+ STACK_OF(SSL_CIPHER) *sk;
if (s == NULL)
return (NULL);
@@ -1289,35 +1331,38 @@ SSL_get_cipher_list(const SSL *s, int n)
return (c->name);
}
-/** specify the ciphers to be used by default by the SSL_CTX */
+/* Specify the ciphers to be used by default by the SSL_CTX. */
int
SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
{
- STACK_OF(SSL_CIPHER) *sk;
+ STACK_OF(SSL_CIPHER) *sk;
sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
- &ctx->cipher_list_by_id, str);
- /* ssl_create_cipher_list may return an empty stack if it
+ &ctx->cipher_list_by_id, str);
+ /*
+ * ssl_create_cipher_list may return an empty stack if it
* was unable to find a cipher matching the given rule string
* (for example if the rule string specifies a cipher which
* has been disabled). This is not an error as far as
* ssl_create_cipher_list is concerned, and hence
* ctx->cipher_list and ctx->cipher_list_by_id has been
- * updated. */
+ * updated.
+ */
if (sk == NULL)
return 0;
else if (sk_SSL_CIPHER_num(sk) == 0) {
- SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+ SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST,
+ SSL_R_NO_CIPHER_MATCH);
return 0;
}
return 1;
}
-/** specify the ciphers to be used by the SSL */
+/* Specify the ciphers to be used by the SSL. */
int
SSL_set_cipher_list(SSL *s, const char *str)
{
- STACK_OF(SSL_CIPHER) *sk;
+ STACK_OF(SSL_CIPHER) *sk;
sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
&s->cipher_list_by_id, str);
@@ -1325,7 +1370,8 @@ SSL_set_cipher_list(SSL *s, const char *str)
if (sk == NULL)
return 0;
else if (sk_SSL_CIPHER_num(sk) == 0) {
- SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+ SSLerr(SSL_F_SSL_SET_CIPHER_LIST,
+ SSL_R_NO_CIPHER_MATCH);
return 0;
}
return 1;
@@ -1335,11 +1381,11 @@ SSL_set_cipher_list(SSL *s, const char *str)
char *
SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
{
- char *end;
- STACK_OF(SSL_CIPHER) *sk;
- SSL_CIPHER *c;
- size_t curlen = 0;
- int i;
+ char *end;
+ STACK_OF(SSL_CIPHER) *sk;
+ SSL_CIPHER *c;
+ size_t curlen = 0;
+ int i;
if ((s->session == NULL) || (s->session->ciphers == NULL) ||
(len < 2))
@@ -1351,7 +1397,7 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
c = sk_SSL_CIPHER_value(sk, i);
end = buf + curlen;
if (strlcat(buf, c->name, len) >= len ||
- (curlen = strlcat(buf, ":", len)) >= len) {
+ (curlen = strlcat(buf, ":", len)) >= len) {
/* remove truncated cipher from list */
*end = '\0';
break;
@@ -1367,11 +1413,11 @@ int
ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
int (*put_cb)(const SSL_CIPHER *, unsigned char *))
{
- int i, j = 0;
- SSL_CIPHER *c;
- unsigned char *q;
+ int i, j = 0;
+ SSL_CIPHER *c;
+ unsigned char *q;
#ifndef OPENSSL_NO_KRB5
- int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
+ int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
#endif /* OPENSSL_NO_KRB5 */
if (sk == NULL)
@@ -1382,30 +1428,33 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
c = sk_SSL_CIPHER_value(sk, i);
/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
if ((c->algorithm_ssl & SSL_TLSV1_2) &&
- (TLS1_get_client_version(s) < TLS1_2_VERSION))
- continue;
+ (TLS1_get_client_version(s) < TLS1_2_VERSION))
+ continue;
#ifndef OPENSSL_NO_KRB5
- if (((c->algorithm_mkey & SSL_kKRB5) || (c->algorithm_auth & SSL_aKRB5)) &&
- nokrb5)
- continue;
+ if (((c->algorithm_mkey & SSL_kKRB5) ||
+ (c->algorithm_auth & SSL_aKRB5)) && nokrb5)
+ continue;
#endif /* OPENSSL_NO_KRB5 */
#ifndef OPENSSL_NO_PSK
/* with PSK there must be client callback set */
- if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK)) &&
- s->psk_client_callback == NULL)
- continue;
+ if (((c->algorithm_mkey & SSL_kPSK) ||
+ (c->algorithm_auth & SSL_aPSK)) &&
+ s->psk_client_callback == NULL)
+ continue;
#endif /* OPENSSL_NO_PSK */
j = put_cb ? put_cb(c, p) : ssl_put_cipher_by_char(s, c, p);
p += j;
}
- /* If p == q, no ciphers and caller indicates an error. Otherwise
+ /*
+ * If p == q, no ciphers and caller indicates an error. Otherwise
* add SCSV if not renegotiating.
*/
if (p != q && !s->renegotiate) {
static SSL_CIPHER scsv = {
0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
- j = put_cb ? put_cb(&scsv, p) : ssl_put_cipher_by_char(s, &scsv, p);
+ j = put_cb ? put_cb(&scsv, p) :
+ ssl_put_cipher_by_char(s, &scsv, p);
p += j;
#ifdef OPENSSL_RI_DEBUG
fprintf(stderr, "SCSV sent by client\n");
@@ -1419,15 +1468,17 @@ STACK_OF(SSL_CIPHER) *
ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
STACK_OF(SSL_CIPHER) **skp)
{
- const SSL_CIPHER *c;
- STACK_OF(SSL_CIPHER) *sk;
- int i, n;
+ const SSL_CIPHER *c;
+ STACK_OF(SSL_CIPHER) *sk;
+ int i, n;
+
if (s->s3)
s->s3->send_connection_binding = 0;
n = ssl_put_cipher_by_char(s, NULL, NULL);
if ((num % n) != 0) {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+ SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
return (NULL);
}
if ((skp == NULL) || (*skp == NULL))
@@ -1440,12 +1491,14 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
for (i = 0; i < num; i += n) {
/* Check for SCSV */
if (s->s3 && (n != 3 || !p[0]) &&
- (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
- (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
+ (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
+ (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
/* SCSV fatal if renegotiating */
if (s->renegotiate) {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+ SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
+ ssl3_send_alert(s, SSL3_AL_FATAL,
+ SSL_AD_HANDSHAKE_FAILURE);
goto err;
}
@@ -1461,7 +1514,8 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
p += n;
if (c != NULL) {
if (!sk_SSL_CIPHER_push(sk, c)) {
- SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
}
@@ -1470,7 +1524,7 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num,
if (skp != NULL)
*skp = sk;
return (sk);
-err:
+ err:
if ((skp == NULL) || (*skp == NULL))
sk_SSL_CIPHER_free(sk);
return (NULL);
@@ -1478,10 +1532,10 @@ err:
#ifndef OPENSSL_NO_TLSEXT
-/** return a servername extension value if provided in Client Hello, or NULL.
+/*
+ * Return a servername extension value if provided in Client Hello, or NULL.
* So far, only host_name types are defined (RFC 3546).
*/
-
const char *
SSL_get_servername(const SSL *s, const int type)
{
@@ -1489,20 +1543,23 @@ SSL_get_servername(const SSL *s, const int type)
return NULL;
return s->session && !s->tlsext_hostname ?
- s->session->tlsext_hostname :
- s->tlsext_hostname;
+ s->session->tlsext_hostname :
+ s->tlsext_hostname;
}
int
SSL_get_servername_type(const SSL *s)
{
- if (s->session && (!s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname))
+ if (s->session &&
+ (!s->tlsext_hostname ?
+ s->session->tlsext_hostname : s->tlsext_hostname))
return TLSEXT_NAMETYPE_host_name;
return -1;
}
# ifndef OPENSSL_NO_NEXTPROTONEG
-/* SSL_select_next_proto implements the standard protocol selection. It is
+/*
+ * SSL_select_next_proto implements the standard protocol selection. It is
* expected that this function is called from the callback set by
* SSL_CTX_set_next_proto_select_cb.
*
@@ -1533,17 +1590,23 @@ SSL_get_servername_type(const SSL *s)
* OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
*/
int
-SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned char *server, unsigned int server_len, const unsigned char *client, unsigned int client_len)
+SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+ const unsigned char *server, unsigned int server_len,
+ const unsigned char *client, unsigned int client_len)
{
- unsigned int i, j;
- const unsigned char *result;
- int status = OPENSSL_NPN_UNSUPPORTED;
+ unsigned int i, j;
+ const unsigned char *result;
+ int status = OPENSSL_NPN_UNSUPPORTED;
- /* For each protocol in server preference order, see if we support it. */
+ /*
+ * For each protocol in server preference order,
+ * see if we support it.
+ */
for (i = 0; i < server_len; ) {
for (j = 0; j < client_len; ) {
if (server[i] == client[j] &&
- memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
+ memcmp(&server[i + 1],
+ &client[j + 1], server[i]) == 0) {
/* We found a match */
result = &server[i];
status = OPENSSL_NPN_NEGOTIATED;
@@ -1560,13 +1623,14 @@ SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned
result = client;
status = OPENSSL_NPN_NO_OVERLAP;
- found:
+ found:
*out = (unsigned char *) result + 1;
*outlen = result[0];
return status;
}
-/* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
+/*
+ * SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
* requested protocol for this connection and returns 0. If the client didn't
* request any protocol, then *data is set to NULL.
*
@@ -1575,7 +1639,8 @@ SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned
* provided by the callback.
*/
void
-SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigned *len)
+SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+ unsigned *len)
{
*data = s->next_proto_negotiated;
if (!*data) {
@@ -1585,23 +1650,27 @@ SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigne
}
}
-/* SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
+/*
+ * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
* TLS server needs a list of supported protocols for Next Protocol
* Negotiation. The returned list must be in wire format. The list is returned
* by setting |out| to point to it and |outlen| to its length. This memory will
* not be modified, but one should assume that the SSL* keeps a reference to
* it.
*
- * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise. Otherwise, no
- * such extension will be included in the ServerHello. */
+ * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise.
+ * Otherwise, no such extension will be included in the ServerHello.
+ */
void
-SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
+SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,
+ const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
{
ctx->next_protos_advertised_cb = cb;
ctx->next_protos_advertised_cb_arg = arg;
}
-/* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
+/*
+ * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
* client needs to select a protocol from the server's provided list. |out|
* must be set to point to the selected protocol (which may be within |in|).
* The length of the protocol name must be written into |outlen|. The server's
@@ -1612,7 +1681,9 @@ SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, const u
* callback returns a value other than SSL_TLSEXT_ERR_OK.
*/
void
-SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg), void *arg)
+SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,
+ unsigned char **out, unsigned char *outlen, const unsigned char *in,
+ unsigned int inlen, void *arg), void *arg)
{
ctx->next_proto_select_cb = cb;
ctx->next_proto_select_cb_arg = arg;
@@ -1623,34 +1694,35 @@ SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned char
int
SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
const char *label, size_t llen, const unsigned char *p, size_t plen,
-int use_context)
+ int use_context)
{
if (s->version < TLS1_VERSION)
return -1;
- return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
- llen, p, plen,
- use_context);
+ return s->method->ssl3_enc->export_keying_material(s, out, olen,
+ label, llen, p, plen, use_context);
}
static unsigned long
ssl_session_hash(const SSL_SESSION *a)
{
- unsigned long l;
+ unsigned long l;
l = (unsigned long)
- ((unsigned int) a->session_id[0] )|
- ((unsigned int) a->session_id[1]<< 8L)|
- ((unsigned long)a->session_id[2]<<16L)|
- ((unsigned long)a->session_id[3]<<24L);
+ ((unsigned int) a->session_id[0] )|
+ ((unsigned int) a->session_id[1]<< 8L)|
+ ((unsigned long)a->session_id[2]<<16L)|
+ ((unsigned long)a->session_id[3]<<24L);
return (l);
}
-/* NB: If this function (or indeed the hash function which uses a sort of
+/*
+ * NB: If this function (or indeed the hash function which uses a sort of
* coarser function than this one) is changed, ensure
* SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
* able to construct an SSL_SESSION that will collide with any existing session
- * with a matching session ID. */
+ * with a matching session ID.
+ */
static int
ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
{
@@ -1661,10 +1733,12 @@ ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
return (memcmp(a->session_id, b->session_id, a->session_id_length));
}
-/* These wrapper functions should remain rather than redeclaring
+/*
+ * These wrapper functions should remain rather than redeclaring
* SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
* variable. The reason is that the functions aren't static, they're exposed via
- * ssl.h. */
+ * ssl.h.
+ */
static
IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
static
@@ -1673,15 +1747,17 @@ IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
SSL_CTX *
SSL_CTX_new(const SSL_METHOD *meth)
{
- SSL_CTX *ret = NULL;
+ SSL_CTX *ret = NULL;
if (meth == NULL) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
+ SSLerr(SSL_F_SSL_CTX_NEW,
+ SSL_R_NULL_SSL_METHOD_PASSED);
return (NULL);
}
if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
+ SSLerr(SSL_F_SSL_CTX_NEW,
+ SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
goto err;
}
ret = calloc(1, sizeof(SSL_CTX));
@@ -1748,7 +1824,8 @@ SSL_CTX_new(const SSL_METHOD *meth)
&ret->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
if (ret->cipher_list == NULL ||
sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
+ SSLerr(SSL_F_SSL_CTX_NEW,
+ SSL_R_LIBRARY_HAS_NO_CIPHERS);
goto err2;
}
@@ -1757,11 +1834,13 @@ SSL_CTX_new(const SSL_METHOD *meth)
goto err;
if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
+ SSLerr(SSL_F_SSL_CTX_NEW,
+ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
goto err2;
}
if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
+ SSLerr(SSL_F_SSL_CTX_NEW,
+ SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
goto err2;
}
@@ -1782,9 +1861,9 @@ SSL_CTX_new(const SSL_METHOD *meth)
ret->tlsext_servername_arg = NULL;
/* Setup RFC4507 ticket keys */
if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
- || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
- || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
- ret->options |= SSL_OP_NO_TICKET;
+ || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
+ || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
+ ret->options |= SSL_OP_NO_TICKET;
ret->tlsext_status_cb = 0;
ret->tlsext_status_arg = NULL;
@@ -1814,22 +1893,25 @@ SSL_CTX_new(const SSL_METHOD *meth)
if (!eng) {
ERR_clear_error();
ENGINE_load_builtin_engines();
- eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
+ eng = ENGINE_by_id(eng_str(
+ OPENSSL_SSL_CLIENT_ENGINE_AUTO));
}
if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
ERR_clear_error();
}
#endif
#endif
- /* Default is to connect to non-RI servers. When RI is more widely
+ /*
+ * Default is to connect to non-RI servers. When RI is more widely
* deployed might change this.
*/
ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
return (ret);
-err:
- SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
-err2:
+ err:
+ SSLerr(SSL_F_SSL_CTX_NEW,
+ ERR_R_MALLOC_FAILURE);
+ err2:
if (ret != NULL)
SSL_CTX_free(ret);
return (NULL);
@@ -1845,7 +1927,7 @@ SSL_COMP_free(SSL_COMP *comp)
void
SSL_CTX_free(SSL_CTX *a)
{
- int i;
+ int i;
if (a == NULL)
return;
@@ -1926,7 +2008,8 @@ SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
}
void
-SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, void *), void *arg)
+SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,
+ void *), void *arg)
{
ctx->app_verify_callback = cb;
ctx->app_verify_arg = arg;
@@ -1948,18 +2031,18 @@ SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
void
ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
{
- CERT_PKEY *cpk;
- int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
- int rsa_enc_export, dh_rsa_export, dh_dsa_export;
- int rsa_tmp_export, dh_tmp_export, kl;
- unsigned long mask_k, mask_a, emask_k, emask_a;
- int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
+ CERT_PKEY *cpk;
+ int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
+ int rsa_enc_export, dh_rsa_export, dh_dsa_export;
+ int rsa_tmp_export, dh_tmp_export, kl;
+ unsigned long mask_k, mask_a, emask_k, emask_a;
+ int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
#ifndef OPENSSL_NO_ECDH
- int have_ecdh_tmp;
+ int have_ecdh_tmp;
#endif
- X509 *x = NULL;
- EVP_PKEY *ecc_pkey = NULL;
- int signature_nid = 0, pk_nid = 0, md_nid = 0;
+ X509 *x = NULL;
+ EVP_PKEY *ecc_pkey = NULL;
+ int signature_nid = 0, pk_nid = 0, md_nid = 0;
if (c == NULL)
return;
@@ -2005,8 +2088,8 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
#ifdef CIPHER_DEBUG
printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
- rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp,
- rsa_enc, rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
+ rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp,
+ rsa_enc, rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
#endif
cpk = &(c->pkeys[SSL_PKEY_GOST01]);
@@ -2071,7 +2154,8 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
emask_a|=SSL_aKRB5;
#endif
- /* An ECC certificate may be usable for ECDH and/or
+ /*
+ * An ECC certificate may be usable for ECDH and/or
* ECDSA cipher suites depending on the key usage extension.
*/
if (have_ecc_cert) {
@@ -2150,11 +2234,11 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
int
ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
{
- unsigned long alg_k, alg_a;
- EVP_PKEY *pkey = NULL;
- int keysize = 0;
- int signature_nid = 0, md_nid = 0, pk_nid = 0;
- const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
+ unsigned long alg_k, alg_a;
+ EVP_PKEY *pkey = NULL;
+ int keysize = 0;
+ int signature_nid = 0, md_nid = 0, pk_nid = 0;
+ const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
alg_k = cs->algorithm_mkey;
alg_a = cs->algorithm_auth;
@@ -2179,21 +2263,25 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
/* key usage, if present, must allow key agreement */
if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
- SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
return 0;
}
- if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) {
+ if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) <
+ TLS1_2_VERSION) {
/* signature alg must be ECDSA */
if (pk_nid != NID_X9_62_id_ecPublicKey) {
- SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
return 0;
}
}
- if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) {
+ if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) <
+ TLS1_2_VERSION) {
/* signature alg must be RSA */
-
if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
- SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
return 0;
}
}
@@ -2201,7 +2289,8 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
if (alg_a & SSL_aECDSA) {
/* key usage, if present, must allow signing */
if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
- SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_NOT_FOR_SIGNING);
return 0;
}
}
@@ -2216,9 +2305,9 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
CERT_PKEY *
ssl_get_server_send_pkey(const SSL *s)
{
- unsigned long alg_k, alg_a;
- CERT *c;
- int i;
+ unsigned long alg_k, alg_a;
+ CERT *c;
+ int i;
c = s->cert;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
@@ -2227,7 +2316,8 @@ ssl_get_server_send_pkey(const SSL *s)
alg_a = s->s3->tmp.new_cipher->algorithm_auth;
if (alg_k & (SSL_kECDHr|SSL_kECDHe)) {
- /* we don't need to look at SSL_kEECDH
+ /*
+ * We don't need to look at SSL_kEECDH
* since no certificate is needed for
* anon ECDH and for authenticated
* EECDH, the check for the auth
@@ -2242,7 +2332,7 @@ ssl_get_server_send_pkey(const SSL *s)
} else if (alg_a & SSL_aECDSA) {
i = SSL_PKEY_ECC;
} else if (alg_k & SSL_kDHr)
- i = SSL_PKEY_DH_RSA;
+ i = SSL_PKEY_DH_RSA;
else if (alg_k & SSL_kDHd)
i = SSL_PKEY_DH_DSA;
else if (alg_a & SSL_aDSS)
@@ -2256,12 +2346,12 @@ ssl_get_server_send_pkey(const SSL *s)
/* VRS something else here? */
return (NULL);
} else if (alg_a & SSL_aGOST94)
- i = SSL_PKEY_GOST94;
+ i = SSL_PKEY_GOST94;
else if (alg_a & SSL_aGOST01)
i = SSL_PKEY_GOST01;
- else /* if (alg_a & SSL_aNULL) */
- {
- SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
+ else { /* if (alg_a & SSL_aNULL) */
+ SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY,
+ ERR_R_INTERNAL_ERROR);
return (NULL);
}
@@ -2271,7 +2361,8 @@ ssl_get_server_send_pkey(const SSL *s)
X509 *
ssl_get_server_send_cert(const SSL *s)
{
- CERT_PKEY *cpk;
+ CERT_PKEY *cpk;
+
cpk = ssl_get_server_send_pkey(s);
if (!cpk)
return NULL;
@@ -2281,26 +2372,27 @@ ssl_get_server_send_cert(const SSL *s)
EVP_PKEY *
ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
{
- unsigned long alg_a;
- CERT *c;
- int idx = -1;
+ unsigned long alg_a;
+ CERT *c;
+ int idx = -1;
alg_a = cipher->algorithm_auth;
c = s->cert;
if ((alg_a & SSL_aDSS) &&
- (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
- idx = SSL_PKEY_DSA_SIGN;
+ (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
+ idx = SSL_PKEY_DSA_SIGN;
else if (alg_a & SSL_aRSA) {
if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
idx = SSL_PKEY_RSA_SIGN;
else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
idx = SSL_PKEY_RSA_ENC;
} else if ((alg_a & SSL_aECDSA) &&
- (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
- idx = SSL_PKEY_ECC;
+ (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
+ idx = SSL_PKEY_ECC;
if (idx == -1) {
- SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL_GET_SIGN_PKEY,
+ ERR_R_INTERNAL_ERROR);
return (NULL);
}
if (pmd)
@@ -2311,18 +2403,19 @@ ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
void
ssl_update_cache(SSL *s, int mode)
{
- int i;
+ int i;
- /* If the session_id_length is 0, we are not supposed to cache it,
- * and it would be rather hard to do anyway :-) */
+ /*
+ * If the session_id_length is 0, we are not supposed to cache it,
+ * and it would be rather hard to do anyway :-)
+ */
if (s->session->session_id_length == 0)
return;
i = s->session_ctx->session_cache_mode;
- if ((i & mode) && (!s->hit)
- && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
- || SSL_CTX_add_session(s->session_ctx, s->session))
- && (s->session_ctx->new_session_cb != NULL)) {
+ if ((i & mode) && (!s->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
+ || SSL_CTX_add_session(s->session_ctx, s->session))
+ && (s->session_ctx->new_session_cb != NULL)) {
CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
if (!s->session_ctx->new_session_cb(s, s->session))
SSL_SESSION_free(s->session);
@@ -2330,10 +2423,10 @@ ssl_update_cache(SSL *s, int mode)
/* auto flush every 255 connections */
if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
- ((i & mode) == mode)) {
- if ((((mode & SSL_SESS_CACHE_CLIENT)
- ?s->session_ctx->stats.sess_connect_good
- :s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
+ ((i & mode) == mode)) {
+ if ((((mode & SSL_SESS_CACHE_CLIENT) ?
+ s->session_ctx->stats.sess_connect_good :
+ s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
SSL_CTX_flush_sessions(s->session_ctx, time(NULL));
}
}
@@ -2348,8 +2441,8 @@ SSL_get_ssl_method(SSL *s)
int
SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
{
- int conn = -1;
- int ret = 1;
+ int conn = -1;
+ int ret = 1;
if (s->method != meth) {
if (s->handshake_func != NULL)
@@ -2374,9 +2467,9 @@ SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
int
SSL_get_error(const SSL *s, int i)
{
- int reason;
- unsigned long l;
- BIO *bio;
+ int reason;
+ unsigned long l;
+ BIO *bio;
if (i > 0)
return (SSL_ERROR_NONE);
@@ -2422,8 +2515,11 @@ SSL_get_error(const SSL *s, int i)
if (BIO_should_write(bio))
return (SSL_ERROR_WANT_WRITE);
else if (BIO_should_read(bio))
- /* See above (SSL_want_read(s) with BIO_should_write(bio)) */
- return (SSL_ERROR_WANT_READ);
+ return (SSL_ERROR_WANT_READ);
+ /*
+ * See above (SSL_want_read(s) with
+ * BIO_should_write(bio))
+ */
else if (BIO_should_io_special(bio)) {
reason = BIO_get_retry_reason(bio);
if (reason == BIO_RR_CONNECT)
@@ -2449,10 +2545,11 @@ SSL_get_error(const SSL *s, int i)
int
SSL_do_handshake(SSL *s)
{
- int ret = 1;
+ int ret = 1;
if (s->handshake_func == NULL) {
- SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
+ SSLerr(SSL_F_SSL_DO_HANDSHAKE,
+ SSL_R_CONNECTION_TYPE_NOT_SET);
return (-1);
}
@@ -2464,8 +2561,10 @@ SSL_do_handshake(SSL *s)
return (ret);
}
-/* For the next 2 functions, SSL_clear() sets shutdown and so
- * one of these calls will reset it */
+/*
+ * For the next 2 functions, SSL_clear() sets shutdown and so
+ * one of these calls will reset it
+ */
void
SSL_set_accept_state(SSL *s)
{
@@ -2495,28 +2594,32 @@ SSL_set_connect_state(SSL *s)
int
ssl_undefined_function(SSL *s)
{
- SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (0);
}
int
ssl_undefined_void_function(void)
{
- SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (0);
}
int
ssl_undefined_const_function(const SSL *s)
{
- SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (0);
}
SSL_METHOD *
ssl_bad_method(int ver)
{
- SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ SSLerr(SSL_F_SSL_BAD_METHOD,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (NULL);
}
@@ -2554,10 +2657,12 @@ SSL_dup(SSL *s)
/* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
SSL_copy_session_id(ret, s);
} else {
- /* No session has been established yet, so we have to expect
+ /*
+ * No session has been established yet, so we have to expect
* that s->cert or ret->cert will be changed later --
* they should not both point to the same object,
- * and thus we can't use SSL_copy_session_id. */
+ * and thus we can't use SSL_copy_session_id.
+ */
ret->method->ssl_free(ret);
ret->method = s->method;
@@ -2592,7 +2697,8 @@ SSL_dup(SSL *s)
ret->debug = s->debug;
/* copy app data, a little dangerous perhaps */
- if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
+ if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL,
+ &ret->ex_data, &s->ex_data))
goto err;
/* setup rbio, and wbio */
@@ -2615,22 +2721,30 @@ SSL_dup(SSL *s)
ret->new_session = s->new_session;
ret->quiet_shutdown = s->quiet_shutdown;
ret->shutdown = s->shutdown;
- ret->state=s->state; /* SSL_dup does not really work at any state, though */
+ /* SSL_dup does not really work at any state, though */
+ ret->state=s->state;
ret->rstate = s->rstate;
- ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
+
+ /*
+ * Would have to copy ret->init_buf, ret->init_msg, ret->init_num,
+ * ret->init_off
+ */
+ ret->init_num = 0;
+
ret->hit = s->hit;
X509_VERIFY_PARAM_inherit(ret->param, s->param);
/* dup the cipher_list and cipher_list_by_id stacks */
if (s->cipher_list != NULL) {
- if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
+ if ((ret->cipher_list =
+ sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
goto err;
}
if (s->cipher_list_by_id != NULL)
- if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id))
- == NULL)
- goto err;
+ if ((ret->cipher_list_by_id =
+ sk_SSL_CIPHER_dup(s->cipher_list_by_id)) == NULL)
+ goto err;
/* Dup the client_CA list */
if (s->client_CA != NULL) {
@@ -2638,7 +2752,8 @@ SSL_dup(SSL *s)
ret->client_CA = sk;
for (i = 0; i < sk_X509_NAME_num(sk); i++) {
xn = sk_X509_NAME_value(sk, i);
- if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) {
+ if (sk_X509_NAME_set(sk, i,
+ X509_NAME_dup(xn)) == NULL) {
X509_NAME_free(xn);
goto err;
}
@@ -2646,7 +2761,7 @@ SSL_dup(SSL *s)
}
if (0) {
-err:
+ err:
if (ret != NULL)
SSL_free(ret);
ret = NULL;
@@ -2740,7 +2855,7 @@ SSL_get_current_expansion(SSL *s)
int
ssl_init_wbio_buffer(SSL *s, int push)
{
- BIO *bbio;
+ BIO *bbio;
if (s->bbio == NULL) {
bbio = BIO_new(BIO_f_buffer());
@@ -2755,7 +2870,8 @@ ssl_init_wbio_buffer(SSL *s, int push)
(void)BIO_reset(bbio);
/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
if (!BIO_set_read_buffer_size(bbio, 1)) {
- SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
+ SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,
+ ERR_R_BUF_LIB);
return (0);
}
if (push) {
@@ -2871,8 +2987,10 @@ SSL_set_info_callback(SSL *ssl,
ssl->info_callback = cb;
}
-/* One compiler (Diab DCC) doesn't like argument names in returned
- function pointer. */
+/*
+ * One compiler (Diab DCC) doesn't like argument names in returned
+ * function pointer.
+ */
void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/)
{
return ssl->info_callback;
@@ -2907,7 +3025,7 @@ SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
- new_func, dup_func, free_func);
+ new_func, dup_func, free_func);
}
int
@@ -2927,7 +3045,7 @@ SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
- new_func, dup_func, free_func);
+ new_func, dup_func, free_func);
}
int
@@ -3030,10 +3148,11 @@ SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
#ifndef OPENSSL_NO_ECDH
void
-SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
- int keylength))
+SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
+ int is_export, int keylength))
{
- SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
+ SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
+ (void (*)(void))ecdh);
}
void
@@ -3048,8 +3167,10 @@ SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
int
SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
{
- if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
- SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
+ if (identity_hint != NULL && strlen(identity_hint) >
+ PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT,
+ SSL_R_DATA_LENGTH_TOO_LONG);
return 0;
}
if (ctx->psk_identity_hint != NULL)
@@ -3072,8 +3193,10 @@ SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
if (s->session == NULL)
return 1; /* session not created yet, ignored */
- if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
- SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
+ if (identity_hint != NULL && strlen(identity_hint) >
+ PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT,
+ SSL_R_DATA_LENGTH_TOO_LONG);
return 0;
}
if (s->session->psk_identity_hint != NULL)
@@ -3106,7 +3229,7 @@ SSL_get_psk_identity(const SSL *s)
void
SSL_set_psk_client_callback(SSL *s,
unsigned int (*cb)(SSL *ssl, const char *hint,
-char *identity, unsigned int max_identity_len, unsigned char *psk,
+ char *identity, unsigned int max_identity_len, unsigned char *psk,
unsigned int max_psk_len))
{
s->psk_client_callback = cb;
@@ -3115,7 +3238,7 @@ char *identity, unsigned int max_identity_len, unsigned char *psk,
void
SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
unsigned int (*cb)(SSL *ssl, const char *hint,
-char *identity, unsigned int max_identity_len, unsigned char *psk,
+ char *identity, unsigned int max_identity_len, unsigned char *psk,
unsigned int max_psk_len))
{
ctx->psk_client_callback = cb;
@@ -3124,7 +3247,7 @@ char *identity, unsigned int max_identity_len, unsigned char *psk,
void
SSL_set_psk_server_callback(SSL *s,
unsigned int (*cb)(SSL *ssl, const char *identity,
-unsigned char *psk, unsigned int max_psk_len))
+ unsigned char *psk, unsigned int max_psk_len))
{
s->psk_server_callback = cb;
}
@@ -3132,30 +3255,33 @@ unsigned char *psk, unsigned int max_psk_len))
void
SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
unsigned int (*cb)(SSL *ssl, const char *identity,
-unsigned char *psk, unsigned int max_psk_len))
+ unsigned char *psk, unsigned int max_psk_len))
{
ctx->psk_server_callback = cb;
}
#endif
void
-SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
+SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version,
+ int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
{
- SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
+ SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK,
+ (void (*)(void))cb);
}
void
-SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
+SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
+ int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
{
SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
}
-/* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
+/*
+ * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
* vairable, freeing EVP_MD_CTX previously stored in that variable, if
* any. If EVP_MD pointer is passed, initializes ctx with this md
* Returns newly allocated ctx;
*/
-
EVP_MD_CTX *
ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
{
@@ -3169,7 +3295,6 @@ ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
void
ssl_clear_hash_ctx(EVP_MD_CTX **hash)
{
-
if (*hash)
EVP_MD_CTX_destroy(*hash);
*hash = NULL;
@@ -3190,4 +3315,4 @@ SSL_cache_hit(SSL *s)
IMPLEMENT_STACK_OF(SSL_CIPHER)
IMPLEMENT_STACK_OF(SSL_COMP)
IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
-ssl_cipher_id);
+ ssl_cipher_id);