Import of old SSLeay release: SSLeay 0.9.0b

author: Ralf S. Engelschall <rse@openssl.org> 1998-12-21 10:56:39 +0000
committer: Ralf S. Engelschall <rse@openssl.org> 1998-12-21 10:56:39 +0000
commit: 58964a492275ca9a59a0cd9c8155cb2491b4b909 (patch)
tree: c7b16876a5789463bbbb468ef4829c8129b3d718 /ssl/s23_clnt.c
parent: d02b48c63a58ea4367a0e905979f140b7d090f86 (diff)
1 files changed, 59 insertions, 37 deletions
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 57d3623f3f..a4661ebb68 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -1,5 +1,5 @@
 /* ssl/s23_clnt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -76,10 +76,12 @@ static int ssl23_get_server_hello();
 static SSL_METHOD *ssl23_get_client_method(ver)
 int ver;
 	{
-	if (ver == 2)
+	if (ver == SSL2_VERSION)
 		return(SSLv2_client_method());
-	else if (ver == 3)
+	else if (ver == SSL3_VERSION)
 		return(SSLv3_client_method());
+	else if (ver == TLS1_VERSION)
+		return(TLSv1_client_method());
 	else
 		return(NULL);
 	}
@@ -111,7 +113,7 @@ SSL *s;
 
 	RAND_seed((unsigned char *)&Time,sizeof(Time));
 	ERR_clear_error();
-	errno=0;
+	clear_sys_error();
 
 	if (s->info_callback != NULL)
 		cb=s->info_callback;
@@ -134,7 +136,7 @@ SSL *s;
 
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-			s->version=3;
+			/* s->version=TLS1_VERSION; */
 			s->type=SSL_ST_CONNECT;
 
 			if (s->init_buf == NULL)
@@ -230,8 +232,26 @@ SSL *s;
 		p=d+9;
 
 		*(d++)=SSL2_MT_CLIENT_HELLO;
-		*(d++)=SSL3_VERSION_MAJOR;
-		*(d++)=SSL3_VERSION_MINOR;
+		if (!(s->options & SSL_OP_NO_TLSv1))
+			{
+			*(d++)=TLS1_VERSION_MAJOR;
+			*(d++)=TLS1_VERSION_MINOR;
+			}
+		else if (!(s->options & SSL_OP_NO_SSLv3))
+			{
+			*(d++)=SSL3_VERSION_MAJOR;
+			*(d++)=SSL3_VERSION_MINOR;
+			}
+		else if (!(s->options & SSL_OP_NO_SSLv2))
+			{
+			*(d++)=SSL2_VERSION_MAJOR;
+			*(d++)=SSL2_VERSION_MINOR;
+			}
+		else
+			{
+			SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
+			return(-1);
+			}
 
 		/* Ciphers supported */
 		i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
@@ -251,7 +271,7 @@ SSL *s;
 #endif
 		s2n(0,d);
 
-		if (s->ctx->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+		if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
 			ch_len=SSL2_CHALLENGE_LENGTH;
 		else
 			ch_len=SSL2_MAX_CHALLENGE_LENGTH;
@@ -290,7 +310,6 @@ SSL *s;
 	unsigned char *p;
 	int i,ch_len;
 	int n;
-	BIO *bbio;
 
 	n=ssl23_read_bytes(s,7);
 
@@ -306,6 +325,11 @@ SSL *s;
 		/* we need to clean up the SSLv3 setup and put in the
 		 * sslv2 stuff. */
 
+		if (s->options & SSL_OP_NO_SSLv2)
+			{
+			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+			goto err;
+			}
 		if (s->s2 == NULL)
 			{
 			if (!ssl2_new(s))
@@ -314,7 +338,7 @@ SSL *s;
 		else
 			ssl2_clear(s);
 
-		if (s->ctx->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+		if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
 			ch_len=SSL2_CHALLENGE_LENGTH;
 		else
 			ch_len=SSL2_MAX_CHALLENGE_LENGTH;
@@ -355,33 +379,13 @@ SSL *s;
 		}
 	else if ((p[0] == SSL3_RT_HANDSHAKE) &&
 		 (p[1] == SSL3_VERSION_MAJOR) &&
-		 (p[2] == SSL3_VERSION_MINOR) &&
+		 ((p[2] == SSL3_VERSION_MINOR) ||
+		  (p[2] == TLS1_VERSION_MINOR)) &&
 		 (p[5] == SSL3_MT_SERVER_HELLO))
 		{
-		/* we have sslv3 */
+		/* we have sslv3 or tls1 */
 
-		if (s->bbio == NULL)
-			{
-			bbio=BIO_new(BIO_f_buffer());
-			if (bbio == NULL)
-				{
-				SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
-				goto err;
-				}
-			s->bbio=bbio;
-			}
-		else
-			bbio=s->bbio;
-
-		BIO_reset(bbio);
-		if (!BIO_set_write_buffer_size(bbio,16*1024))
-			{
-			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
-			goto err;
-			}
-
-		/* start the buffering */
-		s->wbio=BIO_push(s->bbio,s->wbio);
+		if (!ssl_init_wbio_buffer(s,1)) goto err;
 
 		/* we are in this state */
 		s->state=SSL3_ST_CR_SRVR_HELLO_A;
@@ -395,12 +399,30 @@ SSL *s;
 		s->s3->rbuf.left=n;
 		s->s3->rbuf.offset=0;
 
-		s->method=SSLv3_client_method();
+		if ((p[2] == SSL3_VERSION_MINOR) &&
+			!(s->options & SSL_OP_NO_SSLv3))
+			{
+			s->version=SSL3_VERSION;
+			s->method=SSLv3_client_method();
+			}
+		else if ((p[2] == TLS1_VERSION_MINOR) &&
+			!(s->options & SSL_OP_NO_TLSv1))
+			{
+			s->version=TLS1_VERSION;
+			s->method=TLSv1_client_method();
+			}
+		else
+			{
+			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+			goto err;
+			}
+			
 		s->handshake_func=s->method->ssl_connect;
 		}
 	else if ((p[0] == SSL3_RT_ALERT) &&
 		 (p[1] == SSL3_VERSION_MAJOR) &&
-		 (p[2] == SSL3_VERSION_MINOR) &&
+		 ((p[2] == SSL3_VERSION_MINOR) ||
+		  (p[2] == TLS1_VERSION_MINOR)) &&
 		 (p[3] == 0) &&
 		 (p[4] == 2))
 		{
@@ -421,7 +443,7 @@ SSL *s;
 			}
 
 		s->rwstate=SSL_NOTHING;
-		SSLerr(SSL_F_SSL3_READ_BYTES,1000+p[6]);
+		SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,1000+p[6]);
 		goto err;
 		}
 	else
author	Ralf S. Engelschall <rse@openssl.org>	1998-12-21 10:56:39 +0000
committer	Ralf S. Engelschall <rse@openssl.org>	1998-12-21 10:56:39 +0000
commit	58964a492275ca9a59a0cd9c8155cb2491b4b909 (patch)
tree	c7b16876a5789463bbbb468ef4829c8129b3d718 /ssl/s23_clnt.c
parent	d02b48c63a58ea4367a0e905979f140b7d090f86 (diff)