diff options
| author | Ben Laurie <ben@openssl.org> | 2009-11-08 14:51:54 +0000 |
|---|---|---|
| committer | Ben Laurie <ben@openssl.org> | 2009-11-08 14:51:54 +0000 |
| commit | c2b78c31d631f45cd43c2d04c5ae490b8e9f21ab (patch) | |
| tree | 1afd09479b364bf9787bc4c55f065360092b97b0 /ssl/s3_both.c | |
| parent | a1dc0336dd482d0ce0e81d7847365de399899d5f (diff) | |
First cut of renegotiation extension.
Diffstat (limited to 'ssl/s3_both.c')
| -rw-r--r-- | ssl/s3_both.c | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 4042d13274..bc3ef5a72a 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -116,6 +116,7 @@ #include <limits.h> #include <string.h> +#include <assert.h> #include <stdio.h> #include "ssl_locl.h" #include <openssl/buffer.h> @@ -168,6 +169,23 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) p+=i; l=i; + /* Copy the finished so we can use it for + renegotiation checks */ + if(s->type == SSL_ST_CONNECT) + { + assert(i <= EVP_MAX_MD_SIZE); + memcpy(s->s3->previous_client_finished, + s->s3->tmp.finish_md, i); + s->s3->previous_client_finished_len=i; + } + else + { + assert(i <= EVP_MAX_MD_SIZE); + memcpy(s->s3->previous_server_finished, + s->s3->tmp.finish_md, i); + s->s3->previous_server_finished_len=i; + } + #ifdef OPENSSL_SYS_WIN16 /* MSVC 1.5 does not clear the top bytes of the word unless * I do this. @@ -232,6 +250,23 @@ int ssl3_get_finished(SSL *s, int a, int b) goto f_err; } + /* Copy the finished so we can use it for + renegotiation checks */ + if(s->type == SSL_ST_ACCEPT) + { + assert(i <= EVP_MAX_MD_SIZE); + memcpy(s->s3->previous_client_finished, + s->s3->tmp.peer_finish_md, i); + s->s3->previous_client_finished_len=i; + } + else + { + assert(i <= EVP_MAX_MD_SIZE); + memcpy(s->s3->previous_server_finished, + s->s3->tmp.peer_finish_md, i); + s->s3->previous_server_finished_len=i; + } + return(1); f_err: ssl3_send_alert(s,SSL3_AL_FATAL,al); |