diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-11-09 19:03:34 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-11-09 19:03:34 +0000 |
commit | e0e7997212c3c688140a2d8a13f9dcd03f202443 (patch) | |
tree | 0caeb7ee0d7fae76c0a151e3d6f13c28a44c53a2 /ssl/s3_both.c | |
parent | befbd0619b6d1aaf9e70cfbf113afb141009bced (diff) |
First cut of renegotiation extension. (port to HEAD)
Diffstat (limited to 'ssl/s3_both.c')
-rw-r--r-- | ssl/s3_both.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/ssl/s3_both.c b/ssl/s3_both.c index d757c4dd58..16d92610e9 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -166,6 +166,23 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) p+=i; l=i; + /* Copy the finished so we can use it for + renegotiation checks */ + if(s->type == SSL_ST_CONNECT) + { + OPENSSL_assert(i <= EVP_MAX_MD_SIZE); + memcpy(s->s3->previous_client_finished, + s->s3->tmp.finish_md, i); + s->s3->previous_client_finished_len=i; + } + else + { + OPENSSL_assert(i <= EVP_MAX_MD_SIZE); + memcpy(s->s3->previous_server_finished, + s->s3->tmp.finish_md, i); + s->s3->previous_server_finished_len=i; + } + #ifdef OPENSSL_SYS_WIN16 /* MSVC 1.5 does not clear the top bytes of the word unless * I do this. @@ -230,6 +247,23 @@ int ssl3_get_finished(SSL *s, int a, int b) goto f_err; } + /* Copy the finished so we can use it for + renegotiation checks */ + if(s->type == SSL_ST_ACCEPT) + { + OPENSSL_assert(i <= EVP_MAX_MD_SIZE); + memcpy(s->s3->previous_client_finished, + s->s3->tmp.peer_finish_md, i); + s->s3->previous_client_finished_len=i; + } + else + { + OPENSSL_assert(i <= EVP_MAX_MD_SIZE); + memcpy(s->s3->previous_server_finished, + s->s3->tmp.peer_finish_md, i); + s->s3->previous_server_finished_len=i; + } + return(1); f_err: ssl3_send_alert(s,SSL3_AL_FATAL,al); |