diff options
Diffstat (limited to 'ssl/s2_clnt.c')
| -rw-r--r-- | ssl/s2_clnt.c | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index 67578a45ad..16df9ec565 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -1,5 +1,5 @@ /* ssl/s2_clnt.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -57,9 +57,6 @@ */ #include <stdio.h> -#ifndef NO_MD5 -#include "md5.h" -#endif #include "rand.h" #include "buffer.h" #include "objects.h" @@ -92,7 +89,7 @@ static int ssl_rsa_public_encrypt(); static SSL_METHOD *ssl2_get_client_method(ver) int ver; { - if (ver == 2) + if (ver == SSL2_VERSION) return(SSLv2_client_method()); else return(NULL); @@ -125,7 +122,7 @@ SSL *s; RAND_seed((unsigned char *)&l,sizeof(l)); ERR_clear_error(); - errno=0; + clear_sys_error(); if (s->info_callback != NULL) cb=s->info_callback; @@ -149,7 +146,7 @@ SSL *s; if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); - s->version=2; + s->version=SSL2_VERSION; s->type=SSL_ST_CONNECT; buf=s->init_buf; @@ -262,6 +259,7 @@ SSL *s; */ ssl_update_cache(s,SSL_SESS_CACHE_CLIENT); + if (s->hit) s->ctx->sess_hit++; ret=1; /* s->server=0; */ @@ -298,7 +296,7 @@ SSL *s; unsigned char *buf; unsigned char *p; int i,j; - STACK *sk,*cl; + STACK *sk=NULL,*cl; buf=(unsigned char *)s->init_buf->data; p=buf; @@ -350,7 +348,7 @@ SSL *s; } if (s->s2->tmp.cert_type != 0) { - if (!(s->ctx->options & + if (!(s->options & SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) { SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO); @@ -448,7 +446,7 @@ SSL *s; * cert, Free's it before we increment the reference count. */ CRYPTO_w_lock(CRYPTO_LOCK_X509); s->session->peer=s->session->cert->key->x509; - s->session->peer->references++; + CRYPTO_add(&s->session->peer->references,1,CRYPTO_LOCK_X509); CRYPTO_w_unlock(CRYPTO_LOCK_X509); s->s2->conn_id_length=s->s2->tmp.conn_id_length; @@ -736,7 +734,7 @@ SSL *s; /* ok, now we calculate the checksum * do it first so we can reuse buf :-) */ p=buf; - EVP_SignInit(&ctx,EVP_md5()); + EVP_SignInit(&ctx,s->ctx->rsa_md5); EVP_SignUpdate(&ctx,s->s2->key_material, (unsigned int)s->s2->key_material_length); EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len); @@ -856,12 +854,15 @@ SSL *s; if (!s->hit) /* new session */ { /* new session-id */ + /* Make sure we were not trying to re-use an old SSL_SESSION + * or bad things can happen */ + /* ZZZZZZZZZZZZZ */ s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH); } else { - if (!(s->ctx->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) + if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) { if (memcmp(buf,s->session->session_id, (unsigned int)s->session->session_id_length) != 0) |