[thirdparty/openssl.git] / ssl / s2_lib.c

/* ssl/s2_lib.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#ifndef NO_RSA
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/md5.h>
#include "ssl_locl.h"

static long ssl2_default_timeout(void );
const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;

#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))

GLOBAL SSL_CIPHER ssl2_ciphers[]={
/* NULL_WITH_MD5 v3 */
#if 0
	{
	1,
	SSL2_TXT_NULL_WITH_MD5,
	SSL2_CK_NULL_WITH_MD5,
	SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_EXP40|SSL_SSLV2,
	0,
	SSL_ALL_CIPHERS,
	},
#endif
/* RC4_128_EXPORT40_WITH_MD5 */
	{
	1,
	SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
	SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP40|SSL_SSLV2,
	SSL2_CF_5_BYTE_ENC,
	SSL_ALL_CIPHERS,
	},
/* RC4_128_WITH_MD5 */
	{
	1,
	SSL2_TXT_RC4_128_WITH_MD5,
	SSL2_CK_RC4_128_WITH_MD5,
	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
	0,
	SSL_ALL_CIPHERS,
	},
/* RC2_128_CBC_EXPORT40_WITH_MD5 */
	{
	1,
	SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
	SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP40|SSL_SSLV2,
	SSL2_CF_5_BYTE_ENC,
	SSL_ALL_CIPHERS,
	},
/* RC2_128_CBC_WITH_MD5 */
	{
	1,
	SSL2_TXT_RC2_128_CBC_WITH_MD5,
	SSL2_CK_RC2_128_CBC_WITH_MD5,
	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
	0,
	SSL_ALL_CIPHERS,
	},
/* IDEA_128_CBC_WITH_MD5 */
	{
	1,
	SSL2_TXT_IDEA_128_CBC_WITH_MD5,
	SSL2_CK_IDEA_128_CBC_WITH_MD5,
	SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
	0,
	SSL_ALL_CIPHERS,
	},
/* DES_64_CBC_WITH_MD5 */
	{
	1,
	SSL2_TXT_DES_64_CBC_WITH_MD5,
	SSL2_CK_DES_64_CBC_WITH_MD5,
	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW,
	0,
	SSL_ALL_CIPHERS,
	},
/* DES_192_EDE3_CBC_WITH_MD5 */
	{
	1,
	SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
	SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
	SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH,
	0,
	SSL_ALL_CIPHERS,
	},
/* RC4_64_WITH_MD5 */
#if 1
	{
	1,
	SSL2_TXT_RC4_64_WITH_MD5,
	SSL2_CK_RC4_64_WITH_MD5,
	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2|SSL_LOW,
	SSL2_CF_8_BYTE_ENC,
	SSL_ALL_CIPHERS,
	},
#endif
/* NULL SSLeay (testing) */
#if 0
	{	
	0,
	SSL2_TXT_NULL,
	SSL2_CK_NULL,
	0,
	SSL_ALL_CIPHERS,
	},
#endif

/* end of list :-) */
	};

static SSL_METHOD SSLv2_data= {
	SSL2_VERSION,
	ssl2_new,	/* local */
	ssl2_clear,	/* local */
	ssl2_free,	/* local */
	ssl_undefined_function,
	ssl_undefined_function,
	ssl2_read,
	ssl2_peek,
	ssl2_write,
	ssl2_shutdown,
	ssl_ok,	/* NULL - renegotiate */
	ssl_ok,	/* NULL - check renegotiate */
	ssl2_ctrl,	/* local */
	ssl2_ctx_ctrl,	/* local */
	ssl2_get_cipher_by_char,
	ssl2_put_cipher_by_char,
	ssl2_pending,
	ssl2_num_ciphers,
	ssl2_get_cipher,
	ssl_bad_method,
	ssl2_default_timeout,
	&ssl3_undef_enc_method,
	};

static long ssl2_default_timeout(void)
	{
	return(300);
	}

SSL_METHOD *sslv2_base_method(void)
	{
	return(&SSLv2_data);
	}

int ssl2_num_ciphers(void)
	{
	return(SSL2_NUM_CIPHERS);
	}

SSL_CIPHER *ssl2_get_cipher(unsigned int u)
	{
	if (u < SSL2_NUM_CIPHERS)
		return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u]));
	else
		return(NULL);
	}

int ssl2_pending(SSL *s)
	{
	return(s->s2->ract_data_length);
	}

int ssl2_new(SSL *s)
	{
	SSL2_CTX *s2;

	if ((s2=(SSL2_CTX *)Malloc(sizeof(SSL2_CTX))) == NULL) goto err;
	memset(s2,0,sizeof(SSL2_CTX));

	if ((s2->rbuf=(unsigned char *)Malloc(
		SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
	if ((s2->wbuf=(unsigned char *)Malloc(
		SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
	s->s2=s2;

	ssl2_clear(s);
	return(1);
err:
	if (s2 != NULL)
		{
		if (s2->wbuf != NULL) Free(s2->wbuf);
		if (s2->rbuf != NULL) Free(s2->rbuf);
		Free(s2);
		}
	return(0);
	}

void ssl2_free(SSL *s)
	{
	SSL2_CTX *s2;

	if(s == NULL)
	    return;

	s2=s->s2;
	if (s2->rbuf != NULL) Free(s2->rbuf);
	if (s2->wbuf != NULL) Free(s2->wbuf);
	memset(s2,0,sizeof(SSL2_CTX));
	Free(s2);
	s->s2=NULL;
	}

void ssl2_clear(SSL *s)
	{
	SSL2_CTX *s2;
	unsigned char *rbuf,*wbuf;

	s2=s->s2;

	rbuf=s2->rbuf;
	wbuf=s2->wbuf;

	memset(s2,0,sizeof(SSL2_CTX));

	s2->rbuf=rbuf;
	s2->wbuf=wbuf;
	s2->clear_text=1;
	s->packet=s2->rbuf;
	s->version=SSL2_VERSION;
	s->packet_length=0;
	}

long ssl2_ctrl(SSL *s, int cmd, long larg, char *parg)
	{
	int ret=0;

	switch(cmd)
		{
	case SSL_CTRL_GET_SESSION_REUSED:
		ret=s->hit;
		break;
	default:
		break;
		}
	return(ret);
	}

long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
	{
	return(0);
	}

/* This function needs to check if the ciphers required are actually
 * available */
SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
	{
	static int init=1;
	static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
	SSL_CIPHER c,*cp= &c,**cpp;
	unsigned long id;
	int i;

	if (init)
		{
		CRYPTO_w_lock(CRYPTO_LOCK_SSL);

		for (i=0; i<SSL2_NUM_CIPHERS; i++)
			sorted[i]= &(ssl2_ciphers[i]);

		qsort(  (char *)sorted,
			SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
			FP_ICC ssl_cipher_ptr_id_cmp);

		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
		init=0;
		}

	id=0x02000000L|((unsigned long)p[0]<<16L)|
		((unsigned long)p[1]<<8L)|(unsigned long)p[2];
	c.id=id;
	cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
		(char *)sorted,
		SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
		(int (*)())ssl_cipher_ptr_id_cmp);
	if ((cpp == NULL) || !(*cpp)->valid)
		return(NULL);
	else
		return(*cpp);
	}

int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
	{
	long l;

	if (p != NULL)
		{
		l=c->id;
		if ((l & 0xff000000) != 0x02000000) return(0);
		p[0]=((unsigned char)(l>>16L))&0xFF;
		p[1]=((unsigned char)(l>> 8L))&0xFF;
		p[2]=((unsigned char)(l     ))&0xFF;
		}
	return(3);
	}

void ssl2_generate_key_material(SSL *s)
	{
	unsigned int i;
	MD5_CTX ctx;
	unsigned char *km;
	unsigned char c='0';

	km=s->s2->key_material;
	for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
		{
		MD5_Init(&ctx);

		MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
		MD5_Update(&ctx,(unsigned char *)&c,1);
		c++;
		MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length);
		MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length);
		MD5_Final(km,&ctx);
		km+=MD5_DIGEST_LENGTH;
		}
	}

void ssl2_return_error(SSL *s, int err)
	{
	if (!s->error)
		{
		s->error=3;
		s->error_code=err;

		ssl2_write_error(s);
		}
	}


void ssl2_write_error(SSL *s)
	{
	unsigned char buf[3];
	int i,error;

	buf[0]=SSL2_MT_ERROR;
	buf[1]=(s->error_code>>8)&0xff;
	buf[2]=(s->error_code)&0xff;

/*	state=s->rwstate;*/
	error=s->error;
	s->error=0;
	i=ssl2_write(s,&(buf[3-error]),error);
/*	if (i == error) s->rwstate=state; */

	if (i < 0)
		s->error=error;
	else if (i != s->error)
		s->error=error-i;
	/* else
		s->error=0; */
	}

int ssl2_shutdown(SSL *s)
	{
	s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
	return(1);
	}
#endif
Commit	Line	Data
d02b48c6	1	/* ssl/s2_lib.c */
58964a49	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6 RE	3	* All rights reserved.
	4	*
	5	* This package is an SSL implementation written
	6	* by Eric Young (eay@cryptsoft.com).
	7	* The implementation was written so as to conform with Netscapes SSL.
	8	*
	9	* This library is free for commercial and non-commercial use as long as
	10	* the following conditions are aheared to. The following conditions
	11	* apply to all code found in this distribution, be it the RC4, RSA,
	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	13	* included with this distribution is covered by the same copyright terms
	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
	15	*
	16	* Copyright remains Eric Young's, and as such any Copyright notices in
	17	* the code are not to be removed.
	18	* If this package is used in a product, Eric Young should be given attribution
	19	* as the author of the parts of the library used.
	20	* This can be in the form of a textual message at program startup or
	21	* in documentation (online or textual) provided with the package.
	22	*
	23	* Redistribution and use in source and binary forms, with or without
	24	* modification, are permitted provided that the following conditions
	25	* are met:
	26	* 1. Redistributions of source code must retain the copyright
	27	* notice, this list of conditions and the following disclaimer.
	28	* 2. Redistributions in binary form must reproduce the above copyright
	29	* notice, this list of conditions and the following disclaimer in the
	30	* documentation and/or other materials provided with the distribution.
	31	* 3. All advertising materials mentioning features or use of this software
	32	* must display the following acknowledgement:
	33	* "This product includes cryptographic software written by
	34	* Eric Young (eay@cryptsoft.com)"
	35	* The word 'cryptographic' can be left out if the rouines from the library
	36	* being used are not cryptographic related :-).
	37	* 4. If you include any Windows specific code (or a derivative thereof) from
	38	* the apps directory (application code) you must include an acknowledgement:
	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
	40	*
	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	51	* SUCH DAMAGE.
	52	*
	53	* The licence and distribution terms for any publically available version or
	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
	55	* copied and put under another distribution licence
	56	* [including the GNU Public Licence.]
	57	*/
	58
79df9d62	59	#ifndef NO_RSA
d02b48c6	60	#include <stdio.h>
ec577822 BM	61	#include <openssl/rsa.h>
ec577822 BM	62	#include <openssl/objects.h>
d02f751c	63	#include <openssl/md5.h>
d02b48c6 RE	64	#include "ssl_locl.h"
d02b48c6 RE	65
d02b48c6	66	static long ssl2_default_timeout(void );
e778802f	67	const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
d02b48c6 RE	68
	69	#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
	70
7d7d2cbc	71	GLOBAL SSL_CIPHER ssl2_ciphers[]={
d02b48c6 RE	72	/* NULL_WITH_MD5 v3 */
	73	#if 0
	74	{
	75	1,
	76	SSL2_TXT_NULL_WITH_MD5,
	77	SSL2_CK_NULL_WITH_MD5,
06ab81f9	78	SSL_kRSA\|SSL_aRSA\|SSL_eNULL\|SSL_MD5\|SSL_EXP40\|SSL_SSLV2,
d02b48c6 RE	79	0,
	80	SSL_ALL_CIPHERS,
	81	},
	82	#endif
	83	/* RC4_128_EXPORT40_WITH_MD5 */
	84	{
	85	1,
	86	SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
	87	SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
06ab81f9	88	SSL_kRSA\|SSL_aRSA\|SSL_RC4\|SSL_MD5\|SSL_EXP40\|SSL_SSLV2,
d02b48c6 RE	89	SSL2_CF_5_BYTE_ENC,
	90	SSL_ALL_CIPHERS,
	91	},
	92	/* RC4_128_WITH_MD5 */
	93	{
	94	1,
	95	SSL2_TXT_RC4_128_WITH_MD5,
	96	SSL2_CK_RC4_128_WITH_MD5,
a040ea82	97	SSL_kRSA\|SSL_aRSA\|SSL_RC4\|SSL_MD5\|SSL_NOT_EXP\|SSL_SSLV2\|SSL_MEDIUM,
d02b48c6 RE	98	0,
	99	SSL_ALL_CIPHERS,
	100	},
	101	/* RC2_128_CBC_EXPORT40_WITH_MD5 */
	102	{
	103	1,
	104	SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
	105	SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
06ab81f9	106	SSL_kRSA\|SSL_aRSA\|SSL_RC2\|SSL_MD5\|SSL_EXP40\|SSL_SSLV2,
d02b48c6 RE	107	SSL2_CF_5_BYTE_ENC,
	108	SSL_ALL_CIPHERS,
	109	},
	110	/* RC2_128_CBC_WITH_MD5 */
	111	{
	112	1,
	113	SSL2_TXT_RC2_128_CBC_WITH_MD5,
	114	SSL2_CK_RC2_128_CBC_WITH_MD5,
a040ea82	115	SSL_kRSA\|SSL_aRSA\|SSL_RC2\|SSL_MD5\|SSL_NOT_EXP\|SSL_SSLV2\|SSL_MEDIUM,
d02b48c6 RE	116	0,
	117	SSL_ALL_CIPHERS,
	118	},
	119	/* IDEA_128_CBC_WITH_MD5 */
	120	{
	121	1,
	122	SSL2_TXT_IDEA_128_CBC_WITH_MD5,
	123	SSL2_CK_IDEA_128_CBC_WITH_MD5,
a040ea82	124	SSL_kRSA\|SSL_aRSA\|SSL_IDEA\|SSL_MD5\|SSL_NOT_EXP\|SSL_SSLV2\|SSL_MEDIUM,
d02b48c6 RE	125	0,
	126	SSL_ALL_CIPHERS,
	127	},
	128	/* DES_64_CBC_WITH_MD5 */
	129	{
	130	1,
	131	SSL2_TXT_DES_64_CBC_WITH_MD5,
	132	SSL2_CK_DES_64_CBC_WITH_MD5,
a040ea82	133	SSL_kRSA\|SSL_aRSA\|SSL_DES\|SSL_MD5\|SSL_NOT_EXP\|SSL_SSLV2\|SSL_LOW,
d02b48c6 RE	134	0,
	135	SSL_ALL_CIPHERS,
	136	},
d02b48c6 RE	137	/* DES_192_EDE3_CBC_WITH_MD5 */
	138	{
	139	1,
	140	SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
	141	SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
a040ea82	142	SSL_kRSA\|SSL_aRSA\|SSL_3DES\|SSL_MD5\|SSL_NOT_EXP\|SSL_SSLV2\|SSL_HIGH,
d02b48c6 RE	143	0,
	144	SSL_ALL_CIPHERS,
	145	},
d02b48c6 RE	146	/* RC4_64_WITH_MD5 */
	147	#if 1
	148	{
	149	1,
	150	SSL2_TXT_RC4_64_WITH_MD5,
	151	SSL2_CK_RC4_64_WITH_MD5,
	152	SSL_kRSA\|SSL_aRSA\|SSL_RC4\|SSL_MD5\|SSL_SSLV2\|SSL_LOW,
	153	SSL2_CF_8_BYTE_ENC,
	154	SSL_ALL_CIPHERS,
	155	},
	156	#endif
	157	/* NULL SSLeay (testing) */
	158	#if 0
	159	{
	160	0,
	161	SSL2_TXT_NULL,
	162	SSL2_CK_NULL,
	163	0,
	164	SSL_ALL_CIPHERS,
	165	},
	166	#endif
	167
	168	/* end of list :-) */
	169	};
	170
	171	static SSL_METHOD SSLv2_data= {
58964a49	172	SSL2_VERSION,
d02b48c6 RE	173	ssl2_new, /* local */
	174	ssl2_clear, /* local */
	175	ssl2_free, /* local */
	176	ssl_undefined_function,
	177	ssl_undefined_function,
	178	ssl2_read,
	179	ssl2_peek,
	180	ssl2_write,
	181	ssl2_shutdown,
dfeab068 RE	182	ssl_ok, /* NULL - renegotiate */
dfeab068 RE	183	ssl_ok, /* NULL - check renegotiate */
d02b48c6 RE	184	ssl2_ctrl, /* local */
	185	ssl2_ctx_ctrl, /* local */
	186	ssl2_get_cipher_by_char,
	187	ssl2_put_cipher_by_char,
	188	ssl2_pending,
	189	ssl2_num_ciphers,
	190	ssl2_get_cipher,
	191	ssl_bad_method,
	192	ssl2_default_timeout,
58964a49	193	&ssl3_undef_enc_method,
d02b48c6 RE	194	};
d02b48c6 RE	195
6b691a5c	196	static long ssl2_default_timeout(void)
d02b48c6 RE	197	{
	198	return(300);
	199	}
	200
6b691a5c	201	SSL_METHOD *sslv2_base_method(void)
d02b48c6 RE	202	{
	203	return(&SSLv2_data);
	204	}
	205
6b691a5c	206	int ssl2_num_ciphers(void)
d02b48c6 RE	207	{
	208	return(SSL2_NUM_CIPHERS);
	209	}
	210
6b691a5c	211	SSL_CIPHER *ssl2_get_cipher(unsigned int u)
d02b48c6 RE	212	{
	213	if (u < SSL2_NUM_CIPHERS)
	214	return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u]));
	215	else
	216	return(NULL);
	217	}
	218
6b691a5c	219	int ssl2_pending(SSL *s)
d02b48c6 RE	220	{
	221	return(s->s2->ract_data_length);
	222	}
	223
6b691a5c	224	int ssl2_new(SSL *s)
d02b48c6 RE	225	{
	226	SSL2_CTX *s2;
	227
	228	if ((s2=(SSL2_CTX *)Malloc(sizeof(SSL2_CTX))) == NULL) goto err;
58964a49	229	memset(s2,0,sizeof(SSL2_CTX));
d02b48c6 RE	230
	231	if ((s2->rbuf=(unsigned char *)Malloc(
	232	SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
	233	if ((s2->wbuf=(unsigned char *)Malloc(
	234	SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
	235	s->s2=s2;
	236
	237	ssl2_clear(s);
	238	return(1);
	239	err:
	240	if (s2 != NULL)
	241	{
	242	if (s2->wbuf != NULL) Free(s2->wbuf);
	243	if (s2->rbuf != NULL) Free(s2->rbuf);
	244	Free(s2);
	245	}
	246	return(0);
	247	}
	248
6b691a5c	249	void ssl2_free(SSL *s)
d02b48c6 RE	250	{
	251	SSL2_CTX *s2;
	252
e03ddfae BL	253	if(s == NULL)
	254	return;
	255
d02b48c6 RE	256	s2=s->s2;
	257	if (s2->rbuf != NULL) Free(s2->rbuf);
	258	if (s2->wbuf != NULL) Free(s2->wbuf);
	259	memset(s2,0,sizeof(SSL2_CTX));
	260	Free(s2);
	261	s->s2=NULL;
	262	}
	263
6b691a5c	264	void ssl2_clear(SSL *s)
d02b48c6 RE	265	{
	266	SSL2_CTX *s2;
	267	unsigned char rbuf,wbuf;
	268
	269	s2=s->s2;
	270
	271	rbuf=s2->rbuf;
	272	wbuf=s2->wbuf;
	273
	274	memset(s2,0,sizeof(SSL2_CTX));
	275
	276	s2->rbuf=rbuf;
	277	s2->wbuf=wbuf;
	278	s2->clear_text=1;
d02b48c6	279	s->packet=s2->rbuf;
58964a49	280	s->version=SSL2_VERSION;
d02b48c6 RE	281	s->packet_length=0;
	282	}
	283
6b691a5c	284	long ssl2_ctrl(SSL s, int cmd, long larg, char parg)
d02b48c6	285	{
58964a49 RE	286	int ret=0;
	287
	288	switch(cmd)
	289	{
	290	case SSL_CTRL_GET_SESSION_REUSED:
	291	ret=s->hit;
	292	break;
	293	default:
	294	break;
	295	}
	296	return(ret);
d02b48c6 RE	297	}
d02b48c6 RE	298
6b691a5c	299	long ssl2_ctx_ctrl(SSL_CTX ctx, int cmd, long larg, char parg)
d02b48c6 RE	300	{
	301	return(0);
	302	}
	303
	304	/* This function needs to check if the ciphers required are actually
	305	* available */
6b691a5c	306	SSL_CIPHER ssl2_get_cipher_by_char(const unsigned char p)
d02b48c6 RE	307	{
	308	static int init=1;
	309	static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
	310	SSL_CIPHER c,cp= &c,*cpp;
	311	unsigned long id;
	312	int i;
	313
	314	if (init)
	315	{
5cc146f3	316	CRYPTO_w_lock(CRYPTO_LOCK_SSL);
d02b48c6 RE	317
	318	for (i=0; i<SSL2_NUM_CIPHERS; i++)
	319	sorted[i]= &(ssl2_ciphers[i]);
	320
	321	qsort( (char *)sorted,
	322	SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
	323	FP_ICC ssl_cipher_ptr_id_cmp);
5cc146f3 BM	324
	325	CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
	326	init=0;
d02b48c6 RE	327	}
	328
	329	id=0x02000000L\|((unsigned long)p[0]<<16L)\|
	330	((unsigned long)p[1]<<8L)\|(unsigned long)p[2];
	331	c.id=id;
	332	cpp=(SSL_CIPHER *)OBJ_bsearch((char )&cp,
	333	(char *)sorted,
	334	SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
	335	(int (*)())ssl_cipher_ptr_id_cmp);
	336	if ((cpp == NULL) \|\| !(*cpp)->valid)
	337	return(NULL);
	338	else
	339	return(*cpp);
	340	}
	341
6b691a5c	342	int ssl2_put_cipher_by_char(const SSL_CIPHER c, unsigned char p)
d02b48c6 RE	343	{
	344	long l;
	345
	346	if (p != NULL)
	347	{
	348	l=c->id;
	349	if ((l & 0xff000000) != 0x02000000) return(0);
	350	p[0]=((unsigned char)(l>>16L))&0xFF;
	351	p[1]=((unsigned char)(l>> 8L))&0xFF;
	352	p[2]=((unsigned char)(l ))&0xFF;
	353	}
	354	return(3);
	355	}
	356
6b691a5c	357	void ssl2_generate_key_material(SSL *s)
d02b48c6 RE	358	{
	359	unsigned int i;
	360	MD5_CTX ctx;
	361	unsigned char *km;
	362	unsigned char c='0';
	363
	364	km=s->s2->key_material;
	365	for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
	366	{
	367	MD5_Init(&ctx);
	368
	369	MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
	370	MD5_Update(&ctx,(unsigned char *)&c,1);
	371	c++;
	372	MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length);
	373	MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length);
	374	MD5_Final(km,&ctx);
	375	km+=MD5_DIGEST_LENGTH;
	376	}
	377	}
	378
6b691a5c	379	void ssl2_return_error(SSL *s, int err)
d02b48c6 RE	380	{
	381	if (!s->error)
	382	{
	383	s->error=3;
	384	s->error_code=err;
	385
	386	ssl2_write_error(s);
	387	}
	388	}
	389
	390
6b691a5c	391	void ssl2_write_error(SSL *s)
d02b48c6	392	{
61f5b6f3	393	unsigned char buf[3];
d02b48c6 RE	394	int i,error;
	395
	396	buf[0]=SSL2_MT_ERROR;
	397	buf[1]=(s->error_code>>8)&0xff;
	398	buf[2]=(s->error_code)&0xff;
	399
	400	/* state=s->rwstate;*/
	401	error=s->error;
	402	s->error=0;
	403	i=ssl2_write(s,&(buf[3-error]),error);
	404	/* if (i == error) s->rwstate=state; */
	405
	406	if (i < 0)
	407	s->error=error;
	408	else if (i != s->error)
	409	s->error=error-i;
	410	/* else
	411	s->error=0; */
	412	}
	413
6b691a5c	414	int ssl2_shutdown(SSL *s)
d02b48c6 RE	415	{
	416	s->shutdown=(SSL_SENT_SHUTDOWN\|SSL_RECEIVED_SHUTDOWN);
	417	return(1);
	418	}
79df9d62	419	#endif