xref: /openbsd-src/lib/libssl/s3_lib.c (revision ce7e0fc6a9d74d25b78fb6ad846387717f5172b6)
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer.
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 
112 #include <stdio.h>
113 #include <openssl/objects.h>
114 #include "ssl_locl.h"
115 #include "kssl_lcl.h"
116 #include <openssl/md5.h>
117 
118 const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
119 
120 #define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
121 
122 static long ssl3_default_timeout(void );
123 
124 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
125 /* The RSA ciphers */
126 /* Cipher 01 */
127 	{
128 	1,
129 	SSL3_TXT_RSA_NULL_MD5,
130 	SSL3_CK_RSA_NULL_MD5,
131 	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
132 	SSL_NOT_EXP,
133 	0,
134 	0,
135 	0,
136 	SSL_ALL_CIPHERS,
137 	SSL_ALL_STRENGTHS,
138 	},
139 /* Cipher 02 */
140 	{
141 	1,
142 	SSL3_TXT_RSA_NULL_SHA,
143 	SSL3_CK_RSA_NULL_SHA,
144 	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
145 	SSL_NOT_EXP,
146 	0,
147 	0,
148 	0,
149 	SSL_ALL_CIPHERS,
150 	SSL_ALL_STRENGTHS,
151 	},
152 
153 /* anon DH */
154 /* Cipher 17 */
155 	{
156 	1,
157 	SSL3_TXT_ADH_RC4_40_MD5,
158 	SSL3_CK_ADH_RC4_40_MD5,
159 	SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
160 	SSL_EXPORT|SSL_EXP40,
161 	0,
162 	40,
163 	128,
164 	SSL_ALL_CIPHERS,
165 	SSL_ALL_STRENGTHS,
166 	},
167 /* Cipher 18 */
168 	{
169 	1,
170 	SSL3_TXT_ADH_RC4_128_MD5,
171 	SSL3_CK_ADH_RC4_128_MD5,
172 	SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
173 	SSL_NOT_EXP|SSL_MEDIUM,
174 	0,
175 	128,
176 	128,
177 	SSL_ALL_CIPHERS,
178 	SSL_ALL_STRENGTHS,
179 	},
180 /* Cipher 19 */
181 	{
182 	1,
183 	SSL3_TXT_ADH_DES_40_CBC_SHA,
184 	SSL3_CK_ADH_DES_40_CBC_SHA,
185 	SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
186 	SSL_EXPORT|SSL_EXP40,
187 	0,
188 	40,
189 	128,
190 	SSL_ALL_CIPHERS,
191 	SSL_ALL_STRENGTHS,
192 	},
193 /* Cipher 1A */
194 	{
195 	1,
196 	SSL3_TXT_ADH_DES_64_CBC_SHA,
197 	SSL3_CK_ADH_DES_64_CBC_SHA,
198 	SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
199 	SSL_NOT_EXP|SSL_LOW,
200 	0,
201 	56,
202 	56,
203 	SSL_ALL_CIPHERS,
204 	SSL_ALL_STRENGTHS,
205 	},
206 /* Cipher 1B */
207 	{
208 	1,
209 	SSL3_TXT_ADH_DES_192_CBC_SHA,
210 	SSL3_CK_ADH_DES_192_CBC_SHA,
211 	SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
212 	SSL_NOT_EXP|SSL_HIGH,
213 	0,
214 	168,
215 	168,
216 	SSL_ALL_CIPHERS,
217 	SSL_ALL_STRENGTHS,
218 	},
219 
220 /* RSA again */
221 /* Cipher 03 */
222 	{
223 	1,
224 	SSL3_TXT_RSA_RC4_40_MD5,
225 	SSL3_CK_RSA_RC4_40_MD5,
226 	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
227 	SSL_EXPORT|SSL_EXP40,
228 	0,
229 	40,
230 	128,
231 	SSL_ALL_CIPHERS,
232 	SSL_ALL_STRENGTHS,
233 	},
234 /* Cipher 04 */
235 	{
236 	1,
237 	SSL3_TXT_RSA_RC4_128_MD5,
238 	SSL3_CK_RSA_RC4_128_MD5,
239 	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
240 	SSL_NOT_EXP|SSL_MEDIUM,
241 	0,
242 	128,
243 	128,
244 	SSL_ALL_CIPHERS,
245 	SSL_ALL_STRENGTHS,
246 	},
247 /* Cipher 05 */
248 	{
249 	1,
250 	SSL3_TXT_RSA_RC4_128_SHA,
251 	SSL3_CK_RSA_RC4_128_SHA,
252 	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
253 	SSL_NOT_EXP|SSL_MEDIUM,
254 	0,
255 	128,
256 	128,
257 	SSL_ALL_CIPHERS,
258 	SSL_ALL_STRENGTHS,
259 	},
260 /* Cipher 06 */
261 	{
262 	1,
263 	SSL3_TXT_RSA_RC2_40_MD5,
264 	SSL3_CK_RSA_RC2_40_MD5,
265 	SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
266 	SSL_EXPORT|SSL_EXP40,
267 	0,
268 	40,
269 	128,
270 	SSL_ALL_CIPHERS,
271 	SSL_ALL_STRENGTHS,
272 	},
273 /* Cipher 07 */
274 	{
275 	1,
276 	SSL3_TXT_RSA_IDEA_128_SHA,
277 	SSL3_CK_RSA_IDEA_128_SHA,
278 	SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
279 	SSL_NOT_EXP|SSL_MEDIUM,
280 	0,
281 	128,
282 	128,
283 	SSL_ALL_CIPHERS,
284 	SSL_ALL_STRENGTHS,
285 	},
286 /* Cipher 08 */
287 	{
288 	1,
289 	SSL3_TXT_RSA_DES_40_CBC_SHA,
290 	SSL3_CK_RSA_DES_40_CBC_SHA,
291 	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
292 	SSL_EXPORT|SSL_EXP40,
293 	0,
294 	40,
295 	56,
296 	SSL_ALL_CIPHERS,
297 	SSL_ALL_STRENGTHS,
298 	},
299 /* Cipher 09 */
300 	{
301 	1,
302 	SSL3_TXT_RSA_DES_64_CBC_SHA,
303 	SSL3_CK_RSA_DES_64_CBC_SHA,
304 	SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
305 	SSL_NOT_EXP|SSL_LOW,
306 	0,
307 	56,
308 	56,
309 	SSL_ALL_CIPHERS,
310 	SSL_ALL_STRENGTHS,
311 	},
312 /* Cipher 0A */
313 	{
314 	1,
315 	SSL3_TXT_RSA_DES_192_CBC3_SHA,
316 	SSL3_CK_RSA_DES_192_CBC3_SHA,
317 	SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
318 	SSL_NOT_EXP|SSL_HIGH,
319 	0,
320 	168,
321 	168,
322 	SSL_ALL_CIPHERS,
323 	SSL_ALL_STRENGTHS,
324 	},
325 
326 /*  The DH ciphers */
327 /* Cipher 0B */
328 	{
329 	0,
330 	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
331 	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
332 	SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
333 	SSL_EXPORT|SSL_EXP40,
334 	0,
335 	40,
336 	56,
337 	SSL_ALL_CIPHERS,
338 	SSL_ALL_STRENGTHS,
339 	},
340 /* Cipher 0C */
341 	{
342 	0,
343 	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
344 	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
345 	SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
346 	SSL_NOT_EXP|SSL_LOW,
347 	0,
348 	56,
349 	56,
350 	SSL_ALL_CIPHERS,
351 	SSL_ALL_STRENGTHS,
352 	},
353 /* Cipher 0D */
354 	{
355 	0,
356 	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
357 	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
358 	SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
359 	SSL_NOT_EXP|SSL_HIGH,
360 	0,
361 	168,
362 	168,
363 	SSL_ALL_CIPHERS,
364 	SSL_ALL_STRENGTHS,
365 	},
366 /* Cipher 0E */
367 	{
368 	0,
369 	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
370 	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
371 	SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
372 	SSL_EXPORT|SSL_EXP40,
373 	0,
374 	40,
375 	56,
376 	SSL_ALL_CIPHERS,
377 	SSL_ALL_STRENGTHS,
378 	},
379 /* Cipher 0F */
380 	{
381 	0,
382 	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
383 	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
384 	SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
385 	SSL_NOT_EXP|SSL_LOW,
386 	0,
387 	56,
388 	56,
389 	SSL_ALL_CIPHERS,
390 	SSL_ALL_STRENGTHS,
391 	},
392 /* Cipher 10 */
393 	{
394 	0,
395 	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
396 	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
397 	SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
398 	SSL_NOT_EXP|SSL_HIGH,
399 	0,
400 	168,
401 	168,
402 	SSL_ALL_CIPHERS,
403 	SSL_ALL_STRENGTHS,
404 	},
405 
406 /* The Ephemeral DH ciphers */
407 /* Cipher 11 */
408 	{
409 	1,
410 	SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
411 	SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
412 	SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
413 	SSL_EXPORT|SSL_EXP40,
414 	0,
415 	40,
416 	56,
417 	SSL_ALL_CIPHERS,
418 	SSL_ALL_STRENGTHS,
419 	},
420 /* Cipher 12 */
421 	{
422 	1,
423 	SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
424 	SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
425 	SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
426 	SSL_NOT_EXP|SSL_LOW,
427 	0,
428 	56,
429 	56,
430 	SSL_ALL_CIPHERS,
431 	SSL_ALL_STRENGTHS,
432 	},
433 /* Cipher 13 */
434 	{
435 	1,
436 	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
437 	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
438 	SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
439 	SSL_NOT_EXP|SSL_HIGH,
440 	0,
441 	168,
442 	168,
443 	SSL_ALL_CIPHERS,
444 	SSL_ALL_STRENGTHS,
445 	},
446 /* Cipher 14 */
447 	{
448 	1,
449 	SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
450 	SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
451 	SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
452 	SSL_EXPORT|SSL_EXP40,
453 	0,
454 	40,
455 	56,
456 	SSL_ALL_CIPHERS,
457 	SSL_ALL_STRENGTHS,
458 	},
459 /* Cipher 15 */
460 	{
461 	1,
462 	SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
463 	SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
464 	SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
465 	SSL_NOT_EXP|SSL_LOW,
466 	0,
467 	56,
468 	56,
469 	SSL_ALL_CIPHERS,
470 	SSL_ALL_STRENGTHS,
471 	},
472 /* Cipher 16 */
473 	{
474 	1,
475 	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
476 	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
477 	SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
478 	SSL_NOT_EXP|SSL_HIGH,
479 	0,
480 	168,
481 	168,
482 	SSL_ALL_CIPHERS,
483 	SSL_ALL_STRENGTHS,
484 	},
485 
486 /* Fortezza */
487 /* Cipher 1C */
488 	{
489 	0,
490 	SSL3_TXT_FZA_DMS_NULL_SHA,
491 	SSL3_CK_FZA_DMS_NULL_SHA,
492 	SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
493 	SSL_NOT_EXP,
494 	0,
495 	0,
496 	0,
497 	SSL_ALL_CIPHERS,
498 	SSL_ALL_STRENGTHS,
499 	},
500 
501 /* Cipher 1D */
502 	{
503 	0,
504 	SSL3_TXT_FZA_DMS_FZA_SHA,
505 	SSL3_CK_FZA_DMS_FZA_SHA,
506 	SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
507 	SSL_NOT_EXP,
508 	0,
509 	0,
510 	0,
511 	SSL_ALL_CIPHERS,
512 	SSL_ALL_STRENGTHS,
513 	},
514 
515 /* Cipher 1E */
516 	{
517 	0,
518 	SSL3_TXT_FZA_DMS_RC4_SHA,
519 	SSL3_CK_FZA_DMS_RC4_SHA,
520 	SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
521 	SSL_NOT_EXP|SSL_MEDIUM,
522 	0,
523 	128,
524 	128,
525 	SSL_ALL_CIPHERS,
526 	SSL_ALL_STRENGTHS,
527 	},
528 
529 #ifndef OPENSSL_NO_KRB5
530 /* The Kerberos ciphers
531 ** 20000107 VRS: And the first shall be last,
532 ** in hopes of avoiding the lynx ssl renegotiation problem.
533 */
534 /* Cipher 21 VRS */
535 	{
536 	1,
537 	SSL3_TXT_KRB5_DES_40_CBC_SHA,
538 	SSL3_CK_KRB5_DES_40_CBC_SHA,
539 	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
540 	SSL_EXPORT|SSL_EXP40,
541 	0,
542 	40,
543 	56,
544 	SSL_ALL_CIPHERS,
545 	SSL_ALL_STRENGTHS,
546 	},
547 
548 /* Cipher 22 VRS */
549 	{
550 	1,
551 	SSL3_TXT_KRB5_DES_40_CBC_MD5,
552 	SSL3_CK_KRB5_DES_40_CBC_MD5,
553 	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
554 	SSL_EXPORT|SSL_EXP40,
555 	0,
556 	40,
557 	56,
558 	SSL_ALL_CIPHERS,
559 	SSL_ALL_STRENGTHS,
560 	},
561 
562 /* Cipher 23 VRS */
563 	{
564 	1,
565 	SSL3_TXT_KRB5_DES_64_CBC_SHA,
566 	SSL3_CK_KRB5_DES_64_CBC_SHA,
567 	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
568 	SSL_NOT_EXP|SSL_LOW,
569 	0,
570 	56,
571 	56,
572 	SSL_ALL_CIPHERS,
573 	SSL_ALL_STRENGTHS,
574 	},
575 
576 /* Cipher 24 VRS */
577 	{
578 	1,
579 	SSL3_TXT_KRB5_DES_64_CBC_MD5,
580 	SSL3_CK_KRB5_DES_64_CBC_MD5,
581 	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
582 	SSL_NOT_EXP|SSL_LOW,
583 	0,
584 	56,
585 	56,
586 	SSL_ALL_CIPHERS,
587 	SSL_ALL_STRENGTHS,
588 	},
589 
590 /* Cipher 25 VRS */
591 	{
592 	1,
593 	SSL3_TXT_KRB5_DES_192_CBC3_SHA,
594 	SSL3_CK_KRB5_DES_192_CBC3_SHA,
595 	SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
596 	SSL_NOT_EXP|SSL_HIGH,
597 	0,
598 	112,
599 	168,
600 	SSL_ALL_CIPHERS,
601 	SSL_ALL_STRENGTHS,
602 	},
603 
604 /* Cipher 26 VRS */
605 	{
606 	1,
607 	SSL3_TXT_KRB5_DES_192_CBC3_MD5,
608 	SSL3_CK_KRB5_DES_192_CBC3_MD5,
609 	SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
610 	SSL_NOT_EXP|SSL_HIGH,
611 	0,
612 	112,
613 	168,
614 	SSL_ALL_CIPHERS,
615 	SSL_ALL_STRENGTHS,
616 	},
617 #endif	/* OPENSSL_NO_KRB5 */
618 
619 
620 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
621 	/* New TLS Export CipherSuites */
622 	/* Cipher 60 */
623 	    {
624 	    1,
625 	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
626 	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
627 	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
628 	    SSL_EXPORT|SSL_EXP56,
629 	    0,
630 	    56,
631 	    128,
632 	    SSL_ALL_CIPHERS,
633 	    SSL_ALL_STRENGTHS,
634 	    },
635 	/* Cipher 61 */
636 	    {
637 	    1,
638 	    TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
639 	    TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
640 	    SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
641 	    SSL_EXPORT|SSL_EXP56,
642 	    0,
643 	    56,
644 	    128,
645 	    SSL_ALL_CIPHERS,
646 	    SSL_ALL_STRENGTHS,
647 	    },
648 	/* Cipher 62 */
649 	    {
650 	    1,
651 	    TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
652 	    TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
653 	    SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
654 	    SSL_EXPORT|SSL_EXP56,
655 	    0,
656 	    56,
657 	    56,
658 	    SSL_ALL_CIPHERS,
659 	    SSL_ALL_STRENGTHS,
660 	    },
661 	/* Cipher 63 */
662 	    {
663 	    1,
664 	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
665 	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
666 	    SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
667 	    SSL_EXPORT|SSL_EXP56,
668 	    0,
669 	    56,
670 	    56,
671 	    SSL_ALL_CIPHERS,
672 	    SSL_ALL_STRENGTHS,
673 	    },
674 	/* Cipher 64 */
675 	    {
676 	    1,
677 	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
678 	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
679 	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
680 	    SSL_EXPORT|SSL_EXP56,
681 	    0,
682 	    56,
683 	    128,
684 	    SSL_ALL_CIPHERS,
685 	    SSL_ALL_STRENGTHS,
686 	    },
687 	/* Cipher 65 */
688 	    {
689 	    1,
690 	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
691 	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
692 	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
693 	    SSL_EXPORT|SSL_EXP56,
694 	    0,
695 	    56,
696 	    128,
697 	    SSL_ALL_CIPHERS,
698 	    SSL_ALL_STRENGTHS,
699 	    },
700 	/* Cipher 66 */
701 	    {
702 	    1,
703 	    TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
704 	    TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
705 	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
706 	    SSL_NOT_EXP|SSL_MEDIUM,
707 	    0,
708 	    128,
709 	    128,
710 	    SSL_ALL_CIPHERS,
711 	    SSL_ALL_STRENGTHS
712 	    },
713 #endif
714 	/* New AES ciphersuites */
715 
716 	/* Cipher 2F */
717 	    {
718 	    1,
719 	    TLS1_TXT_RSA_WITH_AES_128_SHA,
720 	    TLS1_CK_RSA_WITH_AES_128_SHA,
721 	    SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
722 	    SSL_NOT_EXP|SSL_MEDIUM,
723 	    0,
724 	    128,
725 	    128,
726 	    SSL_ALL_CIPHERS,
727 	    SSL_ALL_STRENGTHS,
728 	    },
729 	/* Cipher 30 */
730 	    {
731 	    0,
732 	    TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
733 	    TLS1_CK_DH_DSS_WITH_AES_128_SHA,
734 	    SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
735 	    SSL_NOT_EXP|SSL_MEDIUM,
736 	    0,
737 	    128,
738 	    128,
739 	    SSL_ALL_CIPHERS,
740 	    SSL_ALL_STRENGTHS,
741 	    },
742 	/* Cipher 31 */
743 	    {
744 	    0,
745 	    TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
746 	    TLS1_CK_DH_RSA_WITH_AES_128_SHA,
747 	    SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
748 	    SSL_NOT_EXP|SSL_MEDIUM,
749 	    0,
750 	    128,
751 	    128,
752 	    SSL_ALL_CIPHERS,
753 	    SSL_ALL_STRENGTHS,
754 	    },
755 	/* Cipher 32 */
756 	    {
757 	    1,
758 	    TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
759 	    TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
760 	    SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
761 	    SSL_NOT_EXP|SSL_MEDIUM,
762 	    0,
763 	    128,
764 	    128,
765 	    SSL_ALL_CIPHERS,
766 	    SSL_ALL_STRENGTHS,
767 	    },
768 	/* Cipher 33 */
769 	    {
770 	    1,
771 	    TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
772 	    TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
773 	    SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
774 	    SSL_NOT_EXP|SSL_MEDIUM,
775 	    0,
776 	    128,
777 	    128,
778 	    SSL_ALL_CIPHERS,
779 	    SSL_ALL_STRENGTHS,
780 	    },
781 	/* Cipher 34 */
782 	    {
783 	    1,
784 	    TLS1_TXT_ADH_WITH_AES_128_SHA,
785 	    TLS1_CK_ADH_WITH_AES_128_SHA,
786 	    SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
787 	    SSL_NOT_EXP|SSL_MEDIUM,
788 	    0,
789 	    128,
790 	    128,
791 	    SSL_ALL_CIPHERS,
792 	    SSL_ALL_STRENGTHS,
793 	    },
794 
795 	/* Cipher 35 */
796 	    {
797 	    1,
798 	    TLS1_TXT_RSA_WITH_AES_256_SHA,
799 	    TLS1_CK_RSA_WITH_AES_256_SHA,
800 	    SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
801 	    SSL_NOT_EXP|SSL_HIGH,
802 	    0,
803 	    256,
804 	    256,
805 	    SSL_ALL_CIPHERS,
806 	    SSL_ALL_STRENGTHS,
807 	    },
808 	/* Cipher 36 */
809 	    {
810 	    0,
811 	    TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
812 	    TLS1_CK_DH_DSS_WITH_AES_256_SHA,
813 	    SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
814 	    SSL_NOT_EXP|SSL_HIGH,
815 	    0,
816 	    256,
817 	    256,
818 	    SSL_ALL_CIPHERS,
819 	    SSL_ALL_STRENGTHS,
820 	    },
821 	/* Cipher 37 */
822 	    {
823 	    0,
824 	    TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
825 	    TLS1_CK_DH_RSA_WITH_AES_256_SHA,
826 	    SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
827 	    SSL_NOT_EXP|SSL_HIGH,
828 	    0,
829 	    256,
830 	    256,
831 	    SSL_ALL_CIPHERS,
832 	    SSL_ALL_STRENGTHS,
833 	    },
834 	/* Cipher 38 */
835 	    {
836 	    1,
837 	    TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
838 	    TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
839 	    SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
840 	    SSL_NOT_EXP|SSL_HIGH,
841 	    0,
842 	    256,
843 	    256,
844 	    SSL_ALL_CIPHERS,
845 	    SSL_ALL_STRENGTHS,
846 	    },
847 	/* Cipher 39 */
848 	    {
849 	    1,
850 	    TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
851 	    TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
852 	    SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
853 	    SSL_NOT_EXP|SSL_HIGH,
854 	    0,
855 	    256,
856 	    256,
857 	    SSL_ALL_CIPHERS,
858 	    SSL_ALL_STRENGTHS,
859 	    },
860 	/* Cipher 3A */
861 	    {
862 	    1,
863 	    TLS1_TXT_ADH_WITH_AES_256_SHA,
864 	    TLS1_CK_ADH_WITH_AES_256_SHA,
865 	    SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
866 	    SSL_NOT_EXP|SSL_HIGH,
867 	    0,
868 	    256,
869 	    256,
870 	    SSL_ALL_CIPHERS,
871 	    SSL_ALL_STRENGTHS,
872 	    },
873 
874 /* end of list */
875 	};
876 
877 static SSL3_ENC_METHOD SSLv3_enc_data={
878 	ssl3_enc,
879 	ssl3_mac,
880 	ssl3_setup_key_block,
881 	ssl3_generate_master_secret,
882 	ssl3_change_cipher_state,
883 	ssl3_final_finish_mac,
884 	MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
885 	ssl3_cert_verify_mac,
886 	SSL3_MD_CLIENT_FINISHED_CONST,4,
887 	SSL3_MD_SERVER_FINISHED_CONST,4,
888 	ssl3_alert_code,
889 	};
890 
891 static SSL_METHOD SSLv3_data= {
892 	SSL3_VERSION,
893 	ssl3_new,
894 	ssl3_clear,
895 	ssl3_free,
896 	ssl_undefined_function,
897 	ssl_undefined_function,
898 	ssl3_read,
899 	ssl3_peek,
900 	ssl3_write,
901 	ssl3_shutdown,
902 	ssl3_renegotiate,
903 	ssl3_renegotiate_check,
904 	ssl3_ctrl,
905 	ssl3_ctx_ctrl,
906 	ssl3_get_cipher_by_char,
907 	ssl3_put_cipher_by_char,
908 	ssl3_pending,
909 	ssl3_num_ciphers,
910 	ssl3_get_cipher,
911 	ssl_bad_method,
912 	ssl3_default_timeout,
913 	&SSLv3_enc_data,
914 	ssl_undefined_function,
915 	ssl3_callback_ctrl,
916 	ssl3_ctx_callback_ctrl,
917 	};
918 
919 static long ssl3_default_timeout(void)
920 	{
921 	/* 2 hours, the 24 hours mentioned in the SSLv3 spec
922 	 * is way too long for http, the cache would over fill */
923 	return(60*60*2);
924 	}
925 
926 SSL_METHOD *sslv3_base_method(void)
927 	{
928 	return(&SSLv3_data);
929 	}
930 
931 int ssl3_num_ciphers(void)
932 	{
933 	return(SSL3_NUM_CIPHERS);
934 	}
935 
936 SSL_CIPHER *ssl3_get_cipher(unsigned int u)
937 	{
938 	if (u < SSL3_NUM_CIPHERS)
939 		return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
940 	else
941 		return(NULL);
942 	}
943 
944 int ssl3_pending(SSL *s)
945 	{
946 	if (s->rstate == SSL_ST_READ_BODY)
947 		return 0;
948 
949 	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
950 	}
951 
952 int ssl3_new(SSL *s)
953 	{
954 	SSL3_STATE *s3;
955 
956 	if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
957 	memset(s3,0,sizeof *s3);
958 	EVP_MD_CTX_init(&s3->finish_dgst1);
959 	EVP_MD_CTX_init(&s3->finish_dgst2);
960 
961 	s->s3=s3;
962 
963 	s->method->ssl_clear(s);
964 	return(1);
965 err:
966 	return(0);
967 	}
968 
969 void ssl3_free(SSL *s)
970 	{
971 	if(s == NULL)
972 	    return;
973 
974 	ssl3_cleanup_key_block(s);
975 	if (s->s3->rbuf.buf != NULL)
976 		OPENSSL_free(s->s3->rbuf.buf);
977 	if (s->s3->wbuf.buf != NULL)
978 		OPENSSL_free(s->s3->wbuf.buf);
979 	if (s->s3->rrec.comp != NULL)
980 		OPENSSL_free(s->s3->rrec.comp);
981 #ifndef OPENSSL_NO_DH
982 	if (s->s3->tmp.dh != NULL)
983 		DH_free(s->s3->tmp.dh);
984 #endif
985 	if (s->s3->tmp.ca_names != NULL)
986 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
987 	EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
988 	EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
989 	memset(s->s3,0,sizeof *s->s3);
990 	OPENSSL_free(s->s3);
991 	s->s3=NULL;
992 	}
993 
994 void ssl3_clear(SSL *s)
995 	{
996 	unsigned char *rp,*wp;
997 	size_t rlen, wlen;
998 
999 	ssl3_cleanup_key_block(s);
1000 	if (s->s3->tmp.ca_names != NULL)
1001 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
1002 
1003 	if (s->s3->rrec.comp != NULL)
1004 		{
1005 		OPENSSL_free(s->s3->rrec.comp);
1006 		s->s3->rrec.comp=NULL;
1007 		}
1008 #ifndef OPENSSL_NO_DH
1009 	if (s->s3->tmp.dh != NULL)
1010 		DH_free(s->s3->tmp.dh);
1011 #endif
1012 
1013 	rp = s->s3->rbuf.buf;
1014 	wp = s->s3->wbuf.buf;
1015 	rlen = s->s3->rbuf.len;
1016  	wlen = s->s3->wbuf.len;
1017 
1018 	EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
1019 	EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
1020 
1021 	memset(s->s3,0,sizeof *s->s3);
1022 	s->s3->rbuf.buf = rp;
1023 	s->s3->wbuf.buf = wp;
1024 	s->s3->rbuf.len = rlen;
1025  	s->s3->wbuf.len = wlen;
1026 
1027 	ssl_free_wbio_buffer(s);
1028 
1029 	s->packet_length=0;
1030 	s->s3->renegotiate=0;
1031 	s->s3->total_renegotiations=0;
1032 	s->s3->num_renegotiations=0;
1033 	s->s3->in_read_app_data=0;
1034 	s->version=SSL3_VERSION;
1035 	}
1036 
1037 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1038 	{
1039 	int ret=0;
1040 
1041 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1042 	if (
1043 #ifndef OPENSSL_NO_RSA
1044 	    cmd == SSL_CTRL_SET_TMP_RSA ||
1045 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1046 #endif
1047 #ifndef OPENSSL_NO_DSA
1048 	    cmd == SSL_CTRL_SET_TMP_DH ||
1049 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
1050 #endif
1051 		0)
1052 		{
1053 		if (!ssl_cert_inst(&s->cert))
1054 		    	{
1055 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
1056 			return(0);
1057 			}
1058 		}
1059 #endif
1060 
1061 	switch (cmd)
1062 		{
1063 	case SSL_CTRL_GET_SESSION_REUSED:
1064 		ret=s->hit;
1065 		break;
1066 	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
1067 		break;
1068 	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
1069 		ret=s->s3->num_renegotiations;
1070 		break;
1071 	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
1072 		ret=s->s3->num_renegotiations;
1073 		s->s3->num_renegotiations=0;
1074 		break;
1075 	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
1076 		ret=s->s3->total_renegotiations;
1077 		break;
1078 	case SSL_CTRL_GET_FLAGS:
1079 		ret=(int)(s->s3->flags);
1080 		break;
1081 #ifndef OPENSSL_NO_RSA
1082 	case SSL_CTRL_NEED_TMP_RSA:
1083 		if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
1084 		    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1085 		     (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
1086 			ret = 1;
1087 		break;
1088 	case SSL_CTRL_SET_TMP_RSA:
1089 		{
1090 			RSA *rsa = (RSA *)parg;
1091 			if (rsa == NULL)
1092 				{
1093 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1094 				return(ret);
1095 				}
1096 			if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
1097 				{
1098 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
1099 				return(ret);
1100 				}
1101 			if (s->cert->rsa_tmp != NULL)
1102 				RSA_free(s->cert->rsa_tmp);
1103 			s->cert->rsa_tmp = rsa;
1104 			ret = 1;
1105 		}
1106 		break;
1107 	case SSL_CTRL_SET_TMP_RSA_CB:
1108 		{
1109 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1110 		return(ret);
1111 		}
1112 		break;
1113 #endif
1114 #ifndef OPENSSL_NO_DH
1115 	case SSL_CTRL_SET_TMP_DH:
1116 		{
1117 			DH *dh = (DH *)parg;
1118 			if (dh == NULL)
1119 				{
1120 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
1121 				return(ret);
1122 				}
1123 			if ((dh = DHparams_dup(dh)) == NULL)
1124 				{
1125 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1126 				return(ret);
1127 				}
1128 			if (!(s->options & SSL_OP_SINGLE_DH_USE))
1129 				{
1130 				if (!DH_generate_key(dh))
1131 					{
1132 					DH_free(dh);
1133 					SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
1134 					return(ret);
1135 					}
1136 				}
1137 			if (s->cert->dh_tmp != NULL)
1138 				DH_free(s->cert->dh_tmp);
1139 			s->cert->dh_tmp = dh;
1140 			ret = 1;
1141 		}
1142 		break;
1143 	case SSL_CTRL_SET_TMP_DH_CB:
1144 		{
1145 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1146 		return(ret);
1147 		}
1148 		break;
1149 #endif
1150 	default:
1151 		break;
1152 		}
1153 	return(ret);
1154 	}
1155 
1156 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
1157 	{
1158 	int ret=0;
1159 
1160 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
1161 	if (
1162 #ifndef OPENSSL_NO_RSA
1163 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
1164 #endif
1165 #ifndef OPENSSL_NO_DSA
1166 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
1167 #endif
1168 		0)
1169 		{
1170 		if (!ssl_cert_inst(&s->cert))
1171 			{
1172 			SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
1173 			return(0);
1174 			}
1175 		}
1176 #endif
1177 
1178 	switch (cmd)
1179 		{
1180 #ifndef OPENSSL_NO_RSA
1181 	case SSL_CTRL_SET_TMP_RSA_CB:
1182 		{
1183 		s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1184 		}
1185 		break;
1186 #endif
1187 #ifndef OPENSSL_NO_DH
1188 	case SSL_CTRL_SET_TMP_DH_CB:
1189 		{
1190 		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1191 		}
1192 		break;
1193 #endif
1194 	default:
1195 		break;
1196 		}
1197 	return(ret);
1198 	}
1199 
1200 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
1201 	{
1202 	CERT *cert;
1203 
1204 	cert=ctx->cert;
1205 
1206 	switch (cmd)
1207 		{
1208 #ifndef OPENSSL_NO_RSA
1209 	case SSL_CTRL_NEED_TMP_RSA:
1210 		if (	(cert->rsa_tmp == NULL) &&
1211 			((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1212 			 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
1213 			)
1214 			return(1);
1215 		else
1216 			return(0);
1217 		/* break; */
1218 	case SSL_CTRL_SET_TMP_RSA:
1219 		{
1220 		RSA *rsa;
1221 		int i;
1222 
1223 		rsa=(RSA *)parg;
1224 		i=1;
1225 		if (rsa == NULL)
1226 			i=0;
1227 		else
1228 			{
1229 			if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
1230 				i=0;
1231 			}
1232 		if (!i)
1233 			{
1234 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
1235 			return(0);
1236 			}
1237 		else
1238 			{
1239 			if (cert->rsa_tmp != NULL)
1240 				RSA_free(cert->rsa_tmp);
1241 			cert->rsa_tmp=rsa;
1242 			return(1);
1243 			}
1244 		}
1245 		/* break; */
1246 	case SSL_CTRL_SET_TMP_RSA_CB:
1247 		{
1248 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1249 		return(0);
1250 		}
1251 		break;
1252 #endif
1253 #ifndef OPENSSL_NO_DH
1254 	case SSL_CTRL_SET_TMP_DH:
1255 		{
1256 		DH *new=NULL,*dh;
1257 
1258 		dh=(DH *)parg;
1259 		if ((new=DHparams_dup(dh)) == NULL)
1260 			{
1261 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1262 			return 0;
1263 			}
1264 		if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
1265 			{
1266 			if (!DH_generate_key(new))
1267 				{
1268 				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
1269 				DH_free(new);
1270 				return 0;
1271 				}
1272 			}
1273 		if (cert->dh_tmp != NULL)
1274 			DH_free(cert->dh_tmp);
1275 		cert->dh_tmp=new;
1276 		return 1;
1277 		}
1278 		/*break; */
1279 	case SSL_CTRL_SET_TMP_DH_CB:
1280 		{
1281 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1282 		return(0);
1283 		}
1284 		break;
1285 #endif
1286 	/* A Thawte special :-) */
1287 	case SSL_CTRL_EXTRA_CHAIN_CERT:
1288 		if (ctx->extra_certs == NULL)
1289 			{
1290 			if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
1291 				return(0);
1292 			}
1293 		sk_X509_push(ctx->extra_certs,(X509 *)parg);
1294 		break;
1295 
1296 	default:
1297 		return(0);
1298 		}
1299 	return(1);
1300 	}
1301 
1302 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
1303 	{
1304 	CERT *cert;
1305 
1306 	cert=ctx->cert;
1307 
1308 	switch (cmd)
1309 		{
1310 #ifndef OPENSSL_NO_RSA
1311 	case SSL_CTRL_SET_TMP_RSA_CB:
1312 		{
1313 		cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
1314 		}
1315 		break;
1316 #endif
1317 #ifndef OPENSSL_NO_DH
1318 	case SSL_CTRL_SET_TMP_DH_CB:
1319 		{
1320 		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
1321 		}
1322 		break;
1323 #endif
1324 	default:
1325 		return(0);
1326 		}
1327 	return(1);
1328 	}
1329 
1330 /* This function needs to check if the ciphers required are actually
1331  * available */
1332 SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
1333 	{
1334 	static int init=1;
1335 	static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
1336 	SSL_CIPHER c,*cp= &c,**cpp;
1337 	unsigned long id;
1338 	int i;
1339 
1340 	if (init)
1341 		{
1342 		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
1343 
1344 		for (i=0; i<SSL3_NUM_CIPHERS; i++)
1345 			sorted[i]= &(ssl3_ciphers[i]);
1346 
1347 		qsort(	(char *)sorted,
1348 			SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1349 			FP_ICC ssl_cipher_ptr_id_cmp);
1350 
1351 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
1352 
1353 		init=0;
1354 		}
1355 
1356 	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
1357 	c.id=id;
1358 	cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
1359 		(char *)sorted,
1360 		SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
1361 		FP_ICC ssl_cipher_ptr_id_cmp);
1362 	if ((cpp == NULL) || !(*cpp)->valid)
1363 		return(NULL);
1364 	else
1365 		return(*cpp);
1366 	}
1367 
1368 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
1369 	{
1370 	long l;
1371 
1372 	if (p != NULL)
1373 		{
1374 		l=c->id;
1375 		if ((l & 0xff000000) != 0x03000000) return(0);
1376 		p[0]=((unsigned char)(l>> 8L))&0xFF;
1377 		p[1]=((unsigned char)(l     ))&0xFF;
1378 		}
1379 	return(2);
1380 	}
1381 
1382 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
1383 	     STACK_OF(SSL_CIPHER) *srvr)
1384 	{
1385 	SSL_CIPHER *c,*ret=NULL;
1386 	STACK_OF(SSL_CIPHER) *prio, *allow;
1387 	int i,j,ok;
1388 	CERT *cert;
1389 	unsigned long alg,mask,emask;
1390 
1391 	/* Let's see which ciphers we can support */
1392 	cert=s->cert;
1393 
1394 #if 0
1395 	/* Do not set the compare functions, because this may lead to a
1396 	 * reordering by "id". We want to keep the original ordering.
1397 	 * We may pay a price in performance during sk_SSL_CIPHER_find(),
1398 	 * but would have to pay with the price of sk_SSL_CIPHER_dup().
1399 	 */
1400 	sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
1401 	sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
1402 #endif
1403 
1404 #ifdef CIPHER_DEBUG
1405         printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
1406         for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
1407 	    {
1408 	    c=sk_SSL_CIPHER_value(srvr,i);
1409 	    printf("%p:%s\n",c,c->name);
1410 	    }
1411         printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
1412         for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
1413 	    {
1414 	    c=sk_SSL_CIPHER_value(clnt,i);
1415 	    printf("%p:%s\n",c,c->name);
1416 	    }
1417 #endif
1418 
1419 	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
1420 	    {
1421 	    prio = srvr;
1422 	    allow = clnt;
1423 	    }
1424 	else
1425 	    {
1426 	    prio = clnt;
1427 	    allow = srvr;
1428 	    }
1429 
1430 	for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
1431 		{
1432 		c=sk_SSL_CIPHER_value(prio,i);
1433 
1434 		ssl_set_cert_masks(cert,c);
1435 		mask=cert->mask;
1436 		emask=cert->export_mask;
1437 
1438 #ifdef KSSL_DEBUG
1439 		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
1440 #endif    /* KSSL_DEBUG */
1441 
1442 		alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
1443 #ifndef OPENSSL_NO_KRB5
1444                 if (alg & SSL_KRB5)
1445                         {
1446                         if ( !kssl_keytab_is_available(s->kssl_ctx) )
1447                             continue;
1448                         }
1449 #endif /* OPENSSL_NO_KRB5 */
1450 		if (SSL_C_IS_EXPORT(c))
1451 			{
1452 			ok=((alg & emask) == alg)?1:0;
1453 #ifdef CIPHER_DEBUG
1454 			printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
1455 			       c,c->name);
1456 #endif
1457 			}
1458 		else
1459 			{
1460 			ok=((alg & mask) == alg)?1:0;
1461 #ifdef CIPHER_DEBUG
1462 			printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
1463 			       c->name);
1464 #endif
1465 			}
1466 
1467 		if (!ok) continue;
1468 
1469 		j=sk_SSL_CIPHER_find(allow,c);
1470 		if (j >= 0)
1471 			{
1472 			ret=sk_SSL_CIPHER_value(allow,j);
1473 			break;
1474 			}
1475 		}
1476 	return(ret);
1477 	}
1478 
1479 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
1480 	{
1481 	int ret=0;
1482 	unsigned long alg;
1483 
1484 	alg=s->s3->tmp.new_cipher->algorithms;
1485 
1486 #ifndef OPENSSL_NO_DH
1487 	if (alg & (SSL_kDHr|SSL_kEDH))
1488 		{
1489 #  ifndef OPENSSL_NO_RSA
1490 		p[ret++]=SSL3_CT_RSA_FIXED_DH;
1491 #  endif
1492 #  ifndef OPENSSL_NO_DSA
1493 		p[ret++]=SSL3_CT_DSS_FIXED_DH;
1494 #  endif
1495 		}
1496 	if ((s->version == SSL3_VERSION) &&
1497 		(alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
1498 		{
1499 #  ifndef OPENSSL_NO_RSA
1500 		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
1501 #  endif
1502 #  ifndef OPENSSL_NO_DSA
1503 		p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
1504 #  endif
1505 		}
1506 #endif /* !OPENSSL_NO_DH */
1507 #ifndef OPENSSL_NO_RSA
1508 	p[ret++]=SSL3_CT_RSA_SIGN;
1509 #endif
1510 #ifndef OPENSSL_NO_DSA
1511 	p[ret++]=SSL3_CT_DSS_SIGN;
1512 #endif
1513 	return(ret);
1514 	}
1515 
1516 int ssl3_shutdown(SSL *s)
1517 	{
1518 
1519 	/* Don't do anything much if we have not done the handshake or
1520 	 * we don't want to send messages :-) */
1521 	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
1522 		{
1523 		s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
1524 		return(1);
1525 		}
1526 
1527 	if (!(s->shutdown & SSL_SENT_SHUTDOWN))
1528 		{
1529 		s->shutdown|=SSL_SENT_SHUTDOWN;
1530 #if 1
1531 		ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
1532 #endif
1533 		/* our shutdown alert has been sent now, and if it still needs
1534 	 	 * to be written, s->s3->alert_dispatch will be true */
1535 		}
1536 	else if (s->s3->alert_dispatch)
1537 		{
1538 		/* resend it if not sent */
1539 #if 1
1540 		ssl3_dispatch_alert(s);
1541 #endif
1542 		}
1543 	else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
1544 		{
1545 		/* If we are waiting for a close from our peer, we are closed */
1546 		ssl3_read_bytes(s,0,NULL,0,0);
1547 		}
1548 
1549 	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
1550 		!s->s3->alert_dispatch)
1551 		return(1);
1552 	else
1553 		return(0);
1554 	}
1555 
1556 int ssl3_write(SSL *s, const void *buf, int len)
1557 	{
1558 	int ret,n;
1559 
1560 #if 0
1561 	if (s->shutdown & SSL_SEND_SHUTDOWN)
1562 		{
1563 		s->rwstate=SSL_NOTHING;
1564 		return(0);
1565 		}
1566 #endif
1567 	clear_sys_error();
1568 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1569 
1570 	/* This is an experimental flag that sends the
1571 	 * last handshake message in the same packet as the first
1572 	 * use data - used to see if it helps the TCP protocol during
1573 	 * session-id reuse */
1574 	/* The second test is because the buffer may have been removed */
1575 	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
1576 		{
1577 		/* First time through, we write into the buffer */
1578 		if (s->s3->delay_buf_pop_ret == 0)
1579 			{
1580 			ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1581 					     buf,len);
1582 			if (ret <= 0) return(ret);
1583 
1584 			s->s3->delay_buf_pop_ret=ret;
1585 			}
1586 
1587 		s->rwstate=SSL_WRITING;
1588 		n=BIO_flush(s->wbio);
1589 		if (n <= 0) return(n);
1590 		s->rwstate=SSL_NOTHING;
1591 
1592 		/* We have flushed the buffer, so remove it */
1593 		ssl_free_wbio_buffer(s);
1594 		s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
1595 
1596 		ret=s->s3->delay_buf_pop_ret;
1597 		s->s3->delay_buf_pop_ret=0;
1598 		}
1599 	else
1600 		{
1601 		ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
1602 				     buf,len);
1603 		if (ret <= 0) return(ret);
1604 		}
1605 
1606 	return(ret);
1607 	}
1608 
1609 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
1610 	{
1611 	int ret;
1612 
1613 	clear_sys_error();
1614 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
1615 	s->s3->in_read_app_data=1;
1616 	ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1617 	if ((ret == -1) && (s->s3->in_read_app_data == 2))
1618 		{
1619 		/* ssl3_read_bytes decided to call s->handshake_func, which
1620 		 * called ssl3_read_bytes to read handshake data.
1621 		 * However, ssl3_read_bytes actually found application data
1622 		 * and thinks that application data makes sense here; so disable
1623 		 * handshake processing and try to read application data again. */
1624 		s->in_handshake++;
1625 		ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
1626 		s->in_handshake--;
1627 		}
1628 	else
1629 		s->s3->in_read_app_data=0;
1630 
1631 	return(ret);
1632 	}
1633 
1634 int ssl3_read(SSL *s, void *buf, int len)
1635 	{
1636 	return ssl3_read_internal(s, buf, len, 0);
1637 	}
1638 
1639 int ssl3_peek(SSL *s, void *buf, int len)
1640 	{
1641 	return ssl3_read_internal(s, buf, len, 1);
1642 	}
1643 
1644 int ssl3_renegotiate(SSL *s)
1645 	{
1646 	if (s->handshake_func == NULL)
1647 		return(1);
1648 
1649 	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
1650 		return(0);
1651 
1652 	s->s3->renegotiate=1;
1653 	return(1);
1654 	}
1655 
1656 int ssl3_renegotiate_check(SSL *s)
1657 	{
1658 	int ret=0;
1659 
1660 	if (s->s3->renegotiate)
1661 		{
1662 		if (	(s->s3->rbuf.left == 0) &&
1663 			(s->s3->wbuf.left == 0) &&
1664 			!SSL_in_init(s))
1665 			{
1666 /*
1667 if we are the server, and we have sent a 'RENEGOTIATE' message, we
1668 need to go to SSL_ST_ACCEPT.
1669 */
1670 			/* SSL_ST_ACCEPT */
1671 			s->state=SSL_ST_RENEGOTIATE;
1672 			s->s3->renegotiate=0;
1673 			s->s3->num_renegotiations++;
1674 			s->s3->total_renegotiations++;
1675 			ret=1;
1676 			}
1677 		}
1678 	return(ret);
1679 	}
1680 
1681