diff options
| author |   beck <beck@openbsd.org> | 2000-03-19 11:07:35 +0000 |
|---|---|---|
| committer | beck <beck@openbsd.org> | 2000-03-19 11:07:35 +0000 |
| commit | ba5406e9b35230c537ab6fcb7b2fb173a1cea3c3 (patch) | |
| tree | a7183e186150526f5c72717dac37cdabf1b43e51 /lib/libssl/src/ssl/s2_srvr.c | |
| parent | Allow environment variables on command/config lines; markk@knigma.org (diff) | |
| download | wireguard-openbsd-ba5406e9b35230c537ab6fcb7b2fb173a1cea3c3.tar.xz wireguard-openbsd-ba5406e9b35230c537ab6fcb7b2fb173a1cea3c3.zip | |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'lib/libssl/src/ssl/s2_srvr.c')
| -rw-r--r-- | lib/libssl/src/ssl/s2_srvr.c | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/lib/libssl/src/ssl/s2_srvr.c b/lib/libssl/src/ssl/s2_srvr.c index 9aeedef55f6..332e2844511 100644 --- a/lib/libssl/src/ssl/s2_srvr.c +++ b/lib/libssl/src/ssl/s2_srvr.c @@ -56,12 +56,12 @@ * [including the GNU Public Licence.] */ -#ifndef NO_RSA +#include "ssl_locl.h" +#ifndef NO_SSL2 #include <stdio.h> #include <openssl/bio.h> #include <openssl/rand.h> #include <openssl/objects.h> -#include "ssl_locl.h" #include <openssl/evp.h> static SSL_METHOD *ssl2_get_server_method(int ver); @@ -109,7 +109,7 @@ int ssl2_accept(SSL *s) void (*cb)()=NULL; int new_state,state; - RAND_seed(&l,sizeof(l)); + RAND_add(&l,sizeof(l),0); ERR_clear_error(); clear_sys_error(); @@ -415,7 +415,7 @@ static int get_client_master_key(SSL *s) i=ek; else i=EVP_CIPHER_key_length(c); - RAND_bytes(p,i); + RAND_pseudo_bytes(p,i); } #else if (i < 0) @@ -680,7 +680,7 @@ static int server_hello(SSL *s) /* make and send conn_id */ s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */ s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH; - RAND_bytes(s->s2->conn_id,(int)s->s2->conn_id_length); + RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length); memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH); d+=SSL2_CONNECTION_ID_LENGTH; @@ -689,7 +689,7 @@ static int server_hello(SSL *s) s->init_off=0; } /* SSL2_ST_SEND_SERVER_HELLO_B */ - /* If we are using TCP/IP, the performace is bad if we do 2 + /* If we are using TCP/IP, the performance is bad if we do 2 * writes without a read between them. This occurs when * Session-id reuse is used, so I will put in a buffering module */ @@ -798,7 +798,7 @@ static int request_certificate(SSL *s) p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_REQUEST_CERTIFICATE; *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION; - RAND_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); + RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B; @@ -898,7 +898,7 @@ static int request_certificate(SSL *s) EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL); - buf2=(unsigned char *)Malloc((unsigned int)i); + buf2=Malloc((unsigned int)i); if (buf2 == NULL) { SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE); @@ -921,6 +921,7 @@ static int request_certificate(SSL *s) X509_free(s->session->peer); s->session->peer=x509; CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); + s->session->verify_result = s->verify_result; ret=1; goto end; } @@ -965,4 +966,10 @@ static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB); return(i); } +#else /* !NO_SSL2 */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + #endif |