19a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom/* ssl/t1_reneg.c */ 29a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 39a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * All rights reserved. 49a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 59a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * This package is an SSL implementation written 69a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * by Eric Young (eay@cryptsoft.com). 79a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * The implementation was written so as to conform with Netscapes SSL. 89a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 99a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * This library is free for commercial and non-commercial use as long as 109a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * the following conditions are aheared to. The following conditions 119a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * apply to all code found in this distribution, be it the RC4, RSA, 129a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * lhash, DES, etc., code; not just the SSL code. The SSL documentation 139a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * included with this distribution is covered by the same copyright terms 149a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * except that the holder is Tim Hudson (tjh@cryptsoft.com). 159a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 169a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * Copyright remains Eric Young's, and as such any Copyright notices in 179a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * the code are not to be removed. 189a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * If this package is used in a product, Eric Young should be given attribution 199a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * as the author of the parts of the library used. 209a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * This can be in the form of a textual message at program startup or 219a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * in documentation (online or textual) provided with the package. 229a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 239a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * Redistribution and use in source and binary forms, with or without 249a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * modification, are permitted provided that the following conditions 259a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * are met: 269a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 1. Redistributions of source code must retain the copyright 279a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * notice, this list of conditions and the following disclaimer. 289a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 2. Redistributions in binary form must reproduce the above copyright 299a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * notice, this list of conditions and the following disclaimer in the 309a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * documentation and/or other materials provided with the distribution. 319a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 3. All advertising materials mentioning features or use of this software 329a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * must display the following acknowledgement: 339a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * "This product includes cryptographic software written by 349a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * Eric Young (eay@cryptsoft.com)" 359a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * The word 'cryptographic' can be left out if the rouines from the library 369a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * being used are not cryptographic related :-). 379a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 4. If you include any Windows specific code (or a derivative thereof) from 389a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * the apps directory (application code) you must include an acknowledgement: 399a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 409a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 419a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 429a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 439a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 449a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 459a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 469a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 479a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 489a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 499a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 509a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 519a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * SUCH DAMAGE. 529a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 539a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * The licence and distribution terms for any publically available version or 549a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * derivative of this code cannot be changed. i.e. this code cannot simply be 559a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * copied and put under another distribution licence 569a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * [including the GNU Public Licence.] 579a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom */ 589a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom/* ==================================================================== 599a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * Copyright (c) 1998-2009 The OpenSSL Project. All rights reserved. 609a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 619a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * Redistribution and use in source and binary forms, with or without 629a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * modification, are permitted provided that the following conditions 639a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * are met: 649a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 659a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 1. Redistributions of source code must retain the above copyright 669a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * notice, this list of conditions and the following disclaimer. 679a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 689a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 2. Redistributions in binary form must reproduce the above copyright 699a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * notice, this list of conditions and the following disclaimer in 709a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * the documentation and/or other materials provided with the 719a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * distribution. 729a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 739a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 3. All advertising materials mentioning features or use of this 749a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * software must display the following acknowledgment: 759a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * "This product includes software developed by the OpenSSL Project 769a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 779a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 789a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 799a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * endorse or promote products derived from this software without 809a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * prior written permission. For written permission, please contact 819a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * openssl-core@openssl.org. 829a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 839a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 5. Products derived from this software may not be called "OpenSSL" 849a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * nor may "OpenSSL" appear in their names without prior written 859a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * permission of the OpenSSL Project. 869a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 879a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 6. Redistributions of any form whatsoever must retain the following 889a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * acknowledgment: 899a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * "This product includes software developed by the OpenSSL Project 909a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 919a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 929a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 939a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 949a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 959a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 969a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 979a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 989a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 999a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 1009a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 1019a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 1029a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 1039a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * OF THE POSSIBILITY OF SUCH DAMAGE. 1049a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * ==================================================================== 1059a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 1069a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * This product includes cryptographic software written by Eric Young 1079a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * (eay@cryptsoft.com). This product includes software written by Tim 1089a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * Hudson (tjh@cryptsoft.com). 1099a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom * 1109a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom */ 1119a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#include <stdio.h> 1129a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#include <openssl/objects.h> 1139a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#include "ssl_locl.h" 1149a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1159a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom/* Add the client's renegotiation binding */ 1169a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstromint ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len, 1179a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom int maxlen) 1189a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 1199a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(p) 1209a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 1219a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if((s->s3->previous_client_finished_len+1) > maxlen) 1229a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 1239a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATE_EXT_TOO_LONG); 1249a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 1259a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 1269a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1279a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom /* Length byte */ 1289a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *p = s->s3->previous_client_finished_len; 1299a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom p++; 1309a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1319a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom memcpy(p, s->s3->previous_client_finished, 1329a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->previous_client_finished_len); 1339a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#ifdef OPENSSL_RI_DEBUG 1349a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom fprintf(stderr, "%s RI extension sent by client\n", 1359a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->previous_client_finished_len ? "Non-empty" : "Empty"); 1369a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#endif 1379a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 1389a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1399a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *len=s->s3->previous_client_finished_len + 1; 1409a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1419a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1429a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 1; 1439a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 1449a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1459a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom/* Parse the client's renegotiation binding and abort if it's not 1469a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom right */ 1479a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstromint ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len, 1489a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom int *al) 1499a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 1509a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom int ilen; 1519a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1529a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom /* Parse the length byte */ 1539a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(len < 1) 1549a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 1559a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_ENCODING_ERR); 1569a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *al=SSL_AD_ILLEGAL_PARAMETER; 1579a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 1589a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 1599a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom ilen = *d; 1609a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom d++; 1619a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1629a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom /* Consistency check */ 1639a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if((ilen+1) != len) 1649a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 1659a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_ENCODING_ERR); 1669a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *al=SSL_AD_ILLEGAL_PARAMETER; 1679a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 1689a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 1699a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1709a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom /* Check that the extension matches */ 1719a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(ilen != s->s3->previous_client_finished_len) 1729a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 1739a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH); 1749a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *al=SSL_AD_HANDSHAKE_FAILURE; 1759a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 1769a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 1779a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1789a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(memcmp(d, s->s3->previous_client_finished, 1799a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->previous_client_finished_len)) 1809a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 1819a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH); 1829a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *al=SSL_AD_HANDSHAKE_FAILURE; 1839a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 1849a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 1859a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#ifdef OPENSSL_RI_DEBUG 1869a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom fprintf(stderr, "%s RI extension received by server\n", 1879a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom ilen ? "Non-empty" : "Empty"); 1889a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#endif 1899a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1909a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->send_connection_binding=1; 1919a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1929a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 1; 1939a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 1949a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 1959a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom/* Add the server's renegotiation binding */ 1969a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstromint ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len, 1979a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom int maxlen) 1989a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 1999a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(p) 2009a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 2019a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if((s->s3->previous_client_finished_len + 2029a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->previous_server_finished_len + 1) > maxlen) 2039a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 2049a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATE_EXT_TOO_LONG); 2059a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 2069a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 2079a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2089a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom /* Length byte */ 2099a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *p = s->s3->previous_client_finished_len + s->s3->previous_server_finished_len; 2109a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom p++; 2119a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2129a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom memcpy(p, s->s3->previous_client_finished, 2139a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->previous_client_finished_len); 2149a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom p += s->s3->previous_client_finished_len; 2159a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2169a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom memcpy(p, s->s3->previous_server_finished, 2179a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->previous_server_finished_len); 2189a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#ifdef OPENSSL_RI_DEBUG 2199a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom fprintf(stderr, "%s RI extension sent by server\n", 2209a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->previous_client_finished_len ? "Non-empty" : "Empty"); 2219a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#endif 2229a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 2239a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2249a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *len=s->s3->previous_client_finished_len 2259a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom + s->s3->previous_server_finished_len + 1; 2269a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2279a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 1; 2289a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 2299a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2309a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom/* Parse the server's renegotiation binding and abort if it's not 2319a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom right */ 2329a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstromint ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len, 2339a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom int *al) 2349a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 2359a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom int expected_len=s->s3->previous_client_finished_len 2369a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom + s->s3->previous_server_finished_len; 2379a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom int ilen; 2389a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2399a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom /* Check for logic errors */ 2409a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom OPENSSL_assert(!expected_len || s->s3->previous_client_finished_len); 2419a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom OPENSSL_assert(!expected_len || s->s3->previous_server_finished_len); 2429a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2439a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom /* Parse the length byte */ 2449a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(len < 1) 2459a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 2469a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_ENCODING_ERR); 2479a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *al=SSL_AD_ILLEGAL_PARAMETER; 2489a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 2499a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 2509a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom ilen = *d; 2519a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom d++; 2529a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2539a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom /* Consistency check */ 2549a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(ilen+1 != len) 2559a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 2569a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_ENCODING_ERR); 2579a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *al=SSL_AD_ILLEGAL_PARAMETER; 2589a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 2599a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 2609a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2619a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom /* Check that the extension matches */ 2629a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(ilen != expected_len) 2639a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 2649a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH); 2659a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *al=SSL_AD_HANDSHAKE_FAILURE; 2669a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 2679a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 2689a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2699a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(memcmp(d, s->s3->previous_client_finished, 2709a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->previous_client_finished_len)) 2719a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 2729a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH); 2739a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *al=SSL_AD_HANDSHAKE_FAILURE; 2749a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 2759a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 2769a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom d += s->s3->previous_client_finished_len; 2779a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2789a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom if(memcmp(d, s->s3->previous_server_finished, 2799a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->previous_server_finished_len)) 2809a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom { 2819a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH); 2829a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom *al=SSL_AD_ILLEGAL_PARAMETER; 2839a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 0; 2849a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 2859a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#ifdef OPENSSL_RI_DEBUG 2869a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom fprintf(stderr, "%s RI extension received by client\n", 2879a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom ilen ? "Non-empty" : "Empty"); 2889a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom#endif 2899a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom s->s3->send_connection_binding=1; 2909a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom 2919a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom return 1; 2929a830ab822682a48105b28e501d6f7c1077557c7Brian Carlstrom } 293