rhodes 3.3.5 → 3.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1678) hide show
  1. data/CHANGELOG +3 -1
  2. data/CREDITS +5 -0
  3. data/Rakefile +173 -17
  4. data/doc/build.txt +71 -27
  5. data/doc/configuration.txt +2 -0
  6. data/doc/device-caps.txt +103 -27
  7. data/doc/extensions.txt +49 -33
  8. data/doc/install.txt +15 -12
  9. data/doc/introduction.txt +1 -1
  10. data/doc/nfc.txt +3 -2
  11. data/doc/rhom.txt +22 -1
  12. data/doc/{rhostudio-eclipse.txt → rhostudio-eclipse_outdated.txt} +0 -0
  13. data/doc/rhostudio-test-plan.txt +79 -22
  14. data/doc/simulator.txt +19 -52
  15. data/doc/standard-css.txt +1 -1
  16. data/doc/synchronization.txt +2 -0
  17. data/doc/test-log-debug.txt +149 -1
  18. data/doc/ui.txt +57 -0
  19. data/lib/build/jake.rb +33 -22
  20. data/lib/extensions/barcode/ext/barcode/platform/iphone/Barcode.xcodeproj/project.pbxproj +4 -10
  21. data/lib/extensions/debugger/debugger.rb +18 -5
  22. data/lib/extensions/digest-md5/digest/md5.rb +0 -0
  23. data/lib/extensions/digest-md5/ext/iphone/Dmd5.xcodeproj/project.pbxproj +4 -10
  24. data/lib/extensions/digest-sha1/digest/sha1.rb +0 -0
  25. data/lib/extensions/digest-sha1/ext/iphone/Dsha1.xcodeproj/project.pbxproj +4 -10
  26. data/lib/extensions/digest-sha2/digest/sha2.rb +0 -0
  27. data/lib/extensions/digest-sha2/ext.yml +2 -0
  28. data/lib/extensions/digest-sha2/ext/Rakefile +128 -0
  29. data/lib/extensions/digest-sha2/ext/build +12 -0
  30. data/lib/extensions/digest-sha2/ext/build.bat +1 -0
  31. data/lib/extensions/digest-sha2/ext/depend +6 -0
  32. data/lib/extensions/digest-sha2/ext/digest-sha2.sln +44 -0
  33. data/lib/extensions/digest-sha2/ext/digest-sha2.vcproj +666 -0
  34. data/lib/extensions/digest-sha2/ext/extconf.rb +27 -0
  35. data/lib/extensions/digest-sha2/ext/iphone/Dsha2.xcodeproj/project.pbxproj +272 -0
  36. data/lib/extensions/digest-sha2/ext/iphone/Dsha2_Prefix.pch +7 -0
  37. data/lib/extensions/digest-sha2/ext/iphone/Rakefile +79 -0
  38. data/lib/extensions/digest-sha2/ext/sha2.c +1070 -0
  39. data/lib/extensions/digest-sha2/ext/sha2.h +225 -0
  40. data/lib/extensions/digest-sha2/ext/sha2.rb +1 -0
  41. data/lib/extensions/digest-sha2/ext/sha2init.c +56 -0
  42. data/lib/extensions/digest-sha2/ext/sha2ossl.c +11 -0
  43. data/lib/extensions/digest-sha2/ext/sha2ossl.h +17 -0
  44. data/lib/extensions/digest-sha2/sha2/sha2.rb +74 -0
  45. data/lib/extensions/digest/digest.so.rb +0 -0
  46. data/lib/extensions/digest/ext/iphone/Digest.xcodeproj/project.pbxproj +4 -10
  47. data/lib/extensions/esri/ext/esri/platform/iphone/ESRI.xcodeproj/project.pbxproj +4 -10
  48. data/lib/extensions/ezcrypto/ext/CHANGELOG +85 -0
  49. data/lib/extensions/ezcrypto/ext/MIT-LICENSE +21 -0
  50. data/lib/extensions/ezcrypto/ext/README.rdoc +152 -0
  51. data/lib/extensions/ezcrypto/ext/README_ACTIVE_CRYPTO +122 -0
  52. data/lib/extensions/ezcrypto/ext/README_DIGITAL_SIGNATURES +55 -0
  53. data/lib/extensions/ezcrypto/ext/rakefile +200 -0
  54. data/lib/extensions/ezcrypto/ext/test/active_crypto_test.rb +211 -0
  55. data/lib/extensions/ezcrypto/ext/test/agree2.com.cert +31 -0
  56. data/lib/extensions/ezcrypto/ext/test/association_key_holder_test.rb +38 -0
  57. data/lib/extensions/ezcrypto/ext/test/database.yml +18 -0
  58. data/lib/extensions/ezcrypto/ext/test/digest_test.rb +51 -0
  59. data/lib/extensions/ezcrypto/ext/test/dsakey.pem +12 -0
  60. data/lib/extensions/ezcrypto/ext/test/dsapubkey.pem +12 -0
  61. data/lib/extensions/ezcrypto/ext/test/dsig_test.rb +288 -0
  62. data/lib/extensions/ezcrypto/ext/test/encrypt_test.rb +41 -0
  63. data/lib/extensions/ezcrypto/ext/test/ezcrypto_test.rb +212 -0
  64. data/lib/extensions/ezcrypto/ext/test/key_holder_test.rb +44 -0
  65. data/lib/extensions/ezcrypto/ext/test/protectedsigner.pem +12 -0
  66. data/lib/extensions/ezcrypto/ext/test/sf-class2-root.crt +24 -0
  67. data/lib/extensions/ezcrypto/ext/test/sf_intermediate.crt +29 -0
  68. data/lib/extensions/ezcrypto/ext/test/test_helper.rb +35 -0
  69. data/lib/extensions/ezcrypto/ext/test/testchild.pem +15 -0
  70. data/lib/extensions/ezcrypto/ext/test/testchild.req +12 -0
  71. data/lib/extensions/ezcrypto/ext/test/testpub.pem +4 -0
  72. data/lib/extensions/ezcrypto/ext/test/testsigner.cert +20 -0
  73. data/lib/extensions/ezcrypto/ext/test/testsigner.pem +9 -0
  74. data/lib/extensions/ezcrypto/ext/test/valicert_class2_root.crt +18 -0
  75. data/lib/extensions/ezcrypto/ezcrypto.rb +1 -0
  76. data/lib/extensions/ezcrypto/ezcrypto/ezcrypto.rb +612 -0
  77. data/lib/extensions/ezcrypto/ezcrypto/ezsig.rb +535 -0
  78. data/lib/extensions/ezcrypto/ezcrypto/trusted.pem +2363 -0
  79. data/lib/extensions/fcntl/ext/iphone/Fcntl.xcodeproj/project.pbxproj +4 -10
  80. data/lib/extensions/fcntl/fcntl.rb +0 -0
  81. data/lib/extensions/nfc/ext/nfc/platform/android/src/com/rhomobile/nfc/Nfc.java +9 -22
  82. data/lib/extensions/openssl.so.src/ext.yml +2 -0
  83. data/lib/extensions/openssl.so.src/ext/Rakefile +107 -0
  84. data/lib/extensions/openssl.so.src/ext/build +12 -0
  85. data/lib/extensions/openssl.so.src/ext/build.bat +1 -0
  86. data/lib/extensions/openssl.so/ext.yml +9 -0
  87. data/lib/extensions/openssl.so/ext/Rakefile +139 -0
  88. data/lib/extensions/openssl.so/ext/android/libopenssl.so.a +0 -0
  89. data/lib/extensions/openssl.so/ext/build +12 -0
  90. data/lib/extensions/openssl.so/ext/build.bat +1 -0
  91. data/lib/extensions/openssl.so/ext/iphone/Rakefile +79 -0
  92. data/lib/extensions/openssl.so/ext/iphone/Release-iphoneos/libopenssl.so.a +0 -0
  93. data/lib/extensions/openssl.so/ext/iphone/Release-iphonesimulator/libopenssl.so.a +0 -0
  94. data/lib/extensions/openssl.so/ext/iphone/openssl/openssl.xcodeproj/project.pbxproj +4300 -0
  95. data/lib/extensions/openssl.so/ext/iphone/openssl/openssl/openssl-Prefix.pch +7 -0
  96. data/lib/extensions/openssl.so/ext/sources/apps/apps.h +373 -0
  97. data/lib/extensions/openssl.so/ext/sources/apps/progs.h +366 -0
  98. data/lib/extensions/openssl.so/ext/sources/apps/s_apps.h +176 -0
  99. data/lib/extensions/openssl.so/ext/sources/apps/testdsa.h +217 -0
  100. data/lib/extensions/openssl.so/ext/sources/apps/testrsa.h +518 -0
  101. data/lib/extensions/openssl.so/ext/sources/crypto/LPdir_unix.c +127 -0
  102. data/lib/extensions/openssl.so/ext/sources/crypto/LPdir_win.c +153 -0
  103. data/lib/extensions/openssl.so/ext/sources/crypto/LPdir_win32.c +30 -0
  104. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes.h +147 -0
  105. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_cbc.c +63 -0
  106. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_cfb.c +81 -0
  107. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_core.c +1358 -0
  108. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_ctr.c +61 -0
  109. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_ecb.c +73 -0
  110. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_ige.c +323 -0
  111. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_locl.h +89 -0
  112. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_misc.c +85 -0
  113. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_ofb.c +60 -0
  114. data/lib/extensions/openssl.so/ext/sources/crypto/aes/aes_wrap.c +259 -0
  115. data/lib/extensions/openssl.so/ext/sources/crypto/arm_arch.h +51 -0
  116. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_bitstr.c +248 -0
  117. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_bool.c +114 -0
  118. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_bytes.c +314 -0
  119. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_d2i_fp.c +286 -0
  120. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_digest.c +113 -0
  121. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_dup.c +109 -0
  122. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_enum.c +182 -0
  123. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_gentm.c +263 -0
  124. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_i2d_fp.c +163 -0
  125. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_int.c +458 -0
  126. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_mbstr.c +400 -0
  127. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_object.c +403 -0
  128. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_octet.c +71 -0
  129. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_print.c +127 -0
  130. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_set.c +241 -0
  131. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_sign.c +333 -0
  132. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_strex.c +574 -0
  133. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_strnid.c +290 -0
  134. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_time.c +198 -0
  135. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_type.c +159 -0
  136. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_utctm.c +318 -0
  137. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_utf8.c +211 -0
  138. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/a_verify.c +228 -0
  139. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/ameth_lib.c +460 -0
  140. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn1.h +1404 -0
  141. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn1_err.c +332 -0
  142. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn1_gen.c +854 -0
  143. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn1_lib.c +482 -0
  144. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn1_locl.h +145 -0
  145. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn1_mac.h +578 -0
  146. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn1_par.c +437 -0
  147. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn1t.h +960 -0
  148. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn_mime.c +951 -0
  149. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn_moid.c +160 -0
  150. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/asn_pack.c +191 -0
  151. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/bio_asn1.c +495 -0
  152. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/bio_ndef.c +243 -0
  153. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/charmap.h +15 -0
  154. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/d2i_pr.c +170 -0
  155. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/d2i_pu.c +139 -0
  156. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/evp_asn1.c +189 -0
  157. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/f_enum.c +207 -0
  158. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/f_int.c +219 -0
  159. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/f_string.c +212 -0
  160. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/i2d_pr.c +80 -0
  161. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/i2d_pu.c +95 -0
  162. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/n_pkey.c +357 -0
  163. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/nsseq.c +83 -0
  164. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/p5_pbe.c +148 -0
  165. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/p5_pbev2.c +280 -0
  166. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/p8_pkey.c +155 -0
  167. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/t_bitst.c +102 -0
  168. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/t_crl.c +132 -0
  169. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/t_pkey.c +114 -0
  170. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/t_req.c +266 -0
  171. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/t_spki.c +107 -0
  172. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/t_x509.c +528 -0
  173. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/t_x509a.c +110 -0
  174. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/tasn_dec.c +1347 -0
  175. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/tasn_enc.c +691 -0
  176. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/tasn_fre.c +266 -0
  177. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/tasn_new.c +396 -0
  178. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/tasn_prn.c +627 -0
  179. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/tasn_typ.c +148 -0
  180. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/tasn_utl.c +279 -0
  181. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_algor.c +144 -0
  182. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_attrib.c +118 -0
  183. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_bignum.c +139 -0
  184. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_crl.c +527 -0
  185. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_exten.c +76 -0
  186. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_info.c +114 -0
  187. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_long.c +179 -0
  188. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_name.c +519 -0
  189. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_nx509.c +72 -0
  190. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_pkey.c +151 -0
  191. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_pubkey.c +382 -0
  192. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_req.c +113 -0
  193. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_sig.c +69 -0
  194. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_spki.c +81 -0
  195. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_val.c +69 -0
  196. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_x509.c +194 -0
  197. data/lib/extensions/openssl.so/ext/sources/crypto/asn1/x_x509a.c +180 -0
  198. data/lib/extensions/openssl.so/ext/sources/crypto/bf/bf_cfb64.c +121 -0
  199. data/lib/extensions/openssl.so/ext/sources/crypto/bf/bf_ecb.c +96 -0
  200. data/lib/extensions/openssl.so/ext/sources/crypto/bf/bf_enc.c +306 -0
  201. data/lib/extensions/openssl.so/ext/sources/crypto/bf/bf_locl.h +219 -0
  202. data/lib/extensions/openssl.so/ext/sources/crypto/bf/bf_ofb64.c +110 -0
  203. data/lib/extensions/openssl.so/ext/sources/crypto/bf/bf_pi.h +325 -0
  204. data/lib/extensions/openssl.so/ext/sources/crypto/bf/bf_skey.c +124 -0
  205. data/lib/extensions/openssl.so/ext/sources/crypto/bf/blowfish.h +129 -0
  206. data/lib/extensions/openssl.so/ext/sources/crypto/bio/b_dump.c +187 -0
  207. data/lib/extensions/openssl.so/ext/sources/crypto/bio/b_print.c +842 -0
  208. data/lib/extensions/openssl.so/ext/sources/crypto/bio/b_sock.c +975 -0
  209. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bf_buff.c +512 -0
  210. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bf_nbio.c +253 -0
  211. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bf_null.c +183 -0
  212. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bio.h +847 -0
  213. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bio_cb.c +143 -0
  214. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bio_err.c +155 -0
  215. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bio_lcl.h +36 -0
  216. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bio_lib.c +602 -0
  217. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_acpt.c +478 -0
  218. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_bio.c +924 -0
  219. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_conn.c +652 -0
  220. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_dgram.c +1832 -0
  221. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_fd.c +319 -0
  222. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_file.c +477 -0
  223. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_log.c +399 -0
  224. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_mem.c +319 -0
  225. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_null.c +150 -0
  226. data/lib/extensions/openssl.so/ext/sources/crypto/bio/bss_sock.c +294 -0
  227. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn.h +891 -0
  228. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_add.c +313 -0
  229. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_asm.c +1030 -0
  230. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_blind.c +385 -0
  231. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_const.c +402 -0
  232. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_ctx.c +454 -0
  233. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_depr.c +112 -0
  234. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_div.c +446 -0
  235. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_err.c +150 -0
  236. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_exp.c +1097 -0
  237. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_exp2.c +312 -0
  238. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_gcd.c +654 -0
  239. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_gf2m.c +1113 -0
  240. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_kron.c +184 -0
  241. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_lcl.h +508 -0
  242. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_lib.c +826 -0
  243. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_mod.c +301 -0
  244. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_mont.c +509 -0
  245. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_mpi.c +130 -0
  246. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_mul.c +1166 -0
  247. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_nist.c +1102 -0
  248. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_prime.c +494 -0
  249. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_prime.h +327 -0
  250. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_print.c +378 -0
  251. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_rand.c +305 -0
  252. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_recp.c +234 -0
  253. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_shift.c +223 -0
  254. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_sqr.c +294 -0
  255. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_sqrt.c +393 -0
  256. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_word.c +247 -0
  257. data/lib/extensions/openssl.so/ext/sources/crypto/bn/bn_x931p.c +272 -0
  258. data/lib/extensions/openssl.so/ext/sources/crypto/buffer/buf_err.c +99 -0
  259. data/lib/extensions/openssl.so/ext/sources/crypto/buffer/buf_str.c +119 -0
  260. data/lib/extensions/openssl.so/ext/sources/crypto/buffer/buffer.c +203 -0
  261. data/lib/extensions/openssl.so/ext/sources/crypto/buffer/buffer.h +119 -0
  262. data/lib/extensions/openssl.so/ext/sources/crypto/buildinf.h +12 -0
  263. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/camellia.c +582 -0
  264. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/camellia.h +130 -0
  265. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/cmll_cbc.c +64 -0
  266. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/cmll_cfb.c +139 -0
  267. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/cmll_ctr.c +64 -0
  268. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/cmll_ecb.c +74 -0
  269. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/cmll_locl.h +86 -0
  270. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/cmll_misc.c +80 -0
  271. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/cmll_ofb.c +119 -0
  272. data/lib/extensions/openssl.so/ext/sources/crypto/camellia/cmll_utl.c +64 -0
  273. data/lib/extensions/openssl.so/ext/sources/crypto/cast/c_cfb64.c +121 -0
  274. data/lib/extensions/openssl.so/ext/sources/crypto/cast/c_ecb.c +79 -0
  275. data/lib/extensions/openssl.so/ext/sources/crypto/cast/c_enc.c +208 -0
  276. data/lib/extensions/openssl.so/ext/sources/crypto/cast/c_ofb64.c +110 -0
  277. data/lib/extensions/openssl.so/ext/sources/crypto/cast/c_skey.c +173 -0
  278. data/lib/extensions/openssl.so/ext/sources/crypto/cast/cast.h +107 -0
  279. data/lib/extensions/openssl.so/ext/sources/crypto/cast/cast_lcl.h +227 -0
  280. data/lib/extensions/openssl.so/ext/sources/crypto/cast/cast_s.h +585 -0
  281. data/lib/extensions/openssl.so/ext/sources/crypto/cmac/cm_ameth.c +97 -0
  282. data/lib/extensions/openssl.so/ext/sources/crypto/cmac/cm_pmeth.c +224 -0
  283. data/lib/extensions/openssl.so/ext/sources/crypto/cmac/cmac.c +308 -0
  284. data/lib/extensions/openssl.so/ext/sources/crypto/cmac/cmac.h +82 -0
  285. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms.h +501 -0
  286. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_asn1.c +389 -0
  287. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_att.c +195 -0
  288. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_cd.c +134 -0
  289. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_dd.c +148 -0
  290. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_enc.c +294 -0
  291. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_env.c +876 -0
  292. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_err.c +245 -0
  293. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_ess.c +420 -0
  294. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_io.c +133 -0
  295. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_lcl.h +473 -0
  296. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_lib.c +626 -0
  297. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_pwri.c +454 -0
  298. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_sd.c +985 -0
  299. data/lib/extensions/openssl.so/ext/sources/crypto/cms/cms_smime.c +850 -0
  300. data/lib/extensions/openssl.so/ext/sources/crypto/comp/c_rle.c +61 -0
  301. data/lib/extensions/openssl.so/ext/sources/crypto/comp/c_zlib.c +799 -0
  302. data/lib/extensions/openssl.so/ext/sources/crypto/comp/comp.h +80 -0
  303. data/lib/extensions/openssl.so/ext/sources/crypto/comp/comp_err.c +100 -0
  304. data/lib/extensions/openssl.so/ext/sources/crypto/comp/comp_lib.c +72 -0
  305. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf.h +263 -0
  306. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf_api.c +301 -0
  307. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf_api.h +89 -0
  308. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf_def.c +740 -0
  309. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf_def.h +180 -0
  310. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf_err.c +131 -0
  311. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf_lib.c +407 -0
  312. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf_mall.c +80 -0
  313. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf_mod.c +623 -0
  314. data/lib/extensions/openssl.so/ext/sources/crypto/conf/conf_sap.c +111 -0
  315. data/lib/extensions/openssl.so/ext/sources/crypto/cpt_err.c +105 -0
  316. data/lib/extensions/openssl.so/ext/sources/crypto/cryptlib.c +926 -0
  317. data/lib/extensions/openssl.so/ext/sources/crypto/cryptlib.h +111 -0
  318. data/lib/extensions/openssl.so/ext/sources/crypto/crypto.h +604 -0
  319. data/lib/extensions/openssl.so/ext/sources/crypto/cversion.c +117 -0
  320. data/lib/extensions/openssl.so/ext/sources/crypto/des/cbc_cksm.c +106 -0
  321. data/lib/extensions/openssl.so/ext/sources/crypto/des/cbc_enc.c +61 -0
  322. data/lib/extensions/openssl.so/ext/sources/crypto/des/cfb64ede.c +254 -0
  323. data/lib/extensions/openssl.so/ext/sources/crypto/des/cfb64enc.c +121 -0
  324. data/lib/extensions/openssl.so/ext/sources/crypto/des/cfb_enc.c +195 -0
  325. data/lib/extensions/openssl.so/ext/sources/crypto/des/des.h +248 -0
  326. data/lib/extensions/openssl.so/ext/sources/crypto/des/des_enc.c +400 -0
  327. data/lib/extensions/openssl.so/ext/sources/crypto/des/des_locl.h +432 -0
  328. data/lib/extensions/openssl.so/ext/sources/crypto/des/des_old.c +273 -0
  329. data/lib/extensions/openssl.so/ext/sources/crypto/des/des_old.h +446 -0
  330. data/lib/extensions/openssl.so/ext/sources/crypto/des/des_old2.c +82 -0
  331. data/lib/extensions/openssl.so/ext/sources/crypto/des/des_ver.h +71 -0
  332. data/lib/extensions/openssl.so/ext/sources/crypto/des/ecb3_enc.c +83 -0
  333. data/lib/extensions/openssl.so/ext/sources/crypto/des/ecb_enc.c +122 -0
  334. data/lib/extensions/openssl.so/ext/sources/crypto/des/ede_cbcm_enc.c +199 -0
  335. data/lib/extensions/openssl.so/ext/sources/crypto/des/enc_read.c +240 -0
  336. data/lib/extensions/openssl.so/ext/sources/crypto/des/enc_writ.c +179 -0
  337. data/lib/extensions/openssl.so/ext/sources/crypto/des/fcrypt.c +170 -0
  338. data/lib/extensions/openssl.so/ext/sources/crypto/des/fcrypt_b.c +143 -0
  339. data/lib/extensions/openssl.so/ext/sources/crypto/des/ncbc_enc.c +148 -0
  340. data/lib/extensions/openssl.so/ext/sources/crypto/des/ofb64ede.c +125 -0
  341. data/lib/extensions/openssl.so/ext/sources/crypto/des/ofb64enc.c +110 -0
  342. data/lib/extensions/openssl.so/ext/sources/crypto/des/ofb_enc.c +135 -0
  343. data/lib/extensions/openssl.so/ext/sources/crypto/des/pcbc_enc.c +123 -0
  344. data/lib/extensions/openssl.so/ext/sources/crypto/des/qud_cksm.c +139 -0
  345. data/lib/extensions/openssl.so/ext/sources/crypto/des/rand_key.c +68 -0
  346. data/lib/extensions/openssl.so/ext/sources/crypto/des/read2pwd.c +140 -0
  347. data/lib/extensions/openssl.so/ext/sources/crypto/des/rpc_des.h +131 -0
  348. data/lib/extensions/openssl.so/ext/sources/crypto/des/rpc_enc.c +98 -0
  349. data/lib/extensions/openssl.so/ext/sources/crypto/des/set_key.c +416 -0
  350. data/lib/extensions/openssl.so/ext/sources/crypto/des/spr.h +204 -0
  351. data/lib/extensions/openssl.so/ext/sources/crypto/des/str2key.c +174 -0
  352. data/lib/extensions/openssl.so/ext/sources/crypto/des/xcbc_enc.c +197 -0
  353. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh.h +280 -0
  354. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_ameth.c +501 -0
  355. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_asn1.c +93 -0
  356. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_check.c +142 -0
  357. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_depr.c +83 -0
  358. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_err.c +122 -0
  359. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_gen.c +192 -0
  360. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_key.c +292 -0
  361. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_lib.c +260 -0
  362. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_pmeth.c +254 -0
  363. data/lib/extensions/openssl.so/ext/sources/crypto/dh/dh_prn.c +80 -0
  364. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa.h +327 -0
  365. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_ameth.c +704 -0
  366. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_asn1.c +188 -0
  367. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_depr.c +106 -0
  368. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_err.c +130 -0
  369. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_gen.c +371 -0
  370. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_key.c +144 -0
  371. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_lib.c +329 -0
  372. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_locl.h +60 -0
  373. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_ossl.c +412 -0
  374. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_pmeth.c +318 -0
  375. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_prn.c +121 -0
  376. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_sign.c +114 -0
  377. data/lib/extensions/openssl.so/ext/sources/crypto/dsa/dsa_vrf.c +76 -0
  378. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso.h +409 -0
  379. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso_beos.c +270 -0
  380. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso_dl.c +393 -0
  381. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso_dlfcn.c +484 -0
  382. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso_err.c +159 -0
  383. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso_lib.c +483 -0
  384. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso_null.c +90 -0
  385. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso_openssl.c +83 -0
  386. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso_vms.c +525 -0
  387. data/lib/extensions/openssl.so/ext/sources/crypto/dso/dso_win32.c +844 -0
  388. data/lib/extensions/openssl.so/ext/sources/crypto/ebcdic.c +221 -0
  389. data/lib/extensions/openssl.so/ext/sources/crypto/ebcdic.h +19 -0
  390. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec.h +1159 -0
  391. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec2_mult.c +390 -0
  392. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec2_oct.c +407 -0
  393. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec2_smpl.c +719 -0
  394. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_ameth.c +660 -0
  395. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_asn1.c +1447 -0
  396. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_check.c +123 -0
  397. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_curve.c +2100 -0
  398. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_cvt.c +170 -0
  399. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_err.c +276 -0
  400. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_key.c +563 -0
  401. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_lcl.h +446 -0
  402. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_lib.c +1096 -0
  403. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_mult.c +940 -0
  404. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_oct.c +199 -0
  405. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_pmeth.c +341 -0
  406. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ec_print.c +195 -0
  407. data/lib/extensions/openssl.so/ext/sources/crypto/ec/eck_prn.c +392 -0
  408. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ecp_mont.c +323 -0
  409. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ecp_nist.c +217 -0
  410. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ecp_nistp224.c +1658 -0
  411. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ecp_nistp256.c +2171 -0
  412. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ecp_nistp521.c +2025 -0
  413. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ecp_nistputil.c +197 -0
  414. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ecp_oct.c +433 -0
  415. data/lib/extensions/openssl.so/ext/sources/crypto/ec/ecp_smpl.c +1360 -0
  416. data/lib/extensions/openssl.so/ext/sources/crypto/ecdh/ecdh.h +125 -0
  417. data/lib/extensions/openssl.so/ext/sources/crypto/ecdh/ech_err.c +100 -0
  418. data/lib/extensions/openssl.so/ext/sources/crypto/ecdh/ech_key.c +83 -0
  419. data/lib/extensions/openssl.so/ext/sources/crypto/ecdh/ech_lib.c +266 -0
  420. data/lib/extensions/openssl.so/ext/sources/crypto/ecdh/ech_locl.h +102 -0
  421. data/lib/extensions/openssl.so/ext/sources/crypto/ecdh/ech_ossl.c +215 -0
  422. data/lib/extensions/openssl.so/ext/sources/crypto/ecdsa/ecdsa.h +260 -0
  423. data/lib/extensions/openssl.so/ext/sources/crypto/ecdsa/ecs_asn1.c +69 -0
  424. data/lib/extensions/openssl.so/ext/sources/crypto/ecdsa/ecs_err.c +106 -0
  425. data/lib/extensions/openssl.so/ext/sources/crypto/ecdsa/ecs_lib.c +278 -0
  426. data/lib/extensions/openssl.so/ext/sources/crypto/ecdsa/ecs_locl.h +115 -0
  427. data/lib/extensions/openssl.so/ext/sources/crypto/ecdsa/ecs_ossl.c +483 -0
  428. data/lib/extensions/openssl.so/ext/sources/crypto/ecdsa/ecs_sign.c +106 -0
  429. data/lib/extensions/openssl.so/ext/sources/crypto/ecdsa/ecs_vrf.c +96 -0
  430. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_all.c +135 -0
  431. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_cnf.c +259 -0
  432. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_cryptodev.c +1450 -0
  433. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_ctrl.c +389 -0
  434. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_dyn.c +548 -0
  435. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_err.c +173 -0
  436. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_fat.c +182 -0
  437. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_init.c +154 -0
  438. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_int.h +206 -0
  439. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_lib.c +332 -0
  440. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_list.c +433 -0
  441. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_openssl.c +384 -0
  442. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_pkey.c +196 -0
  443. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_rdrand.c +142 -0
  444. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_rsax.c +668 -0
  445. data/lib/extensions/openssl.so/ext/sources/crypto/engine/eng_table.c +351 -0
  446. data/lib/extensions/openssl.so/ext/sources/crypto/engine/engine.h +842 -0
  447. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_asnmth.c +246 -0
  448. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_cipher.c +143 -0
  449. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_dh.c +118 -0
  450. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_digest.c +143 -0
  451. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_dsa.c +118 -0
  452. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_ecdh.c +133 -0
  453. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_ecdsa.c +118 -0
  454. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_pkmeth.c +167 -0
  455. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_rand.c +118 -0
  456. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_rsa.c +118 -0
  457. data/lib/extensions/openssl.so/ext/sources/crypto/engine/tb_store.c +123 -0
  458. data/lib/extensions/openssl.so/ext/sources/crypto/err/err.c +1138 -0
  459. data/lib/extensions/openssl.so/ext/sources/crypto/err/err.h +386 -0
  460. data/lib/extensions/openssl.so/ext/sources/crypto/err/err_all.c +167 -0
  461. data/lib/extensions/openssl.so/ext/sources/crypto/err/err_prn.c +114 -0
  462. data/lib/extensions/openssl.so/ext/sources/crypto/evp/bio_b64.c +598 -0
  463. data/lib/extensions/openssl.so/ext/sources/crypto/evp/bio_enc.c +428 -0
  464. data/lib/extensions/openssl.so/ext/sources/crypto/evp/bio_md.c +275 -0
  465. data/lib/extensions/openssl.so/ext/sources/crypto/evp/bio_ok.c +624 -0
  466. data/lib/extensions/openssl.so/ext/sources/crypto/evp/c_all.c +90 -0
  467. data/lib/extensions/openssl.so/ext/sources/crypto/evp/c_allc.c +230 -0
  468. data/lib/extensions/openssl.so/ext/sources/crypto/evp/c_alld.c +114 -0
  469. data/lib/extensions/openssl.so/ext/sources/crypto/evp/digest.c +403 -0
  470. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_aes.c +1313 -0
  471. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_aes_cbc_hmac_sha1.c +406 -0
  472. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_bf.c +88 -0
  473. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_camellia.c +131 -0
  474. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_cast.c +90 -0
  475. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_des.c +224 -0
  476. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_des3.c +316 -0
  477. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_idea.c +118 -0
  478. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_null.c +104 -0
  479. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_old.c +125 -0
  480. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_rc2.c +238 -0
  481. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_rc4.c +137 -0
  482. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_rc4_hmac_md5.c +298 -0
  483. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_rc5.c +126 -0
  484. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_seed.c +83 -0
  485. data/lib/extensions/openssl.so/ext/sources/crypto/evp/e_xcbc_d.c +138 -0
  486. data/lib/extensions/openssl.so/ext/sources/crypto/evp/encode.c +445 -0
  487. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp.h +1402 -0
  488. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp_acnf.c +73 -0
  489. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp_enc.c +681 -0
  490. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp_err.c +234 -0
  491. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp_fips.c +113 -0
  492. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp_key.c +189 -0
  493. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp_lib.c +316 -0
  494. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp_locl.h +385 -0
  495. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp_pbe.c +316 -0
  496. data/lib/extensions/openssl.so/ext/sources/crypto/evp/evp_pkey.c +242 -0
  497. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_dss.c +101 -0
  498. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_dss1.c +103 -0
  499. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_ecdsa.c +151 -0
  500. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_md4.c +103 -0
  501. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_md5.c +102 -0
  502. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_mdc2.c +103 -0
  503. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_null.c +95 -0
  504. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_ripemd.c +102 -0
  505. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_sha.c +101 -0
  506. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_sha1.c +209 -0
  507. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_sigver.c +200 -0
  508. data/lib/extensions/openssl.so/ext/sources/crypto/evp/m_wp.c +43 -0
  509. data/lib/extensions/openssl.so/ext/sources/crypto/evp/names.c +206 -0
  510. data/lib/extensions/openssl.so/ext/sources/crypto/evp/p5_crpt.c +143 -0
  511. data/lib/extensions/openssl.so/ext/sources/crypto/evp/p5_crpt2.c +322 -0
  512. data/lib/extensions/openssl.so/ext/sources/crypto/evp/p_dec.c +87 -0
  513. data/lib/extensions/openssl.so/ext/sources/crypto/evp/p_enc.c +86 -0
  514. data/lib/extensions/openssl.so/ext/sources/crypto/evp/p_lib.c +469 -0
  515. data/lib/extensions/openssl.so/ext/sources/crypto/evp/p_open.c +128 -0
  516. data/lib/extensions/openssl.so/ext/sources/crypto/evp/p_seal.c +116 -0
  517. data/lib/extensions/openssl.so/ext/sources/crypto/evp/p_sign.c +139 -0
  518. data/lib/extensions/openssl.so/ext/sources/crypto/evp/p_verify.c +121 -0
  519. data/lib/extensions/openssl.so/ext/sources/crypto/evp/pmeth_fn.c +368 -0
  520. data/lib/extensions/openssl.so/ext/sources/crypto/evp/pmeth_gn.c +221 -0
  521. data/lib/extensions/openssl.so/ext/sources/crypto/evp/pmeth_lib.c +593 -0
  522. data/lib/extensions/openssl.so/ext/sources/crypto/ex_data.c +636 -0
  523. data/lib/extensions/openssl.so/ext/sources/crypto/fips_err.h +209 -0
  524. data/lib/extensions/openssl.so/ext/sources/crypto/fips_ers.c +7 -0
  525. data/lib/extensions/openssl.so/ext/sources/crypto/hmac/hm_ameth.c +167 -0
  526. data/lib/extensions/openssl.so/ext/sources/crypto/hmac/hm_pmeth.c +271 -0
  527. data/lib/extensions/openssl.so/ext/sources/crypto/hmac/hmac.c +251 -0
  528. data/lib/extensions/openssl.so/ext/sources/crypto/hmac/hmac.h +110 -0
  529. data/lib/extensions/openssl.so/ext/sources/crypto/idea/i_cbc.c +168 -0
  530. data/lib/extensions/openssl.so/ext/sources/crypto/idea/i_cfb64.c +122 -0
  531. data/lib/extensions/openssl.so/ext/sources/crypto/idea/i_ecb.c +85 -0
  532. data/lib/extensions/openssl.so/ext/sources/crypto/idea/i_ofb64.c +111 -0
  533. data/lib/extensions/openssl.so/ext/sources/crypto/idea/i_skey.c +164 -0
  534. data/lib/extensions/openssl.so/ext/sources/crypto/idea/idea.h +103 -0
  535. data/lib/extensions/openssl.so/ext/sources/crypto/idea/idea_lcl.h +215 -0
  536. data/lib/extensions/openssl.so/ext/sources/crypto/krb5/krb5_asn.c +167 -0
  537. data/lib/extensions/openssl.so/ext/sources/crypto/krb5/krb5_asn.h +256 -0
  538. data/lib/extensions/openssl.so/ext/sources/crypto/lhash/lh_stats.c +248 -0
  539. data/lib/extensions/openssl.so/ext/sources/crypto/lhash/lhash.c +475 -0
  540. data/lib/extensions/openssl.so/ext/sources/crypto/lhash/lhash.h +241 -0
  541. data/lib/extensions/openssl.so/ext/sources/crypto/md32_common.h +415 -0
  542. data/lib/extensions/openssl.so/ext/sources/crypto/md4/md4.h +120 -0
  543. data/lib/extensions/openssl.so/ext/sources/crypto/md4/md4_dgst.c +168 -0
  544. data/lib/extensions/openssl.so/ext/sources/crypto/md4/md4_locl.h +112 -0
  545. data/lib/extensions/openssl.so/ext/sources/crypto/md4/md4_one.c +97 -0
  546. data/lib/extensions/openssl.so/ext/sources/crypto/md5/md5.h +120 -0
  547. data/lib/extensions/openssl.so/ext/sources/crypto/md5/md5_dgst.c +185 -0
  548. data/lib/extensions/openssl.so/ext/sources/crypto/md5/md5_locl.h +130 -0
  549. data/lib/extensions/openssl.so/ext/sources/crypto/md5/md5_one.c +97 -0
  550. data/lib/extensions/openssl.so/ext/sources/crypto/mdc2/mdc2.h +98 -0
  551. data/lib/extensions/openssl.so/ext/sources/crypto/mdc2/mdc2_one.c +76 -0
  552. data/lib/extensions/openssl.so/ext/sources/crypto/mdc2/mdc2dgst.c +200 -0
  553. data/lib/extensions/openssl.so/ext/sources/crypto/mem.c +420 -0
  554. data/lib/extensions/openssl.so/ext/sources/crypto/mem_clr.c +77 -0
  555. data/lib/extensions/openssl.so/ext/sources/crypto/mem_dbg.c +874 -0
  556. data/lib/extensions/openssl.so/ext/sources/crypto/modes/cbc128.c +202 -0
  557. data/lib/extensions/openssl.so/ext/sources/crypto/modes/ccm128.c +441 -0
  558. data/lib/extensions/openssl.so/ext/sources/crypto/modes/cfb128.c +242 -0
  559. data/lib/extensions/openssl.so/ext/sources/crypto/modes/ctr128.c +252 -0
  560. data/lib/extensions/openssl.so/ext/sources/crypto/modes/cts128.c +465 -0
  561. data/lib/extensions/openssl.so/ext/sources/crypto/modes/gcm128.c +1757 -0
  562. data/lib/extensions/openssl.so/ext/sources/crypto/modes/modes.h +135 -0
  563. data/lib/extensions/openssl.so/ext/sources/crypto/modes/modes_lcl.h +131 -0
  564. data/lib/extensions/openssl.so/ext/sources/crypto/modes/ofb128.c +121 -0
  565. data/lib/extensions/openssl.so/ext/sources/crypto/modes/xts128.c +187 -0
  566. data/lib/extensions/openssl.so/ext/sources/crypto/o_dir.c +83 -0
  567. data/lib/extensions/openssl.so/ext/sources/crypto/o_dir.h +53 -0
  568. data/lib/extensions/openssl.so/ext/sources/crypto/o_fips.c +96 -0
  569. data/lib/extensions/openssl.so/ext/sources/crypto/o_init.c +82 -0
  570. data/lib/extensions/openssl.so/ext/sources/crypto/o_str.c +111 -0
  571. data/lib/extensions/openssl.so/ext/sources/crypto/o_str.h +68 -0
  572. data/lib/extensions/openssl.so/ext/sources/crypto/o_time.c +372 -0
  573. data/lib/extensions/openssl.so/ext/sources/crypto/o_time.h +67 -0
  574. data/lib/extensions/openssl.so/ext/sources/crypto/objects/o_names.c +372 -0
  575. data/lib/extensions/openssl.so/ext/sources/crypto/objects/obj_dat.c +810 -0
  576. data/lib/extensions/openssl.so/ext/sources/crypto/objects/obj_dat.h +5102 -0
  577. data/lib/extensions/openssl.so/ext/sources/crypto/objects/obj_err.c +102 -0
  578. data/lib/extensions/openssl.so/ext/sources/crypto/objects/obj_lib.c +129 -0
  579. data/lib/extensions/openssl.so/ext/sources/crypto/objects/obj_mac.h +4032 -0
  580. data/lib/extensions/openssl.so/ext/sources/crypto/objects/obj_xref.c +234 -0
  581. data/lib/extensions/openssl.so/ext/sources/crypto/objects/obj_xref.h +77 -0
  582. data/lib/extensions/openssl.so/ext/sources/crypto/objects/objects.h +1138 -0
  583. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp.h +623 -0
  584. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp_asn.c +182 -0
  585. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp_cl.c +371 -0
  586. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp_err.c +142 -0
  587. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp_ext.c +518 -0
  588. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp_ht.c +504 -0
  589. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp_lib.c +266 -0
  590. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp_prn.c +290 -0
  591. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp_srv.c +264 -0
  592. data/lib/extensions/openssl.so/ext/sources/crypto/ocsp/ocsp_vfy.c +446 -0
  593. data/lib/extensions/openssl.so/ext/sources/crypto/opensslconf.h +230 -0
  594. data/lib/extensions/openssl.so/ext/sources/crypto/opensslconf.h.in +154 -0
  595. data/lib/extensions/openssl.so/ext/sources/crypto/opensslv.h +89 -0
  596. data/lib/extensions/openssl.so/ext/sources/crypto/ossl_typ.h +202 -0
  597. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem.h +641 -0
  598. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem2.h +70 -0
  599. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_all.c +296 -0
  600. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_err.c +161 -0
  601. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_info.c +405 -0
  602. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_lib.c +852 -0
  603. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_oth.c +86 -0
  604. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_pk8.c +242 -0
  605. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_pkey.c +242 -0
  606. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_seal.c +189 -0
  607. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_sign.c +102 -0
  608. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_x509.c +68 -0
  609. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pem_xaux.c +68 -0
  610. data/lib/extensions/openssl.so/ext/sources/crypto/pem/pvkfmt.c +950 -0
  611. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_add.c +240 -0
  612. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_asn.c +125 -0
  613. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_attr.c +145 -0
  614. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_crpt.c +112 -0
  615. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_crt.c +359 -0
  616. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_decr.c +184 -0
  617. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_init.c +92 -0
  618. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_key.c +219 -0
  619. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_kiss.c +302 -0
  620. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_mutl.c +190 -0
  621. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_npas.c +225 -0
  622. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_p8d.c +68 -0
  623. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_p8e.c +97 -0
  624. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/p12_utl.c +146 -0
  625. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/pk12err.c +144 -0
  626. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs12/pkcs12.h +331 -0
  627. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs7/bio_pk7.c +69 -0
  628. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs7/pk7_asn1.c +247 -0
  629. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs7/pk7_attr.c +165 -0
  630. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs7/pk7_doit.c +1299 -0
  631. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs7/pk7_lib.c +665 -0
  632. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs7/pk7_mime.c +97 -0
  633. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs7/pk7_smime.c +606 -0
  634. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs7/pkcs7.h +499 -0
  635. data/lib/extensions/openssl.so/ext/sources/crypto/pkcs7/pkcs7err.c +187 -0
  636. data/lib/extensions/openssl.so/ext/sources/crypto/pqueue/pqueue.c +252 -0
  637. data/lib/extensions/openssl.so/ext/sources/crypto/pqueue/pqueue.h +94 -0
  638. data/lib/extensions/openssl.so/ext/sources/crypto/rand/md_rand.c +592 -0
  639. data/lib/extensions/openssl.so/ext/sources/crypto/rand/rand.h +149 -0
  640. data/lib/extensions/openssl.so/ext/sources/crypto/rand/rand_egd.c +303 -0
  641. data/lib/extensions/openssl.so/ext/sources/crypto/rand/rand_err.c +100 -0
  642. data/lib/extensions/openssl.so/ext/sources/crypto/rand/rand_lcl.h +158 -0
  643. data/lib/extensions/openssl.so/ext/sources/crypto/rand/rand_lib.c +295 -0
  644. data/lib/extensions/openssl.so/ext/sources/crypto/rand/rand_nw.c +183 -0
  645. data/lib/extensions/openssl.so/ext/sources/crypto/rand/rand_os2.c +153 -0
  646. data/lib/extensions/openssl.so/ext/sources/crypto/rand/rand_unix.c +431 -0
  647. data/lib/extensions/openssl.so/ext/sources/crypto/rand/rand_win.c +807 -0
  648. data/lib/extensions/openssl.so/ext/sources/crypto/rand/randfile.c +326 -0
  649. data/lib/extensions/openssl.so/ext/sources/crypto/rc2/rc2.h +103 -0
  650. data/lib/extensions/openssl.so/ext/sources/crypto/rc2/rc2_cbc.c +226 -0
  651. data/lib/extensions/openssl.so/ext/sources/crypto/rc2/rc2_ecb.c +88 -0
  652. data/lib/extensions/openssl.so/ext/sources/crypto/rc2/rc2_locl.h +156 -0
  653. data/lib/extensions/openssl.so/ext/sources/crypto/rc2/rc2_skey.c +153 -0
  654. data/lib/extensions/openssl.so/ext/sources/crypto/rc2/rc2cfb64.c +122 -0
  655. data/lib/extensions/openssl.so/ext/sources/crypto/rc2/rc2ofb64.c +111 -0
  656. data/lib/extensions/openssl.so/ext/sources/crypto/rc4/rc4.h +90 -0
  657. data/lib/extensions/openssl.so/ext/sources/crypto/rc4/rc4_enc.c +315 -0
  658. data/lib/extensions/openssl.so/ext/sources/crypto/rc4/rc4_locl.h +5 -0
  659. data/lib/extensions/openssl.so/ext/sources/crypto/rc4/rc4_skey.c +116 -0
  660. data/lib/extensions/openssl.so/ext/sources/crypto/rc4/rc4_utl.c +62 -0
  661. data/lib/extensions/openssl.so/ext/sources/crypto/ripemd/ripemd.h +107 -0
  662. data/lib/extensions/openssl.so/ext/sources/crypto/ripemd/rmd_dgst.c +292 -0
  663. data/lib/extensions/openssl.so/ext/sources/crypto/ripemd/rmd_locl.h +150 -0
  664. data/lib/extensions/openssl.so/ext/sources/crypto/ripemd/rmd_one.c +78 -0
  665. data/lib/extensions/openssl.so/ext/sources/crypto/ripemd/rmdconst.h +399 -0
  666. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa.h +582 -0
  667. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_ameth.c +698 -0
  668. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_asn1.c +121 -0
  669. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_chk.c +184 -0
  670. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_crpt.c +257 -0
  671. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_depr.c +101 -0
  672. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_eay.c +915 -0
  673. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_err.c +209 -0
  674. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_gen.c +234 -0
  675. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_lib.c +333 -0
  676. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_locl.h +4 -0
  677. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_none.c +98 -0
  678. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_null.c +151 -0
  679. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_oaep.c +235 -0
  680. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_pk1.c +224 -0
  681. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_pmeth.c +723 -0
  682. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_prn.c +93 -0
  683. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_pss.c +300 -0
  684. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_saos.c +150 -0
  685. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_sign.c +318 -0
  686. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_ssl.c +154 -0
  687. data/lib/extensions/openssl.so/ext/sources/crypto/rsa/rsa_x931.c +177 -0
  688. data/lib/extensions/openssl.so/ext/sources/crypto/seed/seed.c +336 -0
  689. data/lib/extensions/openssl.so/ext/sources/crypto/seed/seed.h +139 -0
  690. data/lib/extensions/openssl.so/ext/sources/crypto/seed/seed_cbc.c +63 -0
  691. data/lib/extensions/openssl.so/ext/sources/crypto/seed/seed_cfb.c +116 -0
  692. data/lib/extensions/openssl.so/ext/sources/crypto/seed/seed_ecb.c +60 -0
  693. data/lib/extensions/openssl.so/ext/sources/crypto/seed/seed_locl.h +116 -0
  694. data/lib/extensions/openssl.so/ext/sources/crypto/seed/seed_ofb.c +116 -0
  695. data/lib/extensions/openssl.so/ext/sources/crypto/sha/sha.h +214 -0
  696. data/lib/extensions/openssl.so/ext/sources/crypto/sha/sha1_one.c +78 -0
  697. data/lib/extensions/openssl.so/ext/sources/crypto/sha/sha1dgst.c +75 -0
  698. data/lib/extensions/openssl.so/ext/sources/crypto/sha/sha256.c +282 -0
  699. data/lib/extensions/openssl.so/ext/sources/crypto/sha/sha512.c +597 -0
  700. data/lib/extensions/openssl.so/ext/sources/crypto/sha/sha_dgst.c +75 -0
  701. data/lib/extensions/openssl.so/ext/sources/crypto/sha/sha_locl.h +441 -0
  702. data/lib/extensions/openssl.so/ext/sources/crypto/sha/sha_one.c +78 -0
  703. data/lib/extensions/openssl.so/ext/sources/crypto/srp/srp.h +172 -0
  704. data/lib/extensions/openssl.so/ext/sources/crypto/srp/srp_grps.h +517 -0
  705. data/lib/extensions/openssl.so/ext/sources/crypto/srp/srp_lcl.h +83 -0
  706. data/lib/extensions/openssl.so/ext/sources/crypto/srp/srp_lib.c +357 -0
  707. data/lib/extensions/openssl.so/ext/sources/crypto/srp/srp_vfy.c +657 -0
  708. data/lib/extensions/openssl.so/ext/sources/crypto/stack/safestack.h +2663 -0
  709. data/lib/extensions/openssl.so/ext/sources/crypto/stack/stack.c +334 -0
  710. data/lib/extensions/openssl.so/ext/sources/crypto/stack/stack.h +108 -0
  711. data/lib/extensions/openssl.so/ext/sources/crypto/symhacks.h +477 -0
  712. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts.h +858 -0
  713. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_asn1.c +322 -0
  714. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_conf.c +507 -0
  715. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_err.c +179 -0
  716. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_lib.c +145 -0
  717. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_req_print.c +102 -0
  718. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_req_utils.c +234 -0
  719. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_rsp_print.c +287 -0
  720. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_rsp_sign.c +1020 -0
  721. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_rsp_utils.c +409 -0
  722. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_rsp_verify.c +728 -0
  723. data/lib/extensions/openssl.so/ext/sources/crypto/ts/ts_verify_ctx.c +159 -0
  724. data/lib/extensions/openssl.so/ext/sources/crypto/txt_db/txt_db.c +388 -0
  725. data/lib/extensions/openssl.so/ext/sources/crypto/txt_db/txt_db.h +112 -0
  726. data/lib/extensions/openssl.so/ext/sources/crypto/ui/ui.h +383 -0
  727. data/lib/extensions/openssl.so/ext/sources/crypto/ui/ui_compat.c +67 -0
  728. data/lib/extensions/openssl.so/ext/sources/crypto/ui/ui_compat.h +83 -0
  729. data/lib/extensions/openssl.so/ext/sources/crypto/ui/ui_err.c +112 -0
  730. data/lib/extensions/openssl.so/ext/sources/crypto/ui/ui_lib.c +924 -0
  731. data/lib/extensions/openssl.so/ext/sources/crypto/ui/ui_locl.h +153 -0
  732. data/lib/extensions/openssl.so/ext/sources/crypto/ui/ui_openssl.c +712 -0
  733. data/lib/extensions/openssl.so/ext/sources/crypto/ui/ui_util.c +91 -0
  734. data/lib/extensions/openssl.so/ext/sources/crypto/uid.c +89 -0
  735. data/lib/extensions/openssl.so/ext/sources/crypto/vms_rms.h +51 -0
  736. data/lib/extensions/openssl.so/ext/sources/crypto/whrlpool/whrlpool.h +41 -0
  737. data/lib/extensions/openssl.so/ext/sources/crypto/whrlpool/wp_block.c +655 -0
  738. data/lib/extensions/openssl.so/ext/sources/crypto/whrlpool/wp_dgst.c +265 -0
  739. data/lib/extensions/openssl.so/ext/sources/crypto/whrlpool/wp_locl.h +3 -0
  740. data/lib/extensions/openssl.so/ext/sources/crypto/x509/by_dir.c +482 -0
  741. data/lib/extensions/openssl.so/ext/sources/crypto/x509/by_file.c +300 -0
  742. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509.h +1297 -0
  743. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_att.c +359 -0
  744. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_cmp.c +344 -0
  745. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_d2.c +107 -0
  746. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_def.c +81 -0
  747. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_err.c +164 -0
  748. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_ext.c +210 -0
  749. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_lu.c +716 -0
  750. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_obj.c +226 -0
  751. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_r2x.c +114 -0
  752. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_req.c +316 -0
  753. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_set.c +150 -0
  754. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_trs.c +288 -0
  755. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_txt.c +193 -0
  756. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_v3.c +274 -0
  757. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_vfy.c +2214 -0
  758. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_vfy.h +567 -0
  759. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509_vpm.c +438 -0
  760. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509cset.c +170 -0
  761. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509name.c +383 -0
  762. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509rset.c +83 -0
  763. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509spki.c +121 -0
  764. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x509type.c +131 -0
  765. data/lib/extensions/openssl.so/ext/sources/crypto/x509/x_all.c +535 -0
  766. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/ext_dat.h +132 -0
  767. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/pcy_cache.c +286 -0
  768. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/pcy_data.c +135 -0
  769. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/pcy_int.h +212 -0
  770. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/pcy_lib.c +167 -0
  771. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/pcy_map.c +132 -0
  772. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/pcy_node.c +197 -0
  773. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/pcy_tree.c +872 -0
  774. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_addr.c +1338 -0
  775. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_akey.c +208 -0
  776. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_akeya.c +72 -0
  777. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_alt.c +614 -0
  778. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_asid.c +890 -0
  779. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_bcons.c +124 -0
  780. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_bitst.c +141 -0
  781. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_conf.c +525 -0
  782. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_cpols.c +457 -0
  783. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_crld.c +616 -0
  784. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_enum.c +97 -0
  785. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_extku.c +144 -0
  786. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_genn.c +252 -0
  787. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_ia5.c +116 -0
  788. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_info.c +193 -0
  789. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_int.c +89 -0
  790. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_lib.c +309 -0
  791. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_ncons.c +505 -0
  792. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_ocsp.c +289 -0
  793. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_pci.c +328 -0
  794. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_pcia.c +55 -0
  795. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_pcons.c +140 -0
  796. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_pku.c +108 -0
  797. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_pmaps.c +155 -0
  798. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_prn.c +234 -0
  799. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_purp.c +767 -0
  800. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_skey.c +145 -0
  801. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_sxnet.c +262 -0
  802. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3_utl.c +874 -0
  803. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/v3err.c +226 -0
  804. data/lib/extensions/openssl.so/ext/sources/crypto/x509v3/x509v3.h +1007 -0
  805. data/lib/extensions/openssl.so/ext/sources/e_os.h +735 -0
  806. data/lib/extensions/openssl.so/ext/sources/e_os2.h +315 -0
  807. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/e_gost_err.c +212 -0
  808. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/e_gost_err.h +156 -0
  809. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost2001.c +343 -0
  810. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost2001_keyx.c +308 -0
  811. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost2001_keyx.h +10 -0
  812. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost89.c +409 -0
  813. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost89.h +96 -0
  814. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost94_keyx.c +291 -0
  815. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_ameth.c +945 -0
  816. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_asn1.c +55 -0
  817. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_crypt.c +617 -0
  818. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_ctl.c +89 -0
  819. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_eng.c +273 -0
  820. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_keywrap.c +109 -0
  821. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_keywrap.h +56 -0
  822. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_lcl.h +221 -0
  823. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_md.c +75 -0
  824. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_params.c +198 -0
  825. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_params.h +34 -0
  826. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_pmeth.c +628 -0
  827. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gost_sign.c +321 -0
  828. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gosthash.c +255 -0
  829. data/lib/extensions/openssl.so/ext/sources/engines/ccgost/gosthash.h +48 -0
  830. data/lib/extensions/openssl.so/ext/sources/engines/e_4758cca.c +987 -0
  831. data/lib/extensions/openssl.so/ext/sources/engines/e_4758cca_err.c +153 -0
  832. data/lib/extensions/openssl.so/ext/sources/engines/e_4758cca_err.h +97 -0
  833. data/lib/extensions/openssl.so/ext/sources/engines/e_aep.c +1139 -0
  834. data/lib/extensions/openssl.so/ext/sources/engines/e_aep_err.c +161 -0
  835. data/lib/extensions/openssl.so/ext/sources/engines/e_aep_err.h +105 -0
  836. data/lib/extensions/openssl.so/ext/sources/engines/e_atalla.c +607 -0
  837. data/lib/extensions/openssl.so/ext/sources/engines/e_atalla_err.c +149 -0
  838. data/lib/extensions/openssl.so/ext/sources/engines/e_atalla_err.h +93 -0
  839. data/lib/extensions/openssl.so/ext/sources/engines/e_capi.c +1913 -0
  840. data/lib/extensions/openssl.so/ext/sources/engines/e_capi_err.c +184 -0
  841. data/lib/extensions/openssl.so/ext/sources/engines/e_capi_err.h +128 -0
  842. data/lib/extensions/openssl.so/ext/sources/engines/e_chil.c +1356 -0
  843. data/lib/extensions/openssl.so/ext/sources/engines/e_chil_err.c +160 -0
  844. data/lib/extensions/openssl.so/ext/sources/engines/e_chil_err.h +104 -0
  845. data/lib/extensions/openssl.so/ext/sources/engines/e_cswift.c +1129 -0
  846. data/lib/extensions/openssl.so/ext/sources/engines/e_cswift_err.c +154 -0
  847. data/lib/extensions/openssl.so/ext/sources/engines/e_cswift_err.h +98 -0
  848. data/lib/extensions/openssl.so/ext/sources/engines/e_gmp.c +480 -0
  849. data/lib/extensions/openssl.so/ext/sources/engines/e_gmp_err.c +141 -0
  850. data/lib/extensions/openssl.so/ext/sources/engines/e_gmp_err.h +85 -0
  851. data/lib/extensions/openssl.so/ext/sources/engines/e_nuron.c +434 -0
  852. data/lib/extensions/openssl.so/ext/sources/engines/e_nuron_err.c +146 -0
  853. data/lib/extensions/openssl.so/ext/sources/engines/e_nuron_err.h +90 -0
  854. data/lib/extensions/openssl.so/ext/sources/engines/e_padlock.c +1239 -0
  855. data/lib/extensions/openssl.so/ext/sources/engines/e_sureware.c +1055 -0
  856. data/lib/extensions/openssl.so/ext/sources/engines/e_sureware_err.c +158 -0
  857. data/lib/extensions/openssl.so/ext/sources/engines/e_sureware_err.h +102 -0
  858. data/lib/extensions/openssl.so/ext/sources/engines/e_ubsec.c +1069 -0
  859. data/lib/extensions/openssl.so/ext/sources/engines/e_ubsec_err.c +157 -0
  860. data/lib/extensions/openssl.so/ext/sources/engines/e_ubsec_err.h +101 -0
  861. data/lib/extensions/openssl.so/ext/sources/engines/vendor_defns/aep.h +178 -0
  862. data/lib/extensions/openssl.so/ext/sources/engines/vendor_defns/atalla.h +48 -0
  863. data/lib/extensions/openssl.so/ext/sources/engines/vendor_defns/cswift.h +234 -0
  864. data/lib/extensions/openssl.so/ext/sources/engines/vendor_defns/hw_4758_cca.h +149 -0
  865. data/lib/extensions/openssl.so/ext/sources/engines/vendor_defns/hw_ubsec.h +100 -0
  866. data/lib/extensions/openssl.so/ext/sources/engines/vendor_defns/hwcryptohook.h +486 -0
  867. data/lib/extensions/openssl.so/ext/sources/engines/vendor_defns/sureware.h +239 -0
  868. data/lib/extensions/openssl.so/ext/sources/include/openssl/aes.h +1 -0
  869. data/lib/extensions/openssl.so/ext/sources/include/openssl/asn1.h +1 -0
  870. data/lib/extensions/openssl.so/ext/sources/include/openssl/asn1_mac.h +1 -0
  871. data/lib/extensions/openssl.so/ext/sources/include/openssl/asn1t.h +1 -0
  872. data/lib/extensions/openssl.so/ext/sources/include/openssl/bio.h +1 -0
  873. data/lib/extensions/openssl.so/ext/sources/include/openssl/blowfish.h +1 -0
  874. data/lib/extensions/openssl.so/ext/sources/include/openssl/bn.h +1 -0
  875. data/lib/extensions/openssl.so/ext/sources/include/openssl/buffer.h +1 -0
  876. data/lib/extensions/openssl.so/ext/sources/include/openssl/camellia.h +1 -0
  877. data/lib/extensions/openssl.so/ext/sources/include/openssl/cast.h +1 -0
  878. data/lib/extensions/openssl.so/ext/sources/include/openssl/cmac.h +1 -0
  879. data/lib/extensions/openssl.so/ext/sources/include/openssl/cms.h +1 -0
  880. data/lib/extensions/openssl.so/ext/sources/include/openssl/comp.h +1 -0
  881. data/lib/extensions/openssl.so/ext/sources/include/openssl/conf.h +1 -0
  882. data/lib/extensions/openssl.so/ext/sources/include/openssl/conf_api.h +1 -0
  883. data/lib/extensions/openssl.so/ext/sources/include/openssl/crypto.h +1 -0
  884. data/lib/extensions/openssl.so/ext/sources/include/openssl/des.h +1 -0
  885. data/lib/extensions/openssl.so/ext/sources/include/openssl/des_old.h +1 -0
  886. data/lib/extensions/openssl.so/ext/sources/include/openssl/dh.h +1 -0
  887. data/lib/extensions/openssl.so/ext/sources/include/openssl/dsa.h +1 -0
  888. data/lib/extensions/openssl.so/ext/sources/include/openssl/dso.h +1 -0
  889. data/lib/extensions/openssl.so/ext/sources/include/openssl/dtls1.h +1 -0
  890. data/lib/extensions/openssl.so/ext/sources/include/openssl/e_os2.h +1 -0
  891. data/lib/extensions/openssl.so/ext/sources/include/openssl/ebcdic.h +1 -0
  892. data/lib/extensions/openssl.so/ext/sources/include/openssl/ec.h +1 -0
  893. data/lib/extensions/openssl.so/ext/sources/include/openssl/ecdh.h +1 -0
  894. data/lib/extensions/openssl.so/ext/sources/include/openssl/ecdsa.h +1 -0
  895. data/lib/extensions/openssl.so/ext/sources/include/openssl/engine.h +1 -0
  896. data/lib/extensions/openssl.so/ext/sources/include/openssl/err.h +1 -0
  897. data/lib/extensions/openssl.so/ext/sources/include/openssl/evp.h +1 -0
  898. data/lib/extensions/openssl.so/ext/sources/include/openssl/hmac.h +1 -0
  899. data/lib/extensions/openssl.so/ext/sources/include/openssl/idea.h +1 -0
  900. data/lib/extensions/openssl.so/ext/sources/include/openssl/krb5_asn.h +1 -0
  901. data/lib/extensions/openssl.so/ext/sources/include/openssl/kssl.h +1 -0
  902. data/lib/extensions/openssl.so/ext/sources/include/openssl/lhash.h +1 -0
  903. data/lib/extensions/openssl.so/ext/sources/include/openssl/md4.h +1 -0
  904. data/lib/extensions/openssl.so/ext/sources/include/openssl/md5.h +1 -0
  905. data/lib/extensions/openssl.so/ext/sources/include/openssl/mdc2.h +1 -0
  906. data/lib/extensions/openssl.so/ext/sources/include/openssl/modes.h +1 -0
  907. data/lib/extensions/openssl.so/ext/sources/include/openssl/obj_mac.h +1 -0
  908. data/lib/extensions/openssl.so/ext/sources/include/openssl/objects.h +1 -0
  909. data/lib/extensions/openssl.so/ext/sources/include/openssl/ocsp.h +1 -0
  910. data/lib/extensions/openssl.so/ext/sources/include/openssl/opensslconf.h +1 -0
  911. data/lib/extensions/openssl.so/ext/sources/include/openssl/opensslv.h +1 -0
  912. data/lib/extensions/openssl.so/ext/sources/include/openssl/ossl_typ.h +1 -0
  913. data/lib/extensions/openssl.so/ext/sources/include/openssl/pem.h +1 -0
  914. data/lib/extensions/openssl.so/ext/sources/include/openssl/pem2.h +1 -0
  915. data/lib/extensions/openssl.so/ext/sources/include/openssl/pkcs12.h +1 -0
  916. data/lib/extensions/openssl.so/ext/sources/include/openssl/pkcs7.h +1 -0
  917. data/lib/extensions/openssl.so/ext/sources/include/openssl/pqueue.h +1 -0
  918. data/lib/extensions/openssl.so/ext/sources/include/openssl/rand.h +1 -0
  919. data/lib/extensions/openssl.so/ext/sources/include/openssl/rc2.h +1 -0
  920. data/lib/extensions/openssl.so/ext/sources/include/openssl/rc4.h +1 -0
  921. data/lib/extensions/openssl.so/ext/sources/include/openssl/ripemd.h +1 -0
  922. data/lib/extensions/openssl.so/ext/sources/include/openssl/rsa.h +1 -0
  923. data/lib/extensions/openssl.so/ext/sources/include/openssl/safestack.h +1 -0
  924. data/lib/extensions/openssl.so/ext/sources/include/openssl/seed.h +1 -0
  925. data/lib/extensions/openssl.so/ext/sources/include/openssl/sha.h +1 -0
  926. data/lib/extensions/openssl.so/ext/sources/include/openssl/srp.h +1 -0
  927. data/lib/extensions/openssl.so/ext/sources/include/openssl/srtp.h +1 -0
  928. data/lib/extensions/openssl.so/ext/sources/include/openssl/ssl.h +1 -0
  929. data/lib/extensions/openssl.so/ext/sources/include/openssl/ssl2.h +1 -0
  930. data/lib/extensions/openssl.so/ext/sources/include/openssl/ssl23.h +1 -0
  931. data/lib/extensions/openssl.so/ext/sources/include/openssl/ssl3.h +1 -0
  932. data/lib/extensions/openssl.so/ext/sources/include/openssl/stack.h +1 -0
  933. data/lib/extensions/openssl.so/ext/sources/include/openssl/store.h +1 -0
  934. data/lib/extensions/openssl.so/ext/sources/include/openssl/symhacks.h +1 -0
  935. data/lib/extensions/openssl.so/ext/sources/include/openssl/tls1.h +1 -0
  936. data/lib/extensions/openssl.so/ext/sources/include/openssl/ts.h +1 -0
  937. data/lib/extensions/openssl.so/ext/sources/include/openssl/txt_db.h +1 -0
  938. data/lib/extensions/openssl.so/ext/sources/include/openssl/ui.h +1 -0
  939. data/lib/extensions/openssl.so/ext/sources/include/openssl/ui_compat.h +1 -0
  940. data/lib/extensions/openssl.so/ext/sources/include/openssl/whrlpool.h +1 -0
  941. data/lib/extensions/openssl.so/ext/sources/include/openssl/x509.h +1 -0
  942. data/lib/extensions/openssl.so/ext/sources/include/openssl/x509_vfy.h +1 -0
  943. data/lib/extensions/openssl.so/ext/sources/include/openssl/x509v3.h +1 -0
  944. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/assert.h +50 -0
  945. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/conio.h +40 -0
  946. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/ctype.h +90 -0
  947. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/direct.h +22 -0
  948. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/errno.h +158 -0
  949. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/fcntl.h +56 -0
  950. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/float.h +330 -0
  951. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/io.h +63 -0
  952. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/limits.h +95 -0
  953. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/malloc.h +59 -0
  954. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/math.h +95 -0
  955. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/memory.h +44 -0
  956. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/process.h +59 -0
  957. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/setjmp.h +69 -0
  958. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/signal.h +53 -0
  959. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/stdarg.h +78 -0
  960. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/stddef.h +88 -0
  961. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/stdio.h +182 -0
  962. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/stdlib.h +142 -0
  963. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/string.h +109 -0
  964. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/strings.h +3 -0
  965. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/sys/locking.h +31 -0
  966. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/sys/stat.h +92 -0
  967. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/sys/time.h +20 -0
  968. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/sys/timeb.h +58 -0
  969. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/sys/types.h +35 -0
  970. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/sys/utime.h +21 -0
  971. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/time.h +81 -0
  972. data/lib/extensions/openssl.so/ext/sources/include/wcecompat/winsock_extras.h +46 -0
  973. data/lib/extensions/openssl.so/ext/sources/ssl/bio_ssl.c +605 -0
  974. data/lib/extensions/openssl.so/ext/sources/ssl/d1_both.c +1591 -0
  975. data/lib/extensions/openssl.so/ext/sources/ssl/d1_clnt.c +1710 -0
  976. data/lib/extensions/openssl.so/ext/sources/ssl/d1_enc.c +289 -0
  977. data/lib/extensions/openssl.so/ext/sources/ssl/d1_lib.c +482 -0
  978. data/lib/extensions/openssl.so/ext/sources/ssl/d1_meth.c +77 -0
  979. data/lib/extensions/openssl.so/ext/sources/ssl/d1_pkt.c +1876 -0
  980. data/lib/extensions/openssl.so/ext/sources/ssl/d1_srtp.c +493 -0
  981. data/lib/extensions/openssl.so/ext/sources/ssl/d1_srvr.c +1711 -0
  982. data/lib/extensions/openssl.so/ext/sources/ssl/dtls1.h +283 -0
  983. data/lib/extensions/openssl.so/ext/sources/ssl/kssl.c +2221 -0
  984. data/lib/extensions/openssl.so/ext/sources/ssl/kssl.h +183 -0
  985. data/lib/extensions/openssl.so/ext/sources/ssl/kssl_lcl.h +87 -0
  986. data/lib/extensions/openssl.so/ext/sources/ssl/s23_clnt.c +779 -0
  987. data/lib/extensions/openssl.so/ext/sources/ssl/s23_lib.c +187 -0
  988. data/lib/extensions/openssl.so/ext/sources/ssl/s23_meth.c +92 -0
  989. data/lib/extensions/openssl.so/ext/sources/ssl/s23_pkt.c +117 -0
  990. data/lib/extensions/openssl.so/ext/sources/ssl/s23_srvr.c +638 -0
  991. data/lib/extensions/openssl.so/ext/sources/ssl/s2_clnt.c +1125 -0
  992. data/lib/extensions/openssl.so/ext/sources/ssl/s2_enc.c +193 -0
  993. data/lib/extensions/openssl.so/ext/sources/ssl/s2_lib.c +556 -0
  994. data/lib/extensions/openssl.so/ext/sources/ssl/s2_meth.c +84 -0
  995. data/lib/extensions/openssl.so/ext/sources/ssl/s2_pkt.c +744 -0
  996. data/lib/extensions/openssl.so/ext/sources/ssl/s2_srvr.c +1142 -0
  997. data/lib/extensions/openssl.so/ext/sources/ssl/s3_both.c +843 -0
  998. data/lib/extensions/openssl.so/ext/sources/ssl/s3_clnt.c +3371 -0
  999. data/lib/extensions/openssl.so/ext/sources/ssl/s3_enc.c +861 -0
  1000. data/lib/extensions/openssl.so/ext/sources/ssl/s3_lib.c +4282 -0
  1001. data/lib/extensions/openssl.so/ext/sources/ssl/s3_meth.c +77 -0
  1002. data/lib/extensions/openssl.so/ext/sources/ssl/s3_pkt.c +1518 -0
  1003. data/lib/extensions/openssl.so/ext/sources/ssl/s3_srvr.c +3586 -0
  1004. data/lib/extensions/openssl.so/ext/sources/ssl/srtp.h +145 -0
  1005. data/lib/extensions/openssl.so/ext/sources/ssl/ssl.h +2573 -0
  1006. data/lib/extensions/openssl.so/ext/sources/ssl/ssl2.h +272 -0
  1007. data/lib/extensions/openssl.so/ext/sources/ssl/ssl23.h +83 -0
  1008. data/lib/extensions/openssl.so/ext/sources/ssl/ssl3.h +678 -0
  1009. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_algs.c +149 -0
  1010. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_asn1.c +642 -0
  1011. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_cert.c +853 -0
  1012. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_ciph.c +1852 -0
  1013. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_err.c +609 -0
  1014. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_err2.c +70 -0
  1015. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_lib.c +3251 -0
  1016. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_locl.h +1134 -0
  1017. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_rsa.c +779 -0
  1018. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_sess.c +1159 -0
  1019. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_stat.c +567 -0
  1020. data/lib/extensions/openssl.so/ext/sources/ssl/ssl_txt.c +248 -0
  1021. data/lib/extensions/openssl.so/ext/sources/ssl/t1_clnt.c +92 -0
  1022. data/lib/extensions/openssl.so/ext/sources/ssl/t1_enc.c +1256 -0
  1023. data/lib/extensions/openssl.so/ext/sources/ssl/t1_lib.c +2578 -0
  1024. data/lib/extensions/openssl.so/ext/sources/ssl/t1_meth.c +88 -0
  1025. data/lib/extensions/openssl.so/ext/sources/ssl/t1_reneg.c +292 -0
  1026. data/lib/extensions/openssl.so/ext/sources/ssl/t1_srvr.c +93 -0
  1027. data/lib/extensions/openssl.so/ext/sources/ssl/tls1.h +735 -0
  1028. data/lib/extensions/openssl.so/ext/sources/ssl/tls_srp.c +506 -0
  1029. data/lib/extensions/openssl.so/ext/win32/UPDATE +15 -0
  1030. data/lib/extensions/openssl.so/ext/win32/bin/libeay32.dll +0 -0
  1031. data/lib/extensions/openssl.so/ext/win32/bin/ssleay32.dll +0 -0
  1032. data/lib/extensions/openssl.so/ext/win32/include/openssl/aes.h +147 -0
  1033. data/lib/extensions/openssl.so/ext/win32/include/openssl/applink.c +94 -0
  1034. data/lib/extensions/openssl.so/ext/win32/include/openssl/asn1.h +1404 -0
  1035. data/lib/extensions/openssl.so/ext/win32/include/openssl/asn1_mac.h +578 -0
  1036. data/lib/extensions/openssl.so/ext/win32/include/openssl/asn1t.h +960 -0
  1037. data/lib/extensions/openssl.so/ext/win32/include/openssl/bio.h +847 -0
  1038. data/lib/extensions/openssl.so/ext/win32/include/openssl/blowfish.h +129 -0
  1039. data/lib/extensions/openssl.so/ext/win32/include/openssl/bn.h +891 -0
  1040. data/lib/extensions/openssl.so/ext/win32/include/openssl/buffer.h +119 -0
  1041. data/lib/extensions/openssl.so/ext/win32/include/openssl/camellia.h +130 -0
  1042. data/lib/extensions/openssl.so/ext/win32/include/openssl/cast.h +107 -0
  1043. data/lib/extensions/openssl.so/ext/win32/include/openssl/cmac.h +82 -0
  1044. data/lib/extensions/openssl.so/ext/win32/include/openssl/cms.h +501 -0
  1045. data/lib/extensions/openssl.so/ext/win32/include/openssl/comp.h +80 -0
  1046. data/lib/extensions/openssl.so/ext/win32/include/openssl/conf.h +263 -0
  1047. data/lib/extensions/openssl.so/ext/win32/include/openssl/conf_api.h +89 -0
  1048. data/lib/extensions/openssl.so/ext/win32/include/openssl/crypto.h +604 -0
  1049. data/lib/extensions/openssl.so/ext/win32/include/openssl/des.h +248 -0
  1050. data/lib/extensions/openssl.so/ext/win32/include/openssl/des_old.h +446 -0
  1051. data/lib/extensions/openssl.so/ext/win32/include/openssl/dh.h +280 -0
  1052. data/lib/extensions/openssl.so/ext/win32/include/openssl/dsa.h +327 -0
  1053. data/lib/extensions/openssl.so/ext/win32/include/openssl/dso.h +409 -0
  1054. data/lib/extensions/openssl.so/ext/win32/include/openssl/dtls1.h +283 -0
  1055. data/lib/extensions/openssl.so/ext/win32/include/openssl/e_os2.h +315 -0
  1056. data/lib/extensions/openssl.so/ext/win32/include/openssl/ebcdic.h +19 -0
  1057. data/lib/extensions/openssl.so/ext/win32/include/openssl/ec.h +1159 -0
  1058. data/lib/extensions/openssl.so/ext/win32/include/openssl/ecdh.h +125 -0
  1059. data/lib/extensions/openssl.so/ext/win32/include/openssl/ecdsa.h +260 -0
  1060. data/lib/extensions/openssl.so/ext/win32/include/openssl/engine.h +842 -0
  1061. data/lib/extensions/openssl.so/ext/win32/include/openssl/err.h +386 -0
  1062. data/lib/extensions/openssl.so/ext/win32/include/openssl/evp.h +1402 -0
  1063. data/lib/extensions/openssl.so/ext/win32/include/openssl/hmac.h +110 -0
  1064. data/lib/extensions/openssl.so/ext/win32/include/openssl/idea.h +103 -0
  1065. data/lib/extensions/openssl.so/ext/win32/include/openssl/krb5_asn.h +256 -0
  1066. data/lib/extensions/openssl.so/ext/win32/include/openssl/kssl.h +183 -0
  1067. data/lib/extensions/openssl.so/ext/win32/include/openssl/lhash.h +241 -0
  1068. data/lib/extensions/openssl.so/ext/win32/include/openssl/md4.h +120 -0
  1069. data/lib/extensions/openssl.so/ext/win32/include/openssl/md5.h +120 -0
  1070. data/lib/extensions/openssl.so/ext/win32/include/openssl/mdc2.h +98 -0
  1071. data/lib/extensions/openssl.so/ext/win32/include/openssl/modes.h +135 -0
  1072. data/lib/extensions/openssl.so/ext/win32/include/openssl/obj_mac.h +4032 -0
  1073. data/lib/extensions/openssl.so/ext/win32/include/openssl/objects.h +1138 -0
  1074. data/lib/extensions/openssl.so/ext/win32/include/openssl/ocsp.h +623 -0
  1075. data/lib/extensions/openssl.so/ext/win32/include/openssl/opensslconf.h +235 -0
  1076. data/lib/extensions/openssl.so/ext/win32/include/openssl/opensslv.h +89 -0
  1077. data/lib/extensions/openssl.so/ext/win32/include/openssl/ossl_typ.h +202 -0
  1078. data/lib/extensions/openssl.so/ext/win32/include/openssl/pem.h +641 -0
  1079. data/lib/extensions/openssl.so/ext/win32/include/openssl/pem2.h +70 -0
  1080. data/lib/extensions/openssl.so/ext/win32/include/openssl/pkcs12.h +331 -0
  1081. data/lib/extensions/openssl.so/ext/win32/include/openssl/pkcs7.h +499 -0
  1082. data/lib/extensions/openssl.so/ext/win32/include/openssl/pqueue.h +94 -0
  1083. data/lib/extensions/openssl.so/ext/win32/include/openssl/rand.h +149 -0
  1084. data/lib/extensions/openssl.so/ext/win32/include/openssl/rc2.h +103 -0
  1085. data/lib/extensions/openssl.so/ext/win32/include/openssl/rc4.h +90 -0
  1086. data/lib/extensions/openssl.so/ext/win32/include/openssl/ripemd.h +107 -0
  1087. data/lib/extensions/openssl.so/ext/win32/include/openssl/rsa.h +582 -0
  1088. data/lib/extensions/openssl.so/ext/win32/include/openssl/safestack.h +2663 -0
  1089. data/lib/extensions/openssl.so/ext/win32/include/openssl/seed.h +139 -0
  1090. data/lib/extensions/openssl.so/ext/win32/include/openssl/sha.h +214 -0
  1091. data/lib/extensions/openssl.so/ext/win32/include/openssl/srp.h +172 -0
  1092. data/lib/extensions/openssl.so/ext/win32/include/openssl/srtp.h +145 -0
  1093. data/lib/extensions/openssl.so/ext/win32/include/openssl/ssl.h +2572 -0
  1094. data/lib/extensions/openssl.so/ext/win32/include/openssl/ssl2.h +272 -0
  1095. data/lib/extensions/openssl.so/ext/win32/include/openssl/ssl23.h +83 -0
  1096. data/lib/extensions/openssl.so/ext/win32/include/openssl/ssl3.h +678 -0
  1097. data/lib/extensions/openssl.so/ext/win32/include/openssl/stack.h +108 -0
  1098. data/lib/extensions/openssl.so/ext/win32/include/openssl/symhacks.h +477 -0
  1099. data/lib/extensions/openssl.so/ext/win32/include/openssl/tls1.h +735 -0
  1100. data/lib/extensions/openssl.so/ext/win32/include/openssl/ts.h +858 -0
  1101. data/lib/extensions/openssl.so/ext/win32/include/openssl/txt_db.h +112 -0
  1102. data/lib/extensions/openssl.so/ext/win32/include/openssl/ui.h +383 -0
  1103. data/lib/extensions/openssl.so/ext/win32/include/openssl/ui_compat.h +83 -0
  1104. data/lib/extensions/openssl.so/ext/win32/include/openssl/whrlpool.h +41 -0
  1105. data/lib/extensions/openssl.so/ext/win32/include/openssl/x509.h +1297 -0
  1106. data/lib/extensions/openssl.so/ext/win32/include/openssl/x509_vfy.h +567 -0
  1107. data/lib/extensions/openssl.so/ext/win32/include/openssl/x509v3.h +1007 -0
  1108. data/lib/extensions/openssl.so/ext/win32/lib/libeay32.lib +0 -0
  1109. data/lib/extensions/openssl.so/ext/win32/lib/ssleay32.lib +0 -0
  1110. data/lib/extensions/openssl.so/ext/wm/lib/libopenssl.lib +0 -0
  1111. data/lib/extensions/openssl.so/ext/wm/openssl.sln +30 -0
  1112. data/lib/extensions/openssl.so/ext/wm/openssl.vcproj +3254 -0
  1113. data/lib/extensions/openssl.so/ext/wm/tmp/MC3000c50b (ARMV4I)/Release/BuildLog.htm +0 -0
  1114. data/lib/extensions/openssl.so/ext/wm/tmp/Windows Mobile 6 Professional SDK (ARMV4I)/Release/BuildLog.htm +0 -0
  1115. data/lib/extensions/openssl.so/openssl.so.rb +1 -0
  1116. data/lib/extensions/openssl/ext.yml +2 -0
  1117. data/lib/extensions/openssl/ext/Rakefile +132 -0
  1118. data/lib/extensions/openssl/ext/android/extconf.h +55 -0
  1119. data/lib/extensions/openssl/ext/build +12 -0
  1120. data/lib/extensions/openssl/ext/build.bat +1 -0
  1121. data/lib/extensions/openssl/ext/extconf.rb +141 -0
  1122. data/lib/extensions/openssl/ext/iphone/Rakefile +79 -0
  1123. data/lib/extensions/openssl/ext/iphone/extconf.h +55 -0
  1124. data/lib/extensions/openssl/ext/iphone/openssl.xcodeproj/project.pbxproj +472 -0
  1125. data/lib/extensions/openssl/ext/iphone/openssl_Prefix.pch +7 -0
  1126. data/lib/extensions/openssl/ext/macosx/extconf.h +53 -0
  1127. data/lib/extensions/openssl/ext/openssl.sln +44 -0
  1128. data/lib/extensions/openssl/ext/openssl.vcproj +844 -0
  1129. data/lib/extensions/openssl/ext/openssl_missing.c +361 -0
  1130. data/lib/extensions/openssl/ext/openssl_missing.h +194 -0
  1131. data/lib/extensions/openssl/ext/ossl.c +514 -0
  1132. data/lib/extensions/openssl/ext/ossl.h +243 -0
  1133. data/lib/extensions/openssl/ext/ossl_asn1.c +1170 -0
  1134. data/lib/extensions/openssl/ext/ossl_asn1.h +59 -0
  1135. data/lib/extensions/openssl/ext/ossl_bio.c +86 -0
  1136. data/lib/extensions/openssl/ext/ossl_bio.h +21 -0
  1137. data/lib/extensions/openssl/ext/ossl_bn.c +852 -0
  1138. data/lib/extensions/openssl/ext/ossl_bn.h +25 -0
  1139. data/lib/extensions/openssl/ext/ossl_cipher.c +546 -0
  1140. data/lib/extensions/openssl/ext/ossl_cipher.h +22 -0
  1141. data/lib/extensions/openssl/ext/ossl_config.c +492 -0
  1142. data/lib/extensions/openssl/ext/ossl_config.h +22 -0
  1143. data/lib/extensions/openssl/ext/ossl_digest.c +257 -0
  1144. data/lib/extensions/openssl/ext/ossl_digest.h +22 -0
  1145. data/lib/extensions/openssl/ext/ossl_engine.c +411 -0
  1146. data/lib/extensions/openssl/ext/ossl_engine.h +20 -0
  1147. data/lib/extensions/openssl/ext/ossl_hmac.c +270 -0
  1148. data/lib/extensions/openssl/ext/ossl_hmac.h +19 -0
  1149. data/lib/extensions/openssl/ext/ossl_ns_spki.c +257 -0
  1150. data/lib/extensions/openssl/ext/ossl_ns_spki.h +21 -0
  1151. data/lib/extensions/openssl/ext/ossl_ocsp.c +773 -0
  1152. data/lib/extensions/openssl/ext/ossl_ocsp.h +24 -0
  1153. data/lib/extensions/openssl/ext/ossl_pkcs12.c +212 -0
  1154. data/lib/extensions/openssl/ext/ossl_pkcs12.h +15 -0
  1155. data/lib/extensions/openssl/ext/ossl_pkcs5.c +98 -0
  1156. data/lib/extensions/openssl/ext/ossl_pkcs5.h +6 -0
  1157. data/lib/extensions/openssl/ext/ossl_pkcs7.c +1041 -0
  1158. data/lib/extensions/openssl/ext/ossl_pkcs7.h +22 -0
  1159. data/lib/extensions/openssl/ext/ossl_pkey.c +240 -0
  1160. data/lib/extensions/openssl/ext/ossl_pkey.h +141 -0
  1161. data/lib/extensions/openssl/ext/ossl_pkey_dh.c +536 -0
  1162. data/lib/extensions/openssl/ext/ossl_pkey_dsa.c +492 -0
  1163. data/lib/extensions/openssl/ext/ossl_pkey_ec.c +1597 -0
  1164. data/lib/extensions/openssl/ext/ossl_pkey_rsa.c +601 -0
  1165. data/lib/extensions/openssl/ext/ossl_rand.c +202 -0
  1166. data/lib/extensions/openssl/ext/ossl_rand.h +20 -0
  1167. data/lib/extensions/openssl/ext/ossl_ssl.c +1691 -0
  1168. data/lib/extensions/openssl/ext/ossl_ssl.h +36 -0
  1169. data/lib/extensions/openssl/ext/ossl_ssl_session.c +306 -0
  1170. data/lib/extensions/openssl/ext/ossl_version.h +16 -0
  1171. data/lib/extensions/openssl/ext/ossl_x509.c +104 -0
  1172. data/lib/extensions/openssl/ext/ossl_x509.h +114 -0
  1173. data/lib/extensions/openssl/ext/ossl_x509attr.c +275 -0
  1174. data/lib/extensions/openssl/ext/ossl_x509cert.c +766 -0
  1175. data/lib/extensions/openssl/ext/ossl_x509crl.c +537 -0
  1176. data/lib/extensions/openssl/ext/ossl_x509ext.c +459 -0
  1177. data/lib/extensions/openssl/ext/ossl_x509name.c +375 -0
  1178. data/lib/extensions/openssl/ext/ossl_x509req.c +468 -0
  1179. data/lib/extensions/openssl/ext/ossl_x509revoked.c +229 -0
  1180. data/lib/extensions/openssl/ext/ossl_x509store.c +624 -0
  1181. data/lib/extensions/openssl/ext/ruby_missing.h +41 -0
  1182. data/lib/extensions/openssl/ext/windows/extconf.h +66 -0
  1183. data/lib/extensions/openssl/openssl.rb +24 -0
  1184. data/lib/extensions/openssl/openssl/bn.rb +35 -0
  1185. data/lib/extensions/openssl/openssl/buffering.rb +341 -0
  1186. data/lib/extensions/openssl/openssl/cipher.rb +65 -0
  1187. data/lib/extensions/openssl/openssl/digest.rb +61 -0
  1188. data/lib/extensions/openssl/openssl/ssl-internal.rb +178 -0
  1189. data/lib/extensions/openssl/openssl/ssl.rb +1 -0
  1190. data/lib/extensions/openssl/openssl/x509-internal.rb +153 -0
  1191. data/lib/extensions/openssl/openssl/x509.rb +1 -0
  1192. data/lib/extensions/rhoxml/rexml/xmldecl.rb +119 -0
  1193. data/lib/extensions/zlib/ext.yml +2 -0
  1194. data/lib/extensions/zlib/ext/README +115 -0
  1195. data/lib/extensions/zlib/ext/Rakefile +127 -0
  1196. data/lib/extensions/zlib/ext/adler32.c +179 -0
  1197. data/lib/extensions/zlib/ext/build +12 -0
  1198. data/lib/extensions/zlib/ext/build.bat +1 -0
  1199. data/lib/extensions/zlib/ext/compress.c +80 -0
  1200. data/lib/extensions/zlib/ext/crc32.c +425 -0
  1201. data/lib/extensions/zlib/ext/crc32.h +441 -0
  1202. data/lib/extensions/zlib/ext/deflate.c +1965 -0
  1203. data/lib/extensions/zlib/ext/deflate.h +346 -0
  1204. data/lib/extensions/zlib/ext/gzclose.c +25 -0
  1205. data/lib/extensions/zlib/ext/gzguts.h +193 -0
  1206. data/lib/extensions/zlib/ext/gzlib.c +620 -0
  1207. data/lib/extensions/zlib/ext/gzread.c +589 -0
  1208. data/lib/extensions/zlib/ext/gzwrite.c +565 -0
  1209. data/lib/extensions/zlib/ext/infback.c +640 -0
  1210. data/lib/extensions/zlib/ext/inffast.c +340 -0
  1211. data/lib/extensions/zlib/ext/inffast.h +11 -0
  1212. data/lib/extensions/zlib/ext/inffixed.h +94 -0
  1213. data/lib/extensions/zlib/ext/inflate.c +1496 -0
  1214. data/lib/extensions/zlib/ext/inflate.h +122 -0
  1215. data/lib/extensions/zlib/ext/inftrees.c +306 -0
  1216. data/lib/extensions/zlib/ext/inftrees.h +62 -0
  1217. data/lib/extensions/zlib/ext/iphone/Rakefile +79 -0
  1218. data/lib/extensions/zlib/ext/iphone/zlib.xcodeproj/project.pbxproj +360 -0
  1219. data/lib/extensions/zlib/ext/iphone/zlib_Prefix.pch +7 -0
  1220. data/lib/extensions/zlib/ext/trees.c +1224 -0
  1221. data/lib/extensions/zlib/ext/trees.h +128 -0
  1222. data/lib/extensions/zlib/ext/uncompr.c +59 -0
  1223. data/lib/extensions/zlib/ext/zconf.h +506 -0
  1224. data/lib/extensions/zlib/ext/zlib.c +3762 -0
  1225. data/lib/extensions/zlib/ext/zlib.h +1744 -0
  1226. data/lib/extensions/zlib/ext/zlib.sln +36 -0
  1227. data/lib/extensions/zlib/ext/zlib.vcproj +746 -0
  1228. data/lib/extensions/zlib/ext/zlib.vsprops +16 -0
  1229. data/lib/extensions/zlib/ext/zutil.c +324 -0
  1230. data/lib/extensions/zlib/ext/zutil.h +252 -0
  1231. data/lib/extensions/zlib/zlib.rb +0 -0
  1232. data/lib/framework/rbconfig.rb +1 -1
  1233. data/lib/framework/rho/render.rb +31 -34
  1234. data/lib/framework/rho/rho.rb +89 -24
  1235. data/lib/framework/rho/rhocontroller.rb +8 -5
  1236. data/lib/framework/rho/rhofsconnector.rb +3 -0
  1237. data/lib/framework/rhodes.rb +9 -9
  1238. data/lib/framework/rhom/rhom.rb +15 -0
  1239. data/lib/framework/rhom/rhom_db_adapter.rb +18 -0
  1240. data/lib/framework/rhom/rhom_object_factory.rb +36 -26
  1241. data/lib/framework/rhomotoapi.rb +65 -1
  1242. data/lib/framework/rhosystem.rb +23 -19
  1243. data/lib/framework/version.rb +7 -7
  1244. data/lib/rhodes.rb +9 -9
  1245. data/platform/android/Rhodes/AndroidManifest.xml +117 -117
  1246. data/platform/android/Rhodes/AndroidManifest.xml.erb +77 -0
  1247. data/platform/android/Rhodes/PushReceiver.erb +14 -0
  1248. data/platform/android/Rhodes/jni/Android.mk +3 -1
  1249. data/platform/android/Rhodes/jni/include/rhodes/jni/com_rhomobile_rhodes_Logger.h +16 -0
  1250. data/platform/android/Rhodes/jni/include/rhodes/jni/com_rhomobile_rhodes_RhodesService.h +8 -0
  1251. data/platform/android/Rhodes/jni/src/fileapi.cpp +18 -0
  1252. data/platform/android/Rhodes/jni/src/logger.cpp +16 -0
  1253. data/platform/android/Rhodes/jni/src/rhodesapp.cpp +9 -2
  1254. data/platform/android/Rhodes/jni/src/signature.cpp +3 -28
  1255. data/platform/android/Rhodes/src/com/rhomobile/rhodes/BaseActivity.java +41 -37
  1256. data/platform/android/Rhodes/src/com/rhomobile/rhodes/Logger.java +5 -5
  1257. data/platform/android/Rhodes/src/com/rhomobile/rhodes/PushReceiver.java +6 -2
  1258. data/platform/android/Rhodes/src/com/rhomobile/rhodes/RhodesActivity.java +38 -15
  1259. data/platform/android/Rhodes/src/com/rhomobile/rhodes/RhodesApplication.java +49 -9
  1260. data/platform/android/Rhodes/src/com/rhomobile/rhodes/RhodesService.java +130 -10
  1261. data/platform/android/Rhodes/src/com/rhomobile/rhodes/bluetooth/RhoBluetoothManagerNew.java +13 -1
  1262. data/platform/android/Rhodes/src/com/rhomobile/rhodes/camera/Camera.java +8 -6
  1263. data/platform/android/Rhodes/src/com/rhomobile/rhodes/camera/CameraNewService.java +20 -0
  1264. data/platform/android/Rhodes/src/com/rhomobile/rhodes/camera/CameraOldService.java +5 -0
  1265. data/platform/android/Rhodes/src/com/rhomobile/rhodes/camera/CameraSemiService.java +14 -0
  1266. data/platform/android/Rhodes/src/com/rhomobile/rhodes/camera/CameraService.java +2 -0
  1267. data/platform/android/Rhodes/src/com/rhomobile/rhodes/camera/ImageCapture.java +16 -13
  1268. data/platform/android/Rhodes/src/com/rhomobile/rhodes/extmanager/AbstractRhoExtension.java +1 -1
  1269. data/platform/android/Rhodes/src/com/rhomobile/rhodes/extmanager/Config.java +3 -0
  1270. data/platform/android/Rhodes/src/com/rhomobile/rhodes/extmanager/IRhoExtManager.java +1 -1
  1271. data/platform/android/Rhodes/src/com/rhomobile/rhodes/extmanager/IRhoExtension.java +3 -1
  1272. data/platform/android/Rhodes/src/com/rhomobile/rhodes/extmanager/RhoExtManager.java +10 -0
  1273. data/platform/android/Rhodes/src/com/rhomobile/rhodes/extmanager/RhoExtManagerImpl.java +23 -35
  1274. data/platform/android/Rhodes/src/com/rhomobile/rhodes/file/RhoFileApi.java +10 -0
  1275. data/platform/android/Rhodes/src/com/rhomobile/rhodes/mainview/SplashScreen.java +60 -34
  1276. data/platform/android/Rhodes/src/com/rhomobile/rhodes/osfunctionality/AndroidFunctionality.java +14 -1
  1277. data/platform/android/Rhodes/src/com/rhomobile/rhodes/osfunctionality/AndroidFunctionality01.java +38 -3
  1278. data/platform/android/Rhodes/src/com/rhomobile/rhodes/osfunctionality/AndroidFunctionality08.java +26 -4
  1279. data/platform/android/Rhodes/src/com/rhomobile/rhodes/osfunctionality/AndroidFunctionality11.java +47 -0
  1280. data/platform/android/Rhodes/src/com/rhomobile/rhodes/osfunctionality/AndroidFunctionalityManager.java +4 -1
  1281. data/platform/android/Rhodes/src/com/rhomobile/rhodes/socket/RhoSocketImpl.java +9 -1
  1282. data/platform/android/Rhodes/src/com/rhomobile/rhodes/webview/GoogleWebView.java +10 -0
  1283. data/platform/android/Rhodes/src/com/rhomobile/rhodes/webview/IRhoWebView.java +2 -0
  1284. data/platform/android/Rhodes/src/com/rhomobile/rhodes/webview/RhoWebViewClient.java +10 -3
  1285. data/platform/android/build/RhodesSRC_build.files +1 -1
  1286. data/platform/android/build/android.rake +567 -556
  1287. data/platform/android/build/android_tools.rb +87 -0
  1288. data/platform/android/build/librhocommon_build.files +3 -0
  1289. data/platform/android/build/librhodb_build.files +2 -0
  1290. data/platform/android/build/manifest_generator.rb +96 -0
  1291. data/platform/bb/Hsqldb/src/org/hsqldb/Expression.java +2 -4
  1292. data/platform/bb/RubyVM/src/com/rho/RhoProfiler.java +11 -0
  1293. data/platform/bb/RubyVM/src/com/xruby/runtime/lang/RhoSupport.java +61 -48
  1294. data/platform/bb/build/rhodes_build.files +0 -1
  1295. data/platform/bb/rhodes/platform/4.7/com/rho/rubyext/SignatureCapture.java +314 -0
  1296. data/platform/bb/rhodes/platform/common/com/rho/rubyext/SignatureCapture.java +312 -0
  1297. data/platform/bb/rhodes/src/rhomobile/RhodesApplication.java +4 -1
  1298. data/platform/iphone/Classes/AppManager/AppManager.h +1 -0
  1299. data/platform/iphone/Classes/AppManager/AppManager.m +165 -123
  1300. data/platform/iphone/Classes/Event/Event.m +53 -14
  1301. data/platform/iphone/Classes/Rhodes.h +5 -4
  1302. data/platform/iphone/Classes/Rhodes.m +10 -8
  1303. data/platform/iphone/Classes/Signature/SignatureDelegate.m +2 -2
  1304. data/platform/iphone/Classes/SimpleMainView.m +55 -17
  1305. data/platform/iphone/Classes/SplashViewController.m +28 -1
  1306. data/platform/iphone/Info.plist +59 -54
  1307. data/platform/iphone/RhoLib/RhoLib.xcodeproj/project.pbxproj +43 -14
  1308. data/platform/iphone/curl/curl.xcodeproj/project.pbxproj +15 -18
  1309. data/platform/iphone/rbuild/iphone.rake +113 -4
  1310. data/platform/iphone/rhoextlib/rhoextlib.xcodeproj/project.pbxproj +15 -17
  1311. data/platform/iphone/rhorubylib/rhorubylib.xcodeproj/project.pbxproj +6 -14
  1312. data/platform/iphone/rhorunner.xcodeproj/project.pbxproj +20 -23
  1313. data/platform/iphone/rhosynclib/rhosynclib.xcodeproj/project.pbxproj +22 -14
  1314. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/Frameworks/QtCore.framework/Versions/4/QtCore +0 -0
  1315. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/Frameworks/QtGui.framework/Versions/4/QtGui +0 -0
  1316. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/Frameworks/QtNetwork.framework/Versions/4/QtNetwork +0 -0
  1317. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/Frameworks/QtWebKit.framework/Versions/4/QtWebKit +0 -0
  1318. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/Info.plist +1 -1
  1319. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/MacOS/RhoSimulator +0 -0
  1320. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/accessible/libqtaccessiblewidgets.dylib +0 -0
  1321. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/bearer/libqcorewlanbearer.dylib +0 -0
  1322. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/bearer/libqgenericbearer.dylib +0 -0
  1323. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/codecs/libqcncodecs.dylib +0 -0
  1324. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/codecs/libqjpcodecs.dylib +0 -0
  1325. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/codecs/libqkrcodecs.dylib +0 -0
  1326. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/codecs/libqtwcodecs.dylib +0 -0
  1327. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/graphicssystems/libqtracegraphicssystem.dylib +0 -0
  1328. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/imageformats/libqgif.dylib +0 -0
  1329. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/imageformats/libqico.dylib +0 -0
  1330. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/imageformats/libqjpeg.dylib +0 -0
  1331. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/imageformats/libqmng.dylib +0 -0
  1332. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/imageformats/libqtga.dylib +0 -0
  1333. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/imageformats/libqtiff.dylib +0 -0
  1334. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/qmltooling/libqmldbg_inspector.dylib +0 -0
  1335. data/platform/osx/bin/RhoSimulator/RhoSimulator.app/Contents/PlugIns/qmltooling/libqmldbg_tcp.dylib +0 -0
  1336. data/platform/osx/build/osx.rake +18 -9
  1337. data/platform/shared/RhoConnectClient/RhoConnectClient.cpp +12 -0
  1338. data/platform/shared/RhoConnectClient/RhoConnectClient.h +3 -0
  1339. data/platform/shared/common/Android.mk +1 -0
  1340. data/platform/shared/common/BundleManager.cpp +503 -47
  1341. data/platform/shared/common/ExtManager.h +4 -0
  1342. data/platform/shared/common/RhoSettingsDefs.h +3 -0
  1343. data/platform/shared/common/RhoStd.h +14 -1
  1344. data/platform/shared/common/RhodesApp.cpp +84 -137
  1345. data/platform/shared/common/RhodesApp.h +12 -7
  1346. data/platform/shared/common/RhodesAppBase.cpp +124 -2
  1347. data/platform/shared/common/RhodesAppBase.h +43 -2
  1348. data/platform/shared/common/ThreadQueue.cpp +1 -1
  1349. data/platform/shared/common/app_build_capabilities.h +0 -7
  1350. data/platform/shared/common/map/MapEngine.h +1 -0
  1351. data/platform/shared/common/push/IRhoPushClient.h +46 -0
  1352. data/platform/shared/common/push/RhoPushManager.cpp +146 -0
  1353. data/platform/shared/common/push/RhoPushManager.h +79 -0
  1354. data/platform/shared/curl/lib/curl_config.h +8 -0
  1355. data/platform/shared/curl/lib/netrc.c +2 -0
  1356. data/platform/shared/db/Android.mk +4 -1
  1357. data/platform/shared/db/DBAdapter.cpp +218 -12
  1358. data/platform/shared/db/DBAdapter.h +16 -1
  1359. data/platform/shared/db/DBAttrManager.cpp +18 -1
  1360. data/platform/shared/db/DBAttrManager.h +2 -1
  1361. data/platform/shared/db/DBImportTransaction.cpp +300 -0
  1362. data/platform/shared/db/DBImportTransaction.h +56 -0
  1363. data/platform/shared/db/DBRequestHelper.cpp +114 -0
  1364. data/platform/shared/db/DBRequestHelper.h +27 -0
  1365. data/platform/shared/logging/RhoLogConf.h +2 -0
  1366. data/platform/shared/net/AsyncHttp.cpp +4 -3
  1367. data/platform/shared/net/AsyncHttp.h +3 -2
  1368. data/platform/shared/net/CURLNetRequest.cpp +18 -5
  1369. data/platform/shared/net/HttpServer.cpp +18 -14
  1370. data/platform/shared/qt/rhodes/MainWindowCallback.h +0 -1
  1371. data/platform/shared/qt/rhodes/QtMainWindow.cpp +180 -36
  1372. data/platform/shared/qt/rhodes/QtMainWindow.h +13 -1
  1373. data/platform/shared/qt/rhodes/QtMainWindow.ui +22 -3
  1374. data/platform/shared/qt/rhodes/RhoSimulator.h +3 -0
  1375. data/platform/shared/qt/rhodes/impl/MainWindowImpl.cpp +22 -0
  1376. data/platform/shared/qt/rhodes/impl/MainWindowImpl.h +6 -0
  1377. data/platform/shared/qt/rhodes/impl/SystemImpl.cpp +15 -0
  1378. data/platform/shared/qt/rhodes/main.cpp +15 -1
  1379. data/platform/shared/qt/rholib/rholib.pro +8 -2
  1380. data/platform/shared/qt/syncengine/syncengine.pro +6 -2
  1381. data/platform/shared/ruby/ext/rho/extensions.c +2 -0
  1382. data/platform/shared/ruby/ext/rho/rhoruby.c +12 -0
  1383. data/platform/shared/ruby/ext/rho/rhoruby.h +2 -0
  1384. data/platform/shared/ruby/ext/rho/rhosupport.c +77 -38
  1385. data/platform/shared/ruby/ext/sqlite3_api/sqlite3_api_wrap.c +54 -2
  1386. data/platform/shared/ruby/ext/syncengine/syncengine.i +4 -0
  1387. data/platform/shared/ruby/ext/syncengine/syncengine_wrap.c +40 -1
  1388. data/platform/shared/ruby/ext/system/system.i +38 -4
  1389. data/platform/shared/ruby/ext/system/system_wrap.c +277 -9
  1390. data/platform/shared/ruby/iphone/ruby/config.h +28 -0
  1391. data/platform/shared/ruby/main.c +8 -0
  1392. data/platform/shared/ruby/wince/sys/timeb.c +4 -0
  1393. data/platform/shared/ruby/wince/sys/timeb.h +1 -0
  1394. data/platform/shared/rubyext/Android.mk +2 -1
  1395. data/platform/shared/rubyext/System.cpp +93 -3
  1396. data/platform/shared/rubyext/ZipFiles.cpp +65 -0
  1397. data/platform/shared/statistic/RhoProfiler.cpp +36 -6
  1398. data/platform/shared/statistic/RhoProfiler.h +3 -0
  1399. data/platform/shared/sync/ClientRegister.cpp +21 -5
  1400. data/platform/shared/sync/ClientRegister.h +4 -2
  1401. data/platform/shared/sync/ISyncProtocol.h +5 -2
  1402. data/platform/shared/sync/SyncEngine.cpp +85 -15
  1403. data/platform/shared/sync/SyncEngine.h +5 -0
  1404. data/platform/shared/sync/SyncNotify.cpp +3 -0
  1405. data/platform/shared/sync/SyncProtocol_3.h +14 -2
  1406. data/platform/shared/sync/SyncSource.cpp +238 -40
  1407. data/platform/shared/sync/SyncSource.h +2 -0
  1408. data/platform/shared/sync/SyncThread.cpp +7 -0
  1409. data/platform/shared/sync/SyncThread.h +1 -0
  1410. data/platform/shared/tcmalloc/rhomem.h +1 -1
  1411. data/platform/shared/tcmalloc/windows/port.cpp +1 -1
  1412. data/platform/shared/unzip/Android.mk +1 -1
  1413. data/platform/shared/unzip/zip.cpp +2953 -0
  1414. data/platform/shared/unzip/zip.h +255 -0
  1415. data/platform/win32/RhoSimulator/QtCore4.dll +0 -0
  1416. data/platform/win32/RhoSimulator/QtGui4.dll +0 -0
  1417. data/platform/win32/RhoSimulator/QtNetwork4.dll +0 -0
  1418. data/platform/win32/RhoSimulator/QtWebKit4.dll +0 -0
  1419. data/platform/win32/RhoSimulator/RhoSimulator.exe +0 -0
  1420. data/platform/win32/RhoSimulator/imageformats/qgif4.dll +0 -0
  1421. data/platform/win32/RhoSimulator/imageformats/qico4.dll +0 -0
  1422. data/platform/win32/RhoSimulator/imageformats/qjpeg4.dll +0 -0
  1423. data/platform/win32/RhoSimulator/imageformats/qmng4.dll +0 -0
  1424. data/platform/win32/RhoSimulator/imageformats/qsvg4.dll +0 -0
  1425. data/platform/win32/RhoSimulator/imageformats/qtiff4.dll +0 -0
  1426. data/platform/win32/RhoSimulator/phonon4.dll +0 -0
  1427. data/platform/win32/RubyWin/RubyWin.sln +2 -2
  1428. data/platform/win32/RubyWin/RubyWin.vcproj +6 -7
  1429. data/platform/wm/RhoLib/RhoLib.vcproj +33 -3
  1430. data/platform/wm/build/rhodes.nsi +64 -230
  1431. data/platform/wm/build/wm.rake +306 -93
  1432. data/platform/wm/rhodes.sln +70 -21
  1433. data/platform/wm/rhodes/DateTimePicker.h +1 -1
  1434. data/platform/wm/rhodes/IEBrowserEngine.cpp +4 -1
  1435. data/platform/wm/rhodes/MainWindow.cpp +8 -7
  1436. data/platform/wm/rhodes/MainWindow.h +1 -1
  1437. data/platform/wm/rhodes/RhoNativeViewManager.cpp +2 -2
  1438. data/platform/wm/rhodes/Rhodes.cpp +80 -30
  1439. data/platform/wm/rhodes/camera/Camera.cpp +44 -65
  1440. data/platform/wm/rhodes/camera/Camera.h +6 -0
  1441. data/platform/wm/rhodes/rho/common/ExtManager.cpp +29 -6
  1442. data/platform/wm/rhodes/rho/common/RhoClassFactory.cpp +6 -1
  1443. data/platform/wm/rhodes/rho/net/NetRequestImpl.cpp +3 -0
  1444. data/platform/wm/rhodes/rho/net/NetRequestImpl.h +1 -1
  1445. data/platform/wm/rhodes/rho/rubyext/NativeToolbarExt.cpp +5 -5
  1446. data/platform/wm/rhodes/rho/rubyext/SystemImpl.cpp +188 -29
  1447. data/platform/wm/rhodes/rho/rubyext/WebView.cpp +3 -3
  1448. data/platform/wm/rhodes/rhodes.vcproj +2284 -148
  1449. data/platform/wm/rhodes/simulator/MainWindowQt.cpp +48 -10
  1450. data/platform/wm/rhodes/simulator/MainWindowQt.h +6 -2
  1451. data/platform/wm/rhoelements.sln +122 -0
  1452. data/platform/wm/rubylib/rubylib.vcproj +4 -2
  1453. data/platform/wm/sqlite3/sqlite3.vcproj +4 -2
  1454. data/platform/wm/syncengine/syncengine.vcproj +20 -2
  1455. data/platform/wm/tcmalloc/tcmalloc.vcproj +160 -0
  1456. data/platform/wp7/RhoRubyLib/rubyext/RhoSyncEngine.cs +4 -0
  1457. data/platform/wp7/RhoRubyLib/rubyext/RhoSystem.cs +4 -0
  1458. data/rakefile.rb +173 -17
  1459. data/res/build-tools/license_rc.dll +0 -0
  1460. data/res/build-tools/win32/license_rc.dll +0 -0
  1461. data/res/generators/templates/application/app/layout.erb +7 -3
  1462. data/res/generators/templates/application/public/css/re_webkit.css +1 -1
  1463. data/res/generators/templates/application/public/css/re_webkit_flat.css +753 -0
  1464. data/res/generators/templates/extension/extensions/montana/ext/montana/platform/iphone/Montana.xcodeproj/project.pbxproj +4 -10
  1465. data/spec/framework_spec/app/spec/core/file/new_spec.rb +2 -2
  1466. data/spec/framework_spec/app/spec/core/file/open_spec.rb +6 -6
  1467. data/spec/framework_spec/app/spec/core/file/shared/open.rb +1 -1
  1468. data/spec/framework_spec/app/spec/core/file/shared/stat.rb +2 -2
  1469. data/spec/framework_spec/app/spec/core/file/stat/blksize_spec.rb +1 -1
  1470. data/spec/framework_spec/app/spec/core/file/stat/blocks_spec.rb +1 -1
  1471. data/spec/framework_spec/app/spec/core/file/stat/comparison_spec.rb +1 -1
  1472. data/spec/framework_spec/app/spec/core/file/stat/ino_spec.rb +1 -1
  1473. data/spec/framework_spec/app/spec/core/file/stat/inspect_spec.rb +1 -1
  1474. data/spec/framework_spec/app/spec/core/file/stat/mode_spec.rb +1 -1
  1475. data/spec/framework_spec/app/spec/core/file/stat/nlink_spec.rb +1 -1
  1476. data/spec/framework_spec/app/spec/core/file/stat_spec.rb +1 -1
  1477. data/spec/framework_spec/app/spec/core/file/sticky_spec.rb +2 -2
  1478. data/spec/framework_spec/app/spec/core/io/close_read_spec.rb +1 -1
  1479. data/spec/framework_spec/app/spec/core/io/close_write_spec.rb +1 -1
  1480. data/spec/framework_spec/app/spec/core/io/foreach_spec.rb +8 -8
  1481. data/spec/framework_spec/app/spec/core/io/getc_spec.rb +1 -1
  1482. data/spec/framework_spec/app/spec/core/io/gets_spec.rb +1 -1
  1483. data/spec/framework_spec/app/spec/core/io/stat_spec.rb +1 -1
  1484. data/spec/framework_spec/app/spec/core/kernel/respond_to_spec.rb +1 -1
  1485. data/spec/framework_spec/app/spec/core/time/shared/gmt_offset.rb +1 -1
  1486. data/spec/framework_spec/app/spec/library/digest/hmac_spec.rb +91 -0
  1487. data/spec/framework_spec/app/spec/library/digest/md5/file_spec.rb +1 -1
  1488. data/spec/framework_spec/app/spec/library/digest/sha256/append_spec.rb +7 -0
  1489. data/spec/framework_spec/app/spec/library/digest/sha256/block_length_spec.rb +12 -0
  1490. data/spec/framework_spec/app/spec/library/digest/sha256/digest_bang_spec.rb +13 -0
  1491. data/spec/framework_spec/app/spec/library/digest/sha256/digest_length_spec.rb +12 -0
  1492. data/spec/framework_spec/app/spec/library/digest/sha256/digest_spec.rb +32 -0
  1493. data/spec/framework_spec/app/spec/library/digest/sha256/equal_spec.rb +37 -0
  1494. data/spec/framework_spec/app/spec/library/digest/sha256/file_spec.rb +47 -0
  1495. data/spec/framework_spec/app/spec/library/digest/sha256/hexdigest_bang_spec.rb +14 -0
  1496. data/spec/framework_spec/app/spec/library/digest/sha256/hexdigest_spec.rb +32 -0
  1497. data/spec/framework_spec/app/spec/library/digest/sha256/inspect_spec.rb +12 -0
  1498. data/spec/framework_spec/app/spec/library/digest/sha256/length_spec.rb +8 -0
  1499. data/spec/framework_spec/app/spec/library/digest/sha256/reset_spec.rb +15 -0
  1500. data/spec/framework_spec/app/spec/library/digest/sha256/shared/constants.rb +15 -0
  1501. data/spec/framework_spec/app/spec/library/digest/sha256/shared/length.rb +8 -0
  1502. data/spec/framework_spec/app/spec/library/digest/sha256/shared/update.rb +7 -0
  1503. data/spec/framework_spec/app/spec/library/digest/sha256/size_spec.rb +8 -0
  1504. data/spec/framework_spec/app/spec/library/digest/sha256/to_s_spec.rb +21 -0
  1505. data/spec/framework_spec/app/spec/library/digest/sha256/update_spec.rb +7 -0
  1506. data/spec/framework_spec/app/spec/library/digest/sha384/append_spec.rb +7 -0
  1507. data/spec/framework_spec/app/spec/library/digest/sha384/block_length_spec.rb +12 -0
  1508. data/spec/framework_spec/app/spec/library/digest/sha384/digest_bang_spec.rb +13 -0
  1509. data/spec/framework_spec/app/spec/library/digest/sha384/digest_length_spec.rb +12 -0
  1510. data/spec/framework_spec/app/spec/library/digest/sha384/digest_spec.rb +32 -0
  1511. data/spec/framework_spec/app/spec/library/digest/sha384/equal_spec.rb +37 -0
  1512. data/spec/framework_spec/app/spec/library/digest/sha384/file_spec.rb +47 -0
  1513. data/spec/framework_spec/app/spec/library/digest/sha384/hexdigest_bang_spec.rb +14 -0
  1514. data/spec/framework_spec/app/spec/library/digest/sha384/hexdigest_spec.rb +32 -0
  1515. data/spec/framework_spec/app/spec/library/digest/sha384/inspect_spec.rb +12 -0
  1516. data/spec/framework_spec/app/spec/library/digest/sha384/length_spec.rb +8 -0
  1517. data/spec/framework_spec/app/spec/library/digest/sha384/reset_spec.rb +15 -0
  1518. data/spec/framework_spec/app/spec/library/digest/sha384/shared/constants.rb +16 -0
  1519. data/spec/framework_spec/app/spec/library/digest/sha384/shared/length.rb +8 -0
  1520. data/spec/framework_spec/app/spec/library/digest/sha384/shared/update.rb +7 -0
  1521. data/spec/framework_spec/app/spec/library/digest/sha384/size_spec.rb +8 -0
  1522. data/spec/framework_spec/app/spec/library/digest/sha384/to_s_spec.rb +21 -0
  1523. data/spec/framework_spec/app/spec/library/digest/sha384/update_spec.rb +7 -0
  1524. data/spec/framework_spec/app/spec/library/digest/sha512/append_spec.rb +7 -0
  1525. data/spec/framework_spec/app/spec/library/digest/sha512/block_length_spec.rb +12 -0
  1526. data/spec/framework_spec/app/spec/library/digest/sha512/digest_bang_spec.rb +13 -0
  1527. data/spec/framework_spec/app/spec/library/digest/sha512/digest_length_spec.rb +12 -0
  1528. data/spec/framework_spec/app/spec/library/digest/sha512/digest_spec.rb +32 -0
  1529. data/spec/framework_spec/app/spec/library/digest/sha512/equal_spec.rb +37 -0
  1530. data/spec/framework_spec/app/spec/library/digest/sha512/file_spec.rb +47 -0
  1531. data/spec/framework_spec/app/spec/library/digest/sha512/hexdigest_bang_spec.rb +14 -0
  1532. data/spec/framework_spec/app/spec/library/digest/sha512/hexdigest_spec.rb +32 -0
  1533. data/spec/framework_spec/app/spec/library/digest/sha512/inspect_spec.rb +12 -0
  1534. data/spec/framework_spec/app/spec/library/digest/sha512/length_spec.rb +8 -0
  1535. data/spec/framework_spec/app/spec/library/digest/sha512/reset_spec.rb +15 -0
  1536. data/spec/framework_spec/app/spec/library/digest/sha512/shared/constants.rb +15 -0
  1537. data/spec/framework_spec/app/spec/library/digest/sha512/shared/length.rb +8 -0
  1538. data/spec/framework_spec/app/spec/library/digest/sha512/shared/update.rb +7 -0
  1539. data/spec/framework_spec/app/spec/library/digest/sha512/size_spec.rb +8 -0
  1540. data/spec/framework_spec/app/spec/library/digest/sha512/to_s_spec.rb +21 -0
  1541. data/spec/framework_spec/app/spec/library/digest/sha512/update_spec.rb +7 -0
  1542. data/spec/framework_spec/app/spec/library/ezcrypto/ezcrypto_spec.rb +13 -0
  1543. data/spec/framework_spec/app/spec/library/net/ftp/nlst_spec.rb +1 -1
  1544. data/spec/framework_spec/app/spec/library/net/ftp/retrbinary_spec.rb +1 -1
  1545. data/spec/framework_spec/app/spec/library/net/ftp/retrlines_spec.rb +1 -1
  1546. data/spec/framework_spec/app/spec/library/net/ftp/shared/getbinaryfile.rb +1 -1
  1547. data/spec/framework_spec/app/spec/library/net/ftp/shared/gettextfile.rb +1 -1
  1548. data/spec/framework_spec/app/spec/library/net/ftp/shared/list.rb +1 -1
  1549. data/spec/framework_spec/app/spec/library/net/ftp/shared/putbinaryfile.rb +1 -1
  1550. data/spec/framework_spec/app/spec/library/net/ftp/shared/puttextfile.rb +1 -1
  1551. data/spec/framework_spec/app/spec/library/net/ftp/storbinary_spec.rb +1 -1
  1552. data/spec/framework_spec/app/spec/library/net/ftp/storlines_spec.rb +1 -1
  1553. data/spec/framework_spec/app/spec/library/openssl/cipher_spec.rb +19 -0
  1554. data/spec/framework_spec/app/spec/library/openssl/config/freeze_spec.rb +21 -0
  1555. data/spec/framework_spec/app/spec/library/openssl/hmac/digest_spec.rb +18 -0
  1556. data/spec/framework_spec/app/spec/library/openssl/hmac/hexdigest_spec.rb +18 -0
  1557. data/spec/framework_spec/app/spec/library/openssl/random/pseudo_bytes_spec.rb +7 -0
  1558. data/spec/framework_spec/app/spec/library/openssl/random/random_bytes_spec.rb +7 -0
  1559. data/spec/framework_spec/app/spec/library/openssl/random/shared/random_bytes.rb +29 -0
  1560. data/spec/framework_spec/app/spec/library/openssl/shared/constants.rb +10 -0
  1561. data/spec/framework_spec/app/spec/library/zlib/adler32_spec.rb +46 -0
  1562. data/spec/framework_spec/app/spec/library/zlib/crc32_spec.rb +52 -0
  1563. data/spec/framework_spec/app/spec/library/zlib/crc_table_spec.rb +11 -0
  1564. data/spec/framework_spec/app/spec/library/zlib/deflate/append_spec.rb +1 -0
  1565. data/spec/framework_spec/app/spec/library/zlib/deflate/deflate_spec.rb +49 -0
  1566. data/spec/framework_spec/app/spec/library/zlib/deflate/flush_spec.rb +1 -0
  1567. data/spec/framework_spec/app/spec/library/zlib/deflate/initialize_copy_spec.rb +1 -0
  1568. data/spec/framework_spec/app/spec/library/zlib/deflate/new_spec.rb +1 -0
  1569. data/spec/framework_spec/app/spec/library/zlib/deflate/params_spec.rb +20 -0
  1570. data/spec/framework_spec/app/spec/library/zlib/deflate/set_dictionary_spec.rb +14 -0
  1571. data/spec/framework_spec/app/spec/library/zlib/gzipfile/close_spec.rb +23 -0
  1572. data/spec/framework_spec/app/spec/library/zlib/gzipfile/closed_spec.rb +17 -0
  1573. data/spec/framework_spec/app/spec/library/zlib/gzipfile/comment_spec.rb +27 -0
  1574. data/spec/framework_spec/app/spec/library/zlib/gzipfile/crc_spec.rb +1 -0
  1575. data/spec/framework_spec/app/spec/library/zlib/gzipfile/finish_spec.rb +1 -0
  1576. data/spec/framework_spec/app/spec/library/zlib/gzipfile/level_spec.rb +1 -0
  1577. data/spec/framework_spec/app/spec/library/zlib/gzipfile/mtime_spec.rb +1 -0
  1578. data/spec/framework_spec/app/spec/library/zlib/gzipfile/orig_name_spec.rb +27 -0
  1579. data/spec/framework_spec/app/spec/library/zlib/gzipfile/os_code_spec.rb +1 -0
  1580. data/spec/framework_spec/app/spec/library/zlib/gzipfile/sync_spec.rb +1 -0
  1581. data/spec/framework_spec/app/spec/library/zlib/gzipfile/to_io_spec.rb +1 -0
  1582. data/spec/framework_spec/app/spec/library/zlib/gzipfile/wrap_spec.rb +1 -0
  1583. data/spec/framework_spec/app/spec/library/zlib/gzipreader/each_byte_spec.rb +33 -0
  1584. data/spec/framework_spec/app/spec/library/zlib/gzipreader/each_line_spec.rb +1 -0
  1585. data/spec/framework_spec/app/spec/library/zlib/gzipreader/each_spec.rb +1 -0
  1586. data/spec/framework_spec/app/spec/library/zlib/gzipreader/eof_spec.rb +55 -0
  1587. data/spec/framework_spec/app/spec/library/zlib/gzipreader/getc_spec.rb +55 -0
  1588. data/spec/framework_spec/app/spec/library/zlib/gzipreader/gets_spec.rb +1 -0
  1589. data/spec/framework_spec/app/spec/library/zlib/gzipreader/lineno_spec.rb +1 -0
  1590. data/spec/framework_spec/app/spec/library/zlib/gzipreader/new_spec.rb +1 -0
  1591. data/spec/framework_spec/app/spec/library/zlib/gzipreader/open_spec.rb +1 -0
  1592. data/spec/framework_spec/app/spec/library/zlib/gzipreader/pos_spec.rb +26 -0
  1593. data/spec/framework_spec/app/spec/library/zlib/gzipreader/read_spec.rb +58 -0
  1594. data/spec/framework_spec/app/spec/library/zlib/gzipreader/readchar_spec.rb +1 -0
  1595. data/spec/framework_spec/app/spec/library/zlib/gzipreader/readline_spec.rb +1 -0
  1596. data/spec/framework_spec/app/spec/library/zlib/gzipreader/readlines_spec.rb +1 -0
  1597. data/spec/framework_spec/app/spec/library/zlib/gzipreader/rewind_spec.rb +47 -0
  1598. data/spec/framework_spec/app/spec/library/zlib/gzipreader/tell_spec.rb +1 -0
  1599. data/spec/framework_spec/app/spec/library/zlib/gzipreader/ungetc_spec.rb +1 -0
  1600. data/spec/framework_spec/app/spec/library/zlib/gzipreader/unused_spec.rb +1 -0
  1601. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/append_spec.rb +1 -0
  1602. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/comment_spec.rb +1 -0
  1603. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/flush_spec.rb +1 -0
  1604. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/mtime_spec.rb +41 -0
  1605. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/new_spec.rb +1 -0
  1606. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/open_spec.rb +1 -0
  1607. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/orig_name_spec.rb +1 -0
  1608. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/pos_spec.rb +1 -0
  1609. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/print_spec.rb +1 -0
  1610. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/printf_spec.rb +1 -0
  1611. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/putc_spec.rb +1 -0
  1612. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/puts_spec.rb +1 -0
  1613. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/tell_spec.rb +1 -0
  1614. data/spec/framework_spec/app/spec/library/zlib/gzipwriter/write_spec.rb +24 -0
  1615. data/spec/framework_spec/app/spec/library/zlib/inflate/append_spec.rb +60 -0
  1616. data/spec/framework_spec/app/spec/library/zlib/inflate/inflate_spec.rb +109 -0
  1617. data/spec/framework_spec/app/spec/library/zlib/inflate/new_spec.rb +1 -0
  1618. data/spec/framework_spec/app/spec/library/zlib/inflate/set_dictionary_spec.rb +20 -0
  1619. data/spec/framework_spec/app/spec/library/zlib/inflate/sync_point_spec.rb +1 -0
  1620. data/spec/framework_spec/app/spec/library/zlib/inflate/sync_spec.rb +1 -0
  1621. data/spec/framework_spec/app/spec/library/zlib/zlib_version_spec.rb +1 -0
  1622. data/spec/framework_spec/app/spec/library/zlib/zstream/adler_spec.rb +1 -0
  1623. data/spec/framework_spec/app/spec/library/zlib/zstream/avail_in_spec.rb +1 -0
  1624. data/spec/framework_spec/app/spec/library/zlib/zstream/avail_out_spec.rb +1 -0
  1625. data/spec/framework_spec/app/spec/library/zlib/zstream/close_spec.rb +1 -0
  1626. data/spec/framework_spec/app/spec/library/zlib/zstream/closed_spec.rb +1 -0
  1627. data/spec/framework_spec/app/spec/library/zlib/zstream/data_type_spec.rb +1 -0
  1628. data/spec/framework_spec/app/spec/library/zlib/zstream/end_spec.rb +1 -0
  1629. data/spec/framework_spec/app/spec/library/zlib/zstream/ended_spec.rb +1 -0
  1630. data/spec/framework_spec/app/spec/library/zlib/zstream/finish_spec.rb +1 -0
  1631. data/spec/framework_spec/app/spec/library/zlib/zstream/finished_spec.rb +1 -0
  1632. data/spec/framework_spec/app/spec/library/zlib/zstream/flush_next_in_spec.rb +1 -0
  1633. data/spec/framework_spec/app/spec/library/zlib/zstream/flush_next_out_spec.rb +16 -0
  1634. data/spec/framework_spec/app/spec/library/zlib/zstream/reset_spec.rb +1 -0
  1635. data/spec/framework_spec/app/spec/library/zlib/zstream/stream_end_spec.rb +1 -0
  1636. data/spec/framework_spec/app/spec/library/zlib/zstream/total_in_spec.rb +1 -0
  1637. data/spec/framework_spec/app/spec/library/zlib/zstream/total_out_spec.rb +1 -0
  1638. data/spec/framework_spec/app/spec/shared/file/executable_real.rb +1 -1
  1639. data/spec/framework_spec/app/spec/shared/file/file.rb +1 -1
  1640. data/spec/framework_spec/app/spec_runner.rb +6 -5
  1641. data/spec/framework_spec/build.yml +4 -1
  1642. data/spec/phone_spec/app/BlobBulkTest/blob_bulk_test.png +0 -0
  1643. data/spec/phone_spec/app/BlobBulkTest/blob_bulk_test.rb +11 -0
  1644. data/spec/phone_spec/app/BlobBulkTest_s/blob_bulk_test_s.png +0 -0
  1645. data/spec/phone_spec/app/BlobBulkTest_s/blob_bulk_test_s.rb +11 -0
  1646. data/spec/phone_spec/app/Data/invalid_import_db.zip +0 -0
  1647. data/spec/phone_spec/app/Data/valid_import_db.zip +0 -0
  1648. data/spec/phone_spec/app/spec/asynchttp_spec.rb +1 -1
  1649. data/spec/phone_spec/app/spec/blob_bulksync_spec.rb +160 -0
  1650. data/spec/phone_spec/app/spec/bulksync_spec.rb +51 -1
  1651. data/spec/phone_spec/app/spec/bundle_update_spec.rb +85 -0
  1652. data/spec/phone_spec/app/spec/database_spec.rb +174 -0
  1653. data/spec/phone_spec/app/spec/events_spec.rb +4 -4
  1654. data/spec/phone_spec/app/spec/json_spec.rb +1 -1
  1655. data/spec/phone_spec/app/spec/rho_spec.rb +88 -12
  1656. data/spec/phone_spec/app/spec/rhofile_spec.rb +1 -1
  1657. data/spec/phone_spec/app/spec/rhom_object_spec.rb +8 -5
  1658. data/spec/phone_spec/app/spec/syncengine_spec.rb +281 -18
  1659. data/spec/phone_spec/app/spec/uri_spec.rb +5 -5
  1660. data/spec/phone_spec/app/spec_runner.rb +16 -9
  1661. data/spec/phone_spec/build.yml +2 -1
  1662. data/spec/phone_spec/public/file_for_replace.txt +1 -0
  1663. data/spec/phone_spec/public/file_to_remove.png +0 -0
  1664. data/spec/phone_spec/public/folder_to_remove.png +0 -0
  1665. data/spec/phone_spec/public/folder_to_remove/switch.png +0 -0
  1666. data/spec/phone_spec/public/partial_update_bundle/upgrade_bundle_partial.zip +0 -0
  1667. data/spec/phone_spec/upgrade_package_add_files.txt +2 -0
  1668. data/spec/phone_spec/upgrade_package_remove_files.txt +2 -0
  1669. data/version +1 -1
  1670. metadata +1384 -12
  1671. data/Manifest.txt +0 -8054
  1672. data/doc/alert-api.txt +0 -51
  1673. data/doc/files.txt +0 -4
  1674. data/doc/rhodes-api.txt +0 -147
  1675. data/doc/scanner.txt +0 -507
  1676. data/doc/timer-api.txt +0 -39
  1677. data/doc/tutorial.txt +0 -130
  1678. data/platform/android/Rhodes/src/com/rhomobile/rhodes/extmanager/WebkitExtension.java +0 -53
data/lib/extensions/openssl.so/ext/sources/ssl/s3_clnt.c ADDED
@@ -0,0 +1,3371 @@
1
+ /* ssl/s3_clnt.c */
2
+ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
+ * All rights reserved.
4
+ *
5
+ * This package is an SSL implementation written
6
+ * by Eric Young (eay@cryptsoft.com).
7
+ * The implementation was written so as to conform with Netscapes SSL.
8
+ *
9
+ * This library is free for commercial and non-commercial use as long as
10
+ * the following conditions are aheared to. The following conditions
11
+ * apply to all code found in this distribution, be it the RC4, RSA,
12
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13
+ * included with this distribution is covered by the same copyright terms
14
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15
+ *
16
+ * Copyright remains Eric Young's, and as such any Copyright notices in
17
+ * the code are not to be removed.
18
+ * If this package is used in a product, Eric Young should be given attribution
19
+ * as the author of the parts of the library used.
20
+ * This can be in the form of a textual message at program startup or
21
+ * in documentation (online or textual) provided with the package.
22
+ *
23
+ * Redistribution and use in source and binary forms, with or without
24
+ * modification, are permitted provided that the following conditions
25
+ * are met:
26
+ * 1. Redistributions of source code must retain the copyright
27
+ * notice, this list of conditions and the following disclaimer.
28
+ * 2. Redistributions in binary form must reproduce the above copyright
29
+ * notice, this list of conditions and the following disclaimer in the
30
+ * documentation and/or other materials provided with the distribution.
31
+ * 3. All advertising materials mentioning features or use of this software
32
+ * must display the following acknowledgement:
33
+ * "This product includes cryptographic software written by
34
+ * Eric Young (eay@cryptsoft.com)"
35
+ * The word 'cryptographic' can be left out if the rouines from the library
36
+ * being used are not cryptographic related :-).
37
+ * 4. If you include any Windows specific code (or a derivative thereof) from
38
+ * the apps directory (application code) you must include an acknowledgement:
39
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40
+ *
41
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51
+ * SUCH DAMAGE.
52
+ *
53
+ * The licence and distribution terms for any publically available version or
54
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
55
+ * copied and put under another distribution licence
56
+ * [including the GNU Public Licence.]
57
+ */
58
+ /* ====================================================================
59
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60
+ *
61
+ * Redistribution and use in source and binary forms, with or without
62
+ * modification, are permitted provided that the following conditions
63
+ * are met:
64
+ *
65
+ * 1. Redistributions of source code must retain the above copyright
66
+ * notice, this list of conditions and the following disclaimer.
67
+ *
68
+ * 2. Redistributions in binary form must reproduce the above copyright
69
+ * notice, this list of conditions and the following disclaimer in
70
+ * the documentation and/or other materials provided with the
71
+ * distribution.
72
+ *
73
+ * 3. All advertising materials mentioning features or use of this
74
+ * software must display the following acknowledgment:
75
+ * "This product includes software developed by the OpenSSL Project
76
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77
+ *
78
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79
+ * endorse or promote products derived from this software without
80
+ * prior written permission. For written permission, please contact
81
+ * openssl-core@openssl.org.
82
+ *
83
+ * 5. Products derived from this software may not be called "OpenSSL"
84
+ * nor may "OpenSSL" appear in their names without prior written
85
+ * permission of the OpenSSL Project.
86
+ *
87
+ * 6. Redistributions of any form whatsoever must retain the following
88
+ * acknowledgment:
89
+ * "This product includes software developed by the OpenSSL Project
90
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91
+ *
92
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
104
+ * ====================================================================
105
+ *
106
+ * This product includes cryptographic software written by Eric Young
107
+ * (eay@cryptsoft.com). This product includes software written by Tim
108
+ * Hudson (tjh@cryptsoft.com).
109
+ *
110
+ */
111
+ /* ====================================================================
112
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113
+ *
114
+ * Portions of the attached software ("Contribution") are developed by
115
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116
+ *
117
+ * The Contribution is licensed pursuant to the OpenSSL open source
118
+ * license provided above.
119
+ *
120
+ * ECC cipher suite support in OpenSSL originally written by
121
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122
+ *
123
+ */
124
+ /* ====================================================================
125
+ * Copyright 2005 Nokia. All rights reserved.
126
+ *
127
+ * The portions of the attached software ("Contribution") is developed by
128
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129
+ * license.
130
+ *
131
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133
+ * support (see RFC 4279) to OpenSSL.
134
+ *
135
+ * No patent licenses or other rights except those expressly stated in
136
+ * the OpenSSL open source license shall be deemed granted or received
137
+ * expressly, by implication, estoppel, or otherwise.
138
+ *
139
+ * No assurances are provided by Nokia that the Contribution does not
140
+ * infringe the patent or other intellectual property rights of any third
141
+ * party or that the license provides you with all the necessary rights
142
+ * to make use of the Contribution.
143
+ *
144
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148
+ * OTHERWISE.
149
+ */
150
+
151
+ #include <stdio.h>
152
+ #include "ssl_locl.h"
153
+ #include "kssl_lcl.h"
154
+ #include <openssl/buffer.h>
155
+ #include <openssl/rand.h>
156
+ #include <openssl/objects.h>
157
+ #include <openssl/evp.h>
158
+ #include <openssl/md5.h>
159
+ #ifdef OPENSSL_FIPS
160
+ #include <openssl/fips.h>
161
+ #endif
162
+ #ifndef OPENSSL_NO_DH
163
+ #include <openssl/dh.h>
164
+ #endif
165
+ #include <openssl/bn.h>
166
+ #ifndef OPENSSL_NO_ENGINE
167
+ #include <openssl/engine.h>
168
+ #endif
169
+
170
+ static const SSL_METHOD *ssl3_get_client_method(int ver);
171
+ static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
172
+
173
+ static const SSL_METHOD *ssl3_get_client_method(int ver)
174
+ {
175
+ if (ver == SSL3_VERSION)
176
+ return(SSLv3_client_method());
177
+ else
178
+ return(NULL);
179
+ }
180
+
181
+ IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
182
+ ssl_undefined_function,
183
+ ssl3_connect,
184
+ ssl3_get_client_method)
185
+
186
+ int ssl3_connect(SSL *s)
187
+ {
188
+ BUF_MEM *buf=NULL;
189
+ unsigned long Time=(unsigned long)time(NULL);
190
+ void (*cb)(const SSL *ssl,int type,int val)=NULL;
191
+ int ret= -1;
192
+ int new_state,state,skip=0;
193
+
194
+ RAND_add(&Time,sizeof(Time),0);
195
+ ERR_clear_error();
196
+ clear_sys_error();
197
+
198
+ if (s->info_callback != NULL)
199
+ cb=s->info_callback;
200
+ else if (s->ctx->info_callback != NULL)
201
+ cb=s->ctx->info_callback;
202
+
203
+ s->in_handshake++;
204
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
205
+
206
+ #ifndef OPENSSL_NO_HEARTBEATS
207
+ /* If we're awaiting a HeartbeatResponse, pretend we
208
+ * already got and don't await it anymore, because
209
+ * Heartbeats don't make sense during handshakes anyway.
210
+ */
211
+ if (s->tlsext_hb_pending)
212
+ {
213
+ s->tlsext_hb_pending = 0;
214
+ s->tlsext_hb_seq++;
215
+ }
216
+ #endif
217
+
218
+ for (;;)
219
+ {
220
+ state=s->state;
221
+
222
+ switch(s->state)
223
+ {
224
+ case SSL_ST_RENEGOTIATE:
225
+ s->renegotiate=1;
226
+ s->state=SSL_ST_CONNECT;
227
+ s->ctx->stats.sess_connect_renegotiate++;
228
+ /* break */
229
+ case SSL_ST_BEFORE:
230
+ case SSL_ST_CONNECT:
231
+ case SSL_ST_BEFORE|SSL_ST_CONNECT:
232
+ case SSL_ST_OK|SSL_ST_CONNECT:
233
+
234
+ s->server=0;
235
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
236
+
237
+ if ((s->version & 0xff00 ) != 0x0300)
238
+ {
239
+ SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
240
+ ret = -1;
241
+ goto end;
242
+ }
243
+
244
+ /* s->version=SSL3_VERSION; */
245
+ s->type=SSL_ST_CONNECT;
246
+
247
+ if (s->init_buf == NULL)
248
+ {
249
+ if ((buf=BUF_MEM_new()) == NULL)
250
+ {
251
+ ret= -1;
252
+ goto end;
253
+ }
254
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
255
+ {
256
+ ret= -1;
257
+ goto end;
258
+ }
259
+ s->init_buf=buf;
260
+ buf=NULL;
261
+ }
262
+
263
+ if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
264
+
265
+ /* setup buffing BIO */
266
+ if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
267
+
268
+ /* don't push the buffering BIO quite yet */
269
+
270
+ ssl3_init_finished_mac(s);
271
+
272
+ s->state=SSL3_ST_CW_CLNT_HELLO_A;
273
+ s->ctx->stats.sess_connect++;
274
+ s->init_num=0;
275
+ break;
276
+
277
+ case SSL3_ST_CW_CLNT_HELLO_A:
278
+ case SSL3_ST_CW_CLNT_HELLO_B:
279
+
280
+ s->shutdown=0;
281
+ ret=ssl3_client_hello(s);
282
+ if (ret <= 0) goto end;
283
+ s->state=SSL3_ST_CR_SRVR_HELLO_A;
284
+ s->init_num=0;
285
+
286
+ /* turn on buffering for the next lot of output */
287
+ if (s->bbio != s->wbio)
288
+ s->wbio=BIO_push(s->bbio,s->wbio);
289
+
290
+ break;
291
+
292
+ case SSL3_ST_CR_SRVR_HELLO_A:
293
+ case SSL3_ST_CR_SRVR_HELLO_B:
294
+ ret=ssl3_get_server_hello(s);
295
+ if (ret <= 0) goto end;
296
+
297
+ if (s->hit)
298
+ {
299
+ s->state=SSL3_ST_CR_FINISHED_A;
300
+ #ifndef OPENSSL_NO_TLSEXT
301
+ if (s->tlsext_ticket_expected)
302
+ {
303
+ /* receive renewed session ticket */
304
+ s->state=SSL3_ST_CR_SESSION_TICKET_A;
305
+ }
306
+ #endif
307
+ }
308
+ else
309
+ s->state=SSL3_ST_CR_CERT_A;
310
+ s->init_num=0;
311
+ break;
312
+
313
+ case SSL3_ST_CR_CERT_A:
314
+ case SSL3_ST_CR_CERT_B:
315
+ #ifndef OPENSSL_NO_TLSEXT
316
+ ret=ssl3_check_finished(s);
317
+ if (ret <= 0) goto end;
318
+ if (ret == 2)
319
+ {
320
+ s->hit = 1;
321
+ if (s->tlsext_ticket_expected)
322
+ s->state=SSL3_ST_CR_SESSION_TICKET_A;
323
+ else
324
+ s->state=SSL3_ST_CR_FINISHED_A;
325
+ s->init_num=0;
326
+ break;
327
+ }
328
+ #endif
329
+ /* Check if it is anon DH/ECDH */
330
+ /* or PSK */
331
+ if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
332
+ !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
333
+ {
334
+ ret=ssl3_get_server_certificate(s);
335
+ if (ret <= 0) goto end;
336
+ #ifndef OPENSSL_NO_TLSEXT
337
+ if (s->tlsext_status_expected)
338
+ s->state=SSL3_ST_CR_CERT_STATUS_A;
339
+ else
340
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
341
+ }
342
+ else
343
+ {
344
+ skip = 1;
345
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
346
+ }
347
+ #else
348
+ }
349
+ else
350
+ skip=1;
351
+
352
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
353
+ #endif
354
+ s->init_num=0;
355
+ break;
356
+
357
+ case SSL3_ST_CR_KEY_EXCH_A:
358
+ case SSL3_ST_CR_KEY_EXCH_B:
359
+ ret=ssl3_get_key_exchange(s);
360
+ if (ret <= 0) goto end;
361
+ s->state=SSL3_ST_CR_CERT_REQ_A;
362
+ s->init_num=0;
363
+
364
+ /* at this point we check that we have the
365
+ * required stuff from the server */
366
+ if (!ssl3_check_cert_and_algorithm(s))
367
+ {
368
+ ret= -1;
369
+ goto end;
370
+ }
371
+ break;
372
+
373
+ case SSL3_ST_CR_CERT_REQ_A:
374
+ case SSL3_ST_CR_CERT_REQ_B:
375
+ ret=ssl3_get_certificate_request(s);
376
+ if (ret <= 0) goto end;
377
+ s->state=SSL3_ST_CR_SRVR_DONE_A;
378
+ s->init_num=0;
379
+ break;
380
+
381
+ case SSL3_ST_CR_SRVR_DONE_A:
382
+ case SSL3_ST_CR_SRVR_DONE_B:
383
+ ret=ssl3_get_server_done(s);
384
+ if (ret <= 0) goto end;
385
+ #ifndef OPENSSL_NO_SRP
386
+ if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP)
387
+ {
388
+ if ((ret = SRP_Calc_A_param(s))<=0)
389
+ {
390
+ SSLerr(SSL_F_SSL3_CONNECT,SSL_R_SRP_A_CALC);
391
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
392
+ goto end;
393
+ }
394
+ }
395
+ #endif
396
+ if (s->s3->tmp.cert_req)
397
+ s->state=SSL3_ST_CW_CERT_A;
398
+ else
399
+ s->state=SSL3_ST_CW_KEY_EXCH_A;
400
+ s->init_num=0;
401
+
402
+ break;
403
+
404
+ case SSL3_ST_CW_CERT_A:
405
+ case SSL3_ST_CW_CERT_B:
406
+ case SSL3_ST_CW_CERT_C:
407
+ case SSL3_ST_CW_CERT_D:
408
+ ret=ssl3_send_client_certificate(s);
409
+ if (ret <= 0) goto end;
410
+ s->state=SSL3_ST_CW_KEY_EXCH_A;
411
+ s->init_num=0;
412
+ break;
413
+
414
+ case SSL3_ST_CW_KEY_EXCH_A:
415
+ case SSL3_ST_CW_KEY_EXCH_B:
416
+ ret=ssl3_send_client_key_exchange(s);
417
+ if (ret <= 0) goto end;
418
+ /* EAY EAY EAY need to check for DH fix cert
419
+ * sent back */
420
+ /* For TLS, cert_req is set to 2, so a cert chain
421
+ * of nothing is sent, but no verify packet is sent */
422
+ /* XXX: For now, we do not support client
423
+ * authentication in ECDH cipher suites with
424
+ * ECDH (rather than ECDSA) certificates.
425
+ * We need to skip the certificate verify
426
+ * message when client's ECDH public key is sent
427
+ * inside the client certificate.
428
+ */
429
+ if (s->s3->tmp.cert_req == 1)
430
+ {
431
+ s->state=SSL3_ST_CW_CERT_VRFY_A;
432
+ }
433
+ else
434
+ {
435
+ s->state=SSL3_ST_CW_CHANGE_A;
436
+ s->s3->change_cipher_spec=0;
437
+ }
438
+ if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY)
439
+ {
440
+ s->state=SSL3_ST_CW_CHANGE_A;
441
+ s->s3->change_cipher_spec=0;
442
+ }
443
+
444
+ s->init_num=0;
445
+ break;
446
+
447
+ case SSL3_ST_CW_CERT_VRFY_A:
448
+ case SSL3_ST_CW_CERT_VRFY_B:
449
+ ret=ssl3_send_client_verify(s);
450
+ if (ret <= 0) goto end;
451
+ s->state=SSL3_ST_CW_CHANGE_A;
452
+ s->init_num=0;
453
+ s->s3->change_cipher_spec=0;
454
+ break;
455
+
456
+ case SSL3_ST_CW_CHANGE_A:
457
+ case SSL3_ST_CW_CHANGE_B:
458
+ ret=ssl3_send_change_cipher_spec(s,
459
+ SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
460
+ if (ret <= 0) goto end;
461
+
462
+
463
+ #if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
464
+ s->state=SSL3_ST_CW_FINISHED_A;
465
+ #else
466
+ if (s->s3->next_proto_neg_seen)
467
+ s->state=SSL3_ST_CW_NEXT_PROTO_A;
468
+ else
469
+ s->state=SSL3_ST_CW_FINISHED_A;
470
+ #endif
471
+ s->init_num=0;
472
+
473
+ s->session->cipher=s->s3->tmp.new_cipher;
474
+ #ifdef OPENSSL_NO_COMP
475
+ s->session->compress_meth=0;
476
+ #else
477
+ if (s->s3->tmp.new_compression == NULL)
478
+ s->session->compress_meth=0;
479
+ else
480
+ s->session->compress_meth=
481
+ s->s3->tmp.new_compression->id;
482
+ #endif
483
+ if (!s->method->ssl3_enc->setup_key_block(s))
484
+ {
485
+ ret= -1;
486
+ goto end;
487
+ }
488
+
489
+ if (!s->method->ssl3_enc->change_cipher_state(s,
490
+ SSL3_CHANGE_CIPHER_CLIENT_WRITE))
491
+ {
492
+ ret= -1;
493
+ goto end;
494
+ }
495
+
496
+ break;
497
+
498
+ #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
499
+ case SSL3_ST_CW_NEXT_PROTO_A:
500
+ case SSL3_ST_CW_NEXT_PROTO_B:
501
+ ret=ssl3_send_next_proto(s);
502
+ if (ret <= 0) goto end;
503
+ s->state=SSL3_ST_CW_FINISHED_A;
504
+ break;
505
+ #endif
506
+
507
+ case SSL3_ST_CW_FINISHED_A:
508
+ case SSL3_ST_CW_FINISHED_B:
509
+ ret=ssl3_send_finished(s,
510
+ SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
511
+ s->method->ssl3_enc->client_finished_label,
512
+ s->method->ssl3_enc->client_finished_label_len);
513
+ if (ret <= 0) goto end;
514
+ s->state=SSL3_ST_CW_FLUSH;
515
+
516
+ /* clear flags */
517
+ s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
518
+ if (s->hit)
519
+ {
520
+ s->s3->tmp.next_state=SSL_ST_OK;
521
+ if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
522
+ {
523
+ s->state=SSL_ST_OK;
524
+ s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
525
+ s->s3->delay_buf_pop_ret=0;
526
+ }
527
+ }
528
+ else
529
+ {
530
+ #ifndef OPENSSL_NO_TLSEXT
531
+ /* Allow NewSessionTicket if ticket expected */
532
+ if (s->tlsext_ticket_expected)
533
+ s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
534
+ else
535
+ #endif
536
+
537
+ s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
538
+ }
539
+ s->init_num=0;
540
+ break;
541
+
542
+ #ifndef OPENSSL_NO_TLSEXT
543
+ case SSL3_ST_CR_SESSION_TICKET_A:
544
+ case SSL3_ST_CR_SESSION_TICKET_B:
545
+ ret=ssl3_get_new_session_ticket(s);
546
+ if (ret <= 0) goto end;
547
+ s->state=SSL3_ST_CR_FINISHED_A;
548
+ s->init_num=0;
549
+ break;
550
+
551
+ case SSL3_ST_CR_CERT_STATUS_A:
552
+ case SSL3_ST_CR_CERT_STATUS_B:
553
+ ret=ssl3_get_cert_status(s);
554
+ if (ret <= 0) goto end;
555
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
556
+ s->init_num=0;
557
+ break;
558
+ #endif
559
+
560
+ case SSL3_ST_CR_FINISHED_A:
561
+ case SSL3_ST_CR_FINISHED_B:
562
+
563
+ ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
564
+ SSL3_ST_CR_FINISHED_B);
565
+ if (ret <= 0) goto end;
566
+
567
+ if (s->hit)
568
+ s->state=SSL3_ST_CW_CHANGE_A;
569
+ else
570
+ s->state=SSL_ST_OK;
571
+ s->init_num=0;
572
+ break;
573
+
574
+ case SSL3_ST_CW_FLUSH:
575
+ s->rwstate=SSL_WRITING;
576
+ if (BIO_flush(s->wbio) <= 0)
577
+ {
578
+ ret= -1;
579
+ goto end;
580
+ }
581
+ s->rwstate=SSL_NOTHING;
582
+ s->state=s->s3->tmp.next_state;
583
+ break;
584
+
585
+ case SSL_ST_OK:
586
+ /* clean a few things up */
587
+ ssl3_cleanup_key_block(s);
588
+
589
+ if (s->init_buf != NULL)
590
+ {
591
+ BUF_MEM_free(s->init_buf);
592
+ s->init_buf=NULL;
593
+ }
594
+
595
+ /* If we are not 'joining' the last two packets,
596
+ * remove the buffering now */
597
+ if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
598
+ ssl_free_wbio_buffer(s);
599
+ /* else do it later in ssl3_write */
600
+
601
+ s->init_num=0;
602
+ s->renegotiate=0;
603
+ s->new_session=0;
604
+
605
+ ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
606
+ if (s->hit) s->ctx->stats.sess_hit++;
607
+
608
+ ret=1;
609
+ /* s->server=0; */
610
+ s->handshake_func=ssl3_connect;
611
+ s->ctx->stats.sess_connect_good++;
612
+
613
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
614
+
615
+ goto end;
616
+ /* break; */
617
+
618
+ default:
619
+ SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
620
+ ret= -1;
621
+ goto end;
622
+ /* break; */
623
+ }
624
+
625
+ /* did we do anything */
626
+ if (!s->s3->tmp.reuse_message && !skip)
627
+ {
628
+ if (s->debug)
629
+ {
630
+ if ((ret=BIO_flush(s->wbio)) <= 0)
631
+ goto end;
632
+ }
633
+
634
+ if ((cb != NULL) && (s->state != state))
635
+ {
636
+ new_state=s->state;
637
+ s->state=state;
638
+ cb(s,SSL_CB_CONNECT_LOOP,1);
639
+ s->state=new_state;
640
+ }
641
+ }
642
+ skip=0;
643
+ }
644
+ end:
645
+ s->in_handshake--;
646
+ if (buf != NULL)
647
+ BUF_MEM_free(buf);
648
+ if (cb != NULL)
649
+ cb(s,SSL_CB_CONNECT_EXIT,ret);
650
+ return(ret);
651
+ }
652
+
653
+
654
+ int ssl3_client_hello(SSL *s)
655
+ {
656
+ unsigned char *buf;
657
+ unsigned char *p,*d;
658
+ int i;
659
+ unsigned long Time,l;
660
+ #ifndef OPENSSL_NO_COMP
661
+ int j;
662
+ SSL_COMP *comp;
663
+ #endif
664
+
665
+ buf=(unsigned char *)s->init_buf->data;
666
+ if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
667
+ {
668
+ SSL_SESSION *sess = s->session;
669
+ if ((sess == NULL) ||
670
+ (sess->ssl_version != s->version) ||
671
+ #ifdef OPENSSL_NO_TLSEXT
672
+ !sess->session_id_length ||
673
+ #else
674
+ (!sess->session_id_length && !sess->tlsext_tick) ||
675
+ #endif
676
+ (sess->not_resumable))
677
+ {
678
+ if (!ssl_get_new_session(s,0))
679
+ goto err;
680
+ }
681
+ /* else use the pre-loaded session */
682
+
683
+ p=s->s3->client_random;
684
+ Time=(unsigned long)time(NULL); /* Time */
685
+ l2n(Time,p);
686
+ if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
687
+ goto err;
688
+
689
+ /* Do the message type and length last */
690
+ d=p= &(buf[4]);
691
+
692
+ /* version indicates the negotiated version: for example from
693
+ * an SSLv2/v3 compatible client hello). The client_version
694
+ * field is the maximum version we permit and it is also
695
+ * used in RSA encrypted premaster secrets. Some servers can
696
+ * choke if we initially report a higher version then
697
+ * renegotiate to a lower one in the premaster secret. This
698
+ * didn't happen with TLS 1.0 as most servers supported it
699
+ * but it can with TLS 1.1 or later if the server only supports
700
+ * 1.0.
701
+ *
702
+ * Possible scenario with previous logic:
703
+ * 1. Client hello indicates TLS 1.2
704
+ * 2. Server hello says TLS 1.0
705
+ * 3. RSA encrypted premaster secret uses 1.2.
706
+ * 4. Handhaked proceeds using TLS 1.0.
707
+ * 5. Server sends hello request to renegotiate.
708
+ * 6. Client hello indicates TLS v1.0 as we now
709
+ * know that is maximum server supports.
710
+ * 7. Server chokes on RSA encrypted premaster secret
711
+ * containing version 1.0.
712
+ *
713
+ * For interoperability it should be OK to always use the
714
+ * maximum version we support in client hello and then rely
715
+ * on the checking of version to ensure the servers isn't
716
+ * being inconsistent: for example initially negotiating with
717
+ * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
718
+ * client_version in client hello and not resetting it to
719
+ * the negotiated version.
720
+ */
721
+ #if 0
722
+ *(p++)=s->version>>8;
723
+ *(p++)=s->version&0xff;
724
+ s->client_version=s->version;
725
+ #else
726
+ *(p++)=s->client_version>>8;
727
+ *(p++)=s->client_version&0xff;
728
+ #endif
729
+
730
+ /* Random stuff */
731
+ memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
732
+ p+=SSL3_RANDOM_SIZE;
733
+
734
+ /* Session ID */
735
+ if (s->new_session)
736
+ i=0;
737
+ else
738
+ i=s->session->session_id_length;
739
+ *(p++)=i;
740
+ if (i != 0)
741
+ {
742
+ if (i > (int)sizeof(s->session->session_id))
743
+ {
744
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
745
+ goto err;
746
+ }
747
+ memcpy(p,s->session->session_id,i);
748
+ p+=i;
749
+ }
750
+
751
+ /* Ciphers supported */
752
+ i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),0);
753
+ if (i == 0)
754
+ {
755
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
756
+ goto err;
757
+ }
758
+ #ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
759
+ /* Some servers hang if client hello > 256 bytes
760
+ * as hack workaround chop number of supported ciphers
761
+ * to keep it well below this if we use TLS v1.2
762
+ */
763
+ if (TLS1_get_version(s) >= TLS1_2_VERSION
764
+ && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
765
+ i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
766
+ #endif
767
+ s2n(i,p);
768
+ p+=i;
769
+
770
+ /* COMPRESSION */
771
+ #ifdef OPENSSL_NO_COMP
772
+ *(p++)=1;
773
+ #else
774
+
775
+ if ((s->options & SSL_OP_NO_COMPRESSION)
776
+ || !s->ctx->comp_methods)
777
+ j=0;
778
+ else
779
+ j=sk_SSL_COMP_num(s->ctx->comp_methods);
780
+ *(p++)=1+j;
781
+ for (i=0; i<j; i++)
782
+ {
783
+ comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
784
+ *(p++)=comp->id;
785
+ }
786
+ #endif
787
+ *(p++)=0; /* Add the NULL method */
788
+
789
+ #ifndef OPENSSL_NO_TLSEXT
790
+ /* TLS extensions*/
791
+ if (ssl_prepare_clienthello_tlsext(s) <= 0)
792
+ {
793
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
794
+ goto err;
795
+ }
796
+ if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
797
+ {
798
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
799
+ goto err;
800
+ }
801
+ #endif
802
+
803
+ l=(p-d);
804
+ d=buf;
805
+ *(d++)=SSL3_MT_CLIENT_HELLO;
806
+ l2n3(l,d);
807
+
808
+ s->state=SSL3_ST_CW_CLNT_HELLO_B;
809
+ /* number of bytes to write */
810
+ s->init_num=p-buf;
811
+ s->init_off=0;
812
+ }
813
+
814
+ /* SSL3_ST_CW_CLNT_HELLO_B */
815
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
816
+ err:
817
+ return(-1);
818
+ }
819
+
820
+ int ssl3_get_server_hello(SSL *s)
821
+ {
822
+ STACK_OF(SSL_CIPHER) *sk;
823
+ const SSL_CIPHER *c;
824
+ unsigned char *p,*d;
825
+ int i,al,ok;
826
+ unsigned int j;
827
+ long n;
828
+ #ifndef OPENSSL_NO_COMP
829
+ SSL_COMP *comp;
830
+ #endif
831
+
832
+ n=s->method->ssl_get_message(s,
833
+ SSL3_ST_CR_SRVR_HELLO_A,
834
+ SSL3_ST_CR_SRVR_HELLO_B,
835
+ -1,
836
+ 20000, /* ?? */
837
+ &ok);
838
+
839
+ if (!ok) return((int)n);
840
+
841
+ if ( SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
842
+ {
843
+ if ( s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST)
844
+ {
845
+ if ( s->d1->send_cookie == 0)
846
+ {
847
+ s->s3->tmp.reuse_message = 1;
848
+ return 1;
849
+ }
850
+ else /* already sent a cookie */
851
+ {
852
+ al=SSL_AD_UNEXPECTED_MESSAGE;
853
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_MESSAGE_TYPE);
854
+ goto f_err;
855
+ }
856
+ }
857
+ }
858
+
859
+ if ( s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO)
860
+ {
861
+ al=SSL_AD_UNEXPECTED_MESSAGE;
862
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_MESSAGE_TYPE);
863
+ goto f_err;
864
+ }
865
+
866
+ d=p=(unsigned char *)s->init_msg;
867
+
868
+ if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
869
+ {
870
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
871
+ s->version=(s->version&0xff00)|p[1];
872
+ al=SSL_AD_PROTOCOL_VERSION;
873
+ goto f_err;
874
+ }
875
+ p+=2;
876
+
877
+ /* load the server hello data */
878
+ /* load the server random */
879
+ memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE);
880
+ p+=SSL3_RANDOM_SIZE;
881
+
882
+ /* get the session-id */
883
+ j= *(p++);
884
+
885
+ if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE))
886
+ {
887
+ al=SSL_AD_ILLEGAL_PARAMETER;
888
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);
889
+ goto f_err;
890
+ }
891
+
892
+ #ifndef OPENSSL_NO_TLSEXT
893
+ /* check if we want to resume the session based on external pre-shared secret */
894
+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb)
895
+ {
896
+ SSL_CIPHER *pref_cipher=NULL;
897
+ s->session->master_key_length=sizeof(s->session->master_key);
898
+ if (s->tls_session_secret_cb(s, s->session->master_key,
899
+ &s->session->master_key_length,
900
+ NULL, &pref_cipher,
901
+ s->tls_session_secret_cb_arg))
902
+ {
903
+ s->session->cipher = pref_cipher ?
904
+ pref_cipher : ssl_get_cipher_by_char(s, p+j);
905
+ }
906
+ }
907
+ #endif /* OPENSSL_NO_TLSEXT */
908
+
909
+ if (j != 0 && j == s->session->session_id_length
910
+ && memcmp(p,s->session->session_id,j) == 0)
911
+ {
912
+ if(s->sid_ctx_length != s->session->sid_ctx_length
913
+ || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
914
+ {
915
+ /* actually a client application bug */
916
+ al=SSL_AD_ILLEGAL_PARAMETER;
917
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
918
+ goto f_err;
919
+ }
920
+ s->hit=1;
921
+ }
922
+ else /* a miss or crap from the other end */
923
+ {
924
+ /* If we were trying for session-id reuse, make a new
925
+ * SSL_SESSION so we don't stuff up other people */
926
+ s->hit=0;
927
+ if (s->session->session_id_length > 0)
928
+ {
929
+ if (!ssl_get_new_session(s,0))
930
+ {
931
+ al=SSL_AD_INTERNAL_ERROR;
932
+ goto f_err;
933
+ }
934
+ }
935
+ s->session->session_id_length=j;
936
+ memcpy(s->session->session_id,p,j); /* j could be 0 */
937
+ }
938
+ p+=j;
939
+ c=ssl_get_cipher_by_char(s,p);
940
+ if (c == NULL)
941
+ {
942
+ /* unknown cipher */
943
+ al=SSL_AD_ILLEGAL_PARAMETER;
944
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
945
+ goto f_err;
946
+ }
947
+ /* TLS v1.2 only ciphersuites require v1.2 or later */
948
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
949
+ (TLS1_get_version(s) < TLS1_2_VERSION))
950
+ {
951
+ al=SSL_AD_ILLEGAL_PARAMETER;
952
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
953
+ goto f_err;
954
+ }
955
+ p+=ssl_put_cipher_by_char(s,NULL,NULL);
956
+
957
+ sk=ssl_get_ciphers_by_id(s);
958
+ i=sk_SSL_CIPHER_find(sk,c);
959
+ if (i < 0)
960
+ {
961
+ /* we did not say we would use this cipher */
962
+ al=SSL_AD_ILLEGAL_PARAMETER;
963
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
964
+ goto f_err;
965
+ }
966
+
967
+ /* Depending on the session caching (internal/external), the cipher
968
+ and/or cipher_id values may not be set. Make sure that
969
+ cipher_id is set and use it for comparison. */
970
+ if (s->session->cipher)
971
+ s->session->cipher_id = s->session->cipher->id;
972
+ if (s->hit && (s->session->cipher_id != c->id))
973
+ {
974
+ /* Workaround is now obsolete */
975
+ #if 0
976
+ if (!(s->options &
977
+ SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
978
+ #endif
979
+ {
980
+ al=SSL_AD_ILLEGAL_PARAMETER;
981
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
982
+ goto f_err;
983
+ }
984
+ }
985
+ s->s3->tmp.new_cipher=c;
986
+ /* Don't digest cached records if TLS v1.2: we may need them for
987
+ * client authentication.
988
+ */
989
+ if (TLS1_get_version(s) < TLS1_2_VERSION && !ssl3_digest_cached_records(s))
990
+ goto f_err;
991
+ /* lets get the compression algorithm */
992
+ /* COMPRESSION */
993
+ #ifdef OPENSSL_NO_COMP
994
+ if (*(p++) != 0)
995
+ {
996
+ al=SSL_AD_ILLEGAL_PARAMETER;
997
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
998
+ goto f_err;
999
+ }
1000
+ /* If compression is disabled we'd better not try to resume a session
1001
+ * using compression.
1002
+ */
1003
+ if (s->session->compress_meth != 0)
1004
+ {
1005
+ al=SSL_AD_INTERNAL_ERROR;
1006
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
1007
+ goto f_err;
1008
+ }
1009
+ #else
1010
+ j= *(p++);
1011
+ if (s->hit && j != s->session->compress_meth)
1012
+ {
1013
+ al=SSL_AD_ILLEGAL_PARAMETER;
1014
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
1015
+ goto f_err;
1016
+ }
1017
+ if (j == 0)
1018
+ comp=NULL;
1019
+ else if (s->options & SSL_OP_NO_COMPRESSION)
1020
+ {
1021
+ al=SSL_AD_ILLEGAL_PARAMETER;
1022
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_COMPRESSION_DISABLED);
1023
+ goto f_err;
1024
+ }
1025
+ else
1026
+ comp=ssl3_comp_find(s->ctx->comp_methods,j);
1027
+
1028
+ if ((j != 0) && (comp == NULL))
1029
+ {
1030
+ al=SSL_AD_ILLEGAL_PARAMETER;
1031
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
1032
+ goto f_err;
1033
+ }
1034
+ else
1035
+ {
1036
+ s->s3->tmp.new_compression=comp;
1037
+ }
1038
+ #endif
1039
+
1040
+ #ifndef OPENSSL_NO_TLSEXT
1041
+ /* TLS extensions*/
1042
+ if (s->version >= SSL3_VERSION)
1043
+ {
1044
+ if (!ssl_parse_serverhello_tlsext(s,&p,d,n, &al))
1045
+ {
1046
+ /* 'al' set by ssl_parse_serverhello_tlsext */
1047
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_PARSE_TLSEXT);
1048
+ goto f_err;
1049
+ }
1050
+ if (ssl_check_serverhello_tlsext(s) <= 0)
1051
+ {
1052
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT);
1053
+ goto err;
1054
+ }
1055
+ }
1056
+ #endif
1057
+
1058
+ if (p != (d+n))
1059
+ {
1060
+ /* wrong packet length */
1061
+ al=SSL_AD_DECODE_ERROR;
1062
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
1063
+ goto f_err;
1064
+ }
1065
+
1066
+ return(1);
1067
+ f_err:
1068
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
1069
+ err:
1070
+ return(-1);
1071
+ }
1072
+
1073
+ int ssl3_get_server_certificate(SSL *s)
1074
+ {
1075
+ int al,i,ok,ret= -1;
1076
+ unsigned long n,nc,llen,l;
1077
+ X509 *x=NULL;
1078
+ const unsigned char *q,*p;
1079
+ unsigned char *d;
1080
+ STACK_OF(X509) *sk=NULL;
1081
+ SESS_CERT *sc;
1082
+ EVP_PKEY *pkey=NULL;
1083
+ int need_cert = 1; /* VRS: 0=> will allow null cert if auth == KRB5 */
1084
+
1085
+ n=s->method->ssl_get_message(s,
1086
+ SSL3_ST_CR_CERT_A,
1087
+ SSL3_ST_CR_CERT_B,
1088
+ -1,
1089
+ s->max_cert_list,
1090
+ &ok);
1091
+
1092
+ if (!ok) return((int)n);
1093
+
1094
+ if ((s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) ||
1095
+ ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) &&
1096
+ (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)))
1097
+ {
1098
+ s->s3->tmp.reuse_message=1;
1099
+ return(1);
1100
+ }
1101
+
1102
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
1103
+ {
1104
+ al=SSL_AD_UNEXPECTED_MESSAGE;
1105
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
1106
+ goto f_err;
1107
+ }
1108
+ p=d=(unsigned char *)s->init_msg;
1109
+
1110
+ if ((sk=sk_X509_new_null()) == NULL)
1111
+ {
1112
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1113
+ goto err;
1114
+ }
1115
+
1116
+ n2l3(p,llen);
1117
+ if (llen+3 != n)
1118
+ {
1119
+ al=SSL_AD_DECODE_ERROR;
1120
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
1121
+ goto f_err;
1122
+ }
1123
+ for (nc=0; nc<llen; )
1124
+ {
1125
+ n2l3(p,l);
1126
+ if ((l+nc+3) > llen)
1127
+ {
1128
+ al=SSL_AD_DECODE_ERROR;
1129
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
1130
+ goto f_err;
1131
+ }
1132
+
1133
+ q=p;
1134
+ x=d2i_X509(NULL,&q,l);
1135
+ if (x == NULL)
1136
+ {
1137
+ al=SSL_AD_BAD_CERTIFICATE;
1138
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
1139
+ goto f_err;
1140
+ }
1141
+ if (q != (p+l))
1142
+ {
1143
+ al=SSL_AD_DECODE_ERROR;
1144
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
1145
+ goto f_err;
1146
+ }
1147
+ if (!sk_X509_push(sk,x))
1148
+ {
1149
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
1150
+ goto err;
1151
+ }
1152
+ x=NULL;
1153
+ nc+=l+3;
1154
+ p=q;
1155
+ }
1156
+
1157
+ i=ssl_verify_cert_chain(s,sk);
1158
+ if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)
1159
+ #ifndef OPENSSL_NO_KRB5
1160
+ && !((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
1161
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
1162
+ #endif /* OPENSSL_NO_KRB5 */
1163
+ )
1164
+ {
1165
+ al=ssl_verify_alarm_type(s->verify_result);
1166
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
1167
+ goto f_err;
1168
+ }
1169
+ ERR_clear_error(); /* but we keep s->verify_result */
1170
+
1171
+ sc=ssl_sess_cert_new();
1172
+ if (sc == NULL) goto err;
1173
+
1174
+ if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert);
1175
+ s->session->sess_cert=sc;
1176
+
1177
+ sc->cert_chain=sk;
1178
+ /* Inconsistency alert: cert_chain does include the peer's
1179
+ * certificate, which we don't include in s3_srvr.c */
1180
+ x=sk_X509_value(sk,0);
1181
+ sk=NULL;
1182
+ /* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/
1183
+
1184
+ pkey=X509_get_pubkey(x);
1185
+
1186
+ /* VRS: allow null cert if auth == KRB5 */
1187
+ need_cert = ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
1188
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
1189
+ ? 0 : 1;
1190
+
1191
+ #ifdef KSSL_DEBUG
1192
+ printf("pkey,x = %p, %p\n", pkey,x);
1193
+ printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
1194
+ printf("cipher, alg, nc = %s, %lx, %lx, %d\n", s->s3->tmp.new_cipher->name,
1195
+ s->s3->tmp.new_cipher->algorithm_mkey, s->s3->tmp.new_cipher->algorithm_auth, need_cert);
1196
+ #endif /* KSSL_DEBUG */
1197
+
1198
+ if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)))
1199
+ {
1200
+ x=NULL;
1201
+ al=SSL3_AL_FATAL;
1202
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
1203
+ SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
1204
+ goto f_err;
1205
+ }
1206
+
1207
+ i=ssl_cert_type(x,pkey);
1208
+ if (need_cert && i < 0)
1209
+ {
1210
+ x=NULL;
1211
+ al=SSL3_AL_FATAL;
1212
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
1213
+ SSL_R_UNKNOWN_CERTIFICATE_TYPE);
1214
+ goto f_err;
1215
+ }
1216
+
1217
+ if (need_cert)
1218
+ {
1219
+ sc->peer_cert_type=i;
1220
+ CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
1221
+ /* Why would the following ever happen?
1222
+ * We just created sc a couple of lines ago. */
1223
+ if (sc->peer_pkeys[i].x509 != NULL)
1224
+ X509_free(sc->peer_pkeys[i].x509);
1225
+ sc->peer_pkeys[i].x509=x;
1226
+ sc->peer_key= &(sc->peer_pkeys[i]);
1227
+
1228
+ if (s->session->peer != NULL)
1229
+ X509_free(s->session->peer);
1230
+ CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
1231
+ s->session->peer=x;
1232
+ }
1233
+ else
1234
+ {
1235
+ sc->peer_cert_type=i;
1236
+ sc->peer_key= NULL;
1237
+
1238
+ if (s->session->peer != NULL)
1239
+ X509_free(s->session->peer);
1240
+ s->session->peer=NULL;
1241
+ }
1242
+ s->session->verify_result = s->verify_result;
1243
+
1244
+ x=NULL;
1245
+ ret=1;
1246
+
1247
+ if (0)
1248
+ {
1249
+ f_err:
1250
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
1251
+ }
1252
+ err:
1253
+ EVP_PKEY_free(pkey);
1254
+ X509_free(x);
1255
+ sk_X509_pop_free(sk,X509_free);
1256
+ return(ret);
1257
+ }
1258
+
1259
+ int ssl3_get_key_exchange(SSL *s)
1260
+ {
1261
+ #ifndef OPENSSL_NO_RSA
1262
+ unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
1263
+ #endif
1264
+ EVP_MD_CTX md_ctx;
1265
+ unsigned char *param,*p;
1266
+ int al,i,j,param_len,ok;
1267
+ long n,alg_k,alg_a;
1268
+ EVP_PKEY *pkey=NULL;
1269
+ const EVP_MD *md = NULL;
1270
+ #ifndef OPENSSL_NO_RSA
1271
+ RSA *rsa=NULL;
1272
+ #endif
1273
+ #ifndef OPENSSL_NO_DH
1274
+ DH *dh=NULL;
1275
+ #endif
1276
+ #ifndef OPENSSL_NO_ECDH
1277
+ EC_KEY *ecdh = NULL;
1278
+ BN_CTX *bn_ctx = NULL;
1279
+ EC_POINT *srvr_ecpoint = NULL;
1280
+ int curve_nid = 0;
1281
+ int encoded_pt_len = 0;
1282
+ #endif
1283
+
1284
+ /* use same message size as in ssl3_get_certificate_request()
1285
+ * as ServerKeyExchange message may be skipped */
1286
+ n=s->method->ssl_get_message(s,
1287
+ SSL3_ST_CR_KEY_EXCH_A,
1288
+ SSL3_ST_CR_KEY_EXCH_B,
1289
+ -1,
1290
+ s->max_cert_list,
1291
+ &ok);
1292
+ if (!ok) return((int)n);
1293
+
1294
+ if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
1295
+ {
1296
+ #ifndef OPENSSL_NO_PSK
1297
+ /* In plain PSK ciphersuite, ServerKeyExchange can be
1298
+ omitted if no identity hint is sent. Set
1299
+ session->sess_cert anyway to avoid problems
1300
+ later.*/
1301
+ if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)
1302
+ {
1303
+ s->session->sess_cert=ssl_sess_cert_new();
1304
+ if (s->ctx->psk_identity_hint)
1305
+ OPENSSL_free(s->ctx->psk_identity_hint);
1306
+ s->ctx->psk_identity_hint = NULL;
1307
+ }
1308
+ #endif
1309
+ s->s3->tmp.reuse_message=1;
1310
+ return(1);
1311
+ }
1312
+
1313
+ param=p=(unsigned char *)s->init_msg;
1314
+ if (s->session->sess_cert != NULL)
1315
+ {
1316
+ #ifndef OPENSSL_NO_RSA
1317
+ if (s->session->sess_cert->peer_rsa_tmp != NULL)
1318
+ {
1319
+ RSA_free(s->session->sess_cert->peer_rsa_tmp);
1320
+ s->session->sess_cert->peer_rsa_tmp=NULL;
1321
+ }
1322
+ #endif
1323
+ #ifndef OPENSSL_NO_DH
1324
+ if (s->session->sess_cert->peer_dh_tmp)
1325
+ {
1326
+ DH_free(s->session->sess_cert->peer_dh_tmp);
1327
+ s->session->sess_cert->peer_dh_tmp=NULL;
1328
+ }
1329
+ #endif
1330
+ #ifndef OPENSSL_NO_ECDH
1331
+ if (s->session->sess_cert->peer_ecdh_tmp)
1332
+ {
1333
+ EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
1334
+ s->session->sess_cert->peer_ecdh_tmp=NULL;
1335
+ }
1336
+ #endif
1337
+ }
1338
+ else
1339
+ {
1340
+ s->session->sess_cert=ssl_sess_cert_new();
1341
+ }
1342
+
1343
+ param_len=0;
1344
+ alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
1345
+ alg_a=s->s3->tmp.new_cipher->algorithm_auth;
1346
+ EVP_MD_CTX_init(&md_ctx);
1347
+
1348
+ #ifndef OPENSSL_NO_PSK
1349
+ if (alg_k & SSL_kPSK)
1350
+ {
1351
+ char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1];
1352
+
1353
+ al=SSL_AD_HANDSHAKE_FAILURE;
1354
+ n2s(p,i);
1355
+ param_len=i+2;
1356
+ /* Store PSK identity hint for later use, hint is used
1357
+ * in ssl3_send_client_key_exchange. Assume that the
1358
+ * maximum length of a PSK identity hint can be as
1359
+ * long as the maximum length of a PSK identity. */
1360
+ if (i > PSK_MAX_IDENTITY_LEN)
1361
+ {
1362
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
1363
+ SSL_R_DATA_LENGTH_TOO_LONG);
1364
+ goto f_err;
1365
+ }
1366
+ if (param_len > n)
1367
+ {
1368
+ al=SSL_AD_DECODE_ERROR;
1369
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
1370
+ SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
1371
+ goto f_err;
1372
+ }
1373
+ /* If received PSK identity hint contains NULL
1374
+ * characters, the hint is truncated from the first
1375
+ * NULL. p may not be ending with NULL, so create a
1376
+ * NULL-terminated string. */
1377
+ memcpy(tmp_id_hint, p, i);
1378
+ memset(tmp_id_hint+i, 0, PSK_MAX_IDENTITY_LEN+1-i);
1379
+ if (s->ctx->psk_identity_hint != NULL)
1380
+ OPENSSL_free(s->ctx->psk_identity_hint);
1381
+ s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);
1382
+ if (s->ctx->psk_identity_hint == NULL)
1383
+ {
1384
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
1385
+ goto f_err;
1386
+ }
1387
+
1388
+ p+=i;
1389
+ n-=param_len;
1390
+ }
1391
+ else
1392
+ #endif /* !OPENSSL_NO_PSK */
1393
+ #ifndef OPENSSL_NO_SRP
1394
+ if (alg_k & SSL_kSRP)
1395
+ {
1396
+ n2s(p,i);
1397
+ param_len=i+2;
1398
+ if (param_len > n)
1399
+ {
1400
+ al=SSL_AD_DECODE_ERROR;
1401
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_N_LENGTH);
1402
+ goto f_err;
1403
+ }
1404
+ if (!(s->srp_ctx.N=BN_bin2bn(p,i,NULL)))
1405
+ {
1406
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1407
+ goto err;
1408
+ }
1409
+ p+=i;
1410
+
1411
+ n2s(p,i);
1412
+ param_len+=i+2;
1413
+ if (param_len > n)
1414
+ {
1415
+ al=SSL_AD_DECODE_ERROR;
1416
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_G_LENGTH);
1417
+ goto f_err;
1418
+ }
1419
+ if (!(s->srp_ctx.g=BN_bin2bn(p,i,NULL)))
1420
+ {
1421
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1422
+ goto err;
1423
+ }
1424
+ p+=i;
1425
+
1426
+ i = (unsigned int)(p[0]);
1427
+ p++;
1428
+ param_len+=i+1;
1429
+ if (param_len > n)
1430
+ {
1431
+ al=SSL_AD_DECODE_ERROR;
1432
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_S_LENGTH);
1433
+ goto f_err;
1434
+ }
1435
+ if (!(s->srp_ctx.s=BN_bin2bn(p,i,NULL)))
1436
+ {
1437
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1438
+ goto err;
1439
+ }
1440
+ p+=i;
1441
+
1442
+ n2s(p,i);
1443
+ param_len+=i+2;
1444
+ if (param_len > n)
1445
+ {
1446
+ al=SSL_AD_DECODE_ERROR;
1447
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_B_LENGTH);
1448
+ goto f_err;
1449
+ }
1450
+ if (!(s->srp_ctx.B=BN_bin2bn(p,i,NULL)))
1451
+ {
1452
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1453
+ goto err;
1454
+ }
1455
+ p+=i;
1456
+ n-=param_len;
1457
+
1458
+ /* We must check if there is a certificate */
1459
+ #ifndef OPENSSL_NO_RSA
1460
+ if (alg_a & SSL_aRSA)
1461
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1462
+ #else
1463
+ if (0)
1464
+ ;
1465
+ #endif
1466
+ #ifndef OPENSSL_NO_DSA
1467
+ else if (alg_a & SSL_aDSS)
1468
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
1469
+ #endif
1470
+ }
1471
+ else
1472
+ #endif /* !OPENSSL_NO_SRP */
1473
+ #ifndef OPENSSL_NO_RSA
1474
+ if (alg_k & SSL_kRSA)
1475
+ {
1476
+ if ((rsa=RSA_new()) == NULL)
1477
+ {
1478
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
1479
+ goto err;
1480
+ }
1481
+ n2s(p,i);
1482
+ param_len=i+2;
1483
+ if (param_len > n)
1484
+ {
1485
+ al=SSL_AD_DECODE_ERROR;
1486
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
1487
+ goto f_err;
1488
+ }
1489
+ if (!(rsa->n=BN_bin2bn(p,i,rsa->n)))
1490
+ {
1491
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1492
+ goto err;
1493
+ }
1494
+ p+=i;
1495
+
1496
+ n2s(p,i);
1497
+ param_len+=i+2;
1498
+ if (param_len > n)
1499
+ {
1500
+ al=SSL_AD_DECODE_ERROR;
1501
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
1502
+ goto f_err;
1503
+ }
1504
+ if (!(rsa->e=BN_bin2bn(p,i,rsa->e)))
1505
+ {
1506
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1507
+ goto err;
1508
+ }
1509
+ p+=i;
1510
+ n-=param_len;
1511
+
1512
+ /* this should be because we are using an export cipher */
1513
+ if (alg_a & SSL_aRSA)
1514
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1515
+ else
1516
+ {
1517
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1518
+ goto err;
1519
+ }
1520
+ s->session->sess_cert->peer_rsa_tmp=rsa;
1521
+ rsa=NULL;
1522
+ }
1523
+ #else /* OPENSSL_NO_RSA */
1524
+ if (0)
1525
+ ;
1526
+ #endif
1527
+ #ifndef OPENSSL_NO_DH
1528
+ else if (alg_k & SSL_kEDH)
1529
+ {
1530
+ if ((dh=DH_new()) == NULL)
1531
+ {
1532
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB);
1533
+ goto err;
1534
+ }
1535
+ n2s(p,i);
1536
+ param_len=i+2;
1537
+ if (param_len > n)
1538
+ {
1539
+ al=SSL_AD_DECODE_ERROR;
1540
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
1541
+ goto f_err;
1542
+ }
1543
+ if (!(dh->p=BN_bin2bn(p,i,NULL)))
1544
+ {
1545
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1546
+ goto err;
1547
+ }
1548
+ p+=i;
1549
+
1550
+ n2s(p,i);
1551
+ param_len+=i+2;
1552
+ if (param_len > n)
1553
+ {
1554
+ al=SSL_AD_DECODE_ERROR;
1555
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
1556
+ goto f_err;
1557
+ }
1558
+ if (!(dh->g=BN_bin2bn(p,i,NULL)))
1559
+ {
1560
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1561
+ goto err;
1562
+ }
1563
+ p+=i;
1564
+
1565
+ n2s(p,i);
1566
+ param_len+=i+2;
1567
+ if (param_len > n)
1568
+ {
1569
+ al=SSL_AD_DECODE_ERROR;
1570
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
1571
+ goto f_err;
1572
+ }
1573
+ if (!(dh->pub_key=BN_bin2bn(p,i,NULL)))
1574
+ {
1575
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
1576
+ goto err;
1577
+ }
1578
+ p+=i;
1579
+ n-=param_len;
1580
+
1581
+ #ifndef OPENSSL_NO_RSA
1582
+ if (alg_a & SSL_aRSA)
1583
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1584
+ #else
1585
+ if (0)
1586
+ ;
1587
+ #endif
1588
+ #ifndef OPENSSL_NO_DSA
1589
+ else if (alg_a & SSL_aDSS)
1590
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
1591
+ #endif
1592
+ /* else anonymous DH, so no certificate or pkey. */
1593
+
1594
+ s->session->sess_cert->peer_dh_tmp=dh;
1595
+ dh=NULL;
1596
+ }
1597
+ else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd))
1598
+ {
1599
+ al=SSL_AD_ILLEGAL_PARAMETER;
1600
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
1601
+ goto f_err;
1602
+ }
1603
+ #endif /* !OPENSSL_NO_DH */
1604
+
1605
+ #ifndef OPENSSL_NO_ECDH
1606
+ else if (alg_k & SSL_kEECDH)
1607
+ {
1608
+ EC_GROUP *ngroup;
1609
+ const EC_GROUP *group;
1610
+
1611
+ if ((ecdh=EC_KEY_new()) == NULL)
1612
+ {
1613
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
1614
+ goto err;
1615
+ }
1616
+
1617
+ /* Extract elliptic curve parameters and the
1618
+ * server's ephemeral ECDH public key.
1619
+ * Keep accumulating lengths of various components in
1620
+ * param_len and make sure it never exceeds n.
1621
+ */
1622
+
1623
+ /* XXX: For now we only support named (not generic) curves
1624
+ * and the ECParameters in this case is just three bytes.
1625
+ */
1626
+ param_len=3;
1627
+ if ((param_len > n) ||
1628
+ (*p != NAMED_CURVE_TYPE) ||
1629
+ ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0))
1630
+ {
1631
+ al=SSL_AD_INTERNAL_ERROR;
1632
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
1633
+ goto f_err;
1634
+ }
1635
+
1636
+ ngroup = EC_GROUP_new_by_curve_name(curve_nid);
1637
+ if (ngroup == NULL)
1638
+ {
1639
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_EC_LIB);
1640
+ goto err;
1641
+ }
1642
+ if (EC_KEY_set_group(ecdh, ngroup) == 0)
1643
+ {
1644
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_EC_LIB);
1645
+ goto err;
1646
+ }
1647
+ EC_GROUP_free(ngroup);
1648
+
1649
+ group = EC_KEY_get0_group(ecdh);
1650
+
1651
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
1652
+ (EC_GROUP_get_degree(group) > 163))
1653
+ {
1654
+ al=SSL_AD_EXPORT_RESTRICTION;
1655
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
1656
+ goto f_err;
1657
+ }
1658
+
1659
+ p+=3;
1660
+
1661
+ /* Next, get the encoded ECPoint */
1662
+ if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
1663
+ ((bn_ctx = BN_CTX_new()) == NULL))
1664
+ {
1665
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
1666
+ goto err;
1667
+ }
1668
+
1669
+ encoded_pt_len = *p; /* length of encoded point */
1670
+ p+=1;
1671
+ param_len += (1 + encoded_pt_len);
1672
+ if ((param_len > n) ||
1673
+ (EC_POINT_oct2point(group, srvr_ecpoint,
1674
+ p, encoded_pt_len, bn_ctx) == 0))
1675
+ {
1676
+ al=SSL_AD_DECODE_ERROR;
1677
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_ECPOINT);
1678
+ goto f_err;
1679
+ }
1680
+
1681
+ n-=param_len;
1682
+ p+=encoded_pt_len;
1683
+
1684
+ /* The ECC/TLS specification does not mention
1685
+ * the use of DSA to sign ECParameters in the server
1686
+ * key exchange message. We do support RSA and ECDSA.
1687
+ */
1688
+ if (0) ;
1689
+ #ifndef OPENSSL_NO_RSA
1690
+ else if (alg_a & SSL_aRSA)
1691
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1692
+ #endif
1693
+ #ifndef OPENSSL_NO_ECDSA
1694
+ else if (alg_a & SSL_aECDSA)
1695
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
1696
+ #endif
1697
+ /* else anonymous ECDH, so no certificate or pkey. */
1698
+ EC_KEY_set_public_key(ecdh, srvr_ecpoint);
1699
+ s->session->sess_cert->peer_ecdh_tmp=ecdh;
1700
+ ecdh=NULL;
1701
+ BN_CTX_free(bn_ctx);
1702
+ bn_ctx = NULL;
1703
+ EC_POINT_free(srvr_ecpoint);
1704
+ srvr_ecpoint = NULL;
1705
+ }
1706
+ else if (alg_k)
1707
+ {
1708
+ al=SSL_AD_UNEXPECTED_MESSAGE;
1709
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
1710
+ goto f_err;
1711
+ }
1712
+ #endif /* !OPENSSL_NO_ECDH */
1713
+
1714
+
1715
+ /* p points to the next byte, there are 'n' bytes left */
1716
+
1717
+ /* if it was signed, check the signature */
1718
+ if (pkey != NULL)
1719
+ {
1720
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
1721
+ {
1722
+ int sigalg = tls12_get_sigid(pkey);
1723
+ /* Should never happen */
1724
+ if (sigalg == -1)
1725
+ {
1726
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1727
+ goto err;
1728
+ }
1729
+ /* Check key type is consistent with signature */
1730
+ if (sigalg != (int)p[1])
1731
+ {
1732
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_TYPE);
1733
+ al=SSL_AD_DECODE_ERROR;
1734
+ goto f_err;
1735
+ }
1736
+ md = tls12_get_hash(p[0]);
1737
+ if (md == NULL)
1738
+ {
1739
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNKNOWN_DIGEST);
1740
+ al=SSL_AD_DECODE_ERROR;
1741
+ goto f_err;
1742
+ }
1743
+ #ifdef SSL_DEBUG
1744
+ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
1745
+ #endif
1746
+ p += 2;
1747
+ n -= 2;
1748
+ }
1749
+ else
1750
+ md = EVP_sha1();
1751
+
1752
+ n2s(p,i);
1753
+ n-=2;
1754
+ j=EVP_PKEY_size(pkey);
1755
+
1756
+ if ((i != n) || (n > j) || (n <= 0))
1757
+ {
1758
+ /* wrong packet length */
1759
+ al=SSL_AD_DECODE_ERROR;
1760
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
1761
+ goto f_err;
1762
+ }
1763
+
1764
+ #ifndef OPENSSL_NO_RSA
1765
+ if (pkey->type == EVP_PKEY_RSA && TLS1_get_version(s) < TLS1_2_VERSION)
1766
+ {
1767
+ int num;
1768
+
1769
+ j=0;
1770
+ q=md_buf;
1771
+ for (num=2; num > 0; num--)
1772
+ {
1773
+ EVP_MD_CTX_set_flags(&md_ctx,
1774
+ EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
1775
+ EVP_DigestInit_ex(&md_ctx,(num == 2)
1776
+ ?s->ctx->md5:s->ctx->sha1, NULL);
1777
+ EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1778
+ EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1779
+ EVP_DigestUpdate(&md_ctx,param,param_len);
1780
+ EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i);
1781
+ q+=i;
1782
+ j+=i;
1783
+ }
1784
+ i=RSA_verify(NID_md5_sha1, md_buf, j, p, n,
1785
+ pkey->pkey.rsa);
1786
+ if (i < 0)
1787
+ {
1788
+ al=SSL_AD_DECRYPT_ERROR;
1789
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
1790
+ goto f_err;
1791
+ }
1792
+ if (i == 0)
1793
+ {
1794
+ /* bad signature */
1795
+ al=SSL_AD_DECRYPT_ERROR;
1796
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
1797
+ goto f_err;
1798
+ }
1799
+ }
1800
+ else
1801
+ #endif
1802
+ {
1803
+ EVP_VerifyInit_ex(&md_ctx, md, NULL);
1804
+ EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1805
+ EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1806
+ EVP_VerifyUpdate(&md_ctx,param,param_len);
1807
+ if (EVP_VerifyFinal(&md_ctx,p,(int)n,pkey) <= 0)
1808
+ {
1809
+ /* bad signature */
1810
+ al=SSL_AD_DECRYPT_ERROR;
1811
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
1812
+ goto f_err;
1813
+ }
1814
+ }
1815
+ }
1816
+ else
1817
+ {
1818
+ if (!(alg_a & SSL_aNULL) && !(alg_k & SSL_kPSK))
1819
+ /* aNULL or kPSK do not need public keys */
1820
+ {
1821
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
1822
+ goto err;
1823
+ }
1824
+ /* still data left over */
1825
+ if (n != 0)
1826
+ {
1827
+ al=SSL_AD_DECODE_ERROR;
1828
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
1829
+ goto f_err;
1830
+ }
1831
+ }
1832
+ EVP_PKEY_free(pkey);
1833
+ EVP_MD_CTX_cleanup(&md_ctx);
1834
+ return(1);
1835
+ f_err:
1836
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
1837
+ err:
1838
+ EVP_PKEY_free(pkey);
1839
+ #ifndef OPENSSL_NO_RSA
1840
+ if (rsa != NULL)
1841
+ RSA_free(rsa);
1842
+ #endif
1843
+ #ifndef OPENSSL_NO_DH
1844
+ if (dh != NULL)
1845
+ DH_free(dh);
1846
+ #endif
1847
+ #ifndef OPENSSL_NO_ECDH
1848
+ BN_CTX_free(bn_ctx);
1849
+ EC_POINT_free(srvr_ecpoint);
1850
+ if (ecdh != NULL)
1851
+ EC_KEY_free(ecdh);
1852
+ #endif
1853
+ EVP_MD_CTX_cleanup(&md_ctx);
1854
+ return(-1);
1855
+ }
1856
+
1857
+ int ssl3_get_certificate_request(SSL *s)
1858
+ {
1859
+ int ok,ret=0;
1860
+ unsigned long n,nc,l;
1861
+ unsigned int llen, ctype_num,i;
1862
+ X509_NAME *xn=NULL;
1863
+ const unsigned char *p,*q;
1864
+ unsigned char *d;
1865
+ STACK_OF(X509_NAME) *ca_sk=NULL;
1866
+
1867
+ n=s->method->ssl_get_message(s,
1868
+ SSL3_ST_CR_CERT_REQ_A,
1869
+ SSL3_ST_CR_CERT_REQ_B,
1870
+ -1,
1871
+ s->max_cert_list,
1872
+ &ok);
1873
+
1874
+ if (!ok) return((int)n);
1875
+
1876
+ s->s3->tmp.cert_req=0;
1877
+
1878
+ if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
1879
+ {
1880
+ s->s3->tmp.reuse_message=1;
1881
+ /* If we get here we don't need any cached handshake records
1882
+ * as we wont be doing client auth.
1883
+ */
1884
+ if (s->s3->handshake_buffer)
1885
+ {
1886
+ if (!ssl3_digest_cached_records(s))
1887
+ goto err;
1888
+ }
1889
+ return(1);
1890
+ }
1891
+
1892
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
1893
+ {
1894
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
1895
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
1896
+ goto err;
1897
+ }
1898
+
1899
+ /* TLS does not like anon-DH with client cert */
1900
+ if (s->version > SSL3_VERSION)
1901
+ {
1902
+ if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
1903
+ {
1904
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
1905
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
1906
+ goto err;
1907
+ }
1908
+ }
1909
+
1910
+ p=d=(unsigned char *)s->init_msg;
1911
+
1912
+ if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL)
1913
+ {
1914
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
1915
+ goto err;
1916
+ }
1917
+
1918
+ /* get the certificate types */
1919
+ ctype_num= *(p++);
1920
+ if (ctype_num > SSL3_CT_NUMBER)
1921
+ ctype_num=SSL3_CT_NUMBER;
1922
+ for (i=0; i<ctype_num; i++)
1923
+ s->s3->tmp.ctype[i]= p[i];
1924
+ p+=ctype_num;
1925
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
1926
+ {
1927
+ n2s(p, llen);
1928
+ /* Check we have enough room for signature algorithms and
1929
+ * following length value.
1930
+ */
1931
+ if ((unsigned long)(p - d + llen + 2) > n)
1932
+ {
1933
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1934
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_DATA_LENGTH_TOO_LONG);
1935
+ goto err;
1936
+ }
1937
+ if ((llen & 1) || !tls1_process_sigalgs(s, p, llen))
1938
+ {
1939
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1940
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_SIGNATURE_ALGORITHMS_ERROR);
1941
+ goto err;
1942
+ }
1943
+ p += llen;
1944
+ }
1945
+
1946
+ /* get the CA RDNs */
1947
+ n2s(p,llen);
1948
+ #if 0
1949
+ {
1950
+ FILE *out;
1951
+ out=fopen("/tmp/vsign.der","w");
1952
+ fwrite(p,1,llen,out);
1953
+ fclose(out);
1954
+ }
1955
+ #endif
1956
+
1957
+ if ((unsigned long)(p - d + llen) != n)
1958
+ {
1959
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1960
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
1961
+ goto err;
1962
+ }
1963
+
1964
+ for (nc=0; nc<llen; )
1965
+ {
1966
+ n2s(p,l);
1967
+ if ((l+nc+2) > llen)
1968
+ {
1969
+ if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
1970
+ goto cont; /* netscape bugs */
1971
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1972
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
1973
+ goto err;
1974
+ }
1975
+
1976
+ q=p;
1977
+
1978
+ if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
1979
+ {
1980
+ /* If netscape tolerance is on, ignore errors */
1981
+ if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
1982
+ goto cont;
1983
+ else
1984
+ {
1985
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1986
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
1987
+ goto err;
1988
+ }
1989
+ }
1990
+
1991
+ if (q != (p+l))
1992
+ {
1993
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
1994
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
1995
+ goto err;
1996
+ }
1997
+ if (!sk_X509_NAME_push(ca_sk,xn))
1998
+ {
1999
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
2000
+ goto err;
2001
+ }
2002
+
2003
+ p+=l;
2004
+ nc+=l+2;
2005
+ }
2006
+
2007
+ if (0)
2008
+ {
2009
+ cont:
2010
+ ERR_clear_error();
2011
+ }
2012
+
2013
+ /* we should setup a certificate to return.... */
2014
+ s->s3->tmp.cert_req=1;
2015
+ s->s3->tmp.ctype_num=ctype_num;
2016
+ if (s->s3->tmp.ca_names != NULL)
2017
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
2018
+ s->s3->tmp.ca_names=ca_sk;
2019
+ ca_sk=NULL;
2020
+
2021
+ ret=1;
2022
+ err:
2023
+ if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk,X509_NAME_free);
2024
+ return(ret);
2025
+ }
2026
+
2027
+ static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
2028
+ {
2029
+ return(X509_NAME_cmp(*a,*b));
2030
+ }
2031
+ #ifndef OPENSSL_NO_TLSEXT
2032
+ int ssl3_get_new_session_ticket(SSL *s)
2033
+ {
2034
+ int ok,al,ret=0, ticklen;
2035
+ long n;
2036
+ const unsigned char *p;
2037
+ unsigned char *d;
2038
+
2039
+ n=s->method->ssl_get_message(s,
2040
+ SSL3_ST_CR_SESSION_TICKET_A,
2041
+ SSL3_ST_CR_SESSION_TICKET_B,
2042
+ -1,
2043
+ 16384,
2044
+ &ok);
2045
+
2046
+ if (!ok)
2047
+ return((int)n);
2048
+
2049
+ if (s->s3->tmp.message_type == SSL3_MT_FINISHED)
2050
+ {
2051
+ s->s3->tmp.reuse_message=1;
2052
+ return(1);
2053
+ }
2054
+ if (s->s3->tmp.message_type != SSL3_MT_NEWSESSION_TICKET)
2055
+ {
2056
+ al=SSL_AD_UNEXPECTED_MESSAGE;
2057
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,SSL_R_BAD_MESSAGE_TYPE);
2058
+ goto f_err;
2059
+ }
2060
+ if (n < 6)
2061
+ {
2062
+ /* need at least ticket_lifetime_hint + ticket length */
2063
+ al = SSL_AD_DECODE_ERROR;
2064
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,SSL_R_LENGTH_MISMATCH);
2065
+ goto f_err;
2066
+ }
2067
+
2068
+ p=d=(unsigned char *)s->init_msg;
2069
+ n2l(p, s->session->tlsext_tick_lifetime_hint);
2070
+ n2s(p, ticklen);
2071
+ /* ticket_lifetime_hint + ticket_length + ticket */
2072
+ if (ticklen + 6 != n)
2073
+ {
2074
+ al = SSL_AD_DECODE_ERROR;
2075
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,SSL_R_LENGTH_MISMATCH);
2076
+ goto f_err;
2077
+ }
2078
+ if (s->session->tlsext_tick)
2079
+ {
2080
+ OPENSSL_free(s->session->tlsext_tick);
2081
+ s->session->tlsext_ticklen = 0;
2082
+ }
2083
+ s->session->tlsext_tick = OPENSSL_malloc(ticklen);
2084
+ if (!s->session->tlsext_tick)
2085
+ {
2086
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,ERR_R_MALLOC_FAILURE);
2087
+ goto err;
2088
+ }
2089
+ memcpy(s->session->tlsext_tick, p, ticklen);
2090
+ s->session->tlsext_ticklen = ticklen;
2091
+ /* There are two ways to detect a resumed ticket sesion.
2092
+ * One is to set an appropriate session ID and then the server
2093
+ * must return a match in ServerHello. This allows the normal
2094
+ * client session ID matching to work and we know much
2095
+ * earlier that the ticket has been accepted.
2096
+ *
2097
+ * The other way is to set zero length session ID when the
2098
+ * ticket is presented and rely on the handshake to determine
2099
+ * session resumption.
2100
+ *
2101
+ * We choose the former approach because this fits in with
2102
+ * assumptions elsewhere in OpenSSL. The session ID is set
2103
+ * to the SHA256 (or SHA1 is SHA256 is disabled) hash of the
2104
+ * ticket.
2105
+ */
2106
+ EVP_Digest(p, ticklen,
2107
+ s->session->session_id, &s->session->session_id_length,
2108
+ #ifndef OPENSSL_NO_SHA256
2109
+ EVP_sha256(), NULL);
2110
+ #else
2111
+ EVP_sha1(), NULL);
2112
+ #endif
2113
+ ret=1;
2114
+ return(ret);
2115
+ f_err:
2116
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
2117
+ err:
2118
+ return(-1);
2119
+ }
2120
+
2121
+ int ssl3_get_cert_status(SSL *s)
2122
+ {
2123
+ int ok, al;
2124
+ unsigned long resplen,n;
2125
+ const unsigned char *p;
2126
+
2127
+ n=s->method->ssl_get_message(s,
2128
+ SSL3_ST_CR_CERT_STATUS_A,
2129
+ SSL3_ST_CR_CERT_STATUS_B,
2130
+ SSL3_MT_CERTIFICATE_STATUS,
2131
+ 16384,
2132
+ &ok);
2133
+
2134
+ if (!ok) return((int)n);
2135
+ if (n < 4)
2136
+ {
2137
+ /* need at least status type + length */
2138
+ al = SSL_AD_DECODE_ERROR;
2139
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_LENGTH_MISMATCH);
2140
+ goto f_err;
2141
+ }
2142
+ p = (unsigned char *)s->init_msg;
2143
+ if (*p++ != TLSEXT_STATUSTYPE_ocsp)
2144
+ {
2145
+ al = SSL_AD_DECODE_ERROR;
2146
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_UNSUPPORTED_STATUS_TYPE);
2147
+ goto f_err;
2148
+ }
2149
+ n2l3(p, resplen);
2150
+ if (resplen + 4 != n)
2151
+ {
2152
+ al = SSL_AD_DECODE_ERROR;
2153
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_LENGTH_MISMATCH);
2154
+ goto f_err;
2155
+ }
2156
+ if (s->tlsext_ocsp_resp)
2157
+ OPENSSL_free(s->tlsext_ocsp_resp);
2158
+ s->tlsext_ocsp_resp = BUF_memdup(p, resplen);
2159
+ if (!s->tlsext_ocsp_resp)
2160
+ {
2161
+ al = SSL_AD_INTERNAL_ERROR;
2162
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,ERR_R_MALLOC_FAILURE);
2163
+ goto f_err;
2164
+ }
2165
+ s->tlsext_ocsp_resplen = resplen;
2166
+ if (s->ctx->tlsext_status_cb)
2167
+ {
2168
+ int ret;
2169
+ ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
2170
+ if (ret == 0)
2171
+ {
2172
+ al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
2173
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_INVALID_STATUS_RESPONSE);
2174
+ goto f_err;
2175
+ }
2176
+ if (ret < 0)
2177
+ {
2178
+ al = SSL_AD_INTERNAL_ERROR;
2179
+ SSLerr(SSL_F_SSL3_GET_CERT_STATUS,ERR_R_MALLOC_FAILURE);
2180
+ goto f_err;
2181
+ }
2182
+ }
2183
+ return 1;
2184
+ f_err:
2185
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
2186
+ return(-1);
2187
+ }
2188
+ #endif
2189
+
2190
+ int ssl3_get_server_done(SSL *s)
2191
+ {
2192
+ int ok,ret=0;
2193
+ long n;
2194
+
2195
+ n=s->method->ssl_get_message(s,
2196
+ SSL3_ST_CR_SRVR_DONE_A,
2197
+ SSL3_ST_CR_SRVR_DONE_B,
2198
+ SSL3_MT_SERVER_DONE,
2199
+ 30, /* should be very small, like 0 :-) */
2200
+ &ok);
2201
+
2202
+ if (!ok) return((int)n);
2203
+ if (n > 0)
2204
+ {
2205
+ /* should contain no data */
2206
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
2207
+ SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
2208
+ return -1;
2209
+ }
2210
+ ret=1;
2211
+ return(ret);
2212
+ }
2213
+
2214
+
2215
+ int ssl3_send_client_key_exchange(SSL *s)
2216
+ {
2217
+ unsigned char *p,*d;
2218
+ int n;
2219
+ unsigned long alg_k;
2220
+ #ifndef OPENSSL_NO_RSA
2221
+ unsigned char *q;
2222
+ EVP_PKEY *pkey=NULL;
2223
+ #endif
2224
+ #ifndef OPENSSL_NO_KRB5
2225
+ KSSL_ERR kssl_err;
2226
+ #endif /* OPENSSL_NO_KRB5 */
2227
+ #ifndef OPENSSL_NO_ECDH
2228
+ EC_KEY *clnt_ecdh = NULL;
2229
+ const EC_POINT *srvr_ecpoint = NULL;
2230
+ EVP_PKEY *srvr_pub_pkey = NULL;
2231
+ unsigned char *encodedPoint = NULL;
2232
+ int encoded_pt_len = 0;
2233
+ BN_CTX * bn_ctx = NULL;
2234
+ #endif
2235
+
2236
+ if (s->state == SSL3_ST_CW_KEY_EXCH_A)
2237
+ {
2238
+ d=(unsigned char *)s->init_buf->data;
2239
+ p= &(d[4]);
2240
+
2241
+ alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
2242
+
2243
+ /* Fool emacs indentation */
2244
+ if (0) {}
2245
+ #ifndef OPENSSL_NO_RSA
2246
+ else if (alg_k & SSL_kRSA)
2247
+ {
2248
+ RSA *rsa;
2249
+ unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
2250
+
2251
+ if (s->session->sess_cert->peer_rsa_tmp != NULL)
2252
+ rsa=s->session->sess_cert->peer_rsa_tmp;
2253
+ else
2254
+ {
2255
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
2256
+ if ((pkey == NULL) ||
2257
+ (pkey->type != EVP_PKEY_RSA) ||
2258
+ (pkey->pkey.rsa == NULL))
2259
+ {
2260
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
2261
+ goto err;
2262
+ }
2263
+ rsa=pkey->pkey.rsa;
2264
+ EVP_PKEY_free(pkey);
2265
+ }
2266
+
2267
+ tmp_buf[0]=s->client_version>>8;
2268
+ tmp_buf[1]=s->client_version&0xff;
2269
+ if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
2270
+ goto err;
2271
+
2272
+ s->session->master_key_length=sizeof tmp_buf;
2273
+
2274
+ q=p;
2275
+ /* Fix buf for TLS and beyond */
2276
+ if (s->version > SSL3_VERSION)
2277
+ p+=2;
2278
+ n=RSA_public_encrypt(sizeof tmp_buf,
2279
+ tmp_buf,p,rsa,RSA_PKCS1_PADDING);
2280
+ #ifdef PKCS1_CHECK
2281
+ if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
2282
+ if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70;
2283
+ #endif
2284
+ if (n <= 0)
2285
+ {
2286
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
2287
+ goto err;
2288
+ }
2289
+
2290
+ /* Fix buf for TLS and beyond */
2291
+ if (s->version > SSL3_VERSION)
2292
+ {
2293
+ s2n(n,q);
2294
+ n+=2;
2295
+ }
2296
+
2297
+ s->session->master_key_length=
2298
+ s->method->ssl3_enc->generate_master_secret(s,
2299
+ s->session->master_key,
2300
+ tmp_buf,sizeof tmp_buf);
2301
+ OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);
2302
+ }
2303
+ #endif
2304
+ #ifndef OPENSSL_NO_KRB5
2305
+ else if (alg_k & SSL_kKRB5)
2306
+ {
2307
+ krb5_error_code krb5rc;
2308
+ KSSL_CTX *kssl_ctx = s->kssl_ctx;
2309
+ /* krb5_data krb5_ap_req; */
2310
+ krb5_data *enc_ticket;
2311
+ krb5_data authenticator, *authp = NULL;
2312
+ EVP_CIPHER_CTX ciph_ctx;
2313
+ const EVP_CIPHER *enc = NULL;
2314
+ unsigned char iv[EVP_MAX_IV_LENGTH];
2315
+ unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
2316
+ unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH
2317
+ + EVP_MAX_IV_LENGTH];
2318
+ int padl, outl = sizeof(epms);
2319
+
2320
+ EVP_CIPHER_CTX_init(&ciph_ctx);
2321
+
2322
+ #ifdef KSSL_DEBUG
2323
+ printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
2324
+ alg_k, SSL_kKRB5);
2325
+ #endif /* KSSL_DEBUG */
2326
+
2327
+ authp = NULL;
2328
+ #ifdef KRB5SENDAUTH
2329
+ if (KRB5SENDAUTH) authp = &authenticator;
2330
+ #endif /* KRB5SENDAUTH */
2331
+
2332
+ krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp,
2333
+ &kssl_err);
2334
+ enc = kssl_map_enc(kssl_ctx->enctype);
2335
+ if (enc == NULL)
2336
+ goto err;
2337
+ #ifdef KSSL_DEBUG
2338
+ {
2339
+ printf("kssl_cget_tkt rtn %d\n", krb5rc);
2340
+ if (krb5rc && kssl_err.text)
2341
+ printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
2342
+ }
2343
+ #endif /* KSSL_DEBUG */
2344
+
2345
+ if (krb5rc)
2346
+ {
2347
+ ssl3_send_alert(s,SSL3_AL_FATAL,
2348
+ SSL_AD_HANDSHAKE_FAILURE);
2349
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2350
+ kssl_err.reason);
2351
+ goto err;
2352
+ }
2353
+
2354
+ /* 20010406 VRS - Earlier versions used KRB5 AP_REQ
2355
+ ** in place of RFC 2712 KerberosWrapper, as in:
2356
+ **
2357
+ ** Send ticket (copy to *p, set n = length)
2358
+ ** n = krb5_ap_req.length;
2359
+ ** memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
2360
+ ** if (krb5_ap_req.data)
2361
+ ** kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
2362
+ **
2363
+ ** Now using real RFC 2712 KerberosWrapper
2364
+ ** (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
2365
+ ** Note: 2712 "opaque" types are here replaced
2366
+ ** with a 2-byte length followed by the value.
2367
+ ** Example:
2368
+ ** KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
2369
+ ** Where "xx xx" = length bytes. Shown here with
2370
+ ** optional authenticator omitted.
2371
+ */
2372
+
2373
+ /* KerberosWrapper.Ticket */
2374
+ s2n(enc_ticket->length,p);
2375
+ memcpy(p, enc_ticket->data, enc_ticket->length);
2376
+ p+= enc_ticket->length;
2377
+ n = enc_ticket->length + 2;
2378
+
2379
+ /* KerberosWrapper.Authenticator */
2380
+ if (authp && authp->length)
2381
+ {
2382
+ s2n(authp->length,p);
2383
+ memcpy(p, authp->data, authp->length);
2384
+ p+= authp->length;
2385
+ n+= authp->length + 2;
2386
+
2387
+ free(authp->data);
2388
+ authp->data = NULL;
2389
+ authp->length = 0;
2390
+ }
2391
+ else
2392
+ {
2393
+ s2n(0,p);/* null authenticator length */
2394
+ n+=2;
2395
+ }
2396
+
2397
+ tmp_buf[0]=s->client_version>>8;
2398
+ tmp_buf[1]=s->client_version&0xff;
2399
+ if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
2400
+ goto err;
2401
+
2402
+ /* 20010420 VRS. Tried it this way; failed.
2403
+ ** EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
2404
+ ** EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
2405
+ ** kssl_ctx->length);
2406
+ ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
2407
+ */
2408
+
2409
+ memset(iv, 0, sizeof iv); /* per RFC 1510 */
2410
+ EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
2411
+ kssl_ctx->key,iv);
2412
+ EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
2413
+ sizeof tmp_buf);
2414
+ EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
2415
+ outl += padl;
2416
+ if (outl > (int)sizeof epms)
2417
+ {
2418
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
2419
+ goto err;
2420
+ }
2421
+ EVP_CIPHER_CTX_cleanup(&ciph_ctx);
2422
+
2423
+ /* KerberosWrapper.EncryptedPreMasterSecret */
2424
+ s2n(outl,p);
2425
+ memcpy(p, epms, outl);
2426
+ p+=outl;
2427
+ n+=outl + 2;
2428
+
2429
+ s->session->master_key_length=
2430
+ s->method->ssl3_enc->generate_master_secret(s,
2431
+ s->session->master_key,
2432
+ tmp_buf, sizeof tmp_buf);
2433
+
2434
+ OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
2435
+ OPENSSL_cleanse(epms, outl);
2436
+ }
2437
+ #endif
2438
+ #ifndef OPENSSL_NO_DH
2439
+ else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
2440
+ {
2441
+ DH *dh_srvr,*dh_clnt;
2442
+
2443
+ if (s->session->sess_cert == NULL)
2444
+ {
2445
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
2446
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
2447
+ goto err;
2448
+ }
2449
+
2450
+ if (s->session->sess_cert->peer_dh_tmp != NULL)
2451
+ dh_srvr=s->session->sess_cert->peer_dh_tmp;
2452
+ else
2453
+ {
2454
+ /* we get them from the cert */
2455
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
2456
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
2457
+ goto err;
2458
+ }
2459
+
2460
+ /* generate a new random key */
2461
+ if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
2462
+ {
2463
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
2464
+ goto err;
2465
+ }
2466
+ if (!DH_generate_key(dh_clnt))
2467
+ {
2468
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
2469
+ DH_free(dh_clnt);
2470
+ goto err;
2471
+ }
2472
+
2473
+ /* use the 'p' output buffer for the DH key, but
2474
+ * make sure to clear it out afterwards */
2475
+
2476
+ n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
2477
+
2478
+ if (n <= 0)
2479
+ {
2480
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
2481
+ DH_free(dh_clnt);
2482
+ goto err;
2483
+ }
2484
+
2485
+ /* generate master key from the result */
2486
+ s->session->master_key_length=
2487
+ s->method->ssl3_enc->generate_master_secret(s,
2488
+ s->session->master_key,p,n);
2489
+ /* clean up */
2490
+ memset(p,0,n);
2491
+
2492
+ /* send off the data */
2493
+ n=BN_num_bytes(dh_clnt->pub_key);
2494
+ s2n(n,p);
2495
+ BN_bn2bin(dh_clnt->pub_key,p);
2496
+ n+=2;
2497
+
2498
+ DH_free(dh_clnt);
2499
+
2500
+ /* perhaps clean things up a bit EAY EAY EAY EAY*/
2501
+ }
2502
+ #endif
2503
+
2504
+ #ifndef OPENSSL_NO_ECDH
2505
+ else if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe))
2506
+ {
2507
+ const EC_GROUP *srvr_group = NULL;
2508
+ EC_KEY *tkey;
2509
+ int ecdh_clnt_cert = 0;
2510
+ int field_size = 0;
2511
+
2512
+ /* Did we send out the client's
2513
+ * ECDH share for use in premaster
2514
+ * computation as part of client certificate?
2515
+ * If so, set ecdh_clnt_cert to 1.
2516
+ */
2517
+ if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->cert != NULL))
2518
+ {
2519
+ /* XXX: For now, we do not support client
2520
+ * authentication using ECDH certificates.
2521
+ * To add such support, one needs to add
2522
+ * code that checks for appropriate
2523
+ * conditions and sets ecdh_clnt_cert to 1.
2524
+ * For example, the cert have an ECC
2525
+ * key on the same curve as the server's
2526
+ * and the key should be authorized for
2527
+ * key agreement.
2528
+ *
2529
+ * One also needs to add code in ssl3_connect
2530
+ * to skip sending the certificate verify
2531
+ * message.
2532
+ *
2533
+ * if ((s->cert->key->privatekey != NULL) &&
2534
+ * (s->cert->key->privatekey->type ==
2535
+ * EVP_PKEY_EC) && ...)
2536
+ * ecdh_clnt_cert = 1;
2537
+ */
2538
+ }
2539
+
2540
+ if (s->session->sess_cert->peer_ecdh_tmp != NULL)
2541
+ {
2542
+ tkey = s->session->sess_cert->peer_ecdh_tmp;
2543
+ }
2544
+ else
2545
+ {
2546
+ /* Get the Server Public Key from Cert */
2547
+ srvr_pub_pkey = X509_get_pubkey(s->session-> \
2548
+ sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
2549
+ if ((srvr_pub_pkey == NULL) ||
2550
+ (srvr_pub_pkey->type != EVP_PKEY_EC) ||
2551
+ (srvr_pub_pkey->pkey.ec == NULL))
2552
+ {
2553
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2554
+ ERR_R_INTERNAL_ERROR);
2555
+ goto err;
2556
+ }
2557
+
2558
+ tkey = srvr_pub_pkey->pkey.ec;
2559
+ }
2560
+
2561
+ srvr_group = EC_KEY_get0_group(tkey);
2562
+ srvr_ecpoint = EC_KEY_get0_public_key(tkey);
2563
+
2564
+ if ((srvr_group == NULL) || (srvr_ecpoint == NULL))
2565
+ {
2566
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2567
+ ERR_R_INTERNAL_ERROR);
2568
+ goto err;
2569
+ }
2570
+
2571
+ if ((clnt_ecdh=EC_KEY_new()) == NULL)
2572
+ {
2573
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
2574
+ goto err;
2575
+ }
2576
+
2577
+ if (!EC_KEY_set_group(clnt_ecdh, srvr_group))
2578
+ {
2579
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_EC_LIB);
2580
+ goto err;
2581
+ }
2582
+ if (ecdh_clnt_cert)
2583
+ {
2584
+ /* Reuse key info from our certificate
2585
+ * We only need our private key to perform
2586
+ * the ECDH computation.
2587
+ */
2588
+ const BIGNUM *priv_key;
2589
+ tkey = s->cert->key->privatekey->pkey.ec;
2590
+ priv_key = EC_KEY_get0_private_key(tkey);
2591
+ if (priv_key == NULL)
2592
+ {
2593
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
2594
+ goto err;
2595
+ }
2596
+ if (!EC_KEY_set_private_key(clnt_ecdh, priv_key))
2597
+ {
2598
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_EC_LIB);
2599
+ goto err;
2600
+ }
2601
+ }
2602
+ else
2603
+ {
2604
+ /* Generate a new ECDH key pair */
2605
+ if (!(EC_KEY_generate_key(clnt_ecdh)))
2606
+ {
2607
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
2608
+ goto err;
2609
+ }
2610
+ }
2611
+
2612
+ /* use the 'p' output buffer for the ECDH key, but
2613
+ * make sure to clear it out afterwards
2614
+ */
2615
+
2616
+ field_size = EC_GROUP_get_degree(srvr_group);
2617
+ if (field_size <= 0)
2618
+ {
2619
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2620
+ ERR_R_ECDH_LIB);
2621
+ goto err;
2622
+ }
2623
+ n=ECDH_compute_key(p, (field_size+7)/8, srvr_ecpoint, clnt_ecdh, NULL);
2624
+ if (n <= 0)
2625
+ {
2626
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2627
+ ERR_R_ECDH_LIB);
2628
+ goto err;
2629
+ }
2630
+
2631
+ /* generate master key from the result */
2632
+ s->session->master_key_length = s->method->ssl3_enc \
2633
+ -> generate_master_secret(s,
2634
+ s->session->master_key,
2635
+ p, n);
2636
+
2637
+ memset(p, 0, n); /* clean up */
2638
+
2639
+ if (ecdh_clnt_cert)
2640
+ {
2641
+ /* Send empty client key exch message */
2642
+ n = 0;
2643
+ }
2644
+ else
2645
+ {
2646
+ /* First check the size of encoding and
2647
+ * allocate memory accordingly.
2648
+ */
2649
+ encoded_pt_len =
2650
+ EC_POINT_point2oct(srvr_group,
2651
+ EC_KEY_get0_public_key(clnt_ecdh),
2652
+ POINT_CONVERSION_UNCOMPRESSED,
2653
+ NULL, 0, NULL);
2654
+
2655
+ encodedPoint = (unsigned char *)
2656
+ OPENSSL_malloc(encoded_pt_len *
2657
+ sizeof(unsigned char));
2658
+ bn_ctx = BN_CTX_new();
2659
+ if ((encodedPoint == NULL) ||
2660
+ (bn_ctx == NULL))
2661
+ {
2662
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
2663
+ goto err;
2664
+ }
2665
+
2666
+ /* Encode the public key */
2667
+ n = EC_POINT_point2oct(srvr_group,
2668
+ EC_KEY_get0_public_key(clnt_ecdh),
2669
+ POINT_CONVERSION_UNCOMPRESSED,
2670
+ encodedPoint, encoded_pt_len, bn_ctx);
2671
+
2672
+ *p = n; /* length of encoded point */
2673
+ /* Encoded point will be copied here */
2674
+ p += 1;
2675
+ /* copy the point */
2676
+ memcpy((unsigned char *)p, encodedPoint, n);
2677
+ /* increment n to account for length field */
2678
+ n += 1;
2679
+ }
2680
+
2681
+ /* Free allocated memory */
2682
+ BN_CTX_free(bn_ctx);
2683
+ if (encodedPoint != NULL) OPENSSL_free(encodedPoint);
2684
+ if (clnt_ecdh != NULL)
2685
+ EC_KEY_free(clnt_ecdh);
2686
+ EVP_PKEY_free(srvr_pub_pkey);
2687
+ }
2688
+ #endif /* !OPENSSL_NO_ECDH */
2689
+ else if (alg_k & SSL_kGOST)
2690
+ {
2691
+ /* GOST key exchange message creation */
2692
+ EVP_PKEY_CTX *pkey_ctx;
2693
+ X509 *peer_cert;
2694
+ size_t msglen;
2695
+ unsigned int md_len;
2696
+ int keytype;
2697
+ unsigned char premaster_secret[32],shared_ukm[32], tmp[256];
2698
+ EVP_MD_CTX *ukm_hash;
2699
+ EVP_PKEY *pub_key;
2700
+
2701
+ /* Get server sertificate PKEY and create ctx from it */
2702
+ peer_cert=s->session->sess_cert->peer_pkeys[(keytype=SSL_PKEY_GOST01)].x509;
2703
+ if (!peer_cert)
2704
+ peer_cert=s->session->sess_cert->peer_pkeys[(keytype=SSL_PKEY_GOST94)].x509;
2705
+ if (!peer_cert) {
2706
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
2707
+ goto err;
2708
+ }
2709
+
2710
+ pkey_ctx=EVP_PKEY_CTX_new(pub_key=X509_get_pubkey(peer_cert),NULL);
2711
+ /* If we have send a certificate, and certificate key
2712
+
2713
+ * parameters match those of server certificate, use
2714
+ * certificate key for key exchange
2715
+ */
2716
+
2717
+ /* Otherwise, generate ephemeral key pair */
2718
+
2719
+ EVP_PKEY_encrypt_init(pkey_ctx);
2720
+ /* Generate session key */
2721
+ RAND_bytes(premaster_secret,32);
2722
+ /* If we have client certificate, use its secret as peer key */
2723
+ if (s->s3->tmp.cert_req && s->cert->key->privatekey) {
2724
+ if (EVP_PKEY_derive_set_peer(pkey_ctx,s->cert->key->privatekey) <=0) {
2725
+ /* If there was an error - just ignore it. Ephemeral key
2726
+ * would be used
2727
+ */
2728
+ ERR_clear_error();
2729
+ }
2730
+ }
2731
+ /* Compute shared IV and store it in algorithm-specific
2732
+ * context data */
2733
+ ukm_hash = EVP_MD_CTX_create();
2734
+ EVP_DigestInit(ukm_hash,EVP_get_digestbynid(NID_id_GostR3411_94));
2735
+ EVP_DigestUpdate(ukm_hash,s->s3->client_random,SSL3_RANDOM_SIZE);
2736
+ EVP_DigestUpdate(ukm_hash,s->s3->server_random,SSL3_RANDOM_SIZE);
2737
+ EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len);
2738
+ EVP_MD_CTX_destroy(ukm_hash);
2739
+ if (EVP_PKEY_CTX_ctrl(pkey_ctx,-1,EVP_PKEY_OP_ENCRYPT,EVP_PKEY_CTRL_SET_IV,
2740
+ 8,shared_ukm)<0) {
2741
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2742
+ SSL_R_LIBRARY_BUG);
2743
+ goto err;
2744
+ }
2745
+ /* Make GOST keytransport blob message */
2746
+ /*Encapsulate it into sequence */
2747
+ *(p++)=V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
2748
+ msglen=255;
2749
+ if (EVP_PKEY_encrypt(pkey_ctx,tmp,&msglen,premaster_secret,32)<0) {
2750
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2751
+ SSL_R_LIBRARY_BUG);
2752
+ goto err;
2753
+ }
2754
+ if (msglen >= 0x80)
2755
+ {
2756
+ *(p++)=0x81;
2757
+ *(p++)= msglen & 0xff;
2758
+ n=msglen+3;
2759
+ }
2760
+ else
2761
+ {
2762
+ *(p++)= msglen & 0xff;
2763
+ n=msglen+2;
2764
+ }
2765
+ memcpy(p, tmp, msglen);
2766
+ /* Check if pubkey from client certificate was used */
2767
+ if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
2768
+ {
2769
+ /* Set flag "skip certificate verify" */
2770
+ s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
2771
+ }
2772
+ EVP_PKEY_CTX_free(pkey_ctx);
2773
+ s->session->master_key_length=
2774
+ s->method->ssl3_enc->generate_master_secret(s,
2775
+ s->session->master_key,premaster_secret,32);
2776
+ EVP_PKEY_free(pub_key);
2777
+
2778
+ }
2779
+ #ifndef OPENSSL_NO_SRP
2780
+ else if (alg_k & SSL_kSRP)
2781
+ {
2782
+ if (s->srp_ctx.A != NULL)
2783
+ {
2784
+ /* send off the data */
2785
+ n=BN_num_bytes(s->srp_ctx.A);
2786
+ s2n(n,p);
2787
+ BN_bn2bin(s->srp_ctx.A,p);
2788
+ n+=2;
2789
+ }
2790
+ else
2791
+ {
2792
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
2793
+ goto err;
2794
+ }
2795
+ if (s->session->srp_username != NULL)
2796
+ OPENSSL_free(s->session->srp_username);
2797
+ s->session->srp_username = BUF_strdup(s->srp_ctx.login);
2798
+ if (s->session->srp_username == NULL)
2799
+ {
2800
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2801
+ ERR_R_MALLOC_FAILURE);
2802
+ goto err;
2803
+ }
2804
+
2805
+ if ((s->session->master_key_length = SRP_generate_client_master_secret(s,s->session->master_key))<0)
2806
+ {
2807
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
2808
+ goto err;
2809
+ }
2810
+ }
2811
+ #endif
2812
+ #ifndef OPENSSL_NO_PSK
2813
+ else if (alg_k & SSL_kPSK)
2814
+ {
2815
+ char identity[PSK_MAX_IDENTITY_LEN];
2816
+ unsigned char *t = NULL;
2817
+ unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN*2+4];
2818
+ unsigned int pre_ms_len = 0, psk_len = 0;
2819
+ int psk_err = 1;
2820
+
2821
+ n = 0;
2822
+ if (s->psk_client_callback == NULL)
2823
+ {
2824
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2825
+ SSL_R_PSK_NO_CLIENT_CB);
2826
+ goto err;
2827
+ }
2828
+
2829
+ psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
2830
+ identity, PSK_MAX_IDENTITY_LEN,
2831
+ psk_or_pre_ms, sizeof(psk_or_pre_ms));
2832
+ if (psk_len > PSK_MAX_PSK_LEN)
2833
+ {
2834
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2835
+ ERR_R_INTERNAL_ERROR);
2836
+ goto psk_err;
2837
+ }
2838
+ else if (psk_len == 0)
2839
+ {
2840
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2841
+ SSL_R_PSK_IDENTITY_NOT_FOUND);
2842
+ goto psk_err;
2843
+ }
2844
+
2845
+ /* create PSK pre_master_secret */
2846
+ pre_ms_len = 2+psk_len+2+psk_len;
2847
+ t = psk_or_pre_ms;
2848
+ memmove(psk_or_pre_ms+psk_len+4, psk_or_pre_ms, psk_len);
2849
+ s2n(psk_len, t);
2850
+ memset(t, 0, psk_len);
2851
+ t+=psk_len;
2852
+ s2n(psk_len, t);
2853
+
2854
+ if (s->session->psk_identity_hint != NULL)
2855
+ OPENSSL_free(s->session->psk_identity_hint);
2856
+ s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
2857
+ if (s->ctx->psk_identity_hint != NULL &&
2858
+ s->session->psk_identity_hint == NULL)
2859
+ {
2860
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2861
+ ERR_R_MALLOC_FAILURE);
2862
+ goto psk_err;
2863
+ }
2864
+
2865
+ if (s->session->psk_identity != NULL)
2866
+ OPENSSL_free(s->session->psk_identity);
2867
+ s->session->psk_identity = BUF_strdup(identity);
2868
+ if (s->session->psk_identity == NULL)
2869
+ {
2870
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2871
+ ERR_R_MALLOC_FAILURE);
2872
+ goto psk_err;
2873
+ }
2874
+
2875
+ s->session->master_key_length =
2876
+ s->method->ssl3_enc->generate_master_secret(s,
2877
+ s->session->master_key,
2878
+ psk_or_pre_ms, pre_ms_len);
2879
+ n = strlen(identity);
2880
+ s2n(n, p);
2881
+ memcpy(p, identity, n);
2882
+ n+=2;
2883
+ psk_err = 0;
2884
+ psk_err:
2885
+ OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN);
2886
+ OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
2887
+ if (psk_err != 0)
2888
+ {
2889
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
2890
+ goto err;
2891
+ }
2892
+ }
2893
+ #endif
2894
+ else
2895
+ {
2896
+ ssl3_send_alert(s, SSL3_AL_FATAL,
2897
+ SSL_AD_HANDSHAKE_FAILURE);
2898
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2899
+ ERR_R_INTERNAL_ERROR);
2900
+ goto err;
2901
+ }
2902
+
2903
+ *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
2904
+ l2n3(n,d);
2905
+
2906
+ s->state=SSL3_ST_CW_KEY_EXCH_B;
2907
+ /* number of bytes to write */
2908
+ s->init_num=n+4;
2909
+ s->init_off=0;
2910
+ }
2911
+
2912
+ /* SSL3_ST_CW_KEY_EXCH_B */
2913
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
2914
+ err:
2915
+ #ifndef OPENSSL_NO_ECDH
2916
+ BN_CTX_free(bn_ctx);
2917
+ if (encodedPoint != NULL) OPENSSL_free(encodedPoint);
2918
+ if (clnt_ecdh != NULL)
2919
+ EC_KEY_free(clnt_ecdh);
2920
+ EVP_PKEY_free(srvr_pub_pkey);
2921
+ #endif
2922
+ return(-1);
2923
+ }
2924
+
2925
+ int ssl3_send_client_verify(SSL *s)
2926
+ {
2927
+ unsigned char *p,*d;
2928
+ unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
2929
+ EVP_PKEY *pkey;
2930
+ EVP_PKEY_CTX *pctx=NULL;
2931
+ EVP_MD_CTX mctx;
2932
+ unsigned u=0;
2933
+ unsigned long n;
2934
+ int j;
2935
+
2936
+ EVP_MD_CTX_init(&mctx);
2937
+
2938
+ if (s->state == SSL3_ST_CW_CERT_VRFY_A)
2939
+ {
2940
+ d=(unsigned char *)s->init_buf->data;
2941
+ p= &(d[4]);
2942
+ pkey=s->cert->key->privatekey;
2943
+ /* Create context from key and test if sha1 is allowed as digest */
2944
+ pctx = EVP_PKEY_CTX_new(pkey,NULL);
2945
+ EVP_PKEY_sign_init(pctx);
2946
+ if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1())>0)
2947
+ {
2948
+ if (TLS1_get_version(s) < TLS1_2_VERSION)
2949
+ s->method->ssl3_enc->cert_verify_mac(s,
2950
+ NID_sha1,
2951
+ &(data[MD5_DIGEST_LENGTH]));
2952
+ }
2953
+ else
2954
+ {
2955
+ ERR_clear_error();
2956
+ }
2957
+ /* For TLS v1.2 send signature algorithm and signature
2958
+ * using agreed digest and cached handshake records.
2959
+ */
2960
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
2961
+ {
2962
+ long hdatalen = 0;
2963
+ void *hdata;
2964
+ const EVP_MD *md = s->cert->key->digest;
2965
+ hdatalen = BIO_get_mem_data(s->s3->handshake_buffer,
2966
+ &hdata);
2967
+ if (hdatalen <= 0 || !tls12_get_sigandhash(p, pkey, md))
2968
+ {
2969
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
2970
+ ERR_R_INTERNAL_ERROR);
2971
+ goto err;
2972
+ }
2973
+ p += 2;
2974
+ #ifdef SSL_DEBUG
2975
+ fprintf(stderr, "Using TLS 1.2 with client alg %s\n",
2976
+ EVP_MD_name(md));
2977
+ #endif
2978
+ if (!EVP_SignInit_ex(&mctx, md, NULL)
2979
+ || !EVP_SignUpdate(&mctx, hdata, hdatalen)
2980
+ || !EVP_SignFinal(&mctx, p + 2, &u, pkey))
2981
+ {
2982
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
2983
+ ERR_R_EVP_LIB);
2984
+ goto err;
2985
+ }
2986
+ s2n(u,p);
2987
+ n = u + 4;
2988
+ if (!ssl3_digest_cached_records(s))
2989
+ goto err;
2990
+ }
2991
+ else
2992
+ #ifndef OPENSSL_NO_RSA
2993
+ if (pkey->type == EVP_PKEY_RSA)
2994
+ {
2995
+ s->method->ssl3_enc->cert_verify_mac(s,
2996
+ NID_md5,
2997
+ &(data[0]));
2998
+ if (RSA_sign(NID_md5_sha1, data,
2999
+ MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
3000
+ &(p[2]), &u, pkey->pkey.rsa) <= 0 )
3001
+ {
3002
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
3003
+ goto err;
3004
+ }
3005
+ s2n(u,p);
3006
+ n=u+2;
3007
+ }
3008
+ else
3009
+ #endif
3010
+ #ifndef OPENSSL_NO_DSA
3011
+ if (pkey->type == EVP_PKEY_DSA)
3012
+ {
3013
+ if (!DSA_sign(pkey->save_type,
3014
+ &(data[MD5_DIGEST_LENGTH]),
3015
+ SHA_DIGEST_LENGTH,&(p[2]),
3016
+ (unsigned int *)&j,pkey->pkey.dsa))
3017
+ {
3018
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
3019
+ goto err;
3020
+ }
3021
+ s2n(j,p);
3022
+ n=j+2;
3023
+ }
3024
+ else
3025
+ #endif
3026
+ #ifndef OPENSSL_NO_ECDSA
3027
+ if (pkey->type == EVP_PKEY_EC)
3028
+ {
3029
+ if (!ECDSA_sign(pkey->save_type,
3030
+ &(data[MD5_DIGEST_LENGTH]),
3031
+ SHA_DIGEST_LENGTH,&(p[2]),
3032
+ (unsigned int *)&j,pkey->pkey.ec))
3033
+ {
3034
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
3035
+ ERR_R_ECDSA_LIB);
3036
+ goto err;
3037
+ }
3038
+ s2n(j,p);
3039
+ n=j+2;
3040
+ }
3041
+ else
3042
+ #endif
3043
+ if (pkey->type == NID_id_GostR3410_94 || pkey->type == NID_id_GostR3410_2001)
3044
+ {
3045
+ unsigned char signbuf[64];
3046
+ int i;
3047
+ size_t sigsize=64;
3048
+ s->method->ssl3_enc->cert_verify_mac(s,
3049
+ NID_id_GostR3411_94,
3050
+ data);
3051
+ if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) {
3052
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
3053
+ ERR_R_INTERNAL_ERROR);
3054
+ goto err;
3055
+ }
3056
+ for (i=63,j=0; i>=0; j++, i--) {
3057
+ p[2+j]=signbuf[i];
3058
+ }
3059
+ s2n(j,p);
3060
+ n=j+2;
3061
+ }
3062
+ else
3063
+ {
3064
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_INTERNAL_ERROR);
3065
+ goto err;
3066
+ }
3067
+ *(d++)=SSL3_MT_CERTIFICATE_VERIFY;
3068
+ l2n3(n,d);
3069
+
3070
+ s->state=SSL3_ST_CW_CERT_VRFY_B;
3071
+ s->init_num=(int)n+4;
3072
+ s->init_off=0;
3073
+ }
3074
+ EVP_MD_CTX_cleanup(&mctx);
3075
+ EVP_PKEY_CTX_free(pctx);
3076
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
3077
+ err:
3078
+ EVP_MD_CTX_cleanup(&mctx);
3079
+ EVP_PKEY_CTX_free(pctx);
3080
+ return(-1);
3081
+ }
3082
+
3083
+ int ssl3_send_client_certificate(SSL *s)
3084
+ {
3085
+ X509 *x509=NULL;
3086
+ EVP_PKEY *pkey=NULL;
3087
+ int i;
3088
+ unsigned long l;
3089
+
3090
+ if (s->state == SSL3_ST_CW_CERT_A)
3091
+ {
3092
+ if ((s->cert == NULL) ||
3093
+ (s->cert->key->x509 == NULL) ||
3094
+ (s->cert->key->privatekey == NULL))
3095
+ s->state=SSL3_ST_CW_CERT_B;
3096
+ else
3097
+ s->state=SSL3_ST_CW_CERT_C;
3098
+ }
3099
+
3100
+ /* We need to get a client cert */
3101
+ if (s->state == SSL3_ST_CW_CERT_B)
3102
+ {
3103
+ /* If we get an error, we need to
3104
+ * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
3105
+ * We then get retied later */
3106
+ i=0;
3107
+ i = ssl_do_client_cert_cb(s, &x509, &pkey);
3108
+ if (i < 0)
3109
+ {
3110
+ s->rwstate=SSL_X509_LOOKUP;
3111
+ return(-1);
3112
+ }
3113
+ s->rwstate=SSL_NOTHING;
3114
+ if ((i == 1) && (pkey != NULL) && (x509 != NULL))
3115
+ {
3116
+ s->state=SSL3_ST_CW_CERT_B;
3117
+ if ( !SSL_use_certificate(s,x509) ||
3118
+ !SSL_use_PrivateKey(s,pkey))
3119
+ i=0;
3120
+ }
3121
+ else if (i == 1)
3122
+ {
3123
+ i=0;
3124
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
3125
+ }
3126
+
3127
+ if (x509 != NULL) X509_free(x509);
3128
+ if (pkey != NULL) EVP_PKEY_free(pkey);
3129
+ if (i == 0)
3130
+ {
3131
+ if (s->version == SSL3_VERSION)
3132
+ {
3133
+ s->s3->tmp.cert_req=0;
3134
+ ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
3135
+ return(1);
3136
+ }
3137
+ else
3138
+ {
3139
+ s->s3->tmp.cert_req=2;
3140
+ }
3141
+ }
3142
+
3143
+ /* Ok, we have a cert */
3144
+ s->state=SSL3_ST_CW_CERT_C;
3145
+ }
3146
+
3147
+ if (s->state == SSL3_ST_CW_CERT_C)
3148
+ {
3149
+ s->state=SSL3_ST_CW_CERT_D;
3150
+ l=ssl3_output_cert_chain(s,
3151
+ (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
3152
+ s->init_num=(int)l;
3153
+ s->init_off=0;
3154
+ }
3155
+ /* SSL3_ST_CW_CERT_D */
3156
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
3157
+ }
3158
+
3159
+ #define has_bits(i,m) (((i)&(m)) == (m))
3160
+
3161
+ int ssl3_check_cert_and_algorithm(SSL *s)
3162
+ {
3163
+ int i,idx;
3164
+ long alg_k,alg_a;
3165
+ EVP_PKEY *pkey=NULL;
3166
+ SESS_CERT *sc;
3167
+ #ifndef OPENSSL_NO_RSA
3168
+ RSA *rsa;
3169
+ #endif
3170
+ #ifndef OPENSSL_NO_DH
3171
+ DH *dh;
3172
+ #endif
3173
+
3174
+ alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
3175
+ alg_a=s->s3->tmp.new_cipher->algorithm_auth;
3176
+
3177
+ /* we don't have a certificate */
3178
+ if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
3179
+ return(1);
3180
+
3181
+ sc=s->session->sess_cert;
3182
+ if (sc == NULL)
3183
+ {
3184
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
3185
+ goto err;
3186
+ }
3187
+
3188
+ #ifndef OPENSSL_NO_RSA
3189
+ rsa=s->session->sess_cert->peer_rsa_tmp;
3190
+ #endif
3191
+ #ifndef OPENSSL_NO_DH
3192
+ dh=s->session->sess_cert->peer_dh_tmp;
3193
+ #endif
3194
+
3195
+ /* This is the passed certificate */
3196
+
3197
+ idx=sc->peer_cert_type;
3198
+ #ifndef OPENSSL_NO_ECDH
3199
+ if (idx == SSL_PKEY_ECC)
3200
+ {
3201
+ if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
3202
+ s) == 0)
3203
+ { /* check failed */
3204
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_BAD_ECC_CERT);
3205
+ goto f_err;
3206
+ }
3207
+ else
3208
+ {
3209
+ return 1;
3210
+ }
3211
+ }
3212
+ #endif
3213
+ pkey=X509_get_pubkey(sc->peer_pkeys[idx].x509);
3214
+ i=X509_certificate_type(sc->peer_pkeys[idx].x509,pkey);
3215
+ EVP_PKEY_free(pkey);
3216
+
3217
+
3218
+ /* Check that we have a certificate if we require one */
3219
+ if ((alg_a & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
3220
+ {
3221
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
3222
+ goto f_err;
3223
+ }
3224
+ #ifndef OPENSSL_NO_DSA
3225
+ else if ((alg_a & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
3226
+ {
3227
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
3228
+ goto f_err;
3229
+ }
3230
+ #endif
3231
+ #ifndef OPENSSL_NO_RSA
3232
+ if ((alg_k & SSL_kRSA) &&
3233
+ !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
3234
+ {
3235
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
3236
+ goto f_err;
3237
+ }
3238
+ #endif
3239
+ #ifndef OPENSSL_NO_DH
3240
+ if ((alg_k & SSL_kEDH) &&
3241
+ !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
3242
+ {
3243
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
3244
+ goto f_err;
3245
+ }
3246
+ else if ((alg_k & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
3247
+ {
3248
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
3249
+ goto f_err;
3250
+ }
3251
+ #ifndef OPENSSL_NO_DSA
3252
+ else if ((alg_k & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
3253
+ {
3254
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
3255
+ goto f_err;
3256
+ }
3257
+ #endif
3258
+ #endif
3259
+
3260
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
3261
+ {
3262
+ #ifndef OPENSSL_NO_RSA
3263
+ if (alg_k & SSL_kRSA)
3264
+ {
3265
+ if (rsa == NULL
3266
+ || RSA_size(rsa)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
3267
+ {
3268
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
3269
+ goto f_err;
3270
+ }
3271
+ }
3272
+ else
3273
+ #endif
3274
+ #ifndef OPENSSL_NO_DH
3275
+ if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
3276
+ {
3277
+ if (dh == NULL
3278
+ || DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
3279
+ {
3280
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
3281
+ goto f_err;
3282
+ }
3283
+ }
3284
+ else
3285
+ #endif
3286
+ {
3287
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
3288
+ goto f_err;
3289
+ }
3290
+ }
3291
+ return(1);
3292
+ f_err:
3293
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
3294
+ err:
3295
+ return(0);
3296
+ }
3297
+
3298
+ #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
3299
+ int ssl3_send_next_proto(SSL *s)
3300
+ {
3301
+ unsigned int len, padding_len;
3302
+ unsigned char *d;
3303
+
3304
+ if (s->state == SSL3_ST_CW_NEXT_PROTO_A)
3305
+ {
3306
+ len = s->next_proto_negotiated_len;
3307
+ padding_len = 32 - ((len + 2) % 32);
3308
+ d = (unsigned char *)s->init_buf->data;
3309
+ d[4] = len;
3310
+ memcpy(d + 5, s->next_proto_negotiated, len);
3311
+ d[5 + len] = padding_len;
3312
+ memset(d + 6 + len, 0, padding_len);
3313
+ *(d++)=SSL3_MT_NEXT_PROTO;
3314
+ l2n3(2 + len + padding_len, d);
3315
+ s->state = SSL3_ST_CW_NEXT_PROTO_B;
3316
+ s->init_num = 4 + 2 + len + padding_len;
3317
+ s->init_off = 0;
3318
+ }
3319
+
3320
+ return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3321
+ }
3322
+ #endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
3323
+
3324
+ /* Check to see if handshake is full or resumed. Usually this is just a
3325
+ * case of checking to see if a cache hit has occurred. In the case of
3326
+ * session tickets we have to check the next message to be sure.
3327
+ */
3328
+
3329
+ #ifndef OPENSSL_NO_TLSEXT
3330
+ int ssl3_check_finished(SSL *s)
3331
+ {
3332
+ int ok;
3333
+ long n;
3334
+ /* If we have no ticket it cannot be a resumed session. */
3335
+ if (!s->session->tlsext_tick)
3336
+ return 1;
3337
+ /* this function is called when we really expect a Certificate
3338
+ * message, so permit appropriate message length */
3339
+ n=s->method->ssl_get_message(s,
3340
+ SSL3_ST_CR_CERT_A,
3341
+ SSL3_ST_CR_CERT_B,
3342
+ -1,
3343
+ s->max_cert_list,
3344
+ &ok);
3345
+ if (!ok) return((int)n);
3346
+ s->s3->tmp.reuse_message = 1;
3347
+ if ((s->s3->tmp.message_type == SSL3_MT_FINISHED)
3348
+ || (s->s3->tmp.message_type == SSL3_MT_NEWSESSION_TICKET))
3349
+ return 2;
3350
+
3351
+ return 1;
3352
+ }
3353
+ #endif
3354
+
3355
+ int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
3356
+ {
3357
+ int i = 0;
3358
+ #ifndef OPENSSL_NO_ENGINE
3359
+ if (s->ctx->client_cert_engine)
3360
+ {
3361
+ i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
3362
+ SSL_get_client_CA_list(s),
3363
+ px509, ppkey, NULL, NULL, NULL);
3364
+ if (i != 0)
3365
+ return i;
3366
+ }
3367
+ #endif
3368
+ if (s->ctx->client_cert_cb)
3369
+ i = s->ctx->client_cert_cb(s,px509,ppkey);
3370
+ return i;
3371
+ }