2258 d=(unsigned char *)s->init_buf->data;
2259 p= &(d[4]);
2260
2261 alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
2262
2263 /* Fool emacs indentation */
2264 if (0) {}
2265 #ifndef OPENSSL_NO_RSA
2266 else if (alg_k & SSL_kRSA)
2267 {
2268 RSA *rsa;
2269 unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
2270
2271 if (s->session->sess_cert == NULL)
2272 {
2273 /* We should always have a server certificate with SSL_kRSA. */
2274 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
2275 goto err;
2276 }
2277
2278 if (s->session->sess_cert->peer_rsa_tmp != NULL)
2279 rsa=s->session->sess_cert->peer_rsa_tmp;
2280 else
2281 {
2282 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
2283 if ((pkey == NULL) ||
2284 (pkey->type != EVP_PKEY_RSA) ||
2285 (pkey->pkey.rsa == NULL))
2286 {
2287 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
2288 goto err;
2289 }
2290 rsa=pkey->pkey.rsa;
2291 EVP_PKEY_free(pkey);
2292 }
2293
2294 tmp_buf[0]=s->client_version>>8;
2295 tmp_buf[1]=s->client_version&0xff;
2296 if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
2297 goto err;
|
2258 d=(unsigned char *)s->init_buf->data;
2259 p= &(d[4]);
2260
2261 alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
2262
2263 /* Fool emacs indentation */
2264 if (0) {}
2265 #ifndef OPENSSL_NO_RSA
2266 else if (alg_k & SSL_kRSA)
2267 {
2268 RSA *rsa;
2269 unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
2270
2271 if (s->session->sess_cert == NULL)
2272 {
2273 /* We should always have a server certificate with SSL_kRSA. */
2274 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
2275 goto err;
2276 }
2277
2278
2279 if (s->session->sess_cert->peer_rsa_tmp != NULL)
2280 rsa=s->session->sess_cert->peer_rsa_tmp;
2281 else
2282 {
2283 pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
2284 if ((pkey == NULL) ||
2285 (pkey->type != EVP_PKEY_RSA) ||
2286 (pkey->pkey.rsa == NULL))
2287 {
2288 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
2289 goto err;
2290 }
2291 rsa=pkey->pkey.rsa;
2292 EVP_PKEY_free(pkey);
2293 }
2294
2295 tmp_buf[0]=s->client_version>>8;
2296 tmp_buf[1]=s->client_version&0xff;
2297 if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
2298 goto err;
|