pike.git / lib / modules / SSL.pmod / Connection.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Connection.pike:52:   constant CERT_requested = 1;   constant CERT_received = 2;   constant CERT_no_certificate = 3;   int certificate_state;      int expect_change_cipher; /* Reset to 0 if a change_cipher message is    * received */      // RFC 5746-related fields   int secure_renegotiation; - string(0..255) client_verify_data = ""; - string(0..255) server_verify_data = ""; + string(8bit) client_verify_data = ""; + string(8bit) server_verify_data = "";   // 3.2: Initially of zero length for both the   // ClientHello and the ServerHello.      //! The active @[Cipher.KeyExchange] (if any).   .Cipher.KeyExchange ke;      ProtocolVersion version;   ProtocolVersion client_version; /* Used to check for version roll-back attacks. */      //! Random cookies, sent and received with the hello-messages. - string(0..255) client_random; - string(0..255) server_random; + string(8bit) client_random; + string(8bit) server_random;      #define Packet .Packet   #define Alert .Alert    - Alert alert(int(1..2) level, int(0..255) description, + Alert alert(int(1..2) level, int(8bit) description,    string|void message)   {    return context->alert_factory(this, level, description, version,    message);   }      string(8bit) get_signature_algorithms()   {    ADT.struct sign_algs = ADT.struct();    foreach(sort(indices(HASH_lookup)), int h) {
pike.git/lib/modules/SSL.pmod/Connection.pike:104:   }      #ifdef SSL3_PROFILING   System.Timer timer = System.Timer();   void addRecord(int t,int s) {    Stdio.stdout.write("time: %.6f sender: %d type: %s\n", timer->get(), s,    fmt_constant(t, "HANDSHAKE"));   }   #endif    - string(0..255) handshake_messages; + string(8bit) handshake_messages;    - Packet handshake_packet(int(0..255) type, string data) + Packet handshake_packet(int(8bit) type, string data)   {   #ifdef SSL3_PROFILING    addRecord(type,1);   #endif    /* Perhaps one need to split large packages? */    Packet packet = Packet();    packet->content_type = PACKET_handshake; -  packet->fragment = sprintf("%1c%3H", type, [string(0..255)]data); +  packet->fragment = sprintf("%1c%3H", type, [string(8bit)]data);    handshake_messages += packet->fragment;    return packet;   }      Packet change_cipher_packet()   {    Packet packet = Packet();    packet->content_type = PACKET_change_cipher_spec;    packet->fragment = "\001";    return packet;   }    - string(0..255) hash_messages(string(0..255) sender) + string(8bit) hash_messages(string(8bit) sender)   {    if(version == PROTOCOL_SSL_3_0) {    return .Cipher.MACmd5(session->master_secret)->hash(handshake_messages + sender) +    .Cipher.MACsha(session->master_secret)->hash(handshake_messages + sender);    }    else if(version <= PROTOCOL_TLS_1_1) {    return session->cipher_spec->prf(session->master_secret, sender,    Crypto.MD5.hash(handshake_messages)+    Crypto.SHA1.hash(handshake_messages), 12);    } else if(version >= PROTOCOL_TLS_1_2) {    return session->cipher_spec->prf(session->master_secret, sender,    session->cipher_spec->hash->hash(handshake_messages), 12);    }   }    - Packet certificate_packet(array(string(0..255)) certificates) + Packet certificate_packet(array(string(8bit)) certificates)   {    ADT.struct struct = ADT.struct();    int len = 0;       if(certificates && sizeof(certificates))    len = `+( @ Array.map(certificates, sizeof));    // SSL3_DEBUG_MSG("SSL.handshake: certificate_message size %d\n", len);    struct->put_uint(len + 3 * sizeof(certificates), 3); -  foreach(certificates, string(0..255) cert) +  foreach(certificates, string(8bit) cert)    struct->put_var_string(cert, 3);       return handshake_packet(HANDSHAKE_certificate, struct->pop_data());   }      Packet heartbeat_packet(string(8bit) s)   {    Packet packet = Packet();    packet->content_type = PACKET_heartbeat;    packet->fragment = s;
pike.git/lib/modules/SSL.pmod/Connection.pike:273:    return 0;   }      //! Do handshake processing. Type is one of HANDSHAKE_*, data is the   //! contents of the packet, and raw is the raw packet received (needed   //! for supporting SSLv2 hello messages).   //!   //! This function returns 0 if handshake is in progress, 1 if handshake   //! is finished, and -1 if a fatal error occurred. It uses the   //! send_packet() function to transmit packets. - int(-1..1) handle_handshake(int type, string(0..255) data, string(0..255) raw); + int(-1..1) handle_handshake(int type, string(8bit) data, string(8bit) raw);      //! Initialize the connection state.   //!   //! @param ctx   //! The context for the connection.   protected void create(Context ctx)   {    current_read_state = State(this);    current_write_state = State(this);