pike.git / lib / modules / SSL.pmod / Connection.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Connection.pike:123:      Packet change_cipher_packet()   {    return Packet(version, PACKET_change_cipher_spec, "\001");   }      string(8bit) hash_messages(string(8bit) sender)   {    string(8bit) hash;    if(version == PROTOCOL_SSL_3_0) { -  hash = .Cipher.MACmd5(session->master_secret)->hash(handshake_messages + sender) + -  .Cipher.MACsha(session->master_secret)->hash(handshake_messages + sender); +  handshake_messages += sender; +  hash = .Cipher.MACmd5(session->master_secret)->hash(handshake_messages) + +  .Cipher.MACsha(session->master_secret)->hash(handshake_messages);    }    else if(version <= PROTOCOL_TLS_1_1) {    hash = session->cipher_spec->prf(session->master_secret, sender,    Crypto.MD5.hash(handshake_messages)+    Crypto.SHA1.hash(handshake_messages), 12);    } else if(version >= PROTOCOL_TLS_1_2) {    hash = session->cipher_spec->prf(session->master_secret, sender, -  session->cipher_spec->hash->hash(handshake_messages), 12); +  session->cipher_spec->hash +  ->hash(handshake_messages), 12);    }       // Handshake hash is only calculated once.    handshake_messages = 0;    return hash;   }      Packet certificate_packet(array(string(8bit)) certificates)   {    Buffer struct = Buffer();
pike.git/lib/modules/SSL.pmod/Connection.pike:407:    } else if (packet->description == ALERT_close_notify) {    state = [int(0..0)|ConnectionState](state | CONNECTION_local_closing);    }    }       if (!priority)    priority = ([ PACKET_alert : PRI_alert,    PACKET_change_cipher_spec : PRI_urgent,    PACKET_handshake : PRI_urgent,    PACKET_heartbeat : PRI_urgent, -  PACKET_application_data : PRI_application ])[packet->content_type]; +  PACKET_application_data : PRI_application +  ])[packet->content_type];       if ((packet->content_type == PACKET_handshake) &&    (priority == PRI_application)) {    // Assume the packet is either hello_request or client_hello,    // and that we want to renegotiate.    expect_change_cipher = 0;    certificate_state = 0;    state = [int(0..0)|ConnectionState](state | CONNECTION_handshaking);    handshake_state = STATE_wait_for_hello;    }
pike.git/lib/modules/SSL.pmod/Connection.pike:559:    if (description == ALERT_close_notify)    {    SSL3_DEBUG_MSG("SSL.Connection: %O\n", ALERT_descriptions[description]);    state = [int(0..0)|ConnectionState](state | CONNECTION_peer_closed);    return 1;    }    if (description == ALERT_no_certificate)    {    SSL3_DEBUG_MSG("SSL.Connection: %O\n", ALERT_descriptions[description]);    -  if ((certificate_state == CERT_requested) && (context->auth_level == AUTHLEVEL_ask)) +  if ( (certificate_state == CERT_requested) && +  (context->auth_level == AUTHLEVEL_ask) )    {    certificate_state = CERT_no_certificate;    return 0;    } else {    send_packet(alert(ALERT_fatal,    ((certificate_state == CERT_requested)    ? ALERT_handshake_failure    : ALERT_unexpected_message),    "Certificate required.\n"));    return -1;