pike.git / lib / modules / SSL.pmod / Session.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Session.pike:8:   //! exchange to established a new session, or reuse a previously   //! established session. That is why we have the session abstraction and   //! the session cache. Each session is used by one or more connections, in   //! sequence or simultaneously.   //!   //! It is also possible to change to a new session in the middle of a   //! connection.      import ".";   import Constants; - protected constant Struct = ADT.struct; +       #ifdef SSL3_DEBUG   #define SSL3_DEBUG_MSG(X ...) werror(X)   #else /*! SSL3_DEBUG */   #define SSL3_DEBUG_MSG(X ...)   #endif /* SSL3_DEBUG */      //! Identifies the session to the server   string(8bit) identity;   
pike.git/lib/modules/SSL.pmod/Session.pike:501:   //! Server write key   //! @elem string 4   //! Client write IV   //! @elem string 5   //! Server write IV   //! @endarray   array(string(8bit)) generate_keys(string(8bit) client_random,    string(8bit) server_random,    ProtocolVersion version)   { -  Struct key_data = Struct(generate_key_block(client_random, server_random, +  Stdio.Buffer key_data = Stdio.Buffer(generate_key_block(client_random, +  server_random,    version));    array(string(8bit)) keys = allocate(6);       SSL3_DEBUG_MSG("client_random: %s\nserver_random: %s\nversion: %d.%d\n",    client_random?String.string2hex(client_random):"NULL",    server_random?String.string2hex(server_random):"NULL",    version>>8, version & 0xff);       // client_write_MAC_secret -  keys[0] = key_data->get_fix_string(cipher_spec->hash_size); +  keys[0] = key_data->read(cipher_spec->hash_size);    // server_write_MAC_secret -  keys[1] = key_data->get_fix_string(cipher_spec->hash_size); +  keys[1] = key_data->read(cipher_spec->hash_size);       if (cipher_spec->is_exportable)    {    // Exportable (ie weak) crypto.    if(version == PROTOCOL_SSL_3_0) {    // SSL 3.0 -  keys[2] = Crypto.MD5.hash(key_data->get_fix_string(5) + +  keys[2] = Crypto.MD5.hash(key_data->read(5) +    client_random + server_random)    [..cipher_spec->key_material-1]; -  keys[3] = Crypto.MD5.hash(key_data->get_fix_string(5) + +  keys[3] = Crypto.MD5.hash(key_data->read(5) +    server_random + client_random)    [..cipher_spec->key_material-1];    if (cipher_spec->iv_size)    {    keys[4] = Crypto.MD5.hash(client_random +    server_random)[..cipher_spec->iv_size-1];    keys[5] = Crypto.MD5.hash(server_random +    client_random)[..cipher_spec->iv_size-1];    }       } else if(version >= PROTOCOL_TLS_1_0) {    // TLS 1.0 or later. -  string(8bit) client_wkey = key_data->get_fix_string(5); -  string(8bit) server_wkey = key_data->get_fix_string(5); +  string(8bit) client_wkey = key_data->read(5); +  string(8bit) server_wkey = key_data->read(5);    keys[2] = cipher_spec->prf(client_wkey, "client write key",    client_random + server_random,    cipher_spec->key_material);    keys[3] = cipher_spec->prf(server_wkey, "server write key",    client_random + server_random,    cipher_spec->key_material);    if(cipher_spec->iv_size) {    string(8bit) iv_block =    cipher_spec->prf("", "IV block",    client_random + server_random,
pike.git/lib/modules/SSL.pmod/Session.pike:559:    keys[4]=iv_block[..cipher_spec->iv_size-1];    keys[5]=iv_block[cipher_spec->iv_size..];    SSL3_DEBUG_MSG("sizeof(keys[4]):%d sizeof(keys[5]):%d\n",    sizeof(keys[4]), sizeof(keys[4]));    }       }       }    else { -  keys[2] = key_data->get_fix_string(cipher_spec->key_material); -  keys[3] = key_data->get_fix_string(cipher_spec->key_material); +  keys[2] = key_data->read(cipher_spec->key_material); +  keys[3] = key_data->read(cipher_spec->key_material);    if (cipher_spec->iv_size)    { -  keys[4] = key_data->get_fix_string(cipher_spec->iv_size); -  keys[5] = key_data->get_fix_string(cipher_spec->iv_size); +  keys[4] = key_data->read(cipher_spec->iv_size); +  keys[5] = key_data->read(cipher_spec->iv_size);    }    }      #ifdef SSL3_DEBUG    printKey( "client_write_MAC_secret",keys[0]);    printKey( "server_write_MAC_secret",keys[1]);    printKey( "keys[2]",keys[2]);    printKey( "keys[3]",keys[3]);       if(cipher_spec->iv_size) {