pike.git / lib / modules / SSL.pmod / Session.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Session.pike:441: Inside #if constant(SSL.Cipher.KeyExchangeECDHE)
   ke_factory = Cipher.KeyExchangeECDH;    break;   #endif    default:    error("set_cipher_suite: Unsupported key exchange method: %d\n",    ke_method);    break;    }       cipher_spec = [object(Cipher.CipherSpec)]res[1]; - #ifdef SSL3_DEBUG -  werror("SSL.Session: cipher_spec %O\n", +  SSL3_DEBUG_MSG("SSL.Session: cipher_spec %O\n",    mkmapping(indices(cipher_spec), values(cipher_spec))); - #endif +     return 1;   }      //! Sets the compression method. Currently only @[COMPRESSION_null] is   //! supported.   void set_compression_method(int compr)   {    switch(compr) {    case COMPRESSION_null:    break;
pike.git/lib/modules/SSL.pmod/Session.pike:479:    (5 + cipher_spec->hash_size)    : ( cipher_spec->key_material +    cipher_spec->hash_size +    cipher_spec->iv_size)    );    string(8bit) key = "";       key = cipher_spec->prf(master_secret, "key expansion",    server_random + client_random, required);    - #ifdef SSL3_DEBUG -  werror("key_block: %O\n", key); - #endif +  SSL3_DEBUG_MSG("key_block: %O\n", key);    return key;   }      #ifdef SSL3_DEBUG - protected void printKey(string name, string key) { -  -  string res=""; -  res+=sprintf("%s: len:%d type:%d \t\t",name,sizeof(key),0); -  /* return; */ -  for(int i=0;i<sizeof(key);i++) { -  int d=key[i]; -  res+=sprintf("%02x ",d&0xff); + protected void printKey(string name, string key) + { +  werror("%s: len:%d \t\t%s\n", name, sizeof(key), String.string2hex(key));   } -  res+="\n"; -  werror(res); - } +    #endif      //! Generates keys appropriate for the SSL version given in @[version],   //! based on the @[client_random] and @[server_random].   //! @returns   //! @array   //! @elem string 0   //! Client write MAC secret   //! @elem string 1   //! Server write MAC secret
pike.git/lib/modules/SSL.pmod/Session.pike:525:   //! Server write IV   //! @endarray   array(string(8bit)) generate_keys(string(8bit) client_random,    string(8bit) server_random,    ProtocolVersion version)   {    Struct key_data = Struct(generate_key_block(client_random, server_random,    version));    array(string(8bit)) keys = allocate(6);    - #ifdef SSL3_DEBUG -  werror("client_random: %s\nserver_random: %s\nversion: %d.%d\n", +  SSL3_DEBUG_MSG("client_random: %s\nserver_random: %s\nversion: %d.%d\n",    client_random?String.string2hex(client_random):"NULL",    server_random?String.string2hex(server_random):"NULL",    version>>8, version & 0xff); - #endif +     // client_write_MAC_secret    keys[0] = key_data->get_fix_string(cipher_spec->hash_size);    // server_write_MAC_secret    keys[1] = key_data->get_fix_string(cipher_spec->hash_size);       if (cipher_spec->is_exportable)    {    // Exportable (ie weak) crypto.    if(version == PROTOCOL_SSL_3_0) {    // SSL 3.0
pike.git/lib/modules/SSL.pmod/Session.pike:572:    keys[3] = cipher_spec->prf(server_wkey, "server write key",    client_random + server_random,    cipher_spec->key_material);    if(cipher_spec->iv_size) {    string(8bit) iv_block =    cipher_spec->prf("", "IV block",    client_random + server_random,    2 * cipher_spec->iv_size);    keys[4]=iv_block[..cipher_spec->iv_size-1];    keys[5]=iv_block[cipher_spec->iv_size..]; - #ifdef SSL3_DEBUG -  werror("sizeof(keys[4]):%d sizeof(keys[5]):%d\n", +  SSL3_DEBUG_MSG("sizeof(keys[4]):%d sizeof(keys[5]):%d\n",    sizeof(keys[4]), sizeof(keys[4])); - #endif +     }       }       }    else {    keys[2] = key_data->get_fix_string(cipher_spec->key_material);    keys[3] = key_data->get_fix_string(cipher_spec->key_material);    if (cipher_spec->iv_size)    {